-h,
--help

Show summary help information and exit.

For information on a certain command, enter the following:

drweb-ctl -h <command> or drweb-ctl <command> -h

-v,
--version

Show information on the module version and exit

-d,
--debug

Instructs to show debug information upon execution of the specified command.

Has no effect if a command is not specified. To invoke a command, enter the following:

drweb-ctl -d <command>

scan <path>

Function

Start checking the specified file or directory via Dr.Web File Checker component.

Arguments

<path> — path to the file or directory which is selected to be scanned.

This argument can be missing if the --stdin or --stdin0 option is specified.

To specify several files that satisfy a certain criterion, use the find utility (see the examples) and the --stdin or --stdin0 options.

Options

-a [--Autonomous] — Start a separate instance of Dr.Web Scanning Engine scanning engine and file checking module Dr.Web File Checker for scan and terminate their operation after the scanning task completes. Note that threats detected during autonomous scanning are not displayed in the common threat list that is output by threats command (see below).

--stdin — Get list of paths to scan from the standard input string (stdin).

Paths in the list must be separated by the new line character ('\n').

--stdin0 — Get list of paths to scan from the standard input string (stdin).

Paths in the list must be separated by the NUL character ('\0').

Note that templates are not allowed when specifying paths for either of these options.

Recommended usage of the --stdin and --stdin0 options is processing a path list (generated by an external utility, for example, find) in the scan command (see examples).

--Report <BRIEF|DEBUG> — specify the type of scanning results reports.

Allowed values:

•BRIEF — brief report.

•DEBUG — detailed report.

Default value: BRIEF

--ScanTimeout <number> — specify timeout to scan one file, in ms.

If the value is set to 0, time to scan a file is not limited.

Default value: 0

--PackerMaxLevel <number> — set the maximum nesting level when scanning packed objects.

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ArchiveMaxLevel <number> — set the maximum level of nesting when scanning archives (zip, rar, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--MailMaxLevel <number> — set the maximum level of nesting when scanning email messages (pst, tbb, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ContainerMaxLevel <number> — set the maximum level of nesting when scanning containers of other types (HTML and others).

If the value is set to 0, nested objects are skipped during scanning.

Default values: 8

--MaxCompressionRatio <ratio> — set the maximum compression ratio for scanned objects.

The ratio must be at least equal to 2.

Default value: 3000

--HeuristicAnalysis <On|Off> — enable or disable heuristics analysis.

Default value: On

--OnKnownVirus <action> — action applied to a threat detected using signature analysis.

REPORT, CURE, QUARANTINE, DELETE.

Default value: REPORT

--OnIncurable <action> — action applied on failure to cure a detected threat or if a threat is incurable.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnSuspicious <action> — action applied to a threat detected using heuristics analysis.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnAdware <action> — action applied to adware.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnDialers <action> — action applied to dialers.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnJokes <action> — action applied to joke programs.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnRiskware <action> — action applied to potentially dangerous programs (riskware).

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnHacktools <action> — action applied to hacktools.

Allowed values: REPORT, QUARANTINE, DELETE.

Default values: REPORT

bootscan

<disk drive> | ALL

Function

Start checking boot records on the specified disks via Dr.Web File Checker component. Both MBR and VBR records are scanned.

Arguments

<disk drive> — path to a block file of the disk device, which boot record is to be scanned.

If you specify ALL, all boot records of all available disks are scanned.

Mandatory argument.

Options

a [--Autonomous] — start a separate instance of Dr.Web Scanning Engine scanning engine and file checking module Dr.Web File Checker for scanning and terminate their operation after the scanning task completes. Note that threats detected during autonomous scanning are not displayed in the common threat list that is output by threats command (see below).

--Report <BRIEF|DEBUG> — specify the type of scanning results reports.

Allowed values:

•BRIEF — brief report.

•DEBUG — detailed report.

Default value: BRIEF

--ScanTimeout <number> — specify timeout to scan one file, in ms.

If the value is set to 0, time to scan one file is not limited.

Default value: 0

--HeuristicAnalysis <On|Off> — enable or disable heuristics analysis.

Default value: On

--Cure <Yes|No> — enable or disable attempts to cure detected threats.

If the value is set to no, only notification is output.

Default value: No

--ShellTrace — enable output of additional debug information when scanning a boot record.

procscan

Function

Start checking executable files containing code of currently running processes via Dr.Web File Checker component. If a malicious executable file is detected, it is neutralized and all processes run by this file are forced to terminate.

Arguments

No.

Options

a [--Autonomous] — start a separate instance of Dr.Web Scanning Engine scanning engine and file checking module Dr.Web File Checker for scanning and terminate their operation after the scanning task completes. Note that threats detected during autonomous scanning are not displayed in the common threat list that is output by threats command (see below).

--Report <BRIEF|DEBUG> — specify the type of scanning results reports.

Allowed values:

•BRIEF — brief report.

•DEBUG — detailed report.

Default value: BRIEF

--ScanTimeout <number> — specify timeout to scan one file, in ms.

If the value is set to 0, time to scan one file is not limited.

Default value: 0

--HeuristicAnalysis <On|Off> — enable or disable heuristics analysis.

Default value: On

--PackerMaxLevel <number> — set the maximum nesting level when scanning packed objects.

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--OnKnownVirus <action> — action applied to a threat detected using signature analysis.

REPORT, CURE, QUARANTINE, DELETE.

Default value: REPORT

--OnIncurable <action> — action applied on failure to cure a detected threat or if a threat is incurable.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnSuspicious <action> — action applied to a threat detected using heuristics analysis.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnAdware <action> — action applied to adware.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnDialers <action> — action applied to dialers.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnJokes <action> — action applied to joke programs.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnRiskware <action> — action applied to potentially dangerous programs (riskware).

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnHacktools <action> — action applied to hacktools.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

Note that if a threat is detected in an executable file, Dr.Web for UNIX File Servers terminates all processes started from the file.

netscan <path>

Function

Start distributed scanning of the specified file or folder (via agent for distributed scanning Dr.Web Network Checker). If connections to other hosts with Dr.Web Anti-virus Solution are not found, a local scanning is performed (similar to scan command).

Arguments

<path> — path to the file or directory which is selected to be scanned.

Options

--Report <BRIEF|DEBUG> — specify the type of scanning results reports.

Allowed values:

•BRIEF — brief report.

•DEBUG — detailed report.

Default value: BRIEF

--ScanTimeout <number> — specify timeout to scan one file, in ms.

If the value is set to 0, time to scan one file is not limited.

Default value: 0

--HeuristicAnalysis <On|Off> — enable or disable heuristics analysis.

Default value: On

--PackerMaxLevel <number> — set the maximum nesting level when scanning packed objects.

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ArchiveMaxLevel <number> — set the maximum level of nesting when scanning archives (zip, rar, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--MailMaxLevel <number> — set the maximum level of nesting when scanning email messages (pst, tbb, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ContainerMaxLevel <number> — set the maximum level of nesting when scanning containers of other types (HTML and others).

If the value is set to 0, nested objects are skipped during scanning.

Default values: 8

--MaxCompressionRatio <ratio> — set the maximum compression ratio for scanned objects.

The ratio must be at least equal to 2.

Default value: 3000

--Cure <Yes|No> — enable or disable attempts to cure detected threats.

If the value is set to no, only notification is output.

Default value: No

flowscan <path>

Function

Start scanning the specified file or directory via Dr.Web File Checker component using "flow" method (used by SpIDer Guard monitor).

For scanning on demand it is recommended to use the scan command.

Arguments

<path>—path to the file or directory which is selected to be scanned.

Options

--ScanTimeout <number> — specify timeout to scan one file, in ms.

If the value is set to 0, time to scan one file is not limited.

Default value: 0

--HeuristicAnalysis <On|Off> — enable or disable heuristics analysis.

Default value: On

--PackerMaxLevel <number> — set the maximum nesting level when scanning packed objects.

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ArchiveMaxLevel <number> — set the maximum level of nesting when scanning archives (zip, rar, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--MailMaxLevel <number> — set the maximum level of nesting when scanning email messages (pst, tbb, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ContainerMaxLevel <number> — set the maximum level of nesting when scanning containers of other types (HTML and others).

If the value is set to 0, nested objects are skipped during scanning.

Default values: 8

--MaxCompressionRatio <ratio> — set the maximum compression ratio for scanned objects.

The ratio must be at least equal to 2.

Default value: 3000

--OnKnownVirus <action> — action applied to a threat detected using signature analysis.

REPORT, CURE, QUARANTINE, DELETE.

Default value: REPORT

--OnIncurable <action> — action applied on failure to cure a detected threat or if a threat is incurable.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnSuspicious <action> — action applied to a threat detected using heuristics analysis.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnAdware <action> — action applied to adware.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnDialers <action> — action applied to dialers.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnJokes <action> — action applied to joke programs.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnRiskware <action> — action applied to potentially dangerous programs (riskware).

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

--OnHacktools <action> — action applied to hacktools.

Allowed values: REPORT, QUARANTINE, DELETE.

Default value: REPORT

proxyscan <path>

Function

Start scanning the specified file or directory via Dr.Web File Checker component using "proxy" method (used by SpIDer Guard for SMB monitor and Dr.Web ClamD component). Note that threats detected during this scanning method are not added to the general list of detected threats output by threats command (see below).

For scanning on demand it is recommended to use the scan command.

Arguments

<path> — path to the file or directory which is selected to be scanned.

Options

--Report <BRIEF|DEBUG> — specify the type of scanning results reports.

Allowed values:

•BRIEF — brief report.

•DEBUG — detailed report.

Default value: BRIEF

--ScanTimeout <number> — specify timeout to scan one file, in ms.

If the value is set to 0, time to scan one file is not limited.

Default value: 0

--HeuristicAnalysis <On|Off> — enable or disable heuristics analysis.

Default value: On

--PackerMaxLevel <number> — set the maximum nesting level when scanning packed objects.

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ArchiveMaxLevel <number> — set the maximum level of nesting when scanning archives (zip, rar, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--MailMaxLevel <number> — set the maximum level of nesting when scanning email messages (pst, tbb, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ContainerMaxLevel <number> — set the maximum level of nesting when scanning containers of other types (HTML and others).

If the value is set to 0, nested objects are skipped during scanning.

Default values: 8

--MaxCompressionRatio <ratio> — set the maximum compression ratio for scanned objects.

The ratio must be at least equal to 2.

Default value: 3000

rawscan <path>

Function

Start "raw" scanning of the specified file or directory using scanning engine Dr.Web Scanning Engine directly without use of the component for checking files Dr.Web File Checker. Note that threats detected during "raw" scanning are not added to the general list of detected threats output by threats command (see below).

For scanning on demand it is recommended to use the scan command.

Arguments

<path> — path to the file or directory which is selected to be scanned.

Options

--ScanEngine <path> — path to UNIX socket of the scanning engine Dr.Web Scanning Engine. If not specified, an autonomous instance of scanning engine is started (it is shut down after scanning completes).

--Report <BRIEF|DEBUG> — specify the type of scanning results reports.

Allowed values:

•BRIEF—brief report.

•DEBUG—detailed report.

Default value: BRIEF

--ScanTimeout <number> — specify timeout to scan one file, in ms.

If the value is set to 0, time to scan one file is not limited.

Default value: 0

--PackerMaxLevel <number> — set the maximum nesting level when scanning packed objects.

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ArchiveMaxLevel <number> — set the maximum level of nesting when scanning archives (zip, rar, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--MailMaxLevel <number> — set the maximum level of nesting when scanning email messages (pst, tbb, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ContainerMaxLevel <number> — set the maximum level of nesting when scanning containers of other types (HTML and others).

If the value is set to 0, nested objects are skipped during scanning.

Default values: 8

--MaxCompressionRatio <ratio> — set the maximum compression ratio for scanned objects.

The ratio must be at least equal to 2.

Default value: 3000

--HeuristicAnalysis <On|Off> — enable or disable heuristics analysis.

Default value: On

--Cure <Yes|No> — enable or disable attempts to cure detected threats.

If the value is set to no, only notification is output.

Default value: No

--ShellTrace — enable output of additional debug information when scanning a boot record.

cloudscan <path>

Function

Start scanning of the specified file or directory using information on threats from Dr.Web Cloud service.

Not implemented. For scanning on demand use the scan command.

Arguments

<path> — path to the file or directory which is selected to be scanned.

Options

--Report <BRIEF|DEBUG> — specify the type of scanning results reports.

Allowed values:

•BRIEF — brief report.

•DEBUG — detailed report.

Default value: BRIEF

--ScanTimeout <number> — specify timeout to scan one file, in ms.

If the value is set to 0, time to scan one file is not limited.

Default value: 0

--PackerMaxLevel <number> — set the maximum nesting level when scanning packed objects.

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ArchiveMaxLevel <number> — set the maximum level of nesting when scanning archives (zip, rar, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--MailMaxLevel <number> — set the maximum level of nesting when scanning email messages (pst, tbb, etc.).

If the value is set to 0, nested objects are skipped during scanning.

Default value: 8

--ContainerMaxLevel <number> — set the maximum level of nesting when scanning containers of other types (HTML and others).

If the value is set to 0, nested objects are skipped during scanning.

Default values: 8

--MaxCompressionRatio <ratio> — set the maximum compression ratio for scanned objects.

The ratio must be at least equal to 2.

Default value: 3000

--HeuristicAnalysis <On|Off> — enable or disable heuristic analysis.

Default value: On

--Cure <Yes|No> — enable or disable attempts to cure detected threats.

If the value is set to No, only notification is output.

Default value: No

--ShellTrace — enable output of additional debug information when scanning a boot record.

update

Function

Instruct the updating component to download and install updates to virus databases and components from Doctor Web update servers or terminate an updating process if running.

The command has no effect if Dr.Web for UNIX File Servers is connected to the central protection server.

Arguments

No.

Options

--Stop — terminate the currently performed updating process.

esconnect

<server>[:port]

Function

Connect Dr.Web for UNIX File Servers to the specified central protection server (for example, Dr.Web Enterprise Server). For details, refer to the Operation Modes.

Arguments

•<server> — IP address or network name of the host on which the central protection server is operating. The argument is mandatory.

•<port> — name of the port used by the central protection server. The argument is optional. Specify the argument only if the central protection server uses a non-standard port.

Options

--Key <path> — path to the public key file of the central protection server to which Dr.Web for UNIX File Servers is connected.

--Login <ID> — login (workstation identifier) used for connection to the central protection server.

--Password <password> — password for connection to the central protection server.

--Group <ID> — identifier of the group to which the workstation is added on connection.

--Rate <ID> — identifier of the tariff group applied to a workstation when it is included in one of the central protection server groups (can be specified only together with the --Group option).

--Compress <On|Off> — enables (On) or disables (Off) force compression of transmitted data. When not specified, usage of compression is determined by server.

--Encrypt <On|Off> — enables (On) or disables (Off) force encryption of transmitted data. When not specified, usage of encryption is determined by server.

--Newbie — connect as a "newbie" (get a new account on the server).

--WithoutKey — allows connection to the server without using the public key.

--WrongKey — allows connection to the server even if the specified public key is wrong.

The --Key and --WithoutKey options are mutually exclusive. One of these options must be specified in the command.

Note that this command requires drweb-ctl to be started with superuser privileges.

esdisconnect

Function

Disconnect Dr.Web for UNIX File Servers from the central protection server and switch its operation to standalone mode.

The command has no effect if Dr.Web for UNIX File Servers is in standalone mode.

Arguments

No.

Options

No.

Note that this command requires drweb-ctl to be started with superuser privileges.

cfset

<section>.<parameter> <value>

Function

Change the active value of the specified parameter in the current configuration.

Note that an equal sign is not allowed.

Arguments

•<section> — name of the configuration file where the parameter resides. The argument is mandatory.

•<parameter> — name of the parameter. The argument is mandatory.

•<value> — new value that is to be assigned to the parameter. The argument is mandatory.

The following format is used to specify the parameter value <section>.<parameter> <value>

For description of the configuration file, refer to the Appendix D, or to the man documentation drweb.ini(5).

Options

-a [--Add] — do not substitute the current parameter value but add the specified value to the list (allowed only for parameters that can have several values, specified as a list).

-e [--Erase] — do not substitute the current parameter value but remove the specified value from the list (allowed only for parameters that can have several values, specified as a list).

-r [--Reset] — reset the parameter value to the default. At that, <value> is not required in the command and is ignored if specified.

Options are not mandatory. If they are not specified, the current parameter value (or the list of ones if several values are specified) are substituted with the specified value.

For the -r option, a special syntax to invoke the cfset command is used:

cfset <section>.* -r

In this case, all parameters of the specified section are reset to defaults.

If you specify -r option for sections containing individual parameters of Dr.Web ClamD component connection points and for shared directories for SpIDer Guard for SMB monitor, the parameter value in the individual section will be changed to the value of its "parent" parameter having the same name in the general component settings section.

If it is necessary to add a new section containing individual parameters for a connection point <point> of Dr.Web ClamD or for a Samba shared directory with the <tag>, use the following command:

cfset ClamD.Endpoint.<point>.<parameter> <value>, for example: cfset ClamD.Endpoint.Point1.ClamdSocket 127.0.0.1:3344

cfset SmbSpider.Share.<tag>.<parameter> <value>, for example: cfset SmbSpider.Share.DepartFiles.OnAdware Quarantine

Note that cfset command requires drweb-ctl to be started with superuser privileges.

cfshow

[<section>[.<parameter>]

Function

Output parameters of the current configuration.

The command to output parameters is specified as follows <section>.<parameter> = <value>. Sections and parameters of non-installed components are not output.

Arguments

•<section> — name of the configuration file section, which parameters are to be output. The argument is optional. If not specified, parameters of all configuration file sections are output.

•<parameters> — name of the output parameter. The argument is optional. If not specified, all parameters of the section are output. Otherwise, only this parameter is output. If a parameter is specified without the section name, all parameters with this name from all of the configuration file sections are output.

Options

--Uncut — output all configuration parameters (not only those used with the currently installed set of components). If the option is not specified, only parameters used for configuration of the installed components are output.

--Ini — output parameter values in the INI file format: at first, the section name is specified in square brackets, then the section parameters listed as <parameter> = <value> pairs (one pair per line).

threats

[<command> <object>]

Function

Apply the specified action to detected threats by their identifiers. Type of the action is configured with the specified command option.

If the action is not specified, output information on detected but not neutralized threats.

Arguments

No.

Options

-f [--Follow] — wait for new messages about new threats and output the messages once they are received (interrupt waiting with ^C).

--Cure <threat list> — attempt to cure the listed threats (threat identifiers are specified as a comma-separated list).

--Quarantine <threat list> — move the listed threats to quarantine (threat identifiers are specified as a comma-separated list)

--Delete <threat list> — delete the listed threats (threat identifiers are specified as a comma-separated list).

--Ignore <threat list> — ignore the listed threats (threat identifiers are specified as a comma-separated list).

If it is required to apply the command to all detected threats, specify all instead of <threat list>.

For example, the following command

drweb-ctl threats --Quarantine all

moves all detected malicious objects to quarantine.

quarantine

[<command> <object>]

Function

Apply an action to the specified object in quarantine.

If not specified, the following information is output: object identifier in quarantine and brief information on source files.

Arguments

No.

Options

--Delete <object> – Delete the specified object from quarantine.

Note that objects are deleted from quarantine permanently.

--Cure <object> – Try to cure the specified object in quarantine.

Note that even if the object is successfully cured, it will stay in quarantine. To retrieve the cured object from quarantine, use the --Restore command.

--Restore <object> – Restore the specified object from quarantine to the original location.

Note that this operation may require that drweb-ctl is started with superuser privileges. The object can be restored even if it contains a threat.

As an <object> specify the object identifier in quarantine. To apply the command to all quarantined objects, specify all as an <object>.

For example, the following command

drweb-ctl quarantine --Restore all

restores all objects from quarantine.

nss_threats

Function

Apply the specified action to detected on NSS volumes threats by their identifiers. Type of the action is configured with the specified command option.

If the action is not specified, output information on detected but not neutralized threats.

Arguments

No.

Options

-f [--Follow] — wait for new messages about new threats and output the messages once they are received (interrupt waiting with ^C).

--Cure <threat list> — attempt to cure the listed threats (threat identifiers are specified as a comma-separated list).

--Quarantine <threat list> — move the listed threats to NSS quarantine (threat identifiers are specified as a comma-separated list)

--Delete <threat list> — delete the listed threats (threat identifiers are specified as a comma-separated list).

--Ignore <threat list> — ignore the listed threats (threat identifiers are specified as a comma-separated list).

If it is required to apply the command to all detected threats, specify all instead of <threat list>.

For example, the following command

drweb-ctl nss_threats --Quarantine all

moves all detected malicious objects to NSS quarantine.

Note that this command requires SpIDer Guard for NSS to be started.

nss_quarantine

Function

Apply an action to the specified object in NSS quarantine.

If not specified, the following information is output: object identifier in NSS quarantine and brief information on source files.

Arguments

No.

Options

--Delete <object> – Delete the specified object from NSS quarantine.

Note that objects are deleted from quarantine permanently.

--Cure <object> – Try to cure the specified object in NSS quarantine.

Note that even if the object is successfully cured, it will stay in quarantine. To retrieve the cured object from quarantine, use the --Restore command.

--Rescan <object> – Rescan the specified object in NSS quarantine.

Note that even if rescanned object will clean, it will stay in quarantine. To retrieve the cured object from quarantine, use the --Restore command.

--Restore <object> – Restore the specified object from NSS quarantine to the original location.

Note that this operation may require that drweb-ctl is started with superuser privileges. The object can be restored even if it contains a threat.

--TargetDir <path> – Restore the object which is specified in --Restore option, to the specified directory, instead of its original location.

This option can be used only together with--Restore option.

As an <object> specify the object identifier in NSS quarantine. To apply the command to all quarantined objects, specify all as an <object>.

For example, the following command

drweb-ctl nss_quarantine --Restore all

restores all objects from NSS quarantine.

Note that this command requires SpIDer Guard for NSS to be started.

appinfo

Function

Output information on active Dr.Web for UNIX File Servers modules.

Arguments

No.

Options

-f [--Follow] — wait for new messages on module status change and output them once such a message is received (interrupt waiting with ^C).

baseinfo

Function

Output information on the current version of the Dr.Web Virus-Finding Engine and status of virus databases.

Arguments

No.

Options

No.

license

Function

Output information on the active license.

Arguments

No.

Options

No.

stat

Function

Output statistics on operation of components that process files (^C or q interrupts the statistics display) or on operation of network scanning agent Dr.Web Network Checker. The statistics output includes:

•Name of the component that initiated scanning

•PID of the component

•Average number of files processed per second in the last minute, 5 minutes, 15 minutes

•Percentage usage of the scanned files cache

•Average number of scan errors per second.

For a distributed scanning agent, the following information is output:

•List of local components that initiated scanning

•List of remote hosts that received files for scanning

•List of remote hosts that sent files for scanning

For local clients of the distributed scanning agent , their PID and name are specified; for remote clients — address and port of the host.

For both clients — local and remote — the following information is output:

•Average number of files scanned per second

•Average number of sent and received bytes per second

•Average number of errors per second

Arguments

No.

Options

-n [--netcheck] — output statistics on operation of the distributed scanning agent.