Threat Check

Dr.Web for Microsoft Outlook uses different detection methods. Infected objects are processed according to the actions defined by the user: the program can cure such objects, remove them, or move them to Quarantine to isolate the objects from the rest of the system.

Dr.Web for Microsoft Outlook detects the following malicious objects:

Infected objects

Bomb viruses in files or archives

Adware

Hacktools

Dialers

Jokes

Riskware

Spyware

Trojans

Computer worms and viruses

Actions

Dr.Web for Microsoft Outlook allows you to specify program reaction to detection of infected or suspicious files and malicious objects in email attachments.

To configure virus scan of email attachments and to specify program actions for detected malicious objects, in the Microsoft Outlook mail application, go to the Tools Options Dr.Web Anti-virus page (for Microsoft Outlook 2010, in the Files Options Add-ins section select Dr.Web for Microsoft Outlook, then click the Add-in Options button) and click Check attachments.

Note

The Check attachments window is available only for users with administrative privileges.

For Windows Vista and later operating systems, after clicking Check attachments:

If UAC is enabled: administrator is requested to confirm program actions; user without administrative privileges is requested to enter system administrator credentials.

If UAC is disabled: administrator can change program settings; user does not have the permission to change program settings.

In the Check attachments window, specify actions for different types of scanned objects and also for the scan failure. You can also enable or disable scan of archives.

To set actions to be applied on threat detection, use the following options:

The Infected drop-down list sets the reaction to the detection of a file containing a known and (presumably) curable threat.

The Not cured drop-down list sets the reaction to the detection of a file containing a known incurable threat (and in case an attempt to cure a file failed).

The Suspicious drop-down list sets the reaction to the detection of a presumably infected file (upon reaction of the heuristic analyzer).

In the Malware section, set a reaction to detection of unwanted software of the following types:

Adware

Dialers

Jokes

Hacktools

Riskware

The If check failed drop-down list allows you to configure actions if the attachment cannot be scanned, that is, if the attached file is corrupted or password protected.

The Check archives (recommended) check box allows you to enable or disable scan of attached archived files. Select this check box to enable scanning; clear this check box to disable scanning.

For different types of objects, actions are specified separately.

The following actions for detected virus threats are available:

Cure (only for infected objects)—instructs to try to restore the original state of an object before infection.

Delete—delete the object.

Move to quarantine—move the object to the special Quarantine folder.

Ignore—skip the object without performing any action or displaying a notification.