eScan BlogeScan Blog    eScan WebsiteeScan Website    eScan ForumeScan Forum    eScan FeedseScan Feeds     
    
Languages:     

From eScan Wiki

(Difference between revisions)
Jump to: navigation, search
Revision as of 06:46, 17 January 2013
Webmktg (Talk | contribs)
('''File Anti-Virus''')
← Previous diff
Revision as of 03:36, 20 October 2014
Webmktg (Talk | contribs)
('''Description''')
Next diff →
Line 18: Line 18:
   
-[[Image:File Anti-virus window - online help.JPG|center]]+[[Image:File_Anti-virus_window_online_help.JPEG|center]]
   

Revision as of 03:36, 20 October 2014

eScan Version 14 Online Help

Back

File Anti-Virus

This section provides the description of eScan’s File Antivirus and various settings that can be configured for Real time Monitoring by File Antivirus for any malicious objects and actions to be taken on detection.


Contents


Description

File Anti-Virus is the first module of the eScan for ISS. This module monitors and safeguards your computer on a real-time basis from all kinds of malicious software as files are accessed, copied, or executed. This module includes the Proactive Scanning feature, which helps you block applications that perform suspicious activities. File Anti-Virus also includes the Block Files feature, which allows you to block or quarantine files from being accessed from local or network drives. In addition, File Anti-Virus also allows you to enable Folder Protection, which prevents users from creating, deleting, or updating files or sub-folders within specified folder list.

 

 

This page provides you with options required to configure the module. You can configure the settings from the following 2 sections:

Configuration

This section displays the following information.

-File Anti Virus Status : It displays the status of whether File Anti-Virus module is started or stopped.

- Proactive Scan Status  : It displays the status of the proactive scanning.

- Action : It displays the type of action taken by File Anti-Virus module.


Start/Stop: Click an appropriate option to enable or disable File Anti-Virus module.


Settings: When you click this button, the File Anti-Virus Settings window appears. On the File Anti-Virus Settings window, you have four tabs – Objects, Options, Block Files, and Folder Protection, which are as follows:

Note: On below the screen of all the tabs contains four buttons — Default, OK, Cancel, and Apply, which you have to use after configuring the settings based on your requirement.
- Default: Click this button to apply the default settings.
- OK: Click this button after you click the Apply button to apply the configured settings.
- Cancel: Click this button to cancel the configured settings or to close the window.
- Apply: Click this button to apply the configured settings.


  • Objects

This tab provides you with a number of settings for fine-tuning the File Anti Virus module as per your requirement. For example, you can configure module to scan specific storage devices or exclude files of a given file type.

 

 

- Actions in case of virus detection: This section lists the different actions that File Anti Virus can perform when it detects a virus infection. These actions are Report only, Disinfect, Quarantine, and Delete object. Out of these, the Disinfect option is selected by default. By default, the quarantined files are saved in C:\Program Files\eScan\Infected folder.

- Scan local removable disk drives: [Default] Select this check box if you want the real time monitor to scan all the local removable drives attached to the computer.

- Scan local hard disk drives: [Default] Select this check box if you want the real time monitor to scan all the local hard drives installed on the computer.

- Scan network drives: [Default] Select this check box if you want the real time monitor to scan all the network drives including mapped folders and drives that are connected to the computer.

- Scan files of following types: It indicates the type of file that you want the real time monitor to scan. You have 3 options where you can select files for scanning, whether all infectable, all files, or by mask. The files listed in By mask option are the default file extensions that are defined by eScan. To add or delete files by mask, double-click Add/Delete option, and then add or delete files as required.

- Exclude by mask: [Default] Select this check box if you want the File Anti Virus monitor to exclude all the objects in the Exclude by mask list during real time monitoring or scanning. You can add or delete a file or a particular file extension by double-clicking the Add / Delete option.

- Not a Virus List: [Default] File Anti Virus is capable of detecting riskware. Riskware refers to a software that is originally not intended to be malicious, but somehow can pose as a security risk to critical operating system functions. You can add the names of riskware, such as remote admin software to the riskware list in the Not a virus list dialog box by double-clicking the Add / Delete option, if you are certain that they are not malicious. The riskware list is empty by default.

- Exclude Files/Folders: [Default] Select this check box if you want File Anti Virus to exclude all the listed files, folders, and sub folders, while it is monitoring or scanning folders. You can add or delete folders from the existing list of folders by double-clicking the Add / Delete option.

- Scan compound objects: [Default] Select this check box if you want eScan to scan archives and packed files during scan operations. Select Archive check box, if you want eScan to scan archive files. You can define the depth level of an archived file upto which you want to scan. By default, value is 16, but you can change it by double-clicking the Image:Size box.JPG icon, and then type value in the size box. By default, Packed is selected.

- Enable code analyser: Select this check box if you want the real time monitor to scan your computer for suspicious objects or unknown infections by using the heuristic analyzer. When this check box is selected, File Anti Virus not only scans and detects infected objects by using the definitions or updates, but it also checks for suspicious files stored on your computer.


  • Options

This tab helps you configure the basic settings for the File Anti Virus module, such as the maximum size of log files and path of the destination folder for storing log files, quarantined objects, and report files.

 

 

You can configure the following settings:

- Save report file: [Default] Select this check box if you want eScan to save the reports generated by the File Anti-Virus module. The report file logs information about the scanned files and the action taken by File Anti Virus when an infected file was found during the scan.

--> Show pack info in the report (Monvir.log): [Default] Select this check box if you want File Anti-Virus to add information regarding scanned compressed files, such as .ZIP and .RAR files to the Monvir.log file.

--> Show clean object info in the report (Monvir.log): Select this check box if you want File Anti-Virus to add information regarding uninfected files found during a scan operation to the Monvir.log file. You can select this option to find out which files are not infected.

--> Limit size to (KB) (avpM.rpt): Select this check box if you want File Anti-Virus to limit the size of the avpM.rpt file. You can double-click the size box and specify the size of the log file. The default value is 50 KB

- For quarantining of infected objects: This option helps you specify the destination for storing quarantined objects. By default, the quarantined objects are stored in the C:\Program Files\eScan\Infected folder. You can change the location of the destination folder if required.

- Enable Auto backup / Restore: [Default] Select this check box if you want eScan to take automatic backup of critical files of the Windows® operating system installed on your computer and to restore the clean files when it finds an infection in any of the system files, which cannot be disinfected. You can do the following settings:

--> For backup of clean objects: You can back up uninfected objects and store them in a given folder. By default, these objects are stored in the E:\FBackup folder. You can change the destination of the backed up objects if necessary.

--> Do not backup files above size (KB): [Default] This option helps you prevent File Anti Virus from creating backup of files that are larger than the file size that you have specified. The default value is set to 32768 KB

--> Minimum disk space (MB): [Default] It enables you to set the minimum free hard disk space upto which you want eScan to take backup of files. By default, value is 500 KB, but you can change it by double-clicking the Image:Size box.JPG icon, and then type value in the size box.

- Limit file size to (KB): [Default] This check box enables you to set a size limit for the objects or files to be scanned. The default value is set to 20480 KB.

- Use sound effects for the following events: This check box helps you configure eScan to play a sound file and show you the details regarding the infection within a message box when any malicious software is detected by File Anti Virus. However, you need to ensure that the computer speakers are switched on.

- Display attention messages: [Default] When this option is selected, eScan displays an alert, which displays the path and name of the infected object and the action taken by the File Anti Virus module.

- Enable Malware URL Filter: Select this check box, if you want to block access to malicious websites/URL’s.

- Proactive Behaviour Monitor: Select this check box, if you want eScan to monitor the executable files you are running on your system.

In case, if eScan finds any executable files suspicious or may cause any harm to your system, it pops-up with a message. If you want to access the suspicious file, you can white list them anytime.


  • Block Files

This tab helps you configure settings for preventing executables and files, such as autorun.inf, on network drives, USB drives, and fixed drives from accessing your computer.

 

 

You can configure the following settings:

- Deny access of executable from Network: Select this check box if you want to prevent executables on your computer from being accessed from the network.

- Deny access of executables on USB Drives: Select this check box if you want to prevent executables stored on USB drives from being accessed.

- Deny access of AUTORUN.INF on USB and Fixed Drives: [Default] Select this check box if you want to prevent executables from USB and fixed drives from being accessed.

- Deny Access of following files: [Default] Select this check box if you want to prevent the files in the list from running on your computer.

- Quarantine Access-denied files: Select this check box if you want to quarantine files that have been denied access.

You can prevent specific files from running on your computer by adding them to the Block Files list. By default, this list contains the value %sysdir%\*.EXE@.


  • Folder Protection

This tab helps you protect specific folders from being modified or deleted by adding them to the Folder Protection list.

 

 

It allows you to configure the following setting:

- Protect files in following folders from modification and deletion: [Default] This option is selected by default. Select this check box if you want the File Anti-Virus module to protect files in specific folders from being modified or deleted.

Reports

This section displays the following information.

- Total Files Scanned: It shows the total number of files scanned by the real-time File Anti Virus monitor.

- Dangerous Objects Detected: It shows the total number of viruses or malicious software detected by the File Anti Virus monitor on a real-time basis.

- Last File Scanned: It shows the name of last file scanned by File Anti Virus monitor on real-time basis. In addition, you can view the following reports:

View Statistics:

When you click this button, the Statistics dialog box is displayed, which displays the latest activity report of the real-time monitor. The report contains information under two sections — Scanned and Found, under Scanned, the number of scanned objects, compound objects, packed objects, clean objects, and so on are displayed, and under Found, the number of known virus, virus bodies, deleted, quarantined, and so on are displayed.


 

In addition, it displays the following information:

- The current details of the system date, time, and whether the eScan Anti Virus monitor is running or not.
- The number of viruses detected.
- The results of most recent scan, such as the last object scanned and name of the virus detected.

View Quarantined Objects:

When you click this button, the Quarantine dialog box is displayed, which displays the quarantined files and backup files. This dialog box has the following tabs.


 

- Quarantine: This tab displays the files that have been quarantined. You can restore or delete the quarantined objects by right-clicking the object, and then clicking an appropriate option.
- Backup: This tab displays the files that were backed up by File Anti Virus before it tried to disinfect them. You can restore or delete the objects that were backed up by right-clicking the object, and then clicking an appropriate option. Before clicking any of these buttons, you should ensure that you have selected an appropriate row in the table for which you need to perform the action.

View Report:

When you click this button, the Report for File Anti Virus window is displayed. This window displays the report for the File Anti Virus module for a given range of dates in a tabular format when you click the Generate Report button.


 


eScan Copyright © 2015 MicroWorld Technologies Inc.- AntiVirus & Content Security.       Send your feedback to solutions@escanav.com eScan Wiki

    Privacy policy  About eScan Wiki  Disclaimers