hello everyone, this is my 1st post. i downloaded the latest 29A viruses and scanned it with some AVs. my 29th April updated NOD32 detects 39 viruses and worms including some heuristic warnings. pretty good huh? 25th April F-Prot gets 20 sure shots and 22 heuristic warnings ( i love F-Prot's NN ). Pc-cillin 25th April gets 31 including 2 generic worm detections ( I didn't know pc-cillin has this generic capability ). i wanted to use AVP but i used F-secure instead. well, it detected 62 with its 9th April update. yes i know some of these viruses are not ITW. thats why there are many products which gets VB awards but fails in real life. best example will be Symantec. so what do you people think? is it enough that an AV detects 100% ITW viruses? what if i infect someone's computer with a ZOO one? some AV will be protecting that computer and of course they'll claim their product can stop ALL viruses.

well to add some more NOD32 failed to detect some batch viruses where the others ( DrWeb, AVP, F-Prot, F-Secure etc ) detected them all.

Since this is a general Antivirus comparison, this thread has been moved to "Other Antiviruses".

regards.

paul

{QUOTE-> what if i infect someone's computer with a ZOO one? <-QUOTE}

From time to time it happens that a so called Zoo-Virus gets ITW. And in such case all AV programs that did not detect this malware so far will release signature updates like they do with all other new ITW viruses.

{QUOTE-> some AV will be protecting that computer and of course they'll claim their product can stop ALL viruses. <-QUOTE}

No AV program can stop "all viruses".

{QUOTE-> well to add some more NOD32 failed to detect some batch viruses where the others ( DrWeb, AVP, F-Prot, F-Secure etc ) detected them all. <-QUOTE}

How do you come to this conclusion? Also the products you mentioned can't detect all batch viruses. And in terms of detecting batch malware: Of how many ITW batch viruses you are aware at the moment?

wizard

First i must apologise for my bad English which is creating confusion. i meant that post to be in the NOD32 forum so that ESET people will try to make it THE BEST from ONE OF THE BEST. now for MR. Wizard....

i] if there is an AV that detects all the ITW viruses does it mean that its good? it should also detect most of the ZOO viruses too. because when i invest my money on some AV i'll expect it to protect it from ITW viruses as well as some ITZ viruses. let me explain why, its because i don't think the ITW list is complete and vulnerability to non ITW viruses is also a NO NO. some AVs like NOD32, Symantec etc. excels in catching ITW viruses. but look at F-Prot's or AVP's database, its also contains non ITW virus signatures. if NOD32 expands its database i think it'll erase all competitions.

ii] i know no AV can detect "all viruses" i was being sarcastic about their claims.

iii] i have some batch viruses in my PC. i scanned them with some AVs and found that NOD32 misses most of thems where its counterparts like DrWeb, AVP, F-Prot detects all of them. now when i said ALL OF THEM i meant all of them FROM MY COLLECTION. not all of them from the world. in no point i mentioned that those were ITW batch viruses. though regarding your question if you look at the database of DrWeb or PC-Cillin or Symantec you'll find some batch ones even today.


Mr. Wizard all i wanted to say that i want my AV to be able to protect my computer from ITW viruses plus ZOO viruses so that no accidents will occur. i just don't want to be the first or the second victim of a ZOO virus on its way to the ITW list. by the time AVs will be dishing out updates my data could be long gone. i know a lot of people will also agree with me.

So if some ESET official is reading this "Please expand your database".

Do you have F-prot or F-secure? These are different product. Once you write about f-secure and once about f-prot.

i have both. well F-secure used F-Prots engine but now they changed it to their own Libra and Orion. now this Orion engine is avilable for the 9x platform too.

Yes, it used it. But not any more now. So please seperate these 2 programs. I know lot of people who still think that f-sec = f-prot. F-sec was f-prot some 4 years back, but then it became an invidual firm.

i never merged those products. i tested them seperately. so don't u worry.

OK, now I understand why "F Prot for Dos" database are available both on F Secure and F Prot FTP ...

Thx

{QUOTE-> Mr. Wizard all i wanted to say that i want my AV to be able to protect my computer from ITW viruses plus ZOO viruses so that no accidents will occur. <-QUOTE}

Do you know how often it happens that a zoo malware samples gets ITW and spreads widely? When I look for example at the ITW threats that McAfee reports as the most dangerous malware threats at the moment I could not see one sample that has been a piece of zoo malware before: Sassser, Baggle, Netsky - everything brand new.

Yes it can happen that a zoo sample gets ITW and starts spreading. But actually I can't remember even when the last big outbreak of a samples was that had been in zoo collections before. I think the bigger threat is to be hit by a brand new piece of malware rather than by a zoo one getting ITW.

{QUOTE-> So if some ESET official is reading this "Please expand your database". <-QUOTE}

That's what Eset is doing day by day to ensure that you get protected from real threats. :)

Please remember: There is no difference between a brand new ITW virus and a zoo virus getting ITW: In both cases new signatures will be released asap.

wizard

i'm failing to communicate everytime. all i want to say that i don't give a dime about statistics or what Symantec or McAfee thinks about the current threats. for me an ITW virus is dangerous and so is a ZOO virus. i don't want to wait for an antidote while a ZOO virus has infected my system and where the AV guys are waiting for that virus to get WILD before they churn out the antidote. somewhere here in this forum a poor chap complained about his updated NOD32 failing to detect a virus where other products detected it. well that virus probably wasn't an ITW and probably never will be but that chap potentially lost his data.

Now do you get my point? sorry if i sound kinda arrogant but everytime someone picks up the wrong idea from my writing. i want NOD32 to expand its database so that it could detect more viruses than the ITW ones. thank you.

I believe Nod is adding a tremendous amount of definitions. Look at their update page. It will take time though.
The person that got infected put himself at risk by downloading questionable programs.

hello Ronjor, how was your day? well if you look at the virus lists of Symantec or Trend Micro or F-Prot you'll see lots of activities there too. in case of DrWeb and KAV you'll see more. Paul Wilders warned me about something thats why i'm not going to repeat it but if you test thoroughly you'll find that NOD32 database is not at par with F-Secure or KAV for example.

yes you are right that person in question got himself infected by running a fancy keygen. i don't support those activities. i agree with you on this.

I have had at one time or another licenses for KAV, NAV, Etrust, Command, F-Prot, Trend, RAV, Nod and used several free programs.

It is a fact also that I tried all of them on WinXP.

In my experience, some programs are almost as bad as a virus. Some try to take over your system, others you can't update without going through hoops, some cause odd behaviour on your system including severe slowdowns and conflicts.

This is my second license for Nod. The reason is simple, it does not slow my system down and it updates frequently.
Whether or not Nod is the best of all means nothing to me. It is the best for me.

It is an endless argument as to who updated definitions first in an outbreak, who has the most definitions, am I protected, is there a program that is better, etc.

There may be antivirus programs with a larger database but, few would argue against the fact that Nod has the very best heuristic engine out there. That alone makes up for a lot of definitions.

Good luck to you. :)

the products that you've mentioned, i've used them all and some more. i agree with you that NOD32 has the best heuristic protection. DrWeb and F-Prot are not less than NOD32 but they generate a lot of false alarms. remember Thunderbyte? In-Defence? good heuristic alone is not enough. it should be backed by good database. thanks i wish you luck too.

Well, I think F-secure is the best antivirus program found on the market.

It would be perfect, if it would have better *.zip and *.rar unpacking engine.

I think I agree with you; however all of the (very substantial) Back Web overhead is annoying and, occasionally, it does interfere with other programs. There must be 9 or 10 of those programs running in the background all the time. Other users have expressed similar feelings about the Back Web aspect of the program and I wonder how many potential users bypass F-secure because of that?

Aside from that one issue, which is only indirectly associated with the AV function, I have been totally satisfied with F-secure for a little over two years. The KAV (v 5.0) product could provide very serious competition for them since it may provide equivalent performance but with very light "overhead" in terms of resource utilization. Until now, I think the other Kav products had their own problems with resource utilization-so it was pretty much a toss up except for the "simplicity" of the F-secure interface.

Just curious if you have any thoughts about the Back Web functions? I really do like it otherwise.

Regards,

Bdiamond

i second your thoughts Bdiamond. i think a lot of potential users gets scared by the name of F-Secure. if you check the development histroy you'll see that the F-Secure guys always manages to fix those reported bugs also always manages to introduce some more. but there is one thing i like about F-Secure, they are very honest about it. they document the known problems and the scanning report never hides the errors. yes Kloshar the RAR and ZIP UN-ARCHIVING support could be better. thanks to the KAV engine UNPACKING support is the best in the industry.

another bad thing about F-Secure that people who have less than 128MB RAM can forget about it. even the 128MB machines crawl with this heavy-duty AV. also the configurability is set to idiot-proof. anyway KAV isn't that heavy on the recourses. on XP machines it occupies 12MB which is equal to NOD32.

{QUOTE-> F-Secure that people who have less than 128MB RAM can forget about it. <-QUOTE}

We have 128 mb ram on computers in our school. And there is F-secure 5.41 for workstation installed. It works realy great!

Please read my messages carefully. "People who have LESS than 128MB RAM can forget about it."

Yes, I read it carefuly and I found that:

{QUOTE-> even the 128MB machines crawl with this heavy-duty AV <-QUOTE}

LOL now you are quoting another line. anyway i meant that F-Secure slows down the 128MB machines. slows down doesn't mean that it becomes useless. machines having less than 128MB RAM will become very slow. if it makes you happy then go on use it.

OK, it doesn't metter. I agree that it uses lot of resources.

F-Secure is awesome, its passed any test I can throw at it, including some rebased baddies most progs miss. But I agree, the overhead needs to be lessoned a bit.

Its a tough call for me.. Norman also seems to suit my needs as well, and its sandbox is powerful. AVK is my last choice, the verdict for me is still out on this one.

F-Secure is definately to be considered as my next AV. NOD32 has let me down far far too many times.

IMHO F-Secure was better with F-Prot but now it has three scanning engines with Libra and Orion being F-Secure's own. still it packs a punch. no doubt some big names use this product. hey you have a 3.4GHz, i'm sure F-Secure will pose no threat to you.

So what are your thoughts on F-Secure vs KAV 5.0 in terms of effectiveness and system impact?

Tell you one thing, that app is huge. 29MB.

are you kidding me? what version you are running? 5.42 workstation or the new jumbo pack called the F-Secure Client Security? i don't have the guts to try the later one. tell me about it if you've tried it.

{QUOTE-> are you kidding me? what version you are running? 5.42 workstation or the new jumbo pack called the F-Secure Client Security? i don't have the guts to try the later one. tell me about it if you've tried it. <-QUOTE}


Filename is fsav2004f-sp1a from the home users section of the site. LOL not sure if I should bother installing. Funny, it's the same size as the internet security trial, so maybe it's the same package and you just do a customized install.

so you are running the F-Secure Antivirus 2004. yeah i noticed they have same filesize. you could be right. but let me inform you that there is something fishy about FSAV2004 and the workstation version. you'll notice that the scanning engine version of Libra and Orion is same for FSAV2004 but in the workstation version they are using an updated version though the workstation version is older that FSAV2004. i forgot which engine but its about Orion and Libra.

Those files are the same, half way through installation, it asks you if you want to install the full version or just the AV... Hope that answers that question. =)

Anyway..

That little AVtest program that throws those fake worms into your system to test monitoring heuristics was MISSED by NOD32 and KAV. (amoung others)

However, interesting point to note, F-Secure passed all 4 tests, with the fake worms getting past the internal KAV, but being picked up by Orion or Libra. Its pretty interesting, you can watch the processes, and see which one "Ticks" to 1% usage to see which one grabbed the signatures.

Norman and McAfee also grabs em, and so does BitDefender. Every other AV i've tried is ignorant them.

Also, a recent REpacked badguy file I have, with several rebased/hacked baddies hiding inside (that NOD32 missed, etc), is picked by up F-Secure - the packer at least. But interesting to note, Norman picks up the packer AND at least one of the baddies inside via its "Sandbox" and lists it as "Unknown W32/Malware".

Thats pretty impressive stuff at work. Now if BitDefender had decent unpacker support, it would be just perfect. I'm also not fully confident with the KAV-Only system.

I'm leaning now towards either F-Secure or Norman as my solution. I do like the Norman Firewall too.. Now to finalize my decision.. I'm tired of some solutions promising to fix things in updates, not delivering on supposed changes, and blowing smokez up my .....

Damn just looked @ pricing. F-Secure is rather spendy. $57... nearly $10 more than the (IMO) overpriced KAV.

Anyone know how their support is? Have to give it to KAV and BD. They're the only one's that responded in a reasonable amount of time... BD was on the outside of what I consider reasonable though.

Kobra, how did it impact your system?

I'm about to plop it on my laptop. Desktop has work/client files on it, so no experimentation there even though it would be nice to test these apps out on a 3.4G, RAID 0 Raptor array with 1GB RAM.

i haven't tried the Norman firewall. should be good but that AVtest program i don't trust. so it seems that KAV engine failed to nail that worm. i'm guessing that ORION grabbed that worm. you know its funny that the F-Secure guys have implimented so many security policies into their product but by tweaking one registry entry you can reset the trial period. i won't disclose the process due to legal reason. but its very hard to fool the scanner. i don't like the Norman AV. it also failed a recent VB test. can you believe it?

{QUOTE-> i haven't tried the Norman firewall. should be good but that AVtest program i don't trust. so it seems that KAV engine failed to nail that worm. i'm guessing that ORION grabbed that worm. you know its funny that the F-Secure guys have implimented so many security policies into their product but by tweaking one registry entry you can reset the trial period. i won't disclose the process due to legal reason. but its very hard to fool the scanner. i don't like the Norman AV. it also failed a recent VB test. can you believe it? <-QUOTE}
Norman needs a bit more refining IMO, I would suspect it would be extremely viable at 6.0.

Check this one out..

http://www.extendiaavk.com/

I contacted them and got a full copy to evaluate today, and its insanely good. Uses basically ZERO system resources and I can't figure out how, but it detects everything I can throw at it..

Even a stealthed packer with 2-3 rebased baddies inside the thing picks up with EASE.... Uses only 2 processes, one for 1,600k and one for 3,200k, with no detectable CPU usage.. Amazing!

It uses the RAV+KAV engines in a dual system, and man, does it work in my tests, even tells you which engine is picking up which nasty.

The interface is absolutely gorgeous, with lotsa easy options, and deep options for the techies.. Even sliders to alter performance speed vs security..

PS: I like the eXtendia version much better than the Gdata direct version, and this one has Daily/Hourly sigs it snatches from KAV and RAV as well. I've already seen it do this in action.

VB tests are complete bullox, I don't buy em... 1 false and you fail.. Also, they focus obviously, on Viruses.. I'm more worried about Trojans and Malware, I see those daily.. I haven't seen a virus in 2 months pass through my box.

I gave up using VB as any reasonable source of info, after they pump up NOD32 to godlike levels, and half the bugs on the net waltz right through it.. Sheesh. A AV product without very good malware/trojan protection is about as useless as a 3 legged dog if you ask me.

{QUOTE-> i haven't tried the Norman firewall. should be good but that AVtest program i don't trust. so it seems that KAV engine failed to nail that worm. i'm guessing that ORION grabbed that worm. you know its funny that the F-Secure guys have implimented so many security policies into their product but by tweaking one registry entry you can reset the trial period. i won't disclose the process due to legal reason. but its very hard to fool the scanner. i don't like the Norman AV. it also failed a recent VB test. can you believe it? <-QUOTE}

well i'm more concerned about viruses. i don't have much of a threat from trojans as i don't have those habits. also remember that false alarm does cause a problem with all users.

Kobra, isn't that just a private label version of an earlier AVK?

I'm pretty sure it used to have KAV and RAV.

Thats exactly what it is.. eXpendia is the US/UK distributor for Gdata, and handles all AVK sales here.

They were kind enough to provide me a demo, and so far, i'm very impressed. Its even passed the "Rise of Nations" test on one of our extra low end machines here. Basically, Rise of Nations expansion is really a hog at higher resolutions and tends to crash with any AV's running in the background. My son is on his 2nd game with no crash and AVK in the background. Certainly nothing pertaining to actually protection, but performance is always a consideration.

Its blown through anything i've thrown at it, and for $29, i'm considering it, especially since they don't hide their voice number and toll free voice support line, and don't charge extra for daily/hourly defs.

{QUOTE-> VB tests are complete bullox, I don't buy em... <-QUOTE}

Since all AV vendors voluntary put up their software for VB testing, you obviously have not that much confidence in them either...

{QUOTE-> I gave up using VB as any reasonable source of info, after they pump up NOD32 to godlike levels <-QUOTE}

"Pumping up"? I'm pretty sure VB wouldn't like the insinuation you are making here - and you are disqualifing all other AV companies who put up their software for VB testing as well.

{QUOTE-> and half the bugs on the net waltz right through it.. Sheesh. A AV product without very good malware/trojan protection is about as useless as a 3 legged dog if you ask me. <-QUOTE}

No one asked you - but it's sort of an opinion allright. In case you don't like the software: use another.

regards.

paul

LOL well I can tell you that F-Secure is in no way an alternative to NOD (faults aside). Not only does the install take forever, but it uses backweb for updates, slows my system to a crawl and uses more resources than the supposedly resource heavy KAV 5.0.

{QUOTE-> LOL well I can tell you that F-Secure is in no way an alternative to NOD (faults aside). Not only does the install take forever, but it uses backweb for updates, slows my system to a crawl and uses more resources than the supposedly resource heavy KAV 5.0. <-QUOTE}

Maybe 4 you. But for us, who think that NOD32 is a toy, f-secure is the best antivirus! Ever!

For RAM, yes F-Secure is heavy. For actual PC resource use, it seemed pretty light to me, didn't notice any slowdowns.

F-Secure is a *MONSTER* for finding baddies! In fact, both of the multi-engine solutions out there are monsters for finding the bad stuff. AVK and F-Secure. They both get anything I throw at them, even stealthed and rebased crap.

You want protection, these got it..

{QUOTE-> Maybe 4 you. But for us, who think that NOD32 is a toy, f-secure is the best antivirus! Ever! <-QUOTE}

Ummm thanks for providing such useful insight. ::)


Desktop has a OC'd P4 @ 3.6GHZ, RAID 0 array with WD Raptors, 1GB RAM, F-Secure didn't have an impact.

Laptop has a P4 1.8GHZ CPU, 768MB RAM, 5400RPM HD. Does OK with most apps. That's where I noticed the issues with F-Secure.

Yea I don't think i'd recommend F-Secure on anything under a 2Ghz processor, those triple engines probably eat some background CPU cycles on anything less.

We have f-secure in school on pII 300 mhz, 128 mb ram. It works OK!

yes when it comes to detection and nothing else, F-Secure rules the nest. but KAV 5 is not lagging behind. there is a huge difference between their resource usage. KAV 5 is cheaper than that Finnish monster and uses updated engine with less resource.

{QUOTE-> yes when it comes to detection and nothing else, F-Secure rules the nest. but KAV 5 is not lagging behind. there is a huge difference between their resource usage. KAV 5 is cheaper than that Finnish monster and uses updated engine with less resource. <-QUOTE}

Have to say, some bugs aside, I do like KAV5. Exchanged 3 emails with Igor in a 30 minute period. That says something about their commitment to support.

KAV5 is interesting, but I think it still lags behind as well. For one, they removed far too much customization and "Toys" in KAV5, I miss those in dumbed down applications. McAfee Enterprise Edition(beta) is a dream AV with tweaks and tools galore, but everytime they release a retail product, they slap it inside that garbage internet center and ruin it.. lol!

Anyway, support at KAV is good, but they've been evasive when me before - and it was puzzling.. I emailed them pointing on that realtime scanning of folders on the fly is missing from KAV5, and got a reply back saying "How do you know its missing?".. I replied saying "Uhh, because I tested it!", and then they replied back saying "Yes, it is missing, but mostly nobody notices..".. WTF?

Either way, $80 for KAV Pro is outrageous IMHO, especially when I can get the same engine and defs in something else for $29... I could see $80 if it included lifetime definitions, but not 80$ per year!

If they put all the functionality in 4.5 back into 5.0, added back in optional realtime scanning of folders and junk, then i'd consider it. Scanning over the KAV forums, it seems a good measure of customers are disatisfied with KAV5 and are moving BACK to KAV4.5... 4.5 massively needed an interface improvement, but nerfing most of the functions in it for 5.0 seemed like a bad decision.

AVK, F-Secure and possibly Norman are most interesting to me. I'd love to like Bitdefender, its a clean and pretty product thats good. But without better packer support, a few more defs, and some tech support, I have ruled it out. Norman has a couple of bugs that bug me. F-Secure is expensive as hell... Guess its AVK! I'll run it for 30 days and see. lol

{QUOTE->
If they put all the functionality in 4.5 back into 5.0, added back in optional realtime scanning of folders and junk, then i'd consider it. Scanning over the KAV forums, it seems a good measure of customers are disatisfied with KAV5 and are moving BACK to KAV4.5... 4.5 massively needed an interface improvement, but nerfing most of the functions in it for 5.0 seemed like a bad decision. <-QUOTE}
well... they will hv this customization in their Personal Pro release, I just wonder when will be released.!!!

Well, F-Secure users better update their software:

{QUOTE-> SOFTWARE:
F-Secure Anti-Virus for Workstations 5.x
F-Secure Anti-Virus 5.x
F-Secure Anti-Virus Client Security 5.x
F-Secure Anti-Virus for File Servers 5.x

DESCRIPTION:
A vulnerability has been discovered in F-Secure Anti-Virus,
potentially allowing certain malware to bypass the virus detection.

The vulnerability is caused due to an unspecified error, which
reportedly causes a problem with properly detecting the Sober.D and
Sober.G viruses in PKZip archives.

The vulnerability has been reported in the following versions:
* F-Secure Anti Virus 5.41/5.42 for Workstations
* F-Secure Anti-Virus 5.41/5.42 for File Servers
* F-Secure Anti Virus Client Security 5.50 and 5.52

SOLUTION:
F-Secure Anti-Virus Client Security 5.52 Service Release 1 (SR-1) is
not affected.

Apply appropriate hotfixes for vulnerable versions. <-QUOTE}

Being vulnerable to Sober variants for quite a while has been fixed - now ;)

regards.

paul

Paul, you run NOD32 right? Just curious.. If you want to see a vulnerability with the a certain popular trojan packer and your AV, you should have ran that file I provided linked to you in PM a few days back.

Not only does it waltz right past, but it will effectively kill your system. As addressed in this thread:

http://www.wilderssecurity.com/showthread.php?t=33351

I'm half tempted to reinstall certain AVs and see if they are dealing with the bad guy yet and the bad guys packed within this badguy. I know Ewido, BOClean, and TDS3 added fixes for it. AVK, KAV, McAfee, F-Secure and Norman all picked it up totally - without definitions for the rebased inside and the packer on the outside - the *ONLY* AV's we've tested that could pick it up.

F-Secure = YUMMY.. If it was cheaper, i'd of got it, eXpendiaAVK at $29 is far too tempting to ignore.. ;D

{QUOTE-> Well, F-Secure users better update their software:



Being vulnerable to Sober variants for quite a while has been fixed - now ;)

regards.

paul <-QUOTE}


Oops...this means F-Secure users have been vulnerable to sober variants for a very long time? I'll pass, thanks....

Blue

Bluemoon

You do have a way with words. LOL

Antivirus-just to keep on topic. :)

{QUOTE-> Paul, you run NOD32 right? Just curious.. If you want to see a vulnerability with the a certain popular trojan packer and your AV, you should have ran that file I provided linked to you in PM a few days back. <-QUOTE}

You might give it another try indeed ;)

{QUOTE-> F-Secure = YUMMY.. If it was cheaper, i'd of got it, eXpendiaAVK at $29 is far too tempting to ignore.. ;D <-QUOTE}

mmm..Last alert:

{QUOTE-> A vulnerability has been discovered in various F-Secure Anti-Virus
products, which can be exploited by malicious people to cause a DoS
(Denial of Service).

The vulnerability is caused due to a boundary error within a module
responsible for accessing content in LHA archives while scanning for
viruses. This can be exploited to cause a buffer overflow by passing
a specially crafted LHA archive to a system running a vulnerable
product.

According to the vendor, successful exploitation causes the affected
module to restart. The impact varies depending on the used product
and ranges from performance degradation to system crashes and
potential failure in detecting viruses.

The vulnerability affects the following products:
* F-Secure Anti-Virus for Workstation 5.42 and earlier
* F-Secure Anti-Virus for Windows Servers 5.42 and earlier
* F-Secure Anti-Virus for MIMEsweeper 5.42 and earlier
* F-Secure Anti-Virus Client Security 5.52 and earlier
* F-Secure Anti-Virus for MS Exchange 6.21 and earlier
* F-Secure Internet Gatekeeper 6.32 and earlier
* F-Secure for Firewalls 6.20 and earlier
* F-Secure Internet Security 2004 and earlier
* F-Secure Anti-Virus 2004 and earlier
* Solutions based on F-Secure Personal Express 4.5x, 4.6x and 4.7x
* F-Secure Anti-Virus for Linux Workstations 4.52 and earlier
* F-Secure Anti-Virus for Linux Servers 4.52 and earlier
* F-Secure Anti-Virus for Linux Gateways 4.52 and earlier
* F-Secure Anti-Virus for Samba Servers 4.60

SOLUTION:
See patch matrix in original advisory.

PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.

ORIGINAL ADVISORY:
http://www.f-secure.com/security/fsc-2004-1.shtml <-QUOTE}

regards.

paul

Interesting, but two things can be surmised by this I suspect...

One being F-Secure is very up front about bugs and issues that come up, and fixing them rapidly.

Another, is that they aren't afraid to issue real bulletins, outlining problems, so everyone can know and see.

Now that begs to question, how many products in the AV business do you know that are willing to do that? I'd bet hard cash other AV products have come up with security issues, you didn't hear anything, and they simply launched a patch live to fix it - firing it off to their clients on a definition download sweep. You think?

I don't use F-Secure myself, but I give them credit for their openness, honesty, support, and rapid responses to issues such as these. Thats more than I can say for some companies i've delt with, that probably don't even report these things, much less admit to them after they fix them. Its definately a product i'd consider though. PS: I'd love to run NOD32, but until they add more packer support, and double their malware/trojan database, add AH to Amon, and HTTP scanning, its just not viable for me unfortunately. ( I will require all of the above). Maybe future versions once the product matures more...

It seems that everything is the same. Interesting ...

http://www.f-secure.com/products/anti-virus/clientsecurity/screenshots/internetshield.jpg
http://www.f-secure.com/estore/images/fs2003/is/pexis_home_eng.jpg
http://www.f-secure.com/estore/images/fs2003/av/pexav_home_eng.jpg

Please kloshar,
Can you tell me about system resources needed by F-Secure IS 2003/2004?
I´m very interesting in this Suite.
Thanks in advance!

backfolder.-

I'm very sory, I can't. I don't have it. I can only tell you about 5.42 for Workstation and 5.53 Client Security.

{QUOTE-> Please kloshar,
Can you tell me about system resources needed by F-Secure IS 2003/2004?
I´m very interesting in this Suite.
Thanks in advance!

backfolder.- <-QUOTE}

Ii've tried it on a laptop with a 1.8GHZ P4M, 5400RPM HD 768MB RAM and a 3.2GHZ P4, 1GB RAM, Raptors in RAID 0... F-Secure had a noticeable impact on both systems.

I also don't like the fact that it uses backweb. Had issues with other apps that use it.

If they changed away from backweb in F-Secure, it would be *THE* AV/AT application to own, thats for sure!

Heck, i've had AV testing houses tell me they are afraid to test F-Secure, because its so good and strong, it wouldn't be fair to the single engine products out there.. /shakes head

{QUOTE-> If they changed away from backweb in F-Secure, it would be *THE* AV/AT application to own, thats for sure!

Heck, i've had AV testing houses tell me they are afraid to test F-Secure, because its so good and strong, it wouldn't be fair to the single engine products out there.. /shakes head <-QUOTE}
Please name these "AV testing houses" that actually say that.

{QUOTE-> Please name these "AV testing houses" that actually say that. <-QUOTE}

You don't believe that? I do!

Its not that good. Belive me.

If you say that, you say that kav is not good and f-prot even. Why not?

I have F-Secure Client Security :) . I know it is resource-heavy (although I don't feel it), but the reason we all use AntiVirus software is to stay protected. Therefore, detection rate is one of the most important factors when I choose my AntiVirus software. I mean, who cares about scan speed when the software misses a few threats, right? ;)