Dr.Web KATANA Kills Active Threats And New Attacks* *清除活跃的威胁和攻击

• Protects critical system areas from being modified by malware.
• Detects and stops the execution of malicious, suspicious or unreliable scripts and processes.
• Detects unwanted file modification, monitors the operation of all processes to detect actions that are typical of malware (e.g., the activities of encryption ransomware), and prevents malicious objects from injecting their code into other processes.
• Detects and neutralises threats that have not yet been discovered and entered in the Dr.Web virus database: encryption ransomware, injectors, remote-controlled malware used for espionage and to create botnets, and malware packers.
• Protects against exploits—malicious objects that take advantage of software flaws, including those not yet known to anyone except for the intruders who created them (i.e., zero-day vulnerabilities). If it detects that malicious code is attempting to exploit a vulnerability, Dr.Web KATANA will end the attacked process immediately.

  Impregnable systems do not exist!

  Developers try to release patches quickly for known vulnerabilities. For example, Microsoft releases security updates quite often. However, users often install some of them way too late (or don't install them at all). This encourages intruders to search for new vulnerabilities and exploit those that have been discovered but aren't yet closed on the computers that are being targeted.

• Controls the operation of the most popular browsers and their associated plugins; protects against browser blockers.

Today, one of the most popular ways for malicious programs to penetrate a system is via the installation of add-on applications in the guise of useful software.

Dr.Web KATANA:

• Blocks malware’s ability to modify boot disk areas in order to prevent the launch of Trojan horses, for example, on your computer.
• Blocks changes from being made to the Windows Registry to ensure that the safe mode won't be disabled.
• Prevents malicious programs from altering basic system routines. By blocking certain Windows Registry keys, it prevents malware from changing the appearance of the desktop or hiding a Trojan with a rootkit.
• Prevents malware from changing launch permissions.
• Prevents new or unknown drivers from being downloaded without user consent.
• Prevents malware and certain other applications, such as anti-antiviruses, from adding their entries into the Windows Registry where they could be launched automatically.
• Locks registry sections containing information about virtual device drivers, ensuring that no new virtual devices are created.
• Blocks connections between spyware components and the server that controls them.
• Prevents malware from disrupting system routines such as scheduled backups.

The procedure is as follows

• If any attempt to activate malicious code is detected, Dr.Web KATANA will end this process immediately. If the attack was carried out through a vulnerability of another software program, Dr.Web KATANA completes the process of that program. It won't perform any actions with the files of the attacked application and won't move any files to the quarantine.
• Users will also see notifications about thwarted attempts to perform malicious actions; no response on their part is required.
• An entry about the disrupted attack is added to the Dr.Web event log.
• The cloud will also instantly be notified about the incident. If necessary, Doctor Web specialists will respond, for example, by upgrading the protection routine.

Updates

Unlike a traditional anti-virus, Dr.Web KATANA does not contain an anti-virus signature database, a component that requires updating.

The anti-virus protection algorithms in Dr.Web KATANA are implemented as executables and libraries. Periodically, updates are released to improve these algorithms and fix detected errors.

To detect malicious actions, Dr.Web KATANA uses information stored by the anti-virus locally as well as Dr.Web Cloud reputation data which includes:

• Information about the routines used by programs having malicious intentions;
• Information about files that are 100% clean;
• Information about the compromised digital signatures of well-known software developers;
• Information about digital signatures used by adware and riskware;
• Protection routines used by specific applications.

Dr.Web KATANA’s cloud system can collect information about Dr.Web’s operation on PCs, including data about brand-new threats, which enables Doctor Web to respond promptly to discovered defects and update rules stored on a computer locally.