ESTSoft RoboScan Internet Security is the globally distributed clone of their corresponding Korean market ALYac product. Not developed since early 2011, their current focus is primarily ALYac Android, last updated on February 10 at Google Play. RoboScan's claim to fame is "The Bitdefender Engine" and their own Tera engine.
I abandoned RoboScan a while back, it not having been updated since November, 2013 and virtually unchanged since 2011. As well, the links on their Web site (now gone¹) charting the definition updates showed that days and days, at times a week or two, could pass without updates for Bitdefender and Tera. My local files' date stamps backed up that serious weakness. Finally, long after Bitdefender and its many partners adopted the Bitdefender core v11.0.1.12 (bdcore.dll), the latest as of this posting, they hung with v11.0.1.6. Even more perplexing, the .12 dll was in a sub-directory several levels down from the program's root, but Process Explorer showed .6 was hooked in. Replacing .6 with .12 was reversed at the next scheduled updated even if nothing else came down. There was nothing acceptable about any of this, except it's... free. And for free you also get a very nice and simple application and packet firewall.
Also gone² from the Web site is the link to a manual executable update, "renewed every week."
But since the time I said bye-bye to RS-IS, I couldn't help but notice it was still garnering top points in VB100³ and consistent with other Bitdefender products, especially in the RAP Proactive Set +2 and Weighted scores. Granted, the Business version is tested, adding a "Direct connection with (Roboscan) Main Server…for implementing security policy." Even if that means as-soon-as-released definition downloads, test scores probably wouldn't be off by more than a few decimal points of a percentage for RS-IS's as-when scheduled downloads.
So I installed Free v2.5.0.21 on my test desktop, an old 3GHz Core Duo box with 2GB RAM running with a clean (from a Slipstreamed ISO) Windows 7 HP SP1 x64. I ran it for two weeks.
RoboScan implements Bitdfender's acclaimed SDK bdcore.dll and supporting libraries for the definition powered scanner and B-Have sandboxed heuristic analyzer. No other components are present, specifically Active Virus Control (avccore.dll) or the "HIPS User-Mode module" (fwlibrary.dll) Intrustion Detection System. Those two are found in (un-configurable/controllable) Bitdefender Free; I have yet to find either in any other free "Bitdefender Engine" product.
My knowledge of ALYac's Tera engine is nada; zippo; diddly.
While nothing else has changed since 2013, of course, I enjoyed to find the update routine was on par with a level I can report is not ideal but quite acceptable. I present here data samples from March 5 and 6.
This is a screenie from the updates log UI; I do not recall it ever being this aggressive when I last used RS-IS. The double and triple digit "successful" items represent the BD and/or Tera definition updates, single digit "successful" are Tera's incrmental. (The 3/5 21:06 gap to 3/6 10:27 is when the system is in hibernation, roughly coinciding with "done for the day," my own hibernation and "where's my coffee" activities.)
The Tera files live in the SE folder and this screenie shows the status of the latest as of 10:45 on 3/6. The rest of the files have various earlier date stamps back to 2/20, the date of install.
The Bitdefender files were always 5-10 versions in arrears. i.e. The 3/6 16:28 update was v7.59557, with the latest at that point being v7.59564. This isn't too bad given that ESTSoft might actually be doing a good job with theirs, too.
Of note, while the update interval was set to on hour, RS-IS insisted on two hours.
What I did not discover way back then was the presence of a text file which logged additional data about what are one-offs for various threats. These aren't represented in the UI log. This shows a copy/paste I did from that text file.
For those not familiar with the firewall, here's a composite screenie of the two tabbed panes from "Set firewall rules" in the UI. The top shows some of the application rules built resulting of the alert prompt decisions and the bottom ones I built for my DVR, HDTV and Blu-ray player in the home entertainment center. I forgot to grab a shot of the firewall settings screen, so I snagged one I found at ilovefreesoftware dott com. This is not a Windows Firewall front end.
The UI and popup ads are pulled from a sub-directory containing binaries and a png file. Replacing the png with a correctly formatted equivalent of, say, Phoebe Tonkin, was replaced on update by the original png - same as what happened to the dll discussed above.
All connections are to the servers in Korea. Even with my 50Mb/s cable, the setup and subsequent downloads were sluggish but always completed without issue.
In my tests, the few malicious samples that made it past the BD/Tera download scans were detected on execution or snagged by the firewall when attempting to connect out.
Considering the inclusion of that nifty and effective firewall, if (a BIG if) ESTSoft continues to maintain a decent update regime, RoboScan IS is one of the lightest, most configurable free internet security suite available. If you roll with it, you should monitor the plugins and SE folders and make sure things aren't too far behind.
Cheers.
¹Those update chart links can be found at:
http://asia.alyac.com/home/security.aspx
²Ditto:
http://asia.alyac.com/support/manual_db.aspx
³VB100:
https://www.virusbtn.com/vb100/archive/vendor?id=561
& https://www.virusbtn.com/vb100/archive/vendor?id=548
I abandoned RoboScan a while back, it not having been updated since November, 2013 and virtually unchanged since 2011. As well, the links on their Web site (now gone¹) charting the definition updates showed that days and days, at times a week or two, could pass without updates for Bitdefender and Tera. My local files' date stamps backed up that serious weakness. Finally, long after Bitdefender and its many partners adopted the Bitdefender core v11.0.1.12 (bdcore.dll), the latest as of this posting, they hung with v11.0.1.6. Even more perplexing, the .12 dll was in a sub-directory several levels down from the program's root, but Process Explorer showed .6 was hooked in. Replacing .6 with .12 was reversed at the next scheduled updated even if nothing else came down. There was nothing acceptable about any of this, except it's... free. And for free you also get a very nice and simple application and packet firewall.
Also gone² from the Web site is the link to a manual executable update, "renewed every week."
But since the time I said bye-bye to RS-IS, I couldn't help but notice it was still garnering top points in VB100³ and consistent with other Bitdefender products, especially in the RAP Proactive Set +2 and Weighted scores. Granted, the Business version is tested, adding a "Direct connection with (Roboscan) Main Server…for implementing security policy." Even if that means as-soon-as-released definition downloads, test scores probably wouldn't be off by more than a few decimal points of a percentage for RS-IS's as-when scheduled downloads.
So I installed Free v2.5.0.21 on my test desktop, an old 3GHz Core Duo box with 2GB RAM running with a clean (from a Slipstreamed ISO) Windows 7 HP SP1 x64. I ran it for two weeks.
RoboScan implements Bitdfender's acclaimed SDK bdcore.dll and supporting libraries for the definition powered scanner and B-Have sandboxed heuristic analyzer. No other components are present, specifically Active Virus Control (avccore.dll) or the "HIPS User-Mode module" (fwlibrary.dll) Intrustion Detection System. Those two are found in (un-configurable/controllable) Bitdefender Free; I have yet to find either in any other free "Bitdefender Engine" product.
My knowledge of ALYac's Tera engine is nada; zippo; diddly.
While nothing else has changed since 2013, of course, I enjoyed to find the update routine was on par with a level I can report is not ideal but quite acceptable. I present here data samples from March 5 and 6.
This is a screenie from the updates log UI; I do not recall it ever being this aggressive when I last used RS-IS. The double and triple digit "successful" items represent the BD and/or Tera definition updates, single digit "successful" are Tera's incrmental. (The 3/5 21:06 gap to 3/6 10:27 is when the system is in hibernation, roughly coinciding with "done for the day," my own hibernation and "where's my coffee" activities.)
The Tera files live in the SE folder and this screenie shows the status of the latest as of 10:45 on 3/6. The rest of the files have various earlier date stamps back to 2/20, the date of install.
The Bitdefender files were always 5-10 versions in arrears. i.e. The 3/6 16:28 update was v7.59557, with the latest at that point being v7.59564. This isn't too bad given that ESTSoft might actually be doing a good job with theirs, too.
Of note, while the update interval was set to on hour, RS-IS insisted on two hours.
What I did not discover way back then was the presence of a text file which logged additional data about what are one-offs for various threats. These aren't represented in the UI log. This shows a copy/paste I did from that text file.
For those not familiar with the firewall, here's a composite screenie of the two tabbed panes from "Set firewall rules" in the UI. The top shows some of the application rules built resulting of the alert prompt decisions and the bottom ones I built for my DVR, HDTV and Blu-ray player in the home entertainment center. I forgot to grab a shot of the firewall settings screen, so I snagged one I found at ilovefreesoftware dott com. This is not a Windows Firewall front end.
The UI and popup ads are pulled from a sub-directory containing binaries and a png file. Replacing the png with a correctly formatted equivalent of, say, Phoebe Tonkin, was replaced on update by the original png - same as what happened to the dll discussed above.
All connections are to the servers in Korea. Even with my 50Mb/s cable, the setup and subsequent downloads were sluggish but always completed without issue.
In my tests, the few malicious samples that made it past the BD/Tera download scans were detected on execution or snagged by the firewall when attempting to connect out.
Considering the inclusion of that nifty and effective firewall, if (a BIG if) ESTSoft continues to maintain a decent update regime, RoboScan IS is one of the lightest, most configurable free internet security suite available. If you roll with it, you should monitor the plugins and SE folders and make sure things aren't too far behind.
Cheers.
¹Those update chart links can be found at:
http://asia.alyac.com/home/security.aspx
²Ditto:
http://asia.alyac.com/support/manual_db.aspx
³VB100:
https://www.virusbtn.com/vb100/archive/vendor?id=561
& https://www.virusbtn.com/vb100/archive/vendor?id=548
Last edited by a moderator:
