I have used norton and kapersky( had no problems other then constant nagging) recently and found both to be system hogs-although I have a good system with ram to spare, they both were consistently at the top of my process mem usage- I am now using f-prot on a trial basis- and have found it uses quite a bit less mem and way less interruptions. So far so good- But I'm slightly nervous because of its "silence"-Am I being paranoid or does f-prot work just as well as the others?

F-Prot is not one that I have heard either much good or bad about.... It is probably adequate, but I have no great desire to try it... A good antivirus will only make itself known if you have a problem, so the "silence" you note is not a big deal... If you are looking for a good AV, there are a number of threads here discussing the options already...

Thanks Bud, PC world or C-net rated f-prot in top 5......I already use both spyblaster and spybot as well-I guess i am paranoid but know too many who have had major problems. Breathing easier now, 'preciate the links.....

another quick ?....Norton has such a good rep- I hated it and it was screwing w/ several apps (nero recode for one) anybody else have Norton probs? I heard it actually responsible for some major crashes......

Norton has such a good rep :rolleyes:

With who?

You'll find that Norton has been and is thoroughly discussed around here. Different people have different opinions. Rather than retype everything I have ever said about it, I'll summarize and suggest you search the threads...or wait till others post.

The Good (addressing the AV only here):

The AV is good at detection and cleaning

The Bad (addressing the AV, the security suite...whatever it's called, and System Works):

Most everything is bad IMHO for one reason or another...initial cost, subscription cost, sundowning practices, excessive use of resources, next to impossible to uninstall, and now use of rootkits.

Use it at your own risk.

BTW--I use Kapersky and I humbly disagree. The only time it puts any load whatsoever on my system is right after boot when it initializes and checks for updates, when it updates on schedule, and when it scans on schedule. Even then, the load is not one to be compared with Norton. During normal system operation, KAV isn't even using a tenth of a percent of the CPU.

Kapersky and Norton are both currently being challenged for using rootkit-like technology in their programs...

I use NOD32.... Very lean... very effective....

Budfred,

I've read the Norton/rootkit articles. I haven't yet seen one on Kapersky. I'll continue to look, but do you have a link?

This (http://news.google.com/news?q=kaspersky%2Brootkit&hl=en&lr=&ie=UTF-8&sa=N&tab=nn&oi=newsr) is where I started. FYI spelled KaSpersky.

How about that, I've been spelling and saying it wrong all this time. :o Kind of like president Bush and "nuke u lar". Thanks for pointing that out to me. :p

Now to the issue. I don't use Norton products anymore, the only thing I do is remove them as best I can from other peoples' machines. Therefore, I'll only address the product I do use and what I think I know about the technology that is being called a "rootkit" in that specific case.

I'll defer to Budfred's knowledge and experience with respect to what is and what is not a rootkit, but for myself and others who need a clarification, here is what the AntispywareCoalition (antispywarecoalition.org) has as a definition (emphasis added): A set of programs used to hack into a system and gain administrative-level access. Once a program has gained access, it can be used to monitor traffic and keystrokes; create a backdoor into the system for the hacker's use; alter log files; attack other machines on the network; and alter existing system tools to circumvent detection. Rootkits are an extreme form of System Modification Software. http://www.antispywarecoalition.org/

Sony's rootkit clearly did several of those things, unquestionably it created a malware backdoor and security nightmare.

The technology in question that Kaspersky uses, iStreams, as I have understood it for quite a while now:

1) is not used for any of those purposes
2) has as its primary functions use of alternate data streams as a means to gradually speed up system scans and determining whether files have been modified in order to speed up those subsequent scans
3) Kaspersky's use of ADS/iStreams has never been surreptitious, malicious, or invasive. In fact, I read about it a long time ago while investigating alternative AV applications.

As I said, I'll defer to Budfred and people like Russinovich. And I'll make my own disclaimer--I'm not an expert in this field, my knowledge of ADS/iStreams is rudimentary. However, I do think there's a bit of hysteria here that needs to be quelled by someone concretely and objectively defining just what a rootkit really is and does.

That is why I referred to them as having rootkit-like behavior... Neither is actually a rootkit and both can be uninstalled, though Norton doesn't go peacefully.... ;)

Understood, Budfred.

Now that we have thoroughly hijacked this thread, let me try to return it. :p

Here's an interesting blog entry that discusses a test done by Av-Test.org that ranks AV applications purely based on response times (caveat: selecting an AV solution only based on one criteria can be risky): http://blogs.washingtonpost.com/securityfix/2005/12/antivirus_resea.html

You'll see there that F-Secure does pretty well.

thanks for all the input and useful links......I'll post any remarkable results with f-prot if warranted.

We use F-Prot to scan many thousands of emails a day and have had no issues. In tests I have done it scored very well. Nod32, Kaspersky and F-Prot are all very good.