Friday, July 31, 2009

Sunbelt Software VIPRE Antivirus review

sunbelt_vipre Full disclosure: for several years I worked in the AV industry for a company which can be considered a competitor to Sunbelt Software. However I don't any more.

Sunbelt Software started out as an anti-spyware company, however a few years ago they re-oriented themselves towards the more general anti-malware market, which is a really nice move (in my opinion) because anti-spyware products have a vague definition. Since then they launched their VIPRE Antivirus Software product which I briefly tested.

What I liked:

  • The cool logo :-)
  • It works perfectly with Windows 7, even though the site mentions only Windows XP / Vista
  • The installation is very quick, there aren’t many options to tweak which could confuse less tech-savvy users
  • Both the EICAR test file and a malware sample were correctly recognized by the on-access scanner (of course I can’t say what the general detection rate of the product is, since I don’t currently have access to a larger malware collection)
  • On a full scan cookies were detected as an issue (a pet peeve of mine – I consider that such detections are not really relevant and only frighten users), but they are classified (correctly!) as low risk and there is a very objective, factual and “calm” description about the issue when you ask for more details

What I didn’t like:

  • To download the setup, you have to give your email address and the download link is emailed to you. The problem is (besides the obvious privacy concern) is that the email can take a while to get to your inbox (it might even get lost or land in the junk folder). To work around this, download it from softpedia (or from download.com), and install it without a serial (it is still good for 15 days). Later, when the link arrives, you can “activate” the product with the serial.
  • The setup workflow is not fully consistent. While the setup itself was quick and painless, after the reboot I had some difficulties: clicking on the update icon didn’t do anything, I had to right-click and select update explicitly. Then I started the main interface which wanted to update the signatures again (???) and it downloaded / updated them again, even though there were no newer signatures available...
  • In the “process manager” component all processes (even Microsoft processes) were categorized as “unknown”. This could frighten less experienced users. At least the executables with valid digital signatures should be categorized as “trusted”...
  • When showing the details of the alert, it first displays the details of the “parent” process (ie. process X tried to start process Y), which can be a little confusing if X is trusted (for example Windows Explorer, Internet Explorer, etc), because the first phrase that catches your eye is “known clean”, which raises the question “so why is it detected?”. Of course closer examination of the text makes the context clear, but first impressions are important
  • Multiple alerts can appear for the same file. Fortunately there is a “don’t show this to me again” checkbox, which works well.

So the final question: would I recommend buying it? Unfortunately (and I say unfortunately, because they seem like a good company) no. For home users I would still recommend AVG (since it is free), while for businesses I would wait until a test from AV-Tests / AV-Comparatives / other reputable testing organizations comes out to be assured that it has a detection rate comparable to the other vendors.

Full disclosure: this is a paid review from ReviewMe. Under the terms of the understanding I was not obligated to skew my viewpoint in any way (ie. only post positive facts).

3 comments:

  1. I have been an avid AVG user for years. Last year I had to disinfect a computer for a friend and ran every scan I could find when finally I stumbled across Sunbelt's Counterspy and ran the scan under the fully functional trial. It found the infection and cleaned it! I was so impressed I never forgot what it had done for me.
    Three weeks ago my son managed to really infect his pc (rootkit) while "protected" by AVG Free and Spybot. I ran full scan of everything including Malwarebytes antimalware, AVG, A squared free, Spybot, Superantispyware, GMER, Combofix, SDFix, Vipre etc. They all found something and cleaned the infections out successfully but still his pc was infected with something. I managed to find and clean it out manually but the bottom line is that Vipre, as a full suite, would have stopped the infection as it has done since I bought a home site license (up to 10 pcs), it is by far the lightest, easiest to use and best value for an all in one! I came close to getting the highly rated Zonealarm suite but Vipre is still better value for what I believe is equal protection. Also worth mentioning is that Vipre's firewall is an option purchase, for those with Vista or Windows 7 it saves having to buy that too.

    Thanks for reading!

    ReplyDelete
  2. Thanks for your straight forward review. Do you know why AV-Comparatives or AV-Tests or other review companies have not reviewed Vipre as of yet?

    ReplyDelete
  3. @Caleb: I have no first-hand information about the reasons why the two test organizations didn't (as of yet) test VIPRE. AFAIK there is some cost involved for a product participating in the tests, so it might just be that the decision makers at Sunbelt Software felt that this isn't the best way of spending the money...

    I too am looking forward for an independent and meaningful testing of the product (VB and CheckMark don't count here, sorry).

    ReplyDelete