News of Doctor Web

Dr.Web for Windows file servers now supports 64-bit systems

Wed, 03 Feb 2010 18:02:18 GMT

February 3, 2010

Doctor Web releases the updated version of its anti-virus for Windows file servers that supports 64-bit versions of Windows Server OS. . The solution features the new file monitor SpIDer and allows placing suspicious objects to the quarantine.

As well as Dr.Web anti-virus for Windows and Dr.Web Security Space that got support of 64-bit systems in December 2009, the anti-virus for file servers also has the updated GUI and offers users the centrally controlled quarantine.

Dr.Web for Windows file servers supports 64-bit version of Windows Server 2003 and Windows Server 2008 R2.

Ask for demo | Buy from partners | Buy online

First epidemic in 2010 and other virus events of January

Mon, 01 Feb 2010 00:00:00 GMT

February 1, 2010

In January 2010 a large number of user requests regarding neutralization of active infections related to Trojan.Winlock programs while the vast majority of fraud schemes employed by cyber-criminals in January were based on paid short messages. The last month also saw introduction of new malware spreading techniques and more sophisticated monetizing methods employed by cyber-criminals for money-laundering.

Windows blockers

The wide spreading of a variety of Trojan.Winlock programs became the most noticeable event of January. In a compromised system this malicious program displays its own window on top of all other windows and won't close it unless an unlock code is entered. It also disrupts operation of some programs installed on the machine. Criminals offer a victim to retrieve an unlock code by means of a paid SMS. In January the SMS charge varied between EURO 7-14 per each computer.

The statistics server of Doctor Web registered over 850 000 instances of detection of Trojan.Winlock in systems protected by Dr.Web software (Dr.Web Enterprise Suite and Dr.Web anti-virus service included). This figure is 2.15 times larger than the number registered in December 2009 and 23.4 higher than in November 2009 thus indicating the ongoing epidemics in Russia and Ukraine. In the last month several millions of users got infected by this malicious program.

The epidemic caused a stir in the Russian-speaking internet community with providers of short numbers offering unlocking codes free of charge and anti-virus vendors supplying users with free tools to counter Trojan.Winlock programs.

On January 22 Doctor Web set up a special web-page for generation of unlocking codes (over one million visits to the page were registered in a week). Doctor Web also released several versions of Dr.Web CureIt! designed specifically to neutralize such Trojans.

SMS-fraud

Easy monetizing of profits generated by paid SMS served as a good incentive for many cyber criminals. Along with blockers of Windows numerous web-sites were created to promote non-existing services and software with incredible features.

Users were offered online fake anti-viruses that found the same viruses in the same files on all machines, ICQ and SMS sniffers, remote mobile phone control, see-through scanners allowing to see people nude and other similar programs.

Typically users paid for such services and software with short messages. However, as telecom operators and police started to monitor SMS payment systems closely in the face of the winlock epidemic, using such systems has become troublesome for criminals. That’s why they reintroduced means of payments they used before (e.g. WebMoney) and invented new fraud schemes.

New ways for monetizing illegal money

Another scheme that has been gaining popularity among fraudsters in January allows criminals to withdraw funds from accounts of users of mobile phones. Users enter their phone numbers on a web-site that promoted a service and receive short messages with a link for activation of their subscriptions. Once activated, the service charge is withdrawn from an account automatically.

The malicious design allows a person to submit someone else's number on the web-site while messages with an activation link don't explain to a user what the service is about, instead, they provide misleading information to encourage the user to click on the link even if he doesn’t mean to subscribe for a service. For example, a message can say that the link will lead the user to an image or a video clip.

In recent weeks criminals have also offered users to pay for services with a paid call that has a minimum duration limit.

New ways to spread malware and spam

In January virus makers used new means to deliver malicious programs to user machines. In particular, Doctor Web virus analysts registered a spam mailing with messages containing attached torrent-files for downloading supposed e-cards that in truth were malicious programs. Mail servers do not block such messages since attached torrent-files do not contain malicious code.

Spammers also adopted new ways to transfer large amounts of data. Spam mailings were registered where e-mails contained attached mp3 files providing around 60 minutes of playback. Users also received messages with links to video clips located on web-sites of cyber-criminals and available on YouTube.

Below you can find a few tips that may help you prevent infection of your system by Trojan.Winlock programs or by other similar pieces of malware

Install a licenses anti-virus application and updated as recommended by the vendor.
Use alternative web-browsers (Mozilla Firefox, Opera or Google Chrome) and install corresponding security updates as they released by developers.
Install latest security updates for your operating system as soon as they are released.
Do not use services promoted by web-sites displayed as ad pop-ups – such pop-ups are at risk.
If you are offered to download a codec or any other software to view content of the web-site, decline the offer and search for the official web-site of the codec's developer, download it and install on your computer. In many cases Trojan.Winlock programs are downloaded as software required for viewing content of web-sites.

Trojan.Winlock curing recommendations

If a window with a message demanding to send an SMS at a short number is displayed on top of other windows, won’t close and appears even when the system is started in the safe mode, your system has been infected by one of the modifications of Trojan.Winlock.

Under no circumstances should you send messages as demanded by criminals. Every sent message provides criminals with financial support to develop new modifications of the malware.
Go to the unlocking page.
Download the special version of Dr.Web CureIt! and use the utility to cure your system of Trojan.Winlock.
Go to http://www.freedrweb.com/ и скачайте Dr.Web LiveCD and download Dr.Web LiveCD. Once the system is cured with Dr.Web LiveCD it is recommended to scan it again using Dr.Web CureIt!
Ask for assistance on the official forum of Doctor Web.
Contact the provider of the specified short number and ask for the unlocking code to be given to you free of charge since you have become a victim of cyber crime.

The number of malicious programs in e-mail traffic in January decreased by 30% compared with December 2009. The share of malicious files in the total number of files scanned on user machines dropped by 35%. Most probably this decline is a correction following two times increase of malicious traffic among scanned objects.

Viruses detected in e-mail traffic in January

01.01.2010 00:00 - 01.02.2010 00:00
1	Trojan.DownLoad.37236	13268129 (12.99%)
2	Trojan.DownLoad.47256	10044467 (9.84%)
3	Trojan.MulDrop.40896	7096903 (6.95%)
4	Trojan.Fakealert.5115	7023800 (6.88%)
5	Win32.HLLM.MyDoom.44	6490377 (6.36%)
6	Trojan.Packed.683	5749108 (5.63%)
7	Trojan.Fakealert.5238	5261760 (5.15%)
8	Win32.HLLM.Netsky.35328	4772813 (4.67%)
9	Trojan.DownLoad.50246	4051880 (3.97%)
10	Trojan.Botnetlog.zip	3758307 (3.68%)
11	Trojan.Fakealert.5825	3442880 (3.37%)
12	Trojan.Fakealert.5437	2517200 (2.47%)
13	Win32.HLLM.MyDoom.33808	2392000 (2.34%)
14	Trojan.Fakealert.5356	2281720 (2.23%)
15	Trojan.Fakealert.5784	1973160 (1.93%)
16	Trojan.PWS.Panda.122	1851377 (1.81%)
17	Trojan.Fakealert.5229	1835120 (1.80%)
18	Trojan.Fakealert.5457	1607760 (1.57%)
19	Trojan.Siggen.18256	1526581 (1.49%)
20	Win32.HLLM.Beagle	1505664 (1.47%)

Scanned:	139,350,636,730
Infected:	102,115,886 (0.07%)

Viruses detected on user machines in January

01.01.2010 00:00 - 01.02.2010 00:00
1	Win32.HLLM.MyDoom.49	4020788 (16.80%)
2	Win32.HLLM.Netsky.35328	1637229 (6.84%)
3	Win32.HLLW.Gavir.ini	1081250 (4.52%)
4	Trojan.WinSpy.440	1053086 (4.40%)
5	Trojan.AppActXComp	907785 (3.79%)
6	Trojan.AuxSpy.137	734318 (3.07%)
7	Win32.HLLM.Beagle	656944 (2.74%)
8	Win32.HLLM.MyDoom.33808	646730 (2.70%)
9	Trojan.PWS.Gamania.23481	623699 (2.61%)
10	Trojan.MulDrop.16727	584477 (2.44%)
11	Win32.HLLW.Shadow	513252 (2.14%)
12	Win32.Virut.5	493248 (2.06%)
13	Win32.HLLW.Shadow.based	380166 (1.59%)
14	Trojan.MulDrop.13408	325488 (1.36%)
15	JS.Popup.1	316857 (1.32%)
16	Win32.Virut.14	295463 (1.23%)
17	Win32.HLLW.Kazaa.17	263143 (1.10%)
18	Win32.Alman.1	261298 (1.09%)
19	Exploit.MySql.11	260470 (1.09%)
20	Trojan.Winlock.715	256356 (1.07%)

Scanned:	169,874,198,147
Infected:	23,938,315 (0.01%)

Doctor Web created a new code generator to unlock compromised systems

Fri, 29 Jan 2010 00:00:00 GMT

January 29, 2010

Doctor Web keeps improving tools for neutralization of Trojan.Winlock programs and of their malicious impact.

The unlock code generator allowing users to unlock their compromised systems. The free service allows all users whose systems were compromised by Trojan-Winlock malware can obtain unlock codes free of charge. You can also exchange information about malware with other users and share unlock codes that worked in your system but are not known to Doctor Web. This information may help other users and contribute to development of more efficient tools to counter the epidemics.

Updated beta-version of Dr.Web CureIt! against Trojan.Winlock

Fri, 29 Jan 2010 18:33:03 GMT

January 29, 2010

Doctor Web announced major updating of its Dr.Web CureIt! utility designed to scan and cure computers of viruses, even those protected by anti-viruses from other vendors. Specific features for efficient neutralization of Trojan.Winlock programs have been implemented in the new version of the utility.

A new starter included in the utility activates protection of all files and processes of Dr.Web CureIt! before scanning is started.

The starter allows launching the utility on an alternative desktop in order to avoid blocking of its operation by a Trojan.

The updated beta-version of Dr.Web CureIt! is compatible with MS Windows 2000 and later (both 32 and 64 bit versions).

Download the beta-version of the utility.

Unlocking system compromised byTrojan.Winlock now available to mobile users

Mon, 25 Jan 2010 00:00:00 GMT

January 25, 2010

Doctor Web announced the launch of the mobile version of its Windows unlocking service. Now users who can't access the vendor's site from their machines because their systems are compromised by Trojan.Winlocks can access the free unlocking tool from their mobile device.

The mobile version is rather small and easy to use: just enter the suggested number for an SMS and you will see unlock code suggestions on the screen of your device.

If you can’t access Doctor Web’s site, the vendor recommends you to use an ant messaging service and ask your friends to get your unlock code at http://www.drweb.com/unlocker/index/.

Trojan.Winlock infects millions of computers in Russia

Sun, 24 Jan 2010 00:00:00 GMT

January 24, 2010

Russian anti-virus vendor Doctor Web warns of the spreading epidemics of malicious programs belonging to the Trojan.Winlock family. In January 2010 the number of Russian users whose systems were compromised by malicious programs that demanded from users to send a paid SMS in order to unlock their systems reached several millions. Estimated losses are reaching 10 million dollars.

First modifications of Trojan.Winlock appeared three years ago. At that time they were not considered a severe threat since they removed themselves automatically in several hours after installation, didn't run in the Safe Mode and the SMS charge was much lower.

However, since November 2009 this ransom scheme has been gaining popularity among cyber criminals — new modification of Trojan.Winlock are getting more and more dangerous. Now removing a lock message displayed on top of all other Windows is quite expensive. Trojans don't remove themselves automatically and acquire new features. In particular, they block launch of certain programs (file managers, anti-rootkits, system diagnostics utilities that might help cure the system).

Malicious programs from the Trojan.Winlock family exploit Windows vulnerabilities (in particular, vulnerabilities of Internet Explorer) or get to user machines from malicious web-sites (as video codec files), through iframe exploit and over botnets (criminals controlling botnets can install software on compromised machines for a fee).

In January alone the number of victims of such programs reached several millions. Considering that the SMS charge is quite high the estimated income of the criminals in the very first month of 2010 amounted to hundreds of millions of rubles.

With new modifications of Trojan.Winlock appearing almost every day even users that protect their systems using up-to-date anti-virus solutions.

In order to help users Doctor Web is collecting all information about such Trojans in the dedicated section of its web-site. In particular, the unlock form helps users find an unlock code to regain access to their systems free of charge. In first two days after the project was launched hundreds of thousands of users have visited the project’s section.

Doctor Web has also issued a call to Russian authorities and telecom providers that could help finding people that register the short numbers at which users send highly charged messages.

New Doctor Web project offers arsenal against Trojan.Winlock

Fri, 22 Jan 2010 00:00:00 GMT

January 22, 2010

Doctor Web launches a new project aiming to gather in one place ll information about the dangerous family of Trojans blocking access to Windows (Trojan.Winlock) In the dedicated section of Doctor Web’s site users can find out an unlock code and exchange most up-to-date information about this piece of malware.

Under its new project Doctor Web collects all the data that may help users fallen victims of Trojans that block access to Windows.

In recent months such Trojans have been spreading in large numbers over the Internet and brought their author a huge profit. Victims are ordinary users tricked by criminals into sending paid SMS.

With the new Doctor Web’s project users will be able to determine which version of Trojan.Winlock compromised their system and get an unlock code free of charge.

They will also be able to exchange information about new modifications of the Trojan that can’t be neutralized by some anti-viruses and to share unlock codes for latest versions of the malware.

Dr.Web 5.0 certified by FSB

Tue, 19 Jan 2010 00:00:00 GMT

January 19, 2010

The Russian anti-virus vendor Doctor Web announced that it received certificates for Dr.Web solutions 5.0 for Windows from the Federal Security Service (FSB) and Federal Service for Technical and Export Control of Russian Federation.

Certificates from the Federal Security Service of Russia were issued following tests performed by the Certification research centre. The documents confirm that Dr.Web Security Space, Dr.Web anti-virus 5.0 for Windows and Dr.Web Enterprise Suite 5.0 comply with FSB requirements to anti-virus solutions and can be used to protect stat-secret information.

The certificate from FSTEC was issued after tests by the research, development and production company Echelon and evaluation by the Security of information technologies and components company. It certifies that Dr.Web products of the fifth series – Dr.Web for Windows, Dr.Web for Windows file servers, Dr.Web Enterprise Suite – meet requirements of the regulation document regarding software for protection of information.

These certificates allow using Dr.Web solutions for Windows of the fifth series by all governmental institutions of Russia and by state-run companies.

Dr.Web virus databases updating schedule change

Mon, 18 Jan 2010 00:00:00 GMT

January 18, 2010

Doctor Web announced that a new virus databases updating schedule came in effect on January 18 2010..

The most significant change is the change of the release time for a weekly add-on to virus databases from 11.30 p. m. Saturday to 7.00 a.m. MSK Monday.

Besides, for traffic saving purposes Doctor Web will no longer release txt-files along with virus databases in all updating zones.

Checkmate in one move

Mon, 18 Jan 2010 11:01:41 GMT

January 18, 2010

There is always a way out. If viruses have driven you into a corner and you can't hold them off any longer, you still have a powerful move to make. Move to Dr.Web anti-virus solutions.

Starting on January 18, 2010 and until March 1, 2010 you can take advantage of the special offer from Doctor Web allowing users of corporate anti-virus solutions from other vendors to purchase a license for Dr.Web Enterprise Suite on moss favourable terms. And these terms will bring you victory!

Put viruses in check – purchase a 12 month license for Dr.Web Enterprise Suite at 40% off the price and use the product free of charge during the remaining period of your license from another vendor. And this is a checkmate!

If you are willing to move to Dr.Web Enterprise Suite, register as a participant in the event, answer questions in the request form and provide a proof of your license to a solution featuring a centralized protection control from another vendor. The remaining period of such a license must be at least sixty days upon the submission date. You can find out more about the terms here.

Half-measures are no longer enough. If you are not content with the quality of protection provided by your anti-virus solution, it is high time to checkmate viruses!

Checkmate viruses!

New updating mechanism for Dr.Web solutions for Unix

Fri, 15 Jan 2010 00:00:00 GMT

January 15, 2010

Doctor Web introduced a new updating mechanism for its solutions running under Unix-like systems that will decrease the size of d files downloaded from an updating server significantly.

The new updating mechanism will be used for such products as Dr.Web for Unix file servers, Dr.Web for Unix mail servers and Dr.Web for Internet gateways Unix.

The new compression technologies will make updating Dr.Web products for Unix much faster. Users are not required to do any changes to installed solutions. Compressed updated will be automatically retrieved by the updating module.

Blocker of Windows and other virus threats of December 2009

Sat, 02 Jan 2010 00:00:00 GMT

January 2, 2010

Trends of previous months continued to develop in December 2009 where ransomware accounted for a greater part of viral traffic. A large number of Trojans and web-sites were created by cybe-criminals to extort money from users.

Windows blockers

Numerous modifications of Windows blockers featuring new counter-analysis tehcnologies emerged in December. Under the Dr.Web classification such programs are named as Trojan.Winlock. In recent months these programs have become the main tool for extracting money in Russian and Ukraine.

Active Trojans of this class prevent launching of utilities used for analysis and may force a system shutdown. They also create numerous copies of themselves in Windows system folders to make manual removal of the malware from the system more difficult. The name of the Trojan process also differs from the name of the malicious executable file.

Trojans via e-mail

Spam remains one of the main channels for distribution of malware.

In December 2009 various modifications of Trojan.PWS.Panda were spread as VISA card transaction reports or as Facebook account passwords.

Such malicious programs as Trojan.NtRootKit.3226 and modifications of Trojan.Packed were delivered to users as “compromising photos” while Trojan.Botnetlog arrived at user machines as document from DHL.

Audio spam

December saw several types of spam mailings with attached audio files. As a rule such files are provided in the mp3 format and have a low bit rate (16 Kbit/s).

Messages with audio attachments advertised e-stores and healthcare products – an audio file contained a an address of the advertised web-site. Mailings that aimed to draw users into participating in pyramid schemes provided mp3 files larger than 6 MB with approximately sixty minutes length of a lecture.

From 2009 into 2010

In 2009 virus makers tended to focus on acquiring funds of users – an easy prey when large numbers of people follow links supposedly from credible organizations or friends, download programs serving different puporses. Criminals made money transfer demands appear in browser windows, on top of all other windows or right on a desktop. Traditional virus spreading channels — e-mail and instant messengers – were used along with new ones such as social networking web-sites and blogs.

The trend when cyber criminals target users of a wide range of operating systems and browsers simultaneously will most likely persist in 2010. In subsequent years developers of viruses will not merely focus on bypassing the conventional signature-based or heuristic detection but will be making a considerable effort in creating and refining methods to evade behaviour blockers. Examples of such evasions techniques can already be seen in the present. Most certainly rootkit technologies will continue to evolve as well and the technological contest between virus makers and anti-virus vendors will be as tough. It is also highly probable that a rootkit targeting Windows x64 will emerge in the wild in 2010. Yet makers of bogus web-sites will reach better efficiency by increasing the number of fraudulent web-resources. Even now anti-phishing technologies implemented in browsers to protect users from cyber-fraud often fail.

The number of malicious programs found in e-mail traffic in December increased 2.8 times compared to the November figures. The share of malicious files in the total number of files scanned on user machines increased 2.2 times. Cyber criminals raise the amount of money demanded from users for restoring their systems.

Viruses detected in e-mail traffic in December

01.12.2009 00:00 - 01.01.2010 00:00
1	Trojan.DownLoad.37236	12417046 (14.38%)
2	Trojan.DownLoad.47256	9400042 (10.89%)
3	Trojan.MulDrop.40896	6643369 (7.69%)
4	Trojan.Fakealert.5115	6574865 (7.61%)
5	Trojan.Packed.683	5380941 (6.23%)
6	Trojan.Fakealert.5238	4924800 (5.70%)
7	Trojan.DownLoad.50246	3791901 (4.39%)
8	Win32.HLLM.MyDoom.44	3555068 (4.12%)
9	Trojan.Fakealert.5825	3221976 (3.73%)
10	Win32.HLLM.Netsky.35328	3012162 (3.49%)
11	Trojan.Fakealert.5437	2355690 (2.73%)
12	Trojan.Fakealert.5356	2135038 (2.47%)
13	Trojan.Fakealert.5784	1846800 (2.14%)
14	Trojan.Botnetlog.zip	1794382 (2.08%)
15	Trojan.PWS.Panda.122	1732410 (2.01%)
16	Trojan.Fakealert.5229	1717600 (1.99%)
17	Trojan.Fakealert.5457	1504800 (1.74%)
18	Trojan.Siggen.18256	1429018 (1.66%)
19	Trojan.MulDrop.46275	1390881 (1.61%)
20	Win32.HLLM.Beagle	1301627 (1.51%)

Total scanned:	84,146,920,455
Infected:	86,343,017 (0.103%)

Viruses detected on user machines in December

01.12.2009 00:00 - 01.01.2010 00:00
1	Trojan.WinSpy.440	2410816 (12.69%)
2	Trojan.WinSpy.413	1627202 (8.56%)
3	Win32.Virut.56	1297220 (6.83%)
4	Win32.HLLW.Gavir.ini	802751 (4.23%)
5	Win32.Rammstein.13346	647967 (3.41%)
6	Trojan.AuxSpy.71	585736 (3.08%)
7	Trojan.Packed.19247	525731 (2.77%)
8	Win32.HLLW.Shadow.based	466105 (2.45%)
9	Win32.HLLW.Texmer	399722 (2.10%)
10	JS.Popup.1	397594 (2.09%)
11	Trojan.AuxSpy.110	374109 (1.97%)
12	Trojan.DownLoad1.16161	368920 (1.94%)
13	Win32.HLLW.Shadow	311983 (1.64%)
14	Trojan.AppActXComp	298597 (1.57%)
15	Trojan.Siggen.29874	295692 (1.56%)
16	Trojan.AuxSpy.128	264613 (1.39%)
17	Win32.Yasv.924	230928 (1.22%)
18	VBS.Psyme.377	229697 (1.21%)
19	Win32.Alman.1	218138 (1.15%)
20	Win32.HLLW.Autoruner.5555	210376 (1.11%)

Total scanned:	89,457,410,121
Infected:	18,999,657 (0.0212%)

New version of Dr.Web for Linux hits beta

Wed, 30 Dec 2009 00:00:00 GMT

December 30, 2009

Doctor Web launches beta-testing of the new version of its Dr.Web anti-virus for Linux. The solution equipped with a control centre provides users with several new features. The new version of the anti-virus supports both 32- and 64-bit versions of Linux (kernel 2.6*).

The anti-virus includes a new background scan component Dr.Web Unix SpIDer Guard that allows performing anti-virus check in a real time without a significant increase of the system load. The control centre allows configuring the scanning depth and creating custom scanning profiles. The solution also features the system for updating of virus database and software components of the anti-virus.

The new version also offers users a single quarantine that allows restoring quarantined files if necessary and limiting the size of the quarantine. Dr.Web for Linux also features a customizable notifications system and supports sound notifications.

Doctor Web welcomes all users willing to participate in the beta-testing.

Beta version of Dr.Web CureIt! With updated GUI-scanner

Wed, 30 Dec 2009 00:00:00 GMT

December 30, 2009

Doctor Web launches beta-testing of Dr.Web CureIt! enhanced with the updated GUI-scanner capable of curing all existing modifications of BackDoor.TDSS.

With the unique technology for neutralization of BackDoor.TDSS programs the update also provides fixes improving interaction between the scanner and components of the operating system.

Doctor Web welcomes all users willing to participate in the beta-testing.

New Year greetings from Doctor Web

Wed, 30 Dec 2009 13:46:55 GMT

December 30, 2009

The Russian anti-virus vendor Doctor Web is sending New Year greetings to all users of Dr.Web software, its business partners and competitors! Only good news, accessible dreams and unflagging optimism. May your sense of security and confidence remain with you in all your endeavours!

Dr.Web solutions for Unix updated

Tue, 29 Dec 2009 00:00:00 GMT

December 29, 2009

Doctor Web releases the updated versions of its anti-virus solutions for Unix version 5.0 for protection of Internet-gateways, file servers and e-mail.

Dr.Web anti-viruses for Unix have received an updated scan module and virus databases.

The update also provides fixes of several known errors. Routines of the updating module have been optimized. Some improvements have been done to available web-interfaces and the web-interface package for the smb_spider file operations monitor has been included in the installer of Dr.Web for Unix file servers.

Documentation packages for all Dr.Web solutions for Unix have also been updated. The Japanese locale for the solution protecting Internet gateways and mail servers has also been updated.

To apply the update users of Dr.Web solutions for Unix file servers, Dr.Web for Internet gateways Unix, Dr.Web for mail servers Unix and Dr.Web Mail Gateway you need to download updated distributions of corresponding products.

Updating of Dr.Web for Windows Mobile

Mon, 28 Dec 2009 00:00:00 GMT

December 28, 2009

Doctor Web releases the updated beta version of its new anti-virus product Dr.Web for Windows Mobile 5.0. The anti-virus includes a range of new features and has a number of errors fixed.

The main innovation implemented in the solution for protection of pocket PCs and communicators running Windows Mobile is its support of RAR and SIS91 archives. Scanning of archives of other formats has also been improved: an error that prevented disabling the Scan Zip option while Scan CAB was enabled has been fixed.

An error that occurred when a license key file was downloaded over a GPRS Internet connection as well as an issue related to extracting a key file on a device without installed SIM-card have been corrected.

Now you can also change font size in the Settings dialogues.

In order to apply the changes a user needs to start manual updating of Dr.Web for Windows Mobile.

Dr.Web AV-Desk, first deployments in Austria

Thu, 24 Dec 2009 00:00:00 GMT

December 24, 2009

The relevance of anti-virus security as a service provided on a subscription basis to small and medium businesses is confirmed by new deployments of Dr.Web AV-Desk outside Russia. Two Austrian companies at a time — Ilongo and RCS-Technology — expanded their range of available services by adding the Dr.Web anti-virus to the list thus gaining extra benefits for themselves and for their customers.

Ilongo and RCS-Technology run different businesses: the first company provides marketing services while the second one delivers system solutions. However, they have one thing in common – a large number of small and medium business customers that don’t have sufficient resources to solve some of their tasks. With Dr.Web AV-Desk one of such tasks – establishments and maintenance of a reliable security system – is now accomplished. A subscription to the Dr.Web anti-virus service allows customers to forget about cyber-threats once and for all leaving the anti-virus care to the renown Russian anti-virus. Yet companies that use the SaaS model to expand their list of services in their turn are very likely to expand their client base as well.

“In addition to our main business – online marketing services – we can now offer our customers protection of their information on a subscription basis. Such a combination of services can be quite interesting for small and medium businesses.”, Andreas Gstrein, the head of Ilongo said.

The head of RCS-Technology Rene Sepanek also stressed the necessity of an IT security service. He was particularly impressed by the outstanding scalability of the Internet service. “Dr.Web AV-Desk can ensure reliable anti-virus protection for small companies as well as for large telecom providers. The exceptional scalability of the solution combined with user-friendly administration tools and time-proven anti-virus engine served as decisive arguments in favour of adding the Dr.Web anti-virus service to our portfolio”, Rene Sepanek said.

“Flexibility and scalability of the solution makes it a perfect choice for any service provider. With our Internet service providers can find their way to new segments of the IT market and keep up with present-day demands. Trends in development of malware are volatile and Dr.Web AV-Desk provides us great potential to counter them", Ralph Kreter, the Doctor Web Deutschland GmbH manager said.

About Dr.Web AV-Desk

Doctor Web was the first anti-virus vendor that offered an anti-virus as a service on the Russian market.

Deployment of Dr.Web AV-Desk allows subscribers of a service provider to use Dr.Web anti-virus as a service: choose a desired subscription period, renew their subscription automatically and therefore plan how much they are going to spend on anti-virus security. Providing an anti-virus as a service ensures its instant delivery and easy management of a subscription for home users and business customers. Dr.Web AV-Desk was released by Doctor Web in 2007. The number of service providers that deliver the Dr.Web anti-virus service in different regions of Russia and also in the Ukraine, France, Spain, Netherlands, Mongolia, Kazakhstan, Kyrgyzstan, Bulgaria and Estonia is reaching 170. Following results shown by the service in 2007 it was named the best product-service by PC Magazine Russia. In September 2008 Dr.Web AV-Desk was awarded the large golden medal of the Siberian Fair as an original technical and telecom solution.

www.av-desk.com
network.drweb.com

About RCS-TECHNOLOGY

RCS-TECHNOLOGY was founded in 1999 by Rene Stepanek and quickly became a recognized player on the IT market in Austria.

At the very start the company was focused on provision of IT services. Later on it added Internet services to its area of interest and put a lot of effort in improving IT competency of its customers (WIFI St. Pölten and Fachhochschule St. Pölten).

In 2004 the company started developing software for its customers. In recent years software development has become one of its primary activates.

Today RCS-TECHNOLOGY has a team of solid professionals capable of meeting any customer demands.

www.rcs-technology.at

About ilongo

Ilongo develops high quality customized solutions for direct Internet marketing. The company offers top-class products and technical support to its customers. Ilongo also has years of experience in providing managed e-mail services.

www.ilongo.at

Doctor Web releases single-user Dr.Web solutions supporting 64-bit versions of Windows

Wed, 23 Dec 2009 16:55:54 GMT

December 23, 2009

The Russian anti-virus vendor Doctor Web announced the release of its single-user solutions for Windows supporting the x64 architecture. The software products come to users with the refined SpIDer Guard resident monitor, a number of additional features and the new look and feel.

Updated SpIDer Guard enables Dr.Web Security Space and Dr.Web anti-virus for Windows to support all features of the latest operating systems from Microsoft. The new mini-filter technology improves compatibility of SpIDer Guard with operating systems and third-party applications. Improved interaction between SpIDer Guard and the anti-virus engine contributed to increased scanning efficiency and more stable operation of the file monitor.

Other components of anti-virus software have also been improved.

The self-protection module maintaining security of components of an anti-virus run under Windows Vista SP1 64 and later has been upgraded.

Dr.Web solutions for workstations also feature a centralized quarantine and quarantine management tools. The Infected! folder has been replaced with a secure storage that supports encryption, logging and data backup. The special graphical interface allows users to control quarantined objects.

The updated e-mail monitor SpIDer Mail know working directly over the Scan Engine module has become faster and more efficient.

Now the anti-virus can also block launching of unknown malicious programs from removable data storage device that can be started using autorun.inf – the technique used by many viruses including Win32.HLLW.Shadow.based.

The look and feel of the anti-virus has also changed – now users can enjoy the freshly designed user interface. Developers also optimized the configuration process. In particular the log settings can now be configured much quicker using a slider.

Ask for demo | Buy from partners | Buy online

Protect any OS with Dr.Web Universal

Wed, 23 Dec 2009 00:00:00 GMT

December 23, 2009

Doctor Web announced another addition into its products bundle Universal. Now this corporate offer for small and medium businesses includes anti-viruses for protection of workstations running Windows, Mac OS X and Linux.

Many companies use computers running different operating systems. While Windows PCs constitute a greater part of office machines, alternative operating systems are becoming more and more popular. Traditionally design companies prefer Mac OS X while Linux is often run on many workstations in firms involved in IT business.

The Dr.Web bundle for small and medium business becomes truly universal. It allows companies to protect all hosts in a corporate network — workstations, file and mail servers, Internet gateways and mobile devices. Moreover, in addition to products for Windows it provides customers with solutions for Mac OS X and Linux. Companies that choose the bundle can use the same license key files for protection of machines running different operating systems.

With its special low price of Dr.Web Universal small companies (5-100 PC) can get enterprise-class software even in the face of the global financial crisis.

Description | Buy from partners | Buy online