There’s a visible trend toward simplicity in many modern antivirus products, tools that aim to work in the background without impacting the user at all. Outpost Antivirus Pro 8 ($29.95 direct; $39.95 for three licenses) clearly demonstrates that Agnitum doesn’t subscribe to this set-and-forget doctrine. Outpost will frequently ask you, the user, to make significant security decisions. In testing it proved much more effective at blocking malware attacks than at cleaning up systems where malware had already invaded.
The program’s un-fussy main window clearly displays current security status and a few significant statistics, along with the latest news from Agnitum. The Malware Scan tab lets you launch a quick, full, or custom scan, or view results of previous scans. On the Settings tab you can tweak a few high-level configuration settings or turn components on and off. That’s probably all most users will need, but of course you can access the full array of advanced settings if necessary.
Fragile User Interface
Active malware on some of my test systems caused serious problems with Outpost’s user interface. The UI is defined by a collection of simple HTML files, images, and supporting files. When Outpost is active it protects those files, but there’s a protection gap during the installation process. On one test system, Outpost detected that its HTML files had been infected and promptly deleted them, leaving it with a broken UI. Malware on another system prevented access to the images, though textual components still showed up.
Just to see what would happen, I edited the user interface files myself, changing the main program image to that of a cartoon pig and replacing many of the textual elements with wisecracks. I couldn’t make any changes with Outpost running, but rebooting into Safe Mode lifted that protection. Agnitum should perhaps consider devising a less-fragile user interface.
Installation Help Needed
Installation went smoothly on many of my malware-infested test systems, but I ran into trouble on others. Outpost won’t install in Safe Mode, and malware on one system disables all access if it’s not in Safe Mode. On several other systems, malware prevented a complete installation.
In each case I supplied specific logs to tech support and received a custom cleanup batch file in return. Getting the problem systems straightened out took a while, due to the back-and-forth email exchange of logs and fix-it files, but the total amount of my time required was a lot less than in similar situations that were solved using live chat remote-control support.
Little News from the Labs
The major independent antivirus testing labs have vastly more resources than I do. They can perform tests that tie up dozens of computer for months, or that use hundreds of thousands of files. Normally I like to reference their results along with my own hands-on testing results. Alas, of all the labs I follow only one includes Outpost in its testing.
Virus Bulletin’s VB100 test is relatively simple. To achieve VB100 status, an antivirus product must correctly detect every sample from Virus Bulletin’s wildlist, while avoiding any false positives (valid files identified as malware). Outpost received VB100 in nine of the last ten tests; a false positive derailed it in the most recent test.
For more about the independent labs and how I interpret their tests, see How We Interpret Antivirus Lab Tests.
Outpost Antivirus Pro 8 lab tests chart
Disappointing Malware Cleanup
Outpost detected 68 percent of the malware samples installed on my test systems, the same as McAfee AntiVirus Plus 2013 and F-Secure Anti-Virus 2013. That’s a bit below the average detection rate of 74 percent.
F-Secure and McAfee scored 5.5 and 5.3 points respectively for malware cleanup, while Outpost scored 5.1 points. Outpost’s lower score is due mostly to the fact that it left behind executable files for many of the threats it detected, and even left one running after it supposed removal. With 6.6 points apiece, Norton AntiVirus (2013) and Webroot SecureAnywhere Antivirus 2013 tied for best score in this test.
Looking only at the samples that use rootkit technology to hide from antivirus scanners, Outpost detected 60 percent, the same as AhnLab V3 Click. Outpost’s 5.0 points is a lot better than the 3.6 point score earned by V3 Click. However, neither score looks very good given that nearly a third of recent products detected 100 percent of the rootkits. Kaspersky Anti-Virus (2013) earned the best score for rootkit cleanup, with 9.4 of a possible 10 points.
Given that Outpost’s previous edition, tested against my previous malware collection, earned 4.9 points for malware cleanup overall and 2.9 points for rootkit cleanup, the current scores represent an improvement. Still, others have proven much more effective. For details on my hands-on malware removal test, see How We Test Malware Removal.
Outpost Antivirus Pro 8 malware removal chart
Much Better Malware Blocking
The moment I opened a folder containing copies of my current malware samples, Outpost got busy deleting those it recognized. By the time I finished clicking away its notifications, over 80 percent of the samples were gone, including several whose active, installed payload wasn’t recognized by the antivirus scanner. Outpost detected most of the remaining samples during the install process, earning a 95 percent detection rate and 9.4 points for malware blocking.
Webroot is the big winner in this test, with 100 percent detection and a perfect 10 of 10 points. SecureIT managed 9.7 points, and Bitdefender Antivirus Plus 2013 earned 9.6, but no other current products scored higher than Outpost.
Some antivirus products immediately disable and quarantine any active malware they find, simply notifying the user of their actions. Outpost asks you, the user, whether to remove the threat, leave it alone but block execution, or add it to the exceptions list. On the one hand, if a file is definitely bad I’d prefer that the antivirus simply handle it, without consulting the user. On the other hand, it identified one of the PCMag utilities I use for false-positive testing as a banking Trojan, so I was glad of the opportunity to exclude it.
Outpost’s Web Control feature is designed to prevent access to known malware-hosting sites, but I didn’t see it in action when I tried to re-download the same collection of malware samples. It didn’t block any of the malware URLs, but did wipe out almost 60 percent of the threats during the download process.
For a full explanation of how I test a product’s ability to block malware attack on a clean system, see How We Test Malware Blocking.
Outpost Antivirus Pro 8 malware blocking chart
In addition to on-access malware scanning, Outpost includes several proactive protection components, designed to protect the system against malicious activity by malware too new to be known.
Anti-Leak Control monitors inter-process communication to prevent malware from manipulating or damaging trusted programs. It watches a dozen behaviors such as process memory injection direct disk access, and keyboard logging. However, at its default setting it asks the user what to do about three of them and simply allows all of the other behaviors.
In its default Auto-Learn mode, Outpost notes all such behaviors by trusted programs and creates rules to always allow those behaviors even if Auto-Learn is turned off. Note, though, that unless you actively turn it off this Auto-Learn mode is permanent.
System Guard works to prevent changes to critical system objects such as WinLogon settings and Internet settings. When it detects a program attempting such a change, it asks the user whether to allow it, block it, or terminate the program.
Application Guard aims to protect data in important applications like browsers, email clients, and instant messengers. The first time you launch a protected application, Outpost adds it to the local Application Guard list. There’s no allow/deny prompt involved, though you do have the option to remove protection from any given program.
All in all, I’d prefer a more self-contained protection system. In particular, I found the System Guard popup queries confusing. They come in green, yellow, and red varieties, depending on the importance of the change involved. However, the warnings popped up for valid programs and malware alike. Most users will have no idea how to answer these queries.
Not For Everyone
If you can install Outpost Antivirus Pro 8 on a pristine, malware-free computer, it will likely do a good job of stopping new malware attacks. In my testing it wasn’t nearly as effective when challenged to clean up existing malware infestations. Zero-day attacks present a similar problem. Once the antivirus team identifies the previously-unknown threat, Outpost has to clean up the mess that occurred when the zero-day initially infested your system.
In addition, Outpost’s style is very in-your-face. It will frequently pop up asking you how to handle something that it detected. It’s an equal-opportunity product, flagging both good and bad programs in its popup queries. Unless you’ve got considerable expertise, you may well make the wrong decision.
If you prefer antivirus protection that does the job without your involvement, choose one of our Editors’ Choice antivirus products, Bitdefender Antivirus Plus 2013, Norton AntiVirus (2013), or Webroot SecureAnywhere Antivirus 2013.
More Antivirus reviews:
|Tech Support||Email, knowledge base, and forum.|
|OS Compatibility||Windows Vista, Windows XP, Windows 7|
|Type||Business, Personal, Professional|
Copyright © 2012 Ziff Davis, Inc