DrWeb antivius

Discussion in 'other anti-virus software' started by Firefalx, Mar 25, 2007.

Thread Status:
Not open for further replies.
  1. Firefalx

    Firefalx Registered Member

    Joined:
    Mar 25, 2007
    Posts:
    2
    Hello. Your opinion on antivirus DrWeb? At DrWeb and at NOD32 the best heuristic analyzers in the world.
    PS excuse for mistakes, I from Russia and badly know English... =)
    PPS Whether there is a Russian version of a forum?:blink:
     
  2. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    erm,

    well what to say, ... i like it ;)

    dr.webs heuristics are quite good, yet alot of FP's ... although they are working on this dramatically, nod still lead the way in heuristics, also i think bitdefenders heuristics are fantastic too.

    search the forum for dr.web, im sure there are enough posts about it on here were you can find some usefull information.

    here are just a couple:

    https://www.wilderssecurity.com/showthread.php?t=168742&highlight=dr.web

    https://www.wilderssecurity.com/showthread.php?t=169389&highlight=dr.web

    https://www.wilderssecurity.com/showthread.php?t=169120&highlight=dr.web

    https://www.wilderssecurity.com/showthread.php?t=160784&highlight=dr.web

    https://www.wilderssecurity.com/showthread.php?t=164319&highlight=dr.web

    https://www.wilderssecurity.com/showthread.php?t=166653&highlight=dr.web
     
  3. Firefalx

    Firefalx Registered Member

    Joined:
    Mar 25, 2007
    Posts:
    2
    Thanks for the answer. But I wished to hear it here =). I assume you user DrWEB, you used beta version?
     
  4. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    You'll find quite a few DrWEB users around here...:cool:
     
  5. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    yep, im currently using the beta on vista, its working a treat although i have to manually click 'update' to update it at the moment, this will be fixed in the release im sure.

    ive always thought detection to be good, its always kept me safe.... ive always had a 100% removal rate, with no manual removals needed, its low on resources, low on system performance, little HD space needed and updates are very small too at max 15kb, and a good price to boot aswell, especially if you use the 50% off migration offer.

    i know the betas have the new engine in which should increase detection and improved heuristics than the released version, but only time will tell how much more.

    i dont know what else to say, ive already said sooooo much about it on here already, you really do need to search the forum for drweb threads, im sure ive got a few comments in there aswell, or maybe some other drweb users will come on here and give a few comments to you aswell.

    welcome to forum,

    ;)
     
  6. BrainWarp

    BrainWarp Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    287
    I just know dr web runs the best on my comp while playing games.I put kav 6.0 on my wifes comp and i use dr web on mine.When i cruise the net i use avg 7.5 anti-spyware and ghost regdefend also.
     
  7. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    Just don't get infected. Dr Web is good at detection but couldn't clean a toilet - at least that's been my experience with it.
     
  8. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Both Dr.Web and its Asian clone Virus Chaser are IMO very good programs. Their heuristics produces some false positives occasionally, but overall its just fine. :)

    As for Russian forum, you can find the official Dr.Web forums in Russian language:

    http://forum.drweb.com/
     
  9. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    absolute nonsense, ;)

    care to elaborate which sample dr.web detected and could not remove?

    100% removal, and it will clean if its possible, then move/delete/lock or whatever you have it set at.

    i definatly have not had any manual removals unlike some, including the big guns like nod32 and even norton too, with dr.web always 100% removal.
     
  10. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    Not nonsense at all. How can you say that since you weren't present with me to observe the event? As for samples, the list is a little long. I have a log of 336 different viruses that it detected as were still on the system after Dr. Web said it had "cleaned" them. At the same time, I could say the same thing for NOD32, except it didn't detect nearly as many (and many could have been FP's with Dr. Web). In the long run, only Kaspersky, Superantispyware and various other specialized tools were able to get rid of the little nasties. I clean people's computers for a living, so I'm not speaking theory here - I'm speaking of what I see on a daily basis. I know that others have had some success using Dr. Web, and I will take them at their word. As for my own experience, I find that most AV's are good at detection, but very few are good at cleaning after detection. In fact, as far as dealing with trojans and related malware, I have found that AS apps such as SAS, Counterspy and AVG AS are better at removal than the AV software. Of course, a lot of the work is manual removal, where tools such as HijackThis and Rootkit Unhooker come in handy. Also tools such as SSM which help tame the little nasties and kill their processes so you can get control of the computer to work on it in the first place are of immense help.
     
  11. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    isnt cleaning just removing the 'threat' and leaving the remaining file on the system?

    if you want to check its removal, change the settings to DELETE and watch how the dissappear from your system (the ones have havnt already been cleaned) ;)
     
  12. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Cleaning involves removal of the threat, that is correct. The file may be spared if its a virus infection, otherwise the file must be deleted. Cleaning also involves removing all traces of the infection, such as registry entries, startup processes, DLLs etc. I think KDNeese is saying that Dr.Web is not good at removing the traces of malware infection. I have no proof to say whether he is right or wrong on this matter, and hence I will remain neutral. :)
     
  13. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    no firecat,

    he is saying drweb has said the file is "cleaned" yet the file remains on his system.

    this still can be true, with the file cleaned... if he wants things deleted, he really should set the settings to delete, and watch it vanish.

    i really do think he got a little confused with the clean setting, i think he thought clean would just remove the file... end of.

    ive never had any problems with dr.webs removal, its up there has one of the best, such as kaspersky, in trying both... always 100% removal from these 2.
     
  14. KDNeese

    KDNeese Registered Member

    Joined:
    Dec 16, 2005
    Posts:
    236
    I am using the word "clean" in a generic sense, meaning complete disabling and removal of the malware. What I am saying is that even though Dr. Web said it had gotten rid of the malware, the malware still remained on the system and actively fought my attempts to remove it. I know the difference between "clean" and "delete." In this instance, Dr. Web did not disable nor remove the malware. I will have to say, however, that this was a particularly nasty infection, the worst I've seen to date. Think of any piece of malware or any trojan you've read about in the forums or have heard of, and it was on this computer o_O There were several DLL's running in memory that neither Dr. Web nor NOD32 could delete. In fact, none of the AV's could touch a lot of this stuff until I used some other unlocking tools to unhook the malware so the other apps could work properly. Even after using the tools, Kaspersky was the only AV that was able to remove the stuff, and even it couldn't remove everything. I had to use a combination of AV & AS apps as well as other specialized tools (such as Vundofix, Combofix, etc) to get the computer completely clean. The one main thing that bothered me was that even though Dr. Web & NOD32 said they had gotten rid of the junk, it was still there, and the DLL's were still running in memory. In an instance such as this, average users, not well-versed in computer security, would assume that their computer was clean, when in fact it would still be highly infected. I guess that's the main issue with me. A lot of people here at the forums know how to check their systems and are familiar with the various tools available to ensure their systems are clean. The average user, however, would simply trust whatever their AV told them. I mean, heck, the computer in this particular instance had Norton 2002 installed on it, and their subscription had run out in 2003... But's that how savvy the average user is - totally clueless how to protect their computer. I see people in a panic every day because their computers are infected and they don't know what to do. They simply don't understand Internet dangers and the process of becoming infected. In this particular case, the people had downloaded multiple rogue AS & AV apps, and they trusted the apps simply because it contained the name "antivirus" or "antispyware." If people trust those kinds of apps, how much more will they trust an app that has been recommended to them by someone they know (who is also knowledgeable about computers)? So I guess the bottom line for me is I would hate to see a person go on with an infected system because their AV told them all the nasties had been eliminated, when in fact they weren't. I guess dealing with people every day and seeing their shock when their systems become infested and useless has made me a little more critical than I should be. Anyway, there's really nothing more I can say. I've simply stated the facts as I have observed them.
     
  15. BrainWarp

    BrainWarp Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    287
    I am a believer in kaspersky.But i do like the way dr web runs on my computer while in games.I would not cruise the net without avg (ewido) 7.5 and regdefend by it's side though.

    I would like to know if there is a way to install kaspersky on my comp without having to delete dr web.Would like to use kaspersky for on demand scans.

    When you install kaspersky while dr web is on the computer,it will not continue untill it deletes dr web.
     
  16. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    if you want kaspersky for on demands, why not just use their online scanner?

    as for drweb and nod32, if it said its cleaned it... it has ;)

    ive never had any problems with dr.webs cleaning/removal of anything, and ive tested it against the biggest viruses out there, sure if you look at the tests... sure, people can say dr.web could be better on detection, but for removal, is up there with the best in my opinion :)
     
  17. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Completely agree :thumb:

    This is also my experience over several years of use.
     
  18. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Mine too! ;)


    tD
     
  19. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    Likewise here and you betcha...:cool:
     
  20. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    cool, i actually said something about dr.web that some people 'agree with' :D

    let me enjoy this moment *lol* :p
     
  21. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    i was just reading the drweb manual and it seems that the NT version of drweb can show alerts when it updates etc etc which is what i would want.
    so once i install windows 2k pro i will install dr web and enable those notifications and see how it goes.
    lodore
     
  22. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    dr.web should show you a bubble when it updates automatically anyway, even without the notifications enabled.

    it did on XP, although it doesnt on the vista beta.... although im sure it will when they fix the automatic update thing for vista.
     
  23. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    ok thats good then.
    all windows versions from window NT upwoulds aka NT,win 2k pro and XP use the same spider guard.
    windows 95/98/ME use a different one.
    so it will be imteresting to try the proper version drweb
    lodore
     
  24. shorty1

    shorty1 Registered Member

    Joined:
    Oct 20, 2004
    Posts:
    97
    Location:
    Vermont
    I'm quite sure the "update bubble" default setting is to show after updates because I have to disable it after a new install. This is done by editing the drweb32.ini file -- under SpIDerGuardNT -- Acknowledge = No
    Me no like the darn thing. :)
     
Thread Status:
Not open for further replies.