Hello,

I scaned a folder with OA++, it finds 2 mallicious actualy infected files but i believe those are not and i think it is a FP result, so i decided to do nothing and i just closed the scan windows.

Then i realised that i can't reach those files. Is there any default behaviour which OA ++ take action for file which it thinks is infected. If it is how can i change this default behaviour?

OA ++ doesn't do anything with files it finds infected unless you instruct it to. They can be blocked or deleted among other options, but if you just do a scan and don't elect to do any of these things and just close the scan window, OA ++ won't do anything.

What do you mean when you say you can't reach the files?

You might want to do another scan, and then set any false positives to Trusted. This will prevent future false positives and will allow those program files to run without interference :)

OA++ Scanner found two pdf documents infected with HTML.Malicious!IK. Which i believe those were false positives.

when i right clicked on files in the scanner window there were only two actions available to use, they were "delete" and "go to OASIS" , other actions (run safer, allow, block, ask) were greyed out and not available.

I didnt want to delete these files and i just closed the window.

Now my problem was which i mentioned at first post that i couldn't open these infected documents but now i am able to open them. So ignore my first post for now. My current problem is explained below.

i am able to open these documents even they are infected and detected by OA++. And OA++ scanner window only gives me two options delete or go to OASIS.

Why OA++ allows me to open them if it detects them as infected?
Why are some options greyed out and not available in scanner result window?

Why OA++ allows me to open them if it detects them as infected?
PDF files aren't executable files so OA's HIPS won't ask you before opening them. All files types are able to be scanned with the AV engine if you elect to do a scan, but OA's HIPS will only pass executable files to the AV engine to check. However, if this PDF file was malicious, and tried to sneakily run an embedded file to do it's deeds, OA should stop it in it's tracks, right away :)


Why are some options greyed out and not available in scanner result window?
The greyed out options are only applicable to executable files.

if you elect to do a scan

Doesn't Ikarus antivirus engine scan in background like other antivirus softwares? Does it scan only on-demand? Or does it scan when an executable file launched?

Also it is good to hear that HIPS sends suspicious files to AV engine. it should be the best part of using a suite :)

Doesn't Ikarus antivirus engine scan in background like other antivirus softwares? Does it scan only on-demand? Or does it scan when an executable file launched?

Also it is good to hear that HIPS sends suspicious files to AV engine. it should be the best part of using a suite :)

Yes, the AV engine definitely scans when an executable file is launched :) You can scan any individual file (via the right click context menu item) or scan the entire system on demand at any time.