Dr.Web Anti-virus Changelog

What's new in Dr.Web Anti-virus 11.0.0.11164

Nov 17, 2015

Version 11 has an extended arsenal of protective technologies that provide enhanced protection against zero-day exploits and other deceptive techniques that criminals use today and will use in the future. Dr.Web utilises state-of-the-art hardware capabilities to control the operation of all the installed applications and the operating system.
Our preventive protection is based on an analysis of the behaviour of malicious, suspicious or untrusted scripts and processes. Today it complements the traditional signature-based scanning and plays an essential part in neutralising brand new malware. The risk of an unknown Trojan attacking a user’s machine before it can be analysed by anti-virus vendors is growing. It's no secret that most of today’s popular programs have flaws that can be exploited by intruders to penetrate a system. Even though the discovered vulnerabilities are closed promptly by the respective software developers, users often fail to install updates in a timely manner, leaving their systems at risk of infection.
That's why Dr.Web developers paid special attention to upgrading the Dr.Web Process Heuristics Heuristics behaviour analyser and enhanced Dr.Web Preventive Protection with the new Dr.Web ShellGuard technology which protects systems from zero-day attacks against the most common applications. The updated heuristic analyser can end suspicious and malicious processes and is even more effective at detecting threats, including those not yet in the virus database—encryption ransomware, injectors and spyware. In addition to the local database, the new Dr.Web ShellGuard technology uses the Dr.Web reputation cloud which provides up-to-date information about potential threats involving software vulnerabilities.
The new Dr.Web HyperVisor component runs on the lowest level in the system which greatly enhances threat detection and neutralisation and guarantees that all attempts by malware (including malware that has yet to be discovered) to get into a protected system or disrupt Dr.Web's operation will be thwarted.
Other important innovations speed up anti-virus scanning without compromising PC security. Gamers and frequent users of online media streaming will surely appreciate that audio and video playback is now delivered without delays. And large files are also downloaded much faster. Thanks to the brand new back-up routines that have been added to the Data Loss Prevention component, Dr.Web now boasts lower memory usage and higher usability. Additional parameters (including those of the Parental Control) and UI tweaks make Dr.Web protection even easier to control. Thanks to the optimised updating routine, certain Dr.Web components can be updated without a system restart.
Remember that the HTTP monitor SpIDer Gate, Parental Control and Data Loss Prevention are only available in Dr.Web Security Space.
As it works to resolve current threats, Dr.Web is also able to anticipate future ones. This approach ensures that the security of systems protected with Dr.Web 11.0 won't be circumvented by intruders.

New in Dr.Web Anti-virus 10.0.0.10280 (Oct 28, 2014)

New in Dr.Web Anti-virus 9.0.0.09170 (Sep 27, 2013)

New! The behaviour analyser Dr.Web Process Heuristic offers effective protection against the latest unknown threats. Nearly 90% of the real threats that trouble users are Trojans: the Winlock, Encoder, Inject and Exploit families are known not only in Russia but also far beyond its borders. Years of experience analysing malware behaviour patterns laid the groundwork for Dr.Web Process Heuristic’s routines. Those routines make it possible to instantly neutralize threats—before a computer and its user incur serious damage. The similarity in the behaviour of many malicious programs enables Dr.Web Process Heuristic to identify malignant applications which are not yet known to Dr.Web, particularly new modifications of Trojan.Encoder and Trojan.Inject.
New! Protecting user data from corruption—a real opportunity to save valuable files. The data protection feature enables a user to select the directories they need and create protected backups, so that later, if a malicious object has managed to ravage the system, the information can be restored. The data protection technology lets the user save the changes that were made to the original files—through a user-defined time interval or manually, on command. Please note that this technology is not meant to replace proper backups but rather to provide protection against threats that have been identified by the Dr.Web behaviour analyser: now you don't need to contact the support service to restore data that was corrupted before Dr.Web Process Heuristic went into action; you can restore it yourself.
New! The unique comprehensive analyser of packed threats provides effective detection of known malicious objects concealed with new packers. This technology uses the behaviour pattern analyser Dr.Web Process Heuristic, and—in real time, and at the onset of a malicious process’s activity—makes it possible to detect that process using available, signature-based Dr.Web records. This significantly improves the detection of supposedly "new" threats that may already be known to Dr.Web but have been packed in such a way that an anti-virus doesn’t recognize them.
Improved! The optimisation of Dr.Web Cloud and SpIDer Guard results in increased anti-virus scanning speed. Thanks to revamped Dr.Web SpIDer Guard routines, the performance of machines involved in processing large amounts of data (torrent downloads, code compiling and rendering) has been improved. Also with the goal of improving performance, there has been a redesign of the architecture of the Dr.Web Cloud service which sends URLs the user is about to visit to Doctor Web for scanning in real time.
New! A new system for thoroughly scanning all traffic; all possible transit routes viruses could use to penetrate a computer via the Internet are blocked. Traffic (including encrypted traffic) over all protocols supported by SpIDer Mail and SpIDer Gate and on all ports is scanned—changing a port won't help avoid inspection. With version 9.0, users can also enjoy Safe Search with Google, Yandex, Yahoo!, Bing, and Rambler; only links to secure sites will appear in search results. Links to unsafe content are filtered out by the search engines themselves. Communication via such popular instant messaging services as Mail.Ru Agent, ICQ and Jabber is protected, too: their traffic is filtered, links that lead to malware and phishing sites are cropped from messages, and transferred files are scanned for viruses. The transfer of files that Dr.Web considers potentially dangerous is blocked.
New! The Dr.Web 9.0 Parental Control module can block anyone from changing the system time and time zone, so children can’t use the computer outside of their scheduled time. This module also lets you disable the sending of print jobs, which protects against the unauthorized printing of confidential documents and can save on paper and ink.
New! Block access to pirated sites to protect the interests of content copyright holders. Upon user consent, SpIDer Gate can now block access to sites distributing unlicensed content.
Dr.Web users are shown a warning stating that "pirated" resources are off-limits and are asked whether they want to go to the copyright owner’s website. The list of sites with unlicensed content will be updated upon the request of copyright holders.
New! The updated Dr.Web Firewall provides maximum ease of use. Previously, the firewall used a pre-installed database of applications and user-defined rules. Now it divides applications into those that can be trusted (legitimate from the point of view of Dr.Web) and those that cannot. Trusted applications can connect to any location and on any port. The firewall is now organised to minimize the number of questions asked by the application when the user is adjusting operating parameters.

New in Dr.Web Anti-virus 7.0 (Nov 10, 2011)

In order to improve Dr.Web’s performance, its architecture was significantly modified: new services were introduced and the performance of all components was optimized. Doctor Web's developers made improvements to the scanner, completely revamping its look and feel. The most important innovation enables the scanner to perform multi-thread scanning where tasks are distributed between the CPU cores. As a consequence, the overall performance of the new anti-virus has grown substantially.
The products feature the Dr.Web Control Service, responsible for controlling all anti-virus components and their interaction as well as for retrieving statistics and scheduling updates. With this service, you can take advantage of the Anti-virus network feature, which comes in handy for home and small corporate networks.
The Dr.Web anti-virus network works as client-server software and provides remote control over the Dr.Web anti-virus. For example, if computers within a local area network run Dr.Web 7.0, a user can enter a protection password on one computer and control the anti-virus software on another PC in the same network. The control service enables users to perform a wide range of tasks: retrieve anti-virus statistics and log files, check the virus database versions, enable/ disable anti-virus modules, view/change their settings and replace a key file or serial number. The new feature is available to customers using Dr.Web Security Space.
To improve the reliability of Dr.Web self-protection, a new feature enables the anti-virus to automatically restore its components. A specially designed local repository stores the reference version of all components used to quickly restore their integrity if component files have been damaged or deleted.
In addition, you can now define a single master password to protect all the anti-virus settings. Whenever a user attempts to access general Dr.Web settings, individual component settings, or tries to disable a component, they will be prompted to enter the password.
The protective features of Dr.Web software have been enhanced with the capability to check mail and Internet traffic transferred via an SSL-encrypted connection (SMTPS/POP3S/IMAP4S/HTTPS). This feature is enabled by default for all programs that use the system certificate store: Microsoft applications (Internet Explorer, Outlook, Outlook Express, etc.), Google Chrome, and Safari. If necessary, a user can expand this list to include other popular applications such as Opera, Mozilla Firefox/Thunderbird, and The Bat!.
Dr.Web 7.0 products use a new traffic interception hook, Dr.Web Net Filter for Windows, which has superseded the Dr.Web Winsock Provider Hook. The new hook performs tasks for two anti-virus components—SpIDer Gate and SpIDer Mail—and intercepts application traffic as well as the traffic of system services and drivers, which in turn increases the reliability of real-time anti-virus protection.
Dr.Web firewall has also been modernized. Its new driver supports multiprocessor/multicore systems. This feature is especially important if the protected machine runs programs that make extensive use of traffic such as BitTorrent clients. Now the firewall can control data transfers with maximum efficiency and doesn't lower the transfer speed. In addition, in the Statistics tab, users can now end system processes and block and unblock connections. The usability of the interface to create complex filtering rules has been improved.
Lastly, a separate Dr.Web Anti-rootkit Service—a universal subsystem for neutralizing active and complex threats—has been implemented in the new products. The new service uses a specially designed Dr.Web Anti-rootkit API and improved routines to detect active infections.

Dr.Web Anti-virus Changelog

What's new in Dr.Web Anti-virus 11.0.0.11164

New in Dr.Web Anti-virus 10.0.0.10280 (Oct 28, 2014)

New in Dr.Web Anti-virus 9.0.0.09170 (Sep 27, 2013)

New in Dr.Web Anti-virus 7.0 (Nov 10, 2011)

New in Dr.Web Anti-virus 4.44.2 (Apr 3, 2008)