I'm always happy to find free, full-featured security software. When IObit contacted me about reviewing its free anti-malware solution, IObit Security 360 (free, iobit.com), I hoped for great things. They said it "detects, removes the deepest infections, and protects users' PC from various of potential spyware, adware, trojans, keyloggers, bots, worms, and hijackers." Unfortunately, it totally bombed in testing.
IObit Security 360 is free for non-commercial use, and it's fully functional as far as trying to remove and block malware goes. You do have to launch scans and updates manually, but those are the only differences from the $29.95 Pro edition.
The program's attractive user interface includes built-in translation to over 20 languages. If you enable the optional transparency feature it bears a passing resemblance to Norton Internet Security 2010. Clicking the big Scan Now button launches a scan—and that's where the trouble starts.
Scandalous Signatures
During the course of this review I lost contact with IObit—The company's representatives simply stopped answering my e-mails. On investigation I learned that Malwarebytes had accused IObit of stealing malware signatures. Malwarebytes' case seemed airtight to me. Malwarebytes created a unique non-malicious test file in their labs and added a signature for that file to its database. Within days that same signature turned up in IObit's database.
On returning from its media blackout IObit denied this "calumniation" (their word) in an impressive polemic. Malwarebytes fired back a rebuttal. Who's right? I lean toward believing Malwarebytes, but it really doesn't matter. Wherever IObit got its signatures, my test results show that the company didn't put them to good use.
Incomplete Malware Cleanup
IObit's full scan runs more quickly than most. On my standard low-resource test system a full scan finished in 15 minutes, about half the average time. It's a small download and it installs quickly. I had minor problems with two infested test systems, but scanning in Safe Mode solved those. Fortunately, I didn't require support from IObit.
On completing a scan IObit lists every single malware trace it found along with the name of the corresponding threat. The list can be daunting—I prefer the collapsible report style used by Spyware Doctor with AntiVirus 2010 and others. When you click the Remove button IObit quickly reports all traces removed. I say "reports" because my analysis showed that some traces were still present and many others simply weren't detected.
It detected one trace or another for about 80 percent of the malware threats on my test systems. That's a poor start; Spyware Doctor, Norton, Panda Cloud Antivirus Free Edition 1.0, AVG Internet Security 9.0 and BitDefender Total Security 2010 all detected 100 percent of the threats. Worse, it removed only a small portion of the actual file and Registry traces of those it did detect. It left behind executable files for more than half the threats it detected, and more than half of those were actually still running after the alleged cleanup. Overall IObit scored 4.9 on this test. Only FortiClient Endpoint Security Standard Edition 4.1, with 2.9, points scored lower.
In this same test Malwarebytes' Anti-Malware 1.36 scored 6.5. Malwarebytes and IObit detected the same threats, for the most part, but IObit was much less effective at removal.
In a parallel test using commercial keyloggers it only detected 10 percent of the samples and didn't remove those effectively. Its score of 0.5 points matches that of Malwarebytes, just a fraction under FortiClient's 0.7 point.
Both the malware and keylogger collections contain samples that use rootkit technology. Looking specifically at those, IObit detected just over 20 percent and failed to remove what it detected. Scoring 0.9 point it edged out FortiClient for a new low. Malwarebytes detected over 40 percent of the rootkits and scored 3.6 points.
IObit scored well against rogue security software ("scareware"). Its score of 6.7 is almost a full point above the average. However, this was the only category in which its performance was anything but abysmal.
Source
Atom Feed (xml)