Considering of buying Dr.Web AntiVirus

Discussion in 'other anti-virus software' started by LethalBoy, Feb 8, 2009.

Thread Status:
Not open for further replies.
  1. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    I second all comments made by Tiag that you quoted here. Ill put my money anyday on the results of a zero day malware tester instead of marketing(Symentec,etc.) n public opinion (mislead in most cases) :thumb:

    Ontopic: Dr.Web does a heck of lot better then most av's so yes its certainly not the worst ;)

    btw: Where did Solcroft go?
     
  2. Miyagi

    Miyagi Registered Member

    Joined:
    Mar 12, 2005
    Posts:
    421
    Location:
    Honolulu, Hawaii
    Nice classical setup! Now you need a firewall *&^*roach to compliment the family of bugs in the tray. LOL. :D
     
  3. tiagozt

    tiagozt Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    331
    renegade08,

    "But you can't judge solely from response to yours submitions that products are good or bad."

    Of course I don't judge an AV because of it's response only.

    If a person come here and ask if anyone can recommend some AV this person is probably ready to read something like "I don't because..."
    I gave my opinion...

    About my previous topics, thank you for the historic. I don't see wrong recommendations. I'm not in security market and I have no relationship with AV companies except the fact that I send some samples to F-Secure (usually) and sometimes to Kaspersky and Avira.
    When I say something about an AV it's because I really tried and used it for a while.
    I think security market is very dangerous and if we had a serious organization to control the quality of AV software a lot of them will not pass and maybe will have their companies closed.
    When someone ask me about AVs I say my opinion and it's based on objective and subjective factors.
    If I can convince someone do change from a poor AV (in my opinion) to a good AV (in my opinion) I'll do it.
    I showed to a lot of people how poor some AVs are. Some people think their computers are protected while they are not.
    I'm not a dictator and if a person wants to use Avira, Kaspersky, UNA, Symantec, Avast, Dr.Web.... I really don't care... but if anyone come here to ask about AVs I think it's a good opportunity to show what I think about some AVs and try to convince to use a good AV and no poor AVs.
     
  4. renegade08

    renegade08 Registered Member

    Joined:
    Aug 26, 2008
    Posts:
    432
    Hi Tiagozt,

    Each person is entitled to his own opinion. You are. I am also.

    You are giving you recommendations. That maybe a good thing, regarding that you have some experience about certain products and knowledge for others products from reading the users comments.

    But what if a newbie comes here?

    From yours recommendations seems that all the AV's are bad.

    From 15 posts for about 15 different products, you are saying that all of them are bad.

    I can agree for most of your posts, but not for all of them. There are several reasons for that.

    For the truth you have one good recommendation.

    https://www.wilderssecurity.com/showpost.php?p=1323656&postcount=4

    Yes, PR and marketing are selling products.

    But my point was to getting out of the box and seeing the wider picture.

    Those three Av's (Avira, Kaspersky and F-Secure) are probably in the top 5-7 AV's.

    You have tested probably many AV's and those three are best.
    From yours testings you can find which products are performing good, but can be that for the fact that those products are good in the region where you live and by the samples that are spread in your country and region.

    But not everyone lives in Brazil.

    I'm not saying that those three Av's are worst in other countries or in the world, but there are exceptions.
    Yes Avira and Kaspersky have high heurictics and detection of zero-day malware.

    But what if some one doesn't want to use those 3 products, they aren't performing well on his machine or he just wants to use free AV?

    There are 1 Billion internet users in the world. In Brazil are 67 million users.

    And what with other users that don't live there. That's about 94 % of the rest of the world.


    Let's suppose that someone lives in Asia (maybe China or other country).
    Detection rate of Avira and Kaspersky overall is far more superior than Chinese Av's.
    But probably Chinese Av's are adding definitions for new samples that appear there faster than other AV's.
    So this means that by using some of those(chinese Av's) person that lives there can be protected better.

    What happens if that person want's to use free AV? Let's say if we exclude AVG and Antivir.
    What are alternatives.

    Can you name at least 2-4 free Av's that you mean that are good (Without including AVG and Antivir).

    Also can you name 4-7 paid AV's except Avira, Kaspersky and F-Secure that you have tested and that by your perception are good.

    I would be glad to hear your recommendations.


    What happens in some person lives in central or eastern Europe?
    And what if there Avast (free) is better than other AV's.
    Or Possible BitDefender?


    Same can apply for every specific continent, region or country.
    There is no perfect AV.

    If you observe here you will find that most of the users are choosing AV's and security programs generally regarding the facts: consuming of PC resources, conflict with other security programs or other software on the machine, then, there is the detection rate, impact of internet gaming(if someone play games) and so on.


    This would be my last post regarding the fact that these is not the place for this. I don't want this threat to be closed and i want users to get answers concerning Dr.Web. Whether those comments are good or bad.

    You can reply once more to me if you want and i suggest to let people to rest from us by this kind of comments.

    Further communication would be by P.M's.
     
  5. yashau

    yashau Registered Member

    Joined:
    Oct 13, 2008
    Posts:
    151
    I use their CureIt! program extensively to clean out infected PCs. I love it. Most antiviruses developers these days I think are trying to raise the detection levels but sometimes they overlook their cleaning ability. It's a good thing and a bad thing I mean if you install them on a clean PC it doesn't matter much but for installing on an infected machine nothing beats Dr.Web in my honest opinion. It's cleaning abilities are off the charts. You've made a good choice in going for it :)
     
  6. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    I use the Cureit plugin on UBCD4Win on badly infected systems and there's no doubt in my mind that it is very good at cleaning the crap out.:thumb:
     
  7. tiagozt

    tiagozt Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    331
    renegade

    "From yours recommendations seems that all the AV's are bad."

    If you get a big list of security software like the list used by virus.gr test (only the list, ignore th results) you'll see that almost all have poor detection rates. So I really recommend Avira, F-Secure, Kaspersky and maybe Twister and Ikarus if false positives can be controlled. I really think that using almost all other AV softwares is not a good choice. I prefer to say "don't use an AV" than say "use AV X". As I said before... don't use a medical drug is better than use an inefficient/wrong drug.
     
  8. SergM

    SergM Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    236
    Location:
    Saint-Petersburg Russia
    Nobody cure better than DrWeb
    It is real. And it is undoubtedly
     
  9. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    To cure very well, you also have to detect it, and drweb is 2nd to nobody at this, so I'll never understand people saying drweb has poor or even average detection :)

    It cleans thousands of pcs a day, worldwide ... With customers using all the av's.

    This shows drweb does detect the real in the wild stuff, that people are actually recieving, I'll never understand the bashers of drwebs detection rates, it's proven itself alot more than others :)
     
  10. Zimzi

    Zimzi Registered Member

    Joined:
    Jul 10, 2005
    Posts:
    289
    Does it mean that Dr.Web will be back to some of greatest antivirus comparative tests? ;)
     
  11. SergM

    SergM Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    236
    Location:
    Saint-Petersburg Russia
    See this "news" http://news.drweb.com/show/?i=83&c=5&p=5&lng=en

    "However, we are watching over the evolution of testing methods very closely and are sure to rejoin as soon as they are up to the present day requirements for anti-virus security".
     
    Last edited: Feb 13, 2009
  12. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    Agree 100%.


    A the end, this is what matters. The "how long does it protect me without getting infected" as well as things Renegade mentioned.

    Tests, have one big flaw. That they don't tell how the tester's sample collection, relates to the real world. An av may detect a sample that others don't. But, what if the prevalence of that malware in the real world is so low, that it becomes negligible? What if that sample is too old and isn't in the wild at all anymore? Who controls that? Nobody. On the other hand, what if an AV that has "bad detection" has 99% detection on the malware that most likely someone will encounter in real life, because they have medium-high prevalence? In that case, wouldn't its user be reasonably well protected?

    I also saw the other day, i don't remember which test, saying that from the missed samples, the tester would submit 20% to the vendors. Great. It's all about business at the end. A tester can cherrypick what to submit and for example, keep ultrarare samples or too old, that newer AVs couldn't possibly have and continue to penalize in every future test the same AVs. I mean, i may have in my collection a malware of 1999 that already then was very rare, today you can't find it. An AV that went into business in 2006, has a good chance of not finding it in the wild ever. So it will keep getting lower scores in the testers' samples until the tester removes the sample. But the most crucial of all, is exactly, the "how does the tester's collection relates to the real world". If say Dr. Web finds and cleans most of the malware that circulates with a noticeable frequency, but has lower rates on samples that curculate rarely or are almost in-the-zoo , the final rating of the test, won't be representing the capabilities in the real world of Dr. Web.

    Or as Renegade said, does the malware collection represent faithfully a global coverage, or is it more based on a certain geographical area? Is the malware frequency in China the same as in Britain and how is this represented in the collector's collection? Usually , the collections have simply all the malware that the collector managed to collect and of course will reproduce better his geographical area or that of his contacts-fellow collectors with which they exchange malware. This would explain also, why for example in russian tests, russian AVs score in the first places (honeypots in Russia, will most likely catch malware that Russian AVs are good in detecting). And of course there's the issue of the static testing, which today (and "yesterday") isn't representative of real AV capabilities. How can you test an AV with behaviour blocker for example only on demand?


    Anyway, i am not a believer in signature-based products or in tests, cause in the end, they 're part of a business and serve as promo too. I also follow criteria mentioned by Renegade and certainly don't expect from the AV to save me always (that's what other layers are for). Just my thoughts.
     
    Last edited: Feb 13, 2009
  13. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    And i can't help thinking what would i do if i were a tester... I would make a huge sample set, which of course, would imply containing very rare malware. I would also make sure to put in it in-the-zoo or almost samples, that very few would be able to catch. Who controls me anyway? And honestly, as a tester, i should somehow find the malware, that many AV companies with various employees can't find. Now this mustn't be too easy. Either i must be really good in finding malware that 30 people can't find or i must include malware that well, is unlikely that will circulate widely. Throwing some in-the-zoo inside would sure help me. This, to increase the difference between AVs. I mean, if the 10 more known AVs out there, were to score all of them, between 96 and 99%, what would be i doing? There wouldn't be any need for me! And my test couldn't serve as promo to most either...

    So, i 'd use a huge collection, with many ultrare samples too, to increase distance between AVs. Of course this wouldn't be a good index of the product capabilities against the malware that the user is most likely to encounter. But, hey, i must think of my usefullness too. I mean, in one of the latest tests in this forum, the sample size was over 550.000 if i remember well. What is currently the prevalence of each malware inside that collection? For a good percentage of it, i would imagine very low to inexistent. Probably for some of them, it was always like that. But it's always useful to include them...


    I know, i know, Av testers, aren't as evil as me, so they are all honest. :D
     
  14. yashau

    yashau Registered Member

    Joined:
    Oct 13, 2008
    Posts:
    151
    While AV tests like av-comparatives and AV-Test.org tests can give a basic idea about it's effectiveness the real life experience is what most matters.

    I think AV-Comparatives will be doing some dynamic testing in the future and that will become a really good test. On demand testing of a folder full of viruses isn't at all something to be impressed about. :)
     
  15. Fuzzfas

    Fuzzfas Registered Member

    Joined:
    Jun 24, 2007
    Posts:
    2,753
    I agree. When you don't know how the malware collection reflects on malware's chances in real life, it becomes an indication of product robustness, but the final result, isn't necessary meaningful. For example, i may test cars for windshield's resistance. Car A may withstand the hit at 100 km/h or small rock, bird, cat size animal. Car B may show that can withstand the hit of all the above, plus meteorite shower, deer size animal at 100 km/h, huge rock. Result: Car B is 50% safer than car A. Problem is, in real life, what are the chances that my car's windshield will encounter a meteorite shower, deers or huge rocks? Very slim, to negligible. And this makes the "50%" difference, null and void. An almost theoretical issue, while the most real world difference would be much slimmer. The same problem applies to AV tests.

    And as i said, i can't help thinking, of how AV testers, manage to find so much more undetected malware, compared to companies that have an entire bunch of people paid to search everyday for undetected in-the-wild malware. Makes you think, how much really widespread and in the wild, the samples of AV testers really are, so to arrive to "550.000" samples in a single test. Maybe this also explains why Dr. Web is often scorned in tests, but people who actually clean PCs in real life scenarios, think highly of Dr. Web... You can't have a product that is at the same time crap at tests and good in real life. One of the 2 must have some quirks.

    From AV tests, i usually compare more and arrive to a conclusion about relative strenght. For example, i do believe that Avira is currently the best. But, tests don't tell me anything about real world capabilities. I believe that for the malware that one is likely to encounter in real life, most reputable AVs do a fine job and would be more interested in response times, zero-day capability, lightness, etc.
     
    Last edited: Feb 14, 2009
  16. yashau

    yashau Registered Member

    Joined:
    Oct 13, 2008
    Posts:
    151
    Another good example would be Malwarebytes'
    I'm pretty sure if AV-Comparatives did a test that included MBAM it wouldn't even get 30% but still there's a reason why it's in the top 3 apps I install on infected machines (namely being SUPERAntiSpyware,Dr.Web CureIt and MBAM). There's no perfect AV but some apps do better at some things than others. Exactly why having a single security app installed on your system isn't smart. :)
     
  17. format_c

    format_c Registered Member

    Joined:
    May 6, 2008
    Posts:
    116
    if you want to lose your important files got infected - use Kaspersky derived AV's or Avira. if you want to have your work safe don't be so ads duped.
     
  18. krokodil_bb

    krokodil_bb Registered Member

    Joined:
    Oct 13, 2007
    Posts:
    86
    Location:
    BB
    Dr.Web is very good in detecting and cleaning russian of malware, but if you not living in russian country then overall detection ratio is not stable and very problematic.

    Even if home users wants to help drweb and uploading samples, drweb processing it for more than x weeks or ignore it.
    Translate their forums - users must write again on forum about samples already uploaded long ago:
    http://translate.google.com/transla...m/index.php?showtopic=4084&sl=ru&tl=en&swap=1
     
  19. format_c

    format_c Registered Member

    Joined:
    May 6, 2008
    Posts:
    116
    it's not truth mostly. AV vendors do exchange of their malware collections.
     
  20. tiagozt

    tiagozt Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    331
    I agree... When I say Avira, F-Secure and Kaspersky are TOP3 detection I say it about real brazilian detection. Dr Web here have poor detection rates... SYmantec, McAfee, ESET and Avast also... These other AVS can be good in their countries but not here and probably not worldwide. The TOP3 are very good worldwide...
     
  21. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,148
    Unfortunately i have to agree with you :doubt: . I am from Brazil too and Avira , F-Secure and Kaspersky are the only ones who really make a good job against the trojan bankers made by brazilian criminals. Serious Avast , Avg , Nod32 were/are a joke against these malware .
     
  22. Zimzi

    Zimzi Registered Member

    Joined:
    Jul 10, 2005
    Posts:
    289
    Is it possible to get some of these sophisticated brazilian malware (trojan bankers made by brazilian criminals). I would appreciate if someone could send me some samples at the ~Address removed.~

    Muito obrigado :argh:
     
    Last edited by a moderator: Feb 14, 2009
  23. Nightwalker

    Nightwalker Registered Member

    Joined:
    Nov 7, 2008
    Posts:
    1,148
    I didnt say that they are "sophisticated malware" , only that some antivirus companies dont do a good job detecting their.

    See http://forum.avast.com/index.php?topic=41640.0

    If you are talking serious I can send some malware to you .
     
  24. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    79,920
    Location:
    Texas
    We do not share malware here. Any samples should be sent to the respective anti-malware companies.

    See the Terms Of Service for using the forums.
     
  25. icr

    icr Registered Member

    Joined:
    Sep 6, 2008
    Posts:
    1,589
    Location:
    Mumbai
    I think LethalBoy is trying or have bought Dr. Web so i think there is no need for this topic to be open anymore:argh:
    GoodLuck lethalBoy :thumb:
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.