F-Prot 3.16 Released!!!!

Discussion in 'other anti-virus software' started by ncs, Nov 18, 2004.

Thread Status:
Not open for further replies.
  1. ncs

    ncs Guest

    FRISK Software has released version 3.16 of F-Prot Antivirus for Windows.

    The release of version 3.16 of F-Prot Antvirus for Windows represents a significant milestone in the continued development of the virus protection and services we provide our Windows customers. In preparation for this release the F-Prot Antivirus scanning engine has undergone a major overhaul and a number of important new features have been added.

    Among improvements introduced in version 3.16 of F-Prot Antivirus for Windows is a new method of ensuring that F-Prot Antivirus is up-to-date as soon as it has been installed with virus signature file updates now being triggered during the installation procedure of the single-user and trial products. In addition, handling of so called "archive bombs" has been greatly improved. These are archives expand tremendously that cause scanners or other programs to crash or hang because of intensive resource consumption during the scanning of hundreds of levels of archives within archives. The F-Prot Antivirus scanner now flags archive files it finds suspicious and alerts the user that the file "could be an archive bomb".

    Version 3.16 introduces an F-Prot Antivirus engine with significantly enhanced heuristics. As a result, F-Prot Antivirus is now better equipped to detect and neutralise malware that may attempt to compromise a system in the interrim period after a new threat appears but before virus signature files have been updated. Also, the engine can now better detect and handle executable packers that are often used by malware authors to conceal their malicious code.
     
  2. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Unfortunately, Frisk have confirmed that this does not refer to runtime packed files, such as ASPack and UPX.

    The packing engine in version 3.16 does not include any Runtime Unpackers.

    The "better detection of executable packers" with this new engine only refers to the extraction of compressed archive files.
     
  3. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I'm sure that Frisk did not intend to deceive, but that was the effect of the words they used to describe 3.16. At least in my case. I bought a license fully believing that they meant runtime packers. If I had know what they really meant, I would NOT have bought a license, but would have continued waiting for version 4.

    Shame on me. :'(
     
  4. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Did you email them about that, bellgamin?
     
  5. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Why people still mess up packers with archives.
    Packers are: UPX,ASPack,ASProtect,PE Compact...
    These are decompressed real-time when compressed executable is doubleclicked. Whole process is fully transparent and doesn't require any external utility to decompress data. Decompression speed is usually far beyond classic archives (lower level decompression,better caching).

    Archives are: ZIP,RAR,ACE,7z,CAB,TAR...
    These are decompressed on-demand with external utility like WinZIP,WinRAR or 7-zip (unless they are SFX archives). If there is no such external program,files inside such compressed archive are unaccessable (except SFX ofcourse).

    This is crystal clear and logical,so i don't know why everyone is complicating with using term packers for all compression methods.
    I never heard that ZIP is a packer,but an archive.
    I also never heard someone saying that UPX is an archive...
    Logical enough? I think so.
     
  6. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    @RejZoR- From Frisk's website at THIS place, here is Frisk's text that deceived me...
    .
    In your opinion, was Frisk's statement misleading, or was I foolish for misunderstanding it to refer to runtime packers?

    @Notok- Good idea. I sent Frisk an email about this.
     
    Last edited: Nov 25, 2004
  7. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Well i understand that they improved packers support (packer in terms of my explanation). But as i can see from posts above,they meant packers as archives (ZIP,RAR etc...).
    If so,then yes,it's misleading info. I think it would be best to simply contact Frisk about this.
     
Loading...
Thread Status:
Not open for further replies.