p1@arkham.wimsey.bc.ca (Rob Slade) (06/13/91)
Comparison Review
Company and product:
T.C.P. Techmar Computer Products
97 - 77 Queens Blvd.
Rego Park, NY 11374
USA
800-922-0015
718-997-6800
718-997-6666
fax: 718-520-0170
VirAway scanner version 1.46 dated 910128
Summary:
Non resident scanner
Cost $49 US
Rating (1-4, 1 = poor, 4 = very good)
"Friendliness"
Installation 2
Ease of use 3
Help systems 1
Compatibility 2
Company
Stability 3
Support 2
Documentation 1
Hardware required 4
Performance 2
Availability 2
Local Support 1
General Description:
VirAway is identical to the CURE program shipped with AntiVirus Plus
from Techmar. The program is recommended only to "backstop" other
systems, and should not be depended upon as the only means of antivirus
protection in its current form.
Comparison of features and specifications
User Friendliness
Installation
VirAway, as shipped to me, comes completely unprotected. This may not
be the usual form, as the disk documentation contains a READ.ME file
which states that no changes have been made to the documentation, while
I received no documentation with the package.
An installation program is provided, which will only install from drive
A: to the C: drive in a directory called \VIRAWAY. However, as
installation consists solely of copying three files (and one "startup"
batch file to the root directory), it is not difficult for the
intermediate user to perform a "custom" installation.
Ease of use
Although VirAway came with no documentation, it responds to the same
command line switches as does CURE. (Not terribly surprising: not only
are the files identical in size, but CURE, when run, identifies itself
as version 1.46 of VirAway.) Again, if no switches are used, the
program will present a menu of options.
However, command line switches seem to be only able to "add" to the
default options. (For example, one cannot turn off the display of final
statistics from the command line invocation.)
There is an annoying bug in the program when allowed to disinfect: it
appears to count both the infection detected, and the cleaning process,
as an infection. The final statistics will indicate that 1 file virus
was found, and one cleaned, but will show the virus named as having
caused two infections. (If two files are, in fact, infected, the
display shows only two infections.)
Help systems
None provided.
Compatibility
As stated in the review of AntiVirus Plus, VirAway will find most common
viri, but will not find the AIDS virus.
VirAway will find viri active in memory, and, in testing, rendered them
inactive. However, sufficient traces remained in memory to set off
alarms from other virus scanners.
Company Stability
Techmar is the distributor of IRIS products (from Israel) in the United
States.
Company Support
The evaluation copy of AntiVirus Plus was shipped in good time, although
Techmar had not properly filled in the customs declaration. The copy of
VirAway came unsolicited, which seems to indicate an active marketing
group if nothing else.
Documentation
Not supplied.
Hardware Requirements
MS-DOS 2.0 or higher, 256K memory. The promotional material states that
a dual floppy system is necessary, which conflicts with the installation
batch file.
Performance
Detection of viral programs appears to be sufficient for most
situations. Disinfection of memory appears effective, with the proviso
noted above about false alarms from other scanners. (According to
memory mapping utilities, the memory is also still "reserved".)
Disinfection of boot sector viri appears to be effective. Disinfection
of program files appears effective as to the virus removal, but may
leave programs damaged.
During testing, the memory was infected with the Jerusalem B virus
(which VirAway reports as "Black Friday #1"). When VirAway was run, the
virus was rendered inactive in memory, but it had already infected the
VirAway program file. VirAway then disinfected itself, but increased in
size from 81835 to 81840 bytes on disk. Subsequent runs with the
program against test sets of viri showed some odd behaviour and an
inability to identify all previously identified viri. Also, subsequent
runs of VirAway in memory showed a lack of ability to remove infections
from memory.
Local Support
None provided.
Support Requirements
The program, while fairly simple to run, would not necessarily be
suitable for novice users. Disinfection of viral infections is probably
best left to experienced staff (and possibly other programs.)
General Notes
As it stands, the program cannot be highly recommended. The number of
viri detected are low even by the standards of other (admittedly more
expensive) programs. The disinfection ability is somewhat questionable,
and therefore undependable.
copyright Robert M. Slade, 1991 PCVIRAWY.RVW 910612
=============
Vancouver p1@arkham.wimsey.bc.ca | "If you do buy a
Institute for Robert_Slade@mtsg.sfu.ca | computer, don't
Research into (SUZY) INtegrity | turn it on."
User Canada V7K 2G6 | Richards' 2nd Law
Security | of Data Security