3.5.1. Eliminating Threats

In the middle of the window the table with the list of all detected threats is displayed:

Column

Description

File

Specify paths to detected infected or suspicious objects

Details

Contain information about the threat is displayed (for example, type of a threat or a virus name).

Action

Contain information about the action applied to a certain infected object is displayed (if the corresponding field is empty, then no action was applied to this object).

Time

Display the date when the threat was detected

 

scanning_results

Figure 5. Displaying detected threats.

In automatic processing mode Scanner Daemon applies to detected threats actions specified in its settings.

In manual processing mode Scanner Daemon only informs the user about detected threats. After scan is finished you may try to restore proper functionality of infected object (cure it), or eliminate the threat, if the object appears to be incurable (delete it).

Manual processing of threats

1.To apply some action to the threat (or to several threats of the same type) select the object from the list (hold the SHIFT key to select several objects in a row, or the CTRL key to select a few scattered objects).
2.Perform one of the following actions:
press Cure button to make an attempt to cure infected file;
press an arrow near the Cure button and select some other action from the list.
right-click an object and select a necessary action from the menu.

In case of rights shortage while performing  actions on detected threats, Dr.Web Anti-Virus for Linux will offer to increase privileges:

 

privilege_en

Figure 6. Dr.Web privilege granting settings.

 

warning

If target file is a virus, then it can be deleted in consequence of successful application of Cure action.

 

There exist the following limitations on certain types of actions:

suspicious objects cannot be cured;
moving, renaming or deletion of objects that are not files (e.g. boot sectors) is not allowed;
none of the actions can be applied to a separate file in the archive or a container and to the part of mail message. In this case action is applied to the whole object (archive, container or mail message).

 

warning

Suspicious files which were moved to Quarantine may be sent to the Dr.Web anti-virus department for analysis. You may use a special contact form at http://vms.drweb.com/sendvirus for this purpose.

 

3.After action is applied, Dr.Web Anti-Virus for Linux adds a correspondent entry to the Action column about the results of the operation.
4.To return to the start state of page Scanner, press New scanning button.