From: rslade@sfu.ca (Robert Slade)
Subject: Review of Dr. Solomon's Anti-Virus Toolkit (PC)
Date: Mon, 11 May 92 22:11:16 PDT

PCDSAVT.RVW  920505
                               Comparison Review
 
Company and product:
 
S&S International Ltd.
Berkley Court, Mill Street
Berkhamsted, Herts. HP2 4HB
England
Phone:   +44 442 877 877
Fax:     +44 442 877 882
BBS:     +44 494 724 946
             442 877 883
E-Mail:  Dr. Alan Solomon <DRSOLLY@IBMPCUG.CO.UK>
sands@cix.compulink.co.uk
Dr. Solomon's Anti-Virus Toolkit (AVT) 5.11
Vendor:  perComp Verlag GmbH
Holzmuhlenstrasse 84
2000 Hamburg 70
Germany
Phone:   +49 40 693 2033
Fax:     +49 40 695 9991
E-Mail:  Gunter Musstopf <percomp@infohh.rmi.de>
vendor: Ontrack Computer Systems
6321 Bury Drive
Eden Prairie, MN   55346
USA
(800) 752-1333
(612) 937-1107
fax: (612) 937-5815
 
Summary:
 
Multilayered detection and disinfection system, strong scanning and
disinfection components, intended for advanced use.                            
 
Cost                          
 
Rating (1-4, 1 = poor, 4 = very good)
      "Friendliness"
            Installation      2
            Ease of use       3
            Help systems      2
      Compatibility           3
      Company
            Stability         3
            Support           3
      Documentation           3
      Hardware required       4
      Performance             4
      Availability            3
      Local Support           ?
 
General Description:
 
Menu driven (TOOLKIT) activity monitoring (GUARD, GUARDEMS), change detection
(CHKVIRUS, QCV, RUN), scanning (FINDVIRU), disinfection (UNVIRUS, CLEANBOO,
CLEANPAR), and operation restricting (NOFLOPPY, NOHARD) suite of programs. 
Also contains informational programs (CHECKMEM, PEEKA), network support
(NETFV.BAT, FVMANY.BAT), as well as additional utilities (SHRED, TKBATCH,
BROWSER).
                  Comparison of features and specifications
 
 
 
User Friendliness
 
Installation
 
The program is shipped on non-writable disks, two 360K or one 720K.  There is
an installation program: as it is a fairly simple copy program manual
installation is also possible.  The installation program will, at the user's
discretion, also add the resident portion of the package to the AUTOEXEC.BAT
file, however it does not affect the PATH statement, and therefore all virus
checking must either start from within the \TOOLKIT directory (or whichever one
the user creates), or be invoked with a full pathname.
 
I have recommended the manual installation.  The installation program provided
is simple and quick, and I can see no problem with using it.  However, the full
advantage of this product is not, and probably cannot be, provided with an
automated installation.
 
Ease of use
 
The TOOLKIT program provides a clear and uncluttered menuing system to access
the various parts of the package.  The screen messages and displays are
intelligible and there is little chance for confusion.
 
There are a number of command line options for use with the various programs
when not using the TOOLKIT interface.  The defaults are well chosen, and should
be appropriate for most situations, and for novice users.
 
For situations where client support is available, the message generated by
VirusGuard on detection of a virus can be customized to direct the user to the
local security support person.
 
Help systems
 
While help should not normally be required, in cases where it is needed it can
best be obtained from the manual.
 
Compatibility
 
No conflicts were encountered in testing.
 
Company Stability
 
S&S International is an established presence in the antiviral software field,
and has been so in Britain for some years.
 
Company Support
 
The package lists provisions for support through both the parent company and
distributors.
 
Documentation
 
The documentation is an excellent study work for those just entering the
computer virus field and wanting an introductory work.  The explanation of how
viral programs work is one of the best general treatments of the subject, even
including suggestions for companies wishing to set up policies and procedures
for inhouse data recovery teams.  The list of viri in the manual is thorough
and detailed: as it should be, taking up fully two-thirds of the manual's
thickness.
 
However, the organization of the manual could be a lot more helpful in terms of
running the package itself.  One must read through 12 pages before getting to a
mention of suing the program at all (although it is helpful that the first
mention is of how to run the program in an "emergency" situation where the user
is suspecting that they are already infected), and 20 pages before mention is
made of installing the program.  Five of those early pages are devoted to a
virus by virus listing of the virus information contained in chapter 4.  From
the perspective of the manual, this cannot be said to be a package for
beginners.  There *is* excellent information in the manual, but my
recommendation would be that the package not be installed until the manual was
read fully from cover to cover, particularly chapter 5.  (Advanced users may
skip chapter 4  :-)
 
Provision is now made for the TOOLKIT program to run under Windows: that
material is not covered in the printed manual but in a README.DOC file on the
disk.  In addition there are a number of possibly helpful batch files which are
not mentioned or described anywhere.  Advanced MS-DOS users should be able to
modify these batch files to their own situation: again, it seems to be
indicative that the package is not for naive users.  There are other materials
on the disk whose existence has less seeming reason: section 5.9 is reproduced
in the file GUARD.DOC.
 
Hardware Requirements
 
The Toolkit can be run on dual floppy systems, although some functions require
a hard drive.
 
Performance
 
Although the package provided for reviewing was sadly out of date, the scanner
did a better job of detection of viral programs than a number of "current"
commercial packages.  A number of recent variant strains were identified as
being related to their older "parents".
 
Local Support
 
None provided.
 
Support Requirements
 
The package is easy to use, particularly in the areas of scanning and
disinfection, and should not require any additional assistance in detection of
known viral programs.  However, the package has very strong and sophisticated
protection components which would give fullest advantage when installed by
knowledgeable support personnel.
 
The ongoing upgrade programs provided should be very strongly considered in the
case of this package.
 
                                 General Notes
 
AVT provides very strong antivirus protection to the advanced user.  AVT
provides very strong virus scanning capability for all users.  There are a
number of indications that this package is intended primarily for advanced
users.  Unassisted use of the program by novice users would likely result in
some loss of potential protection.
 
Therefore, this package is highly recommended for use by advanced users, who
are willing to make the commitment to study the material provided.  The package
is recommended for novice users where local support is available.
 
copyright Robert M. Slade, 1992   PCDSAVT.RVW  920505

==============
Vancouver                               | "Don't buy a
Institute for  Robert_Slade@sfu.ca      |     computer."
Research into  rslade@cue.bc.ca         | Jeff Richards'
User           CyberStore Dpac 85301030 | First Law of
Security       Canada V7K 2G6           | Data Security