McAfee VCLCDE-AA-DA - VirusScan Command Line Scanner Standard страница 24 Скачать руководство пользователя | Manualshive

Страница: 24 / 46

background image

24

VirusScan

®

Command Line 5.20.0 Product Guide

Using the Command-Line Scanner

Using heuristic analysis

3

Using heuristic analysis

A scanner uses two techniques to detect viruses — signature matching and heuristic
analysis.

A

virus signature

is simply a binary pattern that is found in a virus-infected file. Using

information in the DAT files, the scanner searches for those patterns. However, this
approach cannot detect a new virus because its signature is not yet known, therefore
the scanner uses another technique —

heuristic analysis

.

Programs, documents or e-mail messages that carry a virus often have distinctive
features. They might attempt unprompted modification of files, invoke mail clients, or
use other means to replicate themselves. The scanner analyzes the program code to
detect these kinds of computer instructions. The scanner also searches for
“legitimate,” non-virus-like behavior, such as prompting the user before taking action,
and thereby avoids raising false alarms.

In an attempt to avoid detection, some viruses are encrypted. Each computer
instruction is simply a binary number, but the computer does not use all the possible
numbers. By searching for unexpected numbers inside a program file, the scanner can
detect an encrypted virus. By using these techniques, the scanner can detect both
known viruses and many new viruses and variants. Options that use heuristic analysis
include

/ANALYZE

,

/MANALYZE

,

and

/PANALYZE

. See

Table 3-2

,

Scanning options

on

page 25

.

Producing reports

The scanner can report its results in a log file that you create and name. In this example,
the scanner creates its report in a log file called

WEEK40.TXT

, which appears in your

current working directory.

To create a report:

1

If you do not already have the VirusScan program directory listed in your path
statement, change to the directory where you stored your VirusScan program files.

2

At the command prompt, type:

SCAN /ADN /REPORT WEEK40.TXT

The scanner scans all network drives and generates a text file of the results. The
contents of the report are identical to the text you see on-screen as the scanner is
running.

3

To create a running report of the scanner’s actions, use the

/APPEND

option to add

any results of the scan to a file. At the command prompt, type:

SCAN /ADN /APPEND /REPORT WEEKLY.TXT

The scanner scans all network drives, and appends the results of the scan to the
existing file,

WEEKLY.TXT

.

«
...
22
23
24
25
26
...
»

Содержание VCLCDE-AA-DA - VirusScan Command Line Scanner Standard

Страница 1: ...Product Guide VirusScan Command Line version 5 20 0 McAfee System Protection Industry leading intrusion prevention solutions...

Страница 2: ...t 2001 Stellent Chicago Inc Software copyrighted by Thai Open Source Software Center Ltd and Clark Cooper 1998 1999 2000 Software copyrighted by Expat maintainers Software copyrighted by The Regents o...

Страница 3: ...8 Scanning protected files 18 Using memory caches 19 Scanning processes in memory 20 Running an on demand scan 20 Command line conventions 21 General hints and tips 21 Configuring scans 22 Creating a...

Страница 4: ...4 VirusScan Command Line 5 20 0 Product Guide Contents Updating your DAT files 43 Index 44...

Страница 5: ...horse programs and other types of potentially unwanted software The command line scanner enables you to search for viruses in any directory or file in your computer on demand in other words at any ti...

Страница 6: ...pgrade just replace your existing Engine with the new version and you re protected No worrying about compatibility Using this guide This guide provides information on installing configuring and using...

Страница 7: ...emphasis or when introducing a new term for names of product documentation and topics headings within the material Example Refer to the VirusScan Enterprise Product Guide for more information Blue A...

Страница 8: ...accessed from the software application Release Notes ReadMe Product information resolved issues any known issues and last minute additions or changes to the product or its documentation A text file is...

Страница 9: ...h Releases For Security Vulnerabilities Available to the public For Products ServicePortal account and valid grant number required Product Evaluation McAfee Beta Program Technical Support http www mca...

Страница 10: ...or equivalent processor 10 MB of free hard disk space for a full installation For Microsoft Windows 98 systems a minimum of 64 MB RAM is required 128 MB IS recommended For Microsoft Windows NT and lat...

Страница 11: ...a workstation logs on to a Novell NetWare server To enable the scanner to run on a personal computer before it can logon to a Novell NetWare server use the following steps immediately after installati...

Страница 12: ...LEVEL 20 GOTO ERR20 IF ERRORLEVEL 19 GOTO ERR19 IF ERRORLEVEL 15 GOTO ERR15 IF ERRORLEVEL 13 GOTO ERR13 IF ERRORLEVEL 10 GOTO ERR10 IF ERRORLEVEL 8 GOTO ERR8 IF ERRORLEVEL 6 GOTO ERR6 IF ERRORLEVEL 2...

Страница 13: ...E EXE on all of its program files and DAT files To ensure that you have exactly the same files as the original software you need to compare the validation codes that VALIDATE EXE generates against the...

Страница 14: ...pe the following character string as one line with no spaces or line breaks X5O P AP 4 PZX54 P 7CC 7 EICAR STANDARD ANTIVIRUS TEST FILE H H 2 Save the file with the name EICAR COM The file size will b...

Страница 15: ...ontains the VirusScan Command Line files as set up in Step 1 under Installing the software on page 11 2 Delete all files in the directory Caution Removing the software leaves your computer unprotected...

Страница 16: ...ing features offer optimum protection for your computer and network On demand scanning options let you start a scan immediately or schedule automatic scans Advanced heuristic analysis detects previous...

Страница 17: ...orts these items enabling you to remove them if necessary Scanning diskettes Diskettes pose a threat because many viruses infect computers when a computer boots from an infected disk or when users cop...

Страница 18: ...reams within the file independent executable program modules as well as various service streams such as file access rights encryption data and processing time Unfortunately some streams might contain...

Страница 19: ...ile read instead The size of reads for this cache is determined by a value in the range 0 through 4 as follows OCRS 0 128KB OCRS 1 256KB OCRS 2 512KB OCRS 3 1MB OCRS 4 2MB OCMAX The OCMAX option chang...

Страница 20: ...ile or directory on your file system from the command line by adding options to the basic command When executed without options the program simply displays a brief summary of its options When executed...

Страница 21: ...e assumes that the scanner is available in your search path To have the program examine a specific file or list of files add the target directories or files to the command line after SCAN You can limi...

Страница 22: ...CAN LOAD FILENAME TARGET Here FILENAME is the name of the text file you created in steps Step 2 and Step 3 and TARGET is the file or directory you want to scan If the scanner detects no virus infectio...

Страница 23: ...the directory DIR1 and all its subdirectories and produces information on screen SCAN C DIR1 SUB To produce a simple list of infected files you can add the BADLIST option SCAN C DIR1 SUB BADLIST BAD1...

Страница 24: ...ut the computer does not use all the possible numbers By searching for unexpected numbers inside a program file the scanner can detect an encrypted virus By using these techniques the scanner can dete...

Страница 25: ...not scanned for macros Table 3 2 Scanning options Option Limitations Description AD None Same as ALLDRIVES ADL None Scan all local drives including compressed and PC drives in addition to any other dr...

Страница 26: ...ime See also NORECALL and Scanning files in remote storage on page 18 DRIVER None Specify the location of the DAT files SCAN DAT NAMES DAT and CLEAN DAT If you do not specify this option in the comman...

Страница 27: ...command This option is a subset of ANALYZE See Using heuristic analysis on page 24 for more information MANY None Scan multiple disks consecutively in a single drive The program prompts you for each...

Страница 28: ...ote on page 29 Do not scan document files This includes Microsoft Office documents OLE2 PowerPoint CorelDraw WordPerfect RTF Visio Autodesk Autocad 2000 Adobe PDF 5 and Corel PhotoPaint 9 files NOEXPI...

Страница 29: ...ontains not its subdirectories Use this option to scan all subdirectories within the specified directories This option is not necessary if you specify an entire drive as a target TIMEOUT SECONDS None...

Страница 30: ...essage except a backslash Messages beginning with a slash or a hyphen must be placed in quotation marks DAM None Delete all macros in a file if an infected macro is found If you suspect you have an in...

Страница 31: ...n about renaming see Table 4 1 on page 40 See If the scanner detects a virus on page 40 for more information PAUSE Do not use with report options Enable a screen pause When the screen is full of messa...

Страница 32: ...information to the end of the file instead of overwriting it You can also use RPTALL RPTCOR and RPTERR to add more information to the report You can include the destination drive and directory such a...

Страница 33: ...command line options each with a brief description You can add a list of scanning options to a report file To do this type at the command prompt SCAN REPORT FILENAME The report is appended with the fu...

Страница 34: ...ile instead of overwriting it page 32 APPENDBAD Append names of infected files to an existing file as specified by BADLIST page 26 BADLIST FILENAME Create a list of infected files page 26 BEEP Issue a...

Страница 35: ...Microsoft Office compound documents that are password protected page 28 NODOC Do not scan document files page 28 NOEXPIRE Disable the expiration date message if the scanner s DAT files are out of date...

Страница 36: ...nACE CAB and CHM formats page 29 WINMEM Scan inside running processes page 29 VIRLIST Display the name of each virus that the scanner can detect page 32 Table 3 6 Alphabetic list of options continued...

Страница 37: ...Where an option has a parameter insert only one space between them For example the following commands are intended to scan all directories on the C disk and list any infected files in the file named B...

Страница 38: ...inate one potential cause of your computer problems To clean your computer If your computer has a virus or you suspect it has and you have not yet installed the on demand scanner follow these steps 1...

Страница 39: ...nect to the network and begin the installation procedure described on page 10 To find and remove the possible source of infection scan your diskettes immediately after installation For information see...

Страница 40: ...r BAD V02 and so on For file extensions with more than three letters the name is usually not truncated For example NOTEPAD CLASS becomes NOTEPAD VLASS However an infected file called WATER VAPOR becom...

Страница 41: ...hard disks To clean the Master Boot Record MBR on a hard disk formatted with the Microsoft Windows NT file system NTFS 1 Start the computer that has the NTFS file system partition from a virus free M...

Страница 42: ...ble we continually update the definition DAT files that the VirusScan Command Line software uses to detect potentially unwanted software For maximum protection you should regularly retrieve these file...

Страница 43: ...iles When you are selecting the latest version of DAT file ignore any reference to SuperDAT a self installing DAT file You cannot use this type of file with the command line scanner To use the new DAT...

Страница 44: ...ess disabling with scanner 28 directories scanning 29 diskettes 27 disks scanning 17 scanning multiple 27 DLL scanning 20 DOS 11 download website 9 drives scanning local 25 scanning network 25 E EICAR...

Страница 45: ...ral 25 report 32 response and notification 30 P password protected files 41 pattern files See DAT files PAUSE do not use with report options 31 not with REPORT 32 pausing when displaying scanner messa...

Страница 46: ...ormation Library See Avert Labs Threat Library virus scanning displaying message when virus is found 30 preventing users from halting 27 viruses detected error level for 36 displaying list of detected...

Отзывы:

Нет отзывов

Похожие инструкции для VCLCDE-AA-DA - VirusScan Command Line Scanner Standard

Бренд: Navman Страницы: 10

Бренд: NAPCO Страницы: 1

Configuring snom phones for Mass Deployment

Бренд: Snom Страницы: 22

G4 PANELPREVIEW V1.2

Бренд: AMX Страницы: 16

COLDFUSION MX 61-GETTING STARTED BUILDING COLDFUSION...

Бренд: MACROMEDIA Страницы: 134

Бренд: Spectrel Страницы: 74

Бренд: M-Audio Страницы: 15

Бренд: Avaya Страницы: 160

Бренд: F-SECURE Страницы: 219

NetBackupTM 5.0

Бренд: VERITAS Страницы: 428

Бренд: FieldServer Страницы: 51

Бренд: Darim Страницы: 8

Бренд: 3Ware Страницы: 11

Бренд: AAS Страницы: 177

Бренд: Janome Страницы: 6

Бренд: Yamaha Страницы: 33

FLASH 8-USING FLASH

Бренд: MACROMEDIA Страницы: 678

ANTI-VIRUS - FOR FREEBSD-OPENBSD-BSDI MAIL...

Бренд: KAPERSKY Страницы: 295

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды