Recommendation beteween DrWeb vs F-Secure

Hi,

Like to know How would be at better election beteween Dr.Web and F-secure, just like buy AV in F-secure don't talk about the Internet Suite, just AV vs AV...In General terms How would be better election to buy ?

Thank you,

 

F-Secure. Has three engines, one of which is Kaspersky. Kaspersky is recognised as one of the best - proven in many tests - ad F-Secure has a dedicated heuristic scanner and another engine as well - so very hard to beat it. Regular updates as well - several each day.

 

Unfortunately F-secure isn't in Jotti's. Jotti's "Last file scanned at least one scanner reported something about" snapshots will provide maybe the best overview to meet the newest nasties overrall. Jotti's is a place where PC-users go, when they have met problems. In Jotti's it's very hard to beat DrWeb today, only Vba32 is at the same level and Kaspersky very close.

Best regards,
Firefighter!

 

For detection only; F-Secure. BUT it is heavy both on resources and memory compared to Dr Web.

If you are on dial-up and have an older machine; Dr Web would be the better choice. Further, it is cheaper to buy and renew.

But the usual advice is to trial the two on your machine.

 

Same opinion

 

Ditto

 

Cant say I have ever had a prob with F-Secure being resource heavy. I have never tried DrWeb though, but found F-Secure no more heavy than many others I have tried. Suggest doing a Google search to find a number of tests to see which comes out best in detecting nasties - F-Secure or DrWeb - look at the results and make your own mind up....

 

Previously, I was comparing the two. COMPARED to Dr Web, F-Secure is both memory and resource heavy. Further, IME, unless you have a new machine it's running processes can cause a drag.

Most AV test sites do not use multiple-engined programs. One of the exceptions is here where F-Secure scores much higher than Dr Web.

However, since F-Secure uses a KAV-engine we would expect it to offer better detection rates than Dr Web, although at the present time Dr Web would be better in heuristic detection

 

VirusP test is bs and should not be used to compare any avs. Look how high Virus Chaser scored against DrWeb(Virus chaser= DrWeb). This has been discussed here before….

I prefer DrWeb over F-Secure because of better heuristics (as BC mentioned).


tD

 

Beware the F-Secure trial! After a very favourable review in a British computer magazine, I decided to try F-Secure Security Suite a while ago. As I was on dial-up at the time, I downloaded the trial at work (T1 line) - it was about 8Mb. When I tried to install it at home, the "trial" turned about to be just a stub (yes, an 8Mb stub!) which, after installing itself and rebooting the PC, then tried to download the actual programs from the F-Secure site. These were about 60Mb (if I remember correctly). There had been no mention of this on the Web site although I did think that 8Mb was a bit small. Of course, I abandoned the download as there was no way I was able to download that much over a dial-up line.

I took the PC to work and connected it up to the network and started the install again. Once it started downloading, I went away to do some work while it downloaded the program(s). I returned after twenty minutes to find it had only downloaded about 4Mb and appeared to have stalled. However, it started again so I went back to my work. After another 15 minutes, it had only downloaded around another 100K so I stopped the install and that was the end of F-Secure for me. (By the way, if you stop the download for any reason, everything is deleted and the installer stub is removed so you cannot stop and restart the installation - you have to start from scratch each time.)

The following day, I got an e-mail asking me to fill in a questionnaire (and offering me a special price) so I thought that this would give me a chance to let them know about the problems I had installing the trial. Unfortunately, no. There were only 5 questions and no box for comments. However, one of the questions was whether I would buy F-Secure and, in an attempt to provoke a response, I replied "no". Obviously no-one at F-Secure reads the results because the only other communications that I got in the following days were three more e-mails, all offering me a chance to buy the Suite at the same special price. Needless to say, I did not take them up on it.

Perhaps this is a one-off case (although I have had other reports of slow downloads from F-Secure) and/or maybe F-Secure have changed their procedures for trial versions (I hope so!) but I thought that I ought to let you know of the problems that I had.

patermann

 

I think that there are not many who claims that some other scanners than those Kaspersky engined ones have the best detection rates. But detection rates are not the only that matters.

Even if you have 99 % detection rate, you may get infected more often than with a scanner of 90 % detection rate. It's only possible because some of those high detection rate scanners are not so good against those newest all kind of nasties. Now I understand why Symantec or McAfee don't let their scanners included in Jotti's for example. They don't update so often as we already know and there are better heuristics scanners available, so after this, they should be only mediocre in Jotti's which is not so good reputation to the market leaders. Unfortunately the good heuristics isn't enough, you have to had excellent signatures update frequency too, that's why DrWeb is my favourite. And that you will see in my last 4 x 100 av-test based on Jotti's snapshots taken on 12.-16. Nov. 2005.

FF av-test 4 x 100 snapshots from Jotti's 12.-16. Nov. 2005:

Det.rate----- Set 1 ---- Set 2 ----- Set 3 ----- Set 4

60.8 % ----- 56 % ----- 59 % ----- 58 % ----- 70 % -- Kaspersky
60.3 % ----- 62 % ----- 58 % ----- 61 % ----- 60 % -- DrWeb 4.33
59.8 % ----- 63 % ----- 58 % ----- 62 % ----- 56 % -- Vba32
44.5 % ----- 51 % ----- 42 % ----- 43 % ----- 42 % -- BitDefender
43.0 % ----- 44 % ----- 43 % ----- 43 % ----- 42 % -- NOD32
38.0 % ----- 45 % ----- 36 % ----- 35 % ----- 36 % -- Fortinet
37.5 % ----- 40 % ----- 33 % ----- 40 % ----- 37 % -- AntiVir
36.8 % ----- 38 % ----- 41 % ----- 37 % ----- 31 % -- ArcaVir
26.8 % ----- 27 % ----- 20 % ----- 35 % ----- 25 % -- AVG
20.8 % ----- 20 % ----- 25 % ----- 18 % ----- 20 % -- ClamAV
20.3 % ----- 17 % ----- 15 % ----- 25 % ----- 24 % -- Avast
17.8 % ----- 16 % ----- 12 % ----- 24 % ----- 19 % -- Norman VC
15.5 % ----- 18 % ----- 14 % ----- 12 % ----- 18 % -- F-Prot
10.0 % ----- 10 % ----- _9 % ----- 10 % ----- 11 % -- UNA

Unfortunately Kaspersky won again because of the last jump of detection, maybe some KAV (or F-secure) fan of here at Wilders started to scan not so new samples by Jotti's? At least the pattern of the detection rate in the last scanning Set 4 wasn't like it was before.

I'm not worried about those detection rates below 30 %, because there are some other factors too why Jotti's doesn't show exactly the right detection, for example Avast didn't find those UPX packed nasties inside Zip/RAR archives in there.

Best regards,
Firefighter!

 

Apart from VirusP's test data, the only other test-sites that I know which have tested F-Secure are at MyCity and CheckVir.

 

This was partly a joke because of those heuristics like detections that the best performers did.

Here are those heuristics like detections.

ProActive (heuristics + behaves like + based + BACKDOOR.Trojan + DLOADER.Trojan + DLOADER.IRC.Trojan + STPAGE.Trojan
+ WIN.IRC.WORM.Virus + gen/generic + modified + probably + variant etc.) detection:

SetSum ---- Set 1 ----- Set 2 ---- Set 3 ----- Set 4

22.8 % ----- 20 % ----- 24 % ---- 19 % ----- 28 % -- NOD32
_9.8 % ----- 15 % ----- _6 % ---- _8 % ----- 10 % -- DrWeb 4.33
_9.0 % ----- _8 % ----- 10 % ---- 10 % ----- _8 % -- Vba32
_4.5 % ----- _9 % ----- _4 % ---- _1 % ----- _4 % -- BitDefender
_2.3 % ----- _0 % ----- _2 % ---- _2 % ----- _5 % -- Kaspersky

After these I think that some of KAV users scanned in set 4. a couple tens of really new nasties by Jotti's, because NOD made it's heuristics record in set 4. Even DrWeb hasn't succeed to add them to their databases.

So, in certain situations KAV engined av:s will take the Award in Jotti's.

Best regards,
Firefighter!

 

Snapshots from Jotti are completely useless imo...

 

Its good to see you saying that.



tD

 

Useless in & of themselves? Possibly. Completely useless when evaluated over time, in conjunction with other cogent & pertinent data? NOT (IMHO).

aloha... bellgamin
P.S. "Completely" is such an omniscient sounding word. Who is omniscient? Not me!

 

No, taking snapshots occasionally is completelly useless.
Those statistics that were present on Jotti page some time ago were the best reflection of AVs (by taking into account that those are Linux versions and that there can be certain % of errors or false positives).
But please don't compare them based on taking snapshots because you can miss loads of detections resulting in even lower score of those that are already somewhere in the middle...

Especially important is the fact that those are Linux versions!
avast! is the best example but yet not the last one. NOD32 also doesn't have Potentially unwanted apps detection under Linux (at least that was the case some time ago). avast! doesn't support majority of runtime packers (opposed to Windows version which indeed supports quiet wide range of runtime unpackers).
And so on and so on...

 

Who said that those samples were taken by occasionally? I took those samples in a row. When those 100 samples were taken, I quitted and took those other 100 set on the next day. I left only those samples over, when it was obvious that someone was scanning different variants or packed versions from the same nasty. From those I took only the first one. Still it took about 4...6 hours to pick up those 100 set. But of course I had to feed my collie too.

How does that add those signatures detectings with NOD when they are within, I my mind not much because they are still "Potentially". The signatures detecting was that part where NOD had their weakness in Jotti's. Slow updating procedure!?

After all this, this will give to you quite good impression how good those LINUX versions of Jotti's scanners are to catch all kind of nasties.

Best regards,
Firefighter!

PS. Occasions when you don't need to feed your collie!

 

Rofl and you think you "catch" each and every scan with your "snapshots". C'mon

 

Why you don't try by yourself. Just reopen the Jotti's page about 10...30 seconds interval, and you'll see it works. Btw, how do you think that I have got 100 snapshots within 4...6 hours, when a single Jotti's scan will take even minutes?

Best reagrds,
Firefighter!

 

From Jotti's site.

"You're free to (mis)interpret these automated, flawed statistics at your own discretion. For antivirus comparisons, visit AV comparatives."