Library
My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets

Profile

Dr.Web KATANA Kills Active Threats And New Attacks* *清除活跃的威胁和攻击 Dr.Web KATANA

非特征码反病毒软件,实施预防性保护

  • 抵御新威胁
  • 抵御定向攻击
  • 抵御入侵企图,包括抵御利用“零日”漏洞发起的、您的反病毒软件未知的进攻和入侵。

试用30天

我们会帮助您选择Dr.Web产品

优势

Dr.Web KATANA是新一代Dr.Web反病毒技术,可进行超前保护,隔离您所使用的反病毒软件未知的威胁。

  • 最为轻巧的非特征码反病毒软件,保护任意类型的Windows 2019/2016/2012 R2/2012/2008 R2/2008 (64位系统)和2008/ 2003 SP1 (32位系统)服务器
  • 与其他厂商的反病毒软件不发生冲突。

自主运行

无需任何设置,安装后可立即开始实施高效保护。

灵活操作

整套预置保护脚本和高级设置功能可根据用户需求实施保护,并全面监控保护进程。

脱机运行

Dr.Web KATANA在计算机不访问互联网的情况下也可实施保护

通用性强

保护各版本的OS Windows(从Windows XP到最新的Windows 10)。详情

系统要求参阅帮助文档

全部优势

明察秋毫:解除反病毒软件未知的新威胁

每天反病毒实验室都会收到数十万程序样本,每天病毒库都会添加数万个记录,这些是已知威胁,病毒分析人员已制定出抵御威胁的方法。而给犯罪分子带来最大利益的确是那些信息安全技术人员还尚未进行分析的恶意程序。

Dr.Web KATANA抵御依靠传统特征码机制和启发式机制未能侦测的最新、最危险的恶意程序。这些程序尚未被添加到反病毒实验室进行分析,也就是说在入侵系统时还是属未知程序,其中包括最新的勒索木马加密器、注入木马、木马上锁器以及利用“零日”漏洞入侵的威胁。

Dr.Web KATANA从操作系统一启动就会实施安全保护,即在传统特征码反病毒软件完成加载前就开始对电脑进行保护!

轻巧快捷

为了抵御不断完善且数量不断增加的恶意程序,保护工具功能也在扩展,并持续运行已防御随时可能发生的进攻。这经常造成计算机运行速度缓慢,给用户带来不便。因此有时用户甚至会停用反病毒保护,已恢复计算机正常的运行速度。而Dr.Web KATANA这一产品不仅能够大大提高对计算机的保护力度,且几乎不对系统产生负载,资源消耗极小。

Dr.Web KATANA在阻止恶意程序活动的同时,不会使计算机运行速度变慢。

反应迅速

实时分析威胁行为,立即中止您所使用的反病毒软件来不及识别的恶意脚本和进程。Dr.Web KATANA保护基于恶意程序非特征码查找和解除方法以及云保护技术,分析并监控所有系统进程,根据行为特征侦测恶意对象并进行拦截。

Dr.Web KATANA

详情

传统行为分析仪进行分析的依据是严格记录到知识库的合法程序行为规则,而这些规则不法分子也很了解。Dr.Web KATANA采取的则是另一种方式:实时分析每个启动程序的行为,与不断更新的Dr.Web云信誉库进行比对,根据掌握的恶意程序行为特征最新信息,判断进程是否危险,并随即采取必要措施消除威胁。

Dr.Web KATANA
Dr.Web KATANA

一般行为分析仪监控恶意程序对各种系统资源访问。但如果恶意程序嵌入到了浏览器,并不访问系统资源,仅进行修改,比如修改您与银行的对话窗口,这种情况又有什么办法呢?

Dr.Web KATANA跟踪观察的是恶意程序内部进程,从而能够及时阻止恶意软件窃取机密信息或从您的账户进行转账!

什么情况下需要在使用传统反病毒软件的同时利用非特征码反病毒软件来加强保护?

  • 如主要反病毒产品不能侦测到所有威胁
  • 如主要反病毒产品无法频繁更新
  • 如计算机长期无法连接网络
  • 如计算机处于与外网隔绝的内网,因而无法更新

兼容性

开发人员已经确认Dr.Web KATANA同TrendMicro、Symantec、 Kaspersky、McAfee、ESET等产品兼容。

保护设置

  • 通过“保护”标签的用户模式可为可信任程序创建灵活规则,从而防止在运行Dr.Web KATANA时发生软件冲突。每个用户模式可指定对应用程序访问系统资源的具体限制。
  • 不同程序的运行需要访问不同资源。用户可在Dr.Web为具体应用程序设置保护控制参数,只允许程序访问特定资源,这样即便程序被感染也可避免这个系统受到损坏。

最佳模式

最佳模式 #drweb

默认设置为最佳保护等级。在这一模式下仅保护恶意程序可能利用的注册表分支,并对其进行拦截(禁止修改),不会对计算机产生明显负载。

中级模式

中级模式   #drweb

感染风险增加时可将保护等级提高到中等。

频繁模式

频繁模式 #drweb

对Windows重要对象实施全面监控需将保护等级提高到频繁模式。提高保护模式等级能够进一步提高防范Dr.Web病毒库未知恶意软件的能力,但同时也会增加预防性保护和已启动应用程序出现冲突的可能性。

了解高级设置详情

功能

  • Protects critical system areas from being modified by malware.
  • Detects and stops the execution of malicious, suspicious or unreliable scripts and processes.
  • Detects unwanted file modification, monitors the operation of all processes to detect actions that are typical of malware (e.g., the activities of encryption ransomware), and prevents malicious objects from injecting their code into other processes.
  • Detects and neutralises threats that have not yet been discovered and entered in the Dr.Web virus database: encryption ransomware, injectors, remote-controlled malware used for espionage and to create botnets, and malware packers.
  • Protects against exploits—malicious objects that take advantage of software flaws, including those not yet known to anyone except for the intruders who created them (i.e., zero-day vulnerabilities). If it detects that malicious code is attempting to exploit a vulnerability, Dr.Web KATANA will end the attacked process immediately.

    Impregnable systems do not exist!

    Developers try to release patches quickly for known vulnerabilities. For example, Microsoft releases security updates quite often. However, users often install some of them way too late (or don't install them at all). This encourages intruders to search for new vulnerabilities and exploit those that have been discovered but aren't yet closed on the computers that are being targeted.

  • Controls the operation of the most popular browsers and their associated plugins; protects against browser blockers.

Today, one of the most popular ways for malicious programs to penetrate a system is via the installation of add-on applications in the guise of useful software.

Dr.Web KATANA:

  • Blocks malware’s ability to modify boot disk areas in order to prevent the launch of Trojan horses, for example, on your computer.
  • Blocks changes from being made to the Windows Registry to ensure that the safe mode won't be disabled.
  • Prevents malicious programs from altering basic system routines. By blocking certain Windows Registry keys, it prevents malware from changing the appearance of the desktop or hiding a Trojan with a rootkit.
  • Prevents malware from changing launch permissions.
  • Prevents new or unknown drivers from being downloaded without user consent.
  • Prevents malware and certain other applications, such as anti-antiviruses, from adding their entries into the Windows Registry where they could be launched automatically.
  • Locks registry sections containing information about virtual device drivers, ensuring that no new virtual devices are created.
  • Blocks connections between spyware components and the server that controls them.
  • Prevents malware from disrupting system routines such as scheduled backups.

The procedure is as follows

  • If any attempt to activate malicious code is detected, Dr.Web KATANA will end this process immediately. If the attack was carried out through a vulnerability of another software program, Dr.Web KATANA completes the process of that program. It won't perform any actions with the files of the attacked application and won't move any files to the quarantine.
  • Users will also see notifications about thwarted attempts to perform malicious actions; no response on their part is required.
  • An entry about the disrupted attack is added to the Dr.Web event log.
  • The cloud will also instantly be notified about the incident. If necessary, Doctor Web specialists will respond, for example, by upgrading the protection routine.

Updates

Unlike a traditional anti-virus, Dr.Web KATANA does not contain an anti-virus signature database, a component that requires updating.

The anti-virus protection algorithms in Dr.Web KATANA are implemented as executables and libraries. Periodically, updates are released to improve these algorithms and fix detected errors.

To detect malicious actions, Dr.Web KATANA uses information stored by the anti-virus locally as well as Dr.Web Cloud reputation data which includes:

  • Information about the routines used by programs having malicious intentions;
  • Information about files that are 100% clean;
  • Information about the compromised digital signatures of well-known software developers;
  • Information about digital signatures used by adware and riskware;
  • Protection routines used by specific applications.

Dr.Web KATANA’s cloud system can collect information about Dr.Web’s operation on PCs, including data about brand-new threats, which enables Doctor Web to respond promptly to discovered defects and update rules stored on a computer locally.

图库

管理中心

管理中心 #drweb
管理中心 #drweb