From eScan Wiki
| Revision as of 15:43, 25 November 2008 WikiSysop (Talk | contribs) ← Previous diff | Current revision WikiSysop (Talk | contribs) | ||
| Line 1: | Line 1: | ||
| - | == '''File Anti-Virus (Virus & Malware protection)''' == | + | {| class="wikitable" border="0" | 
| + | |- | ||
| + | {| id="mp-topbanner" style="width:100%; background:#fcfcfc; margin-top:1.2em; border:1px solid #ccc;" | ||
| + | | style="width:10%; color:#000;" | | ||
| + | {| style="width:100px; border:none; background:none;" | ||
| + | | [[Image:escan-g.jpg]] | ||
| + | |} | ||
| + | |style="text-align:left;"|'''·''' [[Escan/english/FAQ-eScan|<font size=1.5 color="blue" align="left">eScan</font>]]  '''·''' [[Escan/english/MailScan-AFT|<font size=1.5 color="blue">MailScan</font>]]  '''·''' [[Escan/english/Technologies|<font size=1.5 color="blue">Technologies</font>]] | ||
| + | |style="text-align:right;"|  '''·''' [[Technical Info|<font size=1.5 color="blue">Technical Info</font>]]  '''·''' [[Escan/english/Security_Awareness|<font size=1.5 color="blue">Security Awareness</font>]]  '''·''' [[User_Guides|<font size=1.5 color="blue">User Guides</font>]] | ||
| + | |} | ||
| + | {| class="wikitable" border="0" | ||
| + | |} | ||
| - | [['''Description''']] | + | <h2 id="mp-tfp-h2" style="margin:0; background:#C7E587; font-size:120%; font-weight:bold; border:10 solid #afa3bf; text-align:left; color:#000; padding:0.2em 0.4em">eScan Version 10 Online Help</h2> | 
| + | {| class="wikitable" border="0" | ||
| + | |- | ||
| + | |width="1000pt"| | ||
| + | |} | ||
| - | File Anti-Virus monitors and safeguards your system on real time basis against viruses, spyware, adware and other malicious objects as and when file(s) are accessed / executed or running in the memory. | + | <div align="justify"> | 
| + | <U>'''File Anti-Virus'''</U> | ||
| + | <I>This section provides the description of eScan’s File Antivirus and various settings that can be configured for <U>Real time Monitoring</U> by File Antivirus for any malicious objects and actions to be taken on detection.</I> | ||
| - | '''Status displayed in the main Protection Window''' | + | |
| + | __TOC__ | ||
| + | |||
| + | =='''Description'''== | ||
| + | |||
| + | File Anti-Virus monitors and safeguards your system on real time basis against viruses, spywares, adwares and other malicious objects, as and when these objects are accessed / executed or are running in the memory. Real time monitoring means scanning of each files before being executed and as well as those processes also that are running in the System's memory. | ||
| + | |||
| + | |||
| + | =='''Status in main Protection Center Window'''== | ||
| - | The green colored Tick mark indicates the File Anti-Virus is active and running. | + | The <U><B><font color="Green"> '''green'''</font></B></U> colored Tick <U><B><font color="Green">(√)</font></B></U> mark indicates the File Anti-Virus is active and running. | 
| - | The red colored Cross mark indicates the File Anti-Virus is inactive and stopped. | + | The <U><B><font color="Red"> '''red'''</font></B></U> colored Cross <U><B><font color="Red">(X)</font></B></U> mark indicates the File Anti-Virus is inactive and stopped. | 
| - | '''Configuration section ''' | + | =='''Configuration section '''== | 
| - | ''Status'' | + | <U>''Status''</U> | 
| - | File Anti-Virus Status – This will display the status of File Anti-Virus either in running or disabled mode. | + | :*File Anti-Virus Status – This displays the status of File Anti-Virus, whether it is in running or disabled mode. | 
| - | Proactive Scan Status – This will display the status of Proactive Scan either in enabled or disabled mode. (For detail please check below in the section '''II.Options''') | + | :*Proactive Scan Status – This will display the status of Proactive Scan, whether it is in enabled or disabled mode. (For detail please check in the section <U>'''II.Options'''</U> below) | 
| - | Action – This will show the action in case of virus detection. | + | :*Action – This will display the status of the action that will be taken in case of any viruses or any malware is detected. | 
| - | ''Stop / Start buttons'' – Clicking stop / start button will disable or enable the File Anti-Virus. | + | :''Stop / Start button'' – Clicking stop / start button will disable or enable the File Anti-Virus. The Stop and Start toggles as per the state of the File Antivirus. | 
| - | ''Settings button ''– To configure the File Anti-Virus for real time monitoring click on the Settings button. | + | :''Settings button ''– To configure the File Anti-Virus for real time monitoring click on the Settings button. | 
| Line 33: | Line 58: | ||
| - | ''On the left hand side:- '' | + | :<U>''On the left hand side panel:- ''</U> | 
| - | '''A. Objects to be scanned''' – This section lists the drives, removable and non-removable including the network drives, installed or mapped with the system that will be monitored and scanned. | + | |
| + | ::'''A. Objects to be scanned''' – This section lists the drives, removable and non-removable including the network drives, installed or mapped with the system that will be monitored and scanned. | ||
| - | ''On the right hand side:- '' | ||
| - | '''a. Action in case of virus detection -''' The default action is set to first disinfect (clean) and when disinfection is not possible then delete the object. It is recommended to keep the default settings. | ||
| - | * Report Only – When selected, File Anti-Virus will only display an attention message informing about the entry / attack by a virus / malware. | ||
| - | * Disinfect – This is the default action taken by File Anti-Virus on any virus / malware detected. | ||
| - | [Make backup before disinfection option – On selecting this option a backup of the infected file will be saved, in a non-executable format, before being disinfected]. | ||
| - | * If disinfection is impossible: This is an alternate action in case if disinfection of the virus/malware is not possible.The below are the actions that can be selected: | ||
| - | ** Report Only | ||
| - | ** Quaratnine Object | ||
| - | ** Delete Object | ||
| + | :<U>''On the right hand side panel:- ''</U> | ||
| - | '''B. Scan local removable disk drives -''' This option selected will scan all local removable disk drives attached onto the system like the floppy, cd, usb, etc... | + | ::'''A. Action in case of virus detection -''' The default action is set to first disinfect (clean) and when disinfection is not possible then delete the object. It is recommended to keep the default settings. | 
| + | :::* Report Only – When selected, File Anti-Virus will only display an attention message informing about the entry / attack by a virus / malware. | ||
| + | :::* Disinfect – This is the default action taken by File Anti-Virus on any virus / malware detected. | ||
| + | ::::[Make backup before disinfection option – On selecting this option a backup of the infected file will be saved, in a non-executable format, before being disinfected]. | ||
| + | :::* If disinfection is impossible: This is an alternate action in case if disinfection of the virus/malware is not possible.The below are the actions that can be selected: | ||
| + | ::::* Report Only | ||
| + | ::::* Quaratnine Object | ||
| + | ::::* Delete Object | ||
| - | '''C. Scan local hard disk drives -''' This option selected will scan all the local hard disk drives. | + | ::'''B. Scan local removable disk drives -''' This option selected will scan all local removable disk drives attached onto the system like the floppy, cd, usb, etc... | 
| - | '''D. Scan network drives -''' This option selected will scan for the network drives (mapped network folders or drives to the local drive) on to this system. | + | ::'''C. Scan local hard disk drives -''' This option selected will scan all the local hard disk drives. | 
| - | '''E. Scan files of following types -''' This option selected will scan files of types listed in the category. Below are the categorised options: | + | ::'''D. Scan network drives -''' This option selected will scan for the network drives (mapped network folders or drives to the local drive) on to this system. | 
| - | * All Infectable - This option when selected will scan only those objects that are pre-defined in the list of eScan infectable files/objects and as per the eScan anti-virus signature database. | + | |
| - | * All - This option selected will scan all the files/objects in the system. | + | |
| - | * By Mask - This option scans for all file types (objects) that are listed in this section. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option. | + | |
| - | '''F. Exclude by mask –''' This option when selected, File Anti-Virus monitor will exclude all those objects from real time monitoring / scanning that has been listed. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option. | + | ::'''E. Scan files of following types -''' This option selected will scan files of types listed in the category. Below are the categorised options: | 
| + | :::* All Infectable - This option when selected will scan only those objects that are pre-defined in the list of eScan infectable files/objects and as per the eScan anti-virus signature database. | ||
| + | :::* All - This option selected will scan all the files/objects in the system. | ||
| + | :::* By Mask - This option scans for all file types (objects) that are listed in this section. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option. | ||
| - | '''G. Not a virus list –''' eScan File Anti-Virus has the capability to detect Riskware objects, a software which actually was not programmed and intended as malware, but can be a risk to security critical functions. A potentially dangerous software. | + | ::'''F. Exclude by mask –''' This option when selected, File Anti-Virus monitor will exclude all those objects from real time monitoring / scanning that has been listed. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option. | 
| - | This option selected will exclude those softwares from File Anti-Virus taking any type of action on those objects considered as RISKWARE. As well, can be customised like adding a particular software name by double clicking on Add / Delete option. | + | |
| - | For example - remote admin softwares like Vnc, RaAdmin, etc... | + | |
| - | '''H. Exclude folders -''' This option when selected will exclude all the liste folders and sub-folders from being monitored/scanned by File Anti-Virus. As well, can be customised like adding or deleting a folder by double clicking on Add / Delete option. | + | ::'''G. Not a virus list –''' eScan File Anti-Virus has the capability to detect Riskware objects, a software which actually was not programmed and intended as malware, but can be a risk to security critical functions. In short a potentially dangerous software. | 
| + | ::This option selected will exclude those softwares from File Anti-Virus taking any type of action on those objects considered as RISKWARE. As well, can be customised like adding a particular software name by double clicking on Add / Delete option. For example - remote admin softwares like Vnc, RaAdmin, etc... | ||
| - | '''I. Scan compound objects -''' This option enables to scan files that are archived and packed. | + | ::'''H. Exclude folders -''' This option when selected will exclude all the liste folders and sub-folders from being monitored/scanned by File Anti-Virus. As well, can be customised like adding or deleting a folder by double clicking on Add / Delete option. | 
| - | '''J. Enable code analyzer -''' This option scans for suspicious objects or unknown activity happening on the infected system using the heuristic analyzer i.e. it scans using the traditional method of detecting an object as infected based on the definitions /updates (cure) available within the software, but in addition, also checks for the behavioral activity happening on the system. | + | ::'''I. Scan compound objects -''' This option enables to scan files that are archived and packed. | 
| + | |||
| + | |||
| + | ::'''J. Enable code analyzer -''' This option scans for suspicious objects or unknown activity happening on the infected system using the heuristic analyzer i.e. it scans using the traditional method of detecting an object as infected based on the definitions /updates (cure) available within the software, but in addition, also checks for the behavioral activity happening on the system. | ||
| '''II. Options –''' Here the basic settings of File Anti-Virus, like destination path of logs, destination path for Quarantined objects and can be configure is helpful in defining the path of the report file (log), folder to be used in case of an infection, size limit of files for real time monitoring. | '''II. Options –''' Here the basic settings of File Anti-Virus, like destination path of logs, destination path for Quarantined objects and can be configure is helpful in defining the path of the report file (log), folder to be used in case of an infection, size limit of files for real time monitoring. | ||
| - | '''i. Save report file -''' This option enables you to set the destination path of the File Anti-Virus report file (log). This logs information of the files scanned and the act. | + | ::'''i. Save report file -''' This option enables you to set the destination path of the File Anti-Virus report file (log). This logs information of the files scanned and the act. | 
| - | * Show pack info in the report – When selected will add the information in the log for the packed files (like zip, rar etc…) | + | :::* Show pack info in the report – When selected will add the information in the log for the packed files (like zip, rar etc…) | 
| - | * Show clean object info in the report - When selected will add the information in the log for clean files as well (this is for debugging purpose). | + | :::* Show clean object info in the report - When selected will add the information in the log for clean files as well (this is for debugging purpose). | 
| - | * Limit size to (kb) – This option will set the size of the log file. | + | :::* Limit size to (kb) – This option will set the size of the log file. | 
| - | '''ii. For quarantine of infected objects –''' Here the destination path of Quarantined object can be set. By default the quarantined path will be "C:\Progra~1\eScan\Infected" . | + | |
| + | ::'''ii. For quarantine of infected objects –''' Here the destination path of Quarantined object can be set. By default the quarantined path will be "C:\Progra~1\eScan\Infected" . | ||
| + | |||
| + | ::'''iii. Limit file size to (KB) -''' This option enables you to set a limit size of the object / file for real time scanning. The default value is set to 1024 Kb. | ||
| + | |||
| + | ::'''iv. Enable Proactive Scan – '''This option when enabled, will check for any suspicious file that is being executed in the system. A pop-up will be displayed whether to allow the application to be executed or to be blocked. | ||
| + | |||
| + | ::'''v. Use sound effects for the following events –''' This option when enabled, this will play a sound on detection of any viruses / malwares (the system speakers need to be switched ON) along with a pop-up. | ||
| + | |||
| + | ::'''vi. Display attention messages -''' This option when enabled would display an attention / warning (alert) displaying the path and name of the infected object and the action taken. | ||
| + | |||
| + | |||
| + | |||
| + | =='''Reports section '''== | ||
| + | |||
| + | ::* Total Files Scanned – Total files scanned by real time File Anti-virus monitor. | ||
| + | ::* Dangerous Objects Detected – Total virus / malwares detected by File Anti-virus monitor on real time. | ||
| + | ::* Last File Scanned – Name of the last file scanned on real time basis. | ||
| + | |||
| + | :'''a. View Statistics''' – Clicking on View Statistics will display the latest activity report of the real-time monitor like - | ||
| + | ::* The current details of the system date and time along with the details if the eScan Anti-Virus monitor is loaded (running) or not. | ||
| + | ::* The number of viruses being detected | ||
| + | ::* The scanning details like, last Objects scanned, name of the virus detected etc… | ||
| - | '''iii. Limit file size to (KB) -''' This option enables you to set a limit size of the object / file for real time scanning. The default value is set to 1024 Kb. | + | :'''b. View Quarantined Objects –''' Clicking on View Quarantined Objects will display the the files that are quarantined and backup files. | 
| + | ::* Quarantine - This option displays the files that are quarantined. The quarantined objects can be Restored / Deleted by right clicking on the object. | ||
| + | ::* Backup - This option displays the files that are backed up before disinfection. The backed up objects can be Restored / Deleted by right clicking on the object. | ||
| - | '''iv. Enable Proactive Scan – '''This option when enabled, will check for any suspicious file that is being executed in the system. A pop-up will be displayed whether to allow the application to be executed or to be blocked. | + | :'''c. View Log –''' Clicking on View Log will display the eScan File Anti-Virus report. | 
| - | '''v. Use sound effects for the following events –''' This option when enabled, this will play a sound on detection of any viruses / malwares (the system speakers need to be switched ON) along with a pop-up. | ||
| - | '''vi. Display attention messages -''' This option when enabled would display an attention / warning (alert) displaying the path and name of the infected object and the action taken. | ||
| + | ==<I>'''[http://download1.mwti.net/wiki/index.php/Glossary Glossary]'''</I>== | ||
| + | ==<I>'''[http://download1.mwti.net/wiki/index.php/EScan_ver.10 Main Feature Index]'''</I>== | ||
| - | '''Reports section ''' | + | <br/> | 
| - | ''' '''''Statistics'' | + | </div> | 
| - | * Total Files Scanned – Total files scanned on real time basis. | + | |
| - | * Dangerous Objects Detected – Total virus / malwares detected on real time basis. | + | |
| - | * Last File Scanned – Name of the last file scanned on real time basis. | + | |
| - | '''a. View Statistics''' – Clicking on View Statistics will display the latest activity report of the real-time monitor like - | + | |
| - | * The current details of the system date and time along with the details if the eScan Anti-Virus monitor is loaded (running) or not. | + | |
| - | * The number of viruses being detected | + | |
| - | * The scanning details like, last Objects scanned, name of the virus detected etc… | + | |
| - | '''b. View Quarantined Objects –''' Clicking on View Quarantined Objects will display the the files that are quarantined and backup files. | ||
| - | * Quarantine - This option displays the files that are quarantined. The quarantined objects can be Restored / Deleted by right clicking on the object. | ||
| - | * Backup - This option displays the files that are backed up before disinfection. The backed up objects can be Restored / Deleted by right clicking on the object. | ||
| - | '''c. View Log –''' Clicking on View Log will display the eScan File Anti-Virus report. | + | <!--{| id="mp-bottombanner" style="width:100%; background:#fcfcfc; margin-top:1em; border:0px solid #ccc;" | 
| + | | style="width:56%; color:#000;" | | ||
| + | {|align="center" width="150px" | | ||
| + | |[[Image:product_logo.JPG|centre]] | ||
| + | |}--> | ||
Current revision
| 
 | · eScan · MailScan · Technologies | · Technical Info · Security Awareness · User Guides | 
eScan Version 10 Online Help
File Anti-Virus
This section provides the description of eScan’s File Antivirus and various settings that can be configured for Real time Monitoring by File Antivirus for any malicious objects and actions to be taken on detection.
| Contents | 
Description
File Anti-Virus monitors and safeguards your system on real time basis against viruses, spywares, adwares and other malicious objects, as and when these objects are accessed / executed or are running in the memory. Real time monitoring means scanning of each files before being executed and as well as those processes also that are running in the System's memory.
Status in main Protection Center Window
The green colored Tick (√) mark indicates the File Anti-Virus is active and running.
The red colored Cross (X) mark indicates the File Anti-Virus is inactive and stopped.
Configuration section
Status
- File Anti-Virus Status – This displays the status of File Anti-Virus, whether it is in running or disabled mode.
 
- Proactive Scan Status – This will display the status of Proactive Scan, whether it is in enabled or disabled mode. (For detail please check in the section II.Options below)
 
- Action – This will display the status of the action that will be taken in case of any viruses or any malware is detected.
 
- Stop / Start button – Clicking stop / start button will disable or enable the File Anti-Virus. The Stop and Start toggles as per the state of the File Antivirus.
- Settings button – To configure the File Anti-Virus for real time monitoring click on the Settings button.
I. Objects - This option helps in configuring the various file(s) / drive(s) on the system that should be included during real time monitoring and scanning by the File-Anti-Virus and accordingly take the required action. 
- On the left hand side panel:-
- A. Objects to be scanned – This section lists the drives, removable and non-removable including the network drives, installed or mapped with the system that will be monitored and scanned.
 
- On the right hand side panel:-
- A. Action in case of virus detection - The default action is set to first disinfect (clean) and when disinfection is not possible then delete the object. It is recommended to keep the default settings. 
- Report Only – When selected, File Anti-Virus will only display an attention message informing about the entry / attack by a virus / malware.
- Disinfect – This is the default action taken by File Anti-Virus on any virus / malware detected.
 - [Make backup before disinfection option – On selecting this option a backup of the infected file will be saved, in a non-executable format, before being disinfected].
 - If disinfection is impossible: This is an alternate action in case if disinfection of the virus/malware is not possible.The below are the actions that can be selected:
 - Report Only
- Quaratnine Object
- Delete Object
 
 
 
 
- A. Action in case of virus detection - The default action is set to first disinfect (clean) and when disinfection is not possible then delete the object. It is recommended to keep the default settings. 
- B. Scan local removable disk drives - This option selected will scan all local removable disk drives attached onto the system like the floppy, cd, usb, etc...
 
- C. Scan local hard disk drives - This option selected will scan all the local hard disk drives.
 
- D. Scan network drives - This option selected will scan for the network drives (mapped network folders or drives to the local drive) on to this system.
 
- E. Scan files of following types - This option selected will scan files of types listed in the category. Below are the categorised options:
- All Infectable - This option when selected will scan only those objects that are pre-defined in the list of eScan infectable files/objects and as per the eScan anti-virus signature database.
- All - This option selected will scan all the files/objects in the system.
- By Mask - This option scans for all file types (objects) that are listed in this section. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option.
 
 
 
- E. Scan files of following types - This option selected will scan files of types listed in the category. Below are the categorised options:
- F. Exclude by mask – This option when selected, File Anti-Virus monitor will exclude all those objects from real time monitoring / scanning that has been listed. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option.
 
- G. Not a virus list – eScan File Anti-Virus has the capability to detect Riskware objects, a software which actually was not programmed and intended as malware, but can be a risk to security critical functions. In short a potentially dangerous software.
- This option selected will exclude those softwares from File Anti-Virus taking any type of action on those objects considered as RISKWARE. As well, can be customised like adding a particular software name by double clicking on Add / Delete option. For example - remote admin softwares like Vnc, RaAdmin, etc...
 
- H. Exclude folders - This option when selected will exclude all the liste folders and sub-folders from being monitored/scanned by File Anti-Virus. As well, can be customised like adding or deleting a folder by double clicking on Add / Delete option.
 
- I. Scan compound objects - This option enables to scan files that are archived and packed.
 
- J. Enable code analyzer - This option scans for suspicious objects or unknown activity happening on the infected system using the heuristic analyzer i.e. it scans using the traditional method of detecting an object as infected based on the definitions /updates (cure) available within the software, but in addition, also checks for the behavioral activity happening on the system.
 
II. Options – Here the basic settings of File Anti-Virus, like destination path of logs, destination path for Quarantined objects and can be configure is helpful in defining the path of the report file (log), folder to be used in case of an infection, size limit of files for real time monitoring. 
- i. Save report file - This option enables you to set the destination path of the File Anti-Virus report file (log). This logs information of the files scanned and the act. 
- Show pack info in the report – When selected will add the information in the log for the packed files (like zip, rar etc…)
- Show clean object info in the report - When selected will add the information in the log for clean files as well (this is for debugging purpose).
- Limit size to (kb) – This option will set the size of the log file.
 
 
 
- i. Save report file - This option enables you to set the destination path of the File Anti-Virus report file (log). This logs information of the files scanned and the act. 
- ii. For quarantine of infected objects – Here the destination path of Quarantined object can be set. By default the quarantined path will be "C:\Progra~1\eScan\Infected" .
 
- iii. Limit file size to (KB) - This option enables you to set a limit size of the object / file for real time scanning. The default value is set to 1024 Kb.
 
- iv. Enable Proactive Scan – This option when enabled, will check for any suspicious file that is being executed in the system. A pop-up will be displayed whether to allow the application to be executed or to be blocked.
 
- v. Use sound effects for the following events – This option when enabled, this will play a sound on detection of any viruses / malwares (the system speakers need to be switched ON) along with a pop-up.
 
- vi. Display attention messages - This option when enabled would display an attention / warning (alert) displaying the path and name of the infected object and the action taken.
 
Reports section
- Total Files Scanned – Total files scanned by real time File Anti-virus monitor.
- Dangerous Objects Detected – Total virus / malwares detected by File Anti-virus monitor on real time.
- Last File Scanned – Name of the last file scanned on real time basis.
 
 
- a. View Statistics – Clicking on View Statistics will display the latest activity report of the real-time monitor like - 
- The current details of the system date and time along with the details if the eScan Anti-Virus monitor is loaded (running) or not.
- The number of viruses being detected
- The scanning details like, last Objects scanned, name of the virus detected etc…
 
 
- b. View Quarantined Objects – Clicking on View Quarantined Objects will display the the files that are quarantined and backup files. 
- Quarantine - This option displays the files that are quarantined. The quarantined objects can be Restored / Deleted by right clicking on the object.
- Backup - This option displays the files that are backed up before disinfection. The backed up objects can be Restored / Deleted by right clicking on the object.
 
 
- c. View Log – Clicking on View Log will display the eScan File Anti-Virus report.
Glossary
Main Feature Index
 eScan Blog
eScan Blog eScan Website
eScan Website eScan Forum
eScan Forum eScan Feeds
eScan Feeds     

