Viewing Detected Threats

The list of threats detected by Scanner and the SpIDer Guard file system monitor during the current Dr.Web for Linux session is displayed on a special window page which is available only if at least one threat was detected.

If threats were detected, click

in the navigation pane to open a page with a list of threats.

•a name of the threat contained in the object as classified by the Doctor Web company;

•an action to be applied to the object for neutralizing the threat (or an action that was already applied, if the threat was neutralized);

If some of the listed threats are not neutralized, the Neutralize button becomes available above the list. Once the button is clicked, an action specified in the corresponding Action field is applied to each threat that was not neutralized. If the threat is successfully neutralized, its row in the table becomes grayed out. If an attempt to neutralize the threat fails, the listed item is displayed in red and an error message appears in the Action field.

By default, an action to be applied to a threat is selected according to the settings of the component that detected the threat. You can adjust default actions applied to the threats detected by Scanner and the SpIDer Guard file system monitor on the corresponding tabs of the settings window.

If the Report action was selected in Scanner or SpIDer Guard settings for a certain threat type, all threats of this type will be displayed with the No action action in the threat list. To neutralize such threats, indicate an action for each of them in the Action field.

If a threat is detected in a file inside a container (an archive, an email message and so on), the container is quarantined and not deleted.

If you need to apply an action different from the one specified in the settings, click the Action field in the row for the threat and select the required action from the context menu.

You can select several threats in the list at once. To do that, select them with the mouse while holding CTRL or SHIFT:

After selecting threats, you can apply some action to them by right-clicking the selection and then selecting the required action from the drop-down list. The selected action will be applied to all selected threats.

If a threat is detected in a compound object (an archive, an email message and so on), the selected action is applied to the container as a whole and not to the nested infected object.

The Cure action cannot be applied to some threat types.

If necessary, elevate application privileges to enable successful neutralization of threats.

The threats to which the Ignore action was applied will be displayed in the list until the graphical management interface is restarted.

To get the detailed information about any detected threat, right-click the corresponding row and select Details in the appeared context menu. This opens the window with the details on the threat and the object containing it. If you need to get details on several threats at once, select them with the mouse from the list while holding CTRL before opening the context menu.

•the information about the file system object in which the threat was detected: its name, user/owner, last modified date and a path to the object in the file system;

•the last action applied to the threat and the result (if an option to apply actions automatically is enabled in the component settings, for example, you can set it for Scanner on the corresponding tab of the settings window).

Click the name of the threat to open a webpage with its description (the Doctor Web official website will be visited; an internet connection is required).

Click Export to save the information displayed in the window to a text file (the file chooser will open). To close the window with threat and object details, click Close.