Defend what you create

Other Resources


My library

+ Add to library

Contact us
24/7 Tech support | Rules regarding submitting

Send a message

Your tickets


Lists of frequently asked questions

In order to timely detect attempts (including successful ones) to hack into end devices and take appropriate measures, we recommend that you take advantage of the security auditing option.

To do this:

  1. Go to the Control Panel → Administrative Tools → Local security policy → Advanced audit policy configuration → Object access →Audit file system. Set the file system audit for success and failure.

  2. Next, enable an audit for the folder you need:

    1. Open the properties of the shared folder → the Security tab → Advanced → the Audit tab → Change → Add;

    2. specify the users to be audited. Select All, application level — For this folder and its subfolders and files;

    3. specify the actions to be audited: Create files/append data, Create folders/append data, Remove folders and files, or just Remove. For all actions, select the audit option for both success and failure.

After that, file and folder access events will appear in the security event log.

If, in a system that already has the auditing option configured, the anti-virus detects changes in the file system, make sure to note the detection time and compare it with the events in the security log.

You can familiarise yourself with security event codes on Microsoft's official website.


Nothing found

The Russian developer of Dr.Web anti-viruses
Doctor Web has been developing anti-virus software since 1992
Dr.Web is trusted by users around the world in 200+ countries
The company has delivered an anti-virus as a service since 2007
24/7 tech support

Dr.Web © Doctor Web
2003 — 2021

Doctor Web is the Russian developer of Dr.Web anti-virus software. Dr.Web anti-virus software has been developed since 1992.

2-12А, 3rd street Yamskogo polya, Moscow, Russia, 125124