June 21. 2018

Dr.Web Anti-virus 11.5 for Windows Servers is released with a number of its modules and components updated. The updated components and modules include:Dr.Web Anti-rootkit API (11.5.1.201806010), Dr.Web Updater (11.5.0.04180), Dr.Web Control Service (11.5.1.06051), Dr.Web Scanner SE (11.5.0.02130), Dr.Web File System Monitor (11.05.00.05160), email-templates (11.5.0.05100), SpIDer Agent for Windows (11.5.1.06051), Dr.Web Anti-virus for Windows servers setup (11.5.0.06130), Dr.Web Device Guard for Windows (11.05.00.12050),Dr.Web Shellguard anti-exploit module (11.05.00.04250), self-defence module Dr.Web Protection for Windows (11.05.01.06020), Dr.Web Net Filter for Windows driver (11.1.8.05140), Dr.Web Scanning Engine (11.5.1.201805310), Dr.Web Thunderstorm Cloud Client SDK (11.5.0.05170). Configuration scripts and the administrator manual are also updated. The new version also incorporates a number of UI tweaks.

Changes made to the Anti-rootkit API:

• Now the component is able to read, parse and scan UEFI firmware code.
• Behaviour analysis and threat neutralisation routines incorporate machine-learning technologies.
• Enhanced behaviour analysis for running processes (fewer Preventive Protection false positives).
• Improved detection for active infections (latest threats).

Changes made to the updating module:

• An infinite loop issue that could arise after code 407 (Proxy Authentication Required) was repeatedly returned by the Dr.Web updating server has been resolved.
• Improved routines for interaction with update servers and mirrors.

Changes made to the Control Service:

• An issue that prevented system restart from being initiated via a corresponding Dr.Web notification under a standard user account has been resolved.
• An issue that prevented the service from starting if the Dr.Web Scanning Engine operation was disrupted upon launch has been resolved.
• Protection components status information and the updating schedule are now saved correctly when sleep mode is toggled on and off.
• Faster threat detection and neutralisation.

Changes made to the scanner:

• An issue involving a custom scan list being cleared after system restart has been resolved.
• Correct text is now displayed in the statistics about threats to which the "Ignore" action was applied.

Changes made to the Dr.Web File System Monitor:

• A defect involving scan exception settings being disregarded for the applications launched from shared network folders has been corrected.

Changes made to email-templates:

• The text for license expiry and device block notifications has been corrected.

Changes made to the Agent:

• The option to block devices by a specific bus is now available in the Devices section.
• The information about detected malware also includes data about complex threats that have been disarmed during a background scan.
• The Quarantine Manager provides information about objects whose recovery requires a system restart.
• An issue that interfered with recovering files that were moved to the Quarantine from a disk root directory has been resolved.
• Also corrected, was a defect that caused the UI to freeze if multiple threats were neutralised in a short period of time.
• Minor Quarantine Manager UI tweaks have been introduced.
• The update also delivers minor UI tweaks in the statistics section.
• The UI elements are more clearly visible when high contrast Windows themes are being used.
• System restart prompts are no longer displayed to users who don't have sufficient privileges to perform the action.
• An issue interfering with scrolling through the list of available languages has been fixed.

Changes made to Dr.Web Anti-virus for Windows servers setup:

• Detection of existing ESET anti-virus installations has been improved, so users can be warned about compatibility issues when Dr.Web installation is being started.
• Now Dr.Web installation can't be started if the product was previously removed without a system restart.

Changes made to Dr.Web Device Guard for Windows:

• Now selected device classes can be blocked for a specific bus.

The update will be performed automatically; however, a system reboot will be required.