F-Prot, purebred anti-virus?

Discussion in 'other anti-virus software' started by sweater, Jul 25, 2006.

Thread Status:
Not open for further replies.
  1. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    I am using now a trial version of F-Prot anti-virus, and found out that it only has a real-time protector and on-demand scanner and nothing else. I was anxious, it didn't even have an e-mail scanner. :( :cautious: :blink:

    I use in the past Avast and it has seven protection modules, web shield, network shield, email protection, resident shield, etc..., same also with NOD32, and now f-prot on my machine with only resident real-time protection. :blink: :gack:

    Can I really trust f-prot even if it has no email scanner? :rolleyes: o_O
     
  2. Chubb

    Chubb Registered Member

    Joined:
    Aug 9, 2005
    Posts:
    1,967

    Are you using 3.16f trial version? There is an e-mail scanner in the 6.0 beta, but for Microsoft Outlook (not Outlook Express) only...

    There is also a HTTP scanner in 6.0 beta but for IE only...
     
  3. ASpace

    ASpace Guest

    Yes , F-prot 3.16 lacks of extra feautures but you can try their new beta if you wish which has some more :D Don't worry so much
    Since F-prot doesn't control non-viral malware , don't forget about the antispyware software(s)
     
  4. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    RT scanner does detect most of stuff however some exploits require HTTP scanning in order to be intercepted properly.
     
  5. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    I don't use an email scanner. I use OE and Microsoft has always warned to NOT use an email scanner with OE. I am currently using KAV 2006 and I didn't install the email scanner. I have used NOD32 with no email scanner (I did use it for beta testing until the beta ate my entire (very large) Sent Items folder several years ago). I have used many AV and never used an email scanner except when I first got my first computer and knew nothing about AV. I have used F-Prot 3.15 and I currently have the new F-Prot beta on a virtual machine.

    I always download any email attachment to disk and then scan it with my AV before opening. If you do this, you don't need an email scanner. Many ISPs now scan all incoming and outgoing mail for viruses and doing it again is redundant especially if you download to disk any attachments and scan them before opening.
     
  6. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Why complicate if you don't have to? avast!'s Internet Mail provider kept an eye on my mail before i started using GMail and i was very happy with it.
    Worked like a charm and intercepted practically all garbage. Nearly same geographic location so what outbreaked in Czech it nearly always hit slovenia few hours later. So we are covered very well :)
     
  7. sweater

    sweater Registered Member

    Joined:
    Jun 24, 2005
    Posts:
    1,674
    Location:
    Philippines, the Political Dynasty Capital of the
    Maybe, i have to wait for their final version release. I don't like to become a beta tester like a mouse in the lab..:D
     
  8. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Hi Mele20,

    FWIW I use the email scanner for OE with KAV6. I have encountered no problems or slowdowns that I am aware of.

    Regards,
    Jerry
     
  9. ASpace

    ASpace Guest

    Funny but Frisk betas are as stable as ESET's which means you should have no problems but instead try the new version . Although some people here at Wilders reported some issues I had no problems during my two days testings with it ;) Anyway , as you like it . :thumb:
     
  10. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Is there an estimated date for the release of the new F-Protect on the market?

    I think I have read of an estimated release date, but I cannot find it.

    Thanks,
    Jerry
     
  11. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    I just don't understand the fuss about e-mail scanner or HTTP scanner. Few
    years ago all AV softwares were just like F-Prot. Though most of them used
    e-mail scanners, F-Prot came without it. But there is a simple logic that
    once the attachment is saved its checked by the realtime scanner. Another
    logic tells us that there is no need to scan all data files. F-Prot is a barebone
    AV but its efficient. It does what its supposed to do i.e. stop viruses. Then
    people started having bright ideas about expanding the functionality. Norton,
    McAfee, NOD32, etc added so many functionalities, now we think that
    F-Prot is worthless. But is it true?

    Someone in this forum used a nice signature "The best AV is between the
    chair and the keyboard". This is very true. If you have the habit of clicking
    on every executable you SEE or download everything you CAN then yes
    F-Prot is not for you. Go for KAV, McAfee or NOD32. But if you are careful
    then F-Prot is enough for you.

    Mele20 is correct. Now some ISPs and providers like Yahoo, etc check the
    e-mails. Even if thats not happening then your realtime scanner will do the
    job. Same goes for HTTP scanning. These are just extra components which
    will warn you in advance. If you think e-mail scanner and HTTP scanner is
    necessary then going by the same logic you should also enable archive
    scanning in your realtime scanner and set the depth to maximum. Obviously
    the system performance will go down.

    Antispyware and antiadware are also some softwares your PC can do without.
    But safe Hex is necessary in this case.

    Thats why whenever you'll ask someone which is the best AV, you'll get the
    answer that you should try it and find that out yourself what suits you best.
     
  12. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Hi AMRX,

    [If you have the habit of clicking
    on every executable you SEE or download everything you CAN then yes
    F-Prot is not for you. Go for KAV, McAfee or NOD32. But if you are careful
    then F-Prot is enough for you.]

    While I do not click on everything, and am a very safe surfer, I cannot figure why I would buy an AV that is not among the best few. As of the last AVC tests, F-Protect was not, did not even rate Advanced.

    I realize that there are other considerations than detection rates, but in the end detection/protection is what I have an AV for. Other than price, I see no reason to buy F-Protect instead of KAV. Why buy a third tier AV when so many better ones are available.

    I do hope that it will greatly improve in the new version, but if and how much remains to be seen. I would like to try it, but not at its current detection rates.

    Best,
    Jerry
     
  13. kjempen

    kjempen Registered Member

    Joined:
    May 6, 2004
    Posts:
    379
    You don't understand the fuss about HTTP scanner? Do you think you are well protected with just the regular on-demand/on-access scanners? You do realize that once you visit a web site with a malicious script or exploit that your on-access scanner can't catch it (when it does, it is already too late, since it has been executed in the browser already).
     
  14. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    @JerryM

    Yes, F-Prot doesn't set the comparison chart on fire like KAV or NOD32 but
    it still does a decent job. If you read Andreas Clementi's page you'll know
    that. Its cheap, light and fast. So if the AV between the chair and the
    keyboard is reliable then there is nothing wrong in using F-Prot. I trust
    F-prot and I respect your decision if you don't.

    @kjempen

    Yes, I think I'm well protected with just a realtime scanner. I also realize
    that F-Prot can detect scripts from malicious websites. Even if I use a
    HTTP scanner, if the signature is absent or if the heuristic fails then its
    useless. Before the browser executes it, the realtime scanner will stop it
    if the signature is available.

    Please understand that the term 'security' means something for me and it
    might mean something different to you. Last night I was surfing without an
    AV (I was downloading eTrust) on dial-up and I felt quite secure. But if you
    don't then please use the AV with highest detection rate and features. Its
    up to you. But that doesn't mean anyone who is not using your choice of
    AV is unprotected. If properly used F-Prot and Dr.Web are quite safe.
     
  15. kjempen

    kjempen Registered Member

    Joined:
    May 6, 2004
    Posts:
    379
    Ok, let me see if I get this right: According to what you write, a script or exploit cannot be executed on a web site before it is stored as a file on the hard drive of the "web site visitor's" computer? So what you are saying is that a HTTP scanner doesn't really work between the browser and the 'net? If it doesn't then what would be the point of it, since the on-access scanner already takes care of what is located on the hard drive? So nothing gets scanned before the entire file is already located on the hard drive? (And it is then scanned by an on-access scanner.) Hmmm... Doesn't quite sound like what is written in the NOD32 help file under the description of the IMON module (as an example), but maybe I'm misinterpreting?

    So, basically, having HTTP checking enabled in an AV software is a waste. And I can turn it off and go visit sites with malicious scripts as long as my AV has detection for it? The on-access scanner will keep me completely safe? Are you sure about this? Have you tried this? (I would recommend not to.)

    EDIT: I'm not saying that antivirus programs without HTTP scanning are useless or crap, just that they should add it if they want to keep Internet users safe. Personally, I wouldn't rely on an antivirus without a HTTP scanner considering some of the web sites I visit.
     
  16. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    so if u surfed safely and u avoided any dubious activity, could u do with just a realtime scanner?

    thats the point, f-prot is a simple av and its for people who want basic protection. not everyone needs 99.99% detection.

    OTOH, a free AV would be a better alternative for safe surfers. antivir and avast did do better than f-prot in the on-demand and proactive tests...http://img228.exs.cx/img228/638/whistle9qn.gif
     
  17. fosius

    fosius Registered Member

    Joined:
    Oct 14, 2004
    Posts:
    479
    Location:
    Partizanske, Slovakia
    HTTP scanner is important. Try this link: http://www.eicar.com/download/eicar.com.txt

    Turn off IMON in NOD32 and go there. AMON catchs that file but Internet Explorer is able to open it before AMON deletes it. Clear example that IMON is important. The same thing happened to me with KIS.
     
  18. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Oh good heavens. I got rid of NOD32 after having it for two years when they added that stupid IMON internet scanner that crippled my computer. KAV that I have now has that but I don't have that module installed. I hate things like that in an AV scanner. I certainly do NOT feel unprotected either. The ONLY thing you need to be concerned about is the quality of the resident scanner and the quality and timeliness of the signature updates. You also need to make sure that your settings are to scan ALL files ...EVERYTHING. Never, ever leave the settings at the stupid, weak settings that are default for especially NOD32 and KAV.

    If you configure the settings correctly, and you have KAV or BD (those two because they update 15-20 times a day and have superb engines) that is ALL you need. You don't need an email scanner even. If you use Outlook Express, you should never use an email scanner. Microsoft says not to do that and I agree with that statement. You will corrupt OE if you persist in using email scanners and they aren't needed. Most ISPs now scan all mail on incoming and outgoing on the server gates and you just need to read in plain text, don't use the preview pane, download attachments to disk and scan with your on demand AV scanner...just practice safe hex and you don't need an email scanner. The fact that F-Prot doesn't have one is a main drawing point for me. I love that! I don't have to disable an email scanner as there isn't one. How refreshing and how sensible. If F-Prot starts updating several times daily, I would add the new F-Prot to KAV and BD as the best. NOD32 no...it relies too much on heuristics and doesn't update signatures fast enough and basically has sacrificed the resident scanner on the alter of IMON for the internet...heuristics again..yeah...NOD32 has great heuristics but signatures updated 15-20 times a day I trust much more.

    Why are you so afraid no matter what web sites you visit? You don't need an HTTP scanner. What you do need is a superb resident scanner such as KAV, BD and the new F-Prot with the Inspector to make it brilliant. I think you need to handle some viruses. Have a researcher send you some. Handle them and you will see that they can do nothing to harm your machine until executed. That cannot happen as long as you do not turn off your resident AV scanner, you have it properly configured, always up to date, and it is a superb scanner (get a crappy scanner like AVG and then you should be worried).
     
  19. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Some stuff is executed in memory without file cache. File based scanners only are useless in such cases.
     
  20. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    @kjempen

    WSFuser got the point right. I never said the browser or a web server WILL
    save everything on the disc before executing a malicious script. I know about
    the BO attack, but my IE is properly patched and I don't use any web servers.
    Also FYI If a page is coded to exploit a program, some AV softwares can
    detect and stop it from loading using signature based scanning. If my
    browser is already compromised then still it can't download stuffs from the
    Net and install it on my system. Yes, I know it can do other stuffs but I'm
    not bothered by them. My point is that I don't need the HTTP scanner and
    I'm sure a lot of other users also doesn't need it. If you need it then use it.
    But that doesn't mean its absolutely necessary. I'm not saying that I'm
    100% secure nor I have a false sense of security, I'm just happy with what I
    have.

    As I said earlier, 'security' is different for different people. Thats why we
    have security tools of different flavours. We just need to use what suits us.
     
  21. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,772
    Location:
    Texas
    Off topic post removed.
     
    Last edited: Aug 1, 2006
  22. woobook

    woobook Registered Member

    Joined:
    Oct 27, 2005
    Posts:
    131
    I visit above website, my Panda Titanium 2006 Antivirus + Antispyware warning:

    The file http://www.eicar.com/download/eicar.com.txt was infected by the EICAR-AV-TEST-FILE virus and has been deleted.
     
  23. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Useing Opera that file doesn't do anything but lie there.:)
     
  24. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    What's the fun in that? ;)
     
  25. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    So? IE is opening text. Text is not an infected executable.

    Eicar.com states that the text file is there because some users have problems with testing with the first eicar.com file. So, Eicar recommends that those users DOWNLOAD TO DISK the second txt file and rename it to eicar.com and then test their AV.

    If I try to download the second eicar.txt file, I can't. KAV RESIDENT FILE SCANNER stops me from even downloading it...much less downloading it, renaming it, and then letting KAV have at it. It won't even let me download it. So, that file NEVER TOUCHES MY PC.

    You explain to me why having NOD32 IMON HTTP scanner stop it is any better than letting my Resident scanner, in this instance KAV 2006, (but I have also tried this with Bit Defender, McAfee 8.0i enterprise beta I am testing on another box, F Prot 4 beta, etc) stop it. A resident AV scanner is all you need as long as it is an outstanding one that is updated very regularly ...preferably many times a day and the only ones I know doing that currently are KAV and BD. Others update once a day (like McAfee) but even with those, if there is an outbreak all AV vendors will release a signature right away. For the short window before they do, that is what heuristics is for.

    There probably will come a day when there are too many signatures for that method to continue to be viable. That day is not yet here. I have full trust in Kaspersky, Bit Defender and others to adapt when it is really needed and I don't think HTTP scanners will ever be the answer except for a few such as NOD32. I am not willing to take the performance hit which is drastic for both NOD32 and KAV HTTP scanners for what is currently no better protection if you use KAV 2006. But if you use NOD32, I agree you better use the HTTP scanner because NOD32 is very slow to update signatures. This is the reason I left NOD32. I did not agree, at the time the decision was made, to put almost all eggs in the heuristics and HTTP scanner baskets. But if you don't have a performance hit, a slowing of your download speed when using the NOD32 or KAV HTTP/web scanners then fine, use them ...just understand that in the case of KAV the web scanner is not needed.
     

    Attached Files:

    Last edited by a moderator: Aug 1, 2006
Loading...
Thread Status:
Not open for further replies.