E-licenses
Anti-virus as a service
ОЕМ-products
Services

New features in Dr.Web 9.0 for Windows

Honest protection against real threats

Expand all | Collapse All

  1. Detection of new, unknown threats

    Winlock, Encoder, Inject, and Exploit Trojans account for almost 90% of real threats. Among them, there are few new malicious programs that can be considered unique (i.e., those that in no way resemble other malware). All of these programs can be divided into groups (families) based on the characteristics they have in common with regards to their malignant manifestation in a system—data encryption (the Encoder family of malware), blocking access to Windows (the Winlock family), etc. Programs of the same family perform similar tasks, i.e., they follow a single behaviour pattern. Dr.Web Process Heuristic, a behaviour analyser, recognizes and understands these behaviour patterns and, therefore, has routines that allow it to detect programs from such malicious families.

    Dr.Web Process Heuristic compares the behaviour of running processes to known patterns to determine whether a program is malignant and takes steps to neutralise it, if necessary.

    Dr.Web Process Heuristic protects systems against new, highly prolific malicious programs that are capable of avoiding detection by traditional signature-based analysis and heuristic routines because they haven't yet been analysed in the anti-virus laboratory and, therefore, are unknown to Dr.Web at the moment of intrusion.

    Historical Background

    • 1992 - Igor Danilov created the world's first version of anti-virus behaviour analyser for MS-DOS and OS/2.
    • 1999 - Dr.Web developers announced the the technology SpIDer Netting for Windows 9.x—the first behaviour analyser for MS Windows.

  2. New level of effectiveness in the neutralisation of unknown threats and the protection of data

    It is not enough to identify an unknown virus—the system must be cured of it. For Trojans, this usually means that the malicious code is removed from the system. But what if the malware has encrypted files or system settings, so that a hacker can penetrate the system again and again? In the case of modern Trojans, curing encompasses a set of measures which include placing the unknown malicious object detected by Dr.Web Process Heuristic into the quarantine and repairing all the damage inflicted by the alleged malicious program—restoring the system to its prior, uninfected state.

    Dr.Web Process Heuristic performs behaviour analysis almost instantaneously, but even during that moment a malicious object can ravage an infected system—for example, by encrypting multiple files. To prevent the loss of important information, Dr.Web 9.0 for Windows protects user data from damage by creating regular protected backups of files from directories selected by the user.

    All the specified files that require protection are copied into a single directory which is updated whenever a corresponding file is changed.

    The customizable options allow users to select the directories they want to protect against data loss (files that are to be backed up), and the disk they want to use to store copies of the protected files (the backup location). Users can also set up a schedule (how often "snapshots" of the selected directories are to be taken) and perform an on-demand inspection of data at any time (backup protected files upon request). More about configuration of data protection

    The backup feature lets users of Dr.Web 9.0 for Windows restore damaged data on their own, without contacting Doctor Web's technical support—all users need to do is press the “Restore” button.

    The ability to create Dr.Web-protected backups with the possibility of their subsequent recovery is one of the comprehensive treatment measures used to cure unknown threats that have been detected by Dr.Web Process Heuristic.

    Learn how to tune up Dr.Web preventive protection

  3. Comprehensive analyser of packed threats—unique Dr.Web technology!

    As previously mentioned, unique viruses are a rarity. The same virus can be repacked several times per hour and unleashed into the wild as a new malicious species. It turns out that many of the supposedly "new" viruses are in fact programs that are already known to the Dr.Web virus database; they’ve been concealed with packers that earlier versions of Dr.Web were unable to recognize.

    The comprehensive analyser of packed threats uses behaviour pattern analyser Dr.Web Process Heuristic and provides detection of malignant processes with available signatures at the beginning of a malicious activity.

    The new technology significantly improves the detection of supposedly “new” threats that were known to the Dr.Web virus database before they were concealed by new packers. In addition, with such an analysis there is no need to add redundant definitions of new threats into the virus database. With Dr.Web virus databases kept small, a constant increase in system requirements is not needed. Updates remain traditionally small, while the quality of detection and curing remains at the same traditionally high level.

  4. Increased performance

    Dr.Web 9.0 for Windows boasts much improved scanning speed.

    • Revamped Dr.Web SpIDer Guard routines yield improved performance on machines involved in processing large amounts of data (torrent downloads, code compiling and rendering).
    • Faster scanning with Dr.Web Cloud—the service's architecture has been redesigned to provide a significant boost of speed.

  5. Full scan of all traffic

    • Safe traffic— scanning on all ports is carried out on traffic transmitted via Dr.Web-supported protocols, including secure connections (if the user has enabled the option to scan SSL traffic).
    • Safe Internet Surfing — with secure search, Google, Yandex, Yahoo!, Bing and Rambler will only return links to content considered safe by the search engines and Dr.Web. Dangerous sites will be excluded from search results altogether!
    • Secure Communication— Filtering traffic of instant messengers such as Mail.Ru Agent, ICQ, Jabber, QIP and Pidgin. Links that lead to malware and phishing sites are removed from messages. The anti-virus scans transmitted attachments. The transfer of files that Dr.Web considers to be dangerous is blocked.

  6. With Dr.Web Parental Control, removable devices and computers can be protected against unauthorised use.

    • Import /export white lists of trusted devices—transfer the list to another computer manually or transmit it to a remote machine via the anti-virus network.
    • Block any adjustments to the system time and time zone to prevent children from using the computer without their parents’ permission.
    • Disable printing jobs from being started to prevent confidential documents from being printed and to save printing paper.

  7. Protection of copyrighted content

    The SpIDer Gate component in Dr.Web 9.0 for Windows makes use of a separate database containing a list of sites that provide access to unlicensed content. Each database entry also contains a link to the site of the respective copyright owner. Dr.Web users are shown a warning stating that "pirated" resources are off-limits and are asked whether they want to go to the website of the copyright owner.

    You can disable this option in SpIDer Guard settings. But before you make a decision, read this warining.

  8. New Dr.Web firewall databases herald a new, ultimate user-friendly approach to protection

    The new Dr.Web Firewall database makes it much easier to create user rules.

    • Earlier the Dr.Web Firewall functioned by using a pre-installed application database and user-defined rules. To create a rule database, one had to respond to dialogues to create a rule for every application—something which proved to be rather annoying.
    • Now the Dr.Web Firewall uses its own database of trusted applications. These are programs that incorporate a digital certificate. Applications that Dr.Web believes to be legitimate can connect to any address via any port. Exception: if a program is not digitally signed, its signature is invalid, or there is no signature at all, (e.g., those created by enthusiasts or open source programs), the user is prompted to create a rule.
BUY from our partners | online | with mobile | Add to the library
Company | News&Events | Send a virus | Online scanner | Privacy policy | Site map
[You Tube] [Twitter] [Facebook] [Instagram] [Spiceworks]
Doctor Web is the Russian developer of Dr.Web anti-virus software. We have been developing our products since 1992. The company is a key player on the Russian market for software that meets the fundamental need of any business — information security. Doctor Web is one of the few anti-virus vendors in the world to have its own technologies to detect and cure malware. Our anti-virus protection system allows the information systems of our customers to be protected from any threats, even those still unknown. Doctor Web was the first company in Russia to offer an anti-virus as a service and, to this day, is still the undisputed Russian market leader in Internet security services for service providers. Doctor Web has received state certificates and awards; our satisfied customers spanning the globe are clear evidence of the high quality of the products created by our talented Russian programmers.

www.drweb.com | estore.drweb.com | curenet.drweb.com | www.av-desk.com | free.drweb.com