F-Prot, purebred anti-virus?

I am using now a trial version of F-Prot anti-virus, and found out that it only has a real-time protector and on-demand scanner and nothing else. I was anxious, it didn't even have an e-mail scanner.

I use in the past Avast and it has seven protection modules, web shield, network shield, email protection, resident shield, etc..., same also with NOD32, and now f-prot on my machine with only resident real-time protection.

Can I really trust f-prot even if it has no email scanner?

 

Are you using 3.16f trial version? There is an e-mail scanner in the 6.0 beta, but for Microsoft Outlook (not Outlook Express) only...

There is also a HTTP scanner in 6.0 beta but for IE only...

 

Yes , F-prot 3.16 lacks of extra feautures but you can try their new beta if you wish which has some more Don't worry so much
Since F-prot doesn't control non-viral malware , don't forget about the antispyware software(s)

 

RT scanner does detect most of stuff however some exploits require HTTP scanning in order to be intercepted properly.

 

I don't use an email scanner. I use OE and Microsoft has always warned to NOT use an email scanner with OE. I am currently using KAV 2006 and I didn't install the email scanner. I have used NOD32 with no email scanner (I did use it for beta testing until the beta ate my entire (very large) Sent Items folder several years ago). I have used many AV and never used an email scanner except when I first got my first computer and knew nothing about AV. I have used F-Prot 3.15 and I currently have the new F-Prot beta on a virtual machine.

I always download any email attachment to disk and then scan it with my AV before opening. If you do this, you don't need an email scanner. Many ISPs now scan all incoming and outgoing mail for viruses and doing it again is redundant especially if you download to disk any attachments and scan them before opening.

 

Why complicate if you don't have to? avast!'s Internet Mail provider kept an eye on my mail before i started using GMail and i was very happy with it.
Worked like a charm and intercepted practically all garbage. Nearly same geographic location so what outbreaked in Czech it nearly always hit slovenia few hours later. So we are covered very well

 

Maybe, i have to wait for their final version release. I don't like to become a beta tester like a mouse in the lab..

 

Hi Mele20,

FWIW I use the email scanner for OE with KAV6. I have encountered no problems or slowdowns that I am aware of.

Regards,
Jerry

 

Funny but Frisk betas are as stable as ESET's which means you should have no problems but instead try the new version . Although some people here at Wilders reported some issues I had no problems during my two days testings with it Anyway , as you like it .

 

Is there an estimated date for the release of the new F-Protect on the market?

I think I have read of an estimated release date, but I cannot find it.

Thanks,
Jerry

 

I just don't understand the fuss about e-mail scanner or HTTP scanner. Few
years ago all AV softwares were just like F-Prot. Though most of them used
e-mail scanners, F-Prot came without it. But there is a simple logic that
once the attachment is saved its checked by the realtime scanner. Another
logic tells us that there is no need to scan all data files. F-Prot is a barebone
AV but its efficient. It does what its supposed to do i.e. stop viruses. Then
people started having bright ideas about expanding the functionality. Norton,
McAfee, NOD32, etc added so many functionalities, now we think that
F-Prot is worthless. But is it true?

Someone in this forum used a nice signature "The best AV is between the
chair and the keyboard". This is very true. If you have the habit of clicking
on every executable you SEE or download everything you CAN then yes
F-Prot is not for you. Go for KAV, McAfee or NOD32. But if you are careful
then F-Prot is enough for you.

Mele20 is correct. Now some ISPs and providers like Yahoo, etc check the
e-mails. Even if thats not happening then your realtime scanner will do the
job. Same goes for HTTP scanning. These are just extra components which
will warn you in advance. If you think e-mail scanner and HTTP scanner is
necessary then going by the same logic you should also enable archive
scanning in your realtime scanner and set the depth to maximum. Obviously
the system performance will go down.

Antispyware and antiadware are also some softwares your PC can do without.
But safe Hex is necessary in this case.

Thats why whenever you'll ask someone which is the best AV, you'll get the
answer that you should try it and find that out yourself what suits you best.

 

Hi AMRX,

[If you have the habit of clicking
on every executable you SEE or download everything you CAN then yes
F-Prot is not for you. Go for KAV, McAfee or NOD32. But if you are careful
then F-Prot is enough for you.]

While I do not click on everything, and am a very safe surfer, I cannot figure why I would buy an AV that is not among the best few. As of the last AVC tests, F-Protect was not, did not even rate Advanced.

I realize that there are other considerations than detection rates, but in the end detection/protection is what I have an AV for. Other than price, I see no reason to buy F-Protect instead of KAV. Why buy a third tier AV when so many better ones are available.

I do hope that it will greatly improve in the new version, but if and how much remains to be seen. I would like to try it, but not at its current detection rates.

Best,
Jerry

 

You don't understand the fuss about HTTP scanner? Do you think you are well protected with just the regular on-demand/on-access scanners? You do realize that once you visit a web site with a malicious script or exploit that your on-access scanner can't catch it (when it does, it is already too late, since it has been executed in the browser already).

 

@JerryM

Yes, F-Prot doesn't set the comparison chart on fire like KAV or NOD32 but
it still does a decent job. If you read Andreas Clementi's page you'll know
that. Its cheap, light and fast. So if the AV between the chair and the
keyboard is reliable then there is nothing wrong in using F-Prot. I trust
F-prot and I respect your decision if you don't.

@kjempen

Yes, I think I'm well protected with just a realtime scanner. I also realize
that F-Prot can detect scripts from malicious websites. Even if I use a
HTTP scanner, if the signature is absent or if the heuristic fails then its
useless. Before the browser executes it, the realtime scanner will stop it
if the signature is available.

Please understand that the term 'security' means something for me and it
might mean something different to you. Last night I was surfing without an
AV (I was downloading eTrust) on dial-up and I felt quite secure. But if you
don't then please use the AV with highest detection rate and features. Its
up to you. But that doesn't mean anyone who is not using your choice of
AV is unprotected. If properly used F-Prot and Dr.Web are quite safe.

 

Ok, let me see if I get this right: According to what you write, a script or exploit cannot be executed on a web site before it is stored as a file on the hard drive of the "web site visitor's" computer? So what you are saying is that a HTTP scanner doesn't really work between the browser and the 'net? If it doesn't then what would be the point of it, since the on-access scanner already takes care of what is located on the hard drive? So nothing gets scanned before the entire file is already located on the hard drive? (And it is then scanned by an on-access scanner.) Hmmm... Doesn't quite sound like what is written in the NOD32 help file under the description of the IMON module (as an example), but maybe I'm misinterpreting?

So, basically, having HTTP checking enabled in an AV software is a waste. And I can turn it off and go visit sites with malicious scripts as long as my AV has detection for it? The on-access scanner will keep me completely safe? Are you sure about this? Have you tried this? (I would recommend not to.)

EDIT: I'm not saying that antivirus programs without HTTP scanning are useless or crap, just that they should add it if they want to keep Internet users safe. Personally, I wouldn't rely on an antivirus without a HTTP scanner considering some of the web sites I visit.

 

so if u surfed safely and u avoided any dubious activity, could u do with just a realtime scanner?

thats the point, f-prot is a simple av and its for people who want basic protection. not everyone needs 99.99% detection.

OTOH, a free AV would be a better alternative for safe surfers. antivir and avast did do better than f-prot in the on-demand and proactive tests...http://img228.exs.cx/img228/638/whistle9qn.gif

 

HTTP scanner is important. Try this link: http://www.eicar.com/download/eicar.com.txt

Turn off IMON in NOD32 and go there. AMON catchs that file but Internet Explorer is able to open it before AMON deletes it. Clear example that IMON is important. The same thing happened to me with KIS.

 

Oh good heavens. I got rid of NOD32 after having it for two years when they added that stupid IMON internet scanner that crippled my computer. KAV that I have now has that but I don't have that module installed. I hate things like that in an AV scanner. I certainly do NOT feel unprotected either. The ONLY thing you need to be concerned about is the quality of the resident scanner and the quality and timeliness of the signature updates. You also need to make sure that your settings are to scan ALL files ...EVERYTHING. Never, ever leave the settings at the stupid, weak settings that are default for especially NOD32 and KAV.

If you configure the settings correctly, and you have KAV or BD (those two because they update 15-20 times a day and have superb engines) that is ALL you need. You don't need an email scanner even. If you use Outlook Express, you should never use an email scanner. Microsoft says not to do that and I agree with that statement. You will corrupt OE if you persist in using email scanners and they aren't needed. Most ISPs now scan all mail on incoming and outgoing on the server gates and you just need to read in plain text, don't use the preview pane, download attachments to disk and scan with your on demand AV scanner...just practice safe hex and you don't need an email scanner. The fact that F-Prot doesn't have one is a main drawing point for me. I love that! I don't have to disable an email scanner as there isn't one. How refreshing and how sensible. If F-Prot starts updating several times daily, I would add the new F-Prot to KAV and BD as the best. NOD32 no...it relies too much on heuristics and doesn't update signatures fast enough and basically has sacrificed the resident scanner on the alter of IMON for the internet...heuristics again..yeah...NOD32 has great heuristics but signatures updated 15-20 times a day I trust much more.

Why are you so afraid no matter what web sites you visit? You don't need an HTTP scanner. What you do need is a superb resident scanner such as KAV, BD and the new F-Prot with the Inspector to make it brilliant. I think you need to handle some viruses. Have a researcher send you some. Handle them and you will see that they can do nothing to harm your machine until executed. That cannot happen as long as you do not turn off your resident AV scanner, you have it properly configured, always up to date, and it is a superb scanner (get a crappy scanner like AVG and then you should be worried).

 

Some stuff is executed in memory without file cache. File based scanners only are useless in such cases.

 

@kjempen

WSFuser got the point right. I never said the browser or a web server WILL
save everything on the disc before executing a malicious script. I know about
the BO attack, but my IE is properly patched and I don't use any web servers.
Also FYI If a page is coded to exploit a program, some AV softwares can
detect and stop it from loading using signature based scanning. If my
browser is already compromised then still it can't download stuffs from the
Net and install it on my system. Yes, I know it can do other stuffs but I'm
not bothered by them. My point is that I don't need the HTTP scanner and
I'm sure a lot of other users also doesn't need it. If you need it then use it.
But that doesn't mean its absolutely necessary. I'm not saying that I'm
100% secure nor I have a false sense of security, I'm just happy with what I
have.

As I said earlier, 'security' is different for different people. Thats why we
have security tools of different flavours. We just need to use what suits us.

 

I visit above website, my Panda Titanium 2006 Antivirus + Antispyware warning:

The file http://www.eicar.com/download/eicar.com.txt was infected by the EICAR-AV-TEST-FILE virus and has been deleted.

 

Useing Opera that file doesn't do anything but lie there.

 

What's the fun in that?

 

So? IE is opening text. Text is not an infected executable.

Eicar.com states that the text file is there because some users have problems with testing with the first eicar.com file. So, Eicar recommends that those users DOWNLOAD TO DISK the second txt file and rename it to eicar.com and then test their AV.

If I try to download the second eicar.txt file, I can't. KAV RESIDENT FILE SCANNER stops me from even downloading it...much less downloading it, renaming it, and then letting KAV have at it. It won't even let me download it. So, that file NEVER TOUCHES MY PC.

You explain to me why having NOD32 IMON HTTP scanner stop it is any better than letting my Resident scanner, in this instance KAV 2006, (but I have also tried this with Bit Defender, McAfee 8.0i enterprise beta I am testing on another box, F Prot 4 beta, etc) stop it. A resident AV scanner is all you need as long as it is an outstanding one that is updated very regularly ...preferably many times a day and the only ones I know doing that currently are KAV and BD. Others update once a day (like McAfee) but even with those, if there is an outbreak all AV vendors will release a signature right away. For the short window before they do, that is what heuristics is for.

There probably will come a day when there are too many signatures for that method to continue to be viable. That day is not yet here. I have full trust in Kaspersky, Bit Defender and others to adapt when it is really needed and I don't think HTTP scanners will ever be the answer except for a few such as NOD32. I am not willing to take the performance hit which is drastic for both NOD32 and KAV HTTP scanners for what is currently no better protection if you use KAV 2006. But if you use NOD32, I agree you better use the HTTP scanner because NOD32 is very slow to update signatures. This is the reason I left NOD32. I did not agree, at the time the decision was made, to put almost all eggs in the heuristics and HTTP scanner baskets. But if you don't have a performance hit, a slowing of your download speed when using the NOD32 or KAV HTTP/web scanners then fine, use them ...just understand that in the case of KAV the web scanner is not needed.