Dr. Web Security Space 2024
Global Key Code
(eDelivery)
Email Delivery Only. No Physical delivery of Box / CD.
----------------------------------------
After placing the order you will get License Key / Activation code in buyer's ebay message box within 24 to 36 hours.
In case you are getting any delivery notification from eBay, Please ignore it. You will not get anything delivered in your physical address. All codes will be delivered in your registered email id only.
Need Help
- In case you are facing any issues in activation please contact us.
- We will guide you and can provide Remote Support also if required. (Using TeamViewer or AnyDesk)
- Just send message with your ebay registered email id and issue you are facing. You will get reply from our support team in few hours
Returns
- If you are not satisfied with your purchase, please inform us. We will provide you Remote Support through TeamViewer or Anydesk.
- You will get free support from us till the validity of the software you purchased from us.
- Full refund may not possible because of nature of the product.
----------------------------------------
Dr.Web antivirus engine technologies
Criminal groups involved in the development and spread of viruses are thoroughly organized, so virus production has become streamlined, thus leading to explosive growth in the quantity of malicious malware. This immediately spawned a host of daily signature records being added to virus databases.
Facts
- The Doctor Web virus monitoring service collects samples of malicious programs all over the Internet.
- The Dr.Web anti-virus lab receives on average about 60,000 malware samples daily.
- A record of sorts was set on November 28, 2012, when the Dr.Web anti-virus lab received over 300,000 samples. And that is not all of the malware that was created that day.
Virus analysts are not magicians and cannot instantly process the thousands and thousands of suspicious files received daily. Long gone are the times when anti-viruses could catch malware using only relevant virus signatures (i.e., records in virus databases) — i.e. detect only known viruses. If this were so till now, an anti-virus would be helpless in the face of unknown threats. However, an anti-virus remains the best and the only effective protection tool against all types of malicious threats — and, most importantly, — against viruses both known and unknown to the virus database.
Dr.Web incorporates many effective non-signature technologies for detecting and removing unknown malware. Together, they make it possible to detect the latest (unknown) threats before they are registered in the virus database. We'll describe just a few of them.
- Fly-Code technology ensures the high-quality scanning of packed executables and virtualized file execution to unpack any (even non-standard) packers; this makes it possible to detect viruses that are even unknown to Dr.Web anti-virus software.
- Origins Tracing treats a scanned executable as a specific sample which it then compares against the database of known malicious programs. The technology makes it highly likely that viruses not yet added to the Dr.Web virus database will be detected.
- Structural entropy analysis detects unknown threats by arranging pieces of code in objects protected with encryption compression, interrupting the routines they use, and utilizing some additional parameters. This allows Dr.Web to detect a substantial portion of unknown threats.
- ScriptHeuristic prevents any malicious browser scripts and PDF documents from being executed without disabling features provided by legitimate scripts. It protects against infection with unknown viruses that try to get into a system via a web browser. It works independently of the Dr.Web virus databases in any web browser.
- Traditional heuristic analyser features routines to detect unknown malware. The heuristic analyser relies upon knowledge (heuristics) about certain properties typical to virus code and, vice versa, those that are extremely rare in viruses. Each of these attributes is characterized by its “weight”— — that is to say, by a number whose module refers to the importance and severity of the attribute; and its sign, respectively, indicates whether that attribute confirms or refutes the hypothesis on the possible existence of an unknown virus in the code being analyzed.
- An execution emulator module is used to detect polymorphic and highly encrypted viruses when the search against checksums cannot be applied directly or is very difficult to perform (because secure signatures cannot be built). The method involves simulating the execution of an analyzed code by an emulator — a programming model of the processor (and, in part, PC and OS).
Dr.Web virus database
- Dr.Web anti-viruses use a record low number of virus definitions in their database; one entry can identify dozens, hundreds or even thousands of similar viruses. This is a fundamental difference between the Dr.Web virus database and virus databases of other anti-virus programs. Even with a smaller number of entries, it can detect the same (or an even greater) number of malicious programs.
- Even if no definition of a virus is present in the virus database, Dr.Web will most likely detect it by means of multiple technologies implemented in its anti-virus engine.
- Dr.Web virus databases are devised in such a way that adding new entries doesn't lower the scanning speed.
What are the advantages of a small virus database with fewer entries?
- Saved disk space
- Lower memory usage
- Lower updating traffic
- Rapid virus analysis
- Detection of future modifications of existing viruses
Important!
Every day millions of people around the world use the unique product Dr.Web CureIt!, created specifically to cure infected computers that run other anti-viruses.
Important!
Modern malware often operates invisibly to computer users, and, from the moment of its creation, it cannot even be detected by many anti-virus programs. Only an anti-virus can cure an infected system.
Proactive protection technologies:
Many malware programs operate according to similar algorithms, exploit the same operating system vulnerabilities, and have the same set of malicious functions.
If a suspicious program’s behavior resembles the behavioral patterns of known malware, the Dr.Web anti-virus protection system can detect and block that program—even if an entry for it has yet to be included in the Dr.Web virus database.
This is due to the fact that none of the software’s proactive technologies depend on the signatures of these suspicious programs being present in the virus database. All these technologies are developed solely by Doctor Web.
Advantages of Dr.Web anti-spam
- The anti-spam doesn’t require configuration or training. Unlike anti-spam solutions based on Bayesian filtering, it starts working as soon as the first message arrives. Therefore, the anti-spam doesn’t require daily training by the system administrator.
- It detects spam messages regardless of their language
- No email receipt delays
- Real-time email filtering
- High-speed filtering with low consumption of system resources
- Can scan objects at any nesting level
- It can choose a processing technology for the target object depending on the message envelope or the blocking objects detected
- Messages that have been filtered out are placed in a separate folder so they can always be checked to make that sure that no false detection has occurred
- These unique technologies eliminate the need for blacklists. No company will be discredited after it has been deliberately added to such a list
- Stand-alone—requires no constant connection to an external server or access to a database, which saves traffic significantly
- Doesn’t need to be updated more often than once every 24 hours – unique spam detection technologies based on several thousand rules allow the anti-spam to stay up to date without frequent downloads of bulky updates
Vade Secure
Filtering of spam and other unsolicited messages is performed by the vaderatro plugin which uses its own library (Vade Secure). This library is continuously updated, ensuring uninterrupted improvement in filtering quality. Highly effective junk mail filtering is combined with low consumption of system resources. This is the reason why Dr.Web anti-spam is able to operate efficiently on low-end hardware.
Depending on the results of the analysis, each message receives a score from the VadeRetro library – an integer ranging from -10,000 to +10,000. The higher the score is, the more likely the message is to be spam.
The threshold value is set by the SpamThreshold parameter of the plugin configuration file. If the score equals the value of the SpamThreshold parameter or exceeds it, the message is considered to be spam.
After a message has been analyzed, Vade Secure may add (depending on the plugin settings) corresponding headers to the message.
Spam filtering technologies
The Dr.Web anti-spam analyzes messages using several thousand rules which can be divided into several groups.
- Heuristic Analysis
- A highly intelligent technology that empirically analyzes all parts of a message: the header, body, and attachments. This makes it possible to detect unknown types of spam. The heuristic analyzer is constantly being improved; new rules are frequently added. This allows the next generation of spam messages to be detected even before a corresponding rule is created.
- Counter filtering
- Counteraction filtering is one of the Dr.Web anti-spam’s most advanced and efficient technologies. It recognizes the techniques and tricks spammers use to avoid detection.
- HTML signature analysis
- Messages containing HTML code are compared with HTML patterns from the anti-spam library. Such a comparison, in combination with data on the image sizes typically used by spammers, helps protect users against spam messages featuring HTML code, which often contain online images.
- Detection based on the SMTP envelope
- The detection of fake SMTP server stamps and other forged elements in email headers is a brand new anti-spam technology. A trusted sender address is not enough; criminals can forge it easily. Sometimes unsolicited messages do not merely convey advertisements. Such emails can contain hoaxes and even threats. Special Dr.Web anti-spam technologies can expose spoofed addresses and block such messages. As a consequence, it doesn't merely save traffic but also protects employees from fraudulent emails that can push them to do unpredictable things.
- Semantic analysis
- A message’s words and phrases are compared with words and phrases in the spam dictionary. All words, phrases, and symbols are analyzed – both those visible to the human eye and those hidden by spammer tricks.
- Anti-scam technologies
- Scam emails (as well as pharming messages – a type of scam) are the most dangerous type of spam, the most notorious example being the so-called “Nigerian” scams, loan scams, lottery and casino scams, and false messages from banks and credit organizations. A special module of Dr.Web anti-spam is used to filter scams.
- Bounce filtering
- Automatic email notifications or bounces are designed to notify a user if a failure occurs while the mail system is in operation (e.g., a message couldn’t be delivered to a specified address). Similar messages can be used by criminals. For example, a worm or ordinary spam can reach a computer as a notification. A special module of Dr.Web anti-spam detects such unwanted messages.
Dr.Web virus database
Key benefits
- Record smallest number of virus entries.
- Small size of updates.
- Just a single entry allows detecting tens, or hundreds, or even thousands of similar viruses.
The fundamental difference of the Dr.Web virus databases from the virus databases of other av-programs is that alongside smaller number of the virus entries it allows to detect the same quantity (or even greater quantity) of viruses and malicious programs.
Let us summarize what a user benefits from the small size of the virus database.
- It spares space on the hard drive.
- It spares main computer memory resources.
- It spares Internet traffic when downloading the updates.
- It provides for quick installation of the virus database and its processing when analyzing viruses.
- It allows to detect viruses which will be created in future by modifying the existing viruses.
The creation of the Dr.Web anti-virus began in early 90th of the past century, when the Internet was only developing and was not a global network, when only few companies could offer to have access to the WWW. When the traffic cost a lot and the updates should be made as often as possible, the size of the virus database - the time of its downloading from the Internet - should be minimal. This was the task which faced the developers of the Dr.Web anti-virus and it was successfully solved - till today the Dr.Web virus database is the smallest among all other anti-virus programs. This is conditioned by the Dr.Web own technology of creation of the virus database on the basis of very flexible language specially developed for description of the base. The small size of the base spares costs on the Internet traffic, occupies less space on the hard drive and in main computer memory after the base is downloaded and installed. Small size of the base provides for the high-speed interaction of the components of the Dr.Web programs and does not overload the processor.
What is the most important in the anti-virus? Its ability to protect against viruses. This protection is secured, among other conditions, by adding the virus entries (signatures) to the base allowing to detect viruses. But the quantity of entries included in the base says nothing about the ability of an av-program to detect viruses. The most objective way to check the quality of protection is the comparative reviews held on the collections of viruses from “the wild” (InTheWild list) - i.e. viruses really existing in computers of users and not only in collections of virus laboratories or virus hunters.
One should also know that the virus database of each anti-virus program has its own structure. To explain why the number of entries in the Dr.Web virus database is less than the number of entries in the virus database of some av-developers, one should understand that not all viruses are unique. There are family of related (similar) viruses, there are viruses designed by special virus constructors- programs for creation of viruses. All of them are very similar, sometimes as two peas in a pod. Some developers of av-programs name each such virus with separate entry, which increases the size of the virus database.
The Dr.Web virus databases is designed differently; a single entry in it allows to detect tens, or hundreds, or even thousands similar viruses! Even smaller number of virus entries, comparing to some other av-programs, allows to detect with great likelihood yet unknown viruses (not included into the virus database) which will be created on the basis of already existing viruses.
Dr.Web is always relevant
Dr.Web virus database updates are small, usually not exceeding 50-200 KB. Dr.Web technologies enable the anti-virus to use one database entry to identify hundreds and even thousands of malicious files—including those that may be created by hackers in the future.
Virus monitoring service
The Doctor Web virus monitoring service collects samples of malicious programs all over the Internet and creates antidotes and releases updates as soon as testing is complete—as often as several times per hour. As soon as an update is released, users can retrieve it from several servers located at various points of the globe. To avoid false positives, an update is tested over a huge number of uninfected files before it is released. An intelligent system for adding related viruses allows new malware definitions to be added to the virus database automatically, which makes it possible to respond faster to malicious attacks.
- Fast updating even with low bandwidth. A special data compression algorithm is employed by Doctor Web to deliver updates as archived files and save traffic. Patch files are used to deliver minor additions and fixes for virus databases or program modules. This dramatically reduces the amount of data transferred.
- Automatic and manual updates—the latter can be performed on computers that are not connected to the Internet.
- Scheduled updates.
- No machine reboots are needed. Automatic updating of the virus databases ensures that Dr.Web can withstand previously unknown threats immediately after retrieving new virus definitions.
- Ready to confront new types of threats. To tackle new malware, virus databases and key anti-virus components, including drivers, must be updated regularly. In such cases, a system restart may be necessary. Doctor Web always releases updates promptly. To save traffic, you can configure Dr.Web to retrieve only virus database updates. However, this option is not recommended because it can enable intruders to bypass the protection even if the virus definitions are up-to-date.
- Dr.Web's self-defence effectively resists malignant attempts to disrupt or disable updating.