TrustPort Antivirus 2014 review

TrustPort Antivirus 2014 isn't a big change from the 2013 edition, despite its new Windows 8 look. I don't like the fact that TrustPort reserves Web-facing protection for the suite products; it's an antivirus feature, and the antivirus should have it.
Photo of TrustPort Antivirus 2014

Whether you use Windows 8 or not, you’re probably seeing changes in the appearance of your antivirus product that were inspired by the Windows 8 look and feel. TrustPort Antivirus 2014 ($31.95/year direct; $47.95 for three licenses) is the latest to go under the knife for a Windows 8 makeover. It’s also supposed to be faster and more effective than its predecessor, but I didn’t notice much difference.

In truth, Trustport’s previous edition was already well on the way to a Windows 8 look. Its main window was almost totally occupied by four big buttons: OnAccess Scanner, Application Inspector, Scan Now, and Check for Updates. The current edition includes even bigger buttons for all four, plus a new Close Application button and a panel that reports security status and version information.

TrustPort is available in 15 different languages, and unlike many programs lets you switch languages even after installation. That’s nice, but the English-language help system was clearly written by a non-native speaker. Odd phrasings also pop up in the program itself, for example, “This application is not trustful and could be potentially danger.”

No Web Protection
Malware is constantly changing and evolving, so it’s important for antivirus products to protect against the very latest versions. To test how well a product handles very current threats, I start with a feed of recent malicious URLs kindly supplied by MRG-Effitas. I specifically select those URLs that point directly to a malicious executable, because it’s very easy to determine whether or not the download came through.

Many antivirus products include a Web-facing component that blocks all access to known malware-hosting URLs. TrustPort reserves that component for its security suite products; the antivirus has no Web-specific protection. In addition, it scans downloaded files only after the download process is complete, and takes longer than most to make a decision. Those two facts made this test unusually time-consuming. avast! Free Antivirus 2014 quickly blocked access to 69 percent of the URLs I tried and blocked another 10 percent during the download. With 79 percent blocked, it’s the most successful product of the handful I’ve tested.

Even though the URLs from the feed are no more than a day old, quite a few had already gone dark. I kept trying until I accumulated about 100 working files. TrustPort didn’t block any of them at the URL level, but it wiped out 21 percent within a minute after the download finished, a new low. BullGuard Antivirus (2014) previously held the lowest score of 30 percent.

It may be worth pointing out that TrustPort only checks for signature updates once per day by default. Norton AntiVirus (2014), by contrast, gets “pulse” updates almost continuously. I’d definitely suggest configuring TrustPort to check for updates once per hour. I ran an update a day after the Web protection test and found that TrustPort quarantined a number of files that it had missed initially.

Average Malware Blocking
In addition to the TrustPort antivirus engine, this product includes engines licensed from Bitdefender and AVG. By default, it throttles back the number of engines used if the PC it’s running on is old and slow. When I tested TrustPort Antivirus 2013, I used a Registry tweak supplied by TrustPort tech support to force all engines into play. Really, though, that’s not something Joe User would be able to do. This time around I tested it using out-of-the-box settings, as I do for almost all reviews.

The previous edition was tested against the same collection of malware samples that I’m currently using. When I opened the folder containing those samples, TrustPort quickly eliminated a little over three quarters of them, the same bunch that were “shot on sight” by the previous edition. Next I launched the surviving programs and noted how the antivirus handled them. It didn’t do quite as well.

TrustPort detected 92 percent of the samples, down from the previous edition’s 94 percent. Its overall score of 8.7 points puts it in the bottom half of programs recently tested. AVG AntiVirus FREE 2014, Avira Antivirus Suite (2014), and F-Secure Anti-Virus 2014 top the current crowd, tied for first place with 9.4 points. For a full explanation of how I conduct this test, see How We Test Malware Blocking.

TrustPort Antivirus 2014 malware blocking chart

Labs Offer Little
My hands-on testing gives me excellent experience with each antivirus product, but the independent antivirus testing labs have the capability to perform tests with a much broader scope. Alas, like Lavasoft, TrustPort participates in very few tests, and then only the simplest.

TrustPort tried for Virus Bulletin’s VB100 certification in nine of the last 12 monthly tests, and received it in seven of those nine tests. That’s pretty good, but ESET managed a perfect 12 of 12.

West Coast Labs does certify TrustPort for virus detection and cleaning, but that’s the extent of the data I’ve been able to gather. AV-Test, AV-Comparatives, and Dennis Technology Labs all perform innovative real-world testing that can reveal much about a product’s ability to protect against actual malware attack. Without any of their input, I can’t assign an overall lab-tests rating to TrustPort.

For full details on the labs that I follow, their tests, and my technique for synthesizing lab ratings, please read How We Interpret Antivirus Lab Tests.

TrustPort Antivirus 2014 lab tests chart

Overactive App Inspector
Separately from its detection of known malware, TrustPort also includes a behavior-based component called Application Inspector. If any program that’s not digitally signed performs any of a wide variety of suspicious actions, Application Inspector suspends the program and asks the user what to do.

If you just click OK, it will block the program, terminate it, and forbid it to launch again. You can also choose to allow full access, or to let the program run but restrict its access to sensitive areas. Really, though, I suspect most users will click OK without even reading the choices.

The problem is, plenty of perfectly valid programs get flagged by the Application Inspector. Several of my own testing tools got slapped down, as did six of the 20 PCMag utilities I tried to install. It also flagged suspicious behavior by two malware samples.

Webroot SecureAnywhere Antivirus (2014) relies heavily on behavior-based detection, but it uses a holistic approach that looks at all of a program’s behaviors. Norton’s SONAR works in a similar fashion to detect suspicious behavior by programs not already found in the humongous Norton Insight online database.

Malware Cleanup Options
Like ESET NOD32 Antivirus 7, TrustPort has the built-in ability to create a bootable Windows PE-based rescue CD. Also like ESET, it requires you to first install the Windows Automated Installation Kit. When I tested the previous edition, the rescue CD handled a ransomware problem and wiped out a malicious program that killed the antivirus installer.

I’ve moved away from testing with actual malware-infested systems. The Internet connection that most antivirus products require can be misused by malware, and I can’t take a chance my test system might be misused. But given that the sample set hasn’t changed, I figure the current edition would perform about the same, that is to say, poorly. I do wish I had a wider range of lab results for TrustPort.

If you do run into a problem getting TrustPort installed, or if malware manages to balk the scan process, help is definitely available. Tech support can gather diagnostic information and recommend a fix. For the most intractable problems, remote-control hands-on remediation is available.

Improved scanning speed was one of the enhancements promised for this edition, but I didn’t observe this. A full scan on my standard clean test system took 33 minutes, about five minutes more than the current average and just a few minutes less than the previous edition. It is true that a subsequent scan ran in 22 minutes; the previous edition didn’t display such a marked improvement after the first scan. Note, though, that subsequent scans with ESET ran in less than a minute.

Incomplete Protection
I don’t like the fact that TrustPort’s antivirus lacks the Web protection feature found in the company’s suite products. My thought is, that’s a useful antivirus feature, so it really should be included. When I test and review the TrustPort suite, I’ll be interested to see if that feature makes a difference in the malicious URL blocking test.

Norton AntiVirus (2014) manages behavior-based malware detection without flagging valid programs the way TrustPort does. Webroot SecureAnywhere Antivirus (2014) relies heavily (and effectively) on its own version of behavior-based detection. Bitdefender Antivirus Plus (2014) comes with a useful collection of bonus features, and the labs love it. I’d recommend using one of these three Editors’ Choice antivirus products rather than TrustPort.

TrustPort Antivirus 2014 isn't a big change from the 2013 edition, despite its new Windows 8 look. I don't like the fact that TrustPort reserves Web-facing protection for the suite products; it's an antivirus feature, and the antivirus should have it.
Published under license from Ziff Davis, Inc., New York, All rights reserved.
Copyright © 2012 Ziff Davis, Inc