App Review DrWeb Security Space 2023

The associated review may contain personalised views and opinions.
Content created by
Shadowra

Shadowra

Level 31
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,068
Hello and welcome to the DrWeb test!
DrWeb is an antivirus of Russian origin.
Best known for its disinfection utility, CureIT, DrWeb has never been able to catch up with its competitors, always remaining basic.
On this version 2023, DrWeb has optimized their engine and seems to have worked on the detection.

The interface of DrWeb has not changed, honestly, I find it old fashioned. I would like DrWeb to change it a bit, because it is the same interface as... 2013 !
On the detection level, we notice a slight improvement thanks to its DPH module which will intercept threats at runtime. Despite this, 2 infections manage to pass. The firewall will block the connections.

On the fake crack, the disappointment is present. I was expecting a better performance but DrWeb lets half of the downloaded droppers pass. Even if the firewall is very solid and stops the connections, I just find it a pity.

And the pack will push the nail in! DrWeb detects half of them with its engine.
At runtime, DrWeb will try to defend itself thanks to its behavioral module and DPH but this will unfortunately remain insufficient to keep a healthy machine.
The disinfection tools will detect several infections and Kaspersky one infection in memory.
DrWeb remains unfortunately ineffective, I still do not recommend it.



RAM Usage : High
Malware URL test : 8/10 (2 missed)
Fake crack : 0,50/1 (Half is blocked)
Malware Pack : Remaining 49 files out of 95.
DrWeb will try to defend itself with its behavioral and DPH modules but the machine is very infected.
It is a pity.

Resistance to script attacks: No

Result :
DrWeb : 1
NPE: 14
KVRT : 23 - infection in memory!
EEK : 6
Eset : 10

Recommand : No
System Clean : No system infected

@Lavamate request
 

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
Dr Web is mainly known for Cure it utility. AV has issues with signatures (region focussed) + non existent phishing detection. Firewall should be avoided altogether.

Dr Web can disinfect "certain" infected files where even Kaspersky fails !

It is a rich monument of the 90's, unfortunately unable to keep up with the rapid changing technologies.
 

Stopspying

Level 19
Verified
Top Poster
Well-known
Jan 21, 2018
811
I don't know whether this may have contributed to the poor performance of Dr Web in your tests, Shadowra, as it seems to have done poorly for quite a few years now, but I recalled seeing this story emerge last year - Russian antivirus software unreliable, Czech experts warn

"The National Cyber and Information Security Agency has warned against Russian antivirus software as Russian companies targeted by EU sanctions can stop updating their programs at any time, leaving customers far more vulnerable to potential cyberattacks.
The agency rates the threat as “high”.
“We are issuing this warning as a precautionary measure. This is particularly related to suppliers who, due to the current economic sanctions, have a higher chance of not being able to meet their obligations,” said Karel Řehka, director of the agency.
Among the most popular Russian antivirus software is Kaspersky, a system that protects more than 400 million users worldwide. Despite previous warnings from the expert community, Kaspersky is still widely used by public institutions, including municipalities, towns and healthcare providers.
“They often justified their choice of software from this company with the lowest price offer, which has been Kaspersky’s apparent strategy for the state administration in recent years,” Adam Koudela, from the Czech IT company XEVOS, said.
However, the biggest health insurance company in the country, VZP, announced a few days ago that it would no longer use the Russian software due to security concerns.
Moreover, the Russian company has come under suspicion its software could be used to spy on or directly disrupt its customers’ digital infrastructure.
Federal authorities in the United States have been banned from using Kaspersky products since 2017. The European Parliament followed the US lead a year later, branding the firm “demonstrably malicious” and calling on EU agencies and member states to stop using its software."

Kaspersky seems to have managed to more or less keep their previous high standards, although their customer base may have got smaller because of the invasion persuading some to move to other companies.

The Czechs do know a thing or two about AVs - Avast and AVG are/were Czech + Slovakia's ESET.
 

Andrezj

Level 6
Nov 21, 2022
249
I don't know whether this may have contributed to the poor performance of Dr Web in your tests, Shadowra, as it seems to have done poorly for quite a few years now, but I recalled seeing this story emerge last year - Russian antivirus software unreliable, Czech experts warn
drweb is mostly a regional antivirus
it does well enough as a company that it has 200+ employees
its main customers are russian government agencies, including the ministry of defense
 

Andrezj

Level 6
Nov 21, 2022
249
It seems to me that they use Kaspersky, right?
ministry of defense (administration) does not use kaspersky
there are many agencies in russian government
then each agency has many different departments and programs that use drweb and kaspersky
not all use kaspersky
at one time some even used symantec, until duma outlawed symantec
 
Last edited:

cruelsister

Level 42
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 13, 2013
3,101
Another superb production! Dr Web for some reason has always been greater in reputation than actual detection. Also love the diversity of 2nd opinion scanner results that you noted!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top