On the Actions tab, you can configure reactions of performed by Dr.Web Agent Scanner on detection of infected or suspicious files, malware and infected archives.
|
Dr.Web Agent Scanner automatically applies actions that are specified for detected threats. |
The following actions for detected threats are provided:
•Cure—restore the original state of an object before infection. If the object is incurable, or the attempt of curing fails, the action set for incurable objects is applied.
Available only for objects infected with known threats, except for Trojan programs, which are deleted on detection, and infected files within complex objects (archives, mail boxes or file containers).
•Delete—delete infected object.
•Move to quarantine—move the object to the special Quarantine on the station.
•Report—send a notification to the Control Center about the detection of a threat (see the Setting Notifications section on how to configure alerts).
•Ignore—skip the object without performing any action and do not send notification in the scan statistic.
Reactions of Dr.Web Agent Scanner to various threats
Object |
Action |
||||
|---|---|---|---|---|---|
Cure |
Delete |
Move to quarantine |
Report |
Ignore |
|
Infected |
+/* |
+ |
+ |
available if one of the keys includes the AllowReportAction=Yes option |
|
Suspicious |
|
+ |
+/* |
|
+ |
Incurable |
|
+ |
+/* |
|
|
Installation packages |
|
+ |
+/* |
|
|
Archives |
|
+ |
+/* |
|
|
Email files |
|
|
+ |
+/* |
+ |
Boot sectors |
+/* |
|
|
+ |
|
Adware |
|
+ |
+/* |
|
+ |
Dialers |
|
+ |
+/* |
|
+ |
Jokes |
|
+ |
+/* |
|
+ |
Riskware |
|
+ |
+/* |
|
+ |
Hacktools |
|
+ |
+/* |
|
+ |
+ |
action is enabled for this type of object |
+/* |
action is set as default for this type of object |
To set actions on detected threats, use the following options:
•The Infected files drop-down list specifies the Dr.Web Agent Scanner reaction to the detection of a file infected with a known virus.
•The Suspicious files drop-down list specifies the Dr.Web Agent Scanner reaction to the detection of a file presumably infected with a virus (upon a reaction of the heuristic analyzer).
|
If scanning includes the OS installation folder, it is recommended to select the Report action for suspicious files. |
•The Incurable files drop-down list specifies the Dr.Web Agent Scanner reaction to the detection of a file infected with a known incurable virus and in case if attempt to cure a file is failed.
•The Infected installation packages drop-down list specifies the Dr.Web Agent Scanner reaction to the detection of an infected or suspicious file in a programs installation packages.
•The Infected archives drop-down list specifies the Dr.Web Agent Scanner reaction to the detection of an infected or suspicious file in a file archive.
•The Infected email files drop-down list specifies the Dr.Web Agent Scanner reaction to the detection of an infected or suspicious file in email format.
|
If viruses or suspicious program code is detected within complex objects (archives, email attachments or file containers), an actions selected for this type of a complex object is performed to a whole object, not just to the infected part. |
•The Infected boot sectors drop-down list specifies the Dr.Web Agent Scanner reaction to the detection of viruses or suspicious program code in the boot sectors area.
•In the following drop-down list, set the Dr.Web Agent Scanner reaction to the detection of corresponding type of unsolicited software:
▫Adware;
▫Dialers;
▫Jokes;
▫Riskware;
▫Hacktools.
|
If you select Ignore, no action is performed: no notifications are sent to the Control Center as compared to when you select Report on threat detection. |
Set the Show scan progress flag to display a progress bar and the status bar of the stations scan process in the Control Center.