Drweb V5 - A Step Closer....

Some want speed as opposed to something as you say "that actually protects and removes. " In addition, look at the latest Shadowserver stats. The humble Dr. is currently #2 for daily zero day detection, #3 for weekly detection, and #1 for monthly.

Never had any malware with Dr. Web protecting me, so the program is obviously working as it was designed.

 

I rather never get infected in the first place. then have a glorified (we can remove it now that we did not catch it to begin with.exe) remover. but Hey that's rash thinking never let it in the door in the first place. omg what kind of thinking is that.


Also I agree its nice to see them upgrading to the 21st century. adding things that have been out for 3 years now good to see them keepin with the times. will be nice to see them in the list of AV's once again.

ya Kind of like PlaceboAV right ?

 

the way i see it is that drweb creates signitures that 1. protect users from being infected in the first place and 2. removes the infection from already infected machines. so its a win win situation.

 

only argument there. is IF can detect it and if its not a FP to begin with.

 

They've been in the list of AV's since -92. Probably long before some of the dr.web bashers were even born.

 

fp's are a problem for all av companies.
all av's should be able to remove everything they detect.
if a user gets infected before its detected it needs to be removed as soon as possible. 95 percent of users dont have a clue about computers and will have everything on C: and no backup at all. so removal of the malware is needed.
nothing can detect 100percent of malware on a given day.
thats why HIPS are now part of av's to try to detect what the signitures and heristics miss. but if a user say yes to all the prompts then its infected the computer and it needs cleaning.
but if something slips under the rader your av detects it later on and removes it.

 

If a user says Yes to all prompts they may end up with a dead OS instead of a clean OS. I would prefer to never get infected in the first place. and if for some weird reason it gets by my av. Image is a 10 min fix who cares about removal when you can go back to before it was infected..

the avg joe should have some kind of backup whether its the default windows System restore to the many flavors out there of backup's. point is removal should not be that big of a deal. detecting it before it ever hurts the system. Instead of trying to cleaning up something it should of never let in the first place.

 

Hello,
i think your missing the point.
the avg joe should have some form of backup but 99percent of the time doesnt.
think of the removal as a bonus. drweb is very good at detecting malware.
there is no way in hell a program can detect 100percent of malware without fp's,without prompts and without limiting the user in someway.
im being realistic here.

 

How hard is it not to check "Disable System Restore" and that's as realistic as it gets. and just for the record I never said the removal sucked.

 

Sorry but I have read SO MANY posts from you, pracing how important it was for you and how proud you were of kaspersky only taking 10-15 to scan your computer. Maybe you dont care anymore, but then dont come whith these patronizing statements when you have been in the same boat

 

Hello eBBox,

sure, it would be nice to scan a machine in 10 minutes, i admit even i would always want a faster scanner, but still, id prefer a deeper scan, one that finds/cures and removes what the scanner detects, rather than something that scans and does nothing.

if it does not do this, why include a scanner at all?

all the time you see AV scanners stating things like "manual removal needed" or "failed" or AV's simply removing the .exe files and leaving any infected registry/files or whatever you can think of still on the machine, im sure you have seen these yourself, its nice to see a av company taking the scanner seriously by 'doing what it says on the tin'

 

It's not exactly what I call backup, but most avarage Joes buy pre-installed computers, and the big brands always provide some sort of recovery, either with recovery CD/DVDs or a hidden recovery-partition. Of course this means going all the way back to factory settings, but in case of a serious infection this could be the best option - starting all over from a fresh install

 

That is why it's a good idea to separate user data from the system partition. That way, when the system gets thrashed a recovery/reinstall won't affect the user's data (i.e. music, photos, documents, etc.).

 

Lots of big OEM installs come w/ (small) C:\ system partition and D:\ data partition out of the box these days. The recovery doesn't touch D:\ at all.

 

Well no, the recovery partition (if any) is completely hidden, it doesn't have any letter and is invisible from Windows. And all the C:\Documents and Settings\ or C:\Users stuff is redirected to D:\ on these boxes by default.

 

it certainly is not, i own one of these laptops.

anyway, what has all this got to do with Version 5 of Drweb?

 

Folks,

Let's keep on topic - which is Dr Web V5.

If another topic warrants discussion, create a thread dedicated to that point.

Thanks in advance.

Blue

 

I can't understand how so much debate can be made out of some screenshots. The DrWeb 5 tale has been told from 2002 onwards, so my skepticism for *New* DrWeb is very high.
We don't know if it will (actually) run 20% faster or have a decent HIPS or a good network firewall. Speculation done here is akin to the story of the blind men and the elephant !!

But all said and done, DrWeb needs a revamp fast. Its becoming almost outdated in the current scene. Right now, if someone wanted a AV only solution the best deal is probably VIPRE.

Although I lust for a DrWeb 5 with all the bells and whistles that competing products offer today. I am very skeptic, but lets see .... A good ver5 may win many former loyalist (like me) back. Lets see when the prophecy comes true and public beta actually happens.

 

Well as for mysellf I just hope Dr.Web will keep it simple. I hate those Softwares with all these bells and whisles. Usually they only slow down your system.
The GUI from version 4.44 is maybe outdated but it's clean,easy to understand and it does what is suppose to. I have it install on my wife's computer and in two years she never had any problems.

 

Many bells and whistles have become essential now. With such rapid increase in malware, you just can't do without some kind-of-HIPS/Behavioral Protection. Which DrWeb 4.44 lacks, plus http scanning is missing (supposted to be added to 4.70 ), is highly essential today.
I agree, rather be a mess of many things, its better to stay focused and create a solid product AV. But both Av-comparitive(2007) and AV-test (2008 ) have shown that DrWeb is not the king of detection it once used to be. So something like the new fast and efficient anti-malware engine used in KIS/NIS 2009 is a whistle that is needed.

But as you proved with your wife's computer example, DrWeb is still a decent tool. But its slipping, while others have climbed up and new kids like VIPRE and SD-AV have become more mature.

 

i have to disagree, detection rates are improving all the time, certainly not slipping.

more analysts and more signatures (inc removal) are being added these days, in comparision with 12 months ago, so positive improvements are happening all the time.

technology is being developed all the time too to improve currect/future releases of the software.

in the past year, in my view, drweb has improved dramatically.

we know V5 has been a long time coming, but we have had versions inbetween that are better than the previous, its not like we have been left without nothing.

I think alot of people are going to be pleasently surprised with just how much V5 packs, (it wont all be in the beta) and it certainly will be able to keep up with its competition, whilst still 'doing it their way'.

the time is near, dates have been discussed (although i dont know these, so dont ask )

if im allowed to show more, i will soon.

keep up the good work, waiting is a bitch though.....




* Hello to Ljudmilla, if she is reading.....agghh i know. *lol*

 

I do not agree that many bells and whistles are essential. That is what the AV industry and many in this forum want you to accept, but that is not my view.

Dr. Web provides great protection from zero-day threats (go to Shawdowserver) and in fact, betters even the awesome Avira to which I also have a license, in many of the tests. Http scanning has been properly shown that is not essential as well by many in this forum. A good AV will catch anything before it executes- and http scanning can slow down web page loading.

 

Well basically the debate here is which type of bells and whistles one thinks is essential. In my view Behavior Blocking, HTTP scanning and faster n lighter engine are essential.
*Behavior/HIPS - for 0day. DrWeb's Heuristic engine is one of the best in the class. But some HIPS will definitely needed to complement heuristics in the modern networked environment.
*HTTP - since most infection spreads via this medium. And this will be the no.1 method of propagation in the near future ( Its slows system, I agree. But its a needed sacrifice, when using buggy tools like IE,Flash and numerous other plugins/tools)
*Faster/Lighter scan - since HDD sizes have grown exponentially and so people have larger drives. So engines must become light else time taken to finish scans will also become exponential...

Buck, these are my views. You can decide for or against.
But if DrWeb wants a mass appeal product, they will have to create a ver5 which can appease everyone . Including you and me.

 

The thing with Dr.Web's slow scanner is, that it probably doesn't have any limit to how deep it will go in archives.. for example if you have an archive, in archive, that is in archive and that contains more archives that have exe's inside. All are probably scanned.