Rate Detection Avira PE vs Dr.Web 4.33

Yes,you're right,my faultIt's a full LAN driver package.

Much more files than one.
But Dr.Web can not extract only FP embedded archives,he just moved all this package to carantine
Finita la comedia
I'll try to connect with their tech support one more time.

 

ok, do you have a link to the full lan package?

maybe upload it to megaupload.com and share the link, and i will sort it for ya, im sure i can get the fp's from the executable, and i'll send it on for you.

 

oops, double post. my bad?

bla bla *deleted*

like i send, share the package on megaupload or rapidshare and i'll send it to them for you, im sure i will be able to get the file from it but it will have to be tomorrow as im knackered, getting sky installed tomorrow and work in the morning aswell, so its goodnight from me.

 

First, thanks a lot for all the good words. Doctor Web and Avira are not big companies like Symantec, so we are just working hard and hope for the fair play. Back to the topic: make your choice based on your personal experience. The best detection rate is a rate zero of malware on your computer. The best produst is the product what suits best for you, not a tester. This is a reason why all tests are just a direction, but not a decision.

 

I agree. Either one will keep you well protected.

 

Not much of a holiday IMO.

 

Good antivirus does not need houndreads of new definitions every 10 minutes. It usually mean that is missed a lot before that.


I tested DrWeb few times and I did not like it just because of its very frequent updates, every few minutes it freezes my PC for few seconds and when you listen online radio its not something that you want..

Also we never know if company adds real definitions or just dummy files, this apply to all vendors...

I think and I can see that Avira have better detection at the moment. Every time I submit file to VirusTotal I can see the difference.

In my expirience only softwares that detect almost everything are KAV based, Avira, VBA32 and NOD32. All others miss a lot.

4-5 months ago DrWeb was a lot better than today, at that time, it was hard to find something that DrWeb does not detect.

Samples that I use are taken from infected machines that I repair and where installed antivirus software did not detect malware. I think that this kind of testing gives you the most reliable results.

Over 80% of machines had Norton or AVG software.

 

I used DrWeb for about 2 years a few years back. And I swore by it in those days as well. It had all the important features I was looking for in a very light resource friendly package. Back then support was not that great though. In fact most DrWeb issues were worked out here in these very forums at Wilders (as it seemed to house the largest community of DrWeb users). False positives were off and on with DrWeb back then as well. I swore that there were times they released a new build and it would detect a few false positives, and then they released another new build and it wouldn't have any false positives, and then they released another new build and the same false positives I saw in the previous build would resurface! But those are just old memories and really say nothing of the DrWeb of today. Unfortunately I have not had a chance to try DrWeb lately but if what I have been hearing lately about them is true than they really seem to be heading in the right direction.

As for me...
There was awhile I could not justify the expense of maintaining my DrWeb license so i looked more into the free antivirus solutions. AntiVir in particular really caught my eye especially with how much they have improved as far as their detection. In fact if it hadn't caught my eye I could have very well just waited awhile longer and renewed my DrWeb license. But after having used AntiVir for awhile now I could not be happier with my decision to try something new. In fact this thread to me is rather amusing in a way because of my own personal transition between these two products. It was really almost seamless. Both are relatively small antivirus companies, both known for their heuristics, both update relatively frequently, both are light on resources, both have free versions of their scanner, both have a very "cut and dry" interface, both have quite cool looking systray icons , both had/have "bugs/issues" with their realtime monitor, i also started using both at almost the time of their peak performances as far as detection rates in AV-comparatives (though who knows what the future will hold!), and on my system they both even had a couple of the same false positives. The list probably even goes longer than that hah.

But to me these are both very good products. Whichever one you choose you will likely be very happy with your decision. And if not you can always use the free version of the other scanner as well

 

In my expirience, VBA32 as well as Avira was always behind DrWeb32. What about KAV and NOD32 it is only because they are very quickly updates their bases. I think that DrWeb32 have today one of the best detection ratio.

 

Everyone has their own opinion about antivirus scanner, which is the best, which isn't. For about four people you'll find that say avira is better than DrWeb, on the other hand you'll find fuor people that say the exact contrary.
I had some people that attacked me because of my idea that avira is better than avast, but they got infected with avira and avast cleaned infections. Then? Who's right and who isn't? Simply no one. You'll always find something that avira doesn't find and what drweb doesn't find. Everyone talks because of his own opinion and personal tests...so simply installs avira for one or two weeks and then Dr.Web for other two weeks and let you decide which is better in YOUR OWN opinion.
Both are antiviruses well known and secure - I mean, we aren't talking about Kaspersky or ClamAV (without offense to ClamAV team) - so let you decide with which you feel better. Sometimes there are other importants point to judge moreover than detection rate and that influence your personal choice.

Marco

 

@EraserHW
All a moot point if you have PrevX; Right ?

 

@Durad
Sorry, but This statement

Is absolutely meaningless.

And that is just FUD. Really vicious slander unless you can back it up.
I hope some one like IC steps in again.

Ducking for cover now LOL.

 

Well, it's a protection layer added that can gap some holes

Well, jokes apart

The point is more or less the same If someone feel himself ok with Prevx it's cool, otherwise he's free to choose something else

But with Prevx there are some different thoughts to consider, the concept behind Prevx is a bit different from Avira/Dr.Web and other antivirus solutions

 

Exactly!

Interesting thoughts.

Of your checked machines. (Not in the world)

Yes, Indeed.

Yes, DrWeb is high ranked, but keep in mind their high amount of false positives, they consider AOL9 as possible backdoor, hahaha...

Hahaha..

 

Of course sentence would mean "choose Kaspersky OR ClamAV", not meaning Kaspersky is a bad product

 

I agree with you.

The way I test for detection rate is probably the best for the place where I live. I am sure that my results does not apply to other regions of the world and probably some other software perform better in other parts of the world.

 

Their FP rate is low? REALLY Hmmm....not my experience. I installed Avira yesterday and it has been driving me nuts. It has found viruses that are nothing of the sort. Every one of them is a FP. I have heuristics on medium and I'd hate to think what it would "find" on high level. Some of the applications it has flagged, I have gone to the author's site and found comments from the author that ONLY Antivir has chosen to falsely flag the application. Plus, it flags PCPitstop saved tests and other ridiculous stuff. I had to exclude System Restore as the Guard was in there a few minutes ago flagging stuff that is not a virus.

I really like Avira except for this one problem with FP's. It appears to be one of the worst AVs for finding FPs and that is one thing I really hate in an AV. I would never use DrWeb because of its reputation for finding FPs. The one time I tried it several years ago it, like Avira, found all sorts of stuff it said was viruses and all were FP's.

 

And AOL9 is a backdoor to some degree, from a pure technical point of view. Sure, it must not be flagged as backdoor by heuristics, but this happens. Heuristics is designed to know bad guys by some loose characteristics, but it cant use the same signs to distinguish good guys. Heuristics must know them exactly.

A man with a gun is supposed to be bad, but there are people who wear uniform and they are good. Its impossible to believe what anyone wearing uniform is good, bad guys would wear it too, its just not sufficient.

Any heuristics is prone to false positives. No FPs means no heuristics, despite marketing claims.

 

Have used AntiVir Classic for one year now, with all Hueristic Settings on and set at maximum 'High' ("expect False Positives")
and have seen a total of exactly three False Positives, two were obvious and AVIRA responded to the third submitted within two hours.

Perhaps in your situation, you could just exclude your 'trusted' Applications that are being flagged,
remember that System Restore will do an excellent job of restoring genuine malware for you.

Best remedy would be to submit the problem files to AVIRA for removal from future detection for all users.

 

Mele20, please submit the false positives so I can adjust the heuristic accordingly!

 

I hope, as Stefan suggests, you've informed them of these FPs.

If the author of those applications is saying their application is being flagged falsely, one must conclude that:

a) not many people are using it in conjunction with AntiVir

or

b) it's not been reported before by anybody else.

 

Exactly Mele! That´s it.

This leads to confusion, probably we should stop distinguishing between good and bad.

I guess there may be as much bad guys working on good things then good guys working on bad things and reversed. Only because soldiers or police wear uniform this doesn´t mean that they are good. They pretend to be good but also can be bad.

We have to distinguish what creates damage on a system and what not thats essential and extreme false positives (like aol9) are not good for the reputation of a company.

 

I'll submit them. One of them concerns a patcher for TCPIP.SYS for XP SP2 users. I didn't even remember I had used the patcher way back a year ago when I got this computer with XP Pro SP2. My earlier computer had SP1 and I deliberately did not upgrade to SP2 on it and it did not need this patch and that was one reason I did not upgrade to SP2 but then this January I got a new computer with SP2. So, when Avira flagged this, I had no idea what it was flagging. The author has a note at his site about Avira flagging this. I know a lot of folks use this or a similar patch.
http://www.lvllord.de/ Actually, I guess this flagging of this did me a favor. I didn't realize that I needed to reapply the patch and should have done that months ago. So, getting me to go to the author's site to see what it was that Avira was flagging was good actually in that I saw that I should have reapplied the patch after Microsoft's update this past summer. Seems to me that the author would have reported this flagging. Why put a notice on your website but neglect to notify the vendor of the problem?

I haven't used AOL in years but it was my first ISP and I beta tested for them for two years (AOL 6 and 7) and I think it is silly for Avira to flag AOL 9. Flagging something like that diminishes Avira and so far I really like Avira. The GUI is excellent and the default settings are among the best I've seen. Plus, Avira did outstandingly well on the last two AV Comparatives tests so it doesn't need to have negatives like flagging AOL.

How does Avira come up with the names for the viruses? They seem very esoteric to me. Plus, every one that has been flagged on this computer when I click on the link to the database at the Avira website...not one of them is found...of course, they are FP's but they are named strangely seems to me.

 

Mele.... read this (especially the last part)
http://ve.nod32.ch/worms/sobery.php

Infact this patch can make your system instable.

 

We are talking about the same thing. I agree what flagging clean files as backdoor is inappropriate. If this happens, it must be fixed and actually it gets fixed. I just wanted to say what heuristics by the very nature are prone to false positives. Users must be prepared for that and a) either ignore FP entirely or b) send a file to the vendor's support service to get FP eliminated. Pretending what heristics are 100% reliable just does not help.

And another point related to the topic. I personally dont use AOL so as a user I dont care about this FP, but on my system there could be others I would care about. And, most probably, they are, so I'd give several product a try to see what suits best for me. In my experience, there is no absolute winner among top ten products, its a matter of taste.

Sorry, parallels of that sort can be misleading. Lets talk about technical matters, not guns or uniform.