|
SpIDer, a new antivirus program, is built
around a unique intellectual technology for controlling viral activity,
called SpIDer-Netting. This technology is developed by ID
Anti-Virus Laboratory, DialogueScience, Inc.
The traditional approach to this problem (implemented in all other
memory-resident monitors and guards) is to watch "suspicious" activity,
such as writes to executable files (COM, EXE, DLL, etc.) and system
areas, interception of the file-handling interrupts (int21), etc.
However, these operations are performed by uninfected programs much more
often than by viruses. As a result, the existing guards trigger a large
number of false alarms, which hampers normal use of a computer.
SpIDer-Netting's unique features dramatically decrease the false
alarm rate and, at the same time, block up malicious activity of
virtually all known (as well as unknown!) viruses.
What is the essence of this technology? SpIDer carefully analyses
all "suspicious" activity of the running programs. The
SpIDer-Netting technology relies on a unique decision-making
system that allows SpIDer to detect and disable all types of viral
activity (e.g. infection of files, destructive functions, etc.).
SpIDer-Netting prevents contamination even if the infector can't
be identified by Doctor Web's heuristic analyzer. In other words,
even if DrWeb failes to detect a well disguised unknown virus in a
program body, the virus will be caught by SpIDer when it attempts to
activate.
While other memory-resident monitors often respond to each "virus-like"
action and irritate the user with their obtrusive suspiciousness,
SpIDer undertakes a heuristic analysis of a whole set of
potentially dangerous operations and avoids false alarms in most cases.
At the same time, intensive testing has shown that SpIDer successfully
detects more than 90% of viruses "in the wild".
|
