FOR CUSTOMERS

Close

Library
My library

+ Add to library

Search
Search

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

A query form

Call us

+7 (495) 789-45-86

Forum

Your tickets

New ticket

Call us

+7 (495) 789-45-86

Profile

EN

RU CN DE EN ES FR IT JP KZ UZ PL BY
Close
News

News by topic

Virus alerts
The Anti-virus Times
News boxes
Press center

Back to the news list

Anti-rootkit x64 in Dr.Web 6.0 for Windows

February 28, 2011

Doctor Web unveiled the updated scanner for Dr.Web anti-viruses 6.0 under Windows. The key update innovation is the feature enabling the anti-virus to neutralize rootkits under 64-bit versions of Windows. The new component has been tested with Dr.Web CureIt! and now is available to users of release versions of Dr.Web 6.0.

The updated scanner incorporates two versions of Dr.Web Shield for 32- and 64-bit Windows systems. It is capable of detecting the 64-bit modification of BackDoor.Tdss and curing the system.

Please, note that the distinguishing feature of this malicious program is its bootkit component allowing BackDoor.Tdss to be loaded before the operating system. It enables the rootkit to control Windows loading and bypass all the defence mechanisms to install its unsigned malicious driver and covertly perform its malicious activities.

In the late 2009, when experts predicted that 64-bit rootkits were not far off, it was already obvious that software for neutralization of such rookits was necessary. The first 64-bit BackDoor.Tdss was discovered in early September 2010. At that point development of the new Dr.Web Shield anti-rootkit was under way. Shortly afterwards it was incorporated into the updated scanner available with the beta-version of Dr.Web CureIt! since October 2010.

In addition to the integration of the 64-bit anti-rootkit, the scanner update brings major changes done according to user requests and fixes of known errors. A default virus-check performed upon launching the scanner has been disabled, now scanning (express, full or custom) can only be started by a user. At the same time in the express scan mode the anti-virus now checks removable data-storage devices for viruses exploiting the autorun feature of Windows (autorunners).

Scanning speed for large and complex files increased manifold and the hosts file curing routine has improved. New curing algorithms increased efficiency of virus and rootkit curing.

Dr.Web single-user and server anti-viruses 6.0 for Windows and Dr.Web Enterprise Suite 6.0 will download and install the update automatically.

Tell us what you think

To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.


Other comments