Actions Tab

On this tab, you can configure reaction of the Dr.Web Scanner on detection of infected or suspicious files and archives or other malicious object.

For different types of compromised objects, actions are assigned separately from respective drop-down lists:

Objects infected with known and (supposedly) curable viruses
Objects infected with incurable viruses
Supposedly infected (suspicious) objects

Reaction on detection of malicious software and infected packages (archives,email, containers) is also set separately.

For details on a certain option, click a corresponding item in the picture. To get information on options available in other panes, click the necessary tab

For details on a certain option, click a corresponding item in the picture. To get information on options available in other panes, click the necessary tab

By default, Dr.Web Scanner just informs you when a known virus is found or when there is a suspicion an object is infected with a virus (Report). The data for all infected or suspicious objects are displayed in the report list, in which you can manually select a necessary action.

Apart from reporting, there are other actions available:

Action

Description

Cure

(Available for known viruses only except Trojan programs that are deleted on detection.)

Instructs Dr.Web Scanner to try to restore the original state of an object before infection. If the object is incurable, or the attempt of curing fails, the action set for incurable viruses is applied.

This is the only action available for boot sectors.

Delete

Instructs Dr.Web Scanner to delete the object. This action is impossible for boot sectors. No action is applied to boot sectors.

Rename

Instructs Dr.Web Scanner to rename the extension of an infected or suspicious file according to the mask specified in the Rename extension field (the default is #??, i.e. the first character in the extension is replaced with #).

Move to

Instructs Dr.Web Scanner to move the object to the quarantine folder specified in the Move path field (by default, the infected.!!! subfolder in the Dr.Web installation folder). This action is impossible for boot sectors. No action is applied to boot sectors.

Ignore

(Available for malware only which includes adware, dialers, jokes, hacktools and riskware.)

Instructs Dr.Web Scanner to skip the object without performing any action or displaying information in the report window.

If a malicious object is detected within an archive, Dr.Web Scanner performs the action selected for archives. The reaction is applied to the archive as a whole, and not to the malicious object only.