Share!

EN CN DE ES FR KZ PL RU UA

Home
Protection against zero-day attacks
Enhanced self-protection
Statistics and notifications
Accelerated scanning
Data Loss Prevention
Control and Management
Other new features

New features in Dr.Web 11.0 for Windows

New in version 11!
Enhanced Dr.Web Process Heuristic technology protects against attacks involving zero-day exploits

The new technology Dr.Web ShellGuard blocks routes into the system so that programs that exploit vulnerabilities can’t get in. Exploits are malicious objects, that take advantage of software flaws, including those not yet known to anyone except for the intruders who created the exploits (i.e., zero-day vulnerabilities). The vulnerabilities are used to gain control over a targeted application or the operating system.

Dr.Web ShellGuard #drweb

Dr.Web ShellGuard protects the most common applications installed on almost all computers running Windows:

  • All popular web browsers (Internet Explorer, Mozilla Firefox, Google Chrome, and Vivaldi Browser);
  • MS Office applications including MS Office 2016;
  • System Applications;
  • Applications that use java, flash and pdf;
  • Media players (software)

Impregnable systems don’t exist.

Developers try to release patches quickly for known vulnerabilities. For example, Microsoft releases security updates quite often. However, users often install some of them way too late (or don't install them at all). This encourages intruders to search for new vulnerabilities and exploit those that have been discovered but aren't yet closed on the computers that are being targeted.

Thanks to the new Dr.Web ShellGuard technology, the Dr.Web Process Heuristic behavioural analyser can:

  • Protect critical system areas from being modified by malware;
  • Detect and stop the execution of malicious, suspicious or unreliable scripts and processes;
  • Detect unwanted file modification, monitor the operation of all the processes to detect the actions that are typical of malware (e.g., encryption ransomware activities), and prevent malicious objects from injecting their code into other processes;
  • Detect and neutralise threats that have not yet been discovered and entered in the Dr.Web virus database: encryption ransomware, injectors, remotely controlled malware used for espionage and to create botnets, and malware packers.

Intelligent updating from the cloud for non-signature Dr.Web ShellGuard blocking routines

To detect malicious actions, Dr.Web ShellGuard uses information stored by the anti-virus locally as well as reputation data from Dr.Web Cloud which includes:

  • Information about the routines used by programs with malicious intentions;
  • Information about files that are 100% clean;
  • Information about the compromised digital signatures of well-known software developers;
  • Information about digital signatures used by adware and riskware;
  • Protection routines used by specific applications.

The cloud can collect information about the operation of Dr.Web on PCs, including data about brand new threats, which enables Doctor Web to promptly respond to discovered defects and update rules stored by the anti-virus on machines.

Dr.Web ShellGuard will protect the system even if a PC is not connected to the Internet or to Dr.Web Cloud.

How it works

  • If it detects that malicious code is attempting to exploit a vulnerability, Dr.Web will end the attacked process immediately. It won't perform any actions with application files and won't move any files to the quarantine.
  • Users will also see notifications about a thwarted attempt to perform malicious actions; no response on their part will be required.
  • An entry about the disrupted attack is added to the Dr.Web event log.
  • The cloud will also be instantly notified about the incident. If necessary, Doctor Web specialists will instantly respond, for example, by upgrading the system monitoring routine.



Dr.Web

© Doctor Web
2003 — 2024

Doctor Web is the Russian developer of Dr.Web anti-virus software. We have been developing our products since 1992. The company is a key player on the Russian market for software that meets the fundamental need of any business — information security. Doctor Web is one of the few anti-virus vendors in the world to have its own technologies to detect and cure malware. Our anti-virus protection system allows the information systems of our customers to be protected from any threats, even those still unknown. Doctor Web was the first company in Russia to offer an anti-virus as a service and, to this day, is still the undisputed Russian market leader in Internet security services for service providers. Doctor Web has received state certificates and awards; our satisfied customers spanning the globe are clear evidence of the high quality of the products created by our talented Russian programmers.