News on Dr.Web products
July 26, 2019
In connection with recent changes in Google’s policy regarding the use of permissions for SMS messages and calls, Dr.Web Security Space for Android Life was removed from the Google Play Store. The policy changes have affected the anti-virus products of all anti-virus manufacturers. Some vendors have removed the above-mentioned functionality, and others are offering SMS filters as a separate commercial application. Doctor Web strongly rejects taking such a course of action and believes that restricting mobile device users throughout the world from using important Dr.Web anti-virus features is a critical blow to their security, especially the most vulnerable of users—children and elderly people who can suffer from calls and SMS messages from unknown people and annoying fraudulent ads.
Since negotiations with Google were fruitless and Doctor Web cannot permit the security level of its users to be lowered, we are offering everyone who purchased Dr.Web Security Space for Android Life on Google Play to exchange their license—for free—for a Dr.Web Security Space for Android subscription with no end date—the Dr.Web Mobile Life tariff.
How to regain access to the full version of Dr.Web Security Space for Android
- Sign in at https://drweb.com. If you don't yet have an account, you need to register.
- In the form on the Dr.Web Mobile Life subscription page, enter the order number of your Dr.Web Security Space Life license on Google Play and the email address associated with this order.
- After your order information is verified, if such an order is found, you will be redirected to the My subscriptions page of your personal area of the Dr.Web Anti-virus service.
- In the Dr.Web Mobile Life subscription section, you can download an unending license to Dr.Web for Android. You will be able to access 5 links to use for 5 devices. A perpetual license gives you the right to use Dr.Web to protect from 1 to 5 devices.
If you experience difficulties online when exchanging your order for a subscription, please contact our support service.
July 26, 2019
The creation of the new tariff is connected with recent changes in Google's permission policy. These changes make the SMS functionality of all anti-virus products for Android 8 and later versions inaccessible to users (this concerns our Call and SMS filter and Anti-theft).
Use a Dr.Web Mobile Life subscription to simultaneously protect 5 Android smartphones or tablets with the complete set of Dr.Web Security Space for Android components.
Subscribe to the Dr.Web Anti-virus service, and may your mobile devices remain under the reliable protection of our Russian anti-virus for as long as you use them!
#service #Dr.Web #Android
April 15, 2019
Enhanced threat detection:
- The ability to detect the
- An improved ability to detect signs of infection in previously installed applications;
- The added ability to detect malicious applications packed with Bangcle, Sechell, and the latest version of Tencent;
- A fix that ensures uninterrupted anti-virus scanning.
Changes affecting the application’s UI and features:
- The Call and SMS Filter and Anti-theft components have been disabled;
- The URL shortening feature is no longer available;
The Call and SMS Filter and Anti-theft components have been disabled to comply with Google Play policy changes. Under the new permission policy, anyone who has an anti-virus installed on their Android device can no longer access features related to SMS data.
The Dr.Web software will be updated automatically under Android 4.4 and later. If automatic updates are disabled on your device, go to Google Play, select Dr.Web Security Space on the application list, and tap "Update."
To update via the Doctor Web site, you need to download a new distribution file. If the “New app version” option has been enabled in the settings, a notification will be displayed whenever the virus databases are updated. You can start the download directly from this dialogue box.
April 15, 2019
Dr.Web anti-viruses with SMS functionality were removed from Google Play as a follow-up to the recent changes in Google’s permission policy—first Dr.Web Security Space for Android Life became inaccessible, and then Dr.Web Security Space for Android was removed too. To comply with the new requirements, we removed the affected protection components from the applications, and now the programs are once again available for download from Google Play, albeit without the Call and SMS filter and the Anti-theft.
Doctor Web invites all customers wanting to use the full version of Dr.Web Security Space for Android to download the application from Doctor Web's official site. You will still be able to use the serial number you acquired from Google Play.
#Android #mobile #subscription #Google #Google_Play
March 26, 2019
This step comes as a follow-up to Google’s recent change of its call log and SMS permission policy. The Call and SMS filter and Anti-theft components of the Doctor Web app require these permissions. The company has been negotiating with Google for all the application features to remain available to users. However, currently Dr.Web Security Space Life is not available on Google Play.
Doctor Web is doing its best to make the application available in the software catalogue again.
Users owning Dr.Web Security Space Life licenses can contact our support service. Provide your license order number and the associated email address in the support query. In response, you will receive the application apk-file. Information about other life license usage options will be made available later.
April 15, 2019
To comply with the new Google requirements, we have removed the Call and SMS filter and the Anti-theft from the application, and now the program is once again available for download.
July 26, 2019
Doctor Web is offering all Dr.Web Security Space for Android Life users who purchased their licenses on Google Play, and, due to recent changes in Google’s SMS and call permission policy, have been deprived of the ability to use the Call and SMS Filter and the Anti-theft included in the anti-virus, to exchange their license—for free—for a Dr.Web Security Space for Android subscription with no end date.
January 29, 2019
New! Now you can access My Dr.Web Portal from a mobile device—thanks to its new adaptive design, you’ll be able to work comfortably with the Portal’s content from your smart phone or tablet.
New! Widgets at the top of each page let you contact Doctor Web's support service quickly or search the website.
Even more widgets will become available soon.
New! If some of your licenses haven't been activated yet, when you sign in to the Portal for the first time, you will instantly be directed to the Licensing page showing information about these licenses and an invitation to activate them.
New! In the Licensing menu you can now sort licenses by status: you can choose to view information only about the licenses you haven't renewed and renew them, filter the data to see only your active licenses, and download key files or applications. Information about all blocked licenses is available on a separate page.
New! Because website accounts are linked with the Portal, you no longer need to enter your login and password to move to drweb.com from the Portal and vice versa.
New! The Download Wizard is now accessible on the Portal. Just select the product you need from the list, and the information about all the licenses you have for the product will appear. Then you will only need to press Download—you will be directed to the Download Wizard as soon as you choose a product.
New! If you require complete information about a certain license—its validity period, available products, technical support availability, etc.— just click on the serial number link (available if the number has been activated). The License Manager will open. All the license information will be displayed automatically.
New! The Support section (probably the most important one) has been revamped to further improve its usability. Here, business customers can view all of their support queries (new, open, closed, pending) and quickly navigate to the desired request category.
You can also watch the video about the Portal's services (the information relevant to business users appears at 38 seconds).
New! The Supplier section now also contains information about a supplier's certificates and the availability of Dr.Web-certified professionals on their staff. On this page, you can also recommend your supplier to other users. Now Dr.Web users can learn more about their license suppliers.
In the Accounts section, users with administrator permissions can create subsidiary User accounts for other staff members and manage My Dr.Web Portal access permissions.
If you have forgotten your My Dr.Web Portal password, recovering it will be easier: enter your registered email address or the login you received after registration.
Welcome to the redesigned My Dr.Web Portal:
January 21, 2019
The license price for Dr.Web Security Space Life is increasing to 66,99 EUR.
Remember that users can now purchase a lifetime license for Dr.Web Security Space for Android on Google Play and share it via their Family Library. Thus, by purchasing a single license, you can maintain anti-virus security indefinitely on five smart phones and tablets.
So be sure to read our news post about the "gift" from Google (if you haven't done so already), and hurry to get your entire family protected at the old price—49,99 EUR. If you are concerned with the security of your gadget, you still have time to purchase the license at the old price and enjoy some savings!
However, given how many devices you can protect with this license and its unlimited nature, even if you purchase the license after February 1 at the new price, you’ll still be getting a great deal!
January 15, 2019
This makes buying Dr.Web Security Space Life in Google's application catalogue even more advantageous because with the Family Library, you will be able to use the license on multiple devices owned by members of your family.
Remember: the lifetime license costs 74.99 USD.
If you want to learn how you can set up your Family Library, click here.
January 15, 2019
End of support deadlines:
- Dr.Web Mail Security Suite 6.0—December 31, 2019.
- All other Dr.Web 6.0 products—June 30, 2019.
Technical support for the products, as well as virus database and component updating, will become unavailable after the above dates.
Dr.Web 6.0 was released in March 2010 and has lived a long life compared with many other anti-viruses. But nowadays version 6 lacks the technological capability to neutralise all state-of-the-art threats. Meanwhile, in the years since, Dr.Web has doubled in “age”—the current Dr.Web version is 12. And we never stop encouraging our users to upgrade to newer versions—especially since owners of commercial licenses can do so free of charge.
December 3, 2018
You may recall that Dr.Web Security Space 12.0 uses a brand-new approach to data protection. Targeted attacks on corporate and home computers usually involve malware that anti-viruses can't recognise yet. In situations like that, the Data Loss Prevention module may become instrumental in keeping valuable information safe. It controls access to information assets on its protection list. The list is fully customizable. Users can also define the applications that will have full or restricted access to the data being protected.
Please note that the data safety features are powered by Dr.Web's self-protection functionality, which thwarts attackers' attempts to render the anti-virus non-operational.
You can view the list of trusted applications here.
Important! The Data Loss Prevention component is not available on Dr.Web Anti-virus 12.0 for Windows. Because of that, users who still use Windows XP on their computers can't take advantage of this feature. Microsoft discontinued support for that operating system back in 2014.
A reminder from Doctor Web: today an anti-virus alone is not enough to protect a PC. Dr.Web Security Space includes all protection components to keep your Windows safe.
27.11 New Dr.Web vxCube 1.2
November 27, 2018
Android application support
The new Dr.Web vxCube version knows how to analyse Android APK packages. The analysis reports for APK files are quite similar to those generated after Windows files are examined. However, they feature a number of additional sections. Specifically, the Manifest section contains the permission list and other information provided by the developer in the application's manifest file. Thus, a user can learn in advance about the system components the application will access in the course of its operation. Additional information is also available in the “Calls and SMS” and “Intents” sections. The latter provides information about application activities involving other programs.
Web threat assessment
The new version of the service uses Parental Control databases to determine how dangerous Internet sites may be. On the graph, websites are marked with red, orange, and grey (depending on how severe the threat is).
The analysis report window now provides additional information, including the file format, total analysis time, and advanced settings. It also highlights the files that were created during the examination but weren’t collected for the report. For better security, analysis reports are now provided in password-protected archives—a vxcube password must be entered before the contents can be viewed.
New file types supported
The new service version also supports BAT, SLK, CHM and IQY files. BAT files contain a series of commands that start other applications and utilities in Windows. The SLK file format is used to exchange spreadsheet and database data between Microsoft applications. CHM files usually contain Windows application help files in the HTML format. IQY files are used by Microsoft Excel. Sometimes attackers abuse them to launch malicious scripts in a target system.
Important bug fixes
Thanks to the new video and image display library, issues interfering with the viewing of video reports and screenshots in Safari have been resolved. Furthermore, service features now work better in Safari.
Numerous service defects, including issues preventing the VNC client from running continuously, have been corrected. An issue involving an incorrect number of analysed files being displayed has been resolved.
To use Dr.Web vxCube, you need a trial or a commercial license.
With a Dr.Web vxCube trial license, you can examine 10 objects in 10 days. You can give it a try here.
You can purchase a commercial license for Dr.Web vxCube in Doctor Web's eStore.
#Dr.Web #services #analysis
November 19, 2018
Upgrades and improvements:
- A new section has been added that shows statistical information pertaining to security incidents identified on protected hosts by the Preventive Protection component.
- Administrators can now receive notifications from hosts connected to neighbouring Dr.Web servers.
- License reports from neighbouring servers are now available.
- If a connection is established between the Dr.Web proxy-server and Dr.Web Server, the proxy-server can now be updated automatically.
- MySQL 8 support has been added.
- The License Agreement text has been updated.
- In Office Control, individual access permissions can be defined for devices whose IDs can be specified manually.
- Expired key files can no longer be specified via the Dr.Web Control Center.
- The Dr.Web Control Center can now be used to duplicate packet filtering rules in firewall settings.
- The rules for creating new policy versions and assigning licenses for policies and policy groups via the License Manager have changed.
- Server statistics now include information about web server queries.
- Because anti-virus network groups can now be synchronised using Active Directory features under Linux, the Dr.Web Server scheduler now includes Active Directory connection settings.
- Secure connection parameters can now be specified to look for hosts on the network using Active Directory features.
- Information about the Dr.Web Server repository’s updating progress and status can now be obtained in real time.
- Now administrators can remotely modify a single anti-virus component configuration file on Dr.Web-protected machines running Unix-like operating systems.
- A new URL-filter category has been added for Android devices so that access to sites engaged in crypto mining can be blocked.
- The Control Center section, Administration ? Backups, now provides information about the backups in var/backup as well as all the backup items created using Dr.Web Server’s scheduler.
- The Dr.Web Control Center’s Help section has been updated.
The following issues have been resolved:
- The inability to add objects to the scan exceptions list after restoring them from the quarantine using the “by threat type” filter.
- The inability to remove a device from the Office Control's whitelist if the settings have been reset.
- An issue that in some cases could make certain pre-defined groups inaccessible in the anti-virus network view.
- A problem that interfered with searching for hosts by operating system user name in the anti-virus network view.
- A defect involving the routine that determines the number of licenses being used for hosts. The issue arose if some hosts were added to custom groups, using existing membership rules.
- A problem preventing the creation of multiple administrator accounts for authorisation on remote hosts when agent software was being installed over the network.
- An issue that interfered with NetBIOS name reverse lookups when remote agents were being installed.
- A local agent installation error.
Polish language support has been discontinued for the product.
The updated Dr.Web Enterprise Security Suite is available through the Dr.Web Control Center web interface, where it will appear as an update dated 01.11.2018. The updated distribution files can also be downloaded from Doctor Web's site.
November 16, 2018
New in Dr.Web 11.1 for Unix and Linux:
- General alterations in the products' design for better performance;
- Mail-filtering rules based on Lua scripts for simplified software configuration;
- Better efficiency with regards to intercepting connections;
- The anti-virus engine is now shipped in a separate drweb-engine package;
- A scanning engine for amd64;
- Updated libraries;
- An optimised installer;
- An improved threat-neutralisation mechanism that can also block access to files not yet examined by the SpIDer Guard file monitor;
- Optimised routines for accessing and managing the quarantine;
- An upgraded drweb-ctl command-line interface;
- Optimised updating routines;
- An optimised mechanism for interacting with the centralised protection server.
Doctor Web invites all users who would like to participate in the beta testing to download the distributions from the corresponding section of our website.
The most active beta testers will receive gifts from our company.
Please note that the beta versions are intended solely for testing and cannot be used for reliable, long-term anti-virus protection. It is strongly recommended that you remove the applications as soon as the testing is complete. Doctor Web shall not be responsible for any issues that may arise on testers' computers in connection with the operation of the beta versions.
October 23, 2018
You may recall that in April 2014, Microsoft discontinued Windows XP support. Doctor Web continued providing support for Windows XP in its products up to version 11.5. However, in December 2017, it stopped issuing trial Dr.Web licenses supporting this operating system.
With no Microsoft support, unpatched vulnerabilities make Windows XP a greater security risk with each passing day. From an information security viewpoint, upgrading to a newer Windows version or switching to macOS or Linux has become a necessity.
Should Doctor Web plan to drop its support for Dr.Web 11.5, a corresponding announcement will be released.
Currently, Dr.Web 11.5 and 12 are available via the Download Wizard.
October 22, 2018
The latest threats won't get through
The new Dr.Web 12 version for Windows has:
- a significantly expanded range of program features;
- an expanded range of entities that can be protected by the anti-virus (processes, system services, drivers, the registry, Windows management instrumentation (WMI), system scheduler tasks, process network connections, and file system events);
- new, advanced scanning techniques, including new non-signature methods for detecting threats and new behavioural algorithms;
- heuristic algorithms with expanded detection capabilities;
- enhanced behavioural detection routines that make Dr.Web for Windows incredibly powerful. In version 12 they work alongside the signature and cloud-based technologies, leveraging the anti-virus engine and Dr.Web Cloud to combat threats even more effectively. They can now detect an even broader spectrum of threats;
- the ability to use a variety of sources to make a decision as to how harmful a file or process is in order to make a maximally reliable verdict.
Taken together, the improvements and innovations enable Dr.Web version 12 to detect even more threats, without having to constantly refer to the virus databases and without actually executing suspicious code. For users this means an additional reduced load on their protected devices.
The new philosophy of signature-based detection
In Dr.Web version 12 (and going forward!) all attempts by malware to execute code in a system or to start to engage in malicious activity are intercepted in a timely manner and scanned using a signature-based method. This method is used to the fullest in all scanning subsystems and components, as well as in Dr.Web Preventive Protection.
This results in an accelerated detection process—malware has no chance to even start working, let alone cause damage to a system.
Dr.Web’s heuristic algorithms have incredible new capabilities
Just one fact
It was namely Dr.Web heuristic technology that detected the much-talked-about WannaCry; thanks to it, no Dr.Web user’s system was compromised.
Heuristic algorithms have been radically redesigned to detect bodiless threats, which are increasing in number daily and whose detection is severely complicated due to their specific features.
Heuristic algorithms have been added to detect LOLBINs/LOLScripts (Living Off The Land Binaries And Scripts). Cybercriminals use trusted processes (those not scanned by anti-viruses) to execute them. Some estimates indicate that in 2017 this class accounted for more than half of all attacks.
The new Dr.Web version 12's heuristic algorithms also take aim at trends that are popular with virus writers: launching malicious miners and imbedding malware downloaders (both those that are active and those designed to be launched in all system areas).
A new stage in the development of Dr.Web cloud-based detection routines
Dr.Web version 12’s upgraded Cloud now includes a number of new heuristic methods for detecting threats. In most cases, Dr.Web Cloud is used during the scanning process. The heuristic scanning of browser extensions is also implemented via Dr.Web Cloud—it determines the location of plug-in configuration files and analyses the configuration file of the scanned browser. And in contrast to what happens with many other present-day anti-viruses, no files are transmitted from a protected device to Doctor Web's servers.
Dr.Web Cloud is the key ingredient that makes version 12’s protection so effective.
A step into the future to detect potential infections
Dr.Web version 12 is armed with information about a new class of incurable threats. Special heuristic algorithms are applied to those threats so that Dr.Web can assert with a high degree of confidence that a system is infected. For obvious reasons, we do not want to go into further detail here.
Upgraded anti-adware protection
Adware has gone from being pure advertising to being a cross between advertising and something malicious, where the malicious part is winning out: this includes substituting parameters in browsers, shortcuts, home pages, proxy, DNS; blocking anti-viruses and system applications (for example, regedit, taskmgr); and taking other actions.
Infecting a system via adware has become a favourite method of cybercriminals.
Dr.Web 12 for Windows has become more effective in neutralising malicious adware activity that cannot be detected with the help of signature-based analysis. Version 12 uses both heuristic and cloud-based detection routines to protect systems. And, what’s especially important is that Dr.Web cures a system from these malicious modifications and blocking activities.
In addition to the technological innovations,
the new version of Dr.Web is simply... irresistible!
Let's take a look!
New! Dr.Web Security Center
Easier and more intuitive—these are the words that can used to describe what it’s like to manage the settings of the protection components and tools in the new Dr.Web 12 for Windows.
File and network protection
The key Dr.Web protection components are now aggregated in a single window.
Here users can access the settings of Dr.Web SpIDer Guard, the Scanner, the Firewall, SpIDer Mail, and the SpIDer Gate HTTP monitor—traditional, time-proven anti-virus protection components, which over the course of two-plus decades have been tested on millions of user computers worldwide.
Dr.Web’s array of Preventive Protection technologies is responsible for analysing the behaviour of running applications and all system processes. Thanks to them, Dr.Web
- blocks malicious programs based solely on a description of their behaviour, without using signatures;
- protects against the latest malicious programs that have been designed to bypass detection by traditional signature-based scanning and heuristic mechanisms;
- protects against objects that have not yet been analysed by the anti-virus laboratory and, therefore, are unknown to Dr.Web at the moment of intrusion.
Dr.Web’s Preventive Protection technologies allow our anti-virus to remain permanently up to date and relevant and to do the seemingly impossible: protect against threats that have already been created but are not yet known to our virus database, and this even includes protecting users against threats that criminals have yet to develop!
In the new Dr.Web for Windows 12, Dr.Web’s Preventive Protection technologies can neutralise brand-new threats thanks to three modules that can be managed via a single Dr.Web Security Center tab.
Monitors running programs and exposes suspicious behaviour that is typical of encryption ransomware.
Monitors the integrity of processes and makes it impossible for hackers to inject malicious code into them by exploiting existing vulnerabilities.
Monitors the requests malicious programs make to various system resources. Cuts off attempts to inject a driver into a system or make changes to the way the operating system works. Similar unauthorised actions will be identified and blocked.
Protection for personal data
Hackers try to extort money from users by encrypting their data, blackmailing them, shutting them out of their computers, and then stealing and selling their personal data. Our modules, which users can easily find in the Devices and Personal Data section, will prevent all those things from occurring.
New! Data Loss Prevention
Many Dr.Web users have heard about encryption ransomware programs that corrupt user files and demand a ransom to restore the information. Because Trojan code often contains errors, even users who pay their blackmailers a ransom risk never seeing their photos and work documents again. Because encryption ransomware is so highly commonplace today, protecting oneself against it is vital.
And although the new Dr.Web protection component has the same name as in Dr.Web versions 9-11.5, the routine governing its operation is now completely different. This is indeed a new tool whose operation is no longer based on the periodic creation and protection of backup copies but on the non-stop resident protection of user-selected folders. Your files will remain under its protection until such time as you yourself disable it.
Data Loss Prevention needs to be turned on and configured.
! This component is not available under the Anti-virus license.
New! Protection against spying
Spying incidents—those involving cybercriminals carrying out attacks that let them gain access to microphones and cameras, make video and sound recordings, and then demand a ransom to keep the information attained private—are on the rise. And users cannot tell when their devices are being compromised (no light comes on) even if they’ve locked their screens.
Dr.Web 12 version for Windows will render such intrusions impossible. It will protect your privacy because it ensures that webcams and microphones cannot be used for surveillance purposes. So you no longer have to duct-tape you webcam ☺
A computer should serve its user rather than an invisible intruder.
! This component is not available under the Anti-virus license.
Compare Dr.Web Security Space and Dr.Web Anti-virus protection components.
Improved! Parental Control
Modern technologies offer fraudsters tremendous opportunities to attack people who do not yet understand the importance of protecting their data. The Parental Control component in the new Dr.Web 12 for Windows will protect children against the kinds of threats that can impact them the most.
Parents/guardians can now indicate how much uninterrupted time children can spend on a computer and specify break times, which are very important for their well-being.
Users can now check how much computer time they have left if limits have been placed on their computer use. This way, they won’t be surprised when their computer shuts down.
When going online, it’s important to realise: all malware is created to commit crimes.
But no matter what kind of harm an attacker is attempting to do, Dr.Web provides sufficient protection for safe Internet surfing. Of course, that’s only if you don’t disable Dr.Web’s protection components, even temporarily ☺
Upgrade to the Dr.Web 12 version free of charge
To upgrade to Dr.Web for Windows 12, commercial and trial license users just have to download the distribution of the new version and install the program.
If you have a valid serial number or a trial key file,download version 12
If you’re just starting to get acquainted with Dr.Web,get a 3-month trial
Attention, Dr.Web Anti-virus service users!
The date of release of version 12 for those who use the anti-virus on a subscription basis will be announced separately.
September 21, 2018
Surely many of you have been in a situation where it was impossible for you to pay for a product or a service via a POS terminal. Technical problems? Could be. Business networks are unlikely to inform their customers about an information security incident. At the same time, cash register computers are vulnerable not only to threats crafted specifically to infect business networks, but also to infections caused by generic malware — viruses, encryption ransomware, etc. Such infections result not only in business losses, which means inoperative equipment and paralysed sales processes, but also in the actual threat of customer bank card data leaks.
Doctor Web has prepared a leaflet about POS device security and invites you to familiarise yourself with the ways Dr.Web technologies can be harnessed to protect in-store equipment. You can send this leaflet to your friends and colleagues so that as many people as possible become aware of this underestimated threat.
October 8, 2018
For 1-8 servers, the regular price applies (but the more servers protected, the lower the license price will be for each of them). However, when renewing or making an additional purchase, even if just a single server is involved, the license price will also equal the cost of protecting one PC, provided that the total number of servers protected is greater than 8.
The server anti-virus software Dr.Web Server Security Suite is supplied with Dr.Web Enterprise Security Suite, Dr.Web Office Shield appliances, and the Dr.Web Universal and Dr.Web Safe School bundles.
|Buy Dr.Web ESS|
#цены #Dr.Web #Windows #UNIX
August 29, 2018
The new version’s optimised analysis routines make file examination 30% faster. Graphs in service reports have been redesigned.
- The drawing routines have been optimised for complex graphs that present information about analysed samples running multiple processes with the same IDs.
- Furthermore, graph readability has been improved.
- IDs are now used to indicate the first launched process, instances when Dr.Web has detected a threat, and RPC queries.
You can download source file, report in HTML format, and the PCAP file from the report page. The general description of an examined file now includes information about the file's behaviour and identified threats.
The analyser uses new rules to examinfile behaviour, such as the use of application vulnerabilities, the accessing of specific registry keys, etc. The description text for some of the rules has been changed so that users can more easily understand how the rules can be used. Issues that could result in false positives while the rules were being applied have been eliminated.
Dr.Web vxCube 1.1 also incorporates a modified hypervisor. Defects that could result in system crashes (BSOD) and freezes have been eliminated. Web interface vulnerability issues and other minor problems have been resolved.
To use Dr.Web vxCube, you will need a trial or commercial license.
With a Dr.Web vxCube trial license, you can examine 10 objects in 10 days. You can give it a try here.
You can purchase a commercial license in Doctor Web's eStore.
August 29, 2018
Doctor Web invites all users to participate in the public beta-testing of Dr.Web Security Space 12.0.
The upcoming release of Dr.Web Security Space 12.0 offers many changes that will make the product even more user-friendly.
- The application's interface has been redesigned. This time we decided to experiment and did everything differently. Now Dr.Web Security Space features its own Protection Center in which all the basic components, settings, and anti-virus statistics are concentrated.
- The new privacy option can be used to disable or allow the use of PC cameras and microphones.
- The new version also offers a novel approach to preventive protection, which is now maintained by three modules: the activity monitor, the ransomware fighter, and the anti-exploit module. The modules' operation is also highly customisable.
- The data loss prevention feature has been revamped. Now you can disable the modification of folder contents for any applications except those you trust. Furthermore, each computer user can specify which data they want to protect.
- In addition to pop-up notifications, the anti-virus offers a notification bar that provides access to important information requiring the user's response.
- The Parental Control module has been upgraded too. Now you can specify the duration of an uninterrupted computer usage session and specify the time for a break. If the option to block access to the computer has been enabled, users can now check how much time they have left. This way, their work at the computer won't be interrupted unexpectedly.
- You can also specify when the system should be restarted in order to apply high-priority Dr.Web updates.
- The quarantine and statistics can be cleaned automatically after a specified time period to prevent outdated information from being stored indefinitely.
Doctor Web invites all Dr.Web community members to participate in Dr.Web Security Space 12.0 beta-testing. In keeping with tradition, those testers whose advice and comments prove to be most helpful in making the product even better will receive gifts from Doctor Web. Please note that registration is required to access the beta-testing section.
Please, note that the beta-version of Dr.Web Security Space 12.0 is intended solely for testing and can't be used as a reliable, long-term anti-virus. It is strongly recommended that you remove the application as soon as the testing is complete. Doctor Web shall not be responsible for any issues that may arise on testers' computers in connection with the beta-version.
June 19. 2018
Changes made to the server software:
- MySQL and PostgreSQL version 10 can now be used as external databases.
- A revamped routine for network scanning and remote agent installation (the browser extension is no longer used);
- The option to recover the internal database if it gets corrupted;
- The multicast option for delivering group updates to protected hosts is now enabled by default;
- Control over licenses that are being exchanged between servers;
- A redesigned routine for collecting information about the hardware and applications installed on protected hosts; information can now be transmitted between multiple servers;
- The added option to limit the number of concurrent agent installations from a server;
- The added option to limit agent updating and installation traffic;
- Server installation packages for Linux are now only available as run packages;
- TLS session ticket resumption.
Changes made to the Control Center:
- The inter-server connection settings have been moved from the Neighbourhood section to the Anti-virus network section; connections between servers are now displayed in the anti-virus network view;
- Anti-virus software configuration policies can be changed in the anti-virus network view;
- A Favourites item has been added to the main menu;
- Redesigned tables and graphs;
- A new web-server option that protects against flood attacks mounted using Control Center queries;
- The added option to view the Dr.Web server log in the Control Center in real time;
- The added option to change Dr.Web server log settings via the Dr.Web Control Center;
- The Dr.Web Agent protocol can once again be used to send notifications to administrators;
- Reworked parameters for administrator notifications;
- The addition of a message log for communications that administrators send to protected hosts; the ability to create and use message templates;
- An expanded list of utilities that can be downloaded via the Control Center.
- New items in the Dr.Web server repository: Dr.Web Server Security Data and Dr.Web Proxy-server.
- The new Backup section can be used to view and save server data backups;
- The Yandex.Locator extension can be used to automatically determine the location of Android devices;
- Syntax highlight and autocomplete for the SQL console;
- A new section provides simplified configuration for LDAP authentication;
- Administrators who have the permissions needed to start and interrupt the operation of the anti-virus components can now also control the quarantine on protected hosts;
- The IP protocol version can be specified for server and agent addresses;
- Reworked host statuses in the anti-virus network view and the addition of new status colours;
- The option to sort items (hosts, servers and proxy servers) in the anti-virus network view;
- The added ability to export statistics simultaneously for multiple items in the anti-virus network view;
- Dr.Web agent connection parameters for Windows and Linux are now available in a separate host configuration section;
- The added option to launch the anti-virus components on a selected host via the Dr.Web Control Center; information about running and installed components is now aggregated in the Protection Components section;
- The added ability to remotely configure Dr.Web Firewall on Windows hosts via the Control Center; the packet filter is disabled by default in the Control Center’s firewall settings;
- The added ability to adjust the period in which the virus databases on the protected hosts are considered current;
- The addition of a new Dr.Web Control Center section containing information about the protected hosts' security IDs;
- SpIDer Gate and SpIDer Mail settings for Windows hosts have been merged; the components now use the same exception settings;
- A wider variety of scan exception options for SpIDer Gate and SpIDer Mail under Windows;
- The addition of the new Network Port Monitor component for Windows hosts which is only accessible via the Control Center and is not available to users;
- An existing agent ID can be assigned to a new host during full agent installation;
- The added ability to adjust device access permissions for protected hosts;
- The added ability to change Office Control settings for individual user accounts on protected hosts;
- Settings for new component versions can now be changed for Linux machines;
- The added ability to change the Dr.Web for Microsoft Exchange Server settings and view its statistics via the Control Center;
- A new Help menu feature enables administrators to access the corresponding documentation page from every Control Center page.
- Supports scripts and can be used to remotely connect to the Dr.Web Server to perform basic tasks and view statistics.
New Proxy-Server features:
- The settings are now accessible via the Control Center;
- Server installation and removal via the Agent connected to the proxy server;
- Automatic updating without interrupting the server's operation;
- Caching for encrypted traffic;
- Cached data can be copied from another source, such as the Dr.Web Server repository;
- Event reports transmitted by the Dr.Web Agents are aggregated and relayed to the Dr.Web Server according to schedule.
Changes made to the Dr.Web Agent:
- A single group installer can be used to install Dr.Web on several hosts running any supported operating system;
- Expanded options for rolling back Dr.Web Agent;
- To roll back Dr.Web Agent for Windows, the software must be reinstalled on the host;
- The added option to scan scripts over the AMSI (Antimalware Scan Interface) for Windows hosts;
- The Office Control feature for blocking access to data on removable media has been revamped; devices can now be blocked by class and by bus.
The following software is no longer supported:
- InitDB (SQLite 2) as a built-in database;
- Novell Netware as an operating system for protected hosts;
- Solaris Sparc as a platform running Dr.Web Server.
No longer available are the Dr.Web Control Center extension for browsers and the option to use Windows Messenger to send notifications to administrators; Dr.Web Control Center no longer uses Adobe Flash.
Known issues have been resolved.
Please note that to maintain compatibility with the Dr.Web agent in Dr.Web Enterprise Security Suite 11.0, Dr.Web for IBM Lotus Domino and Dr.Web for MS Exchange must be updated to version 11.5.
The upgrade to version 11 is available free of charge to all Dr.Web Enterprise Security Suite users.
June 7, 2018
With Dr.Web vxCube, your files aren’t just analysed; you also receive a special Dr.Web CureIt! build that incorporates a routine for disarming the analysed object.
Using Dr.Web vxCube is easy: the user is granted access to an area where they can submit a suspicious file for analysis in the cloud; the analyser launches the submitted item to examine its behaviour and then decides whether or not the file is malicious. If the object poses a threat, the user is promptly furnished with a special Dr.Web CureIt! build.
This service lets you expeditiously disarm a brand new threat without having to wait for a security software update.
On average, a submitted file can be examined in less than a minute, regardless of whether it is a Windows executable, an office document or a script. The file undergoing analysis is executed in a virtual environment; the customer can simultaneously monitor the progress of the analysis remotely via the Dr.Web vxCube interface. The resulting analysis report includes a video of the file’s examination.
Statistics show that money can be stolen with a banking Trojan in three minutes or less—much faster than security software gets updated. The opportunity to procure a custom Dr.Web CureIt! build makes Dr.Web vxCube an indispensable tool for companies of any size, regardless of whether they are current users of Dr.Web software. Dr.Web vxCube can be particularly helpful for companies offering services involving PC curing and maintenance. And the ability to analyse files makes it indispensable for cybercrime investigators.
To use Dr.Web vxCube you will need a trial or commercial license.
With a Dr.Web vxCube trial license, you can examine 10 objects in 10 days. You can give it a try here.
You can purchase a commercial license in Doctor Web's eStore.#Dr.Web #services #analysis
May 31, 2018
As malicious programs grow in number and diversity, the conventional signature-based detection routines are losing their relevance as a staple in anti-virus security. Over recent years Dr.Web's non-signature technologies have been enhanced and upgraded as a result. Along with the heuristic analyser, Dr.Web also offers unique features such as Origins Tracing for detecting unknown threats and the Fly-Code technology that exposes malware disguised with unsupported packer formats. Furthermore, the Dr.Web Heuristic process acquires up-to-date reputation information from the continually updated Dr.Web cloud; while ScriptHeuristic disrupts the execution of any malicious scripts in browsers and PDF viewers. To extend its array of protected features further, Dr.Web 11.5 has been equipped with detection routines based on machine learning. Now thanks to the cloud, Dr.Web identifies and disarms malware more quickly and accurately. At the same time, the technology provides enhanced security even if the cloud cannot be reached for some reason.
Although UEFI promises better security, experience shows that malicious code that can't be detected with standard routines can be deployed in the firmware as well as in BIOS. Doctor Web was among the anti-virus companies that pioneered BIOS scanning technologies in order to expose Trojan.Bioskit malware. Now, version 11.5 can also scan UEFI firmware.
Dr.Web Preventive Protection has become even smarter and boasts an even smaller number of false positives.
The new Dr.Web version accumulates the entire wealth of Doctor Web's anti-virus security experience. Now the fruits of our programmers' work are readily available to all Dr.Web users.
May 15, 2018
Extremely popular today, mining can cause serious security threats. Many users resort to using illegal mining methods, and as a result, the number of malicious programs designed to engage in hidden mining at the expense of the resources of other computers and corporate networks is growing exponentially.
To inform users, Doctor Web specialists created the new brochure “Configure Dr.Web to protect your computer from miners”; we invite you to familiarise yourself with it. All of their recommendations on how to configure Dr.Web Anti-virus protection are well reasoned and accompanied by program screenshots. Take 15 minutes to read the brochure and configure your anti-virus — this will help you prevent cybercriminals from infecting your computer with a miner Trojan and keep them from using your computer or server power to secretly mine cryptocurrency.
##Dr.Web_settings #training #mining
February 1, 2018
Specifically, an issue that interfered with Dr.Web's operation on multimedia devices running Android 4.0-4.4 has been eliminated.
Dr.Web Light for Android will be updated to the new version automatically. If you disabled automatic updating on your device, you must go to Google Play, choose Anti-virus Dr.Web Light on the application list, and tap "Update."
Your Android needs protection!
- First version of Dr.Web for Android released
- Over 135 million downloads—just from Google Play!
- Available free of charge for users who purchase Dr.Web home products
January 23, 2018
New in Dr.Web Enterprise Security Suite 11.0:
- Improved Control Center performance (including the sped-up display of anti-virus network data);
- The ability to centrally administer the Dr.Web Firewall on protected hosts;
- The ability to centrally install and administer the proxy server (part of Dr.Web Agent);
- The addition of a new notification type for the Agent (Dr.Web Agent) and the ability to send user messages via the Agent;
- A totally redesigned LDAP/ADS authorisation interface and support for LDAP-RFC-4515;
- Redesigned Office Control in the Control Center;
- Expanded options for working with devices;
- User preferences can be established for protected hosts;
- Revamped and expanded features for administering agent components from the Control Center;
- Information about the protected hosts' software and hardware configuration is now transmitted faster and doesn't impact server performance;
- Windows Script Host and PowerShell scripts are now scanned on Windows 10 PCs;
- The new utilities in the Administration section of the Control Center include:
- A remote anti-virus server diagnostics utility;
- A digital key and certificate generator;
- A remote Dr.Web server diagnostics utility (scripts);
- Utilities are now available for all supported operating systems;
- A new host status (the administrator's attention is required) has been added to the anti-virus network tree;
- The options from the Connections menu are now available in the anti-virus network tree window; If no connections were previously established, the option to show hidden groups in the tree view settings can be used to find a group;
- New products can be found in the server repository: Dr.Web server security data (system data and certificates used by the suite) and Dr.Web Proxy-server;
- In the Control Center's Administration section:
- The Network Port Monitor section provides the option to scan the Agent’s traffic by port;
- Server backup options now exist;
- A new item, "real-time log", has been added to the menu.
We invite everyone interested to participate in beta testing for Dr.Web Enterprise Security Suite 11.0. Please note that registration is required to gain access to the beta section.