There are many free antiviruses out there: we used to have the big three, which are AVG, Avast! and Avira but recently, more and more free antivirus become popular in the market such as Microsoft Security Essentials, Panda Cloud, Immunet Protect, Qihoo 360 Antivirus and the list goes on and on. We have a new free antivirus on the watch list now, and it is called NANO Antivirus.
NANO Antivirus (NOT TO BE CONFUSED with nano av, a rogue antivirus) is a Russian-based antivirus developed by NANO Security in 2009. It is interesting to note that, of all the security solutions from Russia (eg. Kaspersky, Agnitum Outpost & Dr. Web) it is the only antivirus with full functionality available for free. According to its official site, it stated that their antivirus’s development will focus around high speed, efficiency & usability, flexibility in choosing features of the product and available free for distribution. Currently, it is still in beta stage and being actively developed, with frequent release of updates expected every couple of weeks. They also have a Twitter account where you can be notified of their latest developments and releases.
Here is a list of its system requirements:
- 1,2 GHz processor or higher (2 GHz and higher recommended).
- 512 Mb of RAM or higher (1 Gb and higher recommended).
- OS Windows XP SP 2 and higher (Windows 7 recommended).
- Internet Explorer 6.0 and higher (IE 8.0 recommended).
The question many will ask is does it work fine? Can it protect us? Some will be driven away because it is a beta product, others will question about its effectiveness in comparison with popular and established antiviruses. In fact, there are some discussions about it over the web where you can read for example, this forum over at COMODO.
To answer the questions above, let’s put NANO Antivirus to some tests. We will run our tests first in a virtual environment, then on a real host machine to determine if NANO Antivirus is functional under any form of environment. Next, we will test its effectiveness against malware by throwing some malware samples against it.
Here are the specifications of the test environments:
Environment 1: Virtual PC 2007
OS: Microsoft Windows XP SP3 32-bit
Hardware: 760 MB virtual RAM
Note: System is patched with the latest security updates, no other antivirus or security software present.
Environment 2: Host Machine
OS: Microsoft Windows 7 32-bit
Hardware: 4GB RAM (3.5 usable), Intel Core 2 Duo T6500 @ 2.1GHz clock speed.
Note: System is patched with the latest security updates, Comodo Firewall with Defense+ installed & running real-time.
TEST 1: Running NANO Antivirus under a Virtual Machine
Testing NANO Antivirus under a virtual machine with minimal application and minimal hardware configuration is important: It determines how well the antivirus performs on a machine with sub-par specifications. Previously, antiviruses that failed to run properly on my virtual machine includes Kaspersky (it crashes the virtual machine immediately after installation) and Ad-Aware Internet Security (very slow responses).
NANO Antivirus appears very comfortable in the virtual machine; it installs correctly and updates itself immediately after installation – no restart is required for it to work properly. It is very responsive and all features appear to work fine. However, it seems to come at a heavy price: it hogs up a massive amount of RAM. It also appears very slow when conducting a full system scanning – taking something around 3 hours to complete a scan is not a great thing for modern antivirus.
The installation process: NANO Antivirus is faster than some of the antiviruses in the market
NANO Antivirus happens to use some 62.6MB disk space. That was very small compared to other antivirus giants out there
Immediately after installation, NANO Antivirus will prompt users to download the latest virus database.
NANO Antivirus’s update module. Switching to background mode will allow the update to continue in the background silently.
NANO Antivirus’s license management module. Since it is still in beta, the license offered is a beta testing license rather than a free license. Because NANO Security frequently distributes updates to its antivirus version, the beta license will expire at a given timeframe.
If you happened to turn off NANO Antivirus’s System Guard, Windows will respond and NANO Antivirus‘s tray icon will grey out.
NANO Antivirus takes it easy on CPU, but is very hungry on RAM; amount of RAM will increase after a scan
NANO Antivirus on scanning task; scanning is pretty slow, depending on the scan type; a quick scan can be completed within minutes but it can takes up to hours to complete a full system scan. This huge difference margin hopefully will be solved in the future.
TEST 2: Running NANO Antivirus under a Host Machine (Real-life Simulation)
After testing NANO Antivirus on a virtual machine with minimal applications and controlled environment, now the serious test begins. I will run NANO Antivirus on my host machine that provides numerous applications, dynamic environment and real-life computing experience. This test is the one to look out for if you want to know how NANO Antivirus performs on your PC proper without taking the risk to install it.
Firstly, I don’t want to uninstall my existing antivirus, so I’ll just disable it. Next, with a little help from a desktop virtualization software called Wondershare Time Freeze, I entered my PC into a virtualized state where I can test NANO Antivirus.
Overall, the experience is very much the same as the test under the Virtual Windows XP environment. It works well, runs well & scans just as slow as in the virtual machine. Comodo Firewall has to check on its outbound access to internet, its attempt in registering itself in the registry and stuffs, but other than that, there are no major hiccups. Here are some interesting notes:
1. NANO Antivirus completes its initial updates slightly slower on the host machine compared to virtual machine. There are many possible explanations to this: maybe other applications are fighting over network bandwidth, or maybe NANO Antivirus’s network accesses are monitored by Comodo Firewall.
2. NANO Antivirus seemed to be very friendly with Windows’s 7 UAC (set at default level). It also integrates well into Windows 7’s Action Center seamlessly.
3. The amount of RAM and processes used by NANO Antivirus in the host environment are very similar to those recorded under the virtual environment. Very constant performance, in other words…
4. NANO Antivirus does not interfere with normal daily computing; it does not slows down Microsoft Office Application, does not slows down browser launches and page loads, does not thrashes the CPU and interestingly does not conflict with the sandboxed desktop environment created by Wondershare Time Freeze (hopefully that goes the same with other similar applications like Returnil & Shadow Defender).
Malware Test & Self-Defense Test
NANO Antivirus did well on the basic detection and removal of viruses. I collected a large amount of popular malware samples, including a few of those TDSS rootkit variants, and unleashed them on NANO Antivirus. NANO’s real-time scanner protection detects them all and deletes them accordingly without leaving any traces behind. While this is not going to mean much if compared to a professional test like VB 100 or AV-Comparatives (which NANO Security should consider participating), it at least proves that NANO Antivirus can handle all the popular in-the-wild malwares. The only thing that may annoy users is the seemingly never-ending pop-ups about users getting infected and asking for their instructions.
NANO Antivirus excels at single scan detection as well as real-time blocking of malware. Based on its behaviour, i believe NANO Antivirus is using an on-access protection method.
I also discovered a self-defense protection flaw within NANO Antivirus. As shown previously, there are two processes associated with NANO Antivirus (three if NANO is running a database update). While the ‘nanosvc’ process could not be deleted from task manager, the other process called ‘starter’ can be. So what’s its effect on protection?
I run the detection test again by extracting malwares from the archive. Regrettably, NANO Antivirus failed to detect them all in real-time: it only detects and removes them after I launched a manual scan, which reactivates the ‘starter’ processes. At one point even Microsoft’s own Windows Defender (a very poor antispyware product) even detects & removes some of the malwares when NANO Antivirus is rendered helpless & neutralized.
This is what happened when the ‘starter’ process is forcibly terminated. NANO Antivirus let a virus through and Windows Defender was forced to pick up the job.
In real-life scenario where malwares sneak into users’ PC, they might deactivate NANO Antivirus’s ‘starter’ process which effectively rendered NANO Antivirus’s real-time scanner protection feature useless. Although it might be a rare case, I believe NANO Security will do something about this.
After a series of testings, here’s a general summary of what I think of NANO Antivirus:
- Does not require restart after installation
- Clean & well-designed interface, fresh looking
- Highly responsive & stable with minimal bugs for a beta release
- Effective detection & removal of malware
- Coexist peacefully with other security solutions
- Free for use and distribution
- Use up too much RAM
- Slow Scan Speed
- ‘Starter.exe’ process can be terminated which degrades protection
1. It proved efficient at handling well known malwares, but it is unclear if its efficiency goes beyond that.
NANO Antivirus, although still in beta, is an antivirus yet with lots to improve and reputation to be captured but it is certainly worthy of attention and has the potential to mix in with other free antiviruses. So long as a user has certain level of knowledge in PC and has lots of physical RAM to feed this hungry application, NANO Antivirus can even be a great choice for a permanent protection starting from today!