My library

+ Add to library


Dr.Web technologies

Dr.Web was one of the first anti-viruses in the world. Development of the Dr.Web anti-virus got underway in the first half of the 1990s when the Internet was just starting to grow and was not yet a "global network", and only a few enterprises could afford to use it.

A short journey into the history
of virus and anti-virus "pioneers"

Learn more »


More than 28 years on the extremely competitive market of anti-virus protection solutions

Long gone are the days when anti-viruses only used signatures to detect malware (i.e., when they could only detect viruses whose definitions were in their virus databases). Today's Dr.Web anti-virus is a set of heuristic, behavioural, and preventive non-signature detection technologies which, when combined with the signatures in the virus databases, allow the anti-virus to protect computers from known threats and newly emerged, unknown threats

All rights to Dr.Web anti-virus technologies are reserved by Doctor Web.

Anti-virus engine non-signature technologies

The company's software incorporates a proprietary anti-virus engine — only a few companies in the world have their own engine; most companies license one from other anti-virus vendors.

Learn more

Preventive protection technologies

Dr.Web can recognise suspicious programs that have similar behaviour patterns and block their operation even if their definitions haven't yet been added to the Dr.Web virus database.

Learn more

Anti-spam technologies

Email has long been the main source for the spread of infection-carrying malicious programs. It's impossible to ensure the complete security of a system unless it is protected from threats contained in unwanted emails—spam and phishing messages.

How can anti-spam technologies help Dr.Web prevent systems from getting infected?

The Dr.Web virus database

Pure signature-based anti-viruses—i.e., those that detect malware only by using the definitions in their virus databases—died out in the 1990s with the appearance of ever-changing polymorphic viruses that could not be detected by their signatures (by the way, this is what led to the emergence of the Dr.Web anti-virus).

If anti-viruses today were able to recognise new viruses only according to the entries in their virus databases, those databases would be so large that no computer’s memory could accommodate them, scanning would take ages, and PC performance would be severely handicapped.

How does Dr.Web’s one-of-a-kind virus database work?

The global update system

Like any other program, an anti-virus needs to be updated frequently. The global Dr.Web virus-monitoring system collects virus samples all over the Internet. As soon as an update is released, anti-viruses can retrieve it from several servers located at various points of the globe. Urgent updates are released as soon as the analysis of a new threat is complete.

Learn more

Curing viruses

An anti-virus should prevent systems from getting infected.
But if an infection occurs, it should neutralise the malware that has managed to get into the system.

How does Dr.Web accomplish this task?


When your system has been infected in spite of your best efforts or it has been infiltrated by a malware program that has been specially designed to neutralise your anti-virus, your anti-virus protection system’s ability to withstand infection comes to the fore.

Dr.Web is immune to any attempts by malicious programs to disrupt its operation. Dr.Web SelfPROtect is a unique anti-virus component that maintains anti-virus security.

Find out more

Anti-virus testing

Every day Dr.Web is tested under real conditions—no user whose system was protected by Dr.Web was affected during the WannaCry outbreak. Can test winners boast such results?

Companies and home users rely on the results of tests that check only how anti-viruses detect threats similar to those they already know. The tests don't show whether an anti-virus is capable of recognising a threat that has been designed to evade being detected by that very application.

"Anti-virus tests have become a marketing tool. Supposedly performed by so-called independent experts, they misguide users who blindly trust them. The Russian market is awash with slickly marketed foreign products that are technologically weak and unreliable. And while damage to a home system may amount to a few hundred dollars, a large enterprise can meet catastrophe when it adopts a technologically outdated product. This is especially true for government entities".

Igor Danilov during an interview with CNews

And what do you think a real anti-virus should be?

"There is only one criterion — the quality. But, unfortunately, that can only be tested by users themselves".

Igor Danilov during an interview with CNews

Alas, a malware outbreak is the only reliable way to assess the effectiveness of an anti-virus.

Myths about anti-viruses

Learn more »