background image

Advanced options

 

187

 

2.  Click Advanced under Events notification.

 

Use  the 

Events

 

Notification  settings

  window  to  select  the  option  of  logging 

information for an event and click the 

Log Settings

 button.   

Kaspersky  Anti-Virus  has  the  option  of  recording  information  about  events  that 
arise while the program is running, either in the Microsoft Windows general event 
log  (

Application

)  or  in  a  dedicated  Kaspersky  Anti-Virus  (

Kaspersky  Event 

Log

).  

Logs  can  be  viewed  in  the  Microsoft  Windows 

Event  Viewer

,  which  you  can 

open by going to 

Start/Settings/Control Panel/Administration/View Events

.

 

15.9.2.

 

Self-Defense and access restriction 

Kaspersky  Anti-Virus  is  an  application  which  protects  computers  from  malware 
and, as such, is of interest to malicious software attempting to disable the appli-
cation or even remove it from computers. 

Moreover, several people may be using the same computer, all with varying le-
vels  of  computer  literacy.  Leaving  access  to  the  program  and  its  settings  open 
could dramatically lower the security of the computer as a whole. 

To ensure the stability of your computer's security system, Self-Defense, remote 
access defense, and password protection mechanisms have been added to the 
program. 

On  computers  running  64-bit  operating  systems  and  Microsoft  Windows  Vista, 
self-defense  is  only  available  for  preventing  the  program's  own  files  on  local 
drives and system registry records from being modified or deleted. 

To enable Self-Defense: 

1.  Open  the  application  settings  window  and  select 

Service 

(see  Figure 

72). 

2.  Make the following configurations in the 

Self-Defense

 box: 

 

Enable Self-Defense

. If this box is checked, the program will protect 

its own files, processes in memory, and entries in the system regi-
stry from being deleted or modified. 

 

Disable external service control

. If this box is checked, any remote 

administration  program  attempting  to  use  the  program  will  be 
blocked.  

For  remote  administration  tools  (such  as,  RemoteAdmin)  to  gain 
access to Kaspersky Anti-Virus, these tools should be added to the 

Summary of Contents for ANTI-VIRUS 7.0

Page 1: ...KASPERSKY LAB Kaspersky Anti Virus 7 0 USERGUIDE...

Page 2: ...K A S P E R S K Y A N T I V I R U S 7 0 User Guide Kaspersky Lab http www kaspersky com Revision date December 2007...

Page 3: ...23 2 2 4 Program tools 23 2 3 Hardware and software system requirements 24 2 4 Software packages 25 2 5 Support for registered users 26 CHAPTER 3 INSTALLING KASPERSKY ANTI VIRUS 7 0 27 3 1 Installatio...

Page 4: ...How to scan a file folder or disk for viruses 51 5 6 How to update the program 52 5 7 What to do if protection is not running 53 CHAPTER 6 PROTECTION MANAGEMENT SYSTEM 54 6 1 Stopping and resuming rea...

Page 5: ...ook 92 8 2 3 Configuring email scans in The Bat 93 8 2 4 Using Heuristic Analysis 95 8 2 5 Restoring default Mail Anti Virus settings 96 8 2 6 Selecting actions for dangerous email objects 97 CHAPTER...

Page 6: ...ttings for all tasks 139 CHAPTER 12 TESTING KASPERSKY ANTI VIRUS FEATURES 140 12 1 The EICAR test virus and its variations 140 12 2 Testing File Anti Virus 142 12 3 Testing Virus scan tasks 143 CHAPTE...

Page 7: ...ent notifications 183 15 9 1 1 Types of events and notification delivery methods 184 15 9 1 2 Configuring email notification 185 15 9 1 3 Configuring event log settings 186 15 9 2 Self Defense and acc...

Page 8: ...g Install Wizard 208 17 2 Uninstalling the program from the command line 210 CHAPTER 18 FREQUENTLY ASKED QUESTIONS 211 APPENDIX A REFERENCE INFORMATION 213 A 1 List of files scanned by extension 213 A...

Page 9: ...etwork of infected computers to attack servers send out spam harvest confidential information and spread new viruses and Trojans In today s world it is widely acknowledged that information is a valuab...

Page 10: ...no one s property and has no geographical borders In many ways this has promoted the development of web resources and the exchange of information Today anyone can access data on the Internet or create...

Page 11: ...email system When this occurs more than a handful of people are infected It might be hundreds or thousands of company workers together with potentially tens of thousands of subscribers Beyond the thre...

Page 12: ...ojans Trojans are programs which carry out unauthorized actions on computers such as deleting information on drives making the system hang stealing confidential information and so on This class of mal...

Page 13: ...operation Another type of malicious program that is similar to adware spyware and risk ware are programs that plug into your web browser and redirect traffic The web browser will open different web s...

Page 14: ...comprehensive pro tection for your computer from both known and new threats Warning From this point forward we will use the term virus to refer to malicious and dangerous programs The type of malicio...

Page 15: ...your computer is recommended see 5 3 on pg 50 if they should manifest themselves 1 5 What to do if you suspect infection If you notice that your computer is behaving suspiciously 1 Don t panic This i...

Page 16: ...well timed pre vention Computer prophylactics involve a rather small number of rules that if complied with can significantly lower the likelihood of being infected with a virus and losing data Below...

Page 17: ...pdated application databases Rule No 4 Do not trust virus hoaxes such as prank programs and emails about infection threats Rule No 5 Use the Microsoft Windows Update tool and regularly install Micro s...

Page 18: ...uards all incoming and outgoing data channels A flexible configuration of all application components allows for maximum customi zation of Kaspersky Anti Virus to the needs of each user Configuration o...

Page 19: ...using plug ins for Microsoft Office Outlook and The Bat Special plug ins are available for the most common mail clients such as Microsoft Office Outlook Microsoft Outlook Express Windows Mail and The...

Page 20: ...incrementally ignoring files that have already been downloaded This lowers the download traffic for updates by up to 10 times Updates are downloaded from the most efficient source You can choose not t...

Page 21: ...at monitors your computer s file system It scans all files that are opened run and saved on your computer and any at tached drives The program intercepts every attempt to access a file and scans the f...

Page 22: ...ro grams it is extremely important to periodically scan your computer for viruses This is required to stop the spread of malicious programs not detected by real time protection components because of t...

Page 23: ...enerates a report on each real time protection component virus scan task and application update It contains information on results and operations performed Details on any Kaspersky Anti Virus componen...

Page 24: ...or send feedback or an error report to Technical Support by completing a spe cial online form You will also be able to access online Technical Support Personal Cabinet services and our employees will...

Page 25: ...t EULA Before breaking the seal on the installation disk envelope carefully read through the EULA If you buy Kaspersky Anti Virus from an online store you copy the product from the Kaspersky Lab websi...

Page 26: ...plication databases and new versions of the program free of charge Consultation on questions regarding installation configuration and op eration of the program by phone and email Notifications on new...

Page 27: ...with an installer package downloaded from the Internet is identical to installing it from an installation CD To install Kaspersky Anti Virus to your computer start the setup file on the prod uct CD T...

Page 28: ...2 Installation Welcome window If your system fully meets all requirements an installation window will appear when you open the installer file with information on beginning the installation of Kaspers...

Page 29: ...specify a full directory path manually please note that it should not exceed 200 characters or contain special characters To continue installation click the Next button Step 6 Selecting program compo...

Page 30: ...r searches for other anti virus products installed on your computer including Kaspersky Lab products which could raise compatibility issues with Kaspersky Anti Virus The installer will display on scre...

Page 31: ...nents which intercept network traffic Most dropped connections are re established after a period of time Step 10 Completing the installation procedure The Complete Installation window contains informa...

Page 32: ...e application and its expiration date The key contains system information necessary for all the program s features to operate and other information Support information who provides program support and...

Page 33: ...a physical medium the activation code is printed on the installation disk The activation code is a sequence of numbers and letters divided by hyphens into four groups of five symbols without spaces Fo...

Page 34: ...e file obtained will be installed into the application automatically and an acti vation complete window will be displayed for you with detailed information on the key being used Note When this activat...

Page 35: ...to alter system settings suspi cious activity in the system and unauthorized activity on the network All of the activities listed above could be signs of malicious programs or standard activity for s...

Page 36: ...nd down loading the latest program updates To do so click Update now Then Kas persky Anti Virus will download the necessary updates from the update servers and will install them on your computer To co...

Page 37: ...ct the area below that you want password protection to apply to All operations except notifications of dangerous events Request pass word if the user attempts any action with the program except for re...

Page 38: ...computer to complete the program installation You must restart for Kaspersky Anti Virus drivers to register You can wait to restart but if you do some of the program s protection compo nents will not...

Page 39: ...r see 11 2 on pg 126 The plug ins extend the functionality of these programs by making Kaspersky Anti Virus management and settings possible from their interfaces 4 1 Icon in the taskbar notification...

Page 40: ...e main window will open at the section that was active when you last closed it If news from Kaspersky Lab are available the following icon will appear in the taskbar notification area Double click the...

Page 41: ...gram updates or virus scan tasks About the program calls up a window with info about Kaspersky Anti Virus Exit close Kaspersky Anti Virus when this option is selected the applica tion will be unloaded...

Page 42: ...easy access to any component virus scan task execution updates application support functionality the right part of the window the information panel contains information on the protection component se...

Page 43: ...information on the status of these tasks configure them or run them The Scan section provides access to virus scan tasks for objects It shows tasks created by Kaspersky Lab experts virus scan of criti...

Page 44: ...s not installed it is recommended that it be purchased without delay and that the application be activated see 3 2 2 on pg 32 If a key is installed this section shows in formation on the type of key u...

Page 45: ...ation context menu The settings window see Figure 3 is similar in layout to the main window the left part of the window gives you quick and easy access to the set tings for each application component...

Page 46: ...46 Kaspersky Anti Virus 7 0 Figure 3 Kaspersky Anti Virus settings window...

Page 47: ...lling and starting the program we recommend that you take the follow ing steps Check the current protection status see 5 1 on pg 47 to make sure that Kaspersky Anti Virus is running at the appropriate...

Page 48: ...ed and urgently need to be disabled the product has not been activated If there are problems in the protection system we recommend fixing them imme diately Use the Security Wizard which will be access...

Page 49: ...ew the current status of any individual real time protection component open the application main window and select the desired component under Protec tion Summary information on the selected component...

Page 50: ...uter for viruses After installation the application will without fail inform you with a special notice in the lower left hand part of the application window that the computer has not yet been scanned...

Page 51: ...task under Scan in the application main win dow 2 Click the Start Scan link When you do this a scan of the selected areas will begin and the details will be shown in a special window When you click th...

Page 52: ...tes databases and modules for Kaspersky Anti Virus using dedicated update servers Kaspersky Lab s update servers are the Kaspersky Lab Internet sites where the program updates are stored Warning You w...

Page 53: ...we recommend correct ing potential errors using the application restore feature see Chapter 17 on pg 208 If the application restore procedure does not help contact Kaspersky Lab Tech nical Support Yo...

Page 54: ...with self defense features of other application see 6 5 on pg 59 list of threats see 6 2 on pg 58 protection from which will be provided by the application list of trusted objects see 6 9 on pg 64 wh...

Page 55: ...ction window that opens see Figure 5 select how soon you want protection to resume In time interval protection will be enabled this amount of time later To select a time value use the drop down menu A...

Page 56: ...gram restarts Remem ber that if Kaspersky Anti Virus is somehow in conflict with other programs in stalled on your computer you can pause individual components or create an exclusion list see 6 9 on p...

Page 57: ...sion are saved and will continue to be recorded after the compo nent is updated To stop an individual protection component Open the application main window select component under Protection and click...

Page 58: ...he computer Once the procedure is complete the computer will have to be restarted It is rec ommended that a full virus scan be initiated after the computer is restarted To engage the Advanced Disinfec...

Page 59: ...igure 6 It should be noted that this setting may be configured for each individual virus scan task The individual task setting will have higher priority 6 5 Troubleshooting Kaspersky Anti Virus Compat...

Page 60: ...xample the network update folder or authorized user rights for a proxy server You can use this feature to run the Updater with another profile that has those rights To configure a scan task to run as...

Page 61: ...t the desired option under Frequency see Figure 9 Then update settings for the selected option must be specified under Update Settings The following selection is available At a specified time Run task...

Page 62: ...e the Time field to specify what time of day the scan task will be run Weeks Tasks will be run or notifications sent on certain days of the week If this frequency is selected check the days of the wee...

Page 63: ...ncludes potentially dangerous soft ware that may inconvenience the user or incur serious damage Potentially dangerous software riskware This group includes programs that are not malicious or dangerous...

Page 64: ...u can exclude files of certain formats from the scan use a file mask or ex clude a certain area for example a folder or a program program processes or objects according to Virus Encyclopedia threat ty...

Page 65: ...ect dur ing the scan A verdict is based on the classification of malicious and potentially dangerous programs found in the Kaspersky Lab Virus Encyclopedia Potentially dangerous software does not have...

Page 66: ...eate exclusion rules in a special window that you can open from the program settings window from the notice about detecting the object and from the report window To add exclusions on the Exclusion Mas...

Page 67: ...der option the file winword exe will be excluded from the scan if found in any C Program Files subfolders Enter the full name of the threat that you want to exclude from scans as given in the Virus En...

Page 68: ...nternet Browser as the Threat Type and enter an allowed domain mask in the Advanced settings field 4 Define which Kaspersky Anti Virus components will use this rule If any is selected as the value thi...

Page 69: ...clusion rule from the report window 1 Select the object in the report that you want to add to the exclusions 2 Open the context menu and select Add to trusted zone see Figure 14 3 The exclusion settin...

Page 70: ...mputer that has already been scanned by the anti virus applica tion and can boost computer productivity which is especially important when using server applications By default Kaspersky Anti Virus sca...

Page 71: ...Protection management system 71 The file path is inserted automatically when you select its name Figure 15 Trusted application list Figure 16 Adding an application to the trusted list...

Page 72: ...ct registry access excludes from scanning any ac cesses of the system registry initiated by the trusted application Do not scan network traffic excludes from scans for viruses any network traffic init...

Page 73: ...sed on the information retrieved The scanning process includes the following steps 1 The file is analyzed for viruses Malicious objects are detected by com parison with the application databases which...

Page 74: ...ced Figure 17 File Anti Virus security level The default setting for File Anti Virus is Recommended You can raise or lower the protection level for files you use by either selecting the level you want...

Page 75: ...Virus operation by only scanning new and modified files Then the scan will not take up as many system resources so you can com fortably use other applications To modify the settings for a security le...

Page 76: ...us will only scan potentially infected files files that a virus could imbed itself in Note There are a number of file formats that have a fairly low risk of having malicious code injected into them an...

Page 77: ...sion is ignored and analysis of the file headers will uncover that the file is an exe file File Anti Virus would thoroughly scan the file for vi ruses In the Productivity section you can specify that...

Page 78: ...anned later If this option is not checked access to files larger than the size indicated will be blocked until they have been scanned Do not process archives larger than MB With this option checked fi...

Page 79: ...ing Note that you can only enter masks will absolute paths to objects C dir or C dir or C dir all files in folder C dir C dir exe all files with the extension exe in the folder C dir C dir ex all file...

Page 80: ...g advanced settings As additional File Anti Virus settings you can specify the file system scanning mode and configure the conditions for temporarily pausing the component To configure additional File...

Page 81: ...ces To lower the load and ensure that the user regains access to files quickly we recommend configuring the component to disable at a certain time or while certain programs are used To pause the compo...

Page 82: ...euristic method un like the signature method is aimed at detecting typical behavior of operations rather than malicious code signatures that allow the program to make a conclu sion on a file with a ce...

Page 83: ...quality of the scan for new threats against operating system load and scan duration The higher you set the heuris tics level the more system resources the scan will require and the longer it will tak...

Page 84: ...Security Level area see Figure 17 If you modified the list of objects included in the protected zone when configuring File Anti Virus settings the program will ask you if you want to save that list f...

Page 85: ...recorded in the report see 15 3 on pg 163 Later you can attempt to disinfect this object Block access Disinfect File Anti Virus will block access to the object and will attempt to disinfect it If it...

Page 86: ...ed If the actions selected were Block access Disinfect all untreated objects will also be blocked In order to regain access to blocked objects they must be disinfected To do so 1 Select File Anti Viru...

Page 87: ...e databases included in the program and with the heuristic algorithm The databases contain descriptions of all the malicious programs known to date and methods for neutralizing them The heuristic algo...

Page 88: ...cting an email security level Kaspersky Anti Virus protects your email at one of these levels see Figure 25 Maximum Protection the level with the most comprehensive monitoring of incoming and outgoing...

Page 89: ...ree email service For a number of reasons your email contains archived attachments How do you maximally protect your computer from infection through email Tip for selecting a level By analyzing your s...

Page 90: ...tored mass mailings of infected emails from your computer If you are certain that the emails that you are sending do not contain dangerous objects you can disable the outgoing email scan To do so 1 Op...

Page 91: ...can select the file type by clicking the File types button Delete selected attachment types filter out and delete a certain at tachment format You can select the file type by clicking the File types...

Page 92: ...Scan upon receiving analyzes each email when it enters your Inbox Scan when read scans each email when you open it to read it Scan upon sending scans each email for viruses when you send it Warning If...

Page 93: ...s 93 Figure 27 Configuring Mail Anti Virus settings in Microsoft Office Outlook 8 2 3 Configuring email scans in The Bat Actions taken on infected email objects in The Bat are defined with the pro gra...

Page 94: ...8 2 1 on pg 90 To set up email protection rules in The Bat 1 Select Preferences from the email client s Options menu 2 Select Protection from the settings tree The protection settings displayed see Fi...

Page 95: ...object will remain in the email since the action selected in The Bat takes precedent over the actions of Mail Anti Virus Remove infected parts delete the dangerous object in the email re gardless of...

Page 96: ...he Customize button in the Security Level area see Figure 25 3 Select Heuristic Analyzer tab in the resulting dialog see Figure 29 To use heuristic methods check Use Heuristic Analyzer Additionally sc...

Page 97: ...ojan for more details see 1 3 on pg 12 Potentially infected when the scan cannot determine whether the object is infected This means that the program detected a sequence of code in the file from an un...

Page 98: ...ou can attempt to disinfect this ob ject Block access Disinfect Delete if disinfection fails2 E Mail Anti Virus will block access to the object and will attempt to disinfect it If it is successfully d...

Page 99: ...e Web Anti Virus to protect yourself while using the Internet Even if your computer is run ning on a network protected by a firewall or HTTP traffic filters Web Anti Virus provides additional protecti...

Page 100: ...Scripts are scanned according to the following algorithm 1 Web Anti Virus intercepts each script run on a web page and scans them for malicious code 2 If a script contains malicious code Web Anti Vir...

Page 101: ...bjects scanned the fewer objects are scanned for malicious code the higher the scan speed If none of the preinstalled levels fully meet your requirements their settings may be customized It is recomme...

Page 102: ...at are run You can configure Web Anti Virus settings to increase component operation speed specifically Configuring general scan settings see 9 2 1 on pg 102 Create a list of trusted web addresses see...

Page 103: ...the problem of interrupting the connection without re ducing security while using the Internet By default caching time for file fragments is limited to one second Increasing this value or deselecting...

Page 104: ...virus com download_virus page_0 9abcdef html any single character Example If you create mask Patch_123 com URLs containing that series of characters plus any single character following the 3 will not...

Page 105: ...esolution may be set by moving the slider to one of the following settings Shal low Medium or Detail Figure 33 Using Heuristic Analysis 9 2 4 Restoring default Web Anti Virus settings When configuring...

Page 106: ...b Anti Virus displays a warning on the screen and offers a choice of several actions for the object Figure 34 Selecting actions for dangerous scripts The possible options for processing dangerous HTTP...

Page 107: ...Web Anti Virus always blocks dangerous scripts and issues popup messages that inform the user of the action taken You cannot change the response to a dangerous script other than by disabling the scri...

Page 108: ...persky Anti Virus Proactive De fense do not require as much time as the reactive technique and neutralize new threats before they harm your computer How is this done In contrast with reac tive technol...

Page 109: ...l rules are provided for application activity and monitoring changes to the system registry and programs run on the computer You can edit the rules at your own discretion by adding deleting or editing...

Page 110: ...taken You must accept the decision block or allow this activity on your own You can create a rule for the activity and cancel the actions taken in the system If the user does not take any actions whe...

Page 111: ...crosoft Windows Vista or Mi crosoft Windows Vista x64 Whether system registry changes are monitored By default Enable Registry Guard is checked which means Kas persky Anti Virus analyzes all attempts...

Page 112: ...zes the activity of ap plications installed on your computer and based on the list of rules created by Kaspersky Lab detects dangerous or suspicious actions by the programs Such actions include for ex...

Page 113: ...run Keylogger detection This activity is used in attempts by malicious pro grams to read passwords and other confidential information which you have entered using your keyboard The list of dangerous a...

Page 114: ...e setting You can assign a time value for how frequently the scan will run for detecting hidden processes in the system Choose if you want to generate a report on the operation carried out To do so cl...

Page 115: ...ac counts Figure 37 Configuring application activity control for Microsoft Windows XP Professional x64 Edition Microsoft Windows Vista Microsoft Windows Vista x64 10 2 Application Integrity Control T...

Page 116: ...st The monitoring of processes and their integrity in the system is enabled by checking the box Enable Application Integrity Control in the Proactive De fense settings window by default the box is unc...

Page 117: ...ication to the critical application list and create a rule for it 1 Click Add on the Critical applications tab A context menu will open click Browse to open the standard file selection window or click...

Page 118: ...odule from the list and click the Modify button Select the needed action in the window that opens Note that Kaspersky Anti Virus trains the first time you run the controlled applica tion after install...

Page 119: ...ware that presents a serious threat to your computer For example malicious programs can copy their information to the registry key that makes applications open automatically on startup Malicious progr...

Page 120: ...hat you can raise or lower using the Move Up and Move Down buttons The higher the group is on the list the higher the priority assigned to it If the same registry file falls under several groups the f...

Page 121: ...ain at least one system registry file The Keys tab provides a list of files for the rule To add a system registry file 1 Click on the Add button in the Edit group window see Figure 41 2 In the window...

Page 122: ...is being monitored Proactive Defense s response when a program attempts to execute an operation with a system registry files To create a rule for your selected system registry files 1 Click New on th...

Page 123: ...Proactive Defense response to the selected application attempting to read edit or delete system registry files You can use any of these actions as a response allow prompt for action and block Left cli...

Page 124: ...allowed for a system regi stry object from a notification window stating that a program is trying to execute an operation with an object To do so click Create allow rule in the notification and speci...

Page 125: ...ans for viruses all programs loaded when the operating system boots Rootkit Scans Rootkits Scans the computer for rootkits that hide malicious programs in the operat ing system These utilities injecte...

Page 126: ...rmed are displayed in the context menu by right clicking on the application icon in the taskbar notification area To pause a virus scan task Select the under Scan in the application main window and cl...

Page 127: ...r In addition when you add a folder that contains embedded objects to a scan area you can edit the recursion To accomplish this select an object from the list of objects to be scanned open the context...

Page 128: ...main window 2 Open context menu and select Save As or click on New Scan Task 3 Enter the name for the new task in the window that opens and click OK A task with that name will then appear in the list...

Page 129: ...ur computer are determined by the properties assigned for each task To configure task settings open application settings window select task name under Scan and use the Settings link You can use the se...

Page 130: ...intensive applications since the scope of files scanned is reduced Figure 45 Selecting a virus scan security level By default the File Anti Virus security level is set to Recommended You can raise or...

Page 131: ...example would be txt files And vice versa there are file formats that contain or can contain executa ble code Examples would be the formats exe dll or doc The risk of insertion and activation of mali...

Page 132: ...compound files You can also set time and file size limits for scanning in the Productivity section Stop if scan takes longer than sec Check this option and enter the max imum scan time for an object I...

Page 133: ...type of compound files to be scanned Parse email formats scan email files and email databases If this checkbox is selected Kaspersky Anti Virus will parse the mail file and analyze every component of...

Page 134: ...ed the program will scan the archive again There are limitations to iChecker it does not work with large files and only applies to objects with a structure that Kaspersky Anti Virus recognizes for exa...

Page 135: ...Rootkit scans may be performed by any virus scan task provided this option is enabled for the specific task however Kaspersky Lab experts have created and optimized a separate scan task to look for th...

Page 136: ...be used to disable enable virus scan heuristic analysis for unknown threats This requires that the following steps be performed 1 Open the application settings window and select a task under Scan 2 C...

Page 137: ...rogram s next steps depend on the object status and the action selected One of the following statuses can be assigned to the object after the scan Malicious program status for example virus Trojan Pot...

Page 138: ...report without processing them or notifying the user You are advised not to use this feature since infected and potentially infected objects stay on your computer and it is practically impossible to a...

Page 139: ...he settings recom mended by Kaspersky Lab You can configure global scan settings for all tasks You will use a set of proper ties used to scan an individual object for viruses as a starting point To as...

Page 140: ...y of an antivirus You can download the test virus from the official EICAR website http www eicar org anti_virus_test_file htm The file that you downloaded from the EICAR website contains the body of a...

Page 141: ...g error An error occurred while processing the object the applica tion cannot access the object be ing scanned since the integrity of the object has been breached for example no end to a multivolume a...

Page 142: ...ts to be logged so the report file retains data on corrupted objects and objects not scanned because of errors To do so check Log non critical events under Reports and data files in the applica tion s...

Page 143: ...f the test virus that you created 2 Create a new virus scan task see 11 3 on pg 127 and select the folder containing the set of test viruses as the objects to scan see 12 1 on pg 140 3 Allow all event...

Page 144: ...Dangerous object detected This way by selecting different options for actions you can test Kaspersky Anti Virus reactions to detecting various object types You can view details on virus scan task perf...

Page 145: ...atures network drivers that enable protection components to intercept network traffic are updated Previous versions of Kaspersky Lab applications have supported standard and extended databases sets Ea...

Page 146: ...version of the databases and application modules you will see a notification window confirming that your computer is up do date If the databases and modules on your computer differ from those on the...

Page 147: ...that this service is enabled see 13 3 3 on pg 152 13 2 Rolling back to the previous update Every time you begin updating Kaspersky Anti Virus first creates a backup copy of the current databases and...

Page 148: ...example you have no Internet connection you can call the Kaspersky Lab main office at 7 495 797 87 00 7 495 956 00 00 to request contact information for Kaspersky Lab partners who can provide zipped...

Page 149: ...site in the Source field When selecting an ftp site as an update source authentication settings must be entered in the URL of the server in the format ftp user password server Warning If a resource lo...

Page 150: ...ng the Kaspersky Lab update server closest to you will save you time and download updates faster To choose the closest server check Define region do not use autodetect and select the country closest t...

Page 151: ...network resource is specified as an update source Kaspersky Anti Virus tries to launch updating after a certain amount of time has elapsed as specified in the previous update package If a local folde...

Page 152: ...Kaspersky Lab web servers or from another web re sources hosting a current set of updates The updates retrieved are placed in a public access folder 2 Other computers on the network access the public...

Page 153: ...ains updates copied from the Internet you must take the following steps 1 Grant public access to this folder 2 Specify the shared folder as the update source on the network comput ers in the Updater s...

Page 154: ...heir statuses can change after several scans Some objects can then be restored to their pre vious locations and you will be able to continue working with them To disable scans of quarantined objects u...

Page 155: ...e of your key s impending expiration date An appropriate message will be dis played every time the application is started Information on the current key is shown under Activation see Figure 56 in the...

Page 156: ...Virus 7 0 Figure 56 Key Management Kaspersky Lab regularly has special pricing offers on license extensions for our products Check for specials on the Kaspersky Lab website in the Prod ucts Sales and...

Page 157: ...xample Technical Support provides comprehensive assistance with Kaspersky Anti Virus see 15 10 on pg 190 Kaspersky provides you with several channels for support including on line support user forum a...

Page 158: ...torage area that holds potentially infected objects Potentially infected objects are objects that are suspected of being infected with viruses or modifications of them Why potentially infected This ar...

Page 159: ...e using the Clear link To access objects in Quarantine Click Quarantine You can take the following actions on the Quarantine tab see Figure 57 Move a file to Quarantine that you suspect is infected bu...

Page 160: ...jects with the status false posi tive OK and disinfected since restoring other objects could lead to in fecting your computer Delete any quarantined object or group of selected objects Only delete obj...

Page 161: ...tine Backup section see Figure 58 enter the length of time after which objects in Quarantine will be automatically deleted Alternately uncheck the checkbox to disable automatic deletion Figure 58 Conf...

Page 162: ...number of backup copies of objects created by Kaspersky Anti Virus the current size of Backup Here you can delete all copies in backup using the Clear link To access dangerous object copies Click Back...

Page 163: ...t up the program so that it automatically deletes the oldest copies from Backup see 15 2 2 on pg 163 15 2 2 Configuring Backup settings You can define the maximum time that backup copes remain in the...

Page 164: ...events reported for a component or task Select the name of the component or task on the Reports tab and click the Details button A window will then open that contains detailed information on the perf...

Page 165: ...the object is not suc cessfully disinfected you can leave it on this list to scan later with up dated application databases or delete it You can apply this action to a single object on the list or to...

Page 166: ...mportant for security To log events check Log non critical events Choose only to report events that have occurred since the last time the task was run This saves disk space by reducing the report size...

Page 167: ...en where you must decide what actions will be taken next If you check Apply to all in the notification window the selected action will be applied to all objects with the same status selected from the...

Page 168: ...checked Figure 63 Events that take place in component operation The format for displaying events in the event log may vary with the component or task The following information is given for update tas...

Page 169: ...level for a component or virus scan what actions are being taken with dangerous objects or what settings are being used for program updates Use the Change settings link to configure the component You...

Page 170: ...us scan at the end of the work day and do not want to wait for it to finish However to use this feature you must take the following additional steps before launching the scan you must disable password...

Page 171: ...system files and made the operating system impossible to start This disk includes Microsoft Windows XP Service Pack 2 system files A set of operating system diagnostic utilities Kaspersky Anti Virus p...

Page 172: ...Wizard by clicking Finished The Cancel button will stop the Wizard at any point Step 1 Getting ready to write the disk To create a rescue disk specify the path to the following folders PE Builder pro...

Page 173: ...RW The CD will start burning when you click the Next button Wait until the process is complete This could take several minutes Step 4 Finishing the rescue disk This Wizard window informs you that you...

Page 174: ...dated application databases during the current session with the rescue disk prior to restarting your computer Warning If infected or potentially infected objects were detected when you scanned the com...

Page 175: ...ports select the option Monitor all ports To edit the list of monitored ports manually select Monitor selected ports only To add a new port to the monitored port list 1 Click on the Add button in the...

Page 176: ...ebpage 15 6 Scanning Secure Connections Connecting using SSL protocol protects data exchange through the Internet SSL protocol can identify the parties exchanging data using electronic certificates en...

Page 177: ...nage your personal account In this case it is im portant to receive confirmation of the authenticity of the bank s certifi cate If the program establishing the connection checks the certificate of the...

Page 178: ...e Proxy Server and configure the following settings as necessary Select proxy server parameters to use Automatically detect the proxy server settings If this option is se lected proxy server settings...

Page 179: ...d user name and password are not specified or rejected by the proxy for whatever reason a dialog requesting user name and password will be displayed If authorization is successful the specified user n...

Page 180: ...ers are enumerated 15 8 Configuring the Kaspersky Anti Virus interface Kaspersky Anti Virus gives you the option of changing the appearance of the program by creating and using skins You can also conf...

Page 181: ...ransparency disappears You can change the degree of transparency of such messages To do so adjust the Transparency factor scale to the desired position To re move message transparency uncheck Enable s...

Page 182: ...s see Figure 72 starting Kaspersky Anti Virus at operating system startup see 15 11 on pg 192 user notification of certain application events see 15 9 1 on pg 183 Kaspersky Anti Virus self defense fro...

Page 183: ...ted successfully or can record an error in a com ponent that must be immediately eliminated To receive updates on Kaspersky Anti Virus operation you can use the notifica tion feature Notices can be de...

Page 184: ...d since they re flect important situations in the operation of the program For example protection disabled or computer has not been scanned for viruses for a long time Minor notifications are referenc...

Page 185: ...events that occur check in the Log column and configure event log settings see 15 9 1 3 on pg 186 Figure 73 Program events and event notification methods 15 9 1 2 Configuring email notification After...

Page 186: ...address to which notices will be sent in To Email address Assign a email notification delivery method in the Send mode If you want the program to send email as soon as the event occurs select Immedia...

Page 187: ...computer literacy Leaving access to the program and its settings open could dramatically lower the security of the computer as a whole To ensure the stability of your computer s security system Self...

Page 188: ...n window and enter the password and area that the access restriction will cover see Figure 75 You can block any program operations except notifica tions for dangerous object detection or prevent any o...

Page 189: ...and select a save destination To import settings from a configuration file 1 Open the program settings window and select the Service section 2 Click the Load button and select the file from which you...

Page 190: ...he top section presents general application information version database pub lication date as well as a summary of your computer s operating system If problems should arise while running Kaspersky Ant...

Page 191: ...irectly at the Technical Support web site A new service referred to as the Personal Cabinet provides users access to a personal section of the Technical Support web site The Personal Cabinet enables y...

Page 192: ...Virus needs to be shut down select Exit on the application context menu see 4 2 on pg 40 This will cause the application to be unloaded from random access memory which would mean that your computer w...

Page 193: ...king No in the notifica tion window This will cause the application to continue running If the application is shut down protection may be re enabled by restarting Kas persky Anti Virus by selecting St...

Page 194: ...command prompt syntax Accessing Help for command syntax The command line syntax is avp com command settings You must access the program from the command prompt from the program installation folder or...

Page 195: ...update made command can only be executed if the password assigned through the program interface is entered EXIT Closes the program you can only execute this command with the password assigned in the p...

Page 196: ...ACTIVATE 11AA1 11AAA 1AA11 1A111 avp com ADDKEY 1AA111A1 key password your_password 16 2 Managing program components and tasks Command syntax avp com command profile task_name R A report_file avp com...

Page 197: ...assigned in the pro gram interface R A report_file R report_file only log important events in the report RA report_file log all events in the report You can use an absolute or relative path to the fi...

Page 198: ...ive Defense subcomponents pdm application activity analysis UPDATER Updater Rollback Rolls back to the previous update SCAN_OBJECTS Virus scan task SCAN_MY_COMPUTER My Computer task SCAN_CRITICAL_ARE...

Page 199: ...settings To scan objects you can also start one of the tasks created in Kaspersky Anti Virus from the command prompt see 16 1 on pg 195 The task will be run with the settings specified in the program...

Page 200: ...ot defined the default value is i8 i0 take no action on the object simply record informa tion about it in the report i1 Treat infected objects and if disinfection fails skip i2 Treat infected objects...

Page 201: ...b Do not scan mailboxes e m Do not scan plain text emails e filemask Do not scan objects by mask e seconds Skip objects that are scanned for longer that the time specified in the seconds parameter es...

Page 202: ...programs mailboxes the directories My Docu ments and Program Files and the file test exe avp com SCAN MEMORY STARTUP MAIL C Documents and Settings All Users My Documents C Program Files C Downloads t...

Page 203: ...ortant events in the report RA report_file log all events in the report You can use an absolute or relative path to the file If the parameter is not defined the scan results are displayed on screen an...

Page 204: ...vents in the report You can use an absolute or relative path to the file If the parameter is not defined the scan results are displayed on screen and all events are displayed password Password for acc...

Page 205: ...only be used to specify the main settings for program operation Example avp com EXPORT c settings dat 16 7 Importing settings Command syntax avp com IMPORT filename password password file_name Path to...

Page 206: ...syntax avp com TRACE file on off trace_level Parameter description on off Enable disable trace creation file Output trace to file trace_level This value can be an integer from 0 minimum level only cri...

Page 207: ...avp com command avp com HELP command 16 12 Return codes from the command line interface This section contains a list of return codes from the command line The general codes may be returned by any comm...

Page 208: ...sky Anti Virus missing components or delete the pro gram 1 Insert the installation CD into the CD DVD ROM drive if you used one to install the program If you installed Kaspersky Anti Virus from a dif...

Page 209: ...nfected objects You are advised to save these in case they can be restored later Quarantine files files that are potentially infected by viruses or modifi cations of them These files contain code that...

Page 210: ...ystem The program will ask if you want to restart your computer Click Yes to restart right away To restart your computer later click No 17 2 Uninstalling the program from the command line To uninstall...

Page 211: ...hecksums and file checksum storage in alternate NTFS streams Question Why is activation required Will Kaspersky Anti Virus work without a key file Kaspersky Anti Virus will run without a key although...

Page 212: ...n order to create this file do the following 1 Right click My computer and select the Properties item in the shortcut menu that will open 2 Select the Advanced tab in the System Properties window and...

Page 213: ...a program exe executable file or self extracting archive sys system driver prg program text for dBase Clipper or Microsoft Visual FoxPro or a WAVmaker program bin binary file bat batch file cmd comma...

Page 214: ...l mbx extension for saved Microsoft Office Outlook emails doc Microsoft Office Word document such as doc Microsoft Office Word document docx Microsoft Office Word 2007 document with XML support docm M...

Page 215: ...t 2007 presentation with macro support potx Microsoft Office Power Point 2007 presentation template potm Microsoft Office PowerPoint 2007 presentation template with macro support ppsx Microsoft Office...

Page 216: ...s folder uncheck Include subfolders when creating the mask Tip and exclusion masks can only be used if you assign an excluded threat type according to the Virus Encyclopedia Otherwise the threat speci...

Page 217: ...ame by mask For example not a virus excludes potential dangerous programs from the scan as well as joke programs Riskware excludes riskware from the scan RemoteAdmin excludes all remote administration...

Page 218: ...e protection from current and future threats Resistance to future attacks is the basic policy implemented in all Kaspersky Lab s products At all times the company s products remain at least one step a...

Page 219: ...or may be bundled with various integrated solutions offered by Kaspersky Lab Ltd Kaspersky OnLine Scanner This program is a free service provided to the visitors of Kaspersky Lab s corpo rate website...

Page 220: ...cal areas of the operating system and Windows start up objects Proactive protection the program constantly monitors application ac tivity and processes running in random access memory preventing dange...

Page 221: ...ed it is moved to Quarantine or deleted Real time scanning all incoming and outgoing files are automatically scanned as well as files when attempts are made to access them Protection from text message...

Page 222: ...ation to the system admin istrator Log detailed reports Automatically update program databases Kaspersky Open Space Security Kaspersky Open Space Security is a software package withal new approach to...

Page 223: ...e your system after a virus outbreak An extensive reporting system on protection status Automatic database updates Full support for 64 bit operating systems Optimization of program performance on lapt...

Page 224: ...programs Quarantining suspicious objects automatic database updates Kaspersky Enterprise Space Security This program includes components for protecting linked workstations and servers from all today s...

Page 225: ...y This solution monitors all inbound and outbound data streams e mail Internet and all network interactions It includes components for protecting workstations and mobile devices keeps information safe...

Page 226: ...junk mail Remote disinfection capability Intel Active Management Intel vPro Rollback for malicious system modifications Self Defense from malicious programs full support for 64 bit operating systems a...

Page 227: ...es available automatic database updates Kaspersky Security for Internet Gateways This program provides secure access to the Internet for all an organization s em ployees automatically deleting malware...

Page 228: ...r an existing mail server or a dedicated one Kaspersky Anti Spam s high performance is ensured by daily updates to the content filtration database adding samples provided by the Company s linguistic l...

Page 229: ...Appendix B 229 General information WWW http www kaspersky com http www viruslist com E mail info kaspersky com...

Page 230: ...SINGLE ENTITY ARE CONSENTING TO BE BOUND BY THIS AGREEMENT IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT DO NOT BREAK THE CD DVD s SLEEVE DOWNLOAD INSTALL OR USE THIS SOFTWARE IN ACCORDANC...

Page 231: ...are and Documentation and will take all reasonable precautions to protect the Software from unauthorized copying or use 1 1 2 The Software protects computer against viruses whose signatures are con ta...

Page 232: ...e which will have been provided to you by Kaspersky Lab with this Agreement It shall be at the absolute discretion of Kaspersky Lab whether or not you have satisfied this condition for the provision o...

Page 233: ...ion in any form to any third party without the prior written consent of Kaspersky Lab You shall implement reason able security measures to protect such confidential information but without limi tation...

Page 234: ...rranties or other terms as to satisfactory quality fitness for purpose or as to the use of rea sonable skill and care 6 Limitation of Liability i Nothing in this Agreement shall exclude or limit Kaspe...

Page 235: ...e been given or may be implied from anything written or said in negotiations between us or our representatives prior to this Agreement and all prior agreements between the parties relating to the matt...

Reviews: