In the [Actions] section, you can specify actions applied upon detection of a threat or occurrence of an error. The following actions are available:
•pass – pass the file; •cure – attempt to cure an infected file. If the file cannot be cured, an action specified in the Incurable parameter is applied; •report – only send notification (see description of the [Notifications] section); •quarantine – move the file to the Quarantine directory; •remove – remove the file. Information on every applied action is logged. If enabled in the [Notifications] section, notification on every applied action, except pass, is sent.
Parameter
|
Description
|
[Actions]
|
Infected = {action}
|
Reaction to an object infected with a known virus.
You can specify one of the following actions:
remove, quarantine, cure
Default value:
Infected = cure
|
Suspicious = {action}
|
Reaction to a suspicious object that can be infected with an unknown virus (according to heuristics analysis results).
You can specified one of the following actions:
remove, quarantine, pass, report
Default value:
Suspicious = quarantine
|
Incurable = {action}
|
Reaction to to an infected object which cannot be cured (only if Infected = Cure).
You can specify one of the following actions:
remove, quarantine
Default value:
Incurable = quarantine
|
Adware = {action}
|
Reaction to an object containing an advertising program (adware).
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
Adware = quarantine
|
Dialers = {action}
|
Reaction to an object containing a dialer program.
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
Dialers = quarantine
|
Jokes = {action}
|
Reaction to an object containing a joke program.
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
Jokes = report
|
Riskware = {action}
|
Reaction to riskware (programs that can be used to harm the system).
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
Riskware = report
|
ArchiveRestriction = {action}
|
Reaction to an archive that cannot be scanned by Dr.Web Daemon because a threshold value specified in the main configuration file drweb32.ini was exceeded.
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
ArchiveRestriction = quarantine
|
Hacktools = {action}
|
Reaction to a program used for hacking.
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
Hacktools = report
|
SkipObject = {action}
|
Reaction to an object that cannot be scanned by Dr.Web Daemon
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
SkipObject = report
|
DaemonError = {action}
|
Reaction to an object that caused errors during scanning.
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
DaemonError = quarantine
|
LicenseError = {action}
|
Reaction to an object during scanning of which a license error occurred.
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
LicenseError = report
|
ProcessingError = {action}
|
Reaction to an object during processing of which an error in NSS Daemon operation occurred.
You can specify one of the following actions:
remove, quarantine, pass, report
Default value:
ProcessingError = report
|
|