KAPERSKY ANTI-VIRUS 4.5 - FOR MICROSOFT NT SERVER User Manual

Hide thumbs Also See for ANTI-VIRUS 4.5 - FOR MICROSOFT NT SERVER:
Table of Contents

Advertisement

Quick Links

K A S P E R S K Y L A B L T D .
Kaspersky Anti-Virus 4.5
for Microsoft NT Server
USER GUIDE

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ANTI-VIRUS 4.5 - FOR MICROSOFT NT SERVER and is the answer not in the manual?

Questions and answers

Summary of Contents for KAPERSKY ANTI-VIRUS 4.5 - FOR MICROSOFT NT SERVER

  • Page 1 K A S P E R S K Y L A B L T D . Kaspersky Anti-Virus 4.5 for Microsoft NT Server USER GUIDE...
  • Page 2: User Guide

    K A S P E R S K Y A N T I - V I R U S 4 . 5 F O R M I C R O S O F T N T S E R V E R User Guide ...
  • Page 3: Table Of Contents

    Contents CHAPTER 1. KASPERSKY ANTI-VIRUS FOR MICROSOFT NT SERVER ... 8 1.1. New Features of Version 4.5 ................9 1.2. Hardware and Software Requirements ..............9 1.3. Distribution kit ...................... 10 1.4. Help Desk for Registered Users ................. 11 1.5. Conventions......................12 CHAPTER 2.
  • Page 4 Kaspersky Anti-Virus for Microsoft NT Server 3.3.4. Saving/loading settings................. 37 3.3.5. Previewing settings before the check ............38 3.4. Checking For and Deleting Viruses ..............39 3.4.1. Starting and aborting the check ..............39 3.4.2. Changing priority of the check..............40 3.4.3.
  • Page 5 Contents 6.2. Kaspersky AV Control Centre Interface.............. 68 6.2.1. The Tasks tab ....................68 6.2.1.1. The Property window................73 6.2.2. The Components tab..................77 6.2.3. The Settings tab.................... 78 6.2.3.1. The Security category................80 6.2.3.2. The Alerts category................82 6.2.3.3. The Remote management category ............. 86 6.2.3.4.
  • Page 6 Kaspersky Anti-Virus for Microsoft NT Server 8.3. Checkboxes....................... 115 CHAPTER 9. KASPERSKY ANTI-VIRUS SCRIPT CHECKER........ 117 APPENDIX A. ADVANCED CHECKING TOOLS............119 A.1. The Heuristic Checking Tool (Code Analyzer)..........119 A.2. The Redundant Scanning Tool................. 120 APPENDIX B. GLOSSARY..................122 APPENDIX C.
  • Page 7: Chapter 1. Kaspersky Anti-Virus For Microsoft Nt Server

    CHAPTER 1. KASPERSKY ANTI- VIRUS FOR MICROSOFT NT SERVER Attention! New viruses appear every day, therefore it is important to keep this product upgraded by updating virus databases every day (see detailed information below). Please do not forget to update the anti-virus database upon product installation! The Kaspersky Anti-Virus for Microsoft NT Server software package is...
  • Page 8: New Features Of Version 4.5

    Kaspersky Anti-Virus for Microsoft NT Server • Kaspersky Anti-Virus Control Centre is a shell program for the software package components. The Kaspersky AV Control Centre allows a user to manage installation and updating of the package components, schedule required operations, launch anti-virus applications and review their performance statistics.
  • Page 9: Distribution Kit

     Kaspersky Anti-Virus for Microsoft NT Server Windows 2000 Advanced Server (SP2 or higher) • Intel Pentium II processor (or compatible) of 300 MHz or higher. • At least 64 Mb of RAM (128 Mb recommended). General requirements for all operating systems •...
  • Page 10: Help Desk For Registered Users

    Kaspersky Anti-Virus for Microsoft NT Server The License Agreement (LA) is a legal agreement between you and the manufacturer (Kaspersky Labs Ltd.) describing the terms on which you may employ the anti-virus product which you have purchased. Make sure you read the License Agreement! If you do not agree to the terms of this LA, you can return the unused product to your Kaspersky Anti-Virus dealer for a full refund, making sure the envelope with the CD is sealed.
  • Page 11: Conventions

     Kaspersky Anti-Virus for Microsoft NT Server 1.5. Conventions In this book we use various conventions to emphasize different meaningful parts of the documentation. The Table below lists the conventions used in this User Guide. Convention Meaning Bold font Menu titles, commands, window titles, dialog elements, etc.
  • Page 12: Chapter 2. Installing And Uninstalling Kaspersky Anti-Virus For Microsoft Nt Server

    CHAPTER 2. INSTALLING AND UNINSTALLING KASPERSKY ANTI-VIRUS FOR MICROSOFT NT SERVER Before installing Kaspersky Anti-Virus for Microsoft NT Server make sure to quit all programs running on your computer. Launch the setup.exe program on the CD to start the package installation. The setup wizard operates in dialog mode.
  • Page 13 Installing and uninstalling kaspersky Anti-Virus for Microsoft NT Server Step 3. Select the folder the program will be installed to In the Choose Destination Location dialog box, select the installation folders where the Kaspersky Anti-Virus for Microsoft NT Server program components will be installed.
  • Page 14 Kaspersky Anti-Virus for Microsoft NT Server Step 7. Copying files to the hard disk Read the setup information in the Start Copying Files dialog box. Press Next to continue the installation. The program will start copying files to the hard disk; the process is indicated by the progress bar in the Setup Status dialog box.
  • Page 15: Reinstalling

    Installing and uninstalling kaspersky Anti-Virus for Microsoft NT Server • Vendor information for this version (company name, addresses, telephone numbers) • Support information (who and where support is provided) • Product release date • Name and number of the license •...
  • Page 16: Uninstalling

    Kaspersky Anti-Virus for Microsoft NT Server If you selected the Modify option and pressed Next, the Select Components dialog box will appear on your screen. Select the required package components by checking the appropriate boxes in the dialog box and press Next.
  • Page 17: Chapter 3. Kaspersky Anti-Virus Scanner

    CHAPTER 3. KASPERSKY ANTI- VIRUS SCANNER Kaspersky Anti-Virus Scanner (Kaspersky AV Scanner) is an anti-virus program that checks for viruses and deletes them on demand. The program performs the following functions: • Detects and deletes viruses of all types in files located on user-predefined disks, in boot sectors and RAM •...
  • Page 18 Kaspersky Anti-Virus for Microsoft NT Server Option 2: Kaspersky AV Control Centre. To do this, you must first create the appropriate task. This task can be started manually or scheduled to start automatically. Option 3: The command line. To do this, you must press the Start button in the Windows taskbar, point and click Run, define the full path to the file avp32.exe in the Run dialog box and press the OK button.
  • Page 19 Kaspersky Anti-Virus Scanner [/virlist=filename] – creates a file with the defined name that will contain the list of viruses currently detectable by Kaspersky AV Scanner. [filename and foldername] – sets Kaspersky AV Scanner to scan for viruses in those files or folders. If a file name or a folder name have spaces, they must be enclosed in quotation marks.
  • Page 20: Program Interface

    Kaspersky Anti-Virus for Microsoft NT Server Example 4. Starting the program preset to check for viruses in files in the My documents folder and to ignore the files listed in the file exclude.txt. "С:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for NT Server\Avp32.exe" "C:\My documents" /EL /@=C:\exclude.txt 3.2.
  • Page 21: Main Window

    Kaspersky Anti-Virus Scanner • Update Now – launches Kaspersky AV Updater, the program for updating anti-virus databases. • About Kaspersky Anti-Virus Scanner – displays information about the program. • Unload Kaspersky Anti-Virus Scanner – unloads the program from memory. 3.2.2. Main window In the Kaspersky AV Scanner main window, you can change scanning settings, start/stop scanning and review the program performance results.
  • Page 22: Tool Bar

    Kaspersky Anti-Virus for Microsoft NT Server Menu !commands Function (The command allows you to…) File ! Unload Kaspersky unload the Kaspersky AV Scanner program Anti-Virus Scanner from memory. File ! Close window exit the program main window. Scan ! Start Now / Stop scan start / stop scanning viruses...
  • Page 23: Work Area

    Kaspersky Anti-Virus Scanner Button Menu ! Command Function (The button allows you to…) File ! Open Profile load settings from the required profile. File ! Save Profile save current settings to a profile. File ! save current settings to a file and Save Profile as Default set this file as the default profile.
  • Page 24: Status Bar

    Kaspersky Anti-Virus for Microsoft NT Server The Options frame allows you to define certain general settings, and you may use a settings tree in the Customize frame to define advanced settings of your Kaspersky AV Scanner (see subchapters 3.3.2, 3.3.3). The Statistic frame displays a table with the scanner performance statistics (see subchapter 3.4.4).
  • Page 25: Scanning Parameters For Objects. Objects Category

    Kaspersky Anti-Virus Scanner 3.3.1. Scanning parameters for objects. Objects category The Objects frame (Figure 3) in the work area allows you to choose locations and objects to be checked for viruses. You may do this by selecting appropriate options in the frame hierarchies. These options may be viewed in the following two modes: Standard and Expert.
  • Page 26 Kaspersky Anti-Virus for Microsoft NT Server With the Expert mode enabled, the Objects frame is divided into three sub- frames: in the upper left sub-frame you can find the file system hierarchy, the upper right sub-frame displays settings for the item selected in the upper left sub- frame hierarchy, and the lower sub-frame displays the list of files located in the root of the object selected in the upper left sub-frame (Figure 5).
  • Page 27: Defining Objects To Be Checked. Memory, Sectors, And Files

    Kaspersky Anti-Virus Scanner If you select the option to scan a certain location within your file system, Kaspersky AV Scanner will automatically scan all the locations within the selected one. However, when in the Expert view mode you can mark the required sub-locations to be excluded from the check.
  • Page 28: Handling Infected And Suspicious Objects

    Kaspersky Anti-Virus for Microsoft NT Server Scan files of following types – scans files in the corresponding locations (including System, Hidden and Read Only files). This check box is available if you checked the My Computer or a disk box in the upper left sub-frame. You cannot uncheck it for a folder or file.
  • Page 29 Kaspersky Anti-Virus Scanner infected objects check box; by checking this box, you can apply the selected action to all infected objects detected later, and which you previously predefined to be handled by opening the dialogue box. Upon detection of the next infected object, the dialog box will not appear again.
  • Page 30: Advanced Scanning Modes

    Kaspersky Anti-Virus for Microsoft NT Server Figure 6. The Ask user dialog box 3.3.1.3. Advanced scanning modes 3.3.1.3.1. Scanning compound objects You can enable advanced scanning modes to check for viruses in archives, packed files, mail databases and plain mail formats (for details see Appendix А). Scan compound files of the following types –...
  • Page 31 Kaspersky Anti-Virus Scanner Archives – check this box to search for viruses in files archived using ZIP, ARJ, LHA, RAR, CAB and some other archiving utilities. Kaspersky Anti-Virus is able only to detect viruses from archives. In addition, Kaspersky Anti-Virus does not extract password-protected archives.
  • Page 32: General Settings: Options

    Kaspersky Anti-Virus for Microsoft NT Server If the plain mail check mode is enabled, Kaspersky Anti-Virus checks every file for a message header. If a message header is detected, the program searches for attached data (UUEncode, XXEncode and etc.) and checks it for viruses. The mail database and plain mail modes noticeably slow down the Kaspersky AV Scanner scanning rate.
  • Page 33: Reporting Options

    Kaspersky Anti-Virus Scanner Figure 7. The Options frame 3.3.2.1. Reporting options Save report file – check this box to save the report to a file. If you check this box, you will be able to monitor the performance of Kaspersky AV Scanner using Kaspersky Report Viewer (see Chapter 7).
  • Page 34: Renaming, Copying, And Deleting Options

    Kaspersky Anti-Virus for Microsoft NT Server Append – check this box to append new reports to the existing report file. This is useful if you want to keep reports on several or all the previous checks. If the box is not checked, every time Kaspersky AV Scanner is started it will create a new report file.
  • Page 35 Kaspersky Anti-Virus Scanner Use sound effects for the following events – check this box to play sounds when checking for and deleting viruses. Infected object found– allows you to set the sound file that is played each time an infected object is detected. While selecting files in the corresponding window you can use the Test button to listen to them.
  • Page 36: Saving/Loading Settings

    Kaspersky Anti-Virus for Microsoft NT Server when finished, will ask for the next removable drive. This setting is used if you preset Kaspersky AV Scanner to scan data only on the removable drive. Display attention messages – check this box to display other warning messages.
  • Page 37: Previewing Settings Before The Check

    Kaspersky Anti-Virus Scanner 3.3.5. Previewing settings before the check You can review your scanner settings in text form. The text describes rules specified for all the objects of your file system: from My Computer to separate files. For example, if the rules that your Kaspersky AV Scanner uses to check and process the autoexec.bat file differ from those used for the parent object - System disk (C:), a list of these rules will be displayed separately.
  • Page 38: Checking For And Deleting Viruses

    Kaspersky Anti-Virus for Microsoft NT Server 3.4. Checking For and Deleting Viruses 3.4.1. Starting and aborting the check Scanning for viruses can be initiated/terminated automatically via Kaspersky AV Control Centre, or on demand from both Kaspersky AV Control Centre, and the Kaspersky AV Scanner main window.
  • Page 39: Changing Priority Of The Check

    Kaspersky Anti-Virus Scanner • 0 – no viruses detected; • 1 – scanning was interrupted; • 2 – detected objects contain a modified or damaged virus; • 3 —objects suspected of being viruses were detected; • 4 – one or more viruses were detected; •...
  • Page 40: Monitoring Progress

    Kaspersky Anti-Virus for Microsoft NT Server 3.4.3. Monitoring progress If you enabled Kaspersky AV Scanner to report on its performance (see subchapter 3.3.2.1), you can use the Kaspersky Report Viewer program to monitor the performance in progress. To start the program, select the Show report command from the Tools menu, or click the toolbar button .
  • Page 41: Updating Anti-Virus Databases

    Kaspersky Anti-Virus Scanner • disinfected objects (that is, the number of objects from which viruses were correctly deleted); • deleted objects; • renamed objects; • warnings, i.e. messages about objects containing codes similar to known virus modifications; • suspicious objects (that is, Code Analyzer notifications); •...
  • Page 42 Kaspersky Anti-Virus for Microsoft NT Server Figure 12. The Kaspersky Virus List Generator dialog box To display the list, press the Show list button. This button starts Report Viewer, which can be used to review the generated list of viruses. To exit the Kaspersky Virus List Generator dialog box press the Exit button.
  • Page 43: Chapter 4. Kaspersky Anti-Virus Monitor

    CHAPTER 4. KASPERSKY ANTI- VIRUS MONITOR Kaspersky Anti-Virus Monitor (Kaspersky AV Monitor) is a memory-resident program that monitors files when they are accessed. Whenever somebody refers to an object, the monitor checks the object to make sure that it is free of viruses. If the object is found to be infected, the program will attempt to disinfect the object, delete it, move it to a quarantine folder or allow it to be accessed, depending on the options that were selected.
  • Page 44: Program Interface

    Kaspersky Anti-Virus for Microsoft NT Server when you place your mouse cursor on the icon , the following prompt will pop up: Kaspersky Anti-Virus Monitor is enabled; the monitor system menu contains the following command: Disable Monitoring. If your anti-virus monitor is disabled, you can see the icon in the system tray: when you place your mouse cursor on the icon...
  • Page 45: Main Window

    Kaspersky Anti-Virus Monitor • Show Report – displays a window containing the program performance report. • Update Now – starts the anti-virus database-updating program, Kaspersky AV Updater. • About Kaspersky Anti-Virus Monitor – displays a box containing information about the program. •...
  • Page 46: Menu

    Kaspersky Anti-Virus for Microsoft NT Server Figure 14. The Kaspersky AV Monitor main window 4.2.3. Menu At the top of the Kaspersky AV Monitor main window you can see a menu bar with drop-down menus. Some commands in these menus may be substituted by appropriate key combinations or toolbar buttons.
  • Page 47: Toolbar

    Kaspersky Anti-Virus Monitor Menu ! command Function (The menu command allows you to…) Monitor ! Enable monitoring / enable/disable the program to monitor Disable monitoring for viruses (see subchapter 4.4). Monitor View monitoring display your monitor settings in text form options (similar to subchapter 3.3.5).
  • Page 48: Work Area

    Kaspersky Anti-Virus for Microsoft NT Server Button Menu ! command Function (The button and the menu command allow you to…) Tools ! Update Now start the anti-virus database- updating program Tools ! Show Report display the report window File ! Unload Kaspersky Anti- unload Kaspersky AV Monitor Virus Monitor from computer memory.
  • Page 49: Changing Settings

    Kaspersky Anti-Virus Monitor 4.3. Changing Settings The options of your monitor are similar to the settings of your anti-virus scanner (see subchapter 3.3). They differ in the following ways: in the Objects frame you will not find the Scan MS Outlook Express databases or the Scan start-up objects check boxes and therefore you cannot monitor the objects defined by these settings.
  • Page 50: Viewing Performance Statistics

    Kaspersky Anti-Virus for Microsoft NT Server After the program has begun monitoring for viruses you can disable it, and then resume the process. Main menu System menu Toolbar command Disabling Monitor ! Disable Disable monitoring monitoring Enabling Monitor ! Enable Enable monitoring monitoring 4.5.
  • Page 51: Updating Anti-Virus Databases

    Kaspersky Anti-Virus Monitor • viruses detected; • virus bodies (the number of files infected by a known virus); • disinfected objects (the number of objects from which viruses were correctly deleted); • deleted objects; • renamed objects; • warnings (the number of objects containing codes similar to known virus modifications);...
  • Page 52: Chapter 5. Kaspersky Anti-Virus Updater

    CHAPTER 5. KASPERSKY ANTI- VIRUS UPDATER The Kaspersky Anti-Virus Updater (Kaspersky AV Updater) is used for automated updating of anti-virus databases with virus descriptions, methods of repairing infected files, and package components. The Kaspersky AV Updater can copy anti-virus databases and executable modules from the Internet (using a network or remote connection), a Local Folder, or an anti-virus server administered by Kaspersky Administration Kit.
  • Page 53: Step 1. The Welcome Wizard Box

    Kaspersky Anti-Virus Updater 5.2.1. Step 1. The Welcome wizard box After the updating program has been started the Wizard will open the first wizard box – Welcome (Figure 16) . Checking the Change settings box allows you to set up the update mode, objects for updating and report options. Otherwise, the steps described below will be omitted.
  • Page 54 Kaspersky Anti-Virus for Microsoft NT Server Figure 17. The Connection wizard box The Connection wizard box allows you to define the updating mode and the object to be updated. Below we describe functions of the first-level options in the settings tree (Figure 18): Figure 18.
  • Page 55: Updating Via The Internet

    Kaspersky Anti-Virus Updater Restart computer if needed – check this box to restart the computer if required after the package executable modules are updated. When you have defined settings in this box press the Next button to proceed. 5.2.2.1. Updating via the Internet If you chose to update via the Internet, expand the Update Kaspersky Anti- Virus from Internet branch and define the required settings (Figure 19).
  • Page 56 Kaspersky Anti-Virus for Microsoft NT Server Figure 20. Defining the updating server address When beginning to update, the program by default uses the first URL in the list. Other servers will be used one-by-one if the updater fails to download updates from the first URL.
  • Page 57 Kaspersky Anti-Virus Updater – moves the URL highlighted in the list one line up; – moves the URL highlighted in the list one line down; 5.2.2.1.2. Defining the IP connection Depending on the method you choose to connect to the updating server, you must define the following IP connection settings (Figure 22): Figure 22.
  • Page 58 Kaspersky Anti-Virus for Microsoft NT Server have chosen automated connection feature to set up a remote access to your IP, the program will enable the standard remote access utility (unless you have installed another one) after you start the updating process.
  • Page 59 Kaspersky Anti-Virus Updater user cannot identified by his settings the User Logon box (Figure 27) will appear with spaces for following connection settings to be filled in: User name, Password, Logon domain. Figure 27. The User Logon box When you have connected to the Internet, a special symbol will appear on the taskbar.
  • Page 60: Updating From A Local Folder

    Kaspersky Anti-Virus for Microsoft NT Server If you have chosen to define connection manually, must define following settings (Figure 30): Figure 30. The settings to be defined manually Use a proxy-server (Firewall) – check this box to use a proxy-server or a firewall to connect to the IP;...
  • Page 61: Choosing Objects To Be Updated

    Kaspersky Anti-Virus Updater 5.2.2.3. Choosing objects to be updated There are the following two check boxes at the bottom of the settings tree (Figure 32): Figure 32. Choosing objects to be updated Update Antivirus Bases– check this box to update anti-virus databases; Update Executable Modules –...
  • Page 62: The Retrieving Updates Window

    Kaspersky Anti-Virus for Microsoft NT Server Append – check this box to append new data to the existing report file. If you uncheck this box the program will overwrite the existing report with a new one each time the updating operation is performed. Limit size of report file (in Kb) –...
  • Page 63: Step 5. The Finishing Wizard Box

    Kaspersky Anti-Virus Updater • Downloading files – files copied from the server to the computer (the name of the copied file is displayed at the top, the percentage downloaded is displayed below); • Installing files… – files are installed onto the computer (the name of the installed file is displayed on top, the scale of the updating process completion is shown below);...
  • Page 64: Chapter 6. Kaspersky Anti-Virus Control Centre

    CHAPTER 6. KASPERSKY ANTI- VIRUS CONTROL CENTRE The Kaspersky AV Control Centre is a component of the Kaspersky Anti-Virus package. It performs the functions of a management shell. You can use it to install and update package components, define and schedule tasks to be started at the appropriate time, and to review the task performance results.
  • Page 65 Kaspersky Anti-Virus Control Centre When Kaspersky Control successfully launched, in the taskbar notification area you will see the icon Place you mouse cursor on it, right-click, and you will see the user menu (Figure 36), which includes following commands: Figure 36. The Kaspersky AV Control Centre menu in the taskbar •...
  • Page 66 Kaspersky Anti-Virus for Microsoft NT Server Figure 37. The About Kaspersky AV Control Centre box Here we must mention some special features of the program. Kaspersky AV Control Centre is divided into the following two sub-programs: a service sub-program that is started as a system service even before the logon procedure, and an interface sub-program that provides the program’s graphic interface and supports communication between a user and the program.
  • Page 67: Kaspersky Av Control Centre Interface

    Kaspersky Anti-Virus Control Centre 6.2. Kaspersky AV Control Centre Interface The program main window contains the following four tabs: Tasks, Components, Settings and Quarantine (for details see below). To perform various actions you can use the right-click menu or the control panel. In the bottom of the window you can see the following buttons: OK, Cancel, Apply and .
  • Page 68 Kaspersky Anti-Virus for Microsoft NT Server • Finished – the task has been successfully executed; • Fail – a failure occurred during execution of the task; • Interrupted by user – the task was interrupted by the user; • Pause – the task is suspended; •...
  • Page 69 Kaspersky Anti-Virus Control Centre running components of the package. You may sort the list lines by any column, alphabetically or numerically, in ascending or descending order. When you select an event from the list the task that generated the corresponding alert will be highlighted.
  • Page 70 Kaspersky Anti-Virus for Microsoft NT Server To open the right-click menu, click with your right mouse button in the left part of the window, where the tasks list and the status bar are located. The right-click menu commands allows you to… •...
  • Page 71 Kaspersky Anti-Virus Control Centre • Export – save the selected task to a file. If you select this command, a window asking you to save the task settings in a file with the .tsk extension will appear on your screen; •...
  • Page 72: The Property Window

    Kaspersky Anti-Virus for Microsoft NT Server • <I > – create a new task. If you press this key, the New task window NSERT will appear on your screen (for details refer to subchapter 6.3). • <D > – remove the task from the list (with confirmation). ELETE •...
  • Page 73 Kaspersky Anti-Virus Control Centre Figure 41. The Kaspersky Anti-Virus Scanner task property window The window contains the following categories: Category Reference Objects See subchapter 3.3.1 Options See subchapter 3.3.2 Customize See subchapter 3.3.3 User account See subchapter 6.3.5 Schedule See subchapter 6.3.3 Alerts See subchapter 6.3.4...
  • Page 74 Kaspersky Anti-Virus for Microsoft NT Server 6.2.1.1.2. The Kaspersky Anti-Virus Monitor task property window The Kaspersky Anti-Virus Monitor task property window consists of categories that contain the task settings (Figure 42). Some of the categories match those located in the corresponding component main window; other categories are specific only to Kaspersky AV Control Centre.
  • Page 75 Kaspersky Anti-Virus Control Centre 6.2.1.1.3. The Kaspersky Anti-Virus Updater task property window The Kaspersky Anti-Virus Updater task property window contains tabs with the task settings (Figure 43). Figure 43. The Kaspersky Anti-Virus Updater task property window Reference Connection See subchapter 5.2.2 Options See subchapter 5.2.3 User account...
  • Page 76: The Components Tab

    Kaspersky Anti-Virus for Microsoft NT Server Components 6.2.2. The The Components tab (Figure 44) contains a list of Kaspersky Anti-Virus package components Figure 44. The Components tab The tool bar is located in the right part of the tab; when you right click on it, the context menu appears (Figure 45).
  • Page 77: The Settings Tab

    Kaspersky Anti-Virus Control Centre The tool bar buttons are strictly correspondent to the items of the context menu (see below). Button Context menu Description item Create task Creates a new task based on the selected component. If you click on this button or select this menu entry, the New task window will open (see subchapter 6.3) Launches a task based on the selected component Open...
  • Page 78 Kaspersky Anti-Virus for Microsoft NT Server Figure 46. The Settings tab Category Function This category contains parameters responsible for the system’s safety and limiting access to Kaspersky AV Control Centre components; Security This category contains parameters responsible for processing alerts about critical events in the Kaspersky AV Control Centre task performance;...
  • Page 79: The Security Category

    Kaspersky Anti-Virus Control Centre Category Function This category contains options for remote administration Kaspersky Network Remote management Control Centre (these options are only for those who use a Kaspersky Administration Kit software package that includes the remote administration program); This category contains user...
  • Page 80 Kaspersky Anti-Virus for Microsoft NT Server This box (see Figure 49) allows you to define change the password. Enter your password in the New password text field and confirm it in Confirm password text field. Figure 49. The Change password dialog box Protect resident task stopping –...
  • Page 81: The Alerts Category

    Kaspersky Anti-Virus Control Centre Alerts 6.2.3.2. The category The Alerts category (see Figure 51) allows you to process remotely alerts generated by the running tasks. Figure 51 The Settings tab. The Alerts category The settings tree contains the following options: Skip all alerts –...
  • Page 82 Kaspersky Anti-Virus for Microsoft NT Server If the Process Alerts by Kaspersky AV Control Centre option is selected, you should customize the settings for sending alerts. To enable the program to send alerts via e-mail check the Send E-mail messages box. Then define the following settings: Figure 52.
  • Page 83 Kaspersky Anti-Virus Control Centre 6.2.3.2.1. Send mail using SMTP To send alerts using SMTP, select the Send mail using SMTP option (Figure 53), then select the following parameters: Figure 53. SMTP settings SMTP Server address Contains the SMTP server address, which can be typed in as a decimal notation (e.g.
  • Page 84 Kaspersky Anti-Virus for Microsoft NT Server To do this, define the following settings (See Figure 54). Figure 54. Settings for sending critical event SMS messages The e-mail gate address, as well as the access code to the operator’s cellular phone, can vary depending on the region. 6.2.3.2.2.
  • Page 85: The Remote Management Category

    Kaspersky Anti-Virus Control Centre Remote management 6.2.3.3. The category This category is used for remote administration setup using Kaspersky Network Control Centre (Figure 56). Figure 56 The Settings tab. The Remote management category. To disable the remote management feature, select the Disable remote management option;...
  • Page 86 Kaspersky Anti-Virus for Microsoft NT Server 6.2.3.3.1. Remote management security setting The remote management security setting (Figure 58) allows you to limit the number of computers, which can remotely manage the Kaspersky Figure 58 Remote management security Anti-Virus components. setting There are two options for the system safety setup: enable the Control Center administration for all network computers or set the IP addresses of the computers with permitted remote management.
  • Page 87: The Customize Category

    Kaspersky Anti-Virus Control Centre 6.2.3.3.2. Remote management ports setup The TCP and UDP ports are used for the remote management of the Kaspersky AV Server and the Control Center. default Figure 59 Remote management ports setup. settings are as follows: Kaspersky AV Control Center communication TCP 8086 port...
  • Page 88: Color Setup

    Kaspersky Anti-Virus for Microsoft NT Server • Play sound on event – setting sound effect following the execution (or completion) of specified operations (see subchapter 6.2.3.4.1 for further detail); • Appearance – set up the color mode of your program (see subchapter 6.2.3.4.2 for more detail).
  • Page 89: The Quarantine Category

    Kaspersky Anti-Virus Control Centre Change colors interface elements, as mentioned above, is carried out in the Colors section (Figure 62). Figure 62. The Colors section To make it easy for a user to set up the colors, the application provides a selection of standard color schemes.
  • Page 90: The Quarantine Tab

    Kaspersky Anti-Virus for Microsoft NT Server For your Kaspersky Anti-Virus Scanner and Kaspersky Anti-Virus Monitor to save files to this storage, you must check the Use quarantine box on the Options page in the properties dialog window. When running in this mode the program quarantines the infected files, but does not delete them from their original location.
  • Page 91 Kaspersky Anti-Virus Control Centre Figure 65. The Quarantine page On this page you can change the display of quarantined files and handle these files as required. To do this, use the page’s right-click menu (see Figure 66). Figure 66. The Quarantine page right-click menu All the commands on the menu, except for View, can also be activated using the appropriate tool bar buttons located at the right side of the page.
  • Page 92 Kaspersky Anti-Virus for Microsoft NT Server Figure 67. The file properties box To update the list of quarantined files, select the Refresh command from the right-click menu or press the button. To restore a file from the quarantine, follow these steps: Select the file from the list of quarantined files and press the button at the right side of the frame or select the Extract command from the file right-click menu.
  • Page 93 Kaspersky Anti-Virus Control Centre Figure 68. The file restoration wizard box To delete a file from the quarantine, follow these steps: Select it from the list of quarantined files and press the button or select the Delete command from the file right-click menu. The deletion confirmation box will appear on your screen.
  • Page 94: New Task Wizard

    Kaspersky Anti-Virus for Microsoft NT Server Figure 69. The file quarantine wizard box 6.3. New Task Wizard The scheduled execution of a specified application with predefined settings can be defined as a named task of the task planner. The New Task Wizard is activated when you select New Task in the context menu or click on the button on the taskbar, the Tasks or Components tabs.
  • Page 95 Kaspersky Anti-Virus Control Centre Figure 70. Task window There are the following task types: • memory and disks scanning – launches Kaspersky AV Scanner with the individual settings feature for different scan parameters for each task. Task launch can be scheduled to activate automatically, at a certain event occurrence, or on direct command of a user;...
  • Page 96: The Schedule Window For A Kaspersky Av Monitor Task

    Kaspersky Anti-Virus for Microsoft NT Server Schedule 6.3.2. The window for a Kaspersky AV Monitor task When creating a Kaspersky Anti- Virus Monitor task in the Schedule window (Figure 71) you should set the launch and pause intervals. To launch a task at the Kaspersky AV Control Centre start, select Always.
  • Page 97: Launching On Event

    Kaspersky Anti-Virus Control Centre • Monthly – the task launches on scheduled days and times (See subchapter 6.3.3.6). Select the required start option in the left part of the window then set up the schedule according to details described in the subchapters below. Figure 72.
  • Page 98: Launching By Condition

    Kaspersky Anti-Virus for Microsoft NT Server At Control Center system The task is launched at the Kaspersky AV Control service start Centre System Service start-up, i.e., in fact, at system boot. Figure 73. Start on event setup You can schedule any of your task types to be launched once a day or on each occurrence of the event.
  • Page 99 Kaspersky Anti-Virus Control Centre select this option, position the selector in the left part Schedule screen to condition (Figure 74). Figure 74. Start by condition setup After doing so, in the If task window select the task status in respect to which the condition will be formulated, and in the finished with exit code list select the task closedown value.
  • Page 100: Launching Hourly

    Kaspersky Anti-Virus for Microsoft NT Server 6.3.3.3. Launching hourly To launch a created task on an hourly schedule, select Hourly option in the left part of the Schedule window (Figure 75), then specify the launch time in the right part of the window. Figure 75 illustrates the setup of the task launch on an hourly basis within a 25 minutes period.
  • Page 101: Launching Weekly

    Kaspersky Anti-Virus Control Centre Toolbar Context menu Purpose button option the <I > key. Modify… Modifies the task launch time value. When you enable this option and the Time window is activated, type in the modified time value. You can also do this by double clicking with your mouse on the line to be modified, or by pressing the <S >...
  • Page 102 Kaspersky Anti-Virus for Microsoft NT Server Figure 78. Start the task every month Then, use your mouse to check the dates when the created task will be launched and specify the launch time in the Time tab (See subchapter 6.3.3.4 for more information on how to specify the time in the list).
  • Page 103: The Alerts Window

    Kaspersky Anti-Virus Control Centre Alerts 6.3.4. The window In the Alerts window (Figure 79) check the alert types to be created by the task. As has been mentioned above, alerts are messages generated by tasks. To select an alert, check the appropriate box.
  • Page 104: Task Settings

    Kaspersky Anti-Virus for Microsoft NT Server If the task is to be started under an account that is different from the current one, the messages it generates will be screened only if you check the Allow task to interact with desktop box. Figure 80.
  • Page 105: The Settings Window For Kaspersky Av Scanner And Monitor Tasks

    Kaspersky Anti-Virus Control Centre Task type Windows Description sequence Kaspersky Anti- 1. Connecting See description in subchapter 5.2.2. Virus Updater There are two additional options in this window, which allow you to enable anti- virus database and executable module installation to the specified folder on the Kaspersky AV Server.
  • Page 106: Chapter 7. Kaspersky Report Viewer

    CHAPTER 7. KASPERSKY REPORT VIEWER Kaspersky Report Viewer is a program allowing you to display and manage reports generated by Kaspersky Anti-Virus package components. Kaspersky Report Viewer is activated by selecting the Show Report option in the Kaspersky AV Scanner, AV Monitor main windows, and by clicking the Report button in the Finish boxes of the Kaspersky AV Updater main window.
  • Page 107 Kaspersky Report Viewer To the right of the report contents you can see the tool bar, which contains buttons for operation execution. The buttons have pop-up prompts. To see them, point the mouse cursor to a button; next to it you will see a small window with a short help line.
  • Page 108 Kaspersky Anti-Virus for Microsoft NT Server Toolbar Menu commands Function button View!Autotracking Allows you to track the report (if you press this button (i.e. enable this mode) report will automatically placed on the last line, after new data is collected). View!View last Displays a report about the last...
  • Page 109 Kaspersky Report Viewer When the search function detect the first string (or the string part) matching the predefined search criteria, you can move to the next string meeting the same criteria by pressing the toolbar button or selecting the Find next command from the Edit menu.
  • Page 110: Chapter 8. The Settings Tree

    CHAPTER 8. THE SETTINGS TREE The Kaspersky Anti-Virus interface frequently uses the so-called settings tree which presents data in the form of a tree and conventional controls as joints (buttons, drop-down lists, check boxes and etc.). This technology provides a clear and easy to understand picture of interrelations between various settings, and makes it easy to study the program.
  • Page 111: Controls

    The Settings Tree What to do How it might be done (By using…) hide branch key on your keyboard. (the joint looks like command of the right- click menu . the <–> key on your keypad (all branches of the joint disappear from your screen).
  • Page 112: Option Button

    Kaspersky Anti-Virus for Microsoft NT Server 8.2.2. Option button The option buttons are members of a group. A group of option buttons may consist of two or more buttons. You must use this group to select one of the options. The option button may be: –...
  • Page 113: Input Field Defining The Path To

    The Settings Tree After you finish editing the text field value press the Enter key on your keyboard or click with your mouse outside of this text field. You can cancel changes this text field and return to the previous value by pressing the Esc key on your keyboard.
  • Page 114: Drop-Down List

    Kaspersky Anti-Virus for Microsoft NT Server 8.2.6. Drop-down list The drop-down list allows you to select one of the items from the list (Figure 84). To browse the list you must use the keys on your keyboard. To automatically scroll down/up the list you must use the C and C KEY COMBINATIONS Figure 84.
  • Page 115 The Settings Tree status. To restore these items as inheriting the group rules, you must select the Remove Strict command from the right-click menu. The check box will have the following appearance: Looks Description Meaning like A square with a The check mode is enabled.
  • Page 116: Chapter 9. Kaspersky Anti-Virus Script Checker

    CHAPTER 9. KASPERSKY ANTI- VIRUS SCRIPT CHECKER Kaspersky Anti-Virus Script Checker (Kaspersky AV Script Checker) – is an anti- virus application that protects your computer from script viruses and worms executed directly in the memory. When you run the Kaspersky Anti-Virus for Microsoft NT Server setup utility, the program is automatically added in your operating system and later you will not have to start it manually.
  • Page 117 The Settings Tree Let’s imagine that you go to a web site containing a script virus similar to LoveLetter . If your Internet browser has low-level protection, the script virus will be immediately executed, but Kaspersky AV Script Checker will prevent the execution of the infected script and protect your computer from the virus attack.
  • Page 118: Appendix A. Advanced Checking Tools

    APPENDIX A. ADVANCED CHECKING TOOLS A.1. The Heuristic Checking Tool (Code Analyzer) Code Analyzer, a heuristic checking tool, checks file and sector codes down the various Kaspersky Anti-Virus algorithmic legs as it searches for virus-similar instructions. If the heuristic tool detects certain instructions (such as open a file, write to it, intercept the interrupt vectors, etc.), the file is suspicious and the program generates the appropriate message: Suspicion: <TYPE>,...
  • Page 119: The Redundant Scanning Tool

    Advanced Checking Tools • RemoteTemplate – the document contains a link to a template which is automatically loaded when the file is opened; • HTML.SecurityBreach.2 – the HTML file or the HTML message is linked to a suspicious object; • IRC-Worm.generic –...
  • Page 120 Kaspersky Anti-Virus for Microsoft NT Server the redundant scanning tool as it noticeably slows down the scanning rate and increases the probability of false alarms.
  • Page 121: Appendix B. Glossary

    APPENDIX B. GLOSSARY alert (notification) An e-mail message that is automatically transmitted by a Kaspersky Anti-Virus package component to a predefined address at the occurrence of a predefined event (when a virus is detected, a component fails to perform its functions, etc.) anti-virus Computer software...
  • Page 122 Kaspersky Anti-Virus for Microsoft NT Server Kaspersky Anti-Virus Control Centre A computer program that performs the functions of a control shell. This program allows creation and scheduling of task performance, and also control of performance results. Kaspersky Anti-Virus Monitor (monitor) A resident anti-virus monitor.
  • Page 123 Glossary A memory-resident computer program that checks for viruses in the used objects (documents to be opened, files to be saved, etc.). scanning A process that is performed by an anti-virus scanner when it checks for viruses in a predefined location. A user may set the computer memory, disks, folders, etc. as locations to be checked for viruses.
  • Page 124 Kaspersky Anti-Virus for Microsoft NT Server virus A computer program (that is, executable code and/or a collection of instructions) that can replicate itself (though the copy may not necessarily exactly match the original) and can penetrate files and other resources of computer systems and networks and make them perform tasks the virus dictates without the user’s permission.
  • Page 125: Appendix C. Kaspersky Labs Ltd

    APPENDIX C. KASPERSKY LABS LTD. Kaspersky Labs is a privately-owned, international, anti-virus software- development group of companies headquartered in Moscow (Russia), and representative offices in the United Kingdom, United States of America, China, France and Poland. Founded in 1997, Kaspersky Labs concentrates its efforts on the development, marketing and distribution of leading-edge information security technologies and computer software.
  • Page 126: Other Anti-Virus Products

    Kaspersky Anti-Virus for Microsoft NT Server C.1. Other Anti-Virus products Kaspersky® Anti-Virus Lite The program is the most easy-to-use Kaspersky Lab anti-virus product that is developed for protection of home computers running Windows 95/98/Me, Windows 2000/NT Workstation, Windows XP. Kaspersky® Anti-Virus Lite includes: •...
  • Page 127 Kaspersky Labs Ltd. data transferred when using the HotSync™ utility or when data is beamed from protection of other portable devices. Kaspersky® Security for PDA also provides data stored in pocket computers (PDAs) against unauthorized access. supports the encrypted access to the device and encrypts all the data stored on the device and on memory cards.
  • Page 128: Contact Information

    Kaspersky Anti-Virus for Microsoft NT Server You are free to choose any of the anti-virus programs according to the operation systems and applications you use. Kaspersky® Anti-Spam Kaspersky® Anti-Spam is a cutting edge software suite designed to help organizations with small and medium size networks wage war against the onslaught of undesired e-mail (spam).
  • Page 129: Appendix D. License Agreement

    APPENDIX D. LICENSE AGREEMENT NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT (“AGREEMENT”), LICENCE SPECIFIED SOFTWARE (“SOFTWARE”) PRODUCED KASPERSKY LAB. (“KASPERSKY LAB”). IF YOU HAVE PURCHASED THIS SOFTWARE VIA INTERNET BY CLICKING THE ACCEPT BUTTON, YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) CONSENT TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT.
  • Page 130 Kaspersky Anti-Virus for Microsoft NT Server Use. The Software is licensed as a single product; it may not be used on more than one Client Device or by more than one user at a time, except as set forth in this Section. 1.1.1 The Software is “in use”...
  • Page 131 License agreement Software does not exceed the use limits specified for the licence you have obtained. This licence authorises you to make or download such copies of the Documentation for each Client Device or seat that is licensed as are necessary for its lawful use, provided that each such copy contains all of the Documentation proprietary notices.
  • Page 132 Kaspersky Anti-Virus for Microsoft NT Server (iv) “Support Services” means Daily updates of antivirus databases; Free software updates, including version upgrades; Extended technical support via E-mail and hot phone-line provided by Vendor and/or Reseller; Virus detection and curing updates in 24-hours period. Ownership Rights.
  • Page 133 License agreement The warranty in (i) shall not apply if you (a) make or cause to be made any modifications to this Software without the consent of Kaspersky Lab, (b) use the Software in a manner for which it was not intended or (c) use the Software other than as permitted under this Agreement;...
  • Page 134 Kaspersky Anti-Virus for Microsoft NT Server (iii) Subject to paragraph (i), the Kaspersky Lab liability (whether in contract, tort, restitution or otherwise) arising out of or in connection with the supply of the Software shall in no circumstances exceed a sum equal to the amount equally paid by you for the Software.

Table of Contents