Has anyone checked just the AV product for F-Secure. I downloaded it 2 days ago and have been using it and I am "really" impressed with it. I know lodore didnt like it, but I think that was the suite. The AV has a lot of added features including spyware and rootkit detection. I realize its the Kav engine, but you dont get all of those annoying popups. Also I see they are offering $25.00 off.

-{ Quote: "Has anyone checked just the AV product for F-Secure. I downloaded it 2 days ago and have been using it and I am "really" impressed with it. I know lodore didnt like it, but I think that was the suite. The AV has a lot of added features including spyware and rootkit detection. I realize its the Kav engine, but you dont get all of those annoying popups. Also I see they are offering $25.00 off." }-

ok trjam, go to options real time protection, system control and tell it to alert you on all events. i had to set it on that option other wise it blocked my soundcard driver.
btw Jerrym uses f-secure just av on his laptop from the free offer a while ago.
lodore

Well, I like it. A lot.:)

Also I dont see the settings you refer to. Yours must have been the older one.

-{ Quote: "Also I dont see the settings you refer to. Yours must have been the older one." }-

i had the 2007 version.
it must be there.

what about "lodore your right about f-secure it protects you but its like the whole American army is loading up"
lodore

lodore, title of this thread is AV, not suite. The AV is Kas so whats the difference. With a few added features. Heck, I may break the cardinal rule here and use it.

-{ Quote: "lodore, title of this thread is AV, not suite. The AV is Kas so whats the difference. With a few added features. Heck, I may break the cardinal rule here and use it." }-

is kaspersky for the av Trojan etc.
ad aware for antispyware.
AVP extended aka kaspersky extended bases.
black light for root kits.
and f-secure heuristics.
but if you look in the recent proactive tests at av comparatives then they both get same percent which should mean the f-secure heuristics are useless IMO.
it just seems that the f-secure heuristics and ad aware and not needed.
lodore

i dont think f-secures new heuristics have been tested yet, norman sandbox will be a big improvement in my view.

-{ Quote: "i dont think f-secures new heuristics have been tested yet, norman sandbox will be a big improvement in my view." }-

f-secure has always used its own heuristics along side the kav ones.
lodore

-{ Quote: "f-secure has always used its own heuristics along side the kav ones.
lodore" }-

but now it uses norman sandbox, new heuristics for zero day and HIPS blended together and if im mistaken, this has yet to be tested.

more information here: http://www.f-secure.com/f-secure/pressroom/protected/prot-3-2006/17-459-3669.shtml

-{ Quote: "but now it uses norman sandbox, new heuristics for zero day and HIPS blended together and if im mistaken, this has yet to be tested.

more information here: http://www.f-secure.com/f-secure/pressroom/protected/prot-3-2006/17-459-3669.shtml" }-

true but isnt it more of a hips than heristics.
i was talking about the f-secure heristics.
and you where talking about norman sandbox.
it blocked my creative soundcard driver.

but if kaspersky gets its new heuristics and gives the new heristic engine upgrade to f-secure as well then your testing both.
lodore

its both, hips and heuristics, i and think the way they have coded it, if HIPS doesnt get it... heuristics do, read the link i gave you ... alot of info on there.

-{ Quote: "its both, hips and heuristics, read the link i gave you ... alot of info on there." }-

ok.
they really should ditch there own rubbish heristics and the ad aware engine.
kav engine+ norman sandbox +kaspersky entended bases is more than enough.
because then its like kav6.0 kav6.0=kav engine+kaspersky extended + PDM
why do they need ad aware its prone to fp's anyway.
speaking of which i should be able to play a random game i couldnt play before due to ad aware fp lol
lodore

i aint sure, but i think their own heuristics are ditched for sandbox.

as for ad-aware, they have done something to it to make it better detection and removal, but dont know what.

-{ Quote: "i aint sure, but i think their own heuristics are ditched for sandbox.

as for ad-aware, they have done something to it to make it better detection and removal, but dont know what." }-

ye i dont know what either.
it seems a bit much having avp extended and ad aware and sandbox.
lodore

Hi,
I just use the "NORMAL" settings. I am not sure I know enough to customize them. So far no problem or conflicts.

I upgraded from the 2006 to 2007 without any problems and all is running well. I still like it. Not quite as well as KAV, but well enough to buy if I had 2 or 3 computers and at half price. While the full price is too high, the available half price is a good deal for up to 3 computers. I have until July of 2007.

Lodore, my friend, did you customize your settings?
I also do not care for the AdAware component for no good reason except personal preference, and I have never considered it a top drawer application.

Since I also have AVG AS, SAS Pro, UnHackMe, Snoopfree, and Win Patrol along with Kerio 2.1.5, I don't feel very vulnerable. If F-Secure is slowing me down, I don't recognize it. Maybe I am not impatient enough, but another minute at start does not bother me.

Best,
Jerry

-{ Quote: "Hi,
I just use the "NORMAL" settings. I am not sure I know enough to customize them. So far no problem or conflicts.

I upgraded from the 2006 to 2007 without any problems and all is running well. I still like it. Not quite as well as KAV, but well enough to buy if I had 2 or 3 computers and at half price. While the full price is too high, the available half price is a good deal for up to 3 computers. I have until July of 2007.

Lodore, my friend, did you customize your settings?
I also do not care for the AdAware component for no good reason except personal preference, and I have never considered it a top drawer application.

Since I also have AVG AS, SAS Pro, UnHackMe, Snoopfree, and Win Patrol along with Kerio 2.1.5, I don't feel very vulnerable. If F-Secure is slowing me down, I don't recognize it. Maybe I am not impatient enough, but another minute at start does not bother me.

Best,
Jerry" }-

well i know is the fact that when i used to check the f-secure process used 100percent alot.
and now ive got kis6.0 my pc loads faster and is more responsive.
i dont think i did customize my settings.
by f-secure's instuctions i turned off scanning off archives in real time and also turned off the scanning everyday.
lodore

HI Lodore,
Thanks for the reply. As I said, I am using the default settings all around.
Best,
Jerry

id like to point out that kaspersky had updated it signatures 17 times today. and its Sunday.
if you check with f-secure it probably hasn't updated since Friday or maybe once on Saturday
lodore

-{ Quote: "id like to point out that kaspersky had updated it signatures 17 times today. and its Sunday.
if you check with f-secure it probably hasn't updated since Friday or maybe once on Saturday
lodore" }-
kaspersky is better than everyone else, we get it.

although, dont believe it :)

C.S.J, we finally agree on something, even though we will get in trouble for it.::)

-{ Quote: "kaspersky is better than everyone else, we get it.

although, dont believe it :)" }-

you dont seem to get it i was doing a simple comparison in signature updates.
read my sig you will see i am a dr web fan as well as kaspersky nod32 and others.
the thing is if it runs well on your pc keep it and kis6.0 does.
lodore

we could argue this all day and we would all be right. this thread should be closed because it is going no where.

-{ Quote: "we could argue this all day and we would all be right. this thread should be closed because it is going no where." }-

true just remember the main point if it runs well on your pc then use it.
lodore

I'm with trjam, now using Antivir classic, I have switched from the green umbrella to the 'red' one :)

No video issues, outlook behaves and runs like it should and no download scan delays.

My ISP filters my spam and checks all e-mail at the gateway, so I'm not worried about the 'classic' not having any email real-time scanner.

May go ahead and get the PE version for the extra spyware protection and configurable updates. Seems 'classic' is only 1/day.

Using Outpost Pro 4 for the firewall so don't need the KIS or Antivir suite.

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20061210 Minefield/3.0a1 Firefox ID:2006121004 [cairo]

get the suite and enjoy total protection with some new things to be added as we go.

Normally F-Secure does not update on weekends. However, today it updated twice I think. If there is an outbreak or threat it does update on weekends.

Of course it does not compare with KAV as far as updates are concerned.

That did bother me, but I have come to the conclusion that it is not that big a problem. I guess ZD threats are not the threats we may want to make them.

I always have to go back to so many folks that I know who use AVG and Avast both free. We post about ZD threats and think we need the latest heuristics, while they just operate without becoming infected. Normally they operate without anything else except Windows firewall, AdAware, and Spybot. I think we are paranoid. None of them has the faintest idea what a sandbox is.

All this is fun to consider, but really I am not convinced it is especially useful for the average user. If it is, then why are not those I know who can't spell the words not having all kinds of problems???? But they are not. The only ones that have problems are some students I know that have no idea about updating Windows or their AV.

Added.
While most of us will disagree with Scot Finnie's choice of F-Secure as the best, I must say that he is no dummy in the security area. He is stiill convinced it is the best, although he likes NOD32. He thinks KAV6 is buggie. I have to admit that there seem to be more bugs in KAV than FS. Scot's latest thoughts are here.
http://www.scotsnewsletter.com/86.htm


Best,
Jerry

i do see your point.
i can also see why people recommend kaspersky to high risk surfers IMO.
lodore

~removed un-necessary whole quote of post directly above....Bubba~

"i can also see why people recommend kaspersky to high risk surfers IMO."

I do too. Many of the ones I am talking about are old, like me, and are very low risk surfers.
I think I have posted this before now, but I have a friend of 30 years who wanted to get some Readhead brand hunting pants for one of his sons. He was having trouble finding them so he goggled "Redhead."
WOW, guess what??

His wife was with him when he did that, and she thought the results were very funny. He didn't. I told him to never google redhead or blonde unless he wanted to be flooded with porn sites. I think he learned. That is learning by the "School of Hard Knocks." ;D ;D

No, I did not learn that in that manner. I just knew from Wilders.

Jerry

thats why when i setup a laptop for my neighbor who is an elderly gentleman
i installed site advisor and explained what the system meant and do not click on the links that have a red cross next to them.
i know siteadvisor can get it wrong but its safer this way.
lodore

~removed un-necessary whole quote of post directly above....Bubba~

i think this thread has gone soooooooo off topic. :-X

its turned into yet another kaspersky one.

-{ Quote: "but now it uses norman sandbox, new heuristics for zero day and HIPS blended together and if im mistaken, this has yet to be tested.

more information here: http://www.f-secure.com/f-secure/pressroom/protected/prot-3-2006/17-459-3669.shtml" }-

Hi,

I didn't see that before, but it looks like that there is some misunderstanding here: as far as I understand, f-secure is using its own sandbox technology (named Pegasus Sandbox, I could not find more information on it) and not Norman sandbox.

(...) the artificial intelligence first runs a scan using the Gemini heuristic scanning engine and the Pegasus sandbox and then interprets the results (...)

Since DeepGuard (f-secure's HIPS) is triggered only when the program is executed, it is not completely clear if their sandbox is similar to Norman's one (tracing the behavior of emulated code) or if it really executes the code and attempts to hook/trap it's interactions with the OS, which would be more similar to Kaspersky's proactive defense module.

However, if the pegasus sandbox were similar to norman's or to Sophos "Behavioral Genotype Protection", it could also be used during on-demand scans, for scanning incoming email or in appliances on the email gateway. Since it is apparently not the case (from what I read on f-secure's website), it's probably functionnaly equivalent to KAV's PDM, and can only be used as a "last layer of defense".

norman sandbox in 2007 is a blend of HIPS and heuristics for zero day,

If there are no previous user decision for the program and F-Secure DeepGuard™does not recognize the program, the artificial intelligence first runs a scan using the Gemini heuristic scanning engine and the Pegasus sandbox and then interprets the results. The Gemini heuristic scanning engine performs an in-depth analysis of the target program, looking for anomalies and signs of dangerous intent of the scanned program. The Pegasus engine, on the other side, is a sandbox -based heuristic antivirus engine.

-{ Quote: "Hi,

I didn't see that before, but it looks like that there is some misunderstanding here: as far as I understand, f-secure is using its own sandbox technology (named Pegasus Sandbox, I could not find more information on it) and not Norman sandbox.

(...) the artificial intelligence first runs a scan using the Gemini heuristic scanning engine and the Pegasus sandbox and then interprets the results (...)

Since DeepGuard (f-secure's HIPS) is triggered only when the program is executed, it is not completely clear if their sandbox is similar to Norman's one (tracing the behavior of emulated code) or if it really executes the code and attempts to hook/trap it's interactions with the OS, which would be more similar to Kaspersky's proactive defense module.

However, if the pegasus sandbox were similar to norman's or to Sophos "Behavioral Genotype Protection", it could also be used during on-demand scans, for scanning incoming email or in appliances on the email gateway. Since it is apparently not the case (from what I read on f-secure's website), it's probably functionnaly equivalent to KAV's PDM, and can only be used as a "last layer of defense"." }-

if you right click the f-secure icon and clikc imformation it says trademarks of kaspersky,ad aware and norman copyright norman sandbox.
so thats what made me think its uses norman sandbox.
lodore

The risk of previously unknown zero-day threats being able to do damage is greatly reduced through the new F-Secure DeepGuardTM technology. Instead of just analyzing new programs once when they enter the system, F-Secure DeepGuardTM also will persistently monitor the behaviour of software in a real-time mode, scanning for suspicious program behaviour and stopping activities that might pose a risk. Competing one-time-only solutions cannot offer the same level of protection as it is possible for malicious code-writers to obfuscate, encrypt or pack the code in ways that prevent the one-time solutions from detecting it - and once the file has passed it will be free to do anything it wants.

Unlike most competing proactive detection technologies, F-Secure DeepGuardTM uses advanced real-time heuristics and works quietly in the background. It uniquely combines several proactive technologies together, bringing an unprecedented level of protection against any previously unknown threats. More detailed information about the F-Secure DeepGuardTM technology is available at http://www.f-secure.com/deepguard


maybe f-secure still uses pegasus as a backup if deepguard fails, i dont know..... but deepguard is both HIPS and heuristics.

3 hours to do a scan that Avira did in 32 minutes. Not for me. Hips or no Hips.

-{ Quote: "if you right click the f-secure icon and clikc imformation it says trademarks of kaspersky,ad aware and norman copyright norman sandbox.
so thats what made me think its uses norman sandbox.
" }-

That's an interesting information. Another hypothesis would be that they pay a license for exploiting themselves (i.e. with their own code) the patent filed by Norman. Or that they use Norman technology for emulating the malware and logging its API calls (such output can be seen on the Norman Analyzer webpage, here is an example: http://www.norman.com/microsites/malwareanalyzer/Products/Examples_Analyzer/37906 ) and apply their own ruleset to classify the malware based on this output. I still beleive that Norman Sandbox has not shown its full potential yet (it's too "absolute").

But I must confess I don't know if these patents issues are taken very seriously in the AV world, and if it is common for a company to use IP of another company under license. Maybe AV people can comment on this if they read this thread...

It uses all of these. It takes forever to scan, but, there is something about the AV product that keeps me coming back. The AV alone is loaded, or in my thoughts a suite by itself. If they could only improve on the scanning speed. Of course with all of its arsenal, scanning frequency should be reduced.

F-Secure takes about 45 - 50 minutes to scan my machine, as compared to 30+ for NOD, and over 40 for BD when I was using it.

Not a problem for me, but my experience may be the exception with F-Secure.
I admit that it would take some very extenuating circumstances to tolerate a 3 hour scan.

Best,
Jerry

FSIS takes around 40 mins for me using 'full computer check' but I only have a total of 25GB used on two drives.

-{ Quote: "F-Secure takes about 45 - 50 minutes to scan my machine, as compared to 30+ for NOD, and over 40 for BD when I was using it.

Not a problem for me, but my experience may be the exception with F-Secure.
I admit that it would take some very extenuating circumstances to tolerate a 3 hour scan.

Best,
Jerry" }-

i used to use f-secure on defined it took around 2 hours i think.
kaspersky first scan on all files took 3 hours, second scan took 30 minutes and now scans take 18 and a half minutes.
lodore

took around 40-1hr on mine... this was 'all files' and im sure defined would have been faster.

can i ask something though, in general (including other antiviruses), is defined files, a risky thing to do? as it doesnt scan all files eh?

how many people set their antivirus to defined?
and what is the risk of doing this?

i say this, as defined is always a whole lot faster in scanning, and aint sure whether to set it to that myself.

-{ Quote: "took around 40-1hr on mine... this was 'all files' and im sure defined would have been faster.

can i ask something though, in general (including other antiviruses), is defined files, a risky thing to do? as it doesnt scan all files eh?

how many people set their antivirus to defined?
and what is the risk of doing this?

i say this, as defined is always a whole lot faster in scanning, and aint sure whether to set it to that myself." }-

I do not know how to define appropriate files. I am not sure how much faster it would be.
If one wants a fast scan, then the speed of second and subsequent scans with KAV is the way to go.

Jerry

-{ Quote: "I do not know how to define appropriate files. I am not sure how much faster it would be.
If one wants a fast scan, then the speed of second and subsequent scans with KAV is the way to go.

Jerry" }-

sure is IMO.
first scan 3hours
second scan 30minutes
third 18minutes.
lodore

-{ Quote: "sure is IMO.
first scan 3hours
second scan 30minutes
third 18minutes.
lodore" }-

Hi Lodore,

I fear that the 18 minutes scan will give you too much time to get into trouble. FWIW none of the recent scans with KAV take over 7 minutes as I recall.;D ;D
Best,
Jerry

-{ Quote: "Hi Lodore,

I fear that the 18 minutes scan will give you too much time to get into trouble. FWIW none of the recent scans with KAV take over 7 minutes as I recall.;D ;D
Best,
Jerry" }-

lol my scans get shorter and shorter for a while.
but ive got 62gb to scan.
how much have you got to scan?
lodore

I am not sure. I am not at home and do not have access to that computer. I do not have much of the HD filled, and it is less than 62gigs. Probably on the order of half that.

Jerry

today's scan took only 12minutes 27 seconds. wow its getting less and less.
lodore

Funny!

This link:
http://www.f-secure.com/f-secure/pressroom/protected/prot-3-2006/17-459-3669.shtml
triggers Antivir heuristics HEUR/Exploit.HTML

(VDF 6.37.00.12, Search engine 7.03.00.15)

-{ Quote: "Funny!

This link:
http://www.f-secure.com/f-secure/pressroom/protected/prot-3-2006/17-459-3669.shtml
triggers Antivir heuristics HEUR/Exploit.HTML

(VDF 6.37.00.12, Search engine 7.03.00.15)" }-
lmao
lodore

-{ Quote: "lmao" }-
What does it mean?

-{ Quote: "What does it mean?" }-

its like lol but its mean laughs my ass off.
lodore

Ok, funny as well :)

How to remove this mess, its as bad as Symantec, !

I have found a left over dvpapi.exe from Authentium, and not sure how to remove that piece.

F-Secure kept freezing my system whenever I tried to open the task manager. I added the taskmanager to the 'exceptions' and stopped that, then neither IE 7 nor Firefox would start up - would show the process, but never appear on the screen.

I clicked the Icon in the systray - and clicked 'unload' then things worked, but I could not recover the Icon. A restart of the system then repeated the process of programs not starting. I gave up...

As far as F-Secure goes, I found this. http://support.f-secure.com/enu/corporate/downloads/removeav.shtml Use at your own risk.

Ronjor there is a later version of the removal tool and i used it with success.
if i find the link i will post it here
lodore