eScan BlogeScan Blog    eScan WebsiteeScan Website    eScan ForumeScan Forum    eScan FeedseScan Feeds     
    
Languages:     

From eScan Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 09:51, 17 November 2008
WikiSysop (Talk | contribs)

← Previous diff
Revision as of 11:59, 20 November 2008
WikiSysop (Talk | contribs)

Next diff →
Line 1: Line 1:
-'''File Anti-Virus (Virus & Malware protection)''' - +== '''File Anti-Virus (Virus & Malware protection)''' ==
-Shows the current status of the Virus & Malware Protection level. The green color right tick mark denotes that the module is “Active” while the red color cross mark denotes that the module is “InActive”.  
-On the File Anti-Virus (Virus & Malware protection) option page in the “Configuration” section, when clicked on the “Settings” option, one can change the Virus & Malware Protection level, whereas clicking on the “Start” and /or “Stop” option (next to Settings) makes the module “Active” and /or “InActive”.+'''Description''' :- File Anti-Virus monitors and safeguards your system on real time basis against viruses, spyware, adware and other malicious objects as and when file(s) are accessed / executed or running in the memory.
-'''Configuration section'''+'''Status displayed in the main Protection Window''':-
 +The green colored Tick mark indicates the File Anti-Virus is active and running.
 +The red colored Cross mark indicates the File Anti-Virus is inactive and stopped.
-When clicked on “Settings” the below options are available, through which the eScan software’s real-time Virus and Malware protection can be customized - 
-'''a. Objects -''' This option helps in customizing the different objects that need to be scanned, actions to be taken along with the exclusions that can be set as per requirements.+'''Configuration section '''
-* On the left hand side:-+''Status''
-a. Objects to be scanned +File Anti-Virus Status – This will display the status of File Anti-Virus either in running or disabled mode.
-This lists the drives removable and non-removable including the network drives that would be scanned.+
-* On the right hand side:-+Proactive Scan Status – This will display the status of Proactive Scan either in enabled or disabled mode. (For detail please check below in the section '''II.Options''')
-a. Action in case of virus detection - +Action – This will show the action in case of virus detection.
-The default action set is to first disinfect (clean) and delete if disinfection is impossible. It is recommended, that you do not change the default settings.+
-b. Scan local removable disk drives -  
-This option scans for all local removable disk drives attached onto the system like the floppy, cd, usb, etc. in real time. 
-c. Scan local hard disk drives -+''Stop / Start buttons'' – Clicking stop / start button will disable or enable the File Anti-Virus.
-This option scans for all the local hard disk drives in real time.+
-d. Scan network drives -+''Settings button ''– To configure the File Anti-Virus for real time monitoring click on the Settings button.
-This option scans for the network drives (mapped) on the system in real time.+
-e. Scan files of following types - 
-This option enables you to choose the file types (objects) that need to be scanned in case found infected. 
-i. All Infectable -+'''I. Objects''' - This option helps in configuring the various file(s) / drive(s) on the system that should be included during real time monitoring and scanning by the File-Anti-Virus and accordingly take the required action.
-This option scans for all objects that are infectable.+
-ii. All -  
-This option scans for all objects. 
-iii. By Mask -+''On the left hand side:- ''
-This option scans for all file types (objects) that are listed here.+'''A. Objects to be scanned''' – This section lists the drives, removable and non-removable including the network drives, installed or mapped with the system that will be monitored and scanned.
-f. Exclude by mask - 
-This option excludes or does not scan file types (objects) that are listed and the same can be customized as per requirements.+''On the right hand side:- ''
 +'''a. Action in case of virus detection -''' The default action is set to first disinfect (clean) and when disinfection is not possible then delete the object. It is recommended to keep the default settings.
 +* Report Only – When selected, File Anti-Virus will only display an attention message informing about the entry / attack by a virus / malware.
 +* Disinfect – This is the default action taken by File Anti-Virus on any virus / malware detected.
 +[Make backup before disinfection option – On selecting this option a backup of the infected file will be saved, in a non-executable format, before being disinfected].
 +* If disinfection is impossible: This is an alternate action in case if disinfection of the virus/malware is not possible.The below are the actions that can be selected:
 +** Report Only
 +** Quaratnine Object
 +** Delete Object
-g. Not a virus list - 
-This option excludes or does not scan file types (objects) that are listed and the same can be customized as per requirements. For example - remote admin softwares like Vnc, RaAdmin, etc... 
-h. Exclude folders -+'''B. Scan local removable disk drives -''' This option selected will scan all local removable disk drives attached onto the system like the floppy, cd, usb, etc...
-This option excludes or does not scan folders/files that are listed and the same can be customized as per requirements.+
-i. Scan compound objects - 
-This option enables to scan files that are archived and packed. 
-j. Enable code analyzer - +'''C. Scan local hard disk drives -''' This option selected will scan all the local hard disk drives.
-This option scans for suspicious objects or unknown activity happening on the infected system using the heuristic analyzer i.e. it scans using the traditional method of detecting an object as infected based on the definitions /updates (cure) available within the software, but in addition, also checks for the behavioral activity happening on the system.+
 +'''D. Scan network drives -''' This option selected will scan for the network drives (mapped network folders or drives to the local drive) on to this system.
-'''b. Options -'''This option is helpful in defining the path of the report file (log), folder to be used in case of an infection, size limit of the compound objects etc. 
-i. Save report file -+'''E. Scan files of following types -''' This option selected will scan files of types listed in the category. Below are the categorised options:
-This option enables you to select the path of the report file (log), this would log information on the packed files scanned.+* All Infectable - This option when selected will scan only those objects that are pre-defined in the list of eScan infectable files/objects and as per the eScan anti-virus signature database.
 +* All - This option selected will scan all the files/objects in the system.
 +* By Mask - This option scans for all file types (objects) that are listed in this section. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option.
-ii. For renaming or copying of infected objects - 
-This option enables you to select the action to be taken when a file has to be renamed or copied to another folder, the default action set is to rename the infected object to .VIR extension. 
-iii. Limit compound object size to (KB) -+'''F. Exclude by mask –''' This option when selected, File Anti-Virus monitor will exclude all those objects from real time monitoring / scanning that has been listed. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option.
-This option enables you to set the size of the compound object for scanning, the default value set is 800.+
-'''c. Customize -'''This option helps to further customize the sound and attention warnings (alerts) when an infection is found.+'''G. Not a virus list –''' eScan File Anti-Virus has the capability to detect Riskware objects, a software which actually was not programmed and intended as malware, but can be a risk to security critical functions. A potentially dangerous software.
 +This option selected will exclude those softwares from File Anti-Virus taking any type of action on those objects considered as RISKWARE. As well, can be customised like adding a particular software name by double clicking on Add / Delete option.
 +For example - remote admin softwares like Vnc, RaAdmin, etc...
-i. Use sound effects for the following events - 
-When an infected object is detected, the infected.wav file would be used to generate a sound to notify the user of the detection and the action taken on the infection, (the system speakers need to be switched on for this). 
-ii. Display attention messages -+'''H. Exclude folders -''' This option when selected will exclude all the liste folders and sub-folders from being monitored/scanned by File Anti-Virus. As well, can be customised like adding or deleting a folder by double clicking on Add / Delete option.
-This option when enabled would display a attention warning (alert) displaying the path and name of the infected object.+
-At the bottom end of this File Anti-Virus (Virus & Malware protection) option page in the “Reports” section, there are different options available like “View Statistics”, “View Quarantined Objects” and “View Log”. 
 +'''I. Scan compound objects -''' This option enables to scan files that are archived and packed.
-'''Report section'''  
-The below options are available within -+'''J. Enable code analyzer -''' This option scans for suspicious objects or unknown activity happening on the infected system using the heuristic analyzer i.e. it scans using the traditional method of detecting an object as infected based on the definitions /updates (cure) available within the software, but in addition, also checks for the behavioral activity happening on the system.
-'''a. View Statistics -''' 
-  
-This option displays the current statistics of the real-time monitor like - 
-i) The current details of the system date and time -+'''II. Options –''' Here the basic settings of File Anti-Virus, like destination path of logs, destination path for Quarantined objects and can be configure is helpful in defining the path of the report file (log), folder to be used in case of an infection, size limit of files for real time monitoring.
-This displays details of the current system date and time along with the details if the eScan Anti-Virus monitor is loaded (running) or not.+'''i. Save report file -''' This option enables you to set the destination path of the File Anti-Virus report file (log). This logs information of the files scanned and the act.
 +* Show pack info in the report – When selected will add the information in the log for the packed files (like zip, rar etc…)
 +* Show clean object info in the report - When selected will add the information in the log for clean files as well (this is for debugging purpose).
 +* Limit size to (kb) – This option will set the size of the log file.
 +'''ii. For quarantine of infected objects –''' Here the destination path of Quarantined object can be set. By default the quarantined path will be "C:\Progra~1\eScan\Infected" .
-ii) The number of viruses being detected -+'''iii. Limit file size to (KB) -''' This option enables you to set a limit size of the object / file for real time scanning. The default value is set to 1024 Kb.
-This displays the current total number of known viruses and malwares being detected.+
-iii) The scanning details -+'''iv. Enable Proactive Scan – '''This option when enabled, will check for any suspicious file that is being executed in the system. A pop-up will be displayed whether to allow the application to be executed or to be blocked.
-This displays the scan details like the total objects, compound objects, packed object, last object, virus name and clean objects.+
-iv) The found details -+'''v. Use sound effects for the following events –''' This option when enabled, this will play a sound on detection of any viruses / malwares (the system speakers need to be switched ON) along with a pop-up.
-This displays the infection found details like the known virus, virus bodies, disinfected, deleted, renamed, suspicious, corrupted, I/O errors.+
 +'''vi. Display attention messages -''' This option when enabled would display an attention / warning (alert) displaying the path and name of the infected object and the action taken.
-'''b. View Quarantined Objects -'''  
-This option displays the files that are quarantined and taken as backup+'''Reports section '''
 +''' '''''Statistics''
 +* Total Files Scanned – Total files scanned on real time basis.
 +* Dangerous Objects Detected – Total virus / malwares detected on real time basis.
 +* Last File Scanned – Name of the last file scanned on real time basis.
 +'''a. View Statistics''' – Clicking on View Statistics will display the latest activity report of the real-time monitor like -
 +* The current details of the system date and time along with the details if the eScan Anti-Virus monitor is loaded (running) or not.
 +* The number of viruses being detected
 +* The scanning details like, last Objects scanned, name of the virus detected etc…
-i) Quarantine - +'''b. View Quarantined Objects –''' Clicking on View Quarantined Objects will display the the files that are quarantined and backup files.
-This option displays the files that are quarantined.+* Quarantine - This option displays the files that are quarantined. The quarantined objects can be Restored / Deleted by right clicking on the object.
 +* Backup - This option displays the files that are backed up before disinfection. The backed up objects can be Restored / Deleted by right clicking on the object.
-ii) Backup - +'''c. View Log –''' Clicking on View Log will display the eScan File Anti-Virus report.
-This option displays the files that are backed up before taking any action.+
- +
- +
-'''c. View Report –'''+
- +
-This option displays the full report.+
- +
-Here you will get a detailed report of the virus activity on the system including the Date/Time, Filename, Description and Action Taken. You can also view the reports according to days in a calendar year.+
- +
- +
-Note:- Depending on the subscription, some of the listed items may be unavailable.+

Revision as of 11:59, 20 November 2008

File Anti-Virus (Virus & Malware protection)

Description :- File Anti-Virus monitors and safeguards your system on real time basis against viruses, spyware, adware and other malicious objects as and when file(s) are accessed / executed or running in the memory.


Status displayed in the main Protection Window:- The green colored Tick mark indicates the File Anti-Virus is active and running. The red colored Cross mark indicates the File Anti-Virus is inactive and stopped.


Configuration section

Status

File Anti-Virus Status – This will display the status of File Anti-Virus either in running or disabled mode.

Proactive Scan Status – This will display the status of Proactive Scan either in enabled or disabled mode. (For detail please check below in the section II.Options)

Action – This will show the action in case of virus detection.


Stop / Start buttons – Clicking stop / start button will disable or enable the File Anti-Virus.

Settings button – To configure the File Anti-Virus for real time monitoring click on the Settings button.


I. Objects - This option helps in configuring the various file(s) / drive(s) on the system that should be included during real time monitoring and scanning by the File-Anti-Virus and accordingly take the required action.


On the left hand side:- A. Objects to be scanned – This section lists the drives, removable and non-removable including the network drives, installed or mapped with the system that will be monitored and scanned.


On the right hand side:- a. Action in case of virus detection - The default action is set to first disinfect (clean) and when disinfection is not possible then delete the object. It is recommended to keep the default settings.

  • Report Only – When selected, File Anti-Virus will only display an attention message informing about the entry / attack by a virus / malware.
  • Disinfect – This is the default action taken by File Anti-Virus on any virus / malware detected.

[Make backup before disinfection option – On selecting this option a backup of the infected file will be saved, in a non-executable format, before being disinfected].

  • If disinfection is impossible: This is an alternate action in case if disinfection of the virus/malware is not possible.The below are the actions that can be selected:
    • Report Only
    • Quaratnine Object
    • Delete Object


B. Scan local removable disk drives - This option selected will scan all local removable disk drives attached onto the system like the floppy, cd, usb, etc...


C. Scan local hard disk drives - This option selected will scan all the local hard disk drives.


D. Scan network drives - This option selected will scan for the network drives (mapped network folders or drives to the local drive) on to this system.


E. Scan files of following types - This option selected will scan files of types listed in the category. Below are the categorised options:

  • All Infectable - This option when selected will scan only those objects that are pre-defined in the list of eScan infectable files/objects and as per the eScan anti-virus signature database.
  • All - This option selected will scan all the files/objects in the system.
  • By Mask - This option scans for all file types (objects) that are listed in this section. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option.


F. Exclude by mask – This option when selected, File Anti-Virus monitor will exclude all those objects from real time monitoring / scanning that has been listed. As well, can be customised like adding or deleting a file or a particular file extensions by double clicking on Add / Delete option.


G. Not a virus list – eScan File Anti-Virus has the capability to detect Riskware objects, a software which actually was not programmed and intended as malware, but can be a risk to security critical functions. A potentially dangerous software. This option selected will exclude those softwares from File Anti-Virus taking any type of action on those objects considered as RISKWARE. As well, can be customised like adding a particular software name by double clicking on Add / Delete option. For example - remote admin softwares like Vnc, RaAdmin, etc...


H. Exclude folders - This option when selected will exclude all the liste folders and sub-folders from being monitored/scanned by File Anti-Virus. As well, can be customised like adding or deleting a folder by double clicking on Add / Delete option.


I. Scan compound objects - This option enables to scan files that are archived and packed.


J. Enable code analyzer - This option scans for suspicious objects or unknown activity happening on the infected system using the heuristic analyzer i.e. it scans using the traditional method of detecting an object as infected based on the definitions /updates (cure) available within the software, but in addition, also checks for the behavioral activity happening on the system.


II. Options – Here the basic settings of File Anti-Virus, like destination path of logs, destination path for Quarantined objects and can be configure is helpful in defining the path of the report file (log), folder to be used in case of an infection, size limit of files for real time monitoring. i. Save report file - This option enables you to set the destination path of the File Anti-Virus report file (log). This logs information of the files scanned and the act.

  • Show pack info in the report – When selected will add the information in the log for the packed files (like zip, rar etc…)
  • Show clean object info in the report - When selected will add the information in the log for clean files as well (this is for debugging purpose).
  • Limit size to (kb) – This option will set the size of the log file.

ii. For quarantine of infected objects – Here the destination path of Quarantined object can be set. By default the quarantined path will be "C:\Progra~1\eScan\Infected" .

iii. Limit file size to (KB) - This option enables you to set a limit size of the object / file for real time scanning. The default value is set to 1024 Kb.

iv. Enable Proactive Scan – This option when enabled, will check for any suspicious file that is being executed in the system. A pop-up will be displayed whether to allow the application to be executed or to be blocked.

v. Use sound effects for the following events – This option when enabled, this will play a sound on detection of any viruses / malwares (the system speakers need to be switched ON) along with a pop-up.

vi. Display attention messages - This option when enabled would display an attention / warning (alert) displaying the path and name of the infected object and the action taken.


Reports section Statistics

  • Total Files Scanned – Total files scanned on real time basis.
  • Dangerous Objects Detected – Total virus / malwares detected on real time basis.
  • Last File Scanned – Name of the last file scanned on real time basis.

a. View Statistics – Clicking on View Statistics will display the latest activity report of the real-time monitor like -

  • The current details of the system date and time along with the details if the eScan Anti-Virus monitor is loaded (running) or not.
  • The number of viruses being detected
  • The scanning details like, last Objects scanned, name of the virus detected etc…

b. View Quarantined Objects – Clicking on View Quarantined Objects will display the the files that are quarantined and backup files.

  • Quarantine - This option displays the files that are quarantined. The quarantined objects can be Restored / Deleted by right clicking on the object.
  • Backup - This option displays the files that are backed up before disinfection. The backed up objects can be Restored / Deleted by right clicking on the object.

c. View Log – Clicking on View Log will display the eScan File Anti-Virus report.


eScan Copyright © 2015 MicroWorld Technologies Inc.- AntiVirus & Content Security.       Send your feedback to solutions@escanav.com eScan Wiki

    Privacy policy  About eScan Wiki  Disclaimers