- Aug 28, 2015
- 801
I may need to start checking out some other av's again if that is the case. Thanks for the confirmation.
F-Secure SAFE 18.2
- Thread starter Anthony Qian
- Start date
It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
I may need to start checking out some other av's again if that is the case. Thanks for the confirmation.
- Feb 17, 2018
- 870
Yesterday on a brand new laptop with Windows 11, F-secure failed to load / update the Capricorn engine.
After reinstall and try again, same issue. Uninstalled it and gave her one of my licenses from my used AV.
So bad, she bought F-Secure. Thinking to ask for refund.
After reinstall and try again, same issue. Uninstalled it and gave her one of my licenses from my used AV.
So bad, she bought F-Secure. Thinking to ask for refund.
- Dec 7, 2021
- 630
- Feb 17, 2018
- 870
Nope, its a brand new laptop, Win 11 pro. Just asked for refund. Like mentioned before, i also think F-Secure will be abandomed product soon.Have you contacted support? Or maybe the forum?
- Aug 12, 2014
- 165
There is always going to be some lag time between when Avira releases a new signature and F-Secure deploy it since they need to process it.
The lag time doesn't seem to bad Avira VDF History got 3 updates at the moment for 3rd May, F-Secure Capricorn (Avria) F-Secure Latest Database Updates for F-Secure Capricorn is also showing 3 updates for today.
The lag time doesn't seem to bad Avira VDF History got 3 updates at the moment for 3rd May, F-Secure Capricorn (Avria) F-Secure Latest Database Updates for F-Secure Capricorn is also showing 3 updates for today.
- Apr 17, 2021
- 454
Yeah. Sometimes, F-Secure Capricorn engine will only be updated 2-3 times a day. I noticed in April that the F-Secure Capricorn database engine numbers were not consecutive, meaning that F-Secure seemed to skip several virus database updates.
- Aug 12, 2014
- 165
I see I only had a quick look at the versions, I wonder if other vendors that use also use Avira skips databases as well.
- Apr 1, 2019
- 2,868
Doesn’t F-Secure also license the Acura cloud? Which means a local database isn’t the only layer of signature protection.
- Apr 17, 2021
- 454
You mean APC? If so, yes. But the priority of APC for Avira Antivirus pro and F-Secure seems to be different. Avira's own paid products have higher priority.
Also, Avira engine isn't a pure cloud-based detection engine. Detection database matters. That being said, F-Secure has its own cloud but I am not sure if it can close the gap between databased updates.
This has gotten really hard to test in the last few weeks. The "fsmind" online signatures have started adding automatic signatures for the popular malware analysis sandboxes under the ".abch" (abuse.ch?) suffix. You can trivially change the hash of the binary to bypass this online detection to test how the other engines react but this isn't easy to do with all obfuscated PE malware.
- Apr 17, 2021
- 454
Haha. Interesting.
I've always been curious about the meaning of ".abch." "abch = abuse.ch" is a good guess. Btw, I've seen ESET's detection name (GenCBL) became part of fsmind detection name in the past. As far as I know, GenCBL is ESET's unique detection name, which means Generic Certificate BlackList.
It's just a guess for me. All of the easy-to-get samples off of the Malware Bazaar seem to trigger this detection as soon as they render a verdict so it just feels to me like F-Secure is scraping these malware submission sites and automatically adding known bad hashes. It's not a terrible idea for zero-day detection but it does make a product look stronger than it is. Not very different from the vendors that used to watch Kaspersky on VirusTotal.
BTW does anyone have a license of WithSecure or know where to purchase it from? I'm more curious to see if we will have more deviations between their enterprise and consumer product. So far IMO the indications are weak that F-Secure consumer has gotten worse since the de-merger, but it will be more telling if WithSecure starts getting better production while F-Secure waits in a holding pattern.
- Apr 17, 2021
- 454
You mean McAfee?
McAfee seems to constantly monitor VirusTotal and when ESET and/or Kaspersky add detection for a sample, it will too.
- Aug 28, 2015
- 801
No but I wish I did. Being that it is geared towards Enterprise I am not sure we can get our hand on it. Kind of like CrowdStrike.
Yeah, same boat. I use a lot of enterprise products (Ruckus wifi, Fortinet firewalls/filtering, etc) but the last time I tried to buy F-Secure PSB it was really hard to give them money without being on calls with a sales person who didn't provide a clear path to how to simply buy a single seat of the software. I gave up.
- Aug 28, 2015
- 801
That is nice you are able to use some enterprise products personally. I tried here and there over the years but ended up like you, stuck with a sales person who had zero interest in selling to me. What is your av of choice then? A Fortinet endpoint client?
I currently like F-Secure SAFE and ESET. I don't find myself needing the functionality of Fortinet or other endpoint managed AV.
- Aug 28, 2015
- 801
Both are excellent products.
- Mar 19, 2022
- 652
A similar practice is used by Arcabit / MKS_Vir to block such sites. Apparently it's better to block access to the site right away than get infected by taking samples.
With Arcabit I couldn't access Malware Bazaar with the program running. To download samples I had to turn off the software completely - which is not a good idea.
Similar threads
