Virus Check

Dr.Web for Microsoft Outlook uses different detection methods. Infected objects are processed according to the actions defined by the user: the program can cure such objects, remove them, or move them to Quarantine to isolate the objects from the rest of the system.

Dr.Web for Microsoft Outlook detects the following malicious objects:

Infected objects

Bomb viruses in files or archives








Computer worms and viruses


Dr.Web for Microsoft Outlook allows to specify program reaction to detection of infected or suspicious files and malicious objects in email attachments.

To configure virus check of email attachments and to specify program actions for detected malicious objects, in the Microsoft Outlook mail application, go to the Tools Options Dr.Web Anti-virus page (for Microsoft Outlook 2010, in the Files Options Add-ins section select Dr.Web for Microsoft Outlook, then click the Add-in Options button) and click Check attachments.


The Check attachments window is available only for users with administrative privileges.

For Windows Vista and later operating systems, after clicking Check attachments:

If UAC is enabled: administrator is requested to confirm program actions; user without administrative privileges is requested to enter system administrator credentials.

If UAC is disabled: administrator can change program settings; user does not have the permission to change program settings.

In the Check attachments window, specify actions for different types of checked objects and also for the check failure. You can also enable/disable check of archives.

To set actions to be applied on threat detection, use the following options:

The Infected drop-down list sets the reaction to the detection of a file infected with a known and (presumably) curable virus.

The Not cured drop-down list sets the reaction to the detection of a file infected with a known incurable virus (and in case an attempt to cure a file failed).

The Suspicious drop-down list sets the reaction to the detection of a file presumably infected with a virus (upon reaction of the heuristic analyzer).

In the Malware section, set a reaction to detection of unsolicited software of the following types:






The If check failed drop-down list allows to configure actions if the attachment cannot be checked, that is, if the attached file is corrupted or password protected.

The Check archives (recommended) check box allows to enable or disable check of attached archived files. Select this check box to enable checking; clear this check box to disable.

For different types of objects, actions are specified separately.

The following actions for detected virus threats are available:

Cure (only for infected objects)—instructs to try to restore the original state of an object before infection.

As incurable (only for infected objects)—instructs to apply the action specified for incurable objects.

Delete—delete the object.

Move to quarantine—move the object to the special Quarantine folder.

Skip—skip the object without performing any action or displaying a notification.