What's up with AV-Comparatives

Thanks for the laugh Fajo.
Definitely a good one.

On a serious note.
After trying many of the top av's and having had licenses to a few, I would have to agree with the consensus here, that at this time, Avira would be my av of choice.

 

anyone know why AV-Comparatives does not test Dr web

 

Drweb consistently performed badly in those tests and so of course they dropped out claiming the tests were flawed.

Typical drweb.They suck and they blame it on the tests.

 

It's not the "why" it is the "that". Until I see some AV beat them on a consistent basis for detection, I will stay with Avira. The others are just not good enough.

 

Losers always rationalize their losing- that is why they are losers. Dr. Web may have good intentions, but their detection is piss poor. If you want something that might detect 84% of all malware, it's a good choice.

 

I have always had the utmost respect and admiration for Avast and its dev and now its nice to see that its creeping up to the top place slowly and steadily. If there was no Avira, there would be Avast on my system even if it doesn't top the tests.

 

I'm completely aware of the "crap" detection rates, percentages, test results, user comments.. was long before buying the whole product. The thing is, I don't want an AV because it detects this and that much of something. I want it because it works 100% for me without not a single problem, doesn't annoy me, is light, and doesn't need constant tuning and adjusting -> good choice for me?

Detection rates are probably more important than previous qualities for those who don't understand much about computers, internet, tech issues or simply aren't enough experienced. They feel safer when someone states their AV is "advanced/good/excellent" or what ever. Who is it again that downloads and executes/installs the malware?

I'll probably change when it fails me. Meaning that I'm probably stuck with this "garbage AV" for another two years after my license expires in 2009. Dr.Web is just a simple minimalistic tool for me, not a life-belt or some filter that would block stupidness and carelessness.

 

Best AV would be then just plain UI with 'You're protected' text, doing nothing, extremely light on resources, not annoying, not needing any tuning and adjusting. It'd also have somewhat 'crap' detection rates, though. Your description quite reminded me of Russinovich article about memory optimizers.

 

Yes, I wouldn't probably even notice if it doesn't load virus db at all and still stay clean for years. Would you recommend placebo for me or is it bloated, haven't checked the latest version. But you clearly didn't get the point or perhaps you did but it's hard to understand a different point of view?

I'm satisfied with it if they analyze samples & update definitions daily, and keep on developing the product.

 

If you by 'different point of view' mean ol' good fanboyism, then no, I'm not getting that.

There is more than one relevant factor regarding to the performance of the AV. But still - the backgroud, ie. the plain scanning engine is the most important part of an AV and if it's bad and not performing, nothing else will magically 'fix it'.

The tests of AV-test and AV-comparatives show the qualities of scanning engines, nothing more, nothing less.

I read DrWeb fans comments in this way:
a) the results of the test don't matter (without any valid explanation why)
b) the tests are flawed anyway (without any valid explanation why)

Fanboyism.

 

Yes.You hit the nail right on head.Green spider fans are fun to read tho.

 

If you are happy with your existing AV stay with it, just don't be sore at the winner and try and find non existent faults or nitpick when there isn't anything substantial to pick anyways. If one feels protected with their choice thats fine but don't question other's choice of using an AV based on tests.

 

I don't understand how it's not a "valid explanation" to value other qualities over test results. I've stated many times why wasn't testing important to me. I've tried many of the AVs with better scores, but find something lacking or otherwise wrong with them. Tests doesn't force me to use some products I don't like or find unsuitable. I would like to know why this isn't a valid explanation? Test results might be more important to someone else, like I "said." If I have errors with a "top AV" or other problems(for example, with updating), I'd say it's bad and not performing.

I hope that you would'nt consider me as a "fan" of some computer program, but perhaps as someone who picked his AV with alternative reason.

 

I agree with risl, and no, I don't (nor ever) use Dr. Web. The best defense on one's PC is common sense and understanding of your particular OS and software installed. AV should really be a fallback, but should not impact your ability to use the PC as intended.

risl (and others) find Dr. Web provided adequate protection and does not impact their machines. Prior to NIS 2009, I used Microsoft OneCare. Why? It certainly wasn't the best. However, it provided me that fallback protection without impacting my work, or the performance of my machine.

There are a ton more factors that need to be taken into account then just a pure detection percentage. If you know what you are doing, you can protect yourself without an AV - But there's nothing wrong with having a double check running in the background if it doesn't impact why you have the PC in the first place.

 

Thank you, finally someone understood what I'm trying to get through here. Was already questioning my mental health

 

But, in fact, the av solutions _do_ work as safe-belts.
Given that people want 'work' with computers and not taking the constant care of them, the auto-updating of light-weight antiviruses (should) do good job at getting between malware and users.

I've seen many times when avast was blamed to FP on legitimate websites just to find out they've been hacked. Then just _one_ small mistake of the user and they're pwned. For example - Java updates don't {always} remove the vulnerable versions. Are you safe or not? What is your version of Flash? Is it safe? What about Acrobat? Was the software you just tried because recommended by a friend clean or a swizzor-based adware?

Only the detection quality saves. There's no point on installing product which is not capable of finding the malware.

 

Being hysterical and paranoid doesn't make life much easier. I think Dr.Web's detection abilities are sufficient for me, and have been to this day. There's also no point in installing software that you don't like, for what ever the reason is.

 

Yes, I can accept irrationality in product selection, but that's your choice, your data etc.

What is hard to accept is bashing other products and the tests, given that you have nothing in hand than personal tastes and beliefs.

Also - what exactly is paranoid on seeing such stuff in the wild?

 

There is a difference between not having 100% detection and being completely ineffective and "not capable of finding the malware".

And again, that lightweight AV that doesn't impact YOUR machine may cause irreparable damage (i.e. format time) to another. They are not equal for everyone, and never will be (unless Microsoft buys them all out )

 

Which product I have bashed, and which test? Should be none. Unless it's "bashing" if I state that the results don't mean much to me, that is a different thing. And I'm satisfied with the irrational choice this far.

It seems to me that there is some unwritten law here that makes it acceptable to bash Drw in every thread there is, and laugh at people who "dare" to disagree.

 

No, I cannot accept irrationality in your thinking.

Dr.Web keeps my rig as clean as a churchfloor. This is my rationale for the selection of this product.

Whether an AV protects YOUR rig (or not) should be the only criterion for choosing (or not choosing) an AV and not those "tests" that do not mean a thing, other then bragging rights, to the average user.

 

The point is that users don't know and can't know (unless it's too late, ofcourse). Ofcourse if plain average joe uses his 1,000,000 sample testset before the final selection of the product...

It's just a matter of trust. The tests try to get there something more (not less, as implied by some people here) than just blind faith.

 

Ok ok.

Lets not turn this into a Web Bash fest. Web works for some people and not for others just that simple the people that choose it Like it the people that don't use something else. lets leave it at that and not get the thread closed.

(this coming from me no less )

 

Folks,

Let's step back a bit, I believe many of us are talking at each other, not to each other.

First, I don't think that anyone would deny that the best ideal application to fight malware would be one which protected you against one infection only - namely the next one that you're about to be exposed to. It would cover one piece of malware only, the specific coverage would change on-the-fly, it would be incredibly light since the "comprehensive" database would occupy bytes, not megabytes, and be 100% effective moving forward. By definition, it would be perfect.

It's also clear that this ideal cannot be achieved in practice (unless time travel is lurking out there somewhere), so we need to return to what's possible. In the absence of any other information, it's reasonable to assume that detection performance is paramount. However, user's need to be protected against only what they are exposed to. This implies coverage of a variable subset of extant malware. In the absence of further information/knowledge/or measures, since the subset is variable, prudence would dictate that the most comprehensive solution is the most appropriate/robust one available to all possible scenarios. However, that doesn't mean it will be necessarily higher performing in the most probable or even the majority of scenarios in use.

In any event, with respect to detection, it shouldn't be difficult to understand that a product which afford maximal detection should be the most robust general solution for the incompletely defined scenario. So, if that's the specific scenario to consider, the rational argument is to employ a product that provides maximal coverage. I'll have a bit more to say what this could mean below.

However, that's really just a single narrow scenario. What if system lag is critical - say with a gaming enthusiast - and the comprehensive solution negatively impact system performance? What if the users activities are restricted to a small number of very prominent commercial sites? What if the users ISP has server level email screening and protection? What if they run solely under a limited (i.e. non-Admin) account? What if the machine is a few years old and somewhat underpowered relative to the current "average" machine? What if they employ alternate protection schemes (say HIPS or virtualization or highly customized and robust firewalling)? Is the robust answer for the incompletely defined scenario always the optimal solution as these additional constraints are applied? My own view is that the answer to this question is no. There are very cogent reasons that can be applied to convince different consumers to strike different balances between raw detection performance and other variables that they weigh in developing a solution.

Now, let's consider test results themselves. They tend to be reported with remarkable precision - at times they are reported to two decimal places. Are these results accurate to that level of precision? Unlikely. Is there any clear sense to the level at which these numbers reflect end user reality? Not really. However, when I look at some of these test results as time series trends, it's not that unusual to see +/- swings of a few to up to 10 or so percentage points in successive evaluations. I have no idea whether those swings are real or artifacts, but it does suggest that most of the emotional discussion here and elsewhere centering on differences of fractions of a percentage point are misplaced, and that those centered on differences of multiple percentage points could be misplaced as well.

Yes, test results provide objective guidance, the critical question is towards what end? I could count the number of pens and pencils in my home, but does that provide you with a sense of whether I'm a good writer? I hope not, but one could make the case for that perspective.

Ultimately, I believe that these challenge test results are a little less well defined than most of us hope for. If the question is which product will best protect me against a defined set of malware - where that defined set is identical to the set used in the evaluation - these tests provide a perfect screening answer. If the question is which product will best protect me in my own field use - the answer remains remarkably obscure. The answer is sufficiently obscure that we have long term members here who do not use an AV or other blacklist product (both of which is logically equivalent to using a product with 0.00% detection), and they're perfectly fine and do not experience a torrent of system issues requiring a reinstall. By the same token, we've all seen cases where a flood of problems have arisen from an ill-chosen combination of security products.

My overriding message - the situation is clearly complicated. It is not reducible to one size fits all solutions. Perhaps it's not reducible to even a handful of simple context free solutions. In any event, arriving at some reasonable population average consensus is more likely if you engage in an informed discussion of the topic amongst yourselves and not simply trade volleys of sound bite verbiage at each other.

Blue

 

Amen Blue!

Hybride_F1