visnetic antivirus for workstation - deerfield · web viewremove - completely remove the visnetic...
TRANSCRIPT
VisNetic AntiVirus for Workstation
Deerfield antivirus
VisNetic antivirus
Deerfield.net
VisNetic AntiVirusfor Workstation
USER GUIDE
visnetic antivirusfor workstation
User Guide
Visit our website: http://www.deerfield.net/
Date of editing: January 2003
Contents
101.1.Software Components
111.2.New Features of Version 4.0
131.3.License agreement
241.4.Information in This Guide
261.5.Conventions
271.6.Help Desk for Registered Users
282.1.Hardware and Software Requirements
292.2.Running the Setup Wizard
292.2.1.Installing
332.2.2.Reinstalling
342.2.3.Uninstalling
343.1.Functions and Features
343.2.Starting VisNetic AntiVirus Scanner
343.3.Program Interface
343.3.1.System menu
343.3.2.Main window
343.3.3.Menu
343.3.4.Tool bar
343.3.5.Work area
343.3.5.1. The Objects, Options, Customize and Statistics categories
343.3.5.2.The right-click menu
343.3.6.Status bar
343.4.Changing Settings
343.4.1.Objects to be checked
343.4.1.1.Defining the location to be checked
343.4.1.2.Defining objects to be checked
343.4.1.3.Handling infected and suspicious objects
343.4.1.4.Advanced scanning modes
343.4.2.General settings: Options
343.4.2.1.Reporting options
343.4.2.2.Renaming options
343.4.2.3.Defining priority
343.4.3.Advanced settings: Customize
343.4.4.Saving/loading settings
343.4.5.Previewing settings before the check
343.5.Checking For and Deleting Viruses
343.5.1.Starting and aborting the check
343.5.2.Changing priority of the check
343.5.3.Monitoring progress
343.5.4.Viewing statistics
343.6.Updating Antivirus Bases
343.7.Generating a List of Currently Known Viruses
344.1.Functions and Features
344.2.How to start, disable and enable Your VisNetic AntiVirus Monitor
344.3.Program Interface
344.3.1.System menu
344.3.2.Main window
344.3.3.Menu
344.3.4.Toolbar
344.3.5.Work area
344.3.6.Buttons
344.4.Changing Settings
344.5.Loading, disabling and enabling VisNetic AntiVirus Monitor
344.5.1.Loading, disabling and enabling
344.5.2.Viewing performance statistics
344.6.Updating Antivirus Bases
345.1.What the VisNetic AntiVirus Updater is used for:
345.2.How to Start the VisNetic AntiVirus Updater
345.3.Description of VisNetic AntiVirus Updater Interface
345.3.1.The Welcome wizard box
345.3.2.The Connection wizard box
345.3.2.1.Updating via the Internet
345.3.2.2.Updating from a local folder
345.3.2.3.Choosing objects to be updated
345.3.3.The Options wizard box
345.3.4.The Retrieving updates window
345.3.5.The Finishing wizard box
346.1.What VisNetic AntiVirus Control Center is used for
346.2.Launching VisNetic AntiVirus Control Center
346.3.VisNetic AntiVirus Control Center Interface
346.3.1.The Tasks tab
346.3.1.1.The Property window
346.3.2.The Components tab
346.3.3.The Settings tab
346.3.3.1.The Security category
346.3.3.2.The Alerts category
346.3.3.3.The Remote management category
346.3.3.4.The Quarantine category
346.3.3.5.The Customize category
346.3.4.The Quarantine tab
346.4.New Task Wizard
346.4.1.Tasks window
346.4.2.The Schedule window for a VisNetic AntiVirus Monitor task
346.4.3.The Schedule window for VisNetic AntiVirus Scanner and Updater
346.4.3.1.Launching on event
346.4.3.2.Launching by condition
346.4.3.3.Launching hourly
346.4.3.4.Launching daily
346.4.3.5.Launching weekly
346.4.3.6.Launching monthly
346.4.4.The Alerts window
346.4.5.The User account window
346.4.6.Task settings
346.4.6.1.The Settings window for VisNetic AntiVirus Scanner and Monitor tasks
347.1.What VisNetic Report Viewer is used for
347.2.Activating VisNetic Report Viewer
347.3.Interface
348.1.What is the Settings Tree?
348.2.The Settings Tree
348.3.Controls
348.3.1.Check box
348.3.2.Option button
348.3.3.Text field
348.3.4.Input field defining the path to…
348.3.5.Input field defining the number of …
348.3.6.Drop-down list
348.4.Control Indicators
1279.1.What Script Checker is used for
1279.2.Operating Principles of VisNetic AntiVirus Script Checker
12910.1.What the Program is used for
13010.2.Creating a Fallback-Recovery Set
13010.3.Using the Fallback-Recovery Disks
13211.1.Features and Functions
13311.2.Using VisNetic AntiVirus Mail Checker
13311.2.1.Incoming messages
13411.2.2.Outgoing messages
13511.2.3.Messages in your mailbox
13511.3.Setting Up VisNetic AntiVirus Mail Checker
13611.4.Advanced Options
13811.5.Updating VisNetic AntiVirus Mail Checker
Appendix A: Advanced Checking Tools
139
Appendix B: Glossary
142
Appendix C: Deerfield.net®
147
Chapter
1
1. VisNetic AntiVirusfor Workstation
1.1. Software Components
What is VisNetic AntiVirus for Workstation?
The VisNetic AntiVirus for Workstation software package is designed to protect a computer running the Windows operating system against viruses.
The following software products are included:
VisNetic AntiVirus Scanner is an antivirus program that checks for viruses and deletes them on demand.
VisNetic AntiVirus Monitor is a resident virus-detection +monitor that checks files that are started and opened.
VisNetic AntiVirus Updater is a virus-definition database-updating utility. When searching for viruses, VisNetic AntiVirus Scanner and VisNetic AntiVirus Monitor use these antivirus (or virus-definition) bases to identify viruses detected. Kaspersky Lab updates these bases on a daily basis by adding new virus details to them; database updates are placed on Kaspersky Lab websites and later retrieved by the updating utility.
VisNetic AntiVirus Mail Checker is a program that protects email messages from viruses. VisNetic AntiVirus Mail Checker scans for viruses in incoming and outgoing messages handled by Microsoft Outlook 97/98/2000.
VisNetic AntiVirus Script Checker is a program that protects computers from script viruses and worms that are executed directly within computer memory. When you run the VisNetic AntiVirus for Workstation setup utility, the program is automatically added in your operating system and later you will not have to start it manually.
VisNetic AntiVirus Rescue Disk is a program that allows a user to create a set of rescue disks to restore the system in the aftermath of a virus-attack
VisNetic AntiVirus Control Center is a shell program for the software package components. The VisNetic AntiVirus Control Center allows a user to manage installation and updating of the package components, schedule required operations, launch antivirus applications and review their performance statistics.
VisNetic AntiVirus Report Viewer is a program allowing a user to display reports generated by the package components.
The VisNetic AntiVirus for Workstation software package allows checking for viruses on local as well as on network drives. This check can be performed using VisNetic AntiVirus Scanner and/or VisNetic AntiVirus Monitor.
By using the VisNetic AntiVirus Administration Kit, the remote administration program, a network administrator can remotely manage components of the VisNetic AntiVirus software package.
1.2. New Features of Version 4.0
Features not available in the previous versions.
The VisNetic AntiVirus for Workstation version described in this guide has the following new features:
Optimized architecture of VisNetic AntiVirus Scanner and VisNetic AntiVirus Monitor. These programs are now each divided into two sub-programs: functional and interface. This division allows the programs to continue operating even with the interface sub-program unloaded. When unloaded, the interface sub-program releases additional RAM space, allowing accelerated performance of other applications.
Improved user interface. Changes primarily affect the interface’s graphic items, i.e., icons in the taskbar and pictures displayed when programs are started and during their operation.
Improved setup utility. If you have VisNetic AntiVirus Control Center and/or VisNetic AntiVirus Updater preinstalled on your computer, the setup utility will allow you to keep their settings (see subchapter 0). When running under Windows NT/2000, the VisNetic AntiVirus Monitor program operates as a system service.
Improved VisNetic AntiVirus Scanner command line. New switches have been added to the list of command line switches allowing more flexible configuration of the location to be checked by VisNetic AntiVirus Scanner (see subchapter 0).
VisNetic AntiVirus Monitor for Windows 9x/NT/2000 operating systems. The difference between the VisNetic AntiVirus Monitor versions for various operating systems has been eliminated. Improved interception of system calls to the infected files increases the stability of your operating system.
Improved archive-handling capabilities. New options have been added to the VisNetic AntiVirus Scanner and VisNetic AntiVirus Monitor archive-handling preferences. These options allow a user to insure retention of recoverable data with the programs preset to delete infected objects (see subchapter 3.4.2.2).
Extended capability to disinfect MS Outlook Express mail bases and the objects started at the operating system start. VisNetic AntiVirus Scanner now allows removal of computer viruses from MS Outlook Express mail databases (see 3.4.1.2). If you preset the program to delete infected objects and it detects a virus in the OS-started object, the program deletes the object and the object-starting code.
Added capability to check for viruses in the memory of running programs. VisNetic AntiVirus Monitor performs this check right after it is loaded, and also every time you update your antivirus bases. If the infected memory of a program cannot be disinfected, the program is forced to abort.
Added capability to update program modules. VisNetic AntiVirus Updater now allows updating of both the antivirus bases and package components. It’s easy – you just enable module updating by checking the appropriate box (see subchapter 5.3.2).
Quarantine. An easy-to-use tool that encodes infected files and places them into quarantine storage (a special folder from which they can be later restored). In combination with the removal of infected objects which the program failed to disinfect, this tool provides full-scale protection against viruses while ensuring the retention of recoverable data (see subchapters 6.3.3.4, 6.3.4). The quarantine tool is available only when managing VisNetic AntiVirus Monitor and VisNetic AntiVirus Scanner via VisNetic AntiVirus Control Center.
Rescue disks that are more user friendly. Now the check and recovery of your computer file system is started automatically right after you insert the first rescue disk from the rescue set (see Chapter 10).
1.3. License agreement
1. 1. Proprietary Rights and Non-Disclosure
1.1. 1.1. You agree that the Product and the authorship, systems, ideas, methods of operation, documentation and other information contained in the Product, are proprietary intellectual properties and or the valuable trade secrets of the Company and are protected by civil and criminal law, and by the law of copyright, trade secret, trademark and patent of the United States and other countries. You may use trademarks only insofar as to identify printed output produced by the Product in accordance with accepted trademark practice, including identification of trademark owner's name. Such use of any trademark does not give you any rights of ownership in that trademark. Your possession, installation or use of the Product does not transfer to you any title to the intellectual property in the Product, and you will not acquire any rights to the Product except as expressly set forth in this Agreement. All copies of the Product made hereunder must contain the same proprietary notices that appear on and in the Product. Except as stated herein, this Agreement does not grant you any intellectual property rights in the Product.
1.2. 1.2. You acknowledge that the source code for the Product is proprietary to the Company and constitutes trade secrets of the Company. You agree not to modify, adapt, translate, reverse engineer, decompile, disassemble or otherwise attempt to discover the source code of the Product in any way.
1.3. 1.3. You agree that the Product, including the specific design and structure of individual programs and the Key Identification File provided to you by the Company constitute confidential proprietary information of Kaspersky Labs and Deerfield.net. You agree not to disclose, provide or otherwise make available such confidential information in any form to any third party without the prior written consent of the Company. You agree to implement reasonable security measures to protect such confidential information, but without limitation to the foregoing, shall use best efforts to maintain the security of the Key Identification File provided to you by the Company.
1.4. 1.4. You agree not to modify or alter the Product in any way. You may not remove or alter any copyright notices or other proprietary notices on any copies of the Product.
2. 2. Grant of License
2.1. 2.1. License. The Company grants you one (1) unless otherwise specifically indicated under a valid license (e.g. volume license) granted by the Company, non-exclusive and non-transferable license to Operate and use the Product. During the term of your subscription license, subject to the payment of the applicable fees and your compliance with the terms hereof, this Agreement permits you to Operate one copy of the specified version of the Product, for internal purposes only, on one computer, workstation, personal digital assistant, pager, 'smart phone' or other electronic device of which the software was designed (each a "Client Device"), and only by one user, at a time. If you have purchased multiple licenses for the Product, then at any time you may have as many copies of the Product and may Operate as many copies of the Product as you have licenses. If the Product is licensed as a suite or bundle with more than one specified software product, this license applies to all such specified software products, subject to any restrictions or usage terms specified on the applicable price list or product packaging that apply to any of such software products individually. The Company reserves all rights not expressly granted herein.
2.2. 2.2. Server Mode. You may use the Product on a Client Device or as a server ("Server") within a multi-user or networked environment ("Server-Mode") only if such use is permitted in the applicable price list or product packaging for the Product. A separate license is required for each Client Device or "seat" that may connect to the Server at any time, regardless of whether such licensed Client Devices or seats are concurrently connected to or actually accessing or utilizing the Product (e.g. 'multiplexing' or 'pooling' software or hardware) does not reduce the number of licenses required (i.e. the required number of licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardware 'front end'). If the number of Client Devices or seats that can connect to the Product can exceed the number of licenses you have obtained, then you must have a reasonable mechanism in place to ensure that your use of the Product does not exceed the use limits specified for the license you have obtained. This license authorizes you to make or download one copy of the Documentation for each Client Device or seat that is licensed, provided that each such copy contains all the Documentation's proprietary notices.
2.3. 2.3. Volume use. If the Product is licensed with volume license terms specified in the applicable product invoicing or packaging for the Product, you may make use and install as many additional copies of the Product on the number of Client Devices as the volume license terms specify. You must have a reasonable mechanism in place to ensure that the number of Client Devices on which the Product has been installed does not exceed the number of licenses you have obtained. This license authorizes you to make or download one copy of the Documentation for each additional copy authorized by the volume license, provided that each such copy contains all of the Documentation's proprietary notices.
2.4. 2.4. Multiple Environment Product; Multiple Language Product; Dual Media Product; Multiple Copies; Bundles. If the Product supports multiple platforms or languages, if you receive the Product on multiple media, if you otherwise receive multiple copies of the Product, or if you received the Product bundled with other software, the total number of your computers on which all versions of the Product are installed may not exceed the number of licenses you have obtained from the Company. You may not rent, lease, sublicense, lend or transfer any versions or copies of the Product you do not use.
2.5. 2.5. Updates. During the term of this Agreement, you may download Updates to the Product when and as the Company publishes them in its electronic bulletin board system, website or through other online services. If the Product is an Update to a previous version of the Product, you must possess a valid license to such previous version in order to use the Update. You may continue to use the previous version of the Product on your computer after you receive the Update to assist you in the transition to the Update, provided that: (i) the Update and the previous version are installed on the same computer; (ii) the previous version or copies thereof are not transferred to another party or computer unless all copies of the Update are also transferred to such party or computer; and (iii) you acknowledge that any obligation the Company may have to support the previous version of the Product may be ended upon availability of the Update.
2.6. 2.6. Back-up Copies. You can make one (1) copy the Product for backup and archival purposes, provided, however, that the original and each copy is kept in your possession or control, and that your installation and use of the Product does not exceed that which is allowed in this Section 2.
2.7. 2.7. Renewal. Upon expiration of your subscription to the Product, the Company may automatically renew your subscription to the Product at the then prevailing price using credit card information you have previously provided. You may elect not to renew your subscription by contacting the Company's customer service department as provided in Section 7.4 hereof and informing them of your desire not to renew your subscription prior to any such renewal.
2.8. 2.8. Term and Termination. This Agreement is effective for one (1) year unless and until earlier terminated as set forth herein. Without prejudice to any other rights, this Agreement will terminate automatically if you fail to comply with any of the limitations or other requirements described herein.
2.9. 2.9. No Rights Upon Termination. Upon termination of this Agreement you will no longer be authorized to Operate or use the Product in any way.
3. 3. Restrictions
3.1. 3.1. You may not rent, lease, loan or resell the Product, but you may transfer your rights under this Agreement permanently to another person or entity, provided that a) you also transfer this Agreement, the Product, all accompanying printed materials, and all other software or hardware bundled or pre-installed with the Product, including all copies, Updates and prior versions, to such person or entity; b) retain no copies, including backups and copies stored on a computer; and c) the receiving party accepts the terms and conditions of this Agreement and any other terms and conditions upon which you legally purchased a license to the Product. Notwithstanding the foregoing, you may not transfer education, pre-release, or "not for resale" copies of the Product. You may not permit third parties to benefit from the use or functionality of the Product via a timesharing, service bureau or other arrangement, except to the extent such use is specified in the application price list, purchase order or product packaging for the software. You may not reverse engineer, decompile, disassemble or otherwise reduce any party of the Product to human readable form nor permit any third party to do so, except to the extent the foregoing restriction is expressly prohibited by applicable law. You may not modify, or create derivative works based upon the Product in whole or in part.
3.2. 3.2. You may not remove any proprietary notices or labels on the Product. You may not copy the Product except as expressly permitted in Section 2 above.
3.3. 3.3. You may not transfer any of the rights granted to you under this Agreement.
3.4. 3.4. The Company reserves the right to periodically conducts audits upon advance written notice to verify compliance with the terms of this Agreement.
4. 4. WARRANTIES AND DISCLAIMERS
4.1. 4.1. Limited Warranty. The Company warrants that for sixty (60) days from the original purchase the purchased Product is will be free from defects in materials and workmanship and that the Software will perform substantially in accordance with the Documentation or generally conform to the Product's specifications published by the Company. Non-substantial variations of performance from the Documentation do not establish a warranty right. THIS LIMITED WARRANTY DOES NOT APPLY TO UPDATES, PRE-RELEASE, TRYOUT, PRODUCT SAMPLER, OR NOT FOR RESALE (NFR) COPIES OF PRODUCT. To make a warranty claim, you must return the Product to the location where you obtained it along with proof of purchase within such sixty (60) day period of the license fee you paid for the Product. THE LIMITED WARRANTY SET FORTH IN THIS SECTION GIVES YOU SPECIFIC LEGAL RIGHTS. YOU MAY HAVE ADDITIONAL RIGHTS WHICH VARY FROM JURISDICTION TO JURISDICTION. For further warranty information, please see the jurisdiction specific information at the end of this Agreement, if any, or contact the Company's Customer Support Department.
4.2. 4.2. Customer Remedies. The Company and its suppliers' entire liability and your exclusive remedy for any breach of the foregoing warranty shall be at the Company's option either (i) return of the purchase price paid for the license if any, or (ii) replacement of the defective software. You must return the defective software to the Company at your expense with a copy of your invoice. This limited warranty is void if the defect has resulted from accident, abuse, or misapplication. Any replacement media will be warranted for the remainder of the original warranty period. Outside the United States, this remedy is not available to the extent the Company is subject to restrictions under United States export control laws and regulations.
4.3. 4.3. NO OTHER WARRANTIES. EXCEPT FOR THE FOREGOING LIMITED WARRANTY, AND FOR ANY WARRANTY, CONDITION, REPRESENTATION OR TERM TO THE EXTENT TO WHICH THE SAME CANNOT OR MAY NOT BE EXCLUDED OR LIMITED BY LAW APPLICABLE TO YOU IN YOUR JURISDICTION, THE PRODUCT IS PROVIDED "AS-IS" WITHOUT ANY WARRANTY WHATSOEVER AND THE COMPANY MAKES NO PROMISES, REPRESENTATIONS OR WARRANTIES, WHETHER EXPRESSED OR IMPLIED, WHETHER BY STATUTE, COMMON LAW, CUSTOM, USAGE OR OTHERWISE, REGARDING OR RELATING TO THE PRODUCT OR CONTENT THEREIN OR TO ANY OTHER MATERIAL FURNISHED OR PROVIDED TO YOU PURSUANT TO THIS AGREEMENT OR OTHERWISE. YOU ASSUME ALL RISKS AND RESPONSIBILITIES FOR SELECTION OF THE PRODUCT TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THE INSTALLATION OF, USE OF, AND RESULTS OBTAINED FROM THE PRODUCT. THE COMPANY MAKES NO WARRANTY THAT THE PRODUCT WILL BE ERROR FREE OR FREE FROM INTERRUPTION OR FAILURE, OR THAT IT IS COMPATIBLE WITH ANY PARTICULAR HARDWARE OR SOFTWARE. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, COMPANY DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT OF THIRD PARTY RIGHTS, INTEGRATION, SATISFACTORY QUALITY OR FITNESS FOR ANY PARTICULAR PURPOSE.WITH RESPECT TO THE PRODUCT AND THE ACCOMPANYING WRITTEN MATERIALS OR THE USE THEREOF. SOME JURISDICTIONS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES, SO THE ABOVE LIMITATION MAY NOT APPLY TO YOU. YOU HEREBY ACKNOWLEDGE THAT THE PRODUCT MAY NOT BE OR BECOME AVAILABLE DUE TO ANY NUMBER OF FACTORS INCLUDING WITHOUT LIMITATION PERIODIC SYSTEM MAINTENANCE, SCHEDULED OR UNSCHEDULED, ACTS OF GOD, TECHNICAL FAILURE OF THE SOFTWARE, TELECOMMUNICATIONS INFRASTRUCTURE, OR DELAY OR DISRUPTION ATTRIBUTABLE TO VIRUSES, DENIAL OF SERVICE ATTACKS, INCREASED OR FLUCTUATING DEMAND, EVENTS RELATING TO THE TURN OF THE MILLENNIUM, AND ACTIONS AND OMISSIONS OF THIRD PARTIES. THEREFORE, THE COMPANY EXPRESSLY DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY REGARDING SYSTEM AND/OR SOFTWARE AVAILABILITY, ACCESSIBILITY, OR PERFORMANCE. THE COMPANY DISCLAIMS ANY AND ALL LIABILITY FOR THE LOSS OF DATA DURING ANY COMMUNICATIONS AND ANY LIABILITY ARISING FROM OR RELATED TO ANY FAILURE BY THE COMPANY TO TRANSMIT ACCURATE OR COMPLETE INFORMATION TO YOU.
4.4. 4.4. LIMITED LIABILITY; NO LIABILITY FOR CONSEQUENTIAL DAMAGES. YOU ASSUME THE ENTIRE COST OF ANY DAMAGE RESULTING FROM YOUR USE OF THE PRODUCT AND THE INFORMATION CONTAINED IN OR COMPILED BY THE PRODUCT, AND THE INTERACTION (OR FAILURE TO INTERACT PROPERLY) WITH ANY OTHER HARDWARE OR SOFTWARE WHETHER PROVIDED BY THE COMPANY OR A THIRD PARTY. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT WILL THE COMPANY OR ITS SUPPLIERS OR LICENSORS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, LOSS OF GOODWILL, WORK STOPPAGE, HARDWARE OR SOFTWARE DISRUPTION IMPAIRMENT OR FAILURE, REPAIR COSTS, TIME VALUE OR OTHER PECUNIARY LOSS) ARISING OUT OF THE USE OR INABILITY TO USE THE PRODUCT, OR THE INCOMPATIBILITY OF THE PRODUCT WITH ANY HARDWARE SOFTWARE OR USAGE, EVEN IF SUCH PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. IN NO EVENT WILL COMPANY'S TOTAL LIABILITY TO YOU FOR ALL DAMAGES IN ANY ONE OR MORE CAUSE OF ACTION, WHETHER IN CONTRACT, TORT OR OTHERWISE EXCEED THE AMOUNT PAID BY YOU FOR THE PRODUCT. THIS LIMITATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY TO THE EXTENT THAT APPLICABLE LAW PROHIBITS SUCH LIMITATION. FURTHERMORE, BECAUSE SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, THE ABOVE LIMITATION MAY NOT APPLY TO YOU.
4.5. 4.5. JURISDICTION SPECIFIC EXCEPTIONS TO TERMS ABOVE.
4.5.1. 4.5.1. LIMITED WARRANTY FOR USERS LOCATED IN GERMANY OR AUSTRIA ONLY. If you purchased a license to the Product in Germany or Austria then Section 4.1 does not apply, instead, the Company warrants to the person or entity that first purchases a license for the Product, that the Software will perform substantially in accordance with the Documentation for a period of six (6) months following receipt of the Product when used on the recommended hardware configuration or generally conform to the Product's specifications published by the Company. Non-substantial variations of performance from the Documentation do not establish a warranty right. THIS LIMITED WARRANTY DOES NOT APPLY TO UPDATES, PRE-RELEASE, TRYOUT, PRODUCT SAMPLER, NOT FOR RESALE (NFR) COPIES OF PRODUCT, OR TO PRODUCT THAT HAS BEEN ALTERED BY YOU, TO THE EXTENT SUCH ALTERATIONS CAUSED A DEFECT. To make a warranty claim, you must return the Product, at our expense, to the location where you obtained it along with an invoice within such six (6) month period. If the Software does not perform substantially in accordance with the Documentation, the entire liability of the Company and your exclusive remedy shall be limited to either, at the Company's option, the replacement of the Product, the reduction of the license fee, or a refund of the license fee you paid for the Product. THE LIMITED WARRANTY SET FORTH IN THIS SECTION GIVES YOU SPECIFIC LEGAL RIGHTS. For further warranty information, please contact the Company's Customer Support Department.
4.5.2. 4.5.2. LIMITATION OF LIABILITY FOR USERS IN GERMANY AND AUSTRIA ONLY. If you purchased a license to the software in Germany or Austria then Section 4.4 does not apply, instead, the Company may be liable without limitation for damages you have incurred under or in connection with this Agreement only if the damage has been caused by the willful or grossly negligent act of the Company or its agents. The Company is liable only to the extent of the typically foreseeable damage for such damages which have been caused by any other negligent breach of a substantial contractual duty by the Company or its agents. These aforementioned limitations apply irrespective of their legal basis, in particular with regard to any pre-contractual or auxiliary contractual claims. The limitations shall not apply, however, to any mandatory liability under the applicable German or Austrian Product Liability Act, nor to any damage which is caused due to the breach of an express warranty to the extent that such express warranty was intended to protect the user against the specific damage incurred. The obligations under the second sentence shall not apply if any damage is caused by your having altered the Product, or if the respective data carriers (media) have been damaged by accident, misuse or inappropriate use, or if the damage concerned has been caused by the use of the Software in connection with other software for which the Software was not designated to be used according to the Documentation.
5. 5. U.S. Government-Restricted Rights
5.1. 5.1. Notice to U.S. Government End Users. The Product and accompanying Documentation are deemed to be "Commercial Items," as that term is defined at 48 C.F.R. §2.101, consisting of "Commercial Computer Software" and "Commercial Computer Software Documentation," respectively, as such terms are used in 48 C.F.R. §12.212 or 48 C.F.R. §227.7202, as applicable. Consistent with 48 C.F.R. §12.212 or 48 C.F.R. §§227.7202-1 through 227.7202-4, as applicable, the Commercial Computer Software and Commercial Computer Software Documentation are being licensed to U.S. Government end users (a) only as Commercial Items and (b) with only those rights, including any use, modification, reproduction, release, performance, display or disclosure of the Product and accompanying Documentation, as are granted to all other end users pursuant to the terms and conditions herein. Unpublished-rights reserved under the copyright laws of the United States
5.2. 5.2. Export Restrictions. You may not Operate, download, export, or re-export the Product (a) into, or to a national or resident of, any country to which the United States has embargoed goods, or (b) to anyone on the United States Treasury Department's list of Specially Designated Nationals or the U.S. Commerce Department's Table of Deny Orders. By downloading or using the Product, you are representing and warranting that you are not located in, under the control of, or a national or resident of any such country or on any such list. You acknowledge that it is your sole responsibility to comply with any and all government export and other applicable laws and that the Company has no further responsibility for such after the initial license to you.
6. 6. Your Information and the Company's Privacy Policy
6.1. 6.1. Privacy Policy. By entering into this Agreement, you agree that the Company may collect and retain information about you, including your name, email address and credit card information. The Company employs other companies and individuals to perform functions on its behalf. Examples include fulfilling orders, delivering packages, sending postal mail and e-mail, removing repetitive information from customer lists, analyzing data, providing marketing assistance, processing credit card payments, and providing customer service. They have access to personal information needed to perform their functions, but may not use it for other purposes. The Company publishes a privacy policy on its web site and may amend such policy from time to time in its sole discretion. You should refer to the Company's privacy policy prior to agreeing to this Agreement for a more detailed explanation of how your information will be stored and used by the Company. The Company's privacy policy is provided as a courtesy to for informational purposes only and contains statement of its present guidelines and goals with respect to collection, retention and use of data the Company may obtain from your purchase or use of the Product. The Company does not make any and hereby disclaims to the maximum extent allowed by law any and all covenants, representations and warranties with respect to its compliance with the statements of intent contained in the Company privacy policy.
6.2. 6.2. Public Announcements. The Company may identify you to the public as a customer of the Company and describe in a customer case study the services and solutions delivered by the Company to you. The Company may also issue one or more press releases, containing an announcement of the execution and delivery of this Agreement and/or the implementation of the Product by you. Nothing contained in this Section 6.2 shall be construed as an obligation by you to disclose any of your proprietary or confidential information to any third party.
7. 7. Miscellaneous
7.1. 7.1. Governing Law; Jurisdiction and Venue. This Agreement shall be governed by and construed and enforced in accordance with the laws of the State of California without reference to conflicts of law rules and principles. To the extent permitted by law, the provisions of this Agreement shall supersede any provisions of the Uniform Commercial Code as adopted or made applicable to the Products in any competent jurisdiction. This Agreement shall not be governed by the United Nations Convention on Contracts for the International Sale of Goods, the application of which is expressly excluded. The federal and state courts within the State of California shall have exclusive jurisdiction to adjudicate any dispute arising out of this Agreement. You agree that this Agreement is to be performed in Northern California and that any action, dispute, controversy, or claim that may be instituted based on this Agreement, or arising out of or related to this Agreement or any alleged breach thereof, shall be prosecuted exclusively in the courts of the State of California, in and for the City and County of San Francisco or the courts of the United States District Court, Northern District of California, and you, to the extent permitted by applicable law, hereby waive the right to change venue to any other state, county, district or jurisdiction; provided, however, that the Company as claimant shall be entitled to initiate proceedings in any court of competent jurisdiction.
7.2. 7.2. Period for Bringing Actions. No action, regardless of form, arising out of the transactions under this Agreement, may be brought by either party hereto more than one (1) year after the cause of action has occurred, or was discovered to have occurred, except that an action for infringement of intellectual property rights may be brought within the maximum applicable statutory period.
7.3. 7.3. Entire Agreement; Severability; No Waiver. This Agreement is the entire agreement between you and Company and supersedes any other proposals, communications or advertising, oral or written, with respect to the Product or to subject matter of this Agreement. You acknowledge that you have read this Agreement, understand it and agree to be bound by its terms. If any provision of this Agreement is found by a court of competent jurisdiction to be invalid, void, or unenforceable for any reason, in whole or in part, such provision will be more narrowly construed so that it becomes legal and enforceable, and the entire Agreement will not fail on account thereof and the balance of the Agreement will continue in full force and effect to the fullest extent permitted by law. No waiver of any breach of any provisions of this Agreement will constitute a waiver of any prior, concurrent or subsequent breach and no waiver will be effective unless made in writing.
Contact Information. Should you have any questions concerning this Agreement, or if you desire to contact the Company for any reason, please contact our Customer Department at:
Deerfield.net
4241 U.S. 27 South
P.O. Box 815
Gaylord, Michigan USA 49735
+ (989) 732-8856
1.4. Information in This Guide
Issues covered and not covered in this documentation.
This guide contains information on how to install, customize and manage the software products. It explains the basic concepts and the way they can be applied, and recommends ways to manage and change settings.
This guide is divided into the following chapters:
VisNetic AntiVirusfor Workstation
What is VisNetic AntiVirus for Workstation?
Information in this guide
Program installation
System requirements. How to install the software.
VisNetic AntiVirusScanner
How to use VisNetic AntiVirus Scanner
VisNetic AntiVirusMonitor
How to use VisNetic AntiVirus Monitor
VisNetic AntiVirusUpdater
How to use VisNetic AntiVirus Updater
VisNetic AntiVirusControl Center
How to use VisNetic AntiVirus Control Center
VisNetic Report Viewer
How to use VisNetic Report Viewer
Tree Chart
What is a tree chart? How to use the settings tree to configure VisNetic AntiVirus Scanner, VisNetic AntiVirus Monitor and VisNetic AntiVirus Updater.
VisNetic AntiVirusScript Checker
How to use VisNetic AntiVirus Script Checker
VisNetic AntiVirusRescue Disk
How to create and use rescue disks
VisNetic AntiVirusMail Checker
How to use VisNetic AntiVirus Mail Checker
Appendix A: Advanced checking tools
Advanced checking tools: heuristic analyzer, redundant scanning tool, unpacking and extracting engines
Appendix B: Glossary
The list of terms used in this documentation
Appendix C: Deerfield.net
Introducing Deerfield.net Contact information
1.5. Conventions
Conventions that are used in this guide
In this guide we use various conventions to emphasize different meaningful parts of the documentation.
Convention
Meaning
Bold font
Menu titles, commands, window titles, dialog elements, etc.
· Note.
Additional information, notes
· Attention!
Critical information
· To do this,
1. Step 1.
2. …
Actions that must be taken
Option name — function.
Description of the settings tree
Item 1.
Item 2.
Listed items
[switch]— function.
Command line switches
Text to be typed in by the user
Text to be typed in by the user
1.6. Help Desk for Registered Users
Services provided by Deerfield.net to registered users.
Deerfield.net offers customer support enabling its legal customers to efficiently employ VisNetic AntiVirusXE "Help desk".
If you register and purchase a subscription you will be provided with the following services for the period of your subscription:
Daily antivirus database updates provided via the Internet with the AntiVirus scheduled updater
New versions of the Deerfield.net AntiVirus software provided free of charge
Free email support advising on matters related to the operation of our antivirus software, as well as FAQ and knowledge base articles
Information about new Deerfield.net products and about new computer viruses (for those who subscribe to the Urgent Updates).
· Deerfield.net does not provide information related to operation and use of your operating system or various other technologies.
Chapter
2
2. Installation
2.1. Hardware and Software Requirements
System requirements to run the program.
In order to run VisNetic AntiVirus for Workstation you need a system that meets the following requirements:
1. Pentium processor.
2. Windows 95/98/ME, Windows NT 4.0 Workstation (Intel) with Service Pack 3 or later, Windows 2000 Professional installed, Windows XP.
3. When running under Windows NT 4.0 Workstation or Windows 2000 Operating System, it is advisable for a user to log in under the account of the local computer administrator.
4. When running under Windows 95/98/NT 4.0 Workstation Operating System Microsoft, Internet Explorer (IE) version 4.01 (SP2) or later must be preinstalled on the computer.
· When running VisNetic AntiVirus under the Windows XP Home Edition or the Windows XP Professional operating system with the Fast User Switching option selected some features of the antivirus program become unavailable: the user cannot change settings of VisNetic AntiVirus and cannot expect the program to interactively respond to events (for example when VisNetic AntiVirus detects a virus, it will not display the appropriate dialog box asking a user about how to handle the infected object).
5. At least 32 MB RAM.
6. At least 25 MB space available on the hard disk.
In addition, the monitor resolution should be set to at least 800 x 600, the small font should be selected and the system date should be set correctly.
2.2. Running the Setup Wizard
Step-by-step installation. Installing, reinstalling and removing the product.
Launch the Setup.exe to start the installation. The setup wizard operates in dialog mode. Each dialog box contains a certain set of buttons allowing management of the setup. The main buttons are:
OK - Accept actions
Cancel - Cancel actions
Next - Move one step forward
Back - Move one step backward
· Before installing VisNetic AntiVirus for Workstations make sure to quit all programs running on your computer.
2.2.1. Installing
Step 1. Read general information
The first dialog box of the setup wizard contains general information about the VisNetic AntiVirus for Workstation software package.
Step 2. Read the license agreement
The License Agreement dialog box contains the agreement text. Read it carefully and press Yes if you agree to the license agreement terms. Otherwise, press No to abort the setup.
Step 3. Input user information
Enter user information in the Customer Information dialog box. Enter the appropriate data in the User Name field and the Company Name field. By default the information for these fields is taken from the Windows registry.
Step 4. Select the folder the program will be installed to
In the Choose Destination Location dialog box, select the installation folder where the VisNetic AntiVirus for Workstation program components will be installed. To do this, press Browse and indicate the folder path in the Choose Folder standard dialog box. Press OK.
Step 5. Input the program group name in the Start\Programs menu
Step 6. Choose setup type
Choose one of the setup types in the Setup Type dialog box
Custom
You will be asked to select the required components from a list.
Easy
Only the most essential components of the package will be installed, namely: VisNetic AntiVirus Scanner, VisNetic AntiVirus Monitor, antivirus bases and the updating program.
Typical
All the VisNetic AntiVirus software package components will be installed.
Step 7. Choose the VisNetic AntiVirus components to be installed
If you selected the Custom setup, you will have to choose the required components in the Select Components dialog box.
To choose the components to be installed check the appropriate boxes at the left of the component names.
Step 8. Copying files to the hard disk
Read the setup information in the Start Copying Files dialog box. Press Next to continue the installation. The program will start copying files to the hard disk; the progress bar in the Setup Status dialog box indicates the process.
Step 9. Choose the report storage
In the Report Files Location dialog box, you must define the folder for the reports, generated by VisNetic AntiVirus for Workstation components, to be saved to.
Step 10. Define the account under which the VisNetic AntiVirus Monitor service will be started
In the VisNetic AntiVirus Monitor Service Properties dialog box , enter details of the account under which the VisNetic AntiVirus Monitor service will be started. You can use the following accounts:
· Local System account– The Windows account;
· This account – The user account which details are specified in the fields at the right.
Step 11. Enter the administration password
In the Administration password dialog box, define the password to be used to remotely access and manage components of the VisNetic AntiVirus for Workstation Software package using the VisNetic AntiVirus Administration Kit program.
Step 12. Define paths to the key files
In the Key File dialog box, you must define the key file name and path.
If the file is located in the setup folder, its name will be displayed in the List of key files to install list.
If the key file is located in a different folder, press Add and define the key file name and path in the Select Key File standard dialog box. If required, the program may simultaneously use several key files.
The key file is your personal key that contains all the housekeeping data essential for VisNetic AntiVirus to apply all of its features:
Vendor information for this version (company name, addresses, telephone numbers)
Support information (who and where support is provided)
Product release date
Name and number of the license
Functionality table for various components
Period of validity for this license
Step 13. To complete setup
Upon completion of the VisNetic AntiVirus for Workstation package installation the Completing Setup Wizard dialog box appears on the screen. Press Finish.
2.2.2. Reinstalling
If you start to reinstall the program, the Welcome dialog box will appear on your screen. In this dialog box, you must choose one of the following options:
Modify – Add new components to the existing installation
Repair - Repair the existing installation
Remove - Completely remove the VisNetic AntiVirus for Workstation installation from your computer (see subchapter 2.2.3).
To choose one of these options select the appropriate option button and press Next.
If you selected the Modify option and pressed Next, the Select Components dialog box will appear on your screen. Select the required package components by checking the appropriate boxes in the dialog box and press Next. The Setup Status and the Completing Setup Wizard dialog boxes will consequently appear on your screen.
If you selected the Repair option and pressed Next, the Setup Status and the Completing Setup Wizard dialog boxes will appear on your screen. This mode can be used if, for example, one of the files included in the VisNetic AntiVirus for Workstation package has been unintentionally deleted.
If VisNetic AntiVirus Control Center (this or a previous version) has already been installed on your computer (it could have been installed as a component of another VisNetic AntiVirus package), the setup wizard will display the Component: VisNetic AntiVirus Control Center wizard box. Use this dialog box to define installation settings of the standard settings file.
In this box, you can select one of the following options:
· Merge - Append a standard settings file to settings detected in the existing file;
· Overwrite - Install the standard settings file instead of the settings file detected on your hard drive;
· Skip - Keep the detected settings file unchanged.
If VisNetic AntiVirus Updater was already installed on your computer, a wizard box similar to the described above will appear on your screen. However, in this wizard box the Merge option will not be available. You can use this wizard box to overwrite or skip the detected settings file of VisNetic AntiVirus Updater.
2.2.3. Uninstalling
Should you for any reason wish to uninstall the VisNetic AntiVirus for Workstation program, select Remove in the Welcome dialog box and press Next.
The removal confirmation dialog box will appear on your screen. Press OK to start the removal procedure. The program files will be removed from the computer; the progress bar in the Setup Status dialog box indicates the process.
· Should the removal program detect files that may be used by other programs, the file removal confirmation dialog box will appear on your screen. Press Yes to remove the files.
Chapter
3
3. VisNetic AntiVirus Scanner
3.1. Functions and Features
Main functions of VisNetic AntiVirus Scanner.
VisNetic AntiVirus Scanner is an antivirus program that checks for viruses and deletes them on demand.
The program performs the following functions:
Detects and deletes viruses of all types in files located on user-predefined disks, in boot sectors and RAM
Detects and deletes viruses from files that have been packed using PKLITE, LZEXE, DIET, COM2EXE and other compression utilities
Detects viruses in archived files that have been archived using one of the commonly used archives, including ZIP, ARJ, LHA, RAR, etc
Detects viruses in local mailboxes of the most commonly used mail systems
Utilizes an improved heuristic detection tool that is able to search for unknown viruses (up to 92% effective).
3.2. Starting VisNetic AntiVirus Scanner
How can you start the program?
You can start the program by:
Using the Windows main menu
Using VisNetic AntiVirus Control Center
Entering the appropriate command in the command line
You can quickly start your antivirus scanner by using the appropriate Windows menu command. To do this, press the Start button, point to Programs, point to Deerfield.net, VisNetic AntiVirus, then Workstation. Point and click VisNetic AntiVirus Scanner. The program main window will appear on your screen (see subchapter 3.3.2), and you will see the scanner icon in the taskbar notification area. Click this icon to display the scanner system menu (see subchapter 3.3.1):
Another way to start VisNetic AntiVirus Scanner is by using VisNetic AntiVirus Control Center. To do this, you must first create the appropriate task and schedule it to be started by VisNetic AntiVirus Control Center at the required time and with the required settings.
To launch VisNetic AntiVirus Scanner from the command line, you must press the Start button in the Windows taskbar, point and click Run, define the full path to the file avp32.exe in the Run dialog box and press the OK button. For example, the full path to avp32.exe may look similar to the following:
С:\Program Files\Deerfield.com\VisNetic AntiVirus\Workstation\Avp32.exe
If you decide to start your antivirus scanner from the command line, you can use one of the following available switches:
[/?] Or [/H] – Displays the complete list of available command line switches
[/P=filename] - Starts VisNetic AntiVirus Scanner with settings from the defined file;
[/S] - Sets VisNetic AntiVirus Scanner to check for viruses right after the program is started;
[/W] - Sets VisNetic AntiVirus Scanner to create a report file;
[/N] - Minimizes the VisNetic AntiVirus Scanner main window once the program is started;
[/Q] - Sets VisNetic AntiVirus Scanner to close the main window once the scanning operation is complete;
[/D] - Stops VisNetic AntiVirus Scanner from being started, if the data volumes have already been successfully checked that day (that is, if VisNetic AntiVirus Scanner has already scanned the drives and the operation was not aborted and no viruses were detected);
[/@[!]=filename] - Sets VisNetic AntiVirus Scanner to scan for viruses in those files and/or folders listed in the defined file. The file defined by this switch must be in common text format (ASCII) and must contain a list of files and/or folders intended for scanning. Every line of the list should contain only one file or folder name (with a complete path indicated). If there is the character "!" in the switch (i.e. /@!=filename), the defined file will be deleted once the scanning operation is complete. If the character "!" is not used (i.e. /@=filename), this file won’t be deleted;
[/EL] – Sets VisNetic AntiVirus Scanner to ignore those files and/or folders listed in the file defined by the switch [/@[!]=filename];
[/redundant] - Enables the redundant scan tool (for details refer to subchapter 0). Redundant scanning is recommended if no virus was detected during an ordinary scanning procedure but the system is still behaving strangely (for example, there are frequent instances where the computer restarts by itself, unnaturally slow performance of applications, and so on). Otherwise, we do not recommend enabling the redundant scan tool as it noticeably slows down the scanning rate;
[/virlist=filename] - Creates a file with the defined name that will contain the list of viruses currently detectable by VisNetic AntiVirus Scanner.
[/EF] – Sets VisNetic AntiVirus Scanner to ignore those files defined in the command line. The switch /EF can be also used in a file defined by the switch /@=filename (see above). In this case the object (file or folder) listed together with the switch /EF will be ignored by VisNetic AntiVirus Scanner. If the name of the listed file contains spaces, the switch /EF must precede the filename (the switch can follow the filename, but in this case the filename must be enclosed with quotation marks). If the name of the listed file doesn’t contain spaces, the switch /EF can be positioned anywhere in the line.
· By using combinations of the switches /EF, /EL, /@ and the list of files and folders in the command line you can define various locations to be checked.
Let's consider some examples of switch applications:
Example 1. Starting the program preset to check for viruses in files within the My Documents folder.
С:\Program Files\Deerfield.com\VisNetic AntiVirus\Workstation\Avp32.exe" /S "C:\My documents"
Example 2. Starting the program preset to create a list of detectable viruses in the file E:\virlist.txt and to close the main window once the scanning operation is complete.
С:\Program Files\Deerfield.com\VisNetic AntiVirus\Workstation\Avp32.exe" /virlist=E:\virlist.txt /q
Example 3. Starting the program preset to check for viruses right after it is started, if VisNetic AntiVirus Scanner has not scanned for viruses that day or if it has but the scanning operation was aborted or viruses were detected. The program is also set to close the main window once the scanning operation is complete.
С:\Program Files\Deerfield.com\VisNetic AntiVirus\Workstation\Avp32.exe" /s/d/q
Example 4. Starting the program preset to check for viruses in files in the My Documents folder and to ignore the files listed in the file exclude.txt.
"С:\Program Files\Deerfield.com\VisNetic AntiVirus\Workstation\Avp32.exe" "C:\My documents" /EL /@=C:\exclude.txt
3.3. Program Interface
3.3.1. System menu
When you start the program the main window (see subchapter 3.3.2) appears on the screen, and the icon is displayed in the taskbar notification area; by clicking with your right mouse button on it you can display the system menu. The system menu contains the following commands:
VisNetic AntiVirus Scanner Settings - Displays the program main window.
Scan now / Stop scan – Initiates/aborts scanning
Pause Scan / Resume Scan – Pauses/resumes scanning
Change Scan Process Priority - Allows you to change the check priority (this command is available during the check).
Show Report - Displays the report window with the program performance results.
Update Now - Launches VisNetic AntiVirus Updater, the program for updating antivirus bases.
About VisNetic AntiVirus Scanner - Displays information about the program.
Unload VisNetic AntiVirus Scanner - Unloads the program from memory.
3.3.2. Main window
In the VisNetic AntiVirus Scanner main window, you can change scanning settings, start/stop scanning and review the program performance results. You can exit the main window without unloading the program from memory.
The following items are located in the VisNetic AntiVirus Scanner main window:
Menu bar
Tool bar
Work area
Status bar
3.3.3. Menu
The menu bar is located at the top of the main window. Some menu commands can be also activated using appropriate key combinations or buttons in the tool bar (see subchapter 3.3.4). The appropriate key combinations are displayed at the left of the menu commands. For details of the matching functions of key combinations, tool bar buttons and menu commands, see 3.3.4.
Menu ( Commands
Function (The command allows you to…)
File ( Open Profile
Load settings from the required profile (see subchapter 3.4.4).
File ( Save Profile
Save current settings to a file (see subchapter 3.4.4).
File ( Save Profile As
Save current settings to a different profile (see subchapter 3.4.4).
File ( Save Profile as Default
Set current profile as the default (see subchapter 3.4.4).
File ( Recent Profiles
Select the required profile from a list of ones recently used.
File ( Unload VisNetic AntiVirus Scanner
Unload the VisNetic AntiVirus Scanner program from memory.
File ( Close window
Exit the program main window.
Scan ( Start Now / Stop scan
Start / stop scanning for viruses (see subchapter 3.5.1).
Scan ( Pause Scan /Resume Scan
Suspend / resume scanning for viruses (see subchapter 3.5.1).
Scan ( Change Scan Process Priority
Change the active scanning process priority (this item is available only during the scanning process — see subchapter 3.5.2).
Scan ( View Scan Options
Display the program settings in plain text form (see subchapter 3.4.5).
Tools ( Update Now
Update antivirus bases (see subchapter 3.6).
Tools ( Show Report
Display the report window (see subchapter 3.5.3).
Tools ( Make Virus List
Generate a list of currently known viruses (see subchapter 3.7).
Help ( Contents
Display the Help topics window.
Help ( VisNetic AntiVirus on the web
Start your web browser and go to the Deerfield.net website.
Help ( About VisNetic AntiVirus Scanner
Display information about the program.
3.3.4. Tool bar
Buttons are located in the tool bar. By pressing them you can initiate various commands.
Button
Menu ( Command
Function (The button allows you to…)
File ( Open Profile
Load settings from the required profile.
File ( Save Profile
Save current settings to a profile.
—
Save current settings to a file and set this file as the default profile.
Scan ( Start Now
Start scanning for viruses.
Scan ( Pause Scan / Resume Scan
Suspend/resume scanning.
Scan ( Stop scan
Stop scanning for viruses.
Scan ( View Scan Options
Display settings in plain text form.
Tools ( Show Report
Display the report window
Tools ( Update Now
Update antivirus bases.
File ( Unload VisNetic AntiVirus Scanner
Unload the VisNetic AntiVirus Scanner program from memory.
3.3.5. Work area
3.3.5.1. The Objects, Options, Customize and Statistics categories
The main window work area is divided into two frames. The left frame contains icons with the following names: Objects, Options, Customize and Statistics. The right frame displays the settings corresponding to the left-frame icon that is currently pressed
The Objects frame allows you to define a location to be checked (the list of drives and folders), objects to be checked (e.g. sectors, files, mail databases), and rules to be followed while handling infected objects (see subchapter 3.4.1). All these settings are arranged into a special control element, the objects settings hierarchy.
The Options frame allows you to define certain general settings, and you may use a settings tree in the Customize frame to define advanced settings of your VisNetic AntiVirus Scanner (see subchapters 3.4.2, 3.4.3).
The Statistic frame displays a table with the scanner performance statistics (see subchapter 3.5.4).
3.3.5.2. The right-click menu
Each item of the settings tree has a right-click menu with commands applicable to the item.
To display the right-click menu of an item in the settings tree,
1. Place your mouse cursor on the required item.
2. Click your right mouse button. The appropriate right-click menu will appear on your screen.
3.3.6. Status bar
At the bottom of the VisNetic AntiVirus Scanner main window you can find a status bar. The status bar displays the following information:
Context-sensitive prompts / name of the examined object;
Indicator of the scanning progress.
3.4. Changing Settings
3.4.1. Objects to be checked
3.4.1.1. Defining the location to be checked
The Objects frame in the work area allows you to choose locations and objects to be checked for viruses. You may do this by selecting appropriate options in the frame hierarchies. These options may be viewed in the following two modes: Standard and Expert. To switch between these modes use the corresponding buttons in the left frame of the window work area.
With the Standard mode enabled the Objects frame is divided into two sub-frames: in the left sub-frame you may see the list of computer disks, and the right sub-frame displays settings for the item selected in the left sub-frame list.
With the Expert mode enabled, the Objects frame is divided into three sub-frames: in the upper left sub-frame you can find the file system hierarchy, the upper right sub-frame displays settings for the item selected in the upper left sub-frame hierarchy, and the lower sub-frame displays the list of files located in the root of the object selected in the upper left sub-frame. Besides in this mode the Network Neighborhood item is added to the file-system hierarchy.
Use the upper left sub-frame to define the location that must be checked for viruses. Check a box to define the corresponding object to be checked. If you uncheck a box , the corresponding object will be skipped during the check.
To scan a group of disks, check the My Computer box in the upper left sub-frame and the required check box in the upper right hierarchy:
Scan local removable disk drives - Scans all removable disks. This check box is available only if you checked the My Computer box in the upper left sub-frame. For the same result you may check boxes of all your removable disks in the upper left sub-frame.
Scan local hard disk drives - Scans all local hard disks. This check box is available only if you checked the My Computer box in the upper left sub-frame. For the same result you may check boxes of all your local hard disks in the upper left sub-frame.
Scan network drives - Scans all available network disks. This check box is available only if you checked the My Computer box in the (upper) left sub-frame. For the same results you may check boxes of all available network disks in the (upper) left sub-frame.
If you check the box of a certain location within your file system, boxes of all the locations included in the checked one will also be automatically checked. However, when in the Expert view mode you can mark the required sub-locations to be excluded from the check.
For example, you defined the disks C: and D: to be checked for viruses, but you do want the D:\public\archives directory to be excluded from the location defined to be checked. In this case you must check the C: and D: check boxes, and then you must uncheck the archives box.
If you excluded a folder from the location to be checked, a triangle will appear in the checked boxes of all the parent locations: instead of . If you excluded a certain location from the larger location that is defined to be checked for viruses, the scanner will not check it at all or will not check it using the rules defined for the parent location. You may eliminate (disable) this difference inside the larger location, or keep it for a certain period of time. For details refer to subchapter 8.4.
For every defined location within your file system you can specify separate scanning settings. For every defined location to be checked you can also specify the objects to be checked by using the settings tree in the right hand pane.
3.4.1.2. Defining objects to be checked
For locations that correspond to different levels of the file-system hierarchy the upper right frame displays different groups of settings. The maximum quantity of settings is displayed for the My Computer location. Here you can set your scanner to check your computer memory, boot sectors, groups of disks and MS Outlook Express databases. When defining settings for a disk you can enable the check of boot sectors and file systems located on this disk. For a folder you cannot disable the check of file system. You can, however, define how the scanner must process infected and suspicious objects, in what type of files it must check for viruses and enable/disable the advanced scanning modes for all the locations in the upper left frame.
Scan files of following types — scans files in the corresponding locations (including System, Hidden and Read Only files). This check box is available if you checked the My Computer or a disk box in the upper left sub-frame. You cannot uncheck it for a folder or file. If you check this box you must define file types to be checked for viruses:
All infect able - Scans all files that are able to carry a virus.
All - Scans every file of every type.
By mask - Scans the file types defined by user in the text fields below. You can specify an unlimited quantity of file types, but make sure that one text field contains only one file type.
Exclude by mask - Excludes from the check the file types defined by user in the text fields below. You can specify an unlimited quantity of file types, but make sure that one text field contains only one file type.
Scan sectors - Scans boot sectors (master boot record and boot sectors). This check box is available only if you checked the My Computer or a disk box in the upper left sub-frame.
Scan memory - Scans RAM. This check box is available only if you checked the My Computer box in the upper left sub-frame.
Scan MS Outlook Express databases - Scans MS Outlook Express databases. This check box is available only if you checked the My Computer box in the upper left sub-frame.
Scan start-up objects – Scans objects started at the operating system start. This check box is available only if you checked the My Computer box in the upper left sub-frame.
3.4.1.3. Handling infected and suspicious objects
Actions in case of virus detection — If an infected or suspicious object is detected, the program will perform one of the following actions:
Ask user - VisNetic AntiVirus Scanner will open up the dialog box. This dialog box contains the name of the infected file, the name of the detected virus and a list of possible actions to be performed with the infected object (that is, a list of all possible actions except for Ask user). In addition, the dialog box contains the Apply to all infected objects check box; by checking this box, you can apply the selected action to all infected objects detected later, and which you previously predefined to be handled by opening the dialogue box. Upon detection of the next infected object, the dialog box will not appear again. The following three buttons are located at the bottom of this dialog box: OK (accepts the selected action), Cancel (closes the dialog box and proceeds with scanning) and Stop (stops scanning for viruses).
Report only - The program will only report the infected and suspicious objects. The report can be viewed by starting the report viewer, VisNetic Report Viewer (see Chapter 0).
Disinfect - The program will try to cure all infected objects without asking first. As a result, the detected viruses will be removed, and the object will be restored as an operable one.
Make backup file before disinfection - To create a copy of the infected object before starting a cure. A directory where the copy will be created is specified in the settings tree of the Options category (see subchapter 3.4.2.2). The copy will not be deleted upon completion of treatment.
If disinfection is impossible - Not all infected objects can be cured, because some viruses damage computer data irreversibly. In this case, VisNetic AntiVirus Scanner can operate using one of the following three methods: Report only - Informs you about unsuccessful attempts at treatment, Rename object - Renames the unrecoverable file, Delete object - Deletes the damaged file.
Rename object - The program will rename all infected objects. The renaming rules are specified in the settings tree of the Options category (see subchapter 3.4.2.2).
Delete object - The program will delete all infected objects without warning.
· The Delete object and the Rename object options are applied to infected archives only if you checked the Enable delete or rename non-disinfected archives box on the Options page.
3.4.1.4. Advanced scanning modes
3.4.1.4.1. Scanning compound objects
You can enable advanced scanning modes to check for viruses in archives, packed files, mail databases and plain mail formats (for details see Appendix А).
Scan compound files of the following types — Check this box to process compound objects as folders containing a set of objects.
3.4.1.4.2. Scanning archives and self-extracting files
Archives - Check this box to search for viruses in files archived using ZIP, ARJ, LHA, RAR, CAB and some other archiving utilities.
VisNetic AntiVirus is not able to delete viruses from archives, it is able only to detect them. In addition, VisNetic AntiVirus does not extract password-protected archives.
Therefore, if you set VisNetic AntiVirus Scanner to delete or rename infected objects, it is advisable that you check the Archives box and uncheck the
Enable delete or rename non-disinfected archives box on the Options page. In this case the program will only report the infected file detected within an archive, but it will not delete or rename the archive itself. Later, you will be able to extract the archive and delete viruses from extracted files by using your VisNetic AntiVirus Scanner.
· If the Enable delete or rename non-disinfected archives box is checked, you may loose data that can be recovered later.
Archives with self-extractors - Check this box to search for viruses in self-extracting archives, i.e. executable files that can be started to extract the archived files. Some self-extracting archives also immediately start one of the extracted files.
The extracting tool is able to correctly extract files that have been compressed multiple times. It can also deal with some versions of immunizers, programs protecting executable files from viruses by attaching checking code blocks (CPAV and F-XLOCK) and enciphering programs (CryptCOM) to them.
3.4.1.4.3. Scanning mail databases and plain mail files
The program is able to search for viruses in mail databases and plain mail files.
Mail databases - Check this box to search for viruses in mail databases of the following formats:
· Microsoft Outlook, Microsoft Exchange (the .pst and the .pab extension files, the MS Mail archive type);
· Microsoft Internet Mail (the .mbx extension files, the MS Internet Mail archive type).
· Eudora Pro & Lite;
· Pegasus Mail;
· Netscape Navigator Mail;
· JSMail SMTP/POP3 server (user database).
· If the mail database scan mode is enabled, VisNetic AntiVirus Scanner checks every entry in mail databases and scans attached files. The following formats are supported: UUEncode; XXEncode; btoa (up to 5.0); btoa 5.*; BinHex 4.0; ship; NETRUN 3.10; NETSEND 1.0 (not packed); NETSEND 1.0C (packed); MIME base 64.
Plain mail - Check this box to search for viruses in plain mail files of the formats Eudora Pro & Lite, Pegasus Mail, Netscape Navigator Mail, JSMail, and user databases on SMTP/POP3 servers.
· If the plain mail check mode is enabled, VisNetic AntiVirus checks every file for a message header. If a message header is detected, the program searches for attached data (UUEncode, XXEncode and etc.) and checks it for viruses.
The mail database and plain mail modes noticeably slow down the VisNetic AntiVirus Scanner scanning rate. For that reason we do not recommend their use in regular virus checks.
· VisNetic AntiVirus Scanner is not able to delete viruses from mail databases and plain mail files, it is able only to detect them. However, if you check the Scan MS Outlook Express databases box, the program will be enabled to detect and delete viruses from MS Outlook Express (5.0 and later) databases.
3.4.1.4.4. Scanning embedded objects
The program allows you to check for viruses not only in files, but also in the objects embedded in these files using the OLE technology.
Embedded objects - Check this box to search for viruses in OLE objects embedded in the examined files.
3.4.1.4.5. Heuristic detecting module
You can enable the built-in heuristic detection module to scan for viruses that are unknown to the program (not described in current antivirus bases).
Enable Code Analyzer - Check this box to scan for viruses using the heuristic detecting module.
3.4.2. General settings: Options
The Options frame contains options allowing you to choose how the scanner should report performance statistics and rename the infected files it detected. Here you can also set the scanning priority.
3.4.2.1. Reporting options
Save report file - Check this box to save the report to a file. If you check the box, you will be able to monitor the performance of VisNetic AntiVirus Scanner using VisNetic Report Viewer (see Chapter 0). When displaying the performance results, this program will use settings defined in the Save report file branch.
Report file name – Use this field to define the report file name
· By default the report file is created in the directory that you specified during program installation. If the program operates independently of VisNetic AntiVirus Control Center, you can re-define this directory by specifying the full path to your report file. If the program is controlled by VisNetic AntiVirus Control Center, you cannot re-define this directory.
Show pack info in the report - Check this box to receive reports about packed and archived objects. These messages have the following format in the VisNetic Report Viewer table: the Object column shows the object name, the Result column shows the Packed or Archive strings and the Description column shows the name of the corresponding compressing or archiving utility.
Show clean object info in the report - Check this box receive reports about virus free objects. These messages have the following format in the VisNetic Report Viewer table: the Object column shows the object name, the Result column shows the OK string.
Append - Check this box to append new reports to the existing report file. This is useful if you want to keep reports on several or all the previous checks. If the box is not checked, every time VisNetic AntiVirus Scanner is started it will create a new report file.
Limit size to (KB) - Check this box to limit the size of the report file to the value specified in the field below. The default value is 2048 KB.
3.4.2.2. Renaming options
For renaming or copying of infected objects use - These option buttons allow you to choose between moving infected objects to a special folder and renaming them. The program will apply this setting to those objects for which you selected the Rename object option in the Objects settings tree (see subchapter 3.4.1.3).
Special folder - This option button moves infected objects to a special directory defined in the text field below. In this case, infected objects are moved to the folder with their names and extensions unchanged.
The object folder - This option button renames infected objects, i.e. changes their extensions to the one defined in the Extension of infected file field.
Enable delete or rename non-disinfected archives – Check this box to allow the program to delete or rename infected archives. This check box is used only for those objects for which you selected the Delete object or the Rename object options (respectively) in the Objects settings tree. It is not advisable to check this box, since you may loose data that can be recovered later.
3.4.2.3. Defining priority
Assign the scan process priority to - Allows you to define the priority of the check. You can select one of the following three values:
High – the operating system will transfer CPU control to your VisNetic AntiVirus Scanner more frequently and for longer periods than to other applications;
Normal – the CPU will pass control to your VisNetic AntiVirus Scanner as frequently as to other applications;
Low – the CPU control is transferred to your VisNetic AntiVirus Scanner less frequently and for shorter runs than to other applications.
3.4.3. Advanced settings: Customize
The Customize frame contains option allowing you to define advanced settings of the program.
Use sound effects for the following events - Check this box to play sounds when checking for and deleting viruses.
Infected object found - Allows you to set the sound file that is played each time an infected object is detected. While selecting files in the corresponding window you can use the Test button to listen to them.
Scan process finished - Allows you to set the sound file that is played when the check is finished. While selecting files in the corresponding window you can use the Test button to listen to them.
Pop-up Scanner window after scan finishes - Check this box to display the program main window with the VisNetic AntiVirus Scanner performance statistics right after the check is finished. If your VisNetic AntiVirus Scanner main window is closed and you started scanning for viruses from the system menu, the main window will appear on your screen right after the check is finished.
Switch to "Statistic" tab after scan starts - Check this box to switch to the Statistic frame right after VisNetic AntiVirus Scanner starts checking for viruses.
Switch to "Statistic" tab after scan finishes - Check this box to switch to the Statistic frame right after VisNetic AntiVirus Scanner finishes checking for viruses.
Prompt next disk insertion for removable drives - Check this box to set the program to prompt for the next removable disk. In this case VisNetic AntiVirus Scanner will scan for viruses on the removable drive you offered and, when finished, will ask for the next removable drive. This setting is used if you preset VisNetic AntiVirus Scanner to scan data only on the removable drive.
Display attention messages - Check this box to display other warning messages.
Check new updates - Check this box to automatically start the antivirus database-updating program on a regular basis. In the Check interval (days) dialog box, set the required interval between two automatic starts (the dialog box is displayed right after you check this box).
· If you are working with program settings from VisNetic AntiVirus Control Center you will not find some of the Customize settings listed above. These settings make no sense if you are using VisNetic AntiVirus Control Center.
3.4.4. Saving/loading settings
If you frequently set your VisNetic AntiVirus Scanner a certain way, you may save these settings to a file. These settings will be stored there and if you need to set the VisNetic AntiVirus Scanner the same way later, you can simply load them from this file. Files with VisNetic AntiVirus Scanner settings are called scanner profiles. For example, you may want create a profile with settings allowing you to check for viruses in several diskettes one after another, or you may wish to create a separate profile with settings allowing you to thoroughly check for viruses in all the files in your computer, etc.
You can also set one profile to be loaded by default. Each time you start your VisNetic AntiVirus Scanner it will load settings from this profile.
Main Menu
Toolbar
Key combination
To load settings from a profile
File ( Open Profile
+
To save settings to a file
File ( Save Profile, File ( Save Profile As
+
To define the profile to be loaded by default
File ( Save Profile as Default
· By default, VisNetic AntiVirus Scanner profiles have the .klr extension.
· If no profile is set to be loaded by default, VisNetic AntiVirus Scanner will use the default settings defined in the program code.
3.4.5. Previewing settings before the check
You can review your scanner settings in text form. The text describes rules specified for all the objects of your file system: from My Computer to separate files. For example, if the rules that your VisNetic AntiVirus Scanner uses to check and process the autoexec.bat file differ from those used for the parent object - System disk (C:), a list of these rules will be displayed separately.
To review the text describing your VisNetic AntiVirus Scanner settings, select the View Scan Options command from the File menu or click the toolbar button .
The Scan Options windows containing values of the Objects and Options settings will appear on your screen. You can view and copy the setting values. When you finished working with this window click OK.
Scanner settings in text form are also written at the beginning of your report file.
3.5. Checking For and Deleting Viruses
3.5.1. Starting and aborting the check
Scanning for viruses can be initiated/terminated automatically via VisNetic AntiVirus Control Center, or on demand from both VisNetic AntiVirus Control Center, and the VisNetic AntiVirus Scanner main window.
When VisNetic AntiVirus Scanner starts checking for viruses, you can suspend/resume the scanning process, change the process priority or stop scanning.
Main menu
System menu
Toolbar
Starting
Scan ( Start Now
Start Now
Aborting
Scan ( Stop scan
Stop Scan
Pausing
Scan ( Pause Scan
Pause Scan
Resuming
Scan ( Resume Scan
Resume Scan
Let's review the operations performed by VisNetic AntiVirus Scanner right after it is started. First, the program loads antivirus bases and checks itself for viruses. If the program is successfully loaded, the following string appears at the bottom of the program main window:
Antiviral bases were loaded. Known viruses: XXXX
Where XXXX is the number of viruses described in the antivirus bases. If the program is infected, it will try to disinfect itself. If the virus was successfully deleted the program will be restarted and you will see a message that all the viruses have been deleted. If the program fails to disinfect itself, it will not be started and the corresponding information window will appear on your screen. If you have the virus-free distribution copy of VisNetic AntiVirus, delete the infected program and reinstall VisNetic AntiVirus on your computer.
· When finished checking for viruses, VisNetic AntiVirus Scanner generates appropriate exit codes that can be used to create batch files. The program can return one of the following values:
0 - No viruses detected
1 - Scanning was interrupted
2 - Detected objects contain a modified or damaged virus
3 - Suspicious objects were detected
4 - One or more viruses were detected
5 - All infected objects are disinfected
7 - VisNetic AntiVirus Scanner is corrupted
10 -VisNetic AntiVirus Scanner internal error
3.5.2. Changing priority of the check
You may change the priority of the check without aborting it. To do this, follow these steps:
3. Select the Change Scan Process Priority command from the Scan menu.
Select the required value (for more detail, see subchapter 3.4.2.3) from the drop-down list in the dialog box that appears on your screen.
· When the check is in progress you cannot change other settings! If you want to change other settings, first you must abort the check, then change settings and restart the check again.
3.5.3. Monitoring progress
If you enabled VisNetic AntiVirus Scanner to report on its performance (see subchapter 3.4.2.1), you can use the VisNetic Report Viewer program to monitor the performance in progress. To start the program, select the Show report command from the Tools menu, or click the toolbar button . The VisNetic Report Viewer main window allowing you to monitor your VisNetic AntiVirus Scanner progress will appear on your screen (see chapter 0).
3.5.4. Viewing statistics
If you enabled VisNetic AntiVirus Scanner to report on its performance you can view the performance statistics in progress in the Statistics frame.
The frame table is divided into the following two sections: Scanned and Found. The Scanned section displays numbers of checked sectors, files, folders, archives and compressed files. The Found section displays the numbers of:
Viruses detected
Virus bodies (that is, the number of files infected by a known virus)
Disinfected objects (that is, the number of objects from which viruses were correctly deleted)
Deleted objects
Renamed objects
Warnings, i.e. messages about objects containing codes similar to known virus modifications
Suspicious objects (that is, Code Analyzer notifications)
Corrupted objects
I/O errors
At the bottom of the frame you can see the scan speed (КBS per second) and the time that your scanner spent checking for viruses in all the objects.
3.6. Updating Antivirus Bases
You can start the antivirus database-updating program from your VisNetic AntiVirus Scanner main window. To do so, select the Update now command from the Tools menu or click the toolbar button .
3.7. Generating a List of Currently Known Viruses
· You can generate and review the list of currently known computer viruses. To do this, follow these steps:
1. Select the Make Virus List command from the Tools menu. This command starts VisNetic Virus List Generator.
2. In the VisNetic Virus List Generator dialog box on your screen, define the file name for the list to be saved to. To do this, use the Browse button.
3. Press the Generate button.
To display the list, press the Show list button. This button starts Report Viewer, which can be used to review the generated list of viruses.
To exit the VisNetic Virus List Generator dialog box press the Exit button.
You can start VisNetic Virus List Generator directly from the Windows main menu. To do this, press the Start button in the left bottom corner of your Win