Thursday, June 7, 2012

Anvi Smart Defender


We all like getting something for free, but relying on Anvi Smart Defender for antivirus could be an expensive proposition. In testing, it proved almost wholly unable to cleanup malware threats and also did a very poor job preventing malware attacks on a clean system. Worse, it repeatedly identified perfectly valid Windows files as malware. You've been warned; stay away.

A Pretty Face
The product installs quickly and easily, and the necessary initial update doesn't take long. Anvi's slick user interface gets right to business, with three big buttons offering a quick, full, or custom scan. I had a little trouble with the update server during testing, but the company sorted that out.

One test system crashed with a blue screen of death during scanning, but after a reboot it completed the scan process just fine. On another system the display went wonky; here, too, a reboot solved the problem.

However, another system gave Anvi more grief. Ransomware on this system totally takes over Windows's operations, so it can only run in Safe Mode. Anvi installed in Safe Mode but wouldn't run. Tech support supplied an updated installer, which manifested the same problem. In the end I gave them a break and simply omitted results from that system rather than recording a miss for each threat present.

Terrible Malware Cleanup
Anvi's malware removal results on the other eleven test systems were so bad that it hardly mattered whether or not it got a chance to scan the one problem system. It completely missed 40 percent of the threats. Of those it did detect, it left behind executable files for 86 percent, and for half of those threats at least one executable file was still running after Anvi's supposed removal.

SecureIT ($1.95/month direct for three licenses, 3 stars) recently set a new low for malware cleanup score, 3.6 points. Anvi undercut that, for a new record low of 2.9 points. Its record low score of zero for rootkit removal won't be undercut, ever. For a detailed explanation on how I go about testing and rating malware removal, see How We Test Malware Removal.

Related Story

Terrible Malware Blocking
In general, it's easier for an antivirus to prevent installation of malware on a clean system than to root out all the traces after malware has gotten a foothold. Some products are vastly better at real-time protection than at cleanup. SecureIT, for example, boasts the highest malware blocking score among products tested with my current malware collection ? 9.7 points! Anvi is consistently terrible. Its malware blocking score of 4.8 points is lower than that of any product tested with either my current collection of samples or the previous collection.

I started off by trying to download my current collection again, checking whether Anvi would block the malware-hosting URLs or at least block the downloaded files. Of course some URLs are no good now, the cyber-crooks having moved on. Of those still functional, Anvi didn't block any at the URL level. It did manage to quarantine a quarter of the threats after download. But SecureIT blocked 89 percent of those, and ZoneAlarm Free Antivirus + Firewall (free, 3.5 stars) blocked 83 percent.

Next I opened up a folder containing already-downloaded instances of my malware samples. Like many antivirus products, Anvi started wiping out those it recognized. Or rather, it started reporting them. Unless you, the eagle-eyed user, click the Delete button within 15 seconds the warning popup vanishes and the antivirus takes no action. I carefully kept an eye on it and clicked Delete every time.

All of the other products tested with this malware collection have wiped out over 70 percent of the samples right away; SecureIT got 87 percent. Anvi's real-time protection whacked a paltry 37 percent, leaving me with the task of launching all the rest and noting how Anvi reacted.

In a number of cases, Anvi popped up notification of a "dangerous action," and asked whether to allow it. Given that it popped up similar notifications for the same actions by valid programs, I always allowed those. In any case, if you ignore this notification it automatically allows the action after 15 seconds. I only recorded a detection if Anvi actively identified the file as malware.

Anvi missed two-thirds of the samples that survived the initial culling. Half of the remainder managed to place at least one executable file on the test system despite Anvi's attempt at blocking. Anvi did manage 4.0 points for rootkit blocking, better than zero for removal, but ZoneAlarm scored a perfect 10 against the same sample set. To get a better understanding of where these figures come from, please see How We Test Malware Blocking.

Related Story

Terrible False Positives
In a couple cases I saved the scan results to a report file. I was surprised to find that it wouldn't open in Notepad. Looking more closely, I found that even on my clean test system Notepad, MineSweeper, and a number of Windows components had been quarantined as malware. If it weren't for the fact that this product is free, I would have suspected some kind of scareware tactics.

Of course, it's always possible that my clean test system somehow got infected. Just to be sure I submitted each quarantined file to the VirusTotal website. This site will run a file through 42 different antivirus engines and report their findings. In each case, every antivirus gave the files a clean bill of health.

So, not only will Anvi Smart Defender fail to clean up real malware and fail to prevent new malware attacks, it will damage your system on its own by falsely quarantining valid Windows files. Some protection! Oh, it does include a system optimization tool, but I can't see the point of going into detail about that.

Avoid this product like the plague. It is dangerous. Choose instead our Editors' Choice for free antivirus AVG Anti-Virus Free 2012 (free, 4 stars). If your budget can stretch to a non-free solution you'll get even better protection from Norton AntiVirus 2012 ($39.99 direct, 4.5 stars) or Webroot SecureAnywhere Antivirus ($39.95 direct, 4.5 stars), which share the overall Editors' Choice honor for antivirus protection.

More Antivirus reviews:
??? Anvi Smart Defender
??? FixMeStick
??? SecureIT Plus
??? SecureIT
??? ESET Mobile Security 1.1 (for Android)
?? more

kids choice awards ncaa final four 2012 texas chainsaw massacre uk vs louisville university of kansas buckeye west side story

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.