February 18, 2015
Thanks to Dr.Web Process Heuristic, which monitors a system for similar malware behaviour patterns, Dr.Web for Windows Servers can now detect new versions of Trojan horses such as programs from the Trojan.Encoder and Trojan.Inject families.
Furthermore, the data loss prevention feature in the new version lets administrators select the directories they need and create protected backups, so that later, if a malicious object has managed to ravage the system, information can be restored. The data protection technology lets users save changes that were made to their original files—through a defined time interval or manually, on command.
All the latest features of the updated Dr.Web Cloud, which are already available in Dr.Web Security Space, have been included in the new version of Dr.Web Anti-virus for Windows Servers.
You can block devices by a hardware bus or category to prevent unwanted devices from connecting to the server host. In addition, you can take advantage of the new blocking options: Use 'Restrict access to the removable media' to block access to flash drives; enable 'Block sending jobs to printers' to prevent printing; and toggle on the option 'Block data transfer over network (LAN and the Internet)' to block all the networking activities of the server machine. Moreover, you can now disable the option to change the system time or the time zone.
The new version also features a comprehensive analyser of packed threats which allows malignant processes whose signatures are already recognised by Dr.Web to be detected at the beginning of any malicious activity. This significantly improves the detection rate for supposedly "new" threats that may already be known to Dr.Web but have been packed in such a way that the anti-virus doesn’t recognise them.
The anti-rootkit module for 64-bit platforms has been added to the software so that threats targeting 64-bit operating systems can be more effectively neutralised.
Thanks to Dr.Web SpIDer Guard’s revamped routines, machines involved in processing large amounts of data experience improved performance. These are changes that will benefit all file servers.
During product setup, the installer will now only extract repository files for the corresponding platform (32- or 64-bit) which helps save disk space.
The self-protection module in Dr.Web 10.0 for Windows Servers can be disabled in the program's settings.
The new version also brings UI upgrades. The redesigned main menu keeps all the elements involved in daily routines at hand. Setting changes are now applied on the fly—just enter the required data, check a box, or move a slider. You no longer need to enter a CAPTCHA code to disable a protection component. Threat notifications and other messages are now more noticeable. To make it easier to configure them, all notifications are divided into four groups: minor, major, threats, and critical.
To upgrade the product to version 10.0, you must run the new installer on a computer that already has Dr.Web Anti-virus for Windows Servers installed on it.
Tell us what you think
To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.