Discussion in 'other anti-virus software' started by risl, Dec 13, 2011.
The news: http://news.drweb.com/show/?i=2071&lng=en&c=14
The news is very compressed. Additional information is as follows:
- Supported by a large number of new files and containers -
Smart Install Maker (SIM); DMG, HFS, XAR (MacOS); SIS (Symbian 9);
INNO SETUP (5.3.9 and above); SETUP FACTORY (lines 7, ; XENOCODE;
TARMA INSTALL (line 3); XZ (UNIX); TCOMPRESS; SQUAHFS; CHILKAT ZIP;
Packages LHA (AWARD BIOS); modified ISO (NRG, images with non-
sector format and with no signatures).
- Container handlers TAR, 7-ZIP, THINSTALL, PDF,
SETUP FACTORY (lines 5, 6) are replaced by new ones, giving full
and error-free analysis. Correct any defects and errors.
Updated and corrected handlers containers VCLZIP, AUTOIT, ZIP,
VISE, INNO SETUP. Improved identification of containers WISE; ACTIVE MARK;
Modified 7-ZIP, protection of "bombs". The mechanism of the priority
identify containers that do not have a strict format (HTML, MIME).
- Qualitatively improved handling e-mail, including optimal
parse raw mail files, optimizing the processing of letters
with high investment (such as correspondence with many RE / FW),
format support TNEF. Conveyor MIME replaced by another, which simplifies
a hierarchy of discrimination. Improved identification data BASE64.
- Support for new versions of the Packers: STEELBOX; EXPRESSOR 1.8; OBSIDIUM 1.4;
ZPROTECT (1.4 and above); EXESCRIPT (line 3); ZCRYPT; TCRIPT; XOREXE;
BAT2EXE; BATCH SHELL; ASPACK 2.24; DBPE 2.33; GPB; DYAMAR PROTECTOR;
SCPACK; GCRYPT; MMCACHE. A large number of new packers supported
at the level of the universal extraction (FLY-CODE).
- Fixed errors and omissions identified for previous versions
Packers, accelerated their testing: MPRESS; MOLEBOX; PELOCK; ENIGMA; NSPACK;
NTKRNL; EXECRYPTOR; PESPIN; EXPRESSOR; ASPROTECT; PECOMPACT; PACKMAN; SEA;
ULTRAPROTECT; ASPACK; PETITE; NEOLITE; GENPACKER; BERO; RCRYPTOR; PECRYP
Takes 20 minutes now to make a complete scan, instead of over 3 hours with the old engine. With same settings.
Now all we need to do is get a reasonable idea of the protection level provided. Time for Dr web to come back to mainstream testing org's.
I've been trying out Dr Web on a laptop I have and I have to say that I'm pretty impressed by it. It is running very light and has a nice clean UI (minimalistic). I've tossed a few malicious links at it to see how DR.W responds and it did just fine. I've considered purchasing it but wrong time of year for me; i'm broke.
My only problem is that I do not have an "infected" PC so that I can give the new Dr.Web CureIt a try.
I'd have to go to Security space for the HTTP scanner as the Av doesn't have it. Price for Av not bad.
What's resource usage like? I presume your using the Av not the suite.
Haven't noticed any performance issues. I have used Dr.Web with my old 2006 computer with single core and 1gb of memory and my current i5-2500/8gb. It works fine with both, no slowdowns or such problems.
I'd say it is difficult to give exact numbers about CPU usage and memory usage, since the program tries to "think":
"The new engine supports dynamic memory use, so the amount of memory allocated to the anti-virus changes depending on the system performance and concurrent user and system tasks. Memory allocation is performed in real time, so the system performance doesn't decrease while the anti-virus extracts large files. Anti-virus operation in multi-core systems has been optimized similarly"
"The new system resource manager estimates current system load before utilizing resources for scanning. The Scanning Engine service controls engine memory operations and decides whether the engine should be given all the memory available or make sure users can perform their tasks undisturbed. The new engine can also determine a reasonable scanning depth for a particular object, so valuable system resources won't be wasted"
With the scanner component it's also possible to limit the resource usage, for example 50% or 25% during scanning.
Cure It now has this engine? Because i didnt feel any improvement.
Core I5 2500 + 8gb ram ( dual channel )+ Windows 7 x64
This is strange. But multi-core mode is not used in CureIt!
Dang nice improvement. About time I might add.
This is great news actually. I had to leave my computer on overnight just for a Dr.Web scan to finish. Not anymore!
Will the new and faster scanning engine be included in the Dr.Web LiveCD?
The news is in Russian now
Will the new and faster scanning engine be included in the Dr.Web Live USB?
Yes. It's true.
Where can you purchase Dr. Web products in US dollars, not euros?
I've seen some items listed on ebay for $2.00 but I'm sure they are not legitimate.
Choose a partner of DrWeb which you are interested in need country
I have bought from this vendor on many occasions with no issues.
Why does the 2011/12/14 17:49 Dr.Web Live CD have a much longer scan time than Dr.Web CureIt?
Already replied to the topic
Why Dr.Web CureIt still shows v. 6.00? Also, the scanning isn't improved here, what may be wrong?
Read About in scanner.
difference in speed is very noticeable in favor of a new CureIt! (with bases and kernel version 7). But when checking the same folder scanner installed version of the 7th and CureIt! with databases and kernel version 7 will be very different to modern multi-core processors. In CureIt! old scanner that does not support multithreading. But it "thing in itself" is completely independent, and the scanner of the 7th version is only the graphics add to the service dwengine.exe
I'm using it on an old Athlon64 3500+ and it feels pretty light but the scanner is still slow for my taste.
Separate names with a comma.