background image

The Settings Tree 

118

 

 

Let’s imagine that you go to a web site containing a script virus similar to 

LoveLetter

4

. If your Internet browser has low-level protection, the script virus will 

be immediately executed, but Kaspersky AV Script Checker will prevent the 
execution of the infected script and protect your computer from the virus attack. 
Kaspersky AV Script Checker will send a warning like that shown below (Figure 
86): 

 

Figure 86. Warning about a possible virus

                                                           

4

 LoveLetter is a dangerous Internet worm that led to mass computer infection in May, 

2000. The worm was spread by e-mail messages. When activated it would send itself to 
all addresses stored in the Microsoft Outlook address book (see 

www.viruslist.com

 for 

more detail). 

Содержание ANTI-VIRUS 4.5 - FOR MICROSOFT EXCHANGE...

Страница 1: ...KASPERSKY LAB LTD Kaspersky Anti Virus 4 5 for Microsoft NT Server USER GUIDE...

Страница 2: ...K A SPER SK Y AN TI V IRU S 4 5 FOR M I C R O S O F T N T S E R V E R User Guide Kaspersky Lab Ltd Visit our Web Site http www kaspersky com Edition date September 2003...

Страница 3: ...R 18 3 1 Starting Kaspersky Anti Virus Scanner 18 3 2 Program Interface 21 3 2 1 System menu 21 3 2 2 Main window 22 3 2 3 Menu 22 3 2 4 Tool bar 23 3 2 5 Work area 24 3 2 6 Status bar 25 3 3 Changing...

Страница 4: ...window 46 4 2 3 Menu 47 4 2 4 Toolbar 48 4 2 5 Work area 49 4 3 Changing Settings 50 4 4 Loading disabling and enabling Kaspersky AV Monitor 50 4 5 Viewing performance statistics 51 4 6 Updating Anti...

Страница 5: ...hedule window for Kaspersky AV Scanner and Updater 97 6 3 3 1 Launching on event 98 6 3 3 2 Launching by condition 99 6 3 3 3 Launching hourly 101 6 3 3 4 Launching daily 101 6 3 3 5 Launching weekly...

Страница 6: ...SCRIPT CHECKER 117 APPENDIX A ADVANCED CHECKING TOOLS 119 A 1 The Heuristic Checking Tool Code Analyzer 119 A 2 The Redundant Scanning Tool 120 APPENDIX B GLOSSARY 122 APPENDIX C KASPERSKY LABS LTD 12...

Страница 7: ...e most commonly used mail systems Kaspersky Anti Virus Monitor is a resident virus detection monitor that checks files that are started and opened Note that Kaspersky Anti Virus Monitor is able to rem...

Страница 8: ...nti Virus Scanner and or Kaspersky Anti Virus Monitor By using Kaspersky Administration Kit the remote administration program a network administrator can remotely manage components of the Kaspersky An...

Страница 9: ...800 x 600 the small font should be selected and the system date should be set correctly 1 3 Distribution kit You can purchase Kaspersky Anti Virus for Microsoft NT Server either from our distributors...

Страница 10: ...LA 1 4 Help Desk for Registered Users Kaspersky Labs offers a large service package enabling its legal customers to enjoy all available features of Kaspersky Anti Virus If you register and purchase a...

Страница 11: ...nu titles commands window titles dialog elements etc Note Additional information notes Attention Critical information To do this 1 Step 1 2 Actions that must be taken Task or example Formulation of th...

Страница 12: ...e step forward Back move one step backward There are two possible variations on how to install the product installing it for the first time and reinstalling Below both variants are described in detail...

Страница 13: ...Program Folder dialog box for the Kaspersky Anti Virus for Microsoft NT Server icon to appear in the standard Program menu Press Next Step 5 Choose setup type Choose one of the three setup types in t...

Страница 14: ...an use the following accounts Local System account the Windows account This account the user account which details are specified in the fields at the right Step 10 Enter the administration password In...

Страница 15: ...Kaspersky Anti Virus for Microsoft NT Server package and start working it is ESSENTIAL to restart your computer Press Finish The startup of your operating system may be delayed because the program is...

Страница 16: ...ard settings file In this box you can select one of the following options Merge appends a standard settings file to settings detected in the existing file Overwrite installs a standard settings file i...

Страница 17: ...ailboxes of the most commonly used mail systems Microsoft Outlook Microsoft Exchange Microsoft Internet Mail Eudora Pro Lite Pegasus Mail Netscape Navigator Mail JSMail SMTP POP3 server Detects and de...

Страница 18: ...s complete D does not launch Kaspersky AV Scanner from being started if the data volumes have already been successfully checked that day that is if Kaspersky AV Scanner has already scanned the drives...

Страница 19: ...itch can follow the filename but in this case the filename must be enclosed with quotation marks If the name of the listed file doesn t contain spaces the switch EF can be positioned anywhere in the l...

Страница 20: ...ubchapter 3 2 2 appears on the screen and the icon is displayed in the system tray by clicking with your right mouse button on it you can display the system menu Figure 1 The system menu contains the...

Страница 21: ...3 Menu The menu bar is located at the top of the main window Some menu commands can be also activated using appropriate key combinations or buttons in the tool bar see subchapter 3 2 4 The appropriat...

Страница 22: ...s available only during the scanning process see subchapter 3 4 2 Scan View Scan Options display the program settings in plain text form see subchapter 3 3 5 Tools Update Now update anti virus databas...

Страница 23: ...window Tools Update Now update Anti Virus bases File Unload Kaspersky Anti Virus Scanner unload the Kaspersky AV Scanner program from memory 3 2 5 Work area The main window work area is divided into...

Страница 24: ...to the item To display the right click menu of an item in the settings tree 1 Place your mouse cursor on the required item 2 Click your right mouse button The appropriate right click menu will appear...

Страница 25: ...hese options may be viewed in the following two modes Standard and Expert To switch between these modes use the corresponding buttons in the left frame of the window work area Figure 3 The Objects fra...

Страница 26: ...ation within the file system check the corresponding box to the left of the location name To scan a group of disks check the My Computer box in the upper left sub frame and the required boxes in the u...

Страница 27: ...his difference inside the larger location or keep it for a certain period of time For details refer to subchapter 8 3 For every defined location within your file system you can specify separate scanni...

Страница 28: ...upper left sub frame Scan MS Outlook Express databases scans MS Outlook Express v 5 0 and later databases This check box is available only if you checked the My Computer box in the upper left sub fra...

Страница 29: ...ate a copy of the infected object before starting a cure A directory where the copy will be created is specified in the settings tree of the Options category see subchapter 3 3 2 2 The copy will not b...

Страница 30: ...n selected its advisable that you check the Scan compound files of the following types box and uncheck the Enable delete or rename non disinfected compound files box on the Options page In this case i...

Страница 31: ...enciphering programs CryptCOM to them 3 3 1 3 3 Scanning mail databases and plain mail files The program is able to search for viruses in mail databases and plain mail files Mail databases check this...

Страница 32: ...ect and delete viruses from MS Outlook Express 5 0 and later databases 3 3 1 3 4 Scanning embedded objects The program allows you to check for viruses not only in files but also in the objects embedde...

Страница 33: ...V Control Centre you can re define this directory by specifying the full path to your report file If the program is controlled by Kaspersky AV Control Centre you cannot re define this directory Show p...

Страница 34: ...his option button renames infected objects i e changes their extensions to the one defined in the Extension of infected file field Enable delete or rename non disinfected compound files check this box...

Страница 35: ...window with the Kaspersky AV Scanner performance statistics right after the check is finished If your Kaspersky AV Scanner main window is closed and you started scanning for viruses from the system me...

Страница 36: ...tings to a file These settings will be stored there and if you need to set the Kaspersky AV Scanner the same way later you can simply load them from this file Files with Kaspersky AV Scanner settings...

Страница 37: ...ed for the parent object System disk C a list of these rules will be displayed separately To review the text describing your Kaspersky AV Scanner settings select the View Scan Options command from the...

Страница 38: ...m loads anti virus databases and checks itself for viruses If the program is successfully loaded the following string appears at the bottom of the program main window Antiviral bases were loaded Known...

Страница 39: ...g priority of the check You may change the priority of the check without aborting it To do this follow these steps 1 Select the Change Scan Process Priority command from the Scan menu 2 Select the req...

Страница 40: ...monitor your Kaspersky AV Scanner progress will appear on your screen see Chapter 7 3 4 4 Viewing statistics Statistics If you enabled Kaspersky AV Scanner to report on its performance you can view th...

Страница 41: ...ects 3 5 Updating Anti Virus Databases You can start the anti virus database updating program from your Kaspersky AV Scanner main window To do so select the Update now command from the Tools menu or c...

Страница 42: ...an be used to review the generated list of viruses To exit the Kaspersky Virus List Generator dialog box press the Exit button You can start Kaspersky Virus List Generator directly from the Windows ma...

Страница 43: ...ur anti virus monitor Your Kaspersky AV monitor can be started Option 1 From the Windows Start menu To do this click the Start button on your Windows desktop point to Programs point to Kaspersky Anti...

Страница 44: ...s case you must use Control Centre to change your monitor settings 4 2 Program Interface This section describes the Kaspersky AV Monitor interface i e the system menu main window work area etc When en...

Страница 45: ...Kaspersky Anti Virus Monitor unloads the program from your computer memory Figure 13 System menu 4 2 2 Main window The Kaspersky AV Monitor main window allows you to change the monitor settings to di...

Страница 46: ...r buttons The key combination that may be used instead of a command is defined to the right of this command in the appropriate drop down menu For the list of key combinations and toolbar buttons that...

Страница 47: ...3 Tools Make Virus List generate a list of currently known viruses see subchapter 3 6 Help Contents display the Help topics window Help Kaspersky Anti Virus on the Web start your web browser and go t...

Страница 48: ...ations and the objects that must be checked for viruses and to specify how the monitor must process objects that have been defined as infected All these settings are arranged in a special control elem...

Страница 49: ...efined in the appropriate input field near the Limit size compound files to Kb box Note that in this version of Kaspersky Anti Virus for Microsoft NT Server Kaspersky AV Monitor scans for viruses and...

Страница 50: ...Monitor Enable monitoring Enable monitoring 4 5 Viewing performance statistics If you enabled the monitor to report on its performance you can view the statistics in progress in the Statistics frame...

Страница 51: ...ects renamed objects warnings the number of objects containing codes similar to known virus modifications suspicious objects Code Analyzer notifications corrupted objects I O errors 4 6 Updating Anti...

Страница 52: ...tion in the Kaspersky Anti Virus group Option 2 From the Control Centre automated With Kaspersky AV Control Centre installed you can create a task to automatically start the Kaspersky AV Updater see C...

Страница 53: ...Welcome Figure 16 Checking the Change settings box allows you to set up the update mode objects for updating and report options Otherwise the steps described below will be omitted Figure 16 The Welco...

Страница 54: ...tings tree Figure 18 Figure 18 The first level of the configuration tree Update Kaspersky Anti Virus from Internet select this option to update via the Internet Update Kaspersky Anti Virus from Local...

Страница 55: ...ky Anti Virus from Internet branch URL use this button to define the source of updates protocol server name etc User name use this field to define the user name allowing access to the updating server...

Страница 56: ...RLs in the list If you check the Use random URL in list as starting point box the program will randomly choose a URL from the list and will try to connect to this server first The list of URLs may be...

Страница 57: ...your IP LAN settings use this branch to define the connection to your IP via the local network Use passive mode FTP transfers use passive mode when working with an FTP server this is especially usefu...

Страница 58: ...ck on Connect A remote server will be dialed and connected to During the dial up the Connecting to Internet box with the Dialing message in the Status line will be displayed Figure 25 Figure 25 The Co...

Страница 59: ...n you have connected to the Internet a special symbol will appear on the taskbar To view the connection settings double click on the relevant icon on the taskbar Figure 28 Figure 29 LAN settings If yo...

Страница 60: ...rver or firewall connection port Authorization check this box to define the user s individual settings User name use this field to define the user name allowing access to the proxy or the firewall Pas...

Страница 61: ...pdate executable modules of the Kaspersky Anti Virus package Restart computer if needed check this box to restart the computer if required after the package executable modules are updated 5 2 3 Step 3...

Страница 62: ...is exceeded Advanced use this branch to configure the user interface Show progress window check this box to display the updating operation progress window see below Press the Next button to proceed w...

Страница 63: ...ages the icon is displayed only when the corresponding part is being updated The icon indicates a successful completion of this part of the updating process while shows that the updating program is ex...

Страница 64: ...ou productivity and at the same time keep your system safe from viruses The automated launch of the external programs allows you to use the Kaspersky AV Control Centre as a conventional task scheduler...

Страница 65: ...be able to import settings from this file see above Help displays the Help topics window About displays information about the product version the license name the license expiration date and more see...

Страница 66: ...d supports communication between a user and the program If you unload only the interface subprogram the tasks defined in the Kaspersky AV Control Centre settings will still be performed but the user w...

Страница 67: ...tings will be immediately loaded into the executable module To display the Help topics window press the Help button 6 2 1 The Tasks tab The Tasks tab Figure 38 allows you to manage the tasks The task...

Страница 68: ...you will see the statistics bar The contents of the statistics bar depend on the task type Thus for example the automated update task has the following lines in the statistics bar Date Time Action Re...

Страница 69: ...gure 39 Context menu in the event list The list has a context menu Figure 39 The context menu items are used for the following actions Delete deletes the selected event with confirmation Delete all de...

Страница 70: ...s command the New Task Wizard will be launched see subchapter 6 3 Report display the selected task performance report in the Kaspersky Report Viewer window see Chapter 7 Enable enable disable the sele...

Страница 71: ...mputer Some commands may be unavailable for some task types The tasks are launched in the order in which they are listed Task management as we have mentioned above can also be accomplished using tool...

Страница 72: ...he list and you press the key on the keyboard the list pointer will move to this task 6 2 1 1 The Property window This window appears when you press the button or select Properties in the context menu...

Страница 73: ...Scanner task property window The window contains the following categories Category Reference Objects See subchapter 3 3 1 Options See subchapter 3 3 2 Customize See subchapter 3 3 3 User account See s...

Страница 74: ...he task settings Figure 42 Some of the categories match those located in the corresponding component main window other categories are specific only to Kaspersky AV Control Centre Figure 42 The Kaspers...

Страница 75: ...k property window Tab Reference Connection See subchapter 5 2 2 Options See subchapter 5 2 3 User account See subchapter 6 3 5 Schedule See subchapter 6 3 3 Alerts See subchapter 6 3 4 The Connection...

Страница 76: ...Figure 44 The Components tab The tool bar is located in the right part of the tab when you right click on it the context menu appears Figure 45 Figure 45 Context menu and the tool bar on the Componen...

Страница 77: ...about the product version date of the last anti virus bases update and more If you click on this button or select this menu entry the About window will open 6 2 3 The Settings tab The Settings tab Fi...

Страница 78: ...spersky AV Control Centre components Alerts This category contains parameters responsible for processing alerts about critical events in the Kaspersky AV Control Centre task performance Quarantine Thi...

Страница 79: ...res It is responsible for password setup and access and denial to some task types The Kaspersky AV Control Centre allows you to protect some running actions by a password In that way user access to th...

Страница 80: ...ngs modification If you check this box the program will prompt for the password when somebody tries to display the window and to change settings of Kaspersky AV Control Centre Protect Kaspersky AV Con...

Страница 81: ...AV Server the server component of the Kaspersky Anti Virus remote management system Process alerts by Kaspersky AV Control Centre Send alerts using the Kaspersky AV Control Centre To limit the number...

Страница 82: ...pe the recipient s e mail address in this line From Type in the name or address to be displayed in the From line of an e mail message Any string can be the value of this line This setting is required...

Страница 83: ...rver port address The default value is 25 Let s study an example of tab Alerts settings usage Let s say we need to set up SMS messages sending about critical network events to the mobile phone of a sy...

Страница 84: ...98 operating system running on your computer the Kaspersky AV Control Centre application allows you to set up message sending through MAPI Figure 55 MAPI settings To set up MAPI parameters select the...

Страница 85: ...nagement option to enable the network functioning of the Kaspersky Anti Virus using Kaspersky Network Control Centre set the selector to the Use Kaspersky Network Control Centre position Figure 57 Use...

Страница 86: ...t the IP addresses of the computers with permitted remote management The Security tree branch contains the following items Allow all addresses Gives permission to all network computers to remotely man...

Страница 87: ...rsky AV Server communication TCP port 8084 Kaspersky AV Server communication UDP port 8084 To enter new settings go to the TCP IP ports section Figure 59 then enter the new values 6 2 3 4 The Customiz...

Страница 88: ...1 To enable the sound check the appropriate box and click on the corresponding button to display the window in which you want to select the audio file This file should be written in the WAV format Let...

Страница 89: ...background color Task list window background the background color of the task list window of the Tasks tab Component window background the Components tab background color Event list window background...

Страница 90: ...arantine category Files in quarantine are stored in encoded form This reduces the risk of infection from this virus the executable code cannot be started without preliminary decryption saves time for...

Страница 91: ...bar buttons located at the right side of the page By using commands from the View sub menu you can define the display of the icons and the list in table form or just file names To review the file prop...

Страница 92: ...the file from the list of quarantined files and press the button at the right side of the frame or select the Extract command from the file right click menu 2 In the file restoration wizard box on yo...

Страница 93: ...may be automatically deleted from its original location only if you preset the anti virus programs on the computer to delete infected files selected the Delete option To add a file to the quarantine f...

Страница 94: ...l Centre is designed as a Windows Wizard with a sequence of windows steps each of which is used for execution of a specified action To change windows click the Next one step forward and Back one step...

Страница 95: ...tting can be strictly specified in accordance with a schedule determined by the occurrence of some system event or be specified by the user during the switch to a different activity for example during...

Страница 96: ...sk read further for a description of this window Clicking on the Pause button will pause the task setup 6 3 3 The Schedule window for Kaspersky AV Scanner and Updater When creating a Kaspersky Anti Vi...

Страница 97: ...ng on event The Kaspersky AV Control Centre allows you to set the task launch on occurrence of a certain system event or by user command To select this launch option point to On event then in the righ...

Страница 98: ...sk types to be launched once a day or on each occurrence of the event 6 3 3 2 Launching by condition The Kaspersky AV Control Centre allows you to set the task launch on the occurrence of specified co...

Страница 99: ...Start Kaspersky AV Monitor Update anti virus databases Start Kaspersky AV Scanner The program processes the following main task results Any the created task will run immediately after the main task e...

Страница 100: ...25 and so on 6 3 3 4 Launching daily Figure 76 Start the task every day To start the task on a daily basis at a scheduled time select the Daily option in the Schedule window Figure 76 then set up the...

Страница 101: ...ekly Figure 77 Start the task every week To launch a task on a weekly basis on a scheduled day and time enable the Weekly option in the Schedule window then specify the days and hours of the task laun...

Страница 102: ...en the created task will be launched and specify the launch time in the Time tab See subchapter 6 3 3 4 for more information on how to specify the time in the list The task launch days are checked Fig...

Страница 103: ...V Control Centre can be launched as a Windows system service before login In this case define the user account to be used by the task The user account contains information about the user such as full...

Страница 104: ...start 6 3 6 Task settings At this phase of task creation set up the task parameters specific for this type of task As a rule the contents of these settings are equivalent to the tabs Let s take a look...

Страница 105: ...ndow for the Kaspersky AV Scanner task are similar to those in the Settings window of Kaspersky Anti Virus Scanner for details refer to subchapter 3 3 2 Figure 81 The Settings window for the Kaspersky...

Страница 106: ...y AV Updater main window The Kaspersky Report Viewer main window Figure 82 contains the following items menu tool bar list of sessions within the current file you can open only one report file at a ti...

Страница 107: ...ses Toolbar button Menu commands Function View Always on top Sets the program main window to overlay all other windows on your Windows desktop File Open Allows you to open a selected report file File...

Страница 108: ...re 83 appears in the report window when you press the toolbar button or select the Find command in the Edit menu To search for a string or its part enter it in the String to find text field define the...

Страница 109: ...arch function detect the first string or the string part matching the predefined search criteria you can move to the next string meeting the same criteria by pressing the toolbar button or selecting t...

Страница 110: ...are illustrated by pictures so you can see how they look like in the program windows 8 1 The Settings Tree Every joint in this tree may have branches If a branch is visible the corresponding joint lo...

Страница 111: ...ntrols 8 2 1 Check box A box may be unchecked meaning that this type of virus check will not be performed checked meaning that the program will perform this type of virus check To check and uncheck a...

Страница 112: ...o select the option button the SPACE key on your keyboard the command of the right click menu your mouse to click on it To deselect the option button By selecting another option button from the group...

Страница 113: ...to click on the field icon the command of the right click menu the F2 key on your keyboard 8 2 5 Input field defining the number of To input a new value in the number field you must type it in from yo...

Страница 114: ...rarchy item must or must not be checked for viruses and the rules describe methods that will be applied when handling this item All the hierarchy items by default inherit rules of the group these are...

Страница 115: ...triangle in the right bottom corner The triangle may be red or black The inheriting mode is enabled but some objects are excluded from the group and have their own settings If the triangle is red the...

Страница 116: ...sends a message and prohibits execution of the script Kaspersky AV Script Checker does not use the anti virus databases The anti virus databases are used by Kaspersky AV Scanner and Kaspersky AV Monit...

Страница 117: ...tion of the infected script and protect your computer from the virus attack Kaspersky AV Script Checker will send a warning like that shown below Figure 86 Figure 86 Warning about a possible virus 4 L...

Страница 118: ...seems to be infected by a virus that infects EXE files ComExe the file seems to be infected by a virus that infects both COM and EXE files ComTSR ExeTSR SysTSR ComExeTSR the file seems to be infected...

Страница 119: ...y encrypted ones in the Kaspersky Lab s database and we believe that newfound viruses that aren t yet in the database will be detected with the same degree of probability A 2 The Redundant Scanning To...

Страница 120: ...121 Kaspersky Anti Virus for Microsoft NT Server the redundant scanning tool as it noticeably slows down the scanning rate and increases the probability of false alarms...

Страница 121: ...cts on a computer see also Kaspersky Anti Virus Scanner boot virus A virus that occupies a boot sector of the infected diskette or a boot sector or the master boot record of the infected hard drive Th...

Страница 122: ...es and worms that are executed directly in the computer memory Kaspersky Anti Virus Updater A computer program that allows automatic updating of anti virus bases and package components Kaspersky Repor...

Страница 123: ...a tree with conventional controls as joints buttons drop down lists check boxes etc service sub program of a Kaspersky Anti Virus package component A sub program that constantly resides in the compute...

Страница 124: ...g themselves for more details see Virus Encyclopedia http www viruslist com eng viruslist asp virus attack A set of actions that are performed in order to infect a computer Windows virus A virus that...

Страница 125: ...server Upcoming add on features include Kaspersky Anti Hacker for general workplace defense against any hacker attacks and Kaspersky Anti Spam for enterprise wide prevention of incoming spam messages...

Страница 126: ...uspect application from accessing the network This allows you to preserve confidential data on your machine Thanks to SmartStealth technique it becomes more difficult to detect your computer from outs...

Страница 127: ...se any of the anti virus programs according to the operation systems and applications you use Kaspersky Corporate Suite The package has been developed to provide the full scale data protection for cor...

Страница 128: ...es incoming e mail traffic streams for objects identified as spam Software is compatible with any mail system already used in the customer company and can be installed both on existing mail server or...

Страница 129: ...ASPERSKY LAB DISTRIBUTOR OR RESELLER THE RIGHT TO RETURN AND REFUND EXTENDS ONLY TO THE ORIGINAL PURCHASER All references to Software herein shall be deemed to include the software activation key Key...

Страница 130: ...fies you that it does not intend to make such information available for any reason including without limitation costs you shall be permitted to take such steps to achieve interoperability provided tha...

Страница 131: ...ey File unless and until earlier terminated as set forth herein This Agreement will terminate automatically if you fail to comply with any of the conditions limitations or other requirements described...

Страница 132: ...t the prior written consent of Kaspersky Lab You shall implement reasonable security measures to protect such confidential information but without limitation to the foregoing shall use best endeavours...

Страница 133: ...nable skill and care 7 Limitation of Liability i Nothing in this Agreement shall exclude or limit Kaspersky Lab liability for i the tort of deceit ii death or personal injury caused by its breach of a...

Страница 134: ...you and Kaspersky Lab whether oral or in writing which have been given or may be implied from anything written or said in negotiations between us or our representatives prior to this Agreement and al...

Отзывы: