Lists of frequently asked questions

If Dr.Web has detected a malicious program, one of the following actions can be applied to it:

• Cure — Dr.Web can try to restore the infected file to its original state.
  In most cases, the "Cure" option will be unavailable. This action is only available for files infected with known, curable viruses. Trojans and compromised files found in other objects (archives, email files and file containers) cannot be cured.

• Remove — a malicious object (file, script, email attachment, etc.) is permanently deleted.

• Move to quarantine — if for some reason you want to save a file (for example, to send it to Doctor Web’s virus laboratory), you can move it to the secure quarantine folder where it will not be able to harm your PC.

• Ignore — no action is taken. Choose this option only if you are completely sure that the threat is in fact a false positive.

Threat-neutralisation options have their limits:

• Suspicious objects (seemingly infected files and files that supposedly contain malicious code) cannot be cured.

• Threats that are not actually files (e.g., boot sectors) cannot be moved or deleted.

• No actions can be performed with individual files in archives, installers or emails—in such cases, an action is applied only to the entire object.

Yes, you can. In order to disable SpIDer Guard, right-click on the Dr.Web icon in the notifications area and select SpIDer Guard–>Disable.

Enabling this option allows to block automatic launch of autorun.exe-like files from removable media and hard disk drives. This option is used to neutralize autorun-viruses, which are automatically activated when a device is connected to the PC with autorun option enabled.

Enabling this option allows to block attempts to modify HOSTS system file used by operating system to make an Internet access easier. Modifications of this file may be resulted in virus or any other malicious program activities, and this may cause loss of access to some websites or network resources as a whole.

Anti-virus guard is loaded into RAM and checks files being created or modified on the hard disk and all the files being opened on network disks and removable media “on the fly”.

Besides, SpIDer Guard constantly traces running processes activities specific to viruses and blocks those processes upon their detection.

Upon detection of infected objects, SpIDer Guard interacts with them according to the specified settings.

SpIDer Guard log file is called spiderg3.log and located in the anti-virus installation folder (by default, it is C:\Program Files\DrWeb).

Paranoid mode is an enhanced protection mode. When this mode is activated, the guard starts scanning all the files being opened, created or modified on hard disks, removable media and network disks.

In the Optimal mode the guard scans only files being launched, created and modified on hard disks, removable media and network disks.

In order to exclude a program or file from the SpIDer Guard scan, right-click on the Dr.Web icon in the notifications area and select SpIDer Guard–>Settings. In the next window, proceed to the Exclusions tab, press the Browse button to select the folder where the program to be excluded from the scan is installed, and press Add.

Should it become necessary to exclude a folder or file while the Dr.Web for Windows Scanner is running — select Settings–>Modify settings in the scanner menu. You may add a folder in the Scan–>Excluded paths list tab, and a certain file in the Excluded files list, then you need to press Add.