Dr.Web Operation Logging

You can enable detailed logging for one or several Dr.Web components or services.

To change operation logging settings

1.Click Advanced settings link.

2.In the Log section click Edit.

Figure 24. General Settings. Log

The window with detailed logging settings opens:

Figure 25. Operation logging settings

3.Select components, for which the detailed logging will be enabled. By default, the standard logging mode is enabled for all the Dr.Web components and the following information is logged:

Component

Information

SpIDer Guard

Time of updates and SpIDer Guard starts and stops, virus events, data on scanned files, names of packers, and content of scanned complex objects (archives, email attachments, file containers).

It is recommended that you use this mode to determine the most frequent objects scanned by SpIDer Guard file monitor. If necessary, add these objects to the list of exclusions in order to increase computer performance.

SpIDer Mail

Time of updates and the mail anti-virus SpIDer Mail starts and stops, virus events, connection interception settings, data on scanned files, names of packers, and content of scanned archives.

It is recommended that you use this mode when testing mail interception settings.

SpIDer Gate

Time of updates, starts and stops of SpIDer Gate, virus events, connection interception settings, names of scanned files, names of packers, and contents of scanned archives.

It is recommended that you use this mode for reception of more detailed information on the checked objects and work of the internet monitor.

Scanner

Updates of scanning modules and virus database information, time of Scanner starts and stops, information on detected threats, names of packers, and content of scanned archives.

Firewall

Information and decisions on requests coming to the service, information on unknown connections with reasons for the request, and information on errors.

When you enable detailed logging, the component collects data on network packets (pcap logs).

Dr.Web Update

List of updated Dr.Web files and their download status, date and time of updates, and details on auxiliary script execution and Dr.Web component restart.

Dr.Web Service

Information on Dr.Web components, changes in their settings, component starts and stops, preventive protection events, connections to anti-virus network.

Memory dump creation

The Create memory dumps at scan errors option allows you to save useful information on operation of several Dr.Web components. This helps Doctor Web technical support specialists analyze an occurred problem in detail and find a solution. We recommend enabling this option on request of Doctor Web technical support specialists or when errors of scanning or neutralizing occur. Memory dump is saved to .dmp file located in the %PROGRAMFILES%\Common Files\Doctor Web\Scanning Engine\ folder.

Enabling detailed logging

Note

When logging detailed data on Dr.Web operation is enabled, the maximum amount of information is recorded. This will result in disabling of log file size limitations and will have an impact on system and Dr.Web performance. Make sure to use this mode only when errors occur in component operation or by request of Doctor Web technical support.

1.To enable detailed logging for a Dr.Web component, select the corresponding check box.

2.By default, detailed logging is enabled until the first restart of the operating system. If it is necessary to log component activity before and after the restart, select the Continue detailed logging after restart (use only by request of Doctor Web technical support) check box.

3.Click OK to save the changes.

Note

Size of a log file is restricted to 10 MB by default (and 100 MB for SpIDer Guard). If the log file size exceeds the limit, the content is reduced to:

Specified size if the current session information does not exceed the limit.

Size of the current session if the session information exceeds the limit.