KAPERSKY ANTI-VIRUS 7.0 Скачать руководство пользователя страница 112 | Manualshive

Страница: 112 / 235

KAPERSKY ANTI-VIRUS 7.0 Скачать руководство пользователя страница 112

112

Kaspersky Anti-Virus 7.0

10.1.

Activity Monitoring Rules

Note that configuring application control under Microsoft Windows XP Profes-
sional x64 Edition, Microsoft Windows Vista or Microsoft Windows Vista x64 dif-
fers from the configuration process on other operating systems.

Information about configuring activity control for these operating systems is pro-
vided at the end of this section.

Kaspersky Anti-Virus monitors application activity on your computer. The applica-
tion includes a set of event descriptions that can be tracked as dangerous. A
monitoring rule is created for each such event. If the activity of any application is
classified as a dangerous event, Proactive Defense will strictly adhere to the
instructions stated in the rule for that event.

Select the

Enable Application Activity Analyzer

checkbox if you want to

monitor the activity of applications.

Let's take a look a several types of events that occur in the system that the appli-
cation will track as suspicious:

Dangerous behavior

. Kaspersky Anti-Virus analyzes the activity of ap-

plications installed on your computer, and based on the list of rules
created by Kaspersky Lab, detects dangerous or suspicious actions by
the programs. Such actions include, for example, masked program in-
stallation, or programs copying themselves.

Launching Internet browser with parameters

. By analyzing this type of

activity,  you  can  detect  attempts  to  open  a  browser  with  settings.  This
activity  is  characteristic  of  opening  a  web  browser  from  an  application
with  certain  command  prompt  settings:  for  example,  when  you  click  a
link to a certain URL in an advertisement e-mail.

Intrusion into process (invaders)

– adding executable code or creating

an additional stream to the process of a certain program. This activity is
widely used by Trojans.

Rootkit detection

. A rootkit is a set of programs used to mask malicious

programs and their processes in the system. Kaspersky Anti-Virus ana-
lyzes the operating system for masked processes.

Window hooks

. This activity is used in attempts to read passwords and

other confidential information displayed in operating system dialog box-
es. Kaspersky Anti-Virus traces this activity if attempts are made to in-
tercept data transferred between the operating system and the dialog
box.

«
...
110
111
112
113
114
...
»

Содержание ANTI-VIRUS 7.0

Страница 1: ...KASPERSKY LAB Kaspersky Anti Virus 7 0 USERGUIDE...

Страница 2: ...K A S P E R S K Y A N T I V I R U S 7 0 User Guide Kaspersky Lab http www kaspersky com Revision date December 2007...

Страница 3: ...23 2 2 4 Program tools 23 2 3 Hardware and software system requirements 24 2 4 Software packages 25 2 5 Support for registered users 26 CHAPTER 3 INSTALLING KASPERSKY ANTI VIRUS 7 0 27 3 1 Installatio...

Страница 4: ...How to scan a file folder or disk for viruses 51 5 6 How to update the program 52 5 7 What to do if protection is not running 53 CHAPTER 6 PROTECTION MANAGEMENT SYSTEM 54 6 1 Stopping and resuming rea...

Страница 5: ...ook 92 8 2 3 Configuring email scans in The Bat 93 8 2 4 Using Heuristic Analysis 95 8 2 5 Restoring default Mail Anti Virus settings 96 8 2 6 Selecting actions for dangerous email objects 97 CHAPTER...

Страница 6: ...ttings for all tasks 139 CHAPTER 12 TESTING KASPERSKY ANTI VIRUS FEATURES 140 12 1 The EICAR test virus and its variations 140 12 2 Testing File Anti Virus 142 12 3 Testing Virus scan tasks 143 CHAPTE...

Страница 7: ...ent notifications 183 15 9 1 1 Types of events and notification delivery methods 184 15 9 1 2 Configuring email notification 185 15 9 1 3 Configuring event log settings 186 15 9 2 Self Defense and acc...

Страница 8: ...g Install Wizard 208 17 2 Uninstalling the program from the command line 210 CHAPTER 18 FREQUENTLY ASKED QUESTIONS 211 APPENDIX A REFERENCE INFORMATION 213 A 1 List of files scanned by extension 213 A...

Страница 9: ...etwork of infected computers to attack servers send out spam harvest confidential information and spread new viruses and Trojans In today s world it is widely acknowledged that information is a valuab...

Страница 10: ...no one s property and has no geographical borders In many ways this has promoted the development of web resources and the exchange of information Today anyone can access data on the Internet or create...

Страница 11: ...email system When this occurs more than a handful of people are infected It might be hundreds or thousands of company workers together with potentially tens of thousands of subscribers Beyond the thre...

Страница 12: ...ojans Trojans are programs which carry out unauthorized actions on computers such as deleting information on drives making the system hang stealing confidential information and so on This class of mal...

Страница 13: ...operation Another type of malicious program that is similar to adware spyware and risk ware are programs that plug into your web browser and redirect traffic The web browser will open different web s...

Страница 14: ...comprehensive pro tection for your computer from both known and new threats Warning From this point forward we will use the term virus to refer to malicious and dangerous programs The type of malicio...

Страница 15: ...your computer is recommended see 5 3 on pg 50 if they should manifest themselves 1 5 What to do if you suspect infection If you notice that your computer is behaving suspiciously 1 Don t panic This i...

Страница 16: ...well timed pre vention Computer prophylactics involve a rather small number of rules that if complied with can significantly lower the likelihood of being infected with a virus and losing data Below...

Страница 17: ...pdated application databases Rule No 4 Do not trust virus hoaxes such as prank programs and emails about infection threats Rule No 5 Use the Microsoft Windows Update tool and regularly install Micro s...

Страница 18: ...uards all incoming and outgoing data channels A flexible configuration of all application components allows for maximum customi zation of Kaspersky Anti Virus to the needs of each user Configuration o...

Страница 19: ...using plug ins for Microsoft Office Outlook and The Bat Special plug ins are available for the most common mail clients such as Microsoft Office Outlook Microsoft Outlook Express Windows Mail and The...

Страница 20: ...incrementally ignoring files that have already been downloaded This lowers the download traffic for updates by up to 10 times Updates are downloaded from the most efficient source You can choose not t...

Страница 21: ...at monitors your computer s file system It scans all files that are opened run and saved on your computer and any at tached drives The program intercepts every attempt to access a file and scans the f...

Страница 22: ...ro grams it is extremely important to periodically scan your computer for viruses This is required to stop the spread of malicious programs not detected by real time protection components because of t...

Страница 23: ...enerates a report on each real time protection component virus scan task and application update It contains information on results and operations performed Details on any Kaspersky Anti Virus componen...

Страница 24: ...or send feedback or an error report to Technical Support by completing a spe cial online form You will also be able to access online Technical Support Personal Cabinet services and our employees will...

Страница 25: ...t EULA Before breaking the seal on the installation disk envelope carefully read through the EULA If you buy Kaspersky Anti Virus from an online store you copy the product from the Kaspersky Lab websi...

Страница 26: ...plication databases and new versions of the program free of charge Consultation on questions regarding installation configuration and op eration of the program by phone and email Notifications on new...

Страница 27: ...with an installer package downloaded from the Internet is identical to installing it from an installation CD To install Kaspersky Anti Virus to your computer start the setup file on the prod uct CD T...

Страница 28: ...2 Installation Welcome window If your system fully meets all requirements an installation window will appear when you open the installer file with information on beginning the installation of Kaspers...

Страница 29: ...specify a full directory path manually please note that it should not exceed 200 characters or contain special characters To continue installation click the Next button Step 6 Selecting program compo...

Страница 30: ...r searches for other anti virus products installed on your computer including Kaspersky Lab products which could raise compatibility issues with Kaspersky Anti Virus The installer will display on scre...

Страница 31: ...nents which intercept network traffic Most dropped connections are re established after a period of time Step 10 Completing the installation procedure The Complete Installation window contains informa...

Страница 32: ...e application and its expiration date The key contains system information necessary for all the program s features to operate and other information Support information who provides program support and...

Страница 33: ...a physical medium the activation code is printed on the installation disk The activation code is a sequence of numbers and letters divided by hyphens into four groups of five symbols without spaces Fo...

Страница 34: ...e file obtained will be installed into the application automatically and an acti vation complete window will be displayed for you with detailed information on the key being used Note When this activat...

Страница 35: ...to alter system settings suspi cious activity in the system and unauthorized activity on the network All of the activities listed above could be signs of malicious programs or standard activity for s...

Страница 36: ...nd down loading the latest program updates To do so click Update now Then Kas persky Anti Virus will download the necessary updates from the update servers and will install them on your computer To co...

Страница 37: ...ct the area below that you want password protection to apply to All operations except notifications of dangerous events Request pass word if the user attempts any action with the program except for re...

Страница 38: ...computer to complete the program installation You must restart for Kaspersky Anti Virus drivers to register You can wait to restart but if you do some of the program s protection compo nents will not...

Страница 39: ...r see 11 2 on pg 126 The plug ins extend the functionality of these programs by making Kaspersky Anti Virus management and settings possible from their interfaces 4 1 Icon in the taskbar notification...

Страница 40: ...e main window will open at the section that was active when you last closed it If news from Kaspersky Lab are available the following icon will appear in the taskbar notification area Double click the...

Страница 41: ...gram updates or virus scan tasks About the program calls up a window with info about Kaspersky Anti Virus Exit close Kaspersky Anti Virus when this option is selected the applica tion will be unloaded...

Страница 42: ...easy access to any component virus scan task execution updates application support functionality the right part of the window the information panel contains information on the protection component se...

Страница 43: ...information on the status of these tasks configure them or run them The Scan section provides access to virus scan tasks for objects It shows tasks created by Kaspersky Lab experts virus scan of criti...

Страница 44: ...s not installed it is recommended that it be purchased without delay and that the application be activated see 3 2 2 on pg 32 If a key is installed this section shows in formation on the type of key u...

Страница 45: ...ation context menu The settings window see Figure 3 is similar in layout to the main window the left part of the window gives you quick and easy access to the set tings for each application component...

Страница 46: ...46 Kaspersky Anti Virus 7 0 Figure 3 Kaspersky Anti Virus settings window...

Страница 47: ...lling and starting the program we recommend that you take the follow ing steps Check the current protection status see 5 1 on pg 47 to make sure that Kaspersky Anti Virus is running at the appropriate...

Страница 48: ...ed and urgently need to be disabled the product has not been activated If there are problems in the protection system we recommend fixing them imme diately Use the Security Wizard which will be access...

Страница 49: ...ew the current status of any individual real time protection component open the application main window and select the desired component under Protec tion Summary information on the selected component...

Страница 50: ...uter for viruses After installation the application will without fail inform you with a special notice in the lower left hand part of the application window that the computer has not yet been scanned...

Страница 51: ...task under Scan in the application main win dow 2 Click the Start Scan link When you do this a scan of the selected areas will begin and the details will be shown in a special window When you click th...

Страница 52: ...tes databases and modules for Kaspersky Anti Virus using dedicated update servers Kaspersky Lab s update servers are the Kaspersky Lab Internet sites where the program updates are stored Warning You w...

Страница 53: ...we recommend correct ing potential errors using the application restore feature see Chapter 17 on pg 208 If the application restore procedure does not help contact Kaspersky Lab Tech nical Support Yo...

Страница 54: ...with self defense features of other application see 6 5 on pg 59 list of threats see 6 2 on pg 58 protection from which will be provided by the application list of trusted objects see 6 9 on pg 64 wh...

Страница 55: ...ction window that opens see Figure 5 select how soon you want protection to resume In time interval protection will be enabled this amount of time later To select a time value use the drop down menu A...

Страница 56: ...gram restarts Remem ber that if Kaspersky Anti Virus is somehow in conflict with other programs in stalled on your computer you can pause individual components or create an exclusion list see 6 9 on p...

Страница 57: ...sion are saved and will continue to be recorded after the compo nent is updated To stop an individual protection component Open the application main window select component under Protection and click...

Страница 58: ...he computer Once the procedure is complete the computer will have to be restarted It is rec ommended that a full virus scan be initiated after the computer is restarted To engage the Advanced Disinfec...

Страница 59: ...igure 6 It should be noted that this setting may be configured for each individual virus scan task The individual task setting will have higher priority 6 5 Troubleshooting Kaspersky Anti Virus Compat...

Страница 60: ...xample the network update folder or authorized user rights for a proxy server You can use this feature to run the Updater with another profile that has those rights To configure a scan task to run as...

Страница 61: ...t the desired option under Frequency see Figure 9 Then update settings for the selected option must be specified under Update Settings The following selection is available At a specified time Run task...

Страница 62: ...e the Time field to specify what time of day the scan task will be run Weeks Tasks will be run or notifications sent on certain days of the week If this frequency is selected check the days of the wee...

Страница 63: ...ncludes potentially dangerous soft ware that may inconvenience the user or incur serious damage Potentially dangerous software riskware This group includes programs that are not malicious or dangerous...

Страница 64: ...u can exclude files of certain formats from the scan use a file mask or ex clude a certain area for example a folder or a program program processes or objects according to Virus Encyclopedia threat ty...

Страница 65: ...ect dur ing the scan A verdict is based on the classification of malicious and potentially dangerous programs found in the Kaspersky Lab Virus Encyclopedia Potentially dangerous software does not have...

Страница 66: ...eate exclusion rules in a special window that you can open from the program settings window from the notice about detecting the object and from the report window To add exclusions on the Exclusion Mas...

Страница 67: ...der option the file winword exe will be excluded from the scan if found in any C Program Files subfolders Enter the full name of the threat that you want to exclude from scans as given in the Virus En...

Страница 68: ...nternet Browser as the Threat Type and enter an allowed domain mask in the Advanced settings field 4 Define which Kaspersky Anti Virus components will use this rule If any is selected as the value thi...

Страница 69: ...clusion rule from the report window 1 Select the object in the report that you want to add to the exclusions 2 Open the context menu and select Add to trusted zone see Figure 14 3 The exclusion settin...

Страница 70: ...mputer that has already been scanned by the anti virus applica tion and can boost computer productivity which is especially important when using server applications By default Kaspersky Anti Virus sca...

Страница 71: ...Protection management system 71 The file path is inserted automatically when you select its name Figure 15 Trusted application list Figure 16 Adding an application to the trusted list...

Страница 72: ...ct registry access excludes from scanning any ac cesses of the system registry initiated by the trusted application Do not scan network traffic excludes from scans for viruses any network traffic init...

Страница 73: ...sed on the information retrieved The scanning process includes the following steps 1 The file is analyzed for viruses Malicious objects are detected by com parison with the application databases which...

Страница 74: ...ced Figure 17 File Anti Virus security level The default setting for File Anti Virus is Recommended You can raise or lower the protection level for files you use by either selecting the level you want...

Страница 75: ...Virus operation by only scanning new and modified files Then the scan will not take up as many system resources so you can com fortably use other applications To modify the settings for a security le...

Страница 76: ...us will only scan potentially infected files files that a virus could imbed itself in Note There are a number of file formats that have a fairly low risk of having malicious code injected into them an...

Страница 77: ...sion is ignored and analysis of the file headers will uncover that the file is an exe file File Anti Virus would thoroughly scan the file for vi ruses In the Productivity section you can specify that...

Страница 78: ...anned later If this option is not checked access to files larger than the size indicated will be blocked until they have been scanned Do not process archives larger than MB With this option checked fi...

Страница 79: ...ing Note that you can only enter masks will absolute paths to objects C dir or C dir or C dir all files in folder C dir C dir exe all files with the extension exe in the folder C dir C dir ex all file...

Страница 80: ...g advanced settings As additional File Anti Virus settings you can specify the file system scanning mode and configure the conditions for temporarily pausing the component To configure additional File...

Страница 81: ...ces To lower the load and ensure that the user regains access to files quickly we recommend configuring the component to disable at a certain time or while certain programs are used To pause the compo...

Страница 82: ...euristic method un like the signature method is aimed at detecting typical behavior of operations rather than malicious code signatures that allow the program to make a conclu sion on a file with a ce...

Страница 83: ...quality of the scan for new threats against operating system load and scan duration The higher you set the heuris tics level the more system resources the scan will require and the longer it will tak...

Страница 84: ...Security Level area see Figure 17 If you modified the list of objects included in the protected zone when configuring File Anti Virus settings the program will ask you if you want to save that list f...

Страница 85: ...recorded in the report see 15 3 on pg 163 Later you can attempt to disinfect this object Block access Disinfect File Anti Virus will block access to the object and will attempt to disinfect it If it...

Страница 86: ...ed If the actions selected were Block access Disinfect all untreated objects will also be blocked In order to regain access to blocked objects they must be disinfected To do so 1 Select File Anti Viru...

Страница 87: ...e databases included in the program and with the heuristic algorithm The databases contain descriptions of all the malicious programs known to date and methods for neutralizing them The heuristic algo...

Страница 88: ...cting an email security level Kaspersky Anti Virus protects your email at one of these levels see Figure 25 Maximum Protection the level with the most comprehensive monitoring of incoming and outgoing...

Страница 89: ...ree email service For a number of reasons your email contains archived attachments How do you maximally protect your computer from infection through email Tip for selecting a level By analyzing your s...

Страница 90: ...tored mass mailings of infected emails from your computer If you are certain that the emails that you are sending do not contain dangerous objects you can disable the outgoing email scan To do so 1 Op...

Страница 91: ...can select the file type by clicking the File types button Delete selected attachment types filter out and delete a certain at tachment format You can select the file type by clicking the File types...

Страница 92: ...Scan upon receiving analyzes each email when it enters your Inbox Scan when read scans each email when you open it to read it Scan upon sending scans each email for viruses when you send it Warning If...

Страница 93: ...s 93 Figure 27 Configuring Mail Anti Virus settings in Microsoft Office Outlook 8 2 3 Configuring email scans in The Bat Actions taken on infected email objects in The Bat are defined with the pro gra...

Страница 94: ...8 2 1 on pg 90 To set up email protection rules in The Bat 1 Select Preferences from the email client s Options menu 2 Select Protection from the settings tree The protection settings displayed see Fi...

Страница 95: ...object will remain in the email since the action selected in The Bat takes precedent over the actions of Mail Anti Virus Remove infected parts delete the dangerous object in the email re gardless of...

Страница 96: ...he Customize button in the Security Level area see Figure 25 3 Select Heuristic Analyzer tab in the resulting dialog see Figure 29 To use heuristic methods check Use Heuristic Analyzer Additionally sc...

Страница 97: ...ojan for more details see 1 3 on pg 12 Potentially infected when the scan cannot determine whether the object is infected This means that the program detected a sequence of code in the file from an un...

Страница 98: ...ou can attempt to disinfect this ob ject Block access Disinfect Delete if disinfection fails2 E Mail Anti Virus will block access to the object and will attempt to disinfect it If it is successfully d...

Страница 99: ...e Web Anti Virus to protect yourself while using the Internet Even if your computer is run ning on a network protected by a firewall or HTTP traffic filters Web Anti Virus provides additional protecti...

Страница 100: ...Scripts are scanned according to the following algorithm 1 Web Anti Virus intercepts each script run on a web page and scans them for malicious code 2 If a script contains malicious code Web Anti Vir...

Страница 101: ...bjects scanned the fewer objects are scanned for malicious code the higher the scan speed If none of the preinstalled levels fully meet your requirements their settings may be customized It is recomme...

Страница 102: ...at are run You can configure Web Anti Virus settings to increase component operation speed specifically Configuring general scan settings see 9 2 1 on pg 102 Create a list of trusted web addresses see...

Страница 103: ...the problem of interrupting the connection without re ducing security while using the Internet By default caching time for file fragments is limited to one second Increasing this value or deselecting...

Страница 104: ...virus com download_virus page_0 9abcdef html any single character Example If you create mask Patch_123 com URLs containing that series of characters plus any single character following the 3 will not...

Страница 105: ...esolution may be set by moving the slider to one of the following settings Shal low Medium or Detail Figure 33 Using Heuristic Analysis 9 2 4 Restoring default Web Anti Virus settings When configuring...

Страница 106: ...b Anti Virus displays a warning on the screen and offers a choice of several actions for the object Figure 34 Selecting actions for dangerous scripts The possible options for processing dangerous HTTP...

Страница 107: ...Web Anti Virus always blocks dangerous scripts and issues popup messages that inform the user of the action taken You cannot change the response to a dangerous script other than by disabling the scri...

Страница 108: ...persky Anti Virus Proactive De fense do not require as much time as the reactive technique and neutralize new threats before they harm your computer How is this done In contrast with reac tive technol...

Страница 109: ...l rules are provided for application activity and monitoring changes to the system registry and programs run on the computer You can edit the rules at your own discretion by adding deleting or editing...

Страница 110: ...taken You must accept the decision block or allow this activity on your own You can create a rule for the activity and cancel the actions taken in the system If the user does not take any actions whe...

Страница 111: ...crosoft Windows Vista or Mi crosoft Windows Vista x64 Whether system registry changes are monitored By default Enable Registry Guard is checked which means Kas persky Anti Virus analyzes all attempts...

Страница 112: ...zes the activity of ap plications installed on your computer and based on the list of rules created by Kaspersky Lab detects dangerous or suspicious actions by the programs Such actions include for ex...

Страница 113: ...run Keylogger detection This activity is used in attempts by malicious pro grams to read passwords and other confidential information which you have entered using your keyboard The list of dangerous a...

Страница 114: ...e setting You can assign a time value for how frequently the scan will run for detecting hidden processes in the system Choose if you want to generate a report on the operation carried out To do so cl...

Страница 115: ...ac counts Figure 37 Configuring application activity control for Microsoft Windows XP Professional x64 Edition Microsoft Windows Vista Microsoft Windows Vista x64 10 2 Application Integrity Control T...

Страница 116: ...st The monitoring of processes and their integrity in the system is enabled by checking the box Enable Application Integrity Control in the Proactive De fense settings window by default the box is unc...

Страница 117: ...ication to the critical application list and create a rule for it 1 Click Add on the Critical applications tab A context menu will open click Browse to open the standard file selection window or click...

Страница 118: ...odule from the list and click the Modify button Select the needed action in the window that opens Note that Kaspersky Anti Virus trains the first time you run the controlled applica tion after install...

Страница 119: ...ware that presents a serious threat to your computer For example malicious programs can copy their information to the registry key that makes applications open automatically on startup Malicious progr...

Страница 120: ...hat you can raise or lower using the Move Up and Move Down buttons The higher the group is on the list the higher the priority assigned to it If the same registry file falls under several groups the f...

Страница 121: ...ain at least one system registry file The Keys tab provides a list of files for the rule To add a system registry file 1 Click on the Add button in the Edit group window see Figure 41 2 In the window...

Страница 122: ...is being monitored Proactive Defense s response when a program attempts to execute an operation with a system registry files To create a rule for your selected system registry files 1 Click New on th...

Страница 123: ...Proactive Defense response to the selected application attempting to read edit or delete system registry files You can use any of these actions as a response allow prompt for action and block Left cli...

Страница 124: ...allowed for a system regi stry object from a notification window stating that a program is trying to execute an operation with an object To do so click Create allow rule in the notification and speci...

Страница 125: ...ans for viruses all programs loaded when the operating system boots Rootkit Scans Rootkits Scans the computer for rootkits that hide malicious programs in the operat ing system These utilities injecte...

Страница 126: ...rmed are displayed in the context menu by right clicking on the application icon in the taskbar notification area To pause a virus scan task Select the under Scan in the application main window and cl...

Страница 127: ...r In addition when you add a folder that contains embedded objects to a scan area you can edit the recursion To accomplish this select an object from the list of objects to be scanned open the context...

Страница 128: ...main window 2 Open context menu and select Save As or click on New Scan Task 3 Enter the name for the new task in the window that opens and click OK A task with that name will then appear in the list...

Страница 129: ...ur computer are determined by the properties assigned for each task To configure task settings open application settings window select task name under Scan and use the Settings link You can use the se...

Страница 130: ...intensive applications since the scope of files scanned is reduced Figure 45 Selecting a virus scan security level By default the File Anti Virus security level is set to Recommended You can raise or...

Страница 131: ...example would be txt files And vice versa there are file formats that contain or can contain executa ble code Examples would be the formats exe dll or doc The risk of insertion and activation of mali...

Страница 132: ...compound files You can also set time and file size limits for scanning in the Productivity section Stop if scan takes longer than sec Check this option and enter the max imum scan time for an object I...

Страница 133: ...type of compound files to be scanned Parse email formats scan email files and email databases If this checkbox is selected Kaspersky Anti Virus will parse the mail file and analyze every component of...

Страница 134: ...ed the program will scan the archive again There are limitations to iChecker it does not work with large files and only applies to objects with a structure that Kaspersky Anti Virus recognizes for exa...

Страница 135: ...Rootkit scans may be performed by any virus scan task provided this option is enabled for the specific task however Kaspersky Lab experts have created and optimized a separate scan task to look for th...

Страница 136: ...be used to disable enable virus scan heuristic analysis for unknown threats This requires that the following steps be performed 1 Open the application settings window and select a task under Scan 2 C...

Страница 137: ...rogram s next steps depend on the object status and the action selected One of the following statuses can be assigned to the object after the scan Malicious program status for example virus Trojan Pot...

Страница 138: ...report without processing them or notifying the user You are advised not to use this feature since infected and potentially infected objects stay on your computer and it is practically impossible to a...

Страница 139: ...he settings recom mended by Kaspersky Lab You can configure global scan settings for all tasks You will use a set of proper ties used to scan an individual object for viruses as a starting point To as...

Страница 140: ...y of an antivirus You can download the test virus from the official EICAR website http www eicar org anti_virus_test_file htm The file that you downloaded from the EICAR website contains the body of a...

Страница 141: ...g error An error occurred while processing the object the applica tion cannot access the object be ing scanned since the integrity of the object has been breached for example no end to a multivolume a...

Страница 142: ...ts to be logged so the report file retains data on corrupted objects and objects not scanned because of errors To do so check Log non critical events under Reports and data files in the applica tion s...

Страница 143: ...f the test virus that you created 2 Create a new virus scan task see 11 3 on pg 127 and select the folder containing the set of test viruses as the objects to scan see 12 1 on pg 140 3 Allow all event...

Страница 144: ...Dangerous object detected This way by selecting different options for actions you can test Kaspersky Anti Virus reactions to detecting various object types You can view details on virus scan task perf...

Страница 145: ...atures network drivers that enable protection components to intercept network traffic are updated Previous versions of Kaspersky Lab applications have supported standard and extended databases sets Ea...

Страница 146: ...version of the databases and application modules you will see a notification window confirming that your computer is up do date If the databases and modules on your computer differ from those on the...

Страница 147: ...that this service is enabled see 13 3 3 on pg 152 13 2 Rolling back to the previous update Every time you begin updating Kaspersky Anti Virus first creates a backup copy of the current databases and...

Страница 148: ...example you have no Internet connection you can call the Kaspersky Lab main office at 7 495 797 87 00 7 495 956 00 00 to request contact information for Kaspersky Lab partners who can provide zipped...

Страница 149: ...site in the Source field When selecting an ftp site as an update source authentication settings must be entered in the URL of the server in the format ftp user password server Warning If a resource lo...

Страница 150: ...ng the Kaspersky Lab update server closest to you will save you time and download updates faster To choose the closest server check Define region do not use autodetect and select the country closest t...

Страница 151: ...network resource is specified as an update source Kaspersky Anti Virus tries to launch updating after a certain amount of time has elapsed as specified in the previous update package If a local folde...

Страница 152: ...Kaspersky Lab web servers or from another web re sources hosting a current set of updates The updates retrieved are placed in a public access folder 2 Other computers on the network access the public...

Страница 153: ...ains updates copied from the Internet you must take the following steps 1 Grant public access to this folder 2 Specify the shared folder as the update source on the network comput ers in the Updater s...

Страница 154: ...heir statuses can change after several scans Some objects can then be restored to their pre vious locations and you will be able to continue working with them To disable scans of quarantined objects u...

Страница 155: ...e of your key s impending expiration date An appropriate message will be dis played every time the application is started Information on the current key is shown under Activation see Figure 56 in the...

Страница 156: ...Virus 7 0 Figure 56 Key Management Kaspersky Lab regularly has special pricing offers on license extensions for our products Check for specials on the Kaspersky Lab website in the Prod ucts Sales and...

Страница 157: ...xample Technical Support provides comprehensive assistance with Kaspersky Anti Virus see 15 10 on pg 190 Kaspersky provides you with several channels for support including on line support user forum a...

Страница 158: ...torage area that holds potentially infected objects Potentially infected objects are objects that are suspected of being infected with viruses or modifications of them Why potentially infected This ar...

Страница 159: ...e using the Clear link To access objects in Quarantine Click Quarantine You can take the following actions on the Quarantine tab see Figure 57 Move a file to Quarantine that you suspect is infected bu...

Страница 160: ...jects with the status false posi tive OK and disinfected since restoring other objects could lead to in fecting your computer Delete any quarantined object or group of selected objects Only delete obj...

Страница 161: ...tine Backup section see Figure 58 enter the length of time after which objects in Quarantine will be automatically deleted Alternately uncheck the checkbox to disable automatic deletion Figure 58 Conf...

Страница 162: ...number of backup copies of objects created by Kaspersky Anti Virus the current size of Backup Here you can delete all copies in backup using the Clear link To access dangerous object copies Click Back...

Страница 163: ...t up the program so that it automatically deletes the oldest copies from Backup see 15 2 2 on pg 163 15 2 2 Configuring Backup settings You can define the maximum time that backup copes remain in the...

Страница 164: ...events reported for a component or task Select the name of the component or task on the Reports tab and click the Details button A window will then open that contains detailed information on the perf...

Страница 165: ...the object is not suc cessfully disinfected you can leave it on this list to scan later with up dated application databases or delete it You can apply this action to a single object on the list or to...

Страница 166: ...mportant for security To log events check Log non critical events Choose only to report events that have occurred since the last time the task was run This saves disk space by reducing the report size...

Страница 167: ...en where you must decide what actions will be taken next If you check Apply to all in the notification window the selected action will be applied to all objects with the same status selected from the...

Страница 168: ...checked Figure 63 Events that take place in component operation The format for displaying events in the event log may vary with the component or task The following information is given for update tas...

Страница 169: ...level for a component or virus scan what actions are being taken with dangerous objects or what settings are being used for program updates Use the Change settings link to configure the component You...

Страница 170: ...us scan at the end of the work day and do not want to wait for it to finish However to use this feature you must take the following additional steps before launching the scan you must disable password...

Страница 171: ...system files and made the operating system impossible to start This disk includes Microsoft Windows XP Service Pack 2 system files A set of operating system diagnostic utilities Kaspersky Anti Virus p...

Страница 172: ...Wizard by clicking Finished The Cancel button will stop the Wizard at any point Step 1 Getting ready to write the disk To create a rescue disk specify the path to the following folders PE Builder pro...

Страница 173: ...RW The CD will start burning when you click the Next button Wait until the process is complete This could take several minutes Step 4 Finishing the rescue disk This Wizard window informs you that you...

Страница 174: ...dated application databases during the current session with the rescue disk prior to restarting your computer Warning If infected or potentially infected objects were detected when you scanned the com...

Страница 175: ...ports select the option Monitor all ports To edit the list of monitored ports manually select Monitor selected ports only To add a new port to the monitored port list 1 Click on the Add button in the...

Страница 176: ...ebpage 15 6 Scanning Secure Connections Connecting using SSL protocol protects data exchange through the Internet SSL protocol can identify the parties exchanging data using electronic certificates en...

Страница 177: ...nage your personal account In this case it is im portant to receive confirmation of the authenticity of the bank s certifi cate If the program establishing the connection checks the certificate of the...

Страница 178: ...e Proxy Server and configure the following settings as necessary Select proxy server parameters to use Automatically detect the proxy server settings If this option is se lected proxy server settings...

Страница 179: ...d user name and password are not specified or rejected by the proxy for whatever reason a dialog requesting user name and password will be displayed If authorization is successful the specified user n...

Страница 180: ...ers are enumerated 15 8 Configuring the Kaspersky Anti Virus interface Kaspersky Anti Virus gives you the option of changing the appearance of the program by creating and using skins You can also conf...

Страница 181: ...ransparency disappears You can change the degree of transparency of such messages To do so adjust the Transparency factor scale to the desired position To re move message transparency uncheck Enable s...

Страница 182: ...s see Figure 72 starting Kaspersky Anti Virus at operating system startup see 15 11 on pg 192 user notification of certain application events see 15 9 1 on pg 183 Kaspersky Anti Virus self defense fro...

Страница 183: ...ted successfully or can record an error in a com ponent that must be immediately eliminated To receive updates on Kaspersky Anti Virus operation you can use the notifica tion feature Notices can be de...

Страница 184: ...d since they re flect important situations in the operation of the program For example protection disabled or computer has not been scanned for viruses for a long time Minor notifications are referenc...

Страница 185: ...events that occur check in the Log column and configure event log settings see 15 9 1 3 on pg 186 Figure 73 Program events and event notification methods 15 9 1 2 Configuring email notification After...

Страница 186: ...address to which notices will be sent in To Email address Assign a email notification delivery method in the Send mode If you want the program to send email as soon as the event occurs select Immedia...

Страница 187: ...computer literacy Leaving access to the program and its settings open could dramatically lower the security of the computer as a whole To ensure the stability of your computer s security system Self...

Страница 188: ...n window and enter the password and area that the access restriction will cover see Figure 75 You can block any program operations except notifica tions for dangerous object detection or prevent any o...

Страница 189: ...and select a save destination To import settings from a configuration file 1 Open the program settings window and select the Service section 2 Click the Load button and select the file from which you...

Страница 190: ...he top section presents general application information version database pub lication date as well as a summary of your computer s operating system If problems should arise while running Kaspersky Ant...

Страница 191: ...irectly at the Technical Support web site A new service referred to as the Personal Cabinet provides users access to a personal section of the Technical Support web site The Personal Cabinet enables y...

Страница 192: ...Virus needs to be shut down select Exit on the application context menu see 4 2 on pg 40 This will cause the application to be unloaded from random access memory which would mean that your computer w...

Страница 193: ...king No in the notifica tion window This will cause the application to continue running If the application is shut down protection may be re enabled by restarting Kas persky Anti Virus by selecting St...

Страница 194: ...command prompt syntax Accessing Help for command syntax The command line syntax is avp com command settings You must access the program from the command prompt from the program installation folder or...

Страница 195: ...update made command can only be executed if the password assigned through the program interface is entered EXIT Closes the program you can only execute this command with the password assigned in the p...

Страница 196: ...ACTIVATE 11AA1 11AAA 1AA11 1A111 avp com ADDKEY 1AA111A1 key password your_password 16 2 Managing program components and tasks Command syntax avp com command profile task_name R A report_file avp com...

Страница 197: ...assigned in the pro gram interface R A report_file R report_file only log important events in the report RA report_file log all events in the report You can use an absolute or relative path to the fi...

Страница 198: ...ive Defense subcomponents pdm application activity analysis UPDATER Updater Rollback Rolls back to the previous update SCAN_OBJECTS Virus scan task SCAN_MY_COMPUTER My Computer task SCAN_CRITICAL_ARE...

Страница 199: ...settings To scan objects you can also start one of the tasks created in Kaspersky Anti Virus from the command prompt see 16 1 on pg 195 The task will be run with the settings specified in the program...

Страница 200: ...ot defined the default value is i8 i0 take no action on the object simply record informa tion about it in the report i1 Treat infected objects and if disinfection fails skip i2 Treat infected objects...

Страница 201: ...b Do not scan mailboxes e m Do not scan plain text emails e filemask Do not scan objects by mask e seconds Skip objects that are scanned for longer that the time specified in the seconds parameter es...

Страница 202: ...programs mailboxes the directories My Docu ments and Program Files and the file test exe avp com SCAN MEMORY STARTUP MAIL C Documents and Settings All Users My Documents C Program Files C Downloads t...

Страница 203: ...ortant events in the report RA report_file log all events in the report You can use an absolute or relative path to the file If the parameter is not defined the scan results are displayed on screen an...

Страница 204: ...vents in the report You can use an absolute or relative path to the file If the parameter is not defined the scan results are displayed on screen and all events are displayed password Password for acc...

Страница 205: ...only be used to specify the main settings for program operation Example avp com EXPORT c settings dat 16 7 Importing settings Command syntax avp com IMPORT filename password password file_name Path to...

Страница 206: ...syntax avp com TRACE file on off trace_level Parameter description on off Enable disable trace creation file Output trace to file trace_level This value can be an integer from 0 minimum level only cri...

Страница 207: ...avp com command avp com HELP command 16 12 Return codes from the command line interface This section contains a list of return codes from the command line The general codes may be returned by any comm...

Страница 208: ...sky Anti Virus missing components or delete the pro gram 1 Insert the installation CD into the CD DVD ROM drive if you used one to install the program If you installed Kaspersky Anti Virus from a dif...

Страница 209: ...nfected objects You are advised to save these in case they can be restored later Quarantine files files that are potentially infected by viruses or modifi cations of them These files contain code that...

Страница 210: ...ystem The program will ask if you want to restart your computer Click Yes to restart right away To restart your computer later click No 17 2 Uninstalling the program from the command line To uninstall...

Страница 211: ...hecksums and file checksum storage in alternate NTFS streams Question Why is activation required Will Kaspersky Anti Virus work without a key file Kaspersky Anti Virus will run without a key although...

Страница 212: ...n order to create this file do the following 1 Right click My computer and select the Properties item in the shortcut menu that will open 2 Select the Advanced tab in the System Properties window and...

Страница 213: ...a program exe executable file or self extracting archive sys system driver prg program text for dBase Clipper or Microsoft Visual FoxPro or a WAVmaker program bin binary file bat batch file cmd comma...

Страница 214: ...l mbx extension for saved Microsoft Office Outlook emails doc Microsoft Office Word document such as doc Microsoft Office Word document docx Microsoft Office Word 2007 document with XML support docm M...

Страница 215: ...t 2007 presentation with macro support potx Microsoft Office Power Point 2007 presentation template potm Microsoft Office PowerPoint 2007 presentation template with macro support ppsx Microsoft Office...

Страница 216: ...s folder uncheck Include subfolders when creating the mask Tip and exclusion masks can only be used if you assign an excluded threat type according to the Virus Encyclopedia Otherwise the threat speci...

Страница 217: ...ame by mask For example not a virus excludes potential dangerous programs from the scan as well as joke programs Riskware excludes riskware from the scan RemoteAdmin excludes all remote administration...

Страница 218: ...e protection from current and future threats Resistance to future attacks is the basic policy implemented in all Kaspersky Lab s products At all times the company s products remain at least one step a...

Страница 219: ...or may be bundled with various integrated solutions offered by Kaspersky Lab Ltd Kaspersky OnLine Scanner This program is a free service provided to the visitors of Kaspersky Lab s corpo rate website...

Страница 220: ...cal areas of the operating system and Windows start up objects Proactive protection the program constantly monitors application ac tivity and processes running in random access memory preventing dange...

Страница 221: ...ed it is moved to Quarantine or deleted Real time scanning all incoming and outgoing files are automatically scanned as well as files when attempts are made to access them Protection from text message...

Страница 222: ...ation to the system admin istrator Log detailed reports Automatically update program databases Kaspersky Open Space Security Kaspersky Open Space Security is a software package withal new approach to...

Страница 223: ...e your system after a virus outbreak An extensive reporting system on protection status Automatic database updates Full support for 64 bit operating systems Optimization of program performance on lapt...

Страница 224: ...programs Quarantining suspicious objects automatic database updates Kaspersky Enterprise Space Security This program includes components for protecting linked workstations and servers from all today s...

Страница 225: ...y This solution monitors all inbound and outbound data streams e mail Internet and all network interactions It includes components for protecting workstations and mobile devices keeps information safe...

Страница 226: ...junk mail Remote disinfection capability Intel Active Management Intel vPro Rollback for malicious system modifications Self Defense from malicious programs full support for 64 bit operating systems a...

Страница 227: ...es available automatic database updates Kaspersky Security for Internet Gateways This program provides secure access to the Internet for all an organization s em ployees automatically deleting malware...

Страница 228: ...r an existing mail server or a dedicated one Kaspersky Anti Spam s high performance is ensured by daily updates to the content filtration database adding samples provided by the Company s linguistic l...

Страница 229: ...Appendix B 229 General information WWW http www kaspersky com http www viruslist com E mail info kaspersky com...

Страница 230: ...SINGLE ENTITY ARE CONSENTING TO BE BOUND BY THIS AGREEMENT IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT DO NOT BREAK THE CD DVD s SLEEVE DOWNLOAD INSTALL OR USE THIS SOFTWARE IN ACCORDANC...

Страница 231: ...are and Documentation and will take all reasonable precautions to protect the Software from unauthorized copying or use 1 1 2 The Software protects computer against viruses whose signatures are con ta...

Страница 232: ...e which will have been provided to you by Kaspersky Lab with this Agreement It shall be at the absolute discretion of Kaspersky Lab whether or not you have satisfied this condition for the provision o...

Страница 233: ...ion in any form to any third party without the prior written consent of Kaspersky Lab You shall implement reason able security measures to protect such confidential information but without limi tation...

Страница 234: ...rranties or other terms as to satisfactory quality fitness for purpose or as to the use of rea sonable skill and care 6 Limitation of Liability i Nothing in this Agreement shall exclude or limit Kaspe...

Страница 235: ...e been given or may be implied from anything written or said in negotiations between us or our representatives prior to this Agreement and all prior agreements between the parties relating to the matt...

Отзывы:

Нет отзывов