Kaspersky Lab Anti-Virus 2010 manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of Kaspersky Lab Anti-Virus 2010, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Kaspersky Lab Anti-Virus 2010 one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of Kaspersky Lab Anti-Virus 2010. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of Kaspersky Lab Anti-Virus 2010 should contain:
- informations concerning technical data of Kaspersky Lab Anti-Virus 2010
- name of the manufacturer and a year of construction of the Kaspersky Lab Anti-Virus 2010 item
- rules of operation, control and maintenance of the Kaspersky Lab Anti-Virus 2010 item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Kaspersky Lab Anti-Virus 2010 alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Kaspersky Lab Anti-Virus 2010, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Kaspersky Lab service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Kaspersky Lab Anti-Virus 2010.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the Kaspersky Lab Anti-Virus 2010 item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    U S E R G U I D E KASPER SKY ANTI -VIR US 2010[...]

  • Page 2

    2 Dear User! Thank you for choosing our product. W e hope that this documentation w ill help you in your work and will provide answers to most of the questions regarding this software product. Any type of reproduction or distribution of any materials, including translations, is allowed only w ith the written permission of Kaspersky Lab. This docume[...]

  • Page 3

    3 CONTENTS INTRODUCTION ........................................................................................................................................................... 9 Distribution kit .......................................................................................................................................................[...]

  • Page 4

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 4 Security Management ............................................................................................................................................ 33 Protection status ........................................................................................................................[...]

  • Page 5

    C O N T E N T S 5 Selecting the scan method ..................................................................................................................................... 66 Using heuristic analysis ......................................................................................................................................... 67 PRO[...]

  • Page 6

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 6 Mail Anti-Virus ........................................................................................................................................................ 95 W eb Anti-Virus ..................................................................................................................[...]

  • Page 7

    C O N T E N T S 7 Suspicious link detected ...................................................................................................................................... 136 Invalid certificate detected ................................................................................................................................... 136 VAL[...]

  • Page 8

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 8 Libjpeg 6b library ................................................................................................................................................. 169 Libungif 3.0 library ................................................................................................................[...]

  • Page 9

    9 INTRODUCTION I N THIS SECT ION : Distribution kit ................................................................................................ .................................................................... 9 Services provided for registered users ...........................................................................................[...]

  • Page 10

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 10 S ERVICES PROVIDED FOR REGISTERED USERS Kaspersky Lab offers an extensive service package to all legally registered users, thus enabling them to boost the application's performance. After purchasing a license, you become a registered user and, during the period of you r license, you will be prov[...]

  • Page 11

    11 KASPERSKY ANTI-VIR US 2010 Kaspersky Anti-Virus 2010 is a new generation of information security solutions. W hat really sets Kaspersky Anti-Virus 2 010 apart from other software, even from other Kaspersky Lab products, is the multifaceted approach to data security on the user's computer. I N THIS SECT ION : Obtaining information about the [...]

  • Page 12

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 12 On this page, you will find the articles created by Technical Support Service specialists. These articles contain useful information, recommendations and FAQ on purchasi ng, installation and use of the application. They are assorted by their subject, such as M anagin g key files, Setting database upd[...]

  • Page 13

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 13 Describe the problem you have encountered in the request w eb form pro viding as much detail as possible. Specify the following in the mandatory fields: Request type . Select the subject that corresponds to the problem the most strictly, for ex ample: Problem with product installation/uninstallation,[...]

  • Page 14

    14 WHAT'S NEW IN KASPERSKY A NTI-VIRUS 2010 Kaspersky Anti-Virus 2010 is a comprehensive data protection tool. The multifaceted protec tion covers all channels for data transfer and exchange. Flex ible co nfiguration provided for any component lets users completely adapt Kaspersky Anti-Virus to their specific needs. Let us take a closer look a[...]

  • Page 15

    15 THE CONCEPT OF YOUR COMPUTER PROTECTION Kaspersky Anti-Virus ensures protection of your computer against known and new threats. Each type of threat is processed by a separate application component. This makes setup flex ible, with ea s y configuration options for all components, which can be tailored to the needs of a specific user or the busine[...]

  • Page 16

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 16 Mail Anti-Virus (see page 51 ) Mail Anti-Virus scans all incoming and outgoing email messages on your computer. It analyz es emails fo r malicious programs. The email is available to the addressee only if it do es not contain dangerous objects. The component also analyzes email messages to detect phi[...]

  • Page 17

    T HE C O N C E P T O F Y O U R C O M P U T E R P R O T E C T I O N 17 Network Monitor The component designed to view information about netw ork ac tivity in real -time mode. Anti-Banner An ti -Banner blocks advertising information located on banner s built into interfaces of various programs installed on your computer, or displayed online. Parental[...]

  • Page 18

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 18 W IZARDS AND T OOLS Ensuring computer's security is a difficult task that requires the expertise in operating system's features and in w ays of exploiting its weak points. Besides, the volume and diversity of information about system security makes its analysis and processing difficult. To [...]

  • Page 19

    T HE CO N C E P T O F Y O U R C O M P U T E R P R O T E C T I O N 19 Support All registered Kaspersky Anti-Virus users can take advantage of our Technical Support Service. For more details about the conditions of service, use the Support option. By following the links you can access the Kaspersky Lab product users' forum, se nd an error report[...]

  • Page 20

    20 INSTALLING KASPER SKY ANTI-VIRUS Kaspersky Anti-Virus is installed in interactive mode using the Installation W izard. Before beginning the installation, you are advised to close al l applications currently running. To ins tall Kaspersky Anti-Virus on your computer, run the installation file (file w ith the .exe extension) on the product CD. Ins[...]

  • Page 21

    I N S T A L L I N G K A S P E R S K Y A N T I - V I R U S 21 S TEP 1. S EARCHING FOR A NEWER VERSION OF THE APPLICATION Before the installation, the application searches for a newer version of Kaspersky Anti-Virus on Kaspersky Lab's update servers. If no newer versions are found on Kaspersky Lab's update serv ers, the Installation Wizard [...]

  • Page 22

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 22 S TEP 5. K ASPERSKY S ECURITY N ETWORK D ATA C OLLECTION S TATEMENT At this step, you will be offered to take part in the Kaspersky Security Network program. Participating in the progra m consists in sending Kaspersky Lab information about new threats detected on y our computer, in sending the unique[...]

  • Page 23

    I N S T A L L I N G K A S P E R S K Y A N T I - V I R U S 23 To select a component for the installation, open the context menu on the icon next to the component's name, and select the This feature will be installed on the local hard drive item. W hen you hav e finished selecting components to be installed, click the Next button. To return to t[...]

  • Page 24

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 24 If the application is being remotely installed using Windows Remote Desktop , you are advised to uncheck the Protect the installation process box. If this box is checked, the installation procedure may be left unfinished or performed incorrectly. To proceed with the installation, click the Install bu[...]

  • Page 25

    25 GETTING STARTED One of the main goals of Kaspersky Lab in creating Kaspersky Anti-Virus was to provide the optimum configuration of the application. This allows users w ith any le vel of computer literacy to ensure his or her computer's protec tion immediately after the installation without wasting his or her precious time upon the settings[...]

  • Page 26

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 26 A PPLICATION C ONFIGURATION W IZARD The Application Configuration Wizard starts after the installation is complete. It is designed to help you configure the initial settings of Kaspersky Anti-Virus, based on the features and tasks of your computer. The Application Configuration Wizard's interfac[...]

  • Page 27

    G E T T I N G S T A R T E D 27 S EE ALSO : Activating the commercial version ................................................................................................ ................................... 27 Activating trial version ................................................................................................................[...]

  • Page 28

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 28 S TE P 2. S E L E C T I N G P R O T EC T I O N MO DE Select the protection mode provided by Kaspersky Anti-Virus. Two modes are available: Automatic . If any important events occur, Kaspersky Anti-Virus will automatically perform the action recommended by Kaspersky Lab's experts. Once a threat i[...]

  • Page 29

    G E T T I N G S T A R T E D 29 Virus. Using a password can protect the application against u nauthorized attempts to disable protection or modify the settings of Kaspersky Anti-Virus. To enable password protection, check the Enable password protection box and fill in the New password and Confirm new password fields. Below, specify the area that you[...]

  • Page 30

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 30 S CANNING COMPUTER FOR VIRUSES Developers of malware make every effort to conceal the actions of their programs, and therefore you may not no tice the presence of malware on your computer. Once Kaspersky Anti-Virus is installed on your computer, it automatically performs the Quick scan task on your c[...]

  • Page 31

    G E T T I N G S T A R T E D 31 Information about the license currently in use is displayed in the License manager window: its type (commercial, commercial with subscription, commercial with protection subscription, trial), th e maximum number of hosts, the expiration date, and the number of days remaining. Information about the license expiration w[...]

  • Page 32

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 32 If the subscription validity period has elapsed as well as the grace period during w hich license can be renewed (subscription status – Expired ) Kaspersky Anti-Virus will notify you about it and will stop its attempts to renew license automatically. For license with subscription the functionality [...]

  • Page 33

    G E T T I N G S T A R T E D 33 S ECURITY M ANAGEMENT The computer protection status indicates problems in computer protection (see section "Main window of Kaspersky Anti - Virus" on page 38 ), which is displayed by changes in the color of the protection status icon, and of the panel on w hich the icon is located. Once problems appear in t[...]

  • Page 34

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 34 The tab shows the list of current problems. The problems are sorted with regard to their criti cality: first, the most critical ones (i.e., with red status icon), then less critical ones – with yellow status icon, and the last – information messages. A detailed description is provided for each pr[...]

  • Page 35

    G E T T I N G S T A R T E D 35 P AUSING PROTECTION Pausing protection means temporarily disabling all protection components for a certain pe riod of time. As a result of temporarily disabling protection, all protection components w ill b e paused. This is indicated by: inactive (grey) application icon in the taskbar notification area; red color of [...]

  • Page 36

    36 A PPL ICATION INTERF ACE Kaspersky Anti-Virus has a fairly simple and easy- to -use interface. This section will discuss its basic features in detail. Kaspersky Anti-Virus has plugins which are integrated into Microsoft Office Outlook, The Bat ! , Microsoft Internet Explorer, Microsoft Windows Explorer. The plugins extend the functionality of th[...]

  • Page 37

    A P P L I C A T I O N I N T E R F A C E 37 C ONTEXT MENU You can run basic protection tasks from the context menu, which contains these items: Update – start the application module and database updates and install updates on your co mputer. Full Scan – start a complete scan of your computer for malware objects. Objects residing on all drives, i[...]

  • Page 38

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 38 M AIN WINDOW OF K ASPERSKY A NTI -V IRUS The main application window can be divided into three part s: The top part of the window indicates your computer‟s current protection status. Figure 4: Current status of the co mputer protection There are three possible values of protection status: each of t[...]

  • Page 39

    A P P L I C A T I O N I N T E R F A C E 39 The right part of the window contains information about the application fun ction selected in the left part, allows to configure its settings, provides tools for executing virus scan tasks, retrieving u pdates etc. Figure 6: Right par t of the main win dow You can also use the following buttons and links: [...]

  • Page 40

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 40 N OTIFICATIONS If events occur during the operation of Kaspersky Anti- Vi rus, special notifications will be displayed on the screen as pop- up messages above the application icon in the M icros oft W indows task bar. Depending on how critical the event is for computer security, y ou might receive th[...]

  • Page 41

    41 COMPUTER FILE SYSTEM PROTECTIO N File Anti-Virus prevents infection of the computer's file system. It loads when you start your operating system and runs in your computer's RAM, scanning all files that are opened, saved or executed. By default, File Anti-Virus scans only new or modified files. A collection of settings, called the secur[...]

  • Page 42

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 42 I N THIS SECT ION : Component operation algorithm ...................................................................................................................................... 42 Changing security level of files and memory ................................ ....................................[...]

  • Page 43

    C O M P U T E R F I L E S Y S T E M P R O T E C T I ON 43 The application will notify you when an infected or a possibly infected file is detected. If an infected or potentially infected object is detected, a notification with a request for further actions will be displayed onscreen. Y ou will be offered the following: quarantine the object, allowi[...]

  • Page 44

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 44 Before attempting to disinfect or delete an infected object, K aspersky Anti -Virus creates a backup copy of it to allow later restoration or disinfection. If you are working in automatic mode (see section "Step 2. Selecting protection mode" on page 28 ), Kaspersky Anti-Virus will automatic[...]

  • Page 45

    C O M P U T E R F I L E S Y S T E M P R O T E C T I ON 45 3. Click the Settings button for the component you have selected. 4. In the window that will open, on the General tab, in the File types section select required settings. U SING HEURISTIC ANALYSIS Objects are scanned using databases which contain descripti ons of all known malware and the co[...]

  • Page 46

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 46 By default, Kaspersky Anti-Virus scans only embedded OLE objects. To modify the list of scanned compound files: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. In the window that will open, in the Protection section select the File Anti-Virus compone[...]

  • Page 47

    C O M P U T E R F I L E S Y S T E M P R O T E C T I ON 47 To change the object scan mode: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. In the window that will open, in the Protection section select the File Anti-Virus component. 3. Click the Settings button for the component you have selected. 4[...]

  • Page 48

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 48 P AUSING THE COMPONENT : CREATING A SCHED ULE W hen certain programs which require considerable computer resou rces are in progress, you can temporarily pause the operation of the File Anti-Virus component, which allows quicker access to objects. To decrease the load an d ensure quick access to objec[...]

  • Page 49

    C O M P U T E R F I L E S Y S T E M P R O T E C T I ON 49 P AUSING THE COMPONENT : CREATING AN APPLICATIONS LIST W hen certain programs which require considerable computer resources are in progress, you can temporarily paus e the operation of the File Anti-Virus component, which allows quicker access to objects. To decrease the load and ensure quic[...]

  • Page 50

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 50 R ESTORING DEFAULT PROTECTION SETTINGS W hen configuring File Anti-Virus, you are always able to restore its recommended settings. They are considered optimal, recommended by Kaspersky Lab, and grouped in the Recommended security level. To restore default protection settings, please do the following:[...]

  • Page 51

    51 MAIL PROTECTION Mail Anti-Virus scans incoming and outgoing messages for the presence of malicious objects. It is launched w hen the operating system loads, is located in computer RAM and scans all email messages received via the POP3, SMT P, IMAP, MAPI and NNTP protocols. A collection of settings called the security level , determines the w ay [...]

  • Page 52

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 52 C OMPONENT OPERATION ALGORITHM Kaspersky Anti-Virus includes the component, which ensures scanning the email for dangerous objects named Mail Anti - Virus . It loads when the operating system launches and runs continually, scanning all e mail on the POP3, SMTP, IMAP, MAPI and NNTP protocols, as w ell[...]

  • Page 53

    M A I L P R O T E C T I O N 53 C HANGING EMAIL PROTECTION SECURITY LEVE L The security level is defined as a preset configuration of File Anti-Vi rus settings. Kaspersky Lab speciali sts distinguish three security levels. The decision of which level to select should be made by the user based on the operational conditions and the current situation. [...]

  • Page 54

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 54 To change the specified action to be performed on detected objects: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. In the window that will open, in the Protection section select the Mail Anti-Virus component. 3. Specify the required action for the c[...]

  • Page 55

    M A I L P R O T E C T I O N 55 E MAIL SCANNING IN T HE B AT ! Actions on infected email objects in The Bat! are defined using the application's ow n tools. Mail Anti-Virus settings determining if incoming and outgoing messages should be scanned, which actions should be performed on dangerous objects in email, and which exclusions should apply,[...]

  • Page 56

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 56 To enable/disable the heuristic analysis, and to set the detail level for the scan, please do the following: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. In the window that will open, in the Protection section select the Mail Anti-Virus component.[...]

  • Page 57

    M A I L P R O T E C T I O N 57 R ESTORING DEFAULT MAIL PROTECTION S ETTINGS W hen configuring Mail Anti-Vi rus, you are alway s abl e to restore its recommended settings. T hey are considered opti mal, recommended by Kaspersky Lab, and grouped in the Recommended security level. To restore default mail protection settings, please do the follo wing: [...]

  • Page 58

    58 WEB TRAFFIC PROTECTI ON W henever you use the Internet, you subject information stored on your compu ter to the risk of infection by dangerous programs. These can infiltrate your computer while you are dow nloadi ng free software, or brow sing k nowingly safe sites, which have recently suffered network attacks. Moreover, netw ork worms can penet[...]

  • Page 59

    W EB T R A F F I C P R O T E C T I O N 59 I N THIS SECT ION : Component operation algorithm ...................................................................................................................................... 59 Ch anging HTTP traffic security level ..................................................................................[...]

  • Page 60

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 60 C HANGING HTTP TRAFFIC SECURITY LEV EL The security level is defined as a preset configuration of File Anti-Vi rus settings. Kaspersky Lab speciali sts distinguish three security levels. The decision of which level to select should be made by the user based on the operational conditions and the curre[...]

  • Page 61

    W EB T R A F F I C P R O T E C T I O N 61 To create the list of trusted web addresses, please do the foll owing: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. In the window that will open, in the Protection section select the Web Anti-Virus component. 3. Click the Settings button for the componen[...]

  • Page 62

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 62 3. Click the Settings button for the component you have selected. 4. In the Web Anti-Virus window that will open, in the Scan methods block, make sure that the Check if URLs are listed in the base of suspicious web addresses box and / or Check if URLs a re listed in the base of phishing web addresses[...]

  • Page 63

    W EB T R A F F I C P R O T E C T I O N 63 U SING HEURISTIC ANALYSIS Essentially, the heuristic method analyzes the object's activities in the system. If those a ctions are typical of malicious objects, the object is likely to be classed as malicious or suspicious. This allows new threats to be detected even before they have been researched by [...]

  • Page 64

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 64 R ESTORING DEFAULT WEB PROTECTION SETTINGS W hen configuring Web Anti -Virus, you are always able to restore its recommended settings. They are considered optimal, recommended by Kaspersky Lab, and grouped in th e Recommended security level. To restore default Web Anti-Virus settings, please do the f[...]

  • Page 65

    65 PROTECTING INSTA NT MESSENGERS TRAFFIC Besides the additional features for comfortable Internet surfi ng, instant messaging clients (further referred to as IM clients ), which have widely spread nowadays, have caused potential threats to computer se curity. Messages that contai n URLs to suspicious websites and those used by intruders for phishi[...]

  • Page 66

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 66 C OMPONENT OPERATION ALGORITHM Kaspersky Anti-Virus includes a component that ensures the scan of messages transferred v ia IM (instant messaging) clients for dangerous objects, named IM Anti-Virus . It loads at the startup of operating system and runs in your computer's RAM, scanning all incomi[...]

  • Page 67

    P R O T E C T I N G I N S T A N T M E S S E N G E R S T R A F F I C 67 To scan links in the messages using the database of suspicious web addresses, please do the following: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. In the window that will open, in the Protection section select the IM Anti-Vi[...]

  • Page 68

    68 PROACTIVE DEFENS E Kaspersky Anti-Virus protects you both from known threats and from new ones about which there is no information in the application databases. This feature is ensured by a specially developed component named Pro active Defense . The preventative technologies provided by Proacti ve Defense neutralize new threats before they harm[...]

  • Page 69

    P R O A C T I V E D E F E N S E 69 rootkits redirecting data input / output; attempts of sending DNS requests. The list of dangerous activities is added to automatically when Kaspersky Anti -Virus is updated, and it cannot be edited. However you can turn off monitoring for one dangerous activity or ano ther. To turn off monitoring for one dangerous[...]

  • Page 70

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 70 C REATING A GROUP OF TRUSTED APPLICATIONS You can use the option of specifying the range of trusted ap plications, activities of which will not be scanned by Proactive Defense. Trusted applications may include those with a digita l signature or those listed in Kaspersky Security Network's databa[...]

  • Page 71

    71 COMPUTER SCAN Scanning the computer for viruses and vulnerabilities is one of the most important tasks in ensuring the computer's security. The virus scan detects the spreading of malicious code, which has not been detected by the malware protection for some reasons. Vulnerability scan detects software vulnerabilities that can be used by in[...]

  • Page 72

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 72 In addition, you can select an object to be scanned for viruses with the standard tools of the Microsoft Windows operating system, for example, in the Explorer program window or on your Desktop , etc. Place the cursor on the desired object's name, right-click to open the Microsoft Windows contex[...]

  • Page 73

    C O M P U T E R S C A N 73 S T A R TI N G T H E V I R US S C A N T A S K A virus scan task can be started in one of the following way s: from the context menu of Kaspersky Anti-Virus (see section "Context menu" on page 37 ); from the main window (see section "Main window of Kaspersky Anti-Virus" on page 38 ) of Kaspersky Anti-Vi[...]

  • Page 74

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 74 To start a virus scan task for a selected object from the Microsoft Windows context menu: 1. Right-click the name of the selected object. 2. Select the item Scan for viruses in the context menu that will open. The progress and the results of the task execution will be displayed in the window that wil[...]

  • Page 75

    C O M P U T E R S C A N 75 To create the list of objects for quick scan or full scan tasks, please do the fo llowing: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. In the left part of the window, select the Full S can ( Quick Scan ) task. 3. In the Scan scope block, click the Settings button for [...]

  • Page 76

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 76 If you are working in automatic mode (see section "Step 2. Selecting protection mode" on page 28 ), Kaspersky Anti-Virus will automatically apply the action recommended by Kaspersky Lab's speciali sts when dangerous obj ects are detected. For malicious objects this action is Disinfect.[...]

  • Page 77

    C O M P U T E R S C A N 77 To scan only new and changed files: 1. Open the main application window and in the top part click the Settings link. 2. In the left part of the window, select the required task in the Scan M y Com puter ( Full S can , Quick Scan , Object S can ) section. 3. In the Security level block, click the Settings button for the ta[...]

  • Page 78

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 78 S CA N O F C O M P O U N D F IL ES A common method of concealing viruses is to embed them into compound files: archives, d atabases, etc. To detect viruses that are hidden this way a compound file should be unpacked, which can significantly lower the scan speed. For each type of compound file, you ca[...]

  • Page 79

    C O M P U T E R S C A N 79 S CA N T E C H N O L O G Y Additionally you can specify the technology which will be used during the scan. Y ou can select one of the following technologies: iChecker . This technology can increase scan speed by excluding certain objects from the scan. An object is excluded from the scan using a special algorithm that tak[...]

  • Page 80

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 80 3. In the Run Mode block, click the Settings button for the task selected. 4. In the window that will open, on the Additional tab, in the Scan methods section, select the required values for the settings. R UN M O D E : C R E A T I N G A S C H E D UL E You can create a schedule to start virus scan ta[...]

  • Page 81

    C O M P U T E R S C A N 81 F E A T U R E S O F S C HE DU L E D T A S K L A U N C H All scan tasks can be started manually, or by a schedule. Scheduled tasks feature an additional functionality, for ex ample, you can p ause scheduled scan if the screensaver is inactive, or the computer is unlocked . This functionality postpones the task launch until[...]

  • Page 82

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 82 The outcome of the search for potential vulnerabilities in t he operating system and in installed user applications is represented by direct links to critical fix es (app lication updates). After the vulnerability scan task starts (see page 82 ), its progress is displayed in the main application wind[...]

  • Page 83

    C O M P U T E R S C A N 83 C R E A T I N G A SH O R T C U T F OR T A S K E XE C U T I O N The application provides the option of creating a shortcut for a quick start of vu lnerability scan task. This allows starting the task without opening the main application w indow. To create a shortcut for starting the vulnerability scan task: 1. Open the mai[...]

  • Page 84

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 84 To edit a schedule for scan tasks: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. In the left part of the window, select the Vulnerability Scan task in the Scan My Computer section. 3. In the Run Mode block, click the Settings button for the task se[...]

  • Page 85

    85 UPDATE Keeping the application updated is a prerequisite for reliably protecting your computer. New viruses, Trojans, and malicious software emerge daily, so it is important to update t he application regularly to keep your personal data constantly protected. Information about threats and methods of their neutralization is stored in the database[...]

  • Page 86

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 86 You can view the update report, w hich contains full information about events that have occurred during the update task execution (the Report link in the upper part of the window). Y ou ca n also see the virus activity overview at www.kaspersky.com by clicking the Virus activity review link. I N THIS[...]

  • Page 87

    U P D A T E 87 R OLLING BACK THE LAST UPDATE At the start of the update process Kaspersky Anti-Virus creates a backup copy of the current databases and application modules. This allows the application to continue working, using the previous databases, if the update fails. The rollback option is useful if, for example, part of the databases has been[...]

  • Page 88

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 88 U SING THE PROXY SERVER If you are using a proxy server to connect to the Internet, you should edit its settings. To configure the proxy server, please do the following: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. Select the My Update Center sect[...]

  • Page 89

    U P D A T E 89 U PDATING FROM A LOCAL FOLDER The procedure of retrieving updates from a local folder is arranged as follow s: 1. One of the computers on the network retrieves the Kaspersky Anti -Virus update package from Kaspersky Lab's updates servers, or from a mirror server hosting a current set of updates. The updates retrieved are placed [...]

  • Page 90

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 90 3. Click the Settings button in the Run mode section. 4. In the window that will open, on the Run mode tab, select the update task startup mode in the Schedule section. If the By schedule option is selected, create the schedule. If an update was skipped for any reason (for example, the computer w as [...]

  • Page 91

    91 APPLICATION SETTIN GS CONFIGURATION The application settings window is used for quick access to the main Kaspersky Anti-Vi rus settings. Figure 11 : Application settings windo w The application settings window consists of two parts: the left part of the window provides access to Kaspersky Anti-Virus components, virus scan tasks, update tasks, et[...]

  • Page 92

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 92 From the context menu (see section "Context menu" on page 37 ). To do so, select the Settings item from the application context menu. Figure 12 : Contex t menu I N THIS SECT ION : Protection ....................................................................................................[...]

  • Page 93

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 93 E N A B L I N G / D I SA B L I N G C O M P U TE R P R O T E C T I O N By default, Kaspersky Anti-Virus is launched when the operating system loads, and protect s your computer until it is switched off. All protection components are runn ing. You can completely or partially disable th[...]

  • Page 94

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 94 U S I N G IN T E R A C T I V E P R O TE C T I O N M O DE Kaspersky Anti-Virus uses two modes to interact with the user: Interactive protection mode . Kaspersky Anti-Virus notifies the user about all hazardous and suspicious events occurring in the system. In this mode the user independently decides w[...]

  • Page 95

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I O N 95 create a protection scope (see page 44 ); optimize the scan (see page 45 ); configure the scan of compound files (see page 45 ); change the scan mode (see page 46 ); use the heuristic analysis (see page 45 ); pause the component (see page 48 ); select a scan technology (see page 47 [...]

  • Page 96

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 96 To proceed to the Mail Anti-Virus settings, please do the following: 1. Open the main application window and in the top part click the Settings link. 2. In the window that will open, in the Protection section, select the Mail Anti-Virus component. 3. In the right part of the window, select the compon[...]

  • Page 97

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 97 change the scan method (see page 66 ); use the heuristic analysis (see page 67 ). To disable IM Anti-Virus, please do the following: 1. Open the main application window and click the Settings link in the top part of the window. 2. In the window that will open, in the Protection secti[...]

  • Page 98

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 98 S CAN Selection of the method to be used to scan objects on your computer is determined by the set o f properties assigned for each task. Kaspersky Lab distinguishes virus scan tasks and vulnerabilit y scan tasks. Virus scan tasks include the following: Object Scan . Scan of objects selected by the u[...]

  • Page 99

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I O N 99 U PDATE The update of Kaspersky Anti-Virus is performed according to the set of parameters. You can perform the following actions from the update task configuration window : change the address of the resource from which application updates will be distributed and installed; specify [...]

  • Page 100

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 100 To enable the Kaspersky Anti-Virus's self-defense mechanisms, please do the following: 1. Open the main application window and in the top part click the Settings link. 2. In the window that will open, select the Options section. 3. In the Self-defense section, check the Enable self-defense box [...]

  • Page 101

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 101 However, there is a number of applications which will start immediately when CPU resource s become available, and will run in the background. For the scan not to depend on the performance of those applications , system re sources should not be conceded to them. Note that this settin[...]

  • Page 102

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 102 Af ter you are finished with the Configuration Wizard, the Recommended security level will be set for all components, except for the settings that you have decided to keep customized w hen resto ring. In addition, the settings that you have specified when working with the Wizard will also be applied[...]

  • Page 103

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 103 S ELECTING DETE CTABLE THREAT CA TEGORIES Kaspersky Anti-Virus protects you against various types of malicious programs. Regardless of the settings sel ected, the application will always scan and disinfect viruses, Trojans an d hacker utilities. These programs can do significant har[...]

  • Page 104

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 104 E XCLUSION RULE S Potentially dangerous software does not have any malicious functions but can be used as an auxiliary component for a malicious code, since it contains holes and errors. This category includes, for ex ample, remote administration programs, IRC clients, FTP servers, various utilities[...]

  • Page 105

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 105 A L L O W E D F I L E E X C L U S I O N M A S K S Let's look at some examples of permitted masks that you can use when create file exclusion lists. They are as follows: 1. Masks without file paths: *.exe – all files with the exe extension; *.ex? – all files with the ex? ext[...]

  • Page 106

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 10 6 N E TW O R K In the Network section of the application settings window, you can select the ports monitored by Kasper sky Anti -Virus, and configure the encrypted connections scan: create a list of monitored ports; enable / disable the encrypted connections scan mode (using the SSL protocol) (see pa[...]

  • Page 107

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 107 To create the list of applications for which you wish to monitor all the ports, please do the fo llowing: 1. Open the main application window and click the Settings link in the top part of the w indow. 2. In the window that will open, select the Network section. 3. In the Monitored [...]

  • Page 108

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 108 3. In the Certificates section, select the Security tab and click the Viewing certificates button. 4. In the window that will open, select the Certification Centers tab and click the Restore button. 5. In the window that will open, select the Kaspersky Lab's certi ficate file. The path to the K[...]

  • Page 109

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 109 To install the Kaspersky Lab's certificate for Opera version 9.x, please do the following: 1. Select the Tools Settings item in the browser menu. 2. In the window that will open, select the Additional section. 3. In the left part of the window, select the Securit y tab and clic[...]

  • Page 110

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 110 To disable notification delivery, please do the following: 1. Open the main application window and click the Settings link in the top part of the window. 2. In the window that will open, select the Notifications section. 3. Uncheck the Enable events notifications box. Even if the notification delive[...]

  • Page 111

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 111 R E P O R T S A N D S T O R A GES The section contains the settings that control the operation with Kaspersky Anti -Virus data files. Application data files are objects that have been quarantined by Kaspersky Anti-Virus, or moved to the backup, and files with reports about applicati[...]

  • Page 112

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 112 S TORING REPO RTS You can determine the maximum storage time for event repo rts (the Store reports no longer than box). By default, it is equal to 30 days: after it expires, objects will be deleted. You can change the max imum storage time, or even discard any limits imposed on it. Besides, you can [...]

  • Page 113

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 113 Backup copy is a copy of the original dangerous object that is created when first disinfecting or deleting the obje ct, and it is saved in backup. Backup is a special repository that contains backup copies of dangerous objects after proce ssing or deletion. The main function of a ba[...]

  • Page 114

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 114 F E E D B A C K A great number of new threats appear worldwide on a daily basis. To facilitate gatheri ng statistics about new threat types and sources, and about elimination methods, Kaspersky Lab invites you to use the Ka spersky Security Network service. Using Kaspersky Security Network suggests [...]

  • Page 115

    A P P L I C A T I O N S E T T I N G S C O N F I G U R A T I ON 115 Enable news notifications . By default, when some news are received, the system tray w ill display a special icon which, when clicked, displays a window containing the piece of news. Show "Protected by Kaspersky Lab" on Microsoft Windows logon screen . By default, this ind[...]

  • Page 116

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 116 To enable the gaming profile, please do the following: 1. Open the main application window and click the Settings link in the top part of the win dow . 2. In the window that will open, select the Gaming profile section. 3. Check the Enable Gaming profile box and specify the required settings.[...]

  • Page 117

    117 ADDITIONAL FEATU RES Ensuring computer's security is a difficult task that requires the expertise in operating system's features and in w ays of exploiting its weak points. Besides, the volume and diversity of information about system security makes its analysis and processing difficult. To facilitate solving specific tasks in providi[...]

  • Page 118

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 118 To start using the virtual keyboard: 1. Open the main application window. 2. Select the Securit y + section in the left part of the window and click the Virtual keyboard button. 3. Enter the required data by pressing the buttons on the virtual keyboard. M ake su re that dat a is entered in the corre[...]

  • Page 119

    A D D I T I O N A L F E A T U R E S 119 C R E A T I N G T H E R E S C U E D ISK Rescue disk creation means the creation of a disk image (ISO file) with up - to -date anti-virus databases and configuration files. The source disk image serving as base for new file creation can be dow nloaded from Kaspersky Lab server or copied from a local source. Th[...]

  • Page 120

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 120 6. Trying to configure network connections based on data found in system files of the comput er being loaded. 7. Loading graphical subsystem and starting Kaspersky Rescue Disk. In system rescue mode only virus scan tasks and database updates from a local source are available, as well as update rollb[...]

  • Page 121

    A D D I T I O N A L F E A T U R E S 121 This wizard consists of a series of screens (steps) navigated using the Back and the Next buttons; to close the wizard once it has completed its work, use the Finish button. To stop the wizard at any stage, use the Can cel button. To start the wizard: 1. Open the main application window. 2. Select the Securit[...]

  • Page 122

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 122 Information about a user's activity in the system is being stored constantly. The launch of any file, or the opening of any document will be logged. The Microsoft Windows system log registers man y events occurring in the system. For this reason, repeated running of the Privacy Cleaner Wizard m[...]

  • Page 123

    123 REPORTS The operation of each application component and the performance of each virus scan and update is recorded i n a report. W hile w orking with reports you can perform the following actions: select the component or task (see page 123 ) for which you wish to view the event report; manage data grouping (see page 124 ) and displaying data on [...]

  • Page 124

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 124 S ELECTING A COMPONENT OR A TASK TO CREATE A REPORT You can obtain information about events which occurred during the operation of each of the application's compone nts, or during the execution of tasks (for ex ample , File Anti -Virus, update etc.). In order to create a report on a certain com[...]

  • Page 125

    R E P O R T S 125 R EPORT READINESS NOTIFICATION You can create a schedule, according to which Kaspersky Anti-Virus will remind you about report readiness. In order to create a notification schedule: 1. Open the main application window and in the top part click the Report link. 2. In the window that will open, on the Report tab, check the Notify ab[...]

  • Page 126

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 126 D ISPLAYING DATA ON THE SCREEN Events included in the report w ill be displayed as a table. You can create a dataset to filte r the information, by specifying a restricting condition. To do this, click the area to the left of the heading of the table column for which you w ish t o impose a restricti[...]

  • Page 127

    R E P O R T S 127 To specify a limitation: 1. Open the main application window and click the Report link in the top part of the window. 2. In the window that will open, on the Report tab, click the Detailed report button. 3. In the window that will open, click the area to the left of the h eading of the table column for w hich you wish to impose a [...]

  • Page 128

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 128 U SING COMPLEX FILTERI NG The Custom filter window (see the figure below) is used to specify complex data filtering cond itions. You can use this window to specify data search criteria for any table column. Let us ex amine the procedure for work with the window using the Time column as an example. A[...]

  • Page 129

    R E P O R T S 129 The Column field is used to select the column of the table on which the keyw ord searc h will be performed. This selection allows you to save time required to perform a search (unless, of course, you have not selec ted the All value). Figure 18 : Events search To make the search case-sensitive, check the Match case box. The Match [...]

  • Page 130

    130 NOTIFICATIONS W hen Kasp ersky Anti-Vi rus runtime events occur, spec ial notification messages are displayed. Depending on how critical the event is for computer security, you might receive the follow ing types of notifica tions: Alarm . A critical event has occurred, for instance, a malicious object or dangerous activity has been detected on [...]

  • Page 131

    N O T I F I C A T I O N S 131 I N THIS SECT ION : Malicious object detected .............................................................................................................................................. 131 Object cannot be disinfected ................................ .................................................................[...]

  • Page 132

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 132 O BJECT CANNOT BE DISINFECTED There are some cases when it is impossible to disinfect a malicious object. This could happen if a file is so damaged that it is impossible to delete malicious code from it and restore integrity. The treatment procedure cannot be applied to several types of dangerous ob[...]

  • Page 133

    N O T I F I C A T I O N S 133 To apply the selected action to all objects of the same status dete cted in the current session of protection component or a task operation, check the Apply to all bo x. The current session is the time from when the component is started until it is disabled or the application is restarted or the time from beginning a v[...]

  • Page 134

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 134 Possible responses: Quarantine – shuts down the process and places the ex ecutable file to the quarantine. W hen you place an object in Quarantine, it is moved, not copied. Files in Quarantine are saved in a special format and are not dangerous. W hen you sc an Quarantine later with updated threat[...]

  • Page 135

    N O T I F I C A T I O N S 135 A TTEMPT TO ACCESS THE SYSTEM REGISTRY DETECTED W hen Pr oactive Defense detects an attempt to access system registry keys, a special notification pops up containing: The registry key being accessed. Full name of the file of the process that initiated the attempt t o access the registry keys and a path to it. Possible [...]

  • Page 136

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 136 S USPICIOUS LINK DETECTED Every time Kaspersky Anti-Virus detects an attempt to open the website, which address is contained in the list of suspicious web addresses, a special notification w ill p op up. The notification will contain: The website address. Possible responses: A llow – continues the[...]

  • Page 137

    137 VALIDATING KASPER SKY ANTI-VIRUS SETTINGS After Kaspersky Anti-Virus has been installed and configured, you can verify whether the appl ication is configured correctly, using a test "virus" and its modifications. A separate test is required for each prot ection component / protocol. I N THIS SECT ION : Test "virus" EICAR and[...]

  • Page 138

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 138 Table 1. Modifications of the test "virus" Prefix Object status Object processing information No prefix, standard test "virus". Infected . Object contains code of a known virus. You cannot disinfect the object. The application identifies the object as a non-disinfectable virus. A[...]

  • Page 139

    V A L I D A T I N G K A S P E R S K Y A N T I - V I R U S S E T T I N G S 139 T ESTING THE SMTP TRAFFIC PROTECTION In order to detect viruses in data streams transferred using SMTP protocol, you must use an email system that uses this protocol to transfer data. W e recom mend that you test how the Anti-Vi rus handles outg oing email messages, inclu[...]

  • Page 140

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 140 V ALIDATING VIRUS SCAN TASK SETTINGS In order to verify that the virus scan task is correctly configured: 1. Create a folder on the disk. Co py into this folder the test "virus" downloaded from the official EICAR website ( http://www.eicar.org/anti_virus_test_file.htm ), as well as all the[...]

  • Page 141

    141 WORKING WITH THE APP LICATION FROM THE COMMAND LINE You can work with Kaspersky Anti-Virus from the command line. Capability is provided to perform the following operations: start and stop application components; start and stop virus scan tasks; obtain information on the current status of components and tasks as w ell as their statistics; scan [...]

  • Page 142

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 142 IMPORT Imports application protection settings. The command can only be executed if the password assigned via the Kaspersky Anti-Virus interface is entered EXPORT Exports application protection settings Each command requires its ow n spe cific set of parameters. I N THIS SECT ION : Activating the ap[...]

  • Page 143

    W O R K I N G W I T H T H E A P P L I C A T I O N F R O M T H E C O M M A N D L I N E 143 Example: avp.com ACTIVATE 11AA1-11AAA-1AA11-1A111 avp.com ADDKEY 1AA111A1.key /password=<your_password> M ANAGING APPLICATION COMPONENTS AND TASKS Command syntax: avp.com <command> <profile|task_name> [/R[A]:<report_file>] avp.com STOP|[...]

  • Page 144

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 144 EM Mail Anti-Virus WM W eb Anti-Virus Values for Web Anti-Virus subcomponents: httpscan (HTTP) – scan HTTP traffic; sc – scan scripts. IM IM Anti-Virus Updater Update Rollback Rolling back the last update Scan_My_Computer Computer scan Scan_Objects Object scan Scan_Quarantine Quarantine scan Sca[...]

  • Page 145

    W O R K I N G W I T H T H E A P P L I C A T I O N F R O M T H E C O M M A N D L I N E 145 Settings description: <object to scan> – this parameter gives the list of objects that will be scanned for malicious code. The parameter may include several space-separated values from the list provided. <files> List of paths to the files and / o[...]

  • Page 146

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 146 /i9 Prompt the user for action at the end of the scan. <file types> – this parameter defines the file types that will be subject to an anti-virus scan. By default, if this parameter is not defined, only infected files by contents w ill be s canned. /fe Scan only infected files by extension. [...]

  • Page 147

    W O R K I N G W I T H T H E A P P L I C A T I O N F R O M T H E C O M M A N D L I N E 147 Pause scan of selected objects and start a full computer scan, after which continue the paused scan: avp.com PAUSE Scan_Objects /password=<your_password> avp.com START Scan_My_Computer avp.com RESUME Scan_Objects Scan the objects listed in the file objec[...]

  • Page 148

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 148 R OLLING BACK THE LAST UPDATE Command syntax: ROLLBACK [/R[A]:<report_file>] [/password=<your_password>] Settings description : /R[A]:<report_file> /R: <report_file> – log only important events in the repor t. /RA: <report_file> – log all events in the report. You c[...]

  • Page 149

    W O R K I N G W I T H T H E A P P L I C A T I O N F R O M T H E C O M M A N D L I N E 149 Note that this command will not be accepted without a password. Example: avp.com IMPORT c:settings.dat /password=<your_password> S TARTING THE APPLICATION Command syntax: avp.com S TOPPING THE APPLICATION Command syntax: EXIT /password=<your_password[...]

  • Page 150

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 150 To create a trace file to send to Technical Support with a maximum trace level of 500: avp.com TRACE file on 500 V IEWING H ELP Use this command to view the application command line syntax : avp.com [ /? | HELP ] To get help on the syntax of a specific command, you can use one of the follow ing comm[...]

  • Page 151

    151 ELIMINATING PROBLEMS If problems occur during Kaspersky Anti-Virus operation, first of all check if a method for solv ing them is described in the Help system or in the Kaspersky Lab's Knowledge Base at http://support.kaspersky.com . The Knowledge Base is a separate section of the Technical Support web site, and comprises recommendations f[...]

  • Page 152

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 152 3. In the Support window that will open, click the Support tools link. 4. In the Information for Technical Support Service window that will open, click the Create system state report button. The system state report is created in HTML and XML formats and is saved in sysinfo.zip archive. Once the info[...]

  • Page 153

    E L I M I N A T I N G P R O B L E M S 153 In order to upload the data files to the Support service server: 1. Open the main application window. 2. In the bottom part of the window , clic k the Support link. 3. In the Support window that will open, click the Support tools link. 4. In the Information for Technical Support Service window that will ope[...]

  • Page 154

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 154 To start the wizard: 1. Open the main application window. 2. In the bottom part of the window , clic k the Support link. 3. In the Support window that will open, click the Support tools li nk in the bottom part of the window. 4. In the Information for Technical Support Service window that will open,[...]

  • Page 155

    155 KASPERSKY SECURIT Y NETWORK DATA COLLECTION STATEMEN T A. INTRODUCTION Please read this document carefully. It contains important inf ormation that you should know before continuing to use our services or software. By continuing to use Kaspersky Lab software and services you will be deemed to have ac cepted this Kaspersky Lab‟ Data Collection[...]

  • Page 156

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 156 Kaspersky Security Network shall duly inform the users concerned, when initially collecting the above-mentioned information, of any sharing of such information, notably for use for busines s development and shall allow these Internet users to opt in (in the EC Member States and other countries requi[...]

  • Page 157

    K A S P E R S K Y S E C U R I T Y N E T W O R K D A T A C O L L E C T I O N S T A T E M E N T 157 regarding protection and use of confidential information. After collected data reaches Kaspersky La b it is stored on a server with physical and electronic security features as customary in the industry, including utilization of logi n/password procedu[...]

  • Page 158

    158 USING THIRD-PARTY CODE Third-party code was used during Kaspersky Anti-Virus development. I N THIS SECT ION : CryptoEx LLC ................................................................................................................................................................ 159 Fastscript 1.9 library ...................................[...]

  • Page 159

    U S I N G T H I R D - P A R T Y C O D E 159 C RYPTO E X LLC To create and verify digital signatures, Kaspersky Anti-Virus uses Crypto Ex LLC's data security software library, Crypto C. CryptoEx LLC holds a license from the Federal Agency for Government Communications and Information (a branch of the Federal Security Service) and the Crypto C d[...]

  • Page 160

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 160 GNU BISON PARSER LIBRARY The bison parser skeleton 2.3 copyright © GNU Project http://ftp.g nu.org/gnu/bison/ library under the framework of a special exception was used during application development. As a special exception, you may create a larger work that contains part or all of t he Bison pars[...]

  • Page 161

    U S I N G T H I R D - P A R T Y C O D E 161 OpenSSL License Copyright (c) 1998-2007 The OpenSSL Project. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are perm itted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this l[...]

  • Page 162

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 162 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provid ed with the distribution. 3. All advertising materials mentioning features or use of this software must display the fol[...]

  • Page 163

    U S I N G T H I R D - P A R T Y C O D E 163 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT W ARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY , FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIG HT HOLDER S BE LIABLE FOR ANY CLAIM, DAMAGES OR OTH[...]

  • Page 164

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 164 i) changes to the Program, and ii) additions to the Program; where such changes and/or additions to the Program originate from and are di stributed by that particular Contributor. A Contribution 'originates' from a Contributor if it was added to the Program by such Contributor itself or an[...]

  • Page 165

    U S I N G T H I R D - P A R T Y C O D E 165 iv) states that source code for the Program is available from such Contributor, and i nforms licensees how to obtain it in a reasonable manner on or through a medium customarily used f or software exchange. W hen the Progra m is made available in source code form: a) it must be made available under this A[...]

  • Page 166

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 166 If Recipient institutes patent litigation against a Contributor with respect to a patent app licable to software (including a cross-claim or counterclaim in a lawsuit), then any patent licenses granted by that Contributor to such Recipient under this Agreement shall terminate as of th e date such li[...]

  • Page 167

    U S I N G T H I R D - P A R T Y C O D E 167 RFC1321- BAS ED (RSA- FREE ) MD5 LIBRARY The RFC1321-based (RSA-free) MD5 library was used during application development. Copyright (c) 1999, 2002 Aladdin Enterprises. All rights reserved. Distributed under zlib/libpng li cense. W INDOWS T EMPLATE L IBRARY (WTL 7.5) The W indo ws Template Librar y 7.5 Co[...]

  • Page 168

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 168 other entity based on infringement of intellectual property rights or otherw ise. As a condition to exercising the rights and licenses granted hereunder, each Recipient hereby assumes sole responsibility t o secure any other intellectual property rights needed, if any. For example, if a third party [...]

  • Page 169

    U S I N G T H I R D - P A R T Y C O D E 169 5. NO WARRANTY EXCEPT AS EXPRESSLY SET FORTH IN THIS AGREEMENT, THE PRO GRA M IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, W ITHOUT LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON- INFRINGEMENT, MERCHANTABILITY OR FITN[...]

  • Page 170

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 170 LEGAL ISSUES In plain English: W e do n't promise that this software works. (But if you find any bugs, pl ease let us know ! ) You can use this software for w hatever you want. You don't have to pay us. You may not pretend that you w rote thi s software. If you use it in a program, you mus[...]

  • Page 171

    U S I N G T H I R D - P A R T Y C O D E 171 L IBUNGIF 3.0 LIBRARY The libungif 3.0 library was used during application development. Copyright (c) 199 7 Eric S. Raymond. Is used u nder the following conditions: Permission is hereby granted, free of charge, to any person obtaining a copy of this softw are and associated documentation files (the "[...]

  • Page 172

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 172 Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your free dom to share and change free software -- to make sure the software is free for all its users. This license, the Less[...]

  • Page 173

    U S I N G T H I R D - P A R T Y C O D E 173 The precise terms and conditions for copying, distribution and modification follow. Pay close attention to the difference between a "work based on the library" and a "work that uses the library". The former contai ns code derived from the library, whereas the latter must be combined wi[...]

  • Page 174

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 174 In addition, mere aggregation of another work not bas ed on the Library w ith the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other w ork under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU Genera[...]

  • Page 175

    U S I N G T H I R D - P A R T Y C O D E 175 c) Accompany the work with a written offer, valid for at least t hree years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution . d) If distribution of the work is made by offering access to co py from a designated plac[...]

  • Page 176

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 176 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copy righted interfaces, the original copyright holder who places the Library under this License may add an explicit geographi cal distribution limitation excluding those countries, so that d[...]

  • Page 177

    U S I N G T H I R D - P A R T Y C O D E 177 PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUT E GOODS OR SERVICES; LOSS OF USE, DA TA, OR PROFITS; OR BUSINESS INTERRUPTION) HO W EVER CAU[...]

  • Page 178

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 178 Code generated by the Protocol Buffer compiler is owned by the owner of the input file used when generating it. This code is not standalone and requires a support library to be linked w ith it. This support library is i tself covered by the above license.[...]

  • Page 179

    179 GLOSSARY List of masks and addresses of web resources, to which content the user trusts. Kaspersky Lab application does not sca n web pages, corresponding to some list item, for the presence of malicious objects. A C T I V A T I N G T H E A P P L I C A T I O N The application activation procedure consists in entering an activation code and obta[...]

  • Page 180

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 180 B A C K U P S T O R A G E Special storage designed to save backup copies of objects created before their first disinfe ction or deletion. B A S E O F P H I S H I N G W E B A D D R E S S E S List of web addresses, which are defined as phishing by Kaspersky Lab specialists. The base is regularly updat[...]

  • Page 181

    G L O S S A R Y 181 There exist a number of viruses that infect boot sectors, which are thus called boot viruses. The Kaspersky Lab application allows to scan boot sectors for viruses and disinfect them if an infect ion is found. D O M A I N N A M E S E R V I C E ( D N S ) Distributed system for converting the name of a host (a computer or other ne[...]

  • Page 182

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 182 For example, you have an archive scanned by Kaspersky La b application and assigned the not infected s tatus. The next time the application will skip this archive, unless it has been altered or the scan settings ha ve been changed. If you altered the archive content by adding a new object to it, mod[...]

  • Page 183

    G L O S S A R Y 183 L I S T O F C H E C K E D W E B A D D R E S S E S List of masks and addresses of web resources, which are mandatory scanned for malicious objec ts by Kaspersky Lab application. M A I L D A T A B A S E S Databases containing emails in a special format and saved on your computer. Each in coming/outgoing email is placed in the mail[...]

  • Page 184

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 184 P R O X Y S E R V E R Computer network service which allo ws users to make indirect requests to other netw ork services. First, a user connects to a proxy server and requests a resource (e.g., a file) locate d on another server. Then, the proxy server either connects to the specified server and obta[...]

  • Page 185

    G L O S S A R Y 185 T R A F F I C S C A N A real-time scan using information from the latest version of the databases for objects transmitted over all protocols (for example, HTTP, FTP, etc.). T R U S T E D P R O C E S S Application process whose file operations are not monitored by Kaspersky Lab's application in real -time protection mode. In[...]

  • Page 186

    186 KASPERSKY LAB Kaspersky Lab was founded in 1997. Today it is the leading developer of a wide range of high -performance information security software products, including anti-virus, anti-spam and anti -hacking systems. Kaspersky Lab is an international company. Headquartered in the Russian Federation, the company has offices in t he United King[...]

  • Page 187

    187 LICENSE AGREEMEN T IMPORTANT LEGAL NOTICE TO ALL USERS: CAREFULLY READ THE FOLLO W ING LEGAL AGREEMENT BEFORE YOU START USING THE SOFT W ARE. BY CLICKING THE ACCEPT BUTTON IN THE LICENSE AGREEMENT W INDOW YOU CONSENT TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS AGREEMENT. SUCH ACTION IS A SYMBOL OF YOUR SIGNATURE AND YOU ARE CONSENTING TO BE[...]

  • Page 188

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 188 2.2. If the Software was purchased o n a physical medium You have th e right to use the Software for p rotection of such a number of Computer(s) as is specified on the Software package. 2.3. If th e Software was purc hased via the Internet You have the rig ht to use the Soft ware for p rotection of [...]

  • Page 189

    L I C E N S E A G R E E M E N T 189 4. Technical Support The Technical Support described in Clause 2.5 o f this Agreement is provided to You when the latest Updat e of the Software is installed (except for a trial version of the Software ). 5. Information Collection 5.1. Having agreed with the terms and c onditions of this Ag reement You consent to[...]

  • Page 190

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 190 or surg es; casualty; a lteration, non -permitted modification, or repairs by an y party oth er than Righ tholder; or a ny other third parties‟ or Your actions or ca uses beyond Rightholder‟s reasonable control; (y) any defect n ot made known by You to Rightholder as soon as practical after the [...]

  • Page 191

    L I C E N S E A G R E E M E N T 191 9. GNU and Other Third Party Licenses The Software may include some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other s imilar free software licenses w hic h, a mong other rights, permit the user to copy, modify and redistribute c ertain programs,[...]

  • Page 192

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 192 reason, in whole or in part, such pro vision will be more narrowly co nstrued so that it becomes l egal and enforceable, and the entire Agreement will not fail on account thereof and the balance of the Ag reement will continue in full force and effe ct to the m aximum extent permitted by law or equi[...]

  • Page 193

    193 INDEX A Application components .............................................................................................................................................. 15 APPLICATION INTERFACE ....................................................................................................................................... 36 Applicat[...]

  • Page 194

    K A S P E R S K Y A N T I - V I R U S 2 0 1 0 194 K Kaspersky Anti-Virus starting at the operating system's startup .............................................................................................................. 93 L License .........................................................................................................[...]

  • Page 195

    I N D E X 195 selecting a component or a task .......................................................................................................................... 124 REPORTS ................................................................................................................................................................ . 123 Re[...]