Scanner

A component which performs scanning of file system objects (files, directories, boot records) at user request or according to the schedule to detect threats. The user can start scanning both from a graphical mode or the command line.

SpIDer Guard

A resident mode component that tracks file operations (such as creating, opening, closing, and launching). It sends requests to the Scanner to scan the contents of new and modified files, as well as executable files when programs are launched. It works with the OS file system using the fanotify system mechanism or a special kernel module (LKM, i.e. Linux Kernel Module) developed by Doctor Web. When using the fanotify system mechanism, the monitor can operate in an enhanced mode, blocking access to not yet checked files (all types or executables only) until the scan is completed. By default, the enhanced monitoring mode is disabled.

SpIDer Gate

A component which works in a resident mode and monitors all network connections.

•It checks whether the URL is present in databases of web resource categories or in user black lists; blocks access to the websites if URLs targeting them are included in a user black list or fall under categories marked as unwanted.

•It blocks sending e-mail messages if they contain dangerous objects or unwanted links.

•The component also sends Scanner files downloaded from the internet (from servers access to which is not restricted) and blocks downloading them if they contain threats.

Additionally, if allowed by the user, the component sends requested URLs to Dr.Web Cloud service for a scan.

Scanning Engine

A core component of the anti-virus solution. It is used by Scanner to detect viruses and malicious programs as well as to analyze suspicious behavior.

Dr.Web Anti-Spam

A component which performs scanning of email messages for spam. This component is not included in versions for ARM64 and E2K architecture.

Virus databases

An automatically updated database containing information about known threats and used by the scanning engine to detect and cure them.

Database of web resource categories

An automatically updated database containing a list of web resources separated into categories and used by SpIDer Gate to block access to unwanted websites.

Updating component

A component which automatically downloads updates of virus databases, databases of web resource categories and scanning engine from Doctor Web update servers (both scheduled and on demand).

Graphical management interface

A component which provides a window graphical interface for management of Dr.Web for Linux. It allows users to run scanning of file system objects in the graphical mode, manage operation of SpIDer Guard and SpIDer Gate, view the quarantine contents, start receiving updates, and also configure Dr.Web for Linux operation.

Notification agent

A component which works in a background mode. It displays pop-up notifications on events and Dr.Web for Linux indicator in the notification area, runs scheduled scanning. By default it is launched when a user session starts in the desktop environment.

License Manager

A component which facilitates managing licenses in a graphical mode. It allows to activate a license or a demo period, view information about the current license, renew it, and install or remove a license key file.