Avast wants you to play in its sandbox
Installing Avast is a painless process that compares well against its free competitors like AVG, although--like those competitors--it's much slower than installing paid programs like Trend Micro, Kaspersky, or Norton. Some items of note during the installation that will come up later in the review: to completely avoid the new Windows 7 and Vista desktop gadget, or the new WebRep browser add-on, you must choose the Custom install option and uncheck those here.
Automatic installation of these features is frowned upon, although Avast does provide a clear method for uninstalling them. It's just not as simple as a check box that gets its own installation window, since you have to go through the Customize menu, which makes the auto-install sort of surreptitious.
On the plus side, installing Avast doesn't require a reboot, and using its uninstall tool we detected no remnants in the Registry or on the desktop. Avast has said that the installer has shrunk for all three versions by about 20 percent, although it's still a large download at around 57MB for the free version.
Interface
Avast 6's interface is virtually identical to the previous version's. Perhaps the most major change, aside from a slight lightening of the gray in the color scheme, is the removal of the Windows Explorer-style forward and backward buttons. We actually liked those, since they made it easy to return to a previous pane, no matter how deeply into the settings you had explored.
The only other change is the addition of the Additional Protection tab to the left nav area, which hosts the new AutoSandbox and WebRep feature controls.
For users new to Avast, the sleek user interface is a change that came at the end of 2009. The gray-and-orange color scheme stands out well on the screen, and the tab-based navigation on the left makes it easy to navigate between features. Highlighted with the familiar security colors of green for safe and red for dangerous, the Summary tab gives up-to-date info on shield status, auto-updates, virus definitions, the program version, and whether the silent/gaming mode is on. There's also an unobtrusive ad urging you to upgrade to Avast Internet Security 6.
The Summary tab contains a second submenu, Statistics. If you're curious to see how Avast's shields have been performing against threats, here's where you can get your math geek on. For each shield, it tells you how many files were scanned and when, and presents the data in a concise graph.
Avast 6 keeps its interface from Avast 5, and adds features both big and small. Some that had previously only been available to paid upgrade users are now free for all versions, and newer features have been seamlessly added to the interface experience. If you're familiar with Avast 5, upgrading to Avast 6 won't be that big of a leap.
(Credit: Screenshot by Seth Rosenblatt/CNET) The scans live in the second tab, where you can choose and adjust four default scan types plus a custom scan option nestled into the bottom right corner. Real-time shields live in the third tab, and again the clean interface comes into play here as navigating what could be a mess of options and tweaks is instead dead simple. Click on a shield to reveal a real-time chart of what the program's been defending you against, with a Stop button and settings options at the top of the window. Another button at the top takes you to the advanced settings for that shield, and links at the bottom expose the shield's history as a graph and export a log file.
Below the Additional Protection tab, which we covered above, the Maintenance tab contains the virus chest and manual update buttons. On the top right of the interface live the Help Center and the Settings, from which you can get much more granular control of Avast. This includes everything from toggling the system tray icon to managing updates to password-protecting Avast access. This is also where you can "uninvolve" your anonymously submitted data from Community IQ, the Avast crowdsourced behavioral detection engine.
One last change: a green Like Avast button has been added to the bottom of the left nav that expedites your Avast-related social networking. Fortunately, it's unobtrusive.
Features and support
As mentioned, the two big new features in the free version of Avast 6 are the AutoSandbox and the WebRep add-on. The debut of the AutoSandbox makes Avast the second antivirus option to offer a sandboxing tool for free. Competitor Comodo introduced a sandboxing tool in January 2010. Avast's sandbox probably works differently, as Comodo has a pending patent on its version. And certainly, one of the most frustrating things about sandboxing technology is that there are some indications that it doesn't work perfectly.
The AutoSandbox, new in both free and paid Avast versions, automatically places suspicious programs in a virtualized state when it suspects them of being threats. As the program runs, the sandbox keeps track of file behaviors and what it reads and writes from the Registry. Permanent changes are virtualized, so when the process terminates itself, the system changes it made will evaporate.
(Credit: Screenshot by Seth Rosenblatt/CNET) Avast's version automatically places programs in a virtualized state when it suspects them of being threats. It walls off suspicious programs, preventing them from potentially damaging your system while allowing them to run. As the program runs, Avast's sandbox keeps track of which files are opened, created, or renamed, and what it reads and writes from the Registry. Permanent changes are virtualized, so when the process terminates itself, the system changes it made will evaporate.
The company hasn't said whether the virtualized state begins after the program already has access to your system, so it's theoretically possible that it could be compromised. There's not a single security feature in any program that hasn't been been compromised at some point, though, so "theoretically hackable" is true of all security features.
The AutoSandbox is different from Avast's paid-upgrade sandbox, and the paid upgrades to Avast Pro and Avast Internet Security include both the automatic version and the older, manually initiated version.
You can access the AutoSandbox settings from the new Additional Protection option on the left nav. It defaults to asking the user whether a program should be sandboxed, although you can set it to automatically decide. There's a whitelist option for programs that you always want to exclude from the sandbox, and you can deactivate the feature entirely.
Avast 6 also marks the debut of the program joining (or succumbing to) the browser-security add-on, with the new WebRep. Security add-ons have a long-standing word-of-mouth reputation for decreasing browser performance, although Internet Explorer 9 Release Candidate's impact meter pegs Avast's plug-in at 0.07 second, well below the threshold of 0.2 second that IE uses as the default upper limit for browser performance impact.
WebRep works with IE and Firefox out of the box, and Avast says it plans to release a Chrome version soon. It supports a search result ranking and Web site reputation service that uses a combination of data from Avast's virus labs and user voting to determine a safety score for a site. User voting is a crapshoot for many security vendors, although Avast is known for its vast user base and their passionate support of the program, so the company's plans to give users incentives to vote could easily work in its favor. And make no mistake, Avast fans are truly fanatics: Avast Free has
an average 4.5-star rating from Download.com readers, extremely unusual for a program with more than 15,000 votes.
It's important to note that the add-on installs to both Firefox and IE as you install Avast 6. If you don't want it, it's surprisingly easier to remove from within Avast instead of from within the browser. Currently, removing the add-on using the browser's interface will cue Avast to reinstall the add-on the next time the computer is rebooted.
Many of Avast 6's small improvements are worth noting as well. The Troubleshooting section now comes with a "restore factory settings" option, which makes it easier to wipe settings back to a familiar starting point, and comes with the option to restore only the Shields settings, leaving other changes untouched, like permanently running in silent mode. There's a new sidebar gadget for Windows 7 and Vista, and you now can set automatic actions for the boot-time scan. Available under the Scan Computer tab, the boot-time scan customizations give you far more flexibility in managing the lengthy and time-consuming boot scan.
Two features that have trickled down to the free version in Avast 6 are the Script Shield and site blocking. The Script Shield now works with Internet Explorer 8 and 9's protected mode.
Avast doesn't offer an on-demand link-scanning feature, like AVG and Norton do, although the company says that the way that Avast's Web shield behaves ought to protect you automatically from any malicious URLs by automatically preventing the URL from resolving in-browser. A page will appear letting you know that Avast has blocked the site because it is suspected to contain a threat.
If you're running Avast Pro Antivirus 6 or Avast Internet Security 6, the big new feature is the introduction of SafeZone, a virtualization feature that the company envisions people using for secure online banking. The basic difference between SafeZone and AutoSandbox is that the sandbox is designed to allow suspicious activity to run within a safe, walled-off, easily discarded environment, while SafeZone is the opposite. SafeZone creates a secure space that, ideally, prevents threats from getting in.
The AutoSandbox, new in both free and paid Avast versions, automatically places suspicious programs in a virtualized state when it suspects them of being threats. As the program runs, the sandbox keeps track of file behaviors and what it reads and writes from the Registry. Permanent changes are virtualized, so when the process terminates itself, the system changes it made will evaporate.
(Credit: Screenshot by Seth Rosenblatt/CNET) SafeZone is accessible from the right-click Windows Explorer context menu, from the middle icon in the Windows 7/Vista desktop gadget, and from the Additional Protection tab in the Avast interface.
The difference between Avast Free and Avast Pro is that Pro gets the SafeZone, whereas Avast Internet Security differentiates itself by including SafeZone, antispam measures, and a firewall.
If you're new to Avast, the core features are what make it one of the best security suites around. The antivirus, antispyware, and heuristics engines form a security core that also includes multiple real-time shields. The adjustable mail and file system shields join the pre-existing behavior, network, instant-messaging, peer-to-peer, and Web shields. The behavioral shield is a common-sense feature, as security software publishers draw on their large user bases to detect threats early and warn others.
Other features include a gaming mode that can be used to permanently "silence" Avast notifications, and an "intelligent scanner" that only looks at changed files after establishing a baseline.
Program scans live in the second tab, where you can choose and adjust four default scan types plus a custom scan option. What's useful about Avast's layout here is that you can adjust all Avast-related scans from this tab. This includes Quick and Full scans, the Removable Media scan, and the Folder scan. In a polite turn, running a scan does not prevent you from exploring the rest of the program.
You can also schedule a boot-time scan and access scan logs from the scan tab. While running a scan, Avast will tell you not only how long the scan has taken and how many files have been examined, but also how much data has been tested and how fast it's being tested. As with the summary graphs, Avast exposes a lot of data here.
Performance
As far as Avast's impact on system performance goes, in a real-world test Avast completed its scans in a timely yet not blazingly fast manner. A Quick Scan took about 20 minutes, and the Full Scan took 59 minutes. RAM usage was surprisingly light, with Avast 6 only eating up about 16MB when running a scan.
As you can see in the chart below, CNET Labs benchmarked Avast 6 as having a moderate impact on system performance. It wasn't the overall best suite we tested, but the three versions of Avast did perform better than average in every category execpt one.
There were some notable areas where Avast did well. Avast had a minimal impact on startup time, with Avast Internet Security 6 adding 6.25 seconds, Avast Pro Antivirus 6 adding 5.76 seconds, and Avast Free Antivirus 6 slowing down the boot cycle by around five and a half seconds. All three posted a tiny impact on system shutdown, around 1.3 seconds slower than an unprotected computer. Scan times as well were competitive, slower than AVG, Trend Micro, and Panda, but faster than most competitors including Microsoft Security Essentials, Norton, and Ad-Aware. Also, Avast Pro Antivirus posted the best Cinebench score we recorded.
Avast's one point of weakness in the lab was its MS Office decoding test performance, where it was slightly slower than average but by no means the slowest suite tested.
| Unprotected system | 42.5 | 11.28 | n/a | 917 | 180 | 780 | 4795 |
| Protected system (average) | 50.07 | 15.00 | 988.96 | 1,047.19 | 200.19 | 832.69 | 4,755.73 |
| Avast Free Antivirus 6 | 47.9 | 12.4 | 697 | 1053 | 199 | 798 | 4742 |
| Avast Pro Antivirus 6 | 48.21 | 12.5 | 665 | 1083 | 199 | 798 | 4793 |
| Avast Internet Security 6 | 48.75 | 12.43 | 695 | 1086 | 201 | 804 | 4792 |
*All tests measures in seconds, except for Cinebench. On the Cinebench test, the higher number is better.
You can read more on
how CNET Labs benchmarks security software.
All the security features in the world do you no good if they don't keep you safe, and on that count Avast performs well in general. However, as results from independent efficacy testing groups indicate, Avast could be better.
AV-Test.org gave Avast 5, the previous version of Avast, a passing rating in its most recent test, on a Windows Vista computer from the fourth quarter of 2010. Avast 5 barely surpassed the minimum score of 12, notching 13 out of 18. It reached 3.5 out of 6 in Protection, 4.0 out of 6 in Repair, and a 5.5 out of 6 in Usability. Many other suites scored the same or higher, including F-Secure, Kaspersky, Norton, and Panda. Among its free competitors during the fourth-quarter test, Avast scored better on the key metric of Protection than Microsoft Security Essentials 1.0, but worse on Protection than Avira 10.0 (4.0 out of 6) and AVG 10.0 (4.5 out of 6).
AV-Comparatives.org, on the other hand, showed progressively better scores for Avast from August 2010 through November 2010 on its "whole product" test. However, Avast's cumulative rate of blocking threats was 96.4 percent, below AVG's cumulative 97.1 percent and Avira's 98.7 percent. Still, the positive improvements in the last two months indicate that Avast has been adapting to changes in the threatscape--never a bad thing. Overall, Avast earned an Advanced certification, along with seven others, including AVG. An Advanced+ certification was earned by four others, including Avira.
Dennis Labs' most recent evaluation of Avast occurred back in August 2010, when the lab scored Avast 5 at 93 percent and above the 87.5 percent average for that test. It was the only free antivirus application to do so. Other above-average scores were reached by G Data, Eset, Kaspersky, and Norton, which scored 100 percent on Dennis Labs' test.
Judging from these results, Avast is clearly one of the best security products around, although there's definitely room for it to improve.
Conclusion
When it comes to your security, Avast Free Antivirus 6 gets a lot right. It's got a usable, uncluttered interface, solid although not stellar benchmarks, and a set of features that keeps it at the forefront of Windows security. Using the Internet safely is no longer just about not getting phished and downloading only known-safe files, and the improvements in Avast 6 address modern security risks comprehensively.
Although we'd like to see stronger efficacy benchmarks in the future, Avast's impact on system performance is light in the most important categories of startup, shutdown, and scan speed. Avast remains one of the best free security options around and is well worth downloading.
Watch the CNET video review of Avast Free Antivirus:
CNET Secure Download
