What can you do if your company wants to get into the antivirus business but doesn’t have the resources to develop all the necessary code from scratch? It turns out that quite a few vendors will license you their antivirus engines for a fee, so you just need to build your own user interface. Simple, right? Well, maybe it’s not so simple. My testing of Ashampoo Anti-Virus 2014 ($39.99 per year, direct) revealed that without antivirus expertise at the back end, a program’s success can be very limited.
German software company Ashampoo publishes a wide variety of applications and utilities. They’ve got system utilities, photo tools, Registry managers, multimedia software, and more. One thing they’ve got down pat is creation of an attractive user interface. The product’s main window reports system status and offers a button to fix any status problems. It offers quick access to launch a scan or update, check quarantine, or utilize a collection of tools. You can even swap the default light-colored skin for an “Into Darkness” skin. Unfortunately, you need more than a pretty face.
Installation Epic Fail
With engines from Bitdefender and Emsisoft, you might expect Ashampoo’s antivirus to offer hybrid performance, the best of two engines. However, when it comes to installing on malware-infested systems your expectation would be so, so wrong.
It did install without incident on six of my twelve malware-infested systems. On four others, it repeatedly crashed during the scan or during the cleanup phase, but by retrying a few times I managed to complete a full scan on two of those four. I requested help from tech support for the other two, and also asked what to do about a test system where ransomware rendered the desktop inaccessible.
Meanwhile, Ashampoo’s scan had totally disabled the remaining test system. Instead of booting, it endlessly cycled through the logon and logoff screens, complete with music. Once again I put in a request to tech support—if this happened to Joe User, what would they recommend?
I never did get any help. After nearly a week, my Ashampoo contacts admitted that they just don’t have the resources to handle this level of problem. I wound up with two systems where the product couldn’t complete a scan, one totally disabled by the scan, and one where it never installed. Normally I rate installation experience on a scale from one to five stars, but a product that permanently disables any of the test systems rates zero stars.
Poor Malware Cleanup
Of course I couldn’t give Ashampoo any credit for removing malware from the system where it never installed, or the one that it killed. As for the other two, the incomplete scans didn’t do any good, because Ashampoo only cleans up what it found after the scan is complete. I did give it credit for any malware cleanup that the real-time protection managed.
Ashampoo’s 61 percent malware detection rate was among the lowest of products tested using my current malware collection and also among those tested using my previous collection. If I had simply discarded the results from the killed system and the system where it never installed, not counting them one way or another, its detection rate would have risen to 73 percent, moving it up just one slot in the ranking. Its overall score of 4.4 points is likewise very low.
Bitdefender Antivirus Free Edition (2014) managed 81 percent detection and 6.2 points. Bitdefender Antivirus Plus (2014), which costs no more than Ashampoo, detected 83 percent of the samples and earned 6.6 points, sharing first place with F-Secure Anti-Virus 2014.
Emsisoft, Ashampoo’s other engine, hasn’t done as well in my tests as Bitdefender. Even so, with 75 percent detection and 4.8 points Emsisoft Anti-Malware 7.0 alone beat Ashampoo’s scores. For the lowdown on my malware cleaning test, please see How We Test Malware Blocking.
Ashampoo Anti-Virus 2014 malware blocking chart
Better Malware Blocking, But…
Installing Ashampoo on a clean system, with no pushback from malware, was a snap. I jumped right in with a test of Web-based protection, attempting to download my current malware collection all over again. As always, some of the URLs just weren’t working. Of those that were functional at the time, Ashampoo blocked most at the URL level and snagged one other during the download process. In all, it blocked 88 percent of the malware downloads. That’s good, but F-Secure and Norton AntiVirus (2014) blocked 100 percent of these.
Next, I opened a folder containing instances of the same samples, downloaded earlier. Many antivirus products immediately start deleting detected threats at this point; the tiny file access that occurs when Windows Explorer checks the filename, size, and so on is enough to trigger a scan. For others, I have to click on the file before the antivirus takes notice. Ashampoo didn’t respond in any way.
I had to actively attempt to launch every single sample before Ashampoo would check it for malware. At that point, it popped up a blocking message for almost 90 percent of them, variously calling them malware, riskware, suspicious, or potentially unwanted. Note, though, that it gave me a choice to block or allow each. If I chose to block the launch, the file was not deleted or quarantined.
Ashampoo did let some of the samples launch, but caught many of them during the install process. At one point or another, it detected 97 percent of the samples, tying with AVG AntiVirus FREE 2014 for best detection rate. It earned 9.2 points for malware blocking, beaten only by AVG, F-Secure, and Ad-Aware Free Antivirus+ 10.5. The article How We Test Malware Removal explains how I perform the hands-on malware blocking test.
Ashampoo Anti-Virus 2014 malware removal chart
But there’s a catch. This score should perhaps come with an asterisk. I noticed that from time to time I’d see a window indicating that the antivirus needed to restart for an update. You’ll remember that it did not delete or quarantine the samples. I determined that during the update period it was completely possible for malware to launch without interference by Ashampoo. And of course, once the malware is up and running you might run into the same kind of problems I encountered during my malware clean-up test.
Normally I would include results from the independent testing labs, but Ashampoo has not submitted this product for testing.
Here’s another catch. While Ashampoo’s popup warning identified many, many samples as malware, it also identified a couple as merely “suspicious.” I checked this feature by attempting to install twenty older PCMag utilities, utilities that hook deeply into Windows for beneficial purposes. Four of that twenty got flagged by Ashampoo as suspicious. In practical terms, you, the user, are the one who must decide whether it’s right.
Mixed Bag of Tools
Given that Ashampoo publishes a wide variety of utilities, it’s not surprising that they threw in a set of bonus tools. Some are useful; others are too esoteric for the average user. I’m guessing not many users even know what an Alternate Data Stream is, or a Layered Service Provider. Those few who do can view ADS and LSP details using a couple of the tools.
The File Wiper, on the other hand, can be useful for anybody who needs to securely delete sensitive data. It will overwrite each file’s data one, three, seven, or 35 times before deletion, preventing any possibility of forensic recovery. Recovery after seven overwrites should be impossible at the atomic level, so I’d advise against choosing the very lengthy 35-overwrite mode. Unlike many “shredder” utilities, this one also includes the ability to securely overwrite all unused disk space, effectively shredding all past deletions.
In addition to the expected list of programs that launch at startup, the StartUp Tuner tool also displays other items such as Internet Explorer plug-ins. Just un-check any box to reversibly disable the item from launching at startup. A similar feature in Norton Internet Security (2014) reports the prevalence and resource usage for each startup program. Ashampoo offers a rating, but it’s not based on any analysis. Rather, every Ashampoo user can contribute an opinion. I’m not sure how much I should care if seven users have rated a program “useless.”
Wiping your browsing traces from time to time is probably a good idea. It’s an easy enough task in any modern browser, but Ashampoo will wipe cached files, history, cookies and more in IE, Firefox, Chrome, Safari, and Opera all at once. There’s even an option to protect cookies for specific sites.
This is a bit on the esoteric side, but malware can use the Hosts file to hijack your computer’s DNS system, so when your browser tries to reach a safe site it goes to a dangerous one instead. The HOSTS File Checker flags any suspicious lines and lets you wipe them out.
Go to the Source
Bitdefender Antivirus Plus (2014) is one of our Editors’ Choice products for antivirus protection, and it costs no more than Ashampoo. There’s no reason at all to get this protection second-hand. If you want Bitdefender’s technology, just go to the source. Even Bitdefender Antivirus Free Edition (2014) is significantly more effective than Ashampoo.
If for some reason Bitdefender doesn’t suit you, give one of our other Editors’ Choice products a whirl. Norton AntiVirus (2014) works to protect against malware at just about every level. Webroot SecureAnywhere Antivirus 2013 uses an unusual non-signature detection system, and it’s ridiculously small.
Copyright © 2012 Ziff Davis, Inc