Actions Upon Detection

By default, if known viruses or computer threats of other types are detected during scanning, Dr.Web Scanner informs you about them. You can neutralize all detected threats at once by clicking Neutralize. In this case Dr.Web Scanner applies the most effective actions according its configuration and treat type.

Threats to your security can be neutralized either by restoring the original state of each infected objects (curing), or, when curing is impossible, by removing the infected object completely from your operating system (deleting).

 

By clicking Neutralize you apply actions to the objects selected in the table. Dr.Web selects all objects by default once scanning completes. When necessary, you can customize selection by using checkboxes next to object names or threat categories from the drop-down menu in the table header.

 

For details on a certain option, click a corresponding item in the picture.

For details on a certain option, click a corresponding item in the picture.

To select an action

1.Where necessary, select a custom action from the drop-down list in the Action field. By default, Dr.Web Scanner selects a recommended action for the type of detected threat.
2.Click NeutralizeDr.Web Scanner applies actions to the selected threats.

 

Suspicious objects are moved to Quarantine folder and should be sent for analysis to the anti-virus laboratory of Doctor Web. To send the files, right-click anywhere in the Quarantine windows and select Submit file to Doctor Web Laboratory.

 

There are some limitations:

For suspicious objects curing is impossible.
For objects which are not files (boot sectors) moving and deletion is impossible.
For files inside archives, installation packages or attachments, no actions are possible.

The detailed report on Dr.Web Scanner operation is stored in the dwscanner.log file that is located in %USERPROFILE%\Doctor Web folder. It is recommended to analyze the log file periodically.

Column name

Description

File name

This table column contains the name of an infected or suspicious object (it is a file name, if a file is infected, or a Boot sector, if a boot sector is infected, or a Master Boot Record, if an MBR of the hard drive is infected).

Threat

In this column names of viruses or virus modifications are listed as per the internal classification of the Dr.Web package (a modification of a known virus is a code resulting from such alteration of a known virus which can still be detected by the Scanner, but cannot be treated with the curing algorithms applied to the initial virus). For suspicious objects, an indication that the object "is possibly infected" and the type of a possible virus according to the classification of the heuristic analyzer is displayed.

Action

Click an arrow on this button to select a custom action for a detected threat (by default Dr.Web Scanner offers the most effective action).

You can apply displayed action separately for each threat by clicking this button.

Path

The full paths to the corresponding files.

 

If you selected Automatically apply actions to threats checkbox on main tab, Dr.Web Scanner will neutralize threats automatically.