New features in Dr.Web 11.0 for Windows
New in version 11!
Enhanced Dr.Web Process Heuristic technology protects against attacks involving zero-day exploits
The new technology Dr.Web ShellGuard blocks routes into the system so that programs that exploit vulnerabilities can’t get in. Exploits are malicious objects, that take advantage of software flaws, including those not yet known to anyone except for the intruders who created the exploits (i.e., zero-day vulnerabilities). The vulnerabilities are used to gain control over a targeted application or the operating system.
Dr.Web ShellGuard protects the most common applications installed on almost all computers running Windows:
- All popular web browsers (Internet Explorer, Mozilla Firefox, Google Chrome, and Vivaldi Browser);
- MS Office applications including MS Office 2016;
- System Applications;
- Applications that use java, flash and pdf;
- Media players (software)
Thanks to the new Dr.Web ShellGuard technology, the Dr.Web Process Heuristic behavioural analyser can:
- Protect critical system areas from being modified by malware;
- Detect and stop the execution of malicious, suspicious or unreliable scripts and processes;
- Detect unwanted file modification, monitor the operation of all the processes to detect the actions that are typical of malware (e.g., encryption ransomware activities), and prevent malicious objects from injecting their code into other processes;
- Detect and neutralise threats that have not yet been discovered and entered in the Dr.Web virus database: encryption ransomware, injectors, remotely controlled malware used for espionage and to create botnets, and malware packers.
Intelligent updating from the cloud for non-signature Dr.Web ShellGuard blocking routines
To detect malicious actions, Dr.Web ShellGuard uses information stored by the anti-virus locally as well as reputation data from Dr.Web Cloud which includes:
- Information about the routines used by programs with malicious intentions;
- Information about files that are 100% clean;
- Information about the compromised digital signatures of well-known software developers;
- Information about digital signatures used by adware and riskware;
- Protection routines used by specific applications.
The cloud can collect information about the operation of Dr.Web on PCs, including data about brand new threats, which enables Doctor Web to promptly respond to discovered defects and update rules stored by the anti-virus on machines.
Dr.Web ShellGuard will protect the system even if a PC is not connected to the Internet or to Dr.Web Cloud.
How it works
- If it detects that malicious code is attempting to exploit a vulnerability, Dr.Web will end the attacked process immediately. It won't perform any actions with application files and won't move any files to the quarantine.
- Users will also see notifications about a thwarted attempt to perform malicious actions; no response on their part will be required.
- An entry about the disrupted attack is added to the Dr.Web event log.
- The cloud will also be instantly notified about the incident. If necessary, Doctor Web specialists will instantly respond, for example, by upgrading the system monitoring routine.