Two questions on Dr. Web

Discussion in 'other anti-virus software' started by c0ltran3, Jun 5, 2004.

Thread Status:
Not open for further replies.
  1. c0ltran3

    c0ltran3 Registered Member

    Joined:
    Nov 8, 2003
    Posts:
    172
    I'm very fond of Dr. Web.This program can detect much more trojans than other AV (except KAV). On the other hand it fails in detecting other kinds of malware.
    I'd like to know:
    1) what is the best program (AV or AT) I can use together with Dr.Web to make up for its lacks;
    2) using Dr. Web with ewido free a and a2 free am I safe enough against trojans?

    Thanks for your answers.
     
  2. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    DrWeb is my favourite too. Unfortunaly I can't use DrWeb and KAV 5.0 at the same time in my WinXP Home system, neither with DrWeb as a resident nor KAV 5.0 as a resident scanner.

    If u have a broadband connection, u can use eScan Free as your backup scanner. EScan (KAV engine) is capable to detect those other nasties that DrWeb can't - Constructors, Keyloggers, Polymorphic Engines, TrojanDownloaders, TrojanDroppers, VirTools etc. Unfortunaly eScan Free can't update, so u have to download the new version every time u scan, but it doesn't take so long with a broadband connection. Here is the link.

    http://www.mwti.net/antivirus/free_utilities.asp

    If u want an add trojanshield, BOClean is the best install and forget solution.

    Best regards,
    Firefighter!
     
  3. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Care needs to be taken with the suggestion that Dr Web and BOClean are a good combination as some people have suggested that there are conflicts between the two at least on some systems;

    https://www.wilderssecurity.com/showthread.php?t=20130&highlight=BOClean

    https://www.wilderssecurity.com/showthread.php?t=20833

    In fact, Firefighter you were one of those Dr Web users who stated that these 2 programs may show conflicts and you were therefore switching to TrojanHunter!!

    If you carry out 'safe hex' and do not visit porn sites, or use P2P or download from warez sites etc, the chances of you picking up a trojan are greatly diminished and therefore Dr Web should adequately cover this area of malware. If you do carry out any of the above, a good compatible AT would be a good addition to a layered defence. And if you can afford it, one of the 'Big 3' commercial AT's would be a better bet than one of the free ones.

    I agree with Firefighter in that KAV may be a good backup if you can run the two together happily on your sytem.

    Alternatively think about using Process Guard, rather than an additional AV/AT
    ;)
     
  4. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Maybe adding F-Prot DOS (free) would be a good idea since it could improve ZOO virus protection on your machine.

    I am myself using DrWeb alone and it does fine job overall. As you probably know by now, DrWeb employs very strong heuristics and detects a fair number of Trojans without updates.

    I'd prefer commercial program such as TDS

    Note: DrWeb 4.32 will be released at the end of June. This version will bring some improvements (nothing major) so heads up.


    tECHNODROME
     
  5. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Technodrome and I posted simultaneously :D

    I too use Dr Web by itself on this laptop as my only AV/AT together with the full version of Process Guard and I consider myself well protected against most malware.

    Thanks for heads up on new version of Dr Web, Technodrome.
     
  6. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Sure BC. :D


    tECHNODROME
     
  7. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    dear c0ltran3, first let us know what kinda protection do you need? from regular viruses and worms or trojans and malwares? DrWeb is a very good choice but if you are using NT platform then i should warn you that the Spider guard is not at its best in this platform. F-Prot (DOS) is a very good freeware and so is the new AntiVir PE. if you can shell out some quids then you can try better options. but as Blackcat has pointed out depending on your surfing habits you should choose the product.
     
  8. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Be specific and tell us why?


    tECHNODROME
     
  9. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas

    F-Prot for DOS is not useful on NT based systems.
     
  10. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    i thought you knew. i already wrote about this somewhere in this forum. anyway Spider Netting doesn't work, you can't do an immediate shutdown in case of detection and the boot floppy scan doesn't work. i'm worried about the first problem.

    yeah Ronjor i know but in case c0ltran3 is using a Windows 9x system i have to tell him.
     
  11. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    I knew about that. I don't think that is a problem at all. Virus can't bypass Spider since it won't let you to execute infected file.


    tECHNODROME
     
  12. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    Spider heuristics + Code analyzer = good protection.
    Spider heuristics without Code analyzer = o_O
     
  13. AgentX

    AgentX Registered Member

    Joined:
    Dec 25, 2003
    Posts:
    44
    Location:
    The Intarweb
    I've played with DrWeb on my XP system in past. My experience was not very positive
    and I quickly ruled out DrWeb as one of my future AV purchase options. SpIDer Guard
    doesn't seem to be well tested or even primarily designed for NT/2000/XP platforms.
    The installation program refuses to install SpIDer Guard on Windows 2003 Server
    platforms, which reflects the lack of trust the programmer has ...in his own program.

    Furthermore, the Guard does not check the files when they are executed, in so-called
    Smart mode. Only if user enables the given option to check executing files, the
    on-access scanner takes care of them. Remember that enabling this option make the
    system crawl. Believe me, I have the first hand information as a trial user.

    Overall, DrWeb on-demand scanner is definitely a very good one, but the on-access
    SpIDer Guard needs to be re-written with now-mainstream NT/2000/XP systems in mind.

    Regards,
    AgentX
     
  14. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    after a full system scan, smart scan is the smart choice. you're right about the system slow down if you don't use the smart scan. a different new version for Server 2003 is on the Anvil. but the Spider Netting was the real cool cherry. i hope they get it up and running soon.
     
  15. c0ltran3

    c0ltran3 Registered Member

    Joined:
    Nov 8, 2003
    Posts:
    172
    Thank you for your answers.

    1) I'm using XP Home. At first I thought that BitDefender free or Command Antivirus could be a good complement to Dr.Web for a basic protection. What do you think about?
    2) My knowledge of Process Guard is short. I've been using Abtrusion Protector: is it the same ? Or what's the difference?
     
  16. c0ltran3

    c0ltran3 Registered Member

    Joined:
    Nov 8, 2003
    Posts:
    172
    Why are there conflicts between Dr.Web and Windows XP?
     
  17. c0ltran3

    c0ltran3 Registered Member

    Joined:
    Nov 8, 2003
    Posts:
    172
    Thank you for your answers.

    1) I'm using XP Home. At first I thought that BitDefender free (or Command Antivirus) could be a good complement to Dr.Web as a basic antivirus protection.
    2) I've got a bad knowledge of Process Guard. I've been using Abtrusion Protector. Is it the same?
     
  18. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    dear c0ltran3, XP uses NTFS filesystem where Windows 9x uses FAT32 filesystem. thats why programs which runs fine on the 9x system might throw up in XP. there is a workaround for this in XP but thats not fullproof. anyway Spider Netting was designed mainly for the FAT32 filesystem. Command AV and BitDefender both are good but i'll recommend BitDefender AV. mainly because its free. but it doesn't have the resident scanner.

    Abtrusion Protector is a fine pice of software but its always memory resident. its not a good idea to run it with any Antivirus software. alone Abtrusion Protector is not a good choise but if you back it up with the free version of BitDefender you can have a secure computer. i'm assuming that you have the basic knowledge of safe computing. i'm guessing you are using the personal edition of Abtrusion Protector. isn't it? anyway its very different from Process Guard.

    Process Guard protects your system processes against tempering where Abtrusion Protector is like a firewall between you hard drive and memory. it only lets you run legitimate programs.
     
  19. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas

    Bitdefender free uses resources even though it does not scan in real time.
    Somewhere out there, a fix for this is available.
     
  20. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    i don't know about that fix but i do know for sure that the resident part isn't on-access scanner. its just the BDMCON.EXE and some DLLs. BitDefender management console is always resident necessary for the updates and firing up the on-demand scanner. the resource hogging is thus low.
     
  21. c0ltran3

    c0ltran3 Registered Member

    Joined:
    Nov 8, 2003
    Posts:
    172
    Why? I usually use AP with BitDefender free without any problems.

    Yes, I'm using AP Personal Edition.

    Command Antivirus can be installed only with the scanner on demand, without resident protection.
     
  22. c0ltran3

    c0ltran3 Registered Member

    Joined:
    Nov 8, 2003
    Posts:
    172
    I also use a AV resident protection with AP without any problems.
     
  23. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    To Blackcat from Firefighter!

    In my mind I have resolved the problem with DrWeb and BOClean together. I have excluded BOClean folder in DrWeb's scanning objects and added all DrWeb exe files to BOClean's Program Excluder. Only DrWeb's memory scanner doesn't start automaticly if I remember right. But that doesn't matter, because BOClean has a memory scanner.

    About DrWeb, it was the third VIRUS scanner in my own tests some weeks ago against about 840 viruses, when McAfee 7.03 was the winner and KAV 5.0 was the second.

    Best regards,
    Firefighter!
     
  24. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    look c0ltran3 memory resident things like those always revector some interrupts and more than one such program can start a tunneling war. i used McAfee and PC-Cillin simultaneously with no problem. its not that you'll always have problem. but there are lots of chances that might cause you a lot of trouble. so its sensible to use only one resident protection. if you wanna argue then i won't reply. its my suggestion, take it or leave it.
     
  25. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    DrWeb never fussed about starting Spider on my system. anyway DrWeb is an AV where BOClean is AT. so the memory resident portion of BOClean is not as good as Spider.
     
Loading...
Thread Status:
Not open for further replies.