Check Results
How to open check results •If Dr.Web Scanner detects threats, the icon appears on the screen. To open check results, tap the icon. •If SpIDer Guard detects a suspicious change in the system area or a threat, the following items appear on the screen: ▫An icon on the Android status bar in the top-left screen corner: ▪ on Android 4.4, ▪ on Android 5.0–11.0, ▪ on Android 12.0 or later. ▫A pop-up notification about detection of a threat (see Figure 13). ▫The (on Android 11.0 or earlier) or (on Android 12.0 or later) icon on the notification bar. ▫A message with a red indicator on the status bar. To open check results, tap the () icon or the status bar message.
Figure 16. Check results Neutralizing Threats On the Check results screen, you can review the list of threats and changes in the system area. For each object, its type and name are specified, as well as the icon of the recommended option for the object. Objects are marked in different colors depending on the degree of danger. Listed below are the threat types in decreasing danger order: 1.Malware. 2.Riskware. 3.Hacktool program. 4.Adware. •New files in system area. •Change of system files. •Deletion of system files. 6.Joke program. To view the file path, select the object. For threats that are detected in apps, the app package name is also specified. To delete all threats •In the top-right corner of the Check results screen, select > . To move all threats to the quarantine •In the top-right corner of the Check results screen, select > . Neutralizing one threat at a time Each object has its own set of available options. To expand the option list, select the object. Recommended options are placed first. Select one of the options: to cure the infected application. The option is available for some threats in system applications if root access is enabled on the device. to delete the threat from your device. In some cases, Dr.Web cannot delete applications that use Android accessibility features. If Dr.Web does not delete the app after you select the option, reboot to safe mode and delete the app manually. If access to accessibility features has been granted to Dr.Web, the app will be deleted automatically once you select the option. The option is not available for threats in system applications in the following cases: •If root access is not allowed on your device. •If the application cannot be safely deleted. •If a threat modification is detected. To identify if the app does pose a threat, report a false positive. to move the threat to an isolated folder (see Quarantine). If the threat is detected in an installed application, it cannot be moved to the quarantine. In this case, the option is not available. to temporarily leave the change in the system area or the threat as it is. to block all internet connections for the application. The option is available for threats in system applications. or to send the file to the Doctor Web anti-virus laboratory for analysis. The analysis will show if there is a threat or it is a false positive. If it is a false positive error, it will be fixed. To receive the analysis results, enter your email address. If the file is sent to the laboratory successfully, the option is automatically applied to the object. The option is available only for added or changed executable files in the system area: .jar, .odex, .so, APK, ELF files, etc. The option is available only for threat modifications and for threats detected in the system area. to view the detected object description on the Doctor Web website. |