2006年12月31日 Dr.web 4.33.44 beta 首次发布
Doctor Web, Ltd. launches beta-testing of a new generation anti-virus
engine
December 30, 2006
Doctor Web, Ltd. announces the beta-release of a new generation of Dr.Web
anti-virus scanning engine (beta-release number 4.33.44). Its key feature
is a unique algorithm of virus detection based on a signature-independent
malware detection method which complements the traditional signature-based
method and the heuristic analyzer.
The new technology has been developed for over 10 months for the purpose
to significantly improve the quality of detection of unknown viruses.
"Our analyzers and developers have no doubt achieved a substantially new level
of anti-virus technology, - comments Boris Sharov, the CEO of Doctor Web,
Ltd. We have long explored the possibility to implement our new detection
methods to be able to detect unknown viruses to assure the highest
protection level for our customers. Hopefully, it will be a good New year
present for them."
Notice. Names of malware detected by the new technology have the ".Origin"
extension.
All errors and suggestions can be reported to bugs tracking system. Send
samples which have caused false alarms to the Virus Monitoring Service of
Doctor Web, Ltd..
可以预见,这个版本的重大技术改进,将会是未来 Dr.web 5.0 引擎的雏形
http://beta.drweb.com/files/win/drweb-433-win-en.exe
可能有朋友因最近的网络问题下载国外资源较慢,下面是我上传至 mofile 的分流
http://pickup.mofile.com/3163133302832900(这是旧版本,请下载下面的4.44新版)
转贴请注明 转自 绅博GDATA AntiVirenKit(中国)论坛
2007年1月15日,Dr.web正式在其 beta 版本里加入 Anti-spam 模块的技术改进,进行了对beta版本的第一次重大更新,具体改进如下:
Dr.WEB anti-spam beta-version released
The anti-spam module has several advantages.
1.The unique technology allowing to detect up to 97% of spam. Up to 80% of unsolicited e-mails are filtered by headers only, which increases substantially its productivity and decreases dependency of the anti-spam technology on the language of the message;
2.compact anti-spam module – the size of the Dr.Web distribution size became heavier by 1 MB only;
3.easy settings which can be understood even by computer beginners;
ability to filter mail traffic immediately after it is installed and enabled, without any previous teaching of the anti-spam;
4.support of POP3 and IMAP;
5.independence from any mail client.
Technical details
The anti-spam technologies used in new product by Dr.Web contain several thousands rules which can be divided into several groups.
Heuristic analysis
Highly complicated intellectual technology of empirical analysis of all parts of messages: headers, message body, etc. Not only the message itself but its attachment, if any, is being analyzed. The heuristic analyzer is being constantly improving; new rules are being added to it.
Counter-reaction
Counter-reaction technique is one of the most advanced and efficient technologies of Dr.WEB anti-spam. It helps to counteract the tricks used by the spammers to outsmart anti-spam filters.
HTML-patterns
The messages with HTML-codes included into them are compared with the list of known patterns from the library of HTML-patterns of the anti-spam. Such comparison in combination with the available data on the image sizes typically used by spammers helps protect users against spam messages with HTML-code, which often include online images.
Semantic analysis
During the semantic analysis the words and phrases from the message are compared with the words and phrases typical for spam. The comparison is made against a predefined dictionary. The words, phrases and symbols are analyzed – both visible to the human eye and those masqueraded by the technical tricks of spammers.
Anti-scamming technology
Scam (as well as pharming messages – a type of scam-messages) is the most dangerous type of spam. There we can name also the so-called “Nigerian” scams, loan scams, lottery and casino scams, false messages of banks and credit organizations. To filter scams a special module is used in Dr.WEB anti-spam.
2007年2月27日,Dr.web beta 更新 key,有效日期延长至4月29日
2007年4月17日 Dr.web beta 升级到4.44.0,新扫描界面,并支持Vista
Doctor Web, Ltd. launches beta-testing of Windows Vista compatible version of Dr.Web for Windows (beta number 4.44.0).
This version incorporated a unique non-signature malware detection algorithm which supplements traditional signature-based scanning and heuristic analyzer of Dr.Web. The malicious codes detected with the help of the new technology are labeled by Dr.Web as «.Origin». The viruses detected by the new technology as «.Origin» are considered to be incurable, which should be taken into account when setting all modules of Dr.Web for Windows.
Practically all components of the product have been modified and improved. The SpIDer Mail module includes now a spml_set.exe file, which provides compatibility with Windows Vista. A number of errors in mail processing in some e-mail clients have been corrected. Some new files have been added to SpIDer Guard. Graphical User interface of SpIDer Guard has been changed to display scanning statistics of the file monitor in a separate window. The module’s operation has become more stable. The problems resulting in freezing during the scanning of complex and packed objects have been eliminated, too.
Dr.Web scanner, a substantial part of the anti-virus, has been modified dramatically. Both the main window and the Settings pane have been changed. Three scanning modes – Fast, Full and Advanced – have been introduced for users’ convenience. The first two modes provide for scanning without additional selection of the scanned objects, which makes the scanning exceptionally easy.
“New version of Dr.Web anti-virus dramatically differs from the previous versions”, - Boris Sharov, CEO of Doctor Web, Ltd. comments on the beta-version release. “The development team had several important tasks to fulfill: apart from provision of Windows Vista compatibility, we wanted to give our customers new higher level of protection from not known viral codes and to improve all main modules of our anti-virus under Windows. Having analyzed the anti-virus solutions’ market we understood that any hasty steps with Vista-compatible version release are not justified, as IT-departments of the majority of our customers – small and medium companies and corporates - do not hurry to upgrade to Windows Vista. For us it was more important to considerably increase the detection level of ill-intentions codes, as well as improve all main components of our product.”
The users who have already registered for beta-test of Dr.Web for Windows (new engine) don’t have to install new program distribution – it’ll be upgraded automatically.
下载:http://www.divshare.com/download/419617-487
2007年4月27日,Dr.web beta 更新 key,有效日期延长至6月26日
2007年5月8日 Dr.web 4.44 beta 支持 Anti-rootkit
Doctor Web launches a Beta testing of its renewed anti-virus on-demand scanner Dr.Web for Windows, version 4.44. Now the scanner will run with an additional anti-rootkit driver named Dr.Web Shield. It considerably improves the detection and disinfection capabilities of the main scanner and introduces new methods to uncover and neutralize rootkit technologies.(rootkit is a malicious software which hides itself on the PC system, using various techniques ranging from Windows API hooking tricks to direct kernel object manipulation.). The driver loads automatically at Dr.Web scanner launch. In addition to features introduced in the previous beta version the following functions have been improved:
1.Files operations - open, search and read
2.Scanning of Windows registry
3.Process scanning
The internal testing results showed a 90% efficiency of Dr.Web Shield driver to detect rootkits in the system. Beta testers of version 4.44 of Dr.Web for Windows will have their beta version upgraded automatically.
4.44会自动升级组件支持 Anti-rootkit
转贴请注明 转自 绅博GDATA AntiVirenKit(中国)论坛 by ianlai
[ 本帖最后由 ianlai 于 2007-5-9 21:11 编辑 ] |