Anti-virus agent is a component of Dr.Web AV-Desk, which is installed on all computers running Windows/macOS and mobile devices running Android on the protected network.
After signing up for the service a customer receives an installer (about 1100KB) download link. The executable file contains a unique subscriber UID generated by the server and stored in the database. Once the installer is launched, a TCP/IP connection is established between the user machine and the anti-virus server and the identification procedure is performed. If the computer is identified, the main anti-virus package is downloaded from the server. Updating and configuration of anti-virus packages is carried out according to instructions received from the server.
Anti-virus agent components
The anti-virus detects malware and cures infected files.
The anti-spam automatically detects and filters out unwanted emails (spam) in any language.
The HTTP monitor scans web pages in real-time and blocks access to dangerous sites, such as those used for phishing attacks.
Parental/Office Control — restricts user access to certain websites and local directories (including removable data storage devices) .
The firewall protects the computer from unauthorized access and prevents sensitive data from being leaked over the network.
The anti-theft can pinpoint the location of or quickly lock a lost or stolen mobile device.
- Dr.Web scanner for Windows
- Carries out a full scan of the system memory, active processes and files launched at system’s startup.
- Scans archived files at any nesting level including files placed in multi-volume and self-extracting archives.
- High-speed on demand scan performed by the multi-threat anti-virus engine.
- Dr.Web Shield™ is the scanner module that enables the anti-virus to neutrolize rootkits.
- Dr.Web SelfPROtect controls prevents malicious programs from accessing a network, files and folders, certain branches of the Windows Registry and removable data-storage devices on the system driver level and protects the software from anti-antiviruses aiming to disrupt operation of Dr.Web.
- SpIDer Guard® resident monitor
- A powerful tool for real-time anti-virus protection
- All calls to files located on local drives, floppy discs, CDs, flash-drives or smart cards are monitored on-access by the SpIDer Guard.
- SpIDer Guard is extremely resistant to attempts of malicious programs to disrupt its operation.
- Implemented as a Windows service, SpIDer Guard enables an administrator to restrict users’ rights to modify settings of the resident monitor.
- SpIDerMail® resident monitor
- On access” filtering of incoming and outgoing POP3/SMTP/IMAP4/NNTP traffic
- Scanning of incoming and outgoing messages is performed prior to their receipt by a server.
- Detection and blocking of malicious activities based on analysis aiming to find attributes characteristic of mail worms.
- Unlike anti-spam solutions based on Bayesian filter Dr.Web anti-spam doesn’t require any tuning before one is able to use it
- With the language-independent analysis it successfully identifies spam messages in any language.
- Different filtering technologies for different types of undesired mail provide high detection probability.
- Unique spam detection technologies based on several thousands of rules do not require frequent updates (updated once in 24 hours).
- Filtered messages are never deleted but automatically placed into a special folder.
- SpIDer Gate™
- Filters HTTP traffic for viruses.
- Parental/Office control
- A list of websites to be blocked; both individual addresses and keywords found in URLs can be specified in this block list. Block of access to removable data storage devices (flash drives, USB-devices)files, folders or network drives which serves as an additional measure to protect data from deletion or unauthorized access.
- Proxy server
This component can optionally be included in an anti-virus network.. – The Proxy Server's main purpose is to facilitate the connection between the Dr.Web Server and the Dr.Web Agents, if direct communication between the hosts is not possible.
For example, if the Dr.Web Server and Dr.Web Agents are located in different networks, between which there is no packet routing.
Caching can also reduce traffic and enable Enterprise Agents to get updates sooner.