How to open check results
•If Dr.Web Scanner detects threats, the sign appears on the screen.
To open check results, tap the sign.
•If SpIDer Guard detects a suspicious change in system area or a threat, the following items appear on the screen:
•The icon (on Android 4.4—) on Android status bar in the top left-hand screen corner.
•Pop-up notification at the bottom part of the screen (see ).
•The icon on the .
•A message with red indicator on the .
To open check results, tap the icon or the status bar message.
Figure 15. Check results
On the screen, you can review a list of threats and changes in system area. For each object, its type and title are specified as well as the option icon that is recommended to select for the object.
Objects are marked in different colors depending on the danger degree. Threat types with decreasing danger order:
•New files in system area
•Change of system files
•Deletion of system files
To view the file path, tap the threat. For threats that are detected in applications, the application package name is also specified.
To delete or move to quarantine multiple threats, on the screen in the top right corner, tap and select or .
Each object has its own set of available options. To expand the option list, tap the object. Recommended options are placed first. Select one of the options:
The option is available for some if root access is allowed on the device.
In some cases, Dr.Web cannot delete applications that use accessibility features of Android. If Dr.Web does not delete the app after you tap , reboot to safe mode and delete the app manually.
The option is not available for in the following cases:
•If root access is not allowed on your device.
•If the application cannot be safely deleted.
•If a threat modification is detected. To identify if the app does pose a threat, report false positive.
If the threat is detected in an installed application, it cannot be moved to quarantine. In this case, the option is not available.
or to send the file to Doctor Web anti-virus laboratory for analysis. The analysis will show if there is a threat or a false positive. If it is a false positive, it will be fixed. To receive the analysis results, enter your email.
If the file has been sent to the laboratory successfully, the option is automatically applied to the object.
The option is available only for added or changed executable files: APK, files of format ELF, JAR, ODEX, SO, etc.
The option is available for threat modifications and for threats detected in system area.