Completely revised! Real-time protection (SpIDer Guard® resident monitor)
Real-time monitoring of the system’s health — interception of all calls to files located on local drives, floppy discs, CD/DVD/ Blue-ray disks, flash-drives or smart cards.
Industry pacesetter! High resistance to attempts of malicious programs to disrupt operation of SpIDer Guard or to stop it.
Improved! Anti-rootkit technology (Dr.Web Shield™)
Reliable protection of the system from viruses featuring rootkit-technologies that allow them to hide their presence in the compromised system.
Industry pacesetter! Neutralization of complex rootkits (Shadow.based (Confińker), MaosBoot, Rustock.C, Sector).
Improved! Virus-free e-mail (SpIDer Mail® monitor)
Virus scan of e-mails over SMTP/POP3/NNTP/IMAP4 doesn’t affect performance of mail clients and doesn’t cause a receipt delay.
Customizable actions for different types of malicious objects – viruses, riskware, adware, hack-tools, paid dialers, jokers.
Protection from mass mailings of worms through analysis of contents and sending time of outgoing messages which may indicate malicious activities.
New! Protection from network attacks (Dr.Web Firewall)
Protection from unauthorized access from Internet, data leak prevention, blocking of suspicious connections on package and application layers.
Application layer connections control allows monitoring interaction of applications and processes with network resources and registering all access attempts in the applications log.
The packet layer filtering allows controlling connection to the Internet regardless of an application that uses it. The packet filter log stores information about packets sent over network interfaces.
Technologies
The quality of an anti-virus application is defined not only by its ability to detect viruses but to restore files to their original state instead of deleting an infected file that may contain important information.
Cures viruses
Dr.Web anti-virus functions on infected computers, its exceptional resistance to viruses makes it a stand out among anti-viruses..
Dr.Web is the best at curing active infections in the industry.
Unique technologies for scan of processes in the memory and outstanding active infection neutralization capabilities allow installing Dr.Web onto the infected system without its preliminary curing.
High probability to launch a scanning process in the infected system even from a remote data-storage device without installation (e.g. from a USB flash drive).
Self-protection
Immunity to any attempts to disrupt operation of Dr.Web is ensured by the unique self-defence component Dr.Web SelfPROtect.
Dr.Web SelfPROtect is implemented as a driver that operates on the lowest system level. The driver can’t be stopped or unloaded without a system reboot.
Dr.Web SelfPROtect can restrict access to a network, files and folders, certain branches of the Windows Registry and removable data-storage devices on the system driver level and protects the software from anti-antiviruses aiming to disrupt operation of Dr.Web.
Some anti-viruses modify the Windows kernel (intercept interrupts, change vector tables or use other undocumented features). It may have a negative impact on the stability of a system and path new ways for malicious programs to get into a system. At the same time Dr.Web SelfPROtect maintains security of the anti-virus and doesn’t interfere with routines of the Windows kernel.
Unique engine features
Scan of archived files at any nesting level
Reliable detection of packed objects, their detailed analysis aimed at exposing hidden threats.
Leader in detection and neutralization of complex rootkits (Shadow.based (Confińker), MaosBoot, Rustock.C, Sector).
Intelligent memory scan technologies allow blocking a virus in the RAM before it replicates itself to a hard drive and therefore lowering the probability for malware to exploit a vulnerability of a third-party application or of the operating system itself.
Dr.Web is capable of detecting and neutralizing viruses that can be found only in RAM and do not exist as files on disks, e.g. Slammer or CodeRed.
Detection of unknown threats
FLY-CODE is a unique universal decompression technology enabling Dr.Web to unpack data compressed with unknown packers.
The cutting-edge non-signature scan technology Origins Tracing™ provides a high probability of detection of viruses unknown to Dr.Web
The heuristic analyzer detects most known threats with its analysis based on criteria typical of various groups of malicious programs.
Key features
Improved! Dr.Web Scanner provides even more reliable detection and neutralization of viruses and malicious objects on hard drives, removable drives and in RAM.
New! Fully upgraded SpIDer Guard® ensures even more efficient interception of all calls to files located on local drives, floppy discs, CD/DVD/ Blue-ray disks, flash-drives and smart cards.
Improved! Protection from malicious programs that use rootkits technologies.
Improved! Detection and neutralization of viruses that can be found only in RAM and do not exist as files on disks.
Protection from unknown threats using the improved non-signature detection technology Origins Tracing™ and the intelligent heuristic analyzer.
Improved! Detection of viruses in archives at any nesting level and in packed objects.
Improved! Scan of files compressed with unknown packers using the FLY-CODE™ technology.
Improved! Scan of incoming and outgoing POP3/SMTP/IMAP/NNTP traffic.
Protection from mass mailings initiated by worms.
New! Protection from unauthorized access from a network, data leak prevention, blocking of suspicious connections on packet and application layers.
On-demand scans\individual PC scan schedules.
Automatic retrieval of virus definitions updates and customizable updating frequency.
Automatic notifications upon detection of infected, incurable or suspicious objects.
Virus database updating reminder.
Centralized configuration of all components.
Transparent operation – detailed reports regarding operation of each module.
