KAPERSKY ANTI-VIRUS 4.5 - FOR WORKSTATION User Manual

Hide thumbs Also See for ANTI-VIRUS 4.5 - FOR WORKSTATION:
Table of Contents

Advertisement

Quick Links

K A S P E R S K Y L A B L T D .
Kaspersky Anti-Virus 4.5
for Workstation
USER GUIDE

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ANTI-VIRUS 4.5 - FOR WORKSTATION and is the answer not in the manual?

Questions and answers

Summary of Contents for KAPERSKY ANTI-VIRUS 4.5 - FOR WORKSTATION

  • Page 1 K A S P E R S K Y L A B L T D . Kaspersky Anti-Virus 4.5 for Workstation USER GUIDE...
  • Page 2: User Guide

    K A S P E R S K Y A N T I - V I R U S 4 . 5 F O R W O R K S T A T I O N User Guide  Kaspersky Lab Ltd. Visit our Web Site: http://www.kaspersky.com Edition date: September 2003...
  • Page 3: Table Of Contents

    Contents CHAPTER 1. KASPERSKY ANTI-VIRUS FOR WORKSTATION ......8 1.1. New features of version 4.5 .................. 9 1.2. Hardware and software requirements ..............9 1.3. Distribution kit ...................... 10 1.4. Help desk for registered users ................11 1.5. Conventions......................12 CHAPTER 2.
  • Page 4 Kaspersky Anti-Virus for Workstation 3.3.5. Previewing settings before the check ............38 3.4. Checking for and deleting viruses............... 39 3.4.1. Starting and aborting the check ..............39 3.4.2. Changing priority of the check..............40 3.4.3. Monitoring progress..................41 3.4.4. Viewing statistics: Statistics................41 3.5.
  • Page 5 Contents 6.2.1. The Tasks tab ....................68 6.2.1.1. The Property window................73 6.2.2. The Components tab..................77 6.2.3. The Settings tab.................... 78 6.2.3.1. The Security category................80 6.2.3.2. The Alerts category................82 6.2.3.3. The Remote management category ............. 86 6.2.3.4. The Customize category................ 88 6.2.3.5.
  • Page 6 Kaspersky Anti-Virus for Workstation CHAPTER 9. KASPERSKY ANTI-VIRUS SCRIPT CHECKER........ 117 CHAPTER 10. KASPERSKY ANTI-VIRUS RESCUE DISKS........119 10.1. Creating a Fallback-Recovery Set..............119 10.2. Using the Fallback-Recovery Disks..............123 CHAPTER 11. KASPERSKY ANTI-VIRUS MAIL CHECKER........127 11.1. Configuring Kaspersky AV Mail Checker ............127 11.2.
  • Page 7: Chapter 1. Kaspersky Anti-Virus For Workstation

    CHAPTER 1. KASPERSKY ANTI- VIRUS FOR WORKSTATION Attention! New viruses appear every day, therefore it is important to keep this product upgraded by updating virus databases every day (see detailed information below). Please do not forget to update the anti-virus database upon product installation! The Kaspersky Anti-Virus for Workstation software package is designed to...
  • Page 8: New Features Of Version 4.5

    Kaspersky Anti-Virus for Workstation • Kaspersky Anti-Virus Rescue Disk is a program that allows a user to create a set of rescue disks to restore the system in the aftermath of a virus-attack • Kaspersky Anti-Virus Control Centre is a shell program for the software package components.
  • Page 9: Distribution Kit

     Kaspersky Anti-Virus for Workstation Windows NT Workstation 4.0 (SP6а or higher): • Intel Pentium processor (or compatible) of 150 MHz or higher. • At least 48 Mb of RAM (64 Mb recommended). Windows 2000 Professional • Intel Pentium processor (or compatible) of 150 MHz or higher. •...
  • Page 10: Help Desk For Registered Users

    Kaspersky Anti-Virus for Workstation The retail box includes: • a sealed envelope with an installation CD containing files for the software product; • User Guide; • a license key written on the installation CD; • license agreement. Before you unseal the envelope containing the CD, be sure to thoroughly review the license agreement.
  • Page 11: Conventions

     Kaspersky Anti-Virus for Workstation Kaspersky Labs does not provide information related to operation and use of your operating system or various other technologies. 1.5. Conventions In this book we use various conventions to emphasize different meaningful parts of the documentation. The Table below lists the conventions used in this User Guide.
  • Page 12: Chapter 2. Installing And Uninstalling Kaspersky Anti-Virus For Workstation

    CHAPTER 2. INSTALLING AND UNINSTALLING KASPERSKY ANTI-VIRUS FOR WORKSTATION Before installing Kaspersky Anti-Virus for Workstation make sure to quit all programs running on your computer. Launch the setup.exe program on the CD to start the package installation. The setup wizard operates in dialog mode. Each dialog box contains a certain set of buttons allowing management of the setup.
  • Page 13 Installing and uninstalling Kaspersky Anti-Virus for Workstation Step 3. Select the folder the program will be installed to In the Choose Destination Location dialog box, select the installation folders where the Kaspersky Anti-Virus for Workstation program components will be installed. Destination Folder indicates the folder for the components, and Common Files Folder indicates the path for files shared by all the components.
  • Page 14 Kaspersky Anti-Virus for Workstation Step 7. Copying files to the hard disk Read the setup information in the Start Copying Files dialog box. Press Next to continue the installation. The program will start copying files to the hard disk; the process is indicated by the progress bar in the Setup Status dialog box.
  • Page 15: Reinstalling

    Installing and uninstalling Kaspersky Anti-Virus for Workstation • Vendor information for this version (company name, addresses, telephone numbers) • Support information (who and where support is provided) • Product release date • Name and number of the license • Functionality table for various components •...
  • Page 16: Uninstalling

    Kaspersky Anti-Virus for Workstation If you selected the Modify option and pressed Next, the Select Components dialog box will appear on your screen. Select the required package components by checking the appropriate boxes in the dialog box and press Next. The Setup Status and the Completing Setup Wizard dialog boxes will consequently appear on your screen.
  • Page 17: Chapter 3. Kaspersky Anti-Virus Scanner

    CHAPTER 3. KASPERSKY ANTI- VIRUS SCANNER Kaspersky Anti-Virus Scanner (Kaspersky AV Scanner) is an anti-virus program that checks for viruses and deletes them on demand. The program performs the following functions: • Detects and deletes viruses of all types in files located on user-predefined disks, in boot sectors and RAM •...
  • Page 18 Kaspersky Anti-Virus for Workstation Option 2: Kaspersky AV Control Centre. To do this, you must first create the appropriate task. This task can be started manually or scheduled to start automatically. Option 3: The command line. To do this, you must press the Start button in the Windows taskbar, point and click Run, define the full path to the file avp32.exe in the Run dialog box and press the OK button.
  • Page 19 Kaspersky Anti-Virus Scanner [/virlist=filename] – creates a file with the defined name that will contain the list of viruses currently detectable by Kaspersky AV Scanner. [filename and foldername] – sets Kaspersky AV Scanner to scan for viruses in those files or folders. If a file name or a folder name have spaces, they must be enclosed in quotation marks.
  • Page 20: Program Interface

    Kaspersky Anti-Virus for Workstation Example 4. Starting the program preset to check for viruses in files in the My documents folder and to ignore the files listed in the file exclude.txt. "С:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\Avp32.exe" "C:\My documents" /EL /@=C:\exclude.txt 3.2.
  • Page 21: Main Window

    Kaspersky Anti-Virus Scanner • Update Now – launches Kaspersky AV Updater, the program for updating anti-virus databases. • About Kaspersky Anti-Virus Scanner – displays information about the program. • Unload Kaspersky Anti-Virus Scanner – unloads the program from memory. 3.2.2. Main window In the Kaspersky AV Scanner main window, you can change scanning settings, start/stop scanning and review the program performance results.
  • Page 22: Tool Bar

    Kaspersky Anti-Virus for Workstation Menu !commands Function (The command allows you to…) File ! Unload Kaspersky unload the Kaspersky AV Scanner program Anti-Virus Scanner from memory. File ! Close window exit the program main window. Scan ! Start Now / Stop scan start / stop scanning viruses...
  • Page 23: Work Area

    Kaspersky Anti-Virus Scanner Button Menu ! Command Function (The button allows you to…) File ! Open Profile load settings from the required profile. File ! Save Profile save current settings to a profile. File ! save current settings to a file and Save Profile as Default set this file as the default profile.
  • Page 24: Status Bar

    Kaspersky Anti-Virus for Workstation The Options frame allows you to define certain general settings, and you may use a settings tree in the Customize frame to define advanced settings of your Kaspersky AV Scanner (see subchapters 3.3.2, 3.3.3). The Statistic frame displays a table with the scanner performance statistics (see subchapter 3.4.4).
  • Page 25: Scanning Parameters For Objects. Objects Category

    Kaspersky Anti-Virus Scanner 3.3.1. Scanning parameters for objects. Objects category The Objects frame (Figure 3) in the work area allows you to choose locations and objects to be checked for viruses. You may do this by selecting appropriate options in the frame hierarchies. These options may be viewed in the following two modes: Standard and Expert.
  • Page 26 Kaspersky Anti-Virus for Workstation With the Expert mode enabled, the Objects frame is divided into three sub- frames: in the upper left sub-frame you can find the file system hierarchy, the upper right sub-frame displays settings for the item selected in the upper left sub- frame hierarchy, and the lower sub-frame displays the list of files located in the root of the object selected in the upper left sub-frame (Figure 5).
  • Page 27: Defining Objects To Be Checked. Memory, Sectors, And Files

    Kaspersky Anti-Virus Scanner If you select the option to scan a certain location within your file system, Kaspersky AV Scanner will automatically scan all the locations within the selected one. However, when in the Expert view mode you can mark the required sub-locations to be excluded from the check.
  • Page 28: Handling Infected And Suspicious Objects

    Kaspersky Anti-Virus for Workstation Scan files of following types – scans files in the corresponding locations (including System, Hidden and Read Only files). This check box is available if you checked the My Computer or a disk box in the upper left sub-frame. You cannot uncheck it for a folder or file.
  • Page 29 Kaspersky Anti-Virus Scanner infected objects check box; by checking this box, you can apply the selected action to all infected objects detected later, and which you previously predefined to be handled by opening the dialogue box. Upon detection of the next infected object, the dialog box will not appear again.
  • Page 30: Advanced Scanning Modes

    Kaspersky Anti-Virus for Workstation Figure 6. The Ask user dialog box 3.3.1.3. Advanced scanning modes 3.3.1.3.1. Scanning compound objects You can enable advanced scanning modes to check for viruses in archives, packed files, mail databases and plain mail formats (for details see Appendix А). Scan compound files of the following types –...
  • Page 31 Kaspersky Anti-Virus Scanner Archives – check this box to search for viruses in files archived using ZIP, ARJ, LHA, RAR, CAB and some other archiving utilities. Kaspersky Anti-Virus is able only to detect viruses from archives. In addition, Kaspersky Anti-Virus does not extract password-protected archives.
  • Page 32: General Settings: Options

    Kaspersky Anti-Virus for Workstation If the plain mail check mode is enabled, Kaspersky Anti-Virus checks every file for a message header. If a message header is detected, the program searches for attached data (UUEncode, XXEncode and etc.) and checks it for viruses. The mail database and plain mail modes noticeably slow down the Kaspersky AV Scanner scanning rate.
  • Page 33: Reporting Options

    Kaspersky Anti-Virus Scanner Figure 7. The Options frame 3.3.2.1. Reporting options Save report file – check this box to save the report to a file. If you check this box, you will be able to monitor the performance of Kaspersky AV Scanner using Kaspersky Report Viewer (see Chapter 7).
  • Page 34: Renaming, Copying, And Deleting Options

    Kaspersky Anti-Virus for Workstation Append – check this box to append new reports to the existing report file. This is useful if you want to keep reports on several or all the previous checks. If the box is not checked, every time Kaspersky AV Scanner is started it will create a new report file.
  • Page 35 Kaspersky Anti-Virus Scanner Use sound effects for the following events – check this box to play sounds when checking for and deleting viruses. Infected object found– allows you to set the sound file that is played each time an infected object is detected. While selecting files in the corresponding window you can use the Test button to listen to them.
  • Page 36: Saving/Loading Settings

    Kaspersky Anti-Virus for Workstation when finished, will ask for the next removable drive. This setting is used if you preset Kaspersky AV Scanner to scan data only on the removable drive. Display attention messages – check this box to display other warning messages.
  • Page 37: Previewing Settings Before The Check

    Kaspersky Anti-Virus Scanner 3.3.5. Previewing settings before the check You can review your scanner settings in text form. The text describes rules specified for all the objects of your file system: from My Computer to separate files. For example, if the rules that your Kaspersky AV Scanner uses to check and process the autoexec.bat file differ from those used for the parent object - System disk (C:), a list of these rules will be displayed separately.
  • Page 38: Checking For And Deleting Viruses

    Kaspersky Anti-Virus for Workstation 3.4. Checking for and deleting viruses 3.4.1. Starting and aborting the check Scanning for viruses can be initiated/terminated automatically via Kaspersky AV Control Centre, or on demand from both Kaspersky AV Control Centre, and the Kaspersky AV Scanner main window. When Kaspersky AV Scanner starts checking for viruses, you can suspend/resume the scanning process, change the process priority or stop scanning.
  • Page 39: Changing Priority Of The Check

    Kaspersky Anti-Virus Scanner • 0 – no viruses detected; • 1 – scanning was interrupted; • 2 – detected objects contain a modified or damaged virus; • 3 —objects suspected of being viruses were detected; • 4 – one or more viruses were detected; •...
  • Page 40: Monitoring Progress

    Kaspersky Anti-Virus for Workstation 3.4.3. Monitoring progress If you enabled Kaspersky AV Scanner to report on its performance (see subchapter 3.3.2.1), you can use the Kaspersky Report Viewer program to monitor the performance in progress. To start the program, select the Show report command from the Tools menu, or click the toolbar button .
  • Page 41: Updating Anti-Virus Databases

    Kaspersky Anti-Virus Scanner • disinfected objects (that is, the number of objects from which viruses were correctly deleted); • deleted objects; • renamed objects; • warnings, i.e. messages about objects containing codes similar to known virus modifications; • suspicious objects (that is, Code Analyzer notifications); •...
  • Page 42 Kaspersky Anti-Virus for Workstation Figure 12. The Kaspersky Virus List Generator dialog box To display the list, press the Show list button. This button starts Report Viewer, which can be used to review the generated list of viruses. To exit the Kaspersky Virus List Generator dialog box press the Exit button. You can start Kaspersky Virus List Generator directly from the Windows main menu.
  • Page 43: Chapter 4. Kaspersky Anti-Virus Monitor

    CHAPTER 4. KASPERSKY ANTI- VIRUS MONITOR Kaspersky Anti-Virus Monitor (Kaspersky AV Monitor) is a memory-resident program that monitors files when they are accessed. Whenever somebody refers to an object, the monitor checks the object to make sure that it is free of viruses. If the object is found to be infected, the program will attempt to disinfect the object, delete it, move it to a quarantine folder or allow it to be accessed, depending on the options that were selected.
  • Page 44: Program Interface

    Kaspersky Anti-Virus for Workstation when you place your mouse cursor on the icon , the following prompt will pop up: Kaspersky Anti-Virus Monitor is enabled; the monitor system menu contains the following command: Disable Monitoring. If your anti-virus monitor is disabled, you can see the icon in the system tray: when you place your mouse cursor on the icon...
  • Page 45: Main Window

    Kaspersky Anti-Virus Monitor • Show Report – displays a window containing the program performance report. • Update Now – starts the anti-virus database-updating program, Kaspersky AV Updater. • About Kaspersky Anti-Virus Monitor – displays a box containing information about the program. •...
  • Page 46: Menu

    Kaspersky Anti-Virus for Workstation Figure 14. The Kaspersky AV Monitor main window 4.2.3. Menu At the top of the Kaspersky AV Monitor main window you can see a menu bar with drop-down menus. Some commands in these menus may be substituted by appropriate key combinations or toolbar buttons.
  • Page 47: Toolbar

    Kaspersky Anti-Virus Monitor Menu ! command Function (The menu command allows you to…) Monitor ! Enable monitoring / enable/disable the program to monitor Disable monitoring for viruses (see subchapter 4.4). Monitor View monitoring display your monitor settings in text form options (similar to subchapter 3.3.5).
  • Page 48: Work Area

    Kaspersky Anti-Virus for Workstation Button Menu ! command Function (The button and the menu command allow you to…) Tools ! Update Now start the anti-virus database- updating program Tools ! Show Report display the report window File ! Unload Kaspersky Anti- unload Kaspersky AV Monitor Virus Monitor from computer memory.
  • Page 49: Changing Settings

    Kaspersky Anti-Virus Monitor 4.3. Changing Settings The options of your monitor are similar to the settings of your anti-virus scanner (see subchapter 3.3). They differ in the following ways: in the Objects frame you will not find the Scan MS Outlook Express databases or the Scan start-up objects check boxes and therefore you cannot monitor the objects defined by these settings.
  • Page 50: Viewing Performance Statistics

    Kaspersky Anti-Virus for Workstation After the program has begun monitoring for viruses you can disable it, and then resume the process. Main menu System menu Toolbar command Disabling Monitor ! Disable Disable monitoring monitoring Enabling Monitor ! Enable Enable monitoring monitoring 4.5.
  • Page 51: Updating Anti-Virus Databases

    Kaspersky Anti-Virus Monitor • viruses detected; • virus bodies (the number of files infected by a known virus); • disinfected objects (the number of objects from which viruses were correctly deleted); • deleted objects; • renamed objects; • warnings (the number of objects containing codes similar to known virus modifications);...
  • Page 52: Chapter 5. Kaspersky Anti-Virus Updater

    CHAPTER 5. KASPERSKY ANTI- VIRUS UPDATER The Kaspersky Anti-Virus Updater (Kaspersky AV Updater) is used for automated updating of anti-virus databases with virus descriptions, methods of repairing infected files, and package components. The Kaspersky AV Updater can copy anti-virus databases and executable modules from the Internet (using a network or remote connection), a Local Folder, or an anti-virus server administered by Kaspersky Administration Kit.
  • Page 53: Step 1. The Welcome Wizard Box

    Kaspersky Anti-Virus Updater 5.2.1. Step 1. The Welcome wizard box After the updating program has been started the Wizard will open the first wizard box – Welcome (Figure 16) . Checking the Change settings box allows you to set up the update mode, objects for updating and report options. Otherwise, the steps described below will be omitted.
  • Page 54 Kaspersky Anti-Virus for Workstation Figure 17. The Connection wizard box The Connection wizard box allows you to define the updating mode and the object to be updated. Below we describe functions of the first-level options in the settings tree (Figure 18): Figure 18.
  • Page 55: Updating Via The Internet

    Kaspersky Anti-Virus Updater Restart computer if needed – check this box to restart the computer if required after the package executable modules are updated. When you have defined settings in this box press the Next button to proceed. 5.2.2.1. Updating via the Internet If you chose to update via the Internet, expand the Update Kaspersky Anti- Virus from Internet branch and define the required settings (Figure 19).
  • Page 56 Kaspersky Anti-Virus for Workstation Figure 20. Defining the updating server address When beginning to update, the program by default uses the first URL in the list. Other servers will be used one-by-one if the updater fails to download updates from the first URL. An error connecting to the server message will appear on your screen if the updater fails to download updates from any of the URLs in the list.
  • Page 57 Kaspersky Anti-Virus Updater – moves the URL highlighted in the list one line up; – moves the URL highlighted in the list one line down; 5.2.2.1.2. Defining the IP connection Depending on the method you choose to connect to the updating server, you must define the following IP connection settings (Figure 22): Figure 22.
  • Page 58 Kaspersky Anti-Virus for Workstation have chosen automated connection feature to set up a remote access to your IP, the program will enable the standard remote access utility (unless you have installed another one) after you start the updating process. Figure 24. The Connect To box To connect to your IP fill in the Connect To box (Figure 24) and click on Connect.
  • Page 59 Kaspersky Anti-Virus Updater user cannot identified by his settings the User Logon box (Figure 27) will appear with spaces for following connection settings to be filled in: User name, Password, Logon domain. Figure 27. The User Logon box When you have connected to the Internet, a special symbol will appear on the taskbar.
  • Page 60: Updating From A Local Folder

    Kaspersky Anti-Virus for Workstation If you have chosen to define connection manually, must define following settings (Figure 30): Figure 30. The settings to be defined manually Use a proxy-server (Firewall) – check this box to use a proxy-server or a firewall to connect to the IP;...
  • Page 61: Choosing Objects To Be Updated

    Kaspersky Anti-Virus Updater 5.2.2.3. Choosing objects to be updated There are the following two check boxes at the bottom of the settings tree (Figure 32): Figure 32. Choosing objects to be updated Update Antivirus Bases– check this box to update anti-virus databases; Update Executable Modules –...
  • Page 62: The Retrieving Updates Window

    Kaspersky Anti-Virus for Workstation Append – check this box to append new data to the existing report file. If you uncheck this box the program will overwrite the existing report with a new one each time the updating operation is performed. Limit size of report file (in Kb) –...
  • Page 63: Step 5. The Finishing Wizard Box

    Kaspersky Anti-Virus Updater • Downloading files – files copied from the server to the computer (the name of the copied file is displayed at the top, the percentage downloaded is displayed below); • Installing files… – files are installed onto the computer (the name of the installed file is displayed on top, the scale of the updating process completion is shown below);...
  • Page 64: Chapter 6. Kaspersky Anti-Virus Control Centre

    CHAPTER 6. KASPERSKY ANTI- VIRUS CONTROL CENTRE The Kaspersky AV Control Centre is a component of the Kaspersky Anti-Virus package. It performs the functions of a management shell. You can use it to install and update package components, define and schedule tasks to be started at the appropriate time, and to review the task performance results.
  • Page 65 Kaspersky Anti-Virus Control Centre When Kaspersky AV Control is successfully launched, in the taskbar notification area you will see the icon . Place you mouse cursor on it, right-click, and you will see the user menu (Figure 36), which includes the following commands: Figure 36.
  • Page 66 Kaspersky Anti-Virus for Workstation Figure 37. The About Kaspersky AV Control Centre box Here we must mention some special features of the program. Kaspersky AV Control Centre is divided into the following two sub-programs: a service sub-program that is started as a system service even before the logon procedure, and an interface sub-program that provides the program’s graphic interface and supports communication between a user and the program.
  • Page 67: Kaspersky Av Control Centre Interface

    Kaspersky Anti-Virus Control Centre 6.2. Kaspersky AV Control Centre interface The program main window contains the following four tabs: Tasks, Components, Settings and Quarantine (for details see below). To perform various actions you can use the right-click menu or the control panel. In the bottom of the window you can see the following buttons: OK, Cancel, Apply and .
  • Page 68 Kaspersky Anti-Virus for Workstation • Finished – the task has been successfully executed; • Fail – a failure occurred during execution of the task; • Interrupted by user – the task was interrupted by the user; • Pause – the task is suspended; •...
  • Page 69 Kaspersky Anti-Virus Control Centre running components of the package. You may sort the list lines by any column, alphabetically or numerically, in ascending or descending order. When you select an event from the list the task that generated the corresponding alert will be highlighted.
  • Page 70 Kaspersky Anti-Virus for Workstation To open the right-click menu, click with your right mouse button in the left part of the window, where the tasks list and the status bar are located. The right-click menu commands allows you to… • Start –...
  • Page 71 Kaspersky Anti-Virus Control Centre • Export – save the selected task to a file. If you select this command, a window asking you to save the task settings in a file with the .tsk extension will appear on your screen; •...
  • Page 72: The Property Window

    Kaspersky Anti-Virus for Workstation • <I > – create a new task. If you press this key, the New task window NSERT will appear on your screen (for details refer to subchapter 6.3). • <D > – remove the task from the list (with confirmation). ELETE •...
  • Page 73 Kaspersky Anti-Virus Control Centre Figure 41. The Kaspersky Anti-Virus Scanner task property window The window contains the following categories: Category Reference Objects See subchapter 3.3.1 Options See subchapter 3.3.2 Customize See subchapter 3.3.3 User account See subchapter 6.3.5 Schedule See subchapter 6.3.3 Alerts See subchapter 6.3.4...
  • Page 74 Kaspersky Anti-Virus for Workstation 6.2.1.1.2. The Kaspersky Anti-Virus Monitor task property window The Kaspersky Anti-Virus Monitor task property window consists of categories that contain the task settings (Figure 42). Some of the categories match those located in the corresponding component main window; other categories are specific only to Kaspersky AV Control Centre.
  • Page 75: The Property Window

    Kaspersky Anti-Virus Control Centre 6.2.1.1.3. The Kaspersky Anti-Virus Updater task property window The Kaspersky Anti-Virus Updater task property window contains tabs with the task settings (Figure 43). Figure 43. The Kaspersky Anti-Virus Updater task property window Reference Connection See subchapter 5.2.2 Options See subchapter 5.2.3 User account...
  • Page 76: The Components Tab

    Kaspersky Anti-Virus for Workstation Components 6.2.2. The The Components tab (Figure 44) contains a list of Kaspersky Anti-Virus package components Figure 44. The Components tab The tool bar is located in the right part of the tab; when you right click on it, the context menu appears (Figure 45).
  • Page 77: The Settings Tab

    Kaspersky Anti-Virus Control Centre The tool bar buttons are strictly correspondent to the items of the context menu (see below). Button Context Description menu item Create task Creates a new task based on the selected component. If you click on this button or select this menu entry, the New task window will open (see subchapter 6.3) Launches a task based on the selected component...
  • Page 78 Kaspersky Anti-Virus for Workstation Figure 46. The Settings tab Category Function This category contains parameters responsible for the system’s safety and limiting access to Kaspersky AV Control Centre components; Security This category contains parameters responsible for processing alerts about critical events in the Kaspersky AV Control Centre task performance;...
  • Page 79: The Security Category

    Kaspersky Anti-Virus Control Centre Category Function This category contains options for remote administration Kaspersky Network Control Centre (these options are only for those who use a Remote management Kaspersky Administration software package that includes remote administration program); This category contains user interface customization settings for Kaspersky AV...
  • Page 80 Kaspersky Anti-Virus for Workstation is located below in the settings tree). If you press the button, the Change password dialog box will appear on your screen. This box (see Figure 49) allows you to define change the password. Enter your password in the New password text field and confirm it in Confirm...
  • Page 81: The Alerts Category

    Kaspersky Anti-Virus Control Centre Run user program – If you check this box, user programs will be prohibited from starting as Kaspersky AV Control Centre tasks. Alerts 6.2.3.2. The category The Alerts category (see Figure 51) allows you to process remotely alerts generated by the running tasks.
  • Page 82 Kaspersky Anti-Virus for Workstation For example, Figure 52 illustrates a situation when the maximum number of alerts is limited to 10. This means that when Kaspersky AV Control Centre receives the eleventh alert from a task, the received alert list will be automatically cleared. If the Process Alerts by Kaspersky AV Control Centre option is selected, you should customize the settings for sending alerts.
  • Page 83 Kaspersky Anti-Virus Control Centre Contact your network system administrator for more information about SMTP and MAPI. 6.2.3.2.1. Send mail using SMTP To send alerts using SMTP, select the Send mail using SMTP option (Figure 53), then select the following parameters: Figure 53.
  • Page 84 Kaspersky Anti-Virus for Workstation To do this, define the following settings (See Figure 54). Figure 54. Settings for sending critical event SMS messages The e-mail gate address, as well as the access code to the operator’s cellular phone, can vary depending on the region. 6.2.3.2.2.
  • Page 85: The Remote Management Category

    Kaspersky Anti-Virus Control Centre Remote management 6.2.3.3. The category This category is used for remote administration setup using the Kaspersky Network Control Centre (Figure 56). Figure 56 The Settings tab. The Remote management category. To disable the remote management feature, select the Disable remote management option;...
  • Page 86 Kaspersky Anti-Virus for Workstation 6.2.3.3.1. Remote management security setting remote management security setting (Figure 58) allows you to limit the number of computers, which can remotely manage Kaspersky Anti-Virus Figure 58 Remote management security setting components. There are two options for the system safety setup: enable the Control Center administration for all network computers or set the IP addresses of the computers with permitted remote management.
  • Page 87: The Customize Category

    Kaspersky Anti-Virus Control Centre Kaspersky AV Server communication TCP port 8084 Kaspersky AV Server communication UDP port 8084 To enter new settings, go to the TCP/IP ports section (Figure 59), then enter the new values. Customize 6.2.3.4. The category The Customize category (Figure 60) contains the program interface...
  • Page 88: Color Setup

    Kaspersky Anti-Virus for Workstation • Task start – Play the sound immediately after the task launch (not regarding its type). • Task finished successfully – Play the sound at successful task completion, i.e. in case the task hasn’t been canceled by the user and hasn’t terminated with errors.
  • Page 89: The Quarantine Category

    Kaspersky Anti-Virus Control Centre • Event list window background – the Tasks tab background color. In Figure 63 below, the example of the Lilac color scheme is shown and its settings are given. Figure 63. The Liliac color scheme Quarantine 6.2.3.5.
  • Page 90: The Quarantine Tab

    Kaspersky Anti-Virus for Workstation Figure 64. The Quarantine category Files in quarantine are stored in encoded form. This: • reduces the risk of infection from this virus (the executable code cannot be started without preliminary decryption); • saves time for your anti-virus programs (files in the quarantined form are not detected as infected).
  • Page 91 Kaspersky Anti-Virus Control Centre Figure 65. The Quarantine page On this page you can change the display of quarantined files and handle these files as required. To do this, use the page’s right-click menu (see Figure 66). Figure 66. The Quarantine page right-click menu All the commands on the menu, except for View, can also be activated using the appropriate tool bar buttons located at the right side of the page.
  • Page 92 Kaspersky Anti-Virus for Workstation Figure 67. The file properties box To update the list of quarantined files, select the Refresh command from the right-click menu or press the button. To restore a file from the quarantine, follow these steps: Select the file from the list of quarantined files and press the button at the right side of the frame or select the Extract command from the file right-click menu.
  • Page 93 Kaspersky Anti-Virus Control Centre Figure 68. The file restoration wizard box To delete a file from the quarantine, follow these steps: Select it from the list of quarantined files and press the button or select the Delete command from the file right-click menu. The deletion confirmation box will appear on your screen.
  • Page 94: New Task Wizard

    Kaspersky Anti-Virus for Workstation Figure 69. The file quarantine wizard box 6.3. New Task Wizard The scheduled execution of a specified application with predefined settings can be defined as a named task of the task planner. The New Task Wizard is activated when you select New Task in the context menu or click on the button on the taskbar, the Tasks or Components tabs.
  • Page 95 Kaspersky Anti-Virus Control Centre Figure 70. Task window There are the following task types: • memory and disks scanning – launches Kaspersky AV Scanner with the individual settings feature for different scan parameters for each task. Task launch can be scheduled to activate automatically, at a certain event occurrence, or on direct command of a user;...
  • Page 96: The Schedule Window For A Kaspersky Av Monitor Task

    Kaspersky Anti-Virus for Workstation Schedule 6.3.2. The window for a Kaspersky AV Monitor task When creating a Kaspersky Anti- Virus Monitor task in the Schedule window (Figure 71) you should set the launch and pause intervals. To launch a task at the Kaspersky AV Control Centre start, select Always.
  • Page 97: Launching On Event

    Kaspersky Anti-Virus Control Centre • Monthly – the task launches on scheduled days and times (See subchapter 6.3.3.6). Select the required start option in the left part of the window then set up the schedule according to details described in the subchapters below. Figure 72.
  • Page 98: Launching By Condition

    Kaspersky Anti-Virus for Workstation Control Center The task is launched at the Kaspersky AV Control system service start Centre System Service start-up, i.e., in fact, at system boot. Figure 73. Start on event setup You can schedule any of your task types to be launched once a day or on each occurrence of the event.
  • Page 99 Kaspersky Anti-Virus Control Centre select this option, position the selector in the left part Schedule screen to condition (Figure 74). Figure 74. Start by condition setup After doing so, in the If task window select the task status in respect to which the condition will be formulated, and in the finished with exit code list select the task closedown value.
  • Page 100: Launching Hourly

    Kaspersky Anti-Virus for Workstation 6.3.3.3. Launching hourly To launch a created task on an hourly schedule, select Hourly option in the left part of the Schedule window (Figure 75), then specify the launch time in the right part of the window. Figure 75 illustrates the setup of the task launch on an hourly basis within a 25 minutes period.
  • Page 101: Launching Weekly

    Kaspersky Anti-Virus Control Centre Toolbar Context menu Purpose button option Time list or by pressing the <I > key. Modify… Modifies the task launch time value. When you enable this option and the Time window is activated, type in the modified time value. You can also do this by double clicking with your mouse on the line to be modified, or by pressing the <S...
  • Page 102 Kaspersky Anti-Virus for Workstation Figure 78. Start the task every month Then, use your mouse to check the dates when the created task will be launched and specify the launch time in the Time tab (See subchapter 6.3.3.4 for more information on how to specify the time in the list).
  • Page 103: The Alerts Window

    Kaspersky Anti-Virus Control Centre Alerts 6.3.4. The window In the Alerts window (Figure 79) check the alert types to be created by the task. As has been mentioned above, alerts are messages generated by tasks. To select an alert, check the appropriate box.
  • Page 104: Task Settings

    Kaspersky Anti-Virus for Workstation This account Account of the user whose settings are specified in the lines Username, Password and Confirm password. If the task is to be started under an account that is different from the current one, the messages it generates will be screened only if you check the Allow task to interact with desktop box.
  • Page 105: The Settings Window For Kaspersky Av Scanner And Monitor Tasks

    Kaspersky Anti-Virus Control Centre Task type Windows Description sequence Virus Scanner and 2. Options See subchapter 3.3.23.3.2 Kaspersky Anti- Virus Monitor 3. Customize See subchapter 3.3.3 launch task Kaspersky Anti- 1. Connecting See description in subchapter 5.2.2. Virus Updater There are two additional options in this window, which allow you to enable anti- virus database and executable module installation to the specified folder on...
  • Page 106: Chapter 7. Kaspersky Report Viewer

    CHAPTER 7. KASPERSKY REPORT VIEWER Kaspersky Report Viewer is a program allowing you to display and manage reports generated by Kaspersky Anti-Virus package components. Kaspersky Report Viewer is activated by selecting the Show Report option in the Kaspersky AV Scanner, AV Monitor main windows, and by clicking the Report button in the Finish boxes of the Kaspersky AV Updater main window.
  • Page 107 Kaspersky Report Viewer To the right of the report contents you can see the tool bar, which contains buttons for operation execution. The buttons have pop-up prompts. To see them, point the mouse cursor to a button; next to it you will see a small window with a short help line.
  • Page 108 Kaspersky Anti-Virus for Workstation Toolbar Menu commands Function button View!Autotracking Allows you to track the report (if you press this button (i.e. enable this mode) report will automatically placed on the last line, after new data is collected). View!View last Displays a report about the last session session.
  • Page 109 Kaspersky Report Viewer When the search function detect the first string (or the string part) matching the predefined search criteria, you can move to the next string meeting the same criteria by pressing the toolbar button or selecting the Find next command from the Edit menu.
  • Page 110: Chapter 8. The Settings Tree

    CHAPTER 8. THE SETTINGS TREE The Kaspersky Anti-Virus interface frequently uses the so-called settings tree which presents data in the form of a tree and conventional controls as joints (buttons, drop-down lists, check boxes and etc.). This technology provides a clear and easy to understand picture of interrelations between various settings, and makes it easy to study the program.
  • Page 111: Controls

    The Settings Tree What to do How it might be done (By using…) hide branch key on your keyboard. (the joint looks like command of the right- click menu . the <–> key on your keypad (all branches of the joint disappear from your screen).
  • Page 112: Option Button

    Kaspersky Anti-Virus for Workstation 8.2.2. Option button The option buttons are members of a group. A group of option buttons may consist of two or more buttons. You must use this group to select one of the options. The option button may be: –...
  • Page 113: Input Field Defining The Path To

    The Settings Tree After you finish editing the text field value press the Enter key on your keyboard or click with your mouse outside of this text field. You can cancel changes this text field and return to the previous value by pressing the Esc key on your keyboard.
  • Page 114: Drop-Down List

    Kaspersky Anti-Virus for Workstation 8.2.6. Drop-down list The drop-down list allows you to select one of the items from the list (Figure 84). To browse the list you must use the keys on your keyboard. To automatically scroll down/up the list you must use the C and C KEY COMBINATIONS Figure 84.
  • Page 115 The Settings Tree status. To restore these items as inheriting the group rules, you must select the Remove Strict command from the right-click menu. The check box will have the following appearance: Looks Description Meaning like A square with a The check mode is enabled.
  • Page 116: Chapter 9. Kaspersky Anti-Virus Script Checker

    CHAPTER 9. KASPERSKY ANTI- VIRUS SCRIPT CHECKER Kaspersky Anti-Virus Script Checker (Kaspersky AV Script Checker) – is an anti- virus application that protects your computer from script viruses and worms executed directly in the memory. When you run the Kaspersky Anti-Virus for Workstation setup utility, the program is automatically added in your operating system and later you will not have to start it manually.
  • Page 117 The Settings Tree Let’s imagine that you go to a web site containing a script virus similar to LoveLetter . If your Internet browser has low-level protection, the script virus will be immediately executed, but Kaspersky AV Script Checker will prevent the execution of the infected script and protect your computer from the virus attack.
  • Page 118: Chapter 10. Kaspersky Anti-Virus Rescue Disks

    CHAPTER 10. KASPERSKY ANTI- VIRUS RESCUE DISKS Kaspersky Anti-Virus includes Kaspersky Anti-Virus Rescue Disk, a special program allowing you to create a set of fallback-recovery disks. The fallback-recovery (or rescue) disks are used for system recovery after a virus attack. These disks include: •...
  • Page 119 Kaspersky Anti-Virus Rescue Disks Figure 87. The Welcome to Kaspersky Rescue Disk wizard box The Configuration wizard box (Figure 88) allows you to specify the fallback recovery disks to be created: Bootable disk containing executable files – boot disk with Linux OS files and the Kaspersky Anti-Virus executable files.
  • Page 120 Kaspersky Anti-Virus for Workstation Figure 88. The Configuration wizard box In the next wizard box, the Anti-Virus Bases box (Figure 89), you must define path to the file AVP.SET. This file is included in the Kaspersky Anti-Virus package and contains the list of available anti-virus databases. Figure 89.
  • Page 121 Kaspersky Anti-Virus Rescue Disks Figure 90. The Destination wizard box The program will then copy the files to the defined logical drive (Figure 91). During the copying process the application may prompt for additional disks. Figure 91. The Copying files wizard box When the files are copied to the disks, you will see the Completing wizard box (Figure 92).
  • Page 122: Using The Fallback-Recovery Disks

    Kaspersky Anti-Virus for Workstation Figure 92. The Completing the Rescue Disk Wizard box 10.2. Using the Fallback-Recovery Disks To use the fallback-recovery set, it is advisable that you follow these steps: Insert the start-up fallback-recovery diskette into the floppy disk drive and restart your computer.
  • Page 123 Kaspersky Anti-Virus Rescue Disks report file will be created. The prompt will look similar to the above. Note that details of your computer disk names with the Linux OS format appear on your screen above the request for temporary data disk. You will need these disk names later, when you decide to start your anti- virus on your own.
  • Page 124 Kaspersky Anti-Virus for Workstation N – display the same query as above whenever an infected file is detected After the scanning operation is finished the statistics table appears on your screen. Study the statistics and press the <E > key. NTER •...
  • Page 125 Kaspersky Anti-Virus Rescue Disks notation: /mnt/disk1/work. The disk names appear on your screen after you use the first disk from the fallback-recovery set (see above). After you enter the directories the program will start prompting for anti-virus base disks, and after this it will start scanning in the selected location.
  • Page 126: Chapter 11. Kaspersky Anti-Virus Mail Checker

    CHAPTER 11. KASPERSKY ANTI- VIRUS MAIL CHECKER Kaspersky Anti-Virus Mail Checker for Microsoft Exchange Client Compatibles (Kaspersky AV Mail Checker) is designed to protect users’ computers from viruses that use Microsoft Outlook 98/2000/XP for sending and receiving mails. The current version of Kaspersky AV Mail Checker is not compatible with Outlook Express and TheBat! The Kaspersky AV Mail Checker program performs the following functions: •...
  • Page 127 Kaspersky Anti-Virus Mail Checker can be displayed from the mail-processing program Microsoft Outlook 98/2000/XP. To display the Options dialog window from Microsoft Outlook: Start Microsoft Outlook; Select Options from the Tools menu; Switch to the Kaspersky Anti-Virus MailChecker tab. On the Kaspersky Anti-Virus MailChecker tab (Figure 93), you can: •...
  • Page 128: Running Kaspersky Mail Checker

    Kaspersky Anti-Virus for Workstation 11.2. Running Kaspersky Mail Checker Right after installed Kaspersky AV Mail Checker will start to display alert messages. However, you will see these alerts only when the virus is detected in your outgoing message (if you have checked the Popup Alert Message box upon detection).
  • Page 129: Messages In The Mailbox

    Kaspersky Anti-Virus Mail Checker • sent, if disinfection was successful; • sent but without infected attachments the program failed to disinfect; • deleted if disinfection of the message or ALL the attached files failed. If the Popup Alert Message box upon detection box is checked, you will have to respond to the alerts: If disinfection failed, the appropriate alert will appear on your screen (Figure 94).
  • Page 130: Appendix A. Advanced Checking Tools

    APPENDIX A. ADVANCED CHECKING TOOLS A.1. The Heuristic Checking Tool (Code Analyzer) Code Analyzer, a heuristic checking tool, checks file and sector codes down the various Kaspersky Anti-Virus algorithmic legs as it searches for virus-similar instructions. If the heuristic tool detects certain instructions (such as open a file, write to it, intercept the interrupt vectors, etc.), the file is suspicious and the program generates the appropriate message: Suspicion: <TYPE>,...
  • Page 131: The Redundant Scanning Tool

    Advanced Checking Tools • RemoteTemplate – the document contains a link to a template which is automatically loaded when the file is opened; • HTML.SecurityBreach.2 – the HTML file or the HTML message is linked to a suspicious object; • IRC-Worm.generic –...
  • Page 132 Kaspersky Anti-Virus for Workstation the redundant scanning tool as it noticeably slows down the scanning rate and increases the probability of false alarms.
  • Page 133: Appendix B. Glossary

    APPENDIX B. GLOSSARY alert (notification) An e-mail message that is automatically transmitted by a Kaspersky Anti-Virus package component to a predefined address at the occurrence of a predefined event (when a virus is detected, a component fails to perform its functions, etc.) anti-virus Computer software...
  • Page 134 Kaspersky Anti-Virus for Workstation Kaspersky Anti-Virus Control Centre A computer program that performs the functions of a control shell. This program allows creation and scheduling of task performance, and also control of performance results. Kaspersky Anti-Virus Mail Checker A computer program that provides protection from viruses in the incoming and outgoing messages that are processed using a Microsoft Exchange Client compatible software.
  • Page 135 Glossary quarantine A directory containing infected and suspicious files in coded form. These files can later be restored using Kaspersky Anti-Virus Control Centre, if they were deleted by mistake, or in order to archive and e-mail to Kaspersky Labs where they can be studied.
  • Page 136 Kaspersky Anti-Virus for Workstation suspicious object An object whose actions or contents appear similar to a virus. A memory location, file, macro and other objects can be claimed to be suspicious. system crack (hack) Unauthorized access that is gained to the system’s data or resources. Systems are frequently cracked using a malware.
  • Page 137: Appendix C. Kaspersky Labs Ltd

    APPENDIX C. KASPERSKY LABS LTD. Kaspersky Labs is a privately-owned, international, anti-virus software- development group of companies headquartered in Moscow (Russia), and representative offices in the United Kingdom, United States of America, China, France and Poland. Founded in 1997, Kaspersky Labs concentrates its efforts on the development, marketing and distribution of leading-edge information security technologies and computer software.
  • Page 138: Other Anti-Virus Products

    Kaspersky Anti-Virus for Workstation C.1. Other Anti-Virus products Kaspersky® Anti-Virus Lite The program is the most easy-to-use Kaspersky Lab anti-virus product that is developed for protection of home computers running Windows 95/98/Me, Windows 2000/NT Workstation, Windows XP. Kaspersky® Anti-Virus Lite includes: •...
  • Page 139 Kaspersky Labs Ltd. data transferred when using the HotSync™ utility or when data is beamed from protection of other portable devices. Kaspersky® Security for PDA also provides data stored in pocket computers (PDAs) against unauthorized access. supports the encrypted access to the device and encrypts all the data stored on the device and on memory cards.
  • Page 140: Contact Information

    Kaspersky Anti-Virus for Workstation You are free to choose any of the anti-virus programs according to the operation systems and applications you use. Kaspersky® Anti-Spam Kaspersky® Anti-Spam is a cutting edge software suite designed to help organizations with small and medium size networks wage war against the onslaught of undesired e-mail (spam).
  • Page 141: Appendix D. License Agreement

    APPENDIX D. LICENSE AGREEMENT NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT (“AGREEMENT”), LICENCE SPECIFIED SOFTWARE (“SOFTWARE”) PRODUCED KASPERSKY LAB. (“KASPERSKY LAB”). IF YOU HAVE PURCHASED THIS SOFTWARE VIA INTERNET BY CLICKING THE ACCEPT BUTTON, YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) CONSENT TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT.
  • Page 142 Kaspersky Anti-Virus for Workstation Use. The Software is licensed as a single product; it may not be used on more than one Client Device or by more than one user at a time, except as set forth in this Section. 1.1.1 The Software is “in use”...
  • Page 143 License agreement Software does not exceed the use limits specified for the licence you have obtained. This licence authorises you to make or download such copies of the Documentation for each Client Device or seat that is licensed as are necessary for its lawful use, provided that each such copy contains all of the Documentation proprietary notices.
  • Page 144 Kaspersky Anti-Virus for Workstation (iv) “Support Services” means Daily updates of antivirus databases; Free software updates, including version upgrades; Extended technical support via E-mail and hot phone-line provided by Vendor and/or Reseller; Virus detection and curing updates in 24-hours period. Ownership Rights.
  • Page 145 License agreement The warranty in (i) shall not apply if you (a) make or cause to be made any modifications to this Software without the consent of Kaspersky Lab, (b) use the Software in a manner for which it was not intended or (c) use the Software other than as permitted under this Agreement;...
  • Page 146 Kaspersky Anti-Virus for Workstation (iii) Subject to paragraph (i), the Kaspersky Lab liability (whether in contract, tort, restitution or otherwise) arising out of or in connection with the supply of the Software shall in no circumstances exceed a sum equal to the amount equally paid by you for the Software.

Table of Contents