User Manual
Contents
1. LE set default f ok apply X cancel The Checking tab includes e Check mode pane e check modes description pane e settings control buttons A group of radio buttons named Check mode determines the scanning mode the check severity level Ta J N ax 3 Using Scanner from Graphic Shell e Fast check only the files which internal structure allows them to contain virus code are scanned archives and symlink objects are not scanned the heuristic analyzer is disabled The scanning process in this mode is a lot quicker than in the Full check mode at the expense of reduced protection reliability e Full check all selected objects are scanned including archives and symlink objects the heuristic analyzer is enabled This mode is recommended for everyday computer scanning It is slower than the Fast check mode but provides a much higher level of protection e Advanced mode in this mode you can manually adjust the parameters which determine the check severity level It is intended primarily for experienced users When this mode is selected the Advanced Options button becomes available in the bottom left of the tab Click the button to adjust the parameters see the Advanced Options section When you select any mode its detailed description is given in the right part of the tab To save changes to the settings in the configuration file click Save Settings The new settings will now be used e2. Engine path jroot drweb local lib drweb32 dll Update path jroot drweb update Temp path jroot drweb temp amp Set default Ok 45 apply X Cancel In the Virus databases list the location of databases with virus records is specified By default the databases are located in the directory specified during the program installation The Updater module automaticaly puts updated databases to this directory However if you wish to connect some additional databases manually you must add them to the Virus databases list The database files which have a non standard extension should also be added to this list even if they are located in the default directory 37 Ta AN ax 3 Using Scanner from Graphic Shell To add a database to the Virus databases list click Add virus database A window for adding a database will open By default the list contains only two file masks vdb VDB i e files with the vdb or VDB extensions only You can also specify only one symbol to point to files with any extensions To delete a database from the Virus databases list select it and click Delete virus database If necessary you can edit paths to the engine the update directory and the temporary files directory in the corresponding input fields or select these paths via the file system explorer by clicking the button gt next to the relevant field 3 2 2 File Types Tab On the
3. objects to scan See Figure 22 Figure 22 File Manager window areg Jelx Ed Create Folder Places Name Y Modified Recently Used root File system hda add OK Cancel Initially the path selection pane at the top contains the following buttons Type a file name open the file name entry field to add a file to close the field click the button again 0 File System open the list of Dr Web LiveUSB file system partitions Ta J N ax 3 Using Scanner from Graphic Shell As you view file system objects the buttons for the directories passed bread crumbs appear on the path selection pane at top of the window Click a button to open the respective directory To add an object as a shortcut select necessary directories in the file system explorer and click Add button To remove a shortcut select the shortcut in the Places list and click Delete button You can use the shortcuts for navigation through the file system When done with selections click OK to add the selected directory to the list of objects for scan and close the window or click Cancel to close the window without saving the changes To start scan of the selected objects click Start it will turn to the Stop button and scanning process will begin During scan the status bar in the bottom of the window reflects the current program activity for example loading of virus databases or the full path to th
4. Dr Web forum Send a request to the technical support Click Request to support The inbuilt browser will open at the page of the Dr Web support service Report a bug by e mail Click Bug report The inbuilt mail client will open to send a mail message Send files that are probably infected by unknown viruses for analysis to the Dr Web laboratory Click Send file for check A file manager window will open The right pane of the Support tab contains info about the version of the program loaded virus databases last update time and license key number This information is refreshed after every update 33 7 ax A AN 3 Using Scanner from Graphic Shell To update Dr Web virus databases visit the aforementioned web sites send e mail messages and files a connection to the Internet is required In case you receive a notification that the browser or the mail client is not found at the attempt to follow any of the links above adjust properly paths to the executable files of the browser and mail client To do this on the Settings menu select Options gt Programs and enter necessary data Figure 14 Support tab Dr Web Scanner Options amp General _A Actions Checking jf Programs Support O Update www drweb com Forum V7 Request to support Bug report 4 44 0 10060 lt API 2 2 gt 5 0 0 12182 lt API 2 2 gt Shell version Engine v
5. GUI specify actions taken upon detection of infected or suspicious objects and set up Scanner interaction with the OS and various modules of the anti virus complex See Figure 9 23 3 Using Scanner from Graphic Shell 24 Figure 9 Scanner main options DrWeb Scanner Options General A Actions Checking Programs Support Path to Scanner opt drweb M Save all settings at exit Scanner Excluded paths proc sfa Add excluded path sys Idev Delete excluded path root drweb Path to key jopt drweb drweb32 key bn Browse set default ok Apply X cancel Main settings are divided between several tabs e General general Scanner settings e Actions adjustment of program s reactions upon detection of virus threats or malware e Checking adjustment of scan modes for files possibility to save current settings and restore the defaults e Programs adjustment of interaction with other anti virus components and inbuilt programs e Support updates and technical support In the bottom of this window the following control buttons are located Ta J N ax 3 Using Scanner from Graphic Shell e Set default discard the user settings and set the default ones e Ok save the changes and return to the main window of the Scanner e Apply save the changes and stay in the settings window e Cancel retu
6. lie BQIE Mouse Keyboard Serial House Ctri Shift Video Monitor vmware 10 8 Cancel Ta 2 N s 2 Dr Web LiveUSB Graphic Shell 19 2 2 Inbuilt Applications This section describes applications available within the Dr Web LiveUSB anti virus solution Access to these applications can be gained via Network and Utility options of the system menu The Utility option on the system menu opens the drop down list e Create Live USB create boot flash drive e Leafpad open the inbuilt text editor notepad e Midnight Commander open the file manager e Terminal open the command line terminal The Network option on the system menu opens the drop down list e Firefox open the inbuilt browser e Sylpheed open the inbuilt mail client 2 2 1 Browser Even though your computer cannot be loaded from the hard drive the Mozilla Firefox web browser included in Dr Web LiveUSB will allow you to view web sites and save the pages See Figure 6 You will be able to view the saved pages after the OS is fully restored and loaded Ta AN 2 Dr Web LiveUSB Graphic Shell 20 ys An Internet connection via the Local Area Network is required to A access the web pages with the inbuilt browser The browser default start page is the Doctor Web official web site Figure 6 Inbuilt Browser Dr Web tnnovstion Bre Antivirus end entlepem protection Melle tir es File Edt View History Bo
7. menu and include the following options e Menu Configuration which allows you to configure appearance of the taskbar e NetWorks Configuration which allows you to configure network e Openbox Configuration Manager which allows you to configure the GUI e Xorg Configuration which allows to configure the X Window System To configure settings select a corresponding item in the menu The settings window opens 13 Ta J ax 2 Dr Web LiveUSB Graphic Shell 14 2 1 1 Taskbar Configuration This windows allows you to configure the position size and special effects in appearance of the taskbar on the General tab as well as configure installed GUI plugins on the Plugins tab See Figure 2 Figure 2 Taskbar configuration S f ppanel configurator olix General Plugins Position Edge Bottom ail Allignment Left Margin o 2 Size Width 100 of edge Height 30 3 pixels cd Effects C Transparency Properties M Set Dock Type M Do not cover by maximized windows O Autohide apply close Ta J i ax 2 Dr Web LiveUSB Graphic Shell 15 Position Specify values for the following parameters e the taskbar position on the screen Edge e alignment of the taskbar elements Alignment e the taskbar margine Margine Size Adjust the the taskbar width Width and Height Effects Adjust the taskbar Transparency and Color settings Properties Specify v
8. the path to the directory with the updating utility To do this specify the path in the Path to directory with file update pl entry field or click the button gt and select it via the file system explorer e If a proxy server is used to receive updates type the login and password to the proxy server in the Proxy login and Proxy password entry fields correspondingly On the Mail pane you can type a command to start the mail client in the batch mode and edit it if necessary Under the entry field you can find possible parameters to be used with this command and their descriptions On the Browser pane you can type a command to start the 32 Ta rt ax 3 Using Scanner from Graphic Shell browser and edit it if necessary Under the entry field you can find possible parameters to be used with this command and their descriptions When you are done click Apply to save the changes and leave the dialog box open 3 1 5 Updating and Technical Support On the Support tab you can update virus databases contact technical support send information about a bug or a suspicious file for check to Dr Web and view program info See Figure 14 The left pane of the Support tab contains buttons to perform the folowing actions Start the Updater Click Update Open the Dr Web official Web site Click www drweb com Open the Dr Web forum in the web browser window Click Forum The inbuilt browser will open at the page of the
9. v 8 Subject From Date Size amp Sent C Drafts D Queue amp Trash 8 v From Subject Dr Web Sylpheed provides a secure connection to the mail server through the SSL and TLS protocols When your OS is damaged and you cannot use your customary tools this mail client included in Dr Web LiveUSB will alow you to keep up a correspondence through your registered e mail account until the problem is solved 21 Ta J N ax 2 Dr Web LiveUSB Graphic Shell 2 2 3 File Manager The inbuit Midnight Commander file manager is similar to the Norton Commander file manager See Figure 8 By using full screen display mode it provides an intuitive user interface to the operating system and serves as a useful tool for operations with files suitable for users with any level of experience from a newbie to a guru Homepage http www ibiblio org mc Figure 8 File manager config drweb fbpanel icons idesktop local N MC mozilla N 1 O1 JO M 9 O7 NN YS 22 Ta AN ax 3 Using Scanner from Graphic Shell 3 Using Scanner from Graphic Shell This section describes Scanner parameters and settings and how to use it from a Graphic Shell 3 1 Main Options You can access the main options of the Scanner via the Options button on the toolbar or via the menu in the Scanner main window Settings gt Options In this window you can adjust the Scanner
10. 1 Dr Web LiveUSB Dr Web LiveUSB utility allows to create a boot flash drive with a portable Linux based operating system and inbuilt software intended 6 7 ax A AN 1 Introduction to faciltate computer scanning and curing working with the file system Dr Web LiveUSB anti virus solution viewing and editing text files viewing web pages and sending and receiving e mail messages Using boot flash drive you can restore the system when loading a computer from a hard drive is impossible due to high virus activity Dr Web LiveUSB jis distributed as a drwebliveusb ex executable file 1 2 Creating Emergency System Recovery Disk Creating emergency system recovery disk on a USB drive 1 Connect the flash drive It takes maximum ten seconds for a connection to be registered 2 Rundrwebliveusb exe 3 The program will detect all available USB drives automatically and suggest you to select the suitable one If necessary you can format the selected USB drive a notification will be displayed before formatting Create Emergency System Recovery Disk on a USB drive Dr Web LiveUSB helps you recover operating system from viruses and other security threats even when you cannot boot it in the usual way Select a USB drive Removable Disk E 3 22 GB free of 7 48 GB E Format USB drive before creating Dr Web LiveUSB Generate Dr Web LveusB Cancel 7 Ta 2 A ax N 1 Introd
11. File Types tab you can set up restrictions on the types of files to be checked by the Scanner See Figure 17 On the Scan mode pane set the selection method for files to scan using the group of option buttons e All all files are scanned regardless of their types and internal structure This mode is set by default when you select Full check on the Checking tab of the Scanner settings section By type only files with the extensions specified in the File types list are scanned Executable files and files containing macros are on the list by default To add an extension to the list click Add file type specify the necessary extension in the opened window and then click Apply To delete an extension from the list select it and click Delete file type 38 Ta J N ax 3 Using Scanner from Graphic Shell The Add file type and Delete file type buttons are active only when the By type check mode is selected e By format files which internal structure allows them to contain viruses are scanned regardless of the names and extensions This mode is set by default when you select Fast check on the Checking tab of the Scanner settings section Below the pane you can select the following options to set up additional restrictions for the scanning process e Select the Follow symlinks checkbox if you want the Scanner to check the files symbolic links to which are included into the scan e Select the Check archives checkbox i
12. User Manual 2003 2010 Doctor Web All rights reserved This document is the property of Doctor Web No part of this document may be reproduced published or transmitted in any form or by any means for any purpose other than the purchaser s personal use without proper attribution TRADEMARKS Dr Web the Dr WEB logo SplDer Mail SpIDer Guard Curelt the Dr WEB INSIDE logo are trademarks and registered trademarks of Doctor Web in Russia and or other countries Other trademarks registered trademarks and company names used in this document are property of their respective owners DISCLAIMER In no event shall Doctor Web and its resellers or distributors be liable for errors or omissions or any loss of profit or any other damage caused or alleged to be caused directly or indirectly by this document the use of or inability to use information contained in this document Dr Web LiveUSB Version 6 0 0 User Manual 13 10 2010 Doctor Web Head Office 2 12A 3rd str Yamskogo polya Moscow Russia 125124 Web site www drweb com Phone 7 495 789 45 87 Refer to the official web site for regional and international office information Doctor Web Doctor Web develops and distributes Dr Web information security solutions which provide efficient protection from malicious software and spam Doctor Web customers can be found among home users from all over the world and in government enterprises small companies and nationwi
13. ach time program starts or settings are loaded from the user configuration file If you restart your system without saving the new settings any changes made to the configuration file will be lost and all the parameters will be reset to the default as when Dr Web LiveUSB A was written to the disk or another medium Please note that if you select the Save all settings at exit checkbox on the General tab the settings will be saved automatically every time the Scanner is closed To load the settings from the configuration file click Load Settings 31 Ta J N ax 3 Using Scanner from Graphic Shell When the program starts settings from the configuration file are A loaded automatically Use the Load Settings button only to discard the new changes to the settings you have made In the program s configuration file in the GUI section settings of the GUI module are stored For more information about the configuration file refer to the Dr Web Anti virus for Linux documentation 3 1 4 Programs Tab On the Programs tab you can adjust Scanner interaction with the other components of Dr Web LiveUSB See Figure 13 The Programs tab includes three panes e Updater contains information necessary for Updater adjustment e Mail used for adjustment of call options for the mail client e Browser used for adjustment of call options for the web browser On the top Updater pane e If necessary you can edit
14. adjust the computer workload select Updater timeout and enable the heuristic analyser See Figure 20 In the Scan priority group of option buttons you can select the priority of the scanning process compared to other system processes In the Timeout entry field you can edit the default awaiting time of the updating utility when trying to connect to the update 7 ax A AN 3 Using Scanner from Graphic Shell 44 server Selecting the Heuristic analysis checkbox enables the heuristic analyser mode a method of virus detection based on the analysis of actions specific for viruses In the heuristic analyser mode false positives are possible All A objects detected by the heuristic analyser have the suspicious status The analyser is automatically enabled if you choose the Full check mode and disabled in the Fast check mode Figure 20 Other tab DrWeb Scanner Advanced options Paths File types Log file Archive Other Scan priority O High Normal Low Updater Timeout 90 sec I M Heuristic analysis 4 Set default Ok apply X Cancel Click an area for details 3 3 Antivirus Scan This sections describes how to scan your file system for viruses Ta J N ax 3 Using Scanner from Graphic Shell 45 3 3 1 Starting a Scan Dr Web Scanner for Linux can be started in one of the following ways e Automatically after the graphic s
15. alues for other parameters e type of the taskbar Set Dock Type e taskbar covering options Do not cover by maximized windows e hiding options Autohide 2 1 2 NetWorks Configuration This window allows you to configure IP protocol settings manually or receive them via DHCP See Figure 3 2 Dr Web LiveUSB Graphic Shell 16 Figure 3 Networks configuration Fr petlua Host drweb com localdomain IP Addr 192 168 DHCP OK PILE Domain none Name 255 0 Cancel Ta 2 AN 2 Dr Web LiveUSB Graphic Shell 17 ys 2 1 3 Openbox Configuration Manager This window allows you to configure the Openbox GUI including colour schemes desktop parameters etc See Figure 4 Figure 4 Openbox configuration m Openbox Configuration Manager CIE Theme Theme Appearance O Inactive Windows M Clearlooks ene Normal Move amp Resize Disabled Selected Mouse Desktops Clearlooks Olive Margins Selected Dock m Inactive E Pa Install a new theme fe Create a theme archive obt EA Ta gt AN a 2 Dr Web LiveUSB Graphic Shell 18 2 1 4 X Window Configuration This window allows you to configure the system screen resolution type of the video driver and the mouse keys for shifting the keyboard layout See Figure 5 X Window configuration 1 xorg
16. ard drive without launching Dr Web LiveUSB select Local HDD cancel launching of Dr Web LiveUSB launch the system from the 0 partition of the 0 drive hd0 0 e To test memory for example when you computer is extremely unstable and restarts at random select Test Memory The standard mode is preferable because of its user friendly interface and improved functionality The bigger part of this manual describes working in this GUI mode The safe mode is intended for experienced users familiar with UNIX based operating systems and is used when the GUI fails to load Press TAB to edit each option manually 9 Ta J N ax 2 Dr Web LiveUSB Graphic Shell 2 Dr Web LiveUSB Graphic Shell The Dr Web LiveUSB software includes a graphic shell with a window based interface similar to the Linux operating system GUI By default the desktop with the Dr Web trademark for the background contains icons of applications included in Dr Web LiveUSB The taskbar a horizontal bar in the bottom contains e System menu button amp e Quick Launch icons for inbuilt applications e Desktop switching icons e Icons of currently used applications e System clock in the right corner Dr Web LiveUSB includes the following basic applications e Dr Web Scanner for Linux e Firefox browser e Sylpheed mail client e Midnight Commander file manager e command line terminal to work directly from under the graphic shell e Leafpad
17. ater Updater log root drweb logs updater log Level of log Warning c amp Set default ok apply X Cancel 3 2 4 Archive Tab On the Archive tab you can set limitations to actions which will be applied to archives for safety reasons See Figure 19 The parameters on the Archive tab are designed to protect the Scanner from mailbomb attacks They specify limiting values of various archive characteristics excess of which will lead to skipping these archives from scanning in order to avoid exhaustion of system resources Tf it is necessary to change the default settings edit the values in the following entry fields e Max compression ratio by default is set to 5000 e Max archive nesting level by default is set to 8 e Compression check threshold by default is set to 5000 A AN T y A A y 3 Using Scanner from Graphic Shell Kbytes Smaller archives are scanned regardless of the compression ratio e Max file size to extract by default is set to 1024 Kbytes Larger archives will not be unpacked Figure 19 Archive tab F DrWeb scanner Advanced options Paths File types Log file Archive other Max compression ratio 5000 la Max archive nesting level a S Compression check threshold 5000 2 Kb Max file size to extract 1024 kb amp Set default Ok apply X Cancel 3 2 5 Other Tab On the Other tab you can set parameters to
18. b ob Add virus database root drweb local bases VDB em Delete virus database Engine path jroot drweb local lib drweb32 dll Update path root drweb update Temp path jroot drweb temp i amp Set default Ok apply X Cancel The advanced options are divided between several tabs e Paths specify the paths to main Scanner modules e File Types set the file types to be checked e Log File set logging parameters e Archive set limitations to actions to be applied to archives for safety reasons e Other adjust parameters managing computer workload select Updater s timeout and enable the heuristic analyzer In the bottom of the advanced options window the following controls are located e Set default discard the user settings and set the default ones e Ok save the changes and return to the main window of the Scanner A AN 1 v A A Y 3 Using Scanner from Graphic Shell e Apply save the changes and stay in the settings window e Cancel return to the main window of the Scanner and discard the changes 3 2 1 Paths Tab By default the advanced options window opens on the Paths tab See Figure 16 Figure 16 Paths tab DrWeb Scanner Advanced options AE Paths File types Log file Archive Other Virus databases root drweb local bases vdb sfe Add virus database root drweb local bases VDB em Delete virus database
19. cted file is seriously damaged by virus If infected files are found inside archives they will not be cured deleted moved or renamed To cure such files you must manually unpack archives to the separate directory and instruct Scanner to check it When Scanner is started with action Delete specified it will delete all infected files from disk This option is suitable for incurable irreversibly damaged by virus files Action Rename makes Scanner replace file extension with a certain specified extension by default i e first extension symbol is replaced with symbol Enable this parameter for files of other OS e g DOS Windows detected heuristically as suspicious Renaming helps to avoid accidental startup of executable files in these OS and therefore prevents infection by possible virus and its further expansion With action Move enabled Scanner will move infected or suspicious files to the quarantine directory 55 Ta AN ax 5 Reporting a bug 5 Reporting a bug If you use graphic shell then to send a report about some bug in program operation you must do the following pass to the main options section of the Scanner using the Options button on the toolbar or using the menu in the Scanner main window Settings gt Options in the main options section select Support tab press the Bug report button on this tab after that an inbuilt mail client will be started with the message templat
20. de corporations Dr Web antivirus solutions are well known since 1992 for continuing excellence in malware detection and compliance with international information security standards State certificates and awards received by the Dr Web solutions as well as the globally widespread use of our products are the best evidence of exceptional trust to the company products We thank all our customers for their support and devotion to the Dr Web products Ta AN ax Table of Contents 1 Introduction 1 1 Dr Web LiveUSB 1 2 Creating Emergency System Recovery Disk 1 3 System Requirements 1 4 Launching Dr Web LiveUSB 2 Dr Web LiveUSB Graphic Shell 2 1 Settings 2 1 1 Taskbar Configuration 2 1 2 NetWorks Configuration 2 1 3 Openbox Configuration Manager 2 1 4 X Window Configuration 2 2 Inbuilt Applications 2 2 1 Browser 2 2 2 Mail Client 2 2 3 File Manager 3 Using Scanner from Graphic Shell 3 1 Main Options 3 1 1 General Tab 3 1 2 Actions Tab 3 1 3 Checking Tab 3 1 4 Programs Tab 3 1 5 Updating and Technical Support 3 2 Advanced Options Man BD A 10 13 14 15 17 18 19 19 20 22 23 23 25 27 29 32 33 35 4 Ta AN aX 3 2 1 Paths Tab 3 2 2 File Types Tab 3 2 3 Log File Tab 3 2 4 Archive Tab 3 2 5 Other Tab 3 3 Antivirus Scan 3 3 1 Starting a Scan 3 3 2 Scan Results 4 Using Console Scanner 4 1 Starting a Scanning 4 2 Command Line Paramete
21. e already opened in the Subject field give a brief description of the problem encountered and in the message body describe the problem in every detail including the steps to be made to reproduce it send the message using the default e mail account If you use console then to send a report about a bug use the following algorithm using the arrow keys select the Report Bug items from the Start Menu and press ENTER a console text editor nano will open where you can describe the encountered problem after finishing the description press CTRL X to exit the text editor before exit you will be prompted to make a decision whether you want to send the bug report or not and press the corresponding key Y to send a report N to discard it 56 2003 2010 Doctor Web
22. e file being scanned at the moment To terminate scan click Stop it will turn to the Start button and scanning process will stop You can set additional parameters before scan such as scan mode check severity level actions over detected objects etc For more information on the Scanner settings please refer to the Main Options section 3 3 2 Scan Results Scan results are shown as a table in the bottom of the Scanner main window See Figure 23 There you can find information on infected and suspicious objects found during the scan their location their reasons to be included into the current selection and actions performed by the program over these objects Items in the list of detected objects are displayed in a hierarchical order if a virus is found inside an archive then the archive is displayed as a node which contents you can expand and collapse 48 3 Using Scanner from Graphic Shell Figure 23 Scan results DP Webiscanner File Settings Help Dam e x x Bec add MB 0 Delete M Scan subdirectories File Status O cyDocuments and Settings Copy doc _ infected with W97M Belyash O 4 CDocuments and Settings 1 doc com infected with EICAR Test File NOT a Virus i C Program Files adware exe contains an advertising software Adware Dudu M C Program Files upx exe infected with Win32 HLLPJeefo 36352 gt ML Dymessagestbb archive MAIL v M DyMailbase arc
23. e logging facility and priority in the two drop down lists below Ta J N ax 3 Using Scanner from Graphic Shell 41 The following log facilities are available Daemon Localo Local7 Kern User Mail You can select between the folowing priority levels for logging Info Notice Alert Warning A selected Limit log file size checkbox instructs that the log file must not exceed the size specified in the entry field to the right After the maximum has been reached old entries will be gradually deleted to give space to the new ones Clearing the checkbox will remove any limitation to the log file size selected and the default value in the Max log file size 512 Kb It is recommended to keep the default Limit log file size option unchanged In the Updater section you can edit the path to the log file of the updating utility Specify it in the Log file entry field or click the button gt and choose the path via the file system explorer In the Level of log drop down list you can select the required log verbosity level The following levels are available Debug Verbose Info Warning Error Quiet 3 Using Scanner from Graphic Shell 42 Figure 18 Log file tab DrWeb Scanner Advanced options Fic Paths File types Log file Archive Other Log File Name File name jroot drweb logs scanner log D Syslog M Limit log file size Max log file size 512 A Kb Upd
24. ename i ignore jok di ml r i actions for joke programs d delete m move r rename i ignore rsk di m rl i actions for potentially dangerous programs d delete m move r rename i ignore hck di m r i actions for hacktools d delete m move r rename i ignore Interface parameters configure Scanner report output v version output information about product and 53 Ta J N ax 4 Using Console Scanner Engine versions e ki output information about key file and its owner in UTF8 encoding only e foreground yes no enable Scanner to run in foreground or in background e ot output information to standard output stdout e og disable information output e ok display Ok for not infected files e log lt path to file gt logging to specified file e ini lt path to file gt path to alternative configuration file e lng lt path to file gt path to alternative language file You can use hyphen postfix to disable the following parameters ar cu ha ic fl ml ok sd sp For example if you start Scanner with the following command drweb path lt path gt ha heuristic analysis enabled by default will be disabled By default if Scanner configuration was not customized and no parameters were specified Scanner starts with the following parameters ar ha fl ml sd Default Scanner parameters includi
25. eport action is set for all types of objects Information on all the detected objects is displayed in the report field of the Scanner main window see the Scan Results section You can select actions to be applied to the certain types of objects manually using the Cure and Delete buttons under the report field 3 Using Scanner from Graphic Shell Figure 11 Actions settings DrWeb Scanner Options amp General A Actions Checking Programs Support Infected Cure Malware Suspicious Report Les Adware Report c Incurable Report Le Dialers Report Le Infected archives Report S Jokes Report s Infected containers Delete re Riskware Report re Infected mail Report a Hacktools Report db set default ok apply X cancel You can change the program s reaction on detected virus threats or malware on the Actions tab To do this select the necessary action from the drop down list near the respective type of object Depending of the threat type these lists contain different sets of available actions e Report report about the detected threat in the report field of the Scanner main window e Cure try to cure the file and restore it to the state before the infection If curing is impossible then the action specified for incurable objects will be applied e Delete delete the file 28 Ta N ax 3 Using Scanner from Graphic Shell 29 When infected
26. ersion Copyright c Igor Daniloff 1992 2009 Virus databases dwr50005 vdb dwr50004 vdb Lt 200 ee Total viruses records 576023 Last update time unknown Key file Jopt drweb drweb32 key Key file number Send file for check Working period unknown LE set default of ok apply X cancel 34 Ta 2 AN 3 Using Scanner from Graphic Shell 3 2 Advanced Options Experienced users may adjust scanning parameters by themselves in the Advanced options section To set individual scanning parameters 1 On the Scanner Settings menu select Options and then select the Checking tab 2 On the Check mode pane select Advanced mode 3 The Advanced Options button in the bottom left of the window becomes available Click the button to access the settings Or directly from the Scanner Settings menu select the Advanced mode option button Advanced options item in Settings menu becomes available Select it to access the settings EN UT The advanced options menu allows to adjust manually paths to directories used by the various Scanner components specify types of files for scan set up logging procedure etc See Figure 15 35 3 Using Scanner from Graphic Shell 36 Figure 15 Scanner advanced options DrWeb Scanner Advanced options Paths File types Log file Archive Other Virus databases froot drweb local bases vd
27. f you want the Scanner to unpack archives and check the files inside in the By format mode archives should have a suitable format in the By type mode the extension of both the archive and the scanned file should be in the File types list e Select the Check e mail files checkbox if you want the Scanner to check attachments to e mail messages Allthree of the above checkboxes are automatically selected in the Full check mode and cleared in the Fast check mode these modes are availble on the Checking tab of the settings section 39 3 Using Scanner from Graphic Shell 40 Figure 17 File types tab Scan mode O all EXE COM OV O By format BAT M Follow symlinks M Check archives M Check e mail files amp Set default DrWeb Scanner Advanced options ci Paths File types Logfile Archive Other File types F sie Add file type Delete file type ok apply X Cancel 3 2 3 Log File Tab On the Log file tab you can adjust logging parameters See Figure 18 On the Log File Name pane select whether the log should be kept by Dr Web LiveUSB or by the system service e File name Dr Web LiveUSB will log events to the file specified in the entry field You can edit the path to the log file in the entry field or click the button bas and choose the path via the file system explorer e Syslog the log will be kept by the Syslog system service If you select this method you can specify th
28. hell is loaded e Using the desktop icon e Using of the corresponding item of the system menu After launch the Scanner main window opens See Figure 21 The Scanner allows to check all types of Windows partitions FAT FAT32 NTFS for viruses By default all available partitions of the hard drive are selected for scanning 7 ax A 3 Using Scanner from Graphic Shell 46 It is strongly recommended to update the Dr Web virus databases before scanning To do this click the Update Bases button By default all the subdirectories in selected directories are scanned If you want to scan only files in certain selected directories and partitions excluding the content of the enclosed directories in spite of the possible infection clear the Scan subdirectories checkbox Figure 21 Main Scanner window Dr Web Scanner File Settings Help Dam ex x Bec oh ada ME 0 Delete gt star Z Scan subdirectories File Status To add an object to or remove an object from the list of objects for scan either click Add or Delete Ta ax 3 Using Scanner from Graphic Shell 47 1 The Delete button becomes available once you select an object If you do not want the Scanner to check a certain object but you want it to remain in the scanning list clear the checkbox next to this object When you click Add a window opens where you can select
29. hive MAIL eicar com infected with EICAR Test File NOT a Virus gt EB Dybase64 eml archive MAIL Select all Clear list ga Cure 8 Delete Below the report field is a row of buttons where you can select the desired action for every object in the list Cure or Delete The Cure action is not available for archives containers and mail files If there some other action different from Report was specified for a certain type of detected objects on the Actions tab of Scanner settings section then the result of this action will be shown in the Status colurm When the Cure action is assigned for an object and this object appears to be incurable then the action specified for incurable objects on the Actions tab will be applied To select a desired action for certain found objects manually select objects or click Select all to select all objects and click Cure or Delete 49 Ta gt AN a 4 Using Console Scanner 50 4 Using Console Scanner This section helps you get started using the Console Scanner 4 1 Starting a Scanning After launching in the safe mode the Start Menu appears See Figure 24 Start Menu Welcome to Dr Web LiveCD Start Xorg Start Shell Start Midnight Commander Start Dr Web Update Choose Language Xorg Configuration Network Configuration Report Bug Restart Shut Down Eject amp Shut Down Copyright c Igor Daniloff 1992 20809 Using the arro
30. list of exclusions click Add excluded path A window for selecting the path will open Initially the path selection pane at the top contains the following buttons 6 Type a file name opens the file name entry field to add a path to file to close the field click the button again e o File System opens the list of Dr Web LiveUSB file system partitions As you view file system objects the buttons for the directories Ta AN ax 3 Using Scanner from Graphic Shell 27 passed bread crumbs appear on the path selection pane at top of the window Click a button to open the respective directory To add an object as a shortcut select necessary directories in the file system explorer and click Add button To remove a shortcut select the shortcut in the Places list and click Delete button You can use the shortcuts for navigation through the file system When done with selections click OK to add the selected directory to the list of objects to be excluded from scan and close the window or click Cancel to close the window without saving the changes To delete an object from the list select this object in the list of excluded paths and click Delete excluded path When you are done click Apply to save the changes and leave the dialog box open 3 1 2 Actions Tab On the Actions tab you can adjust reactions of the program on detected virus threats or some other malware See Figure 11 By default the R
31. ng scan of archives packed files and mailboxes recursive search heuristic analysis etc is sufficient for everyday diagnostics and can be used in typical cases You can also use hyphen postfix to disable some parameters as it was explained above Disabling scan of archives and packed files will significantly decrease antivirus protection level because in archives especially self extracting enclosed in e mail attachments viruses are distributed Office documents potentially susceptible to infection with macro viruses Word Excel are also dispatched via e mail in archives and containers 54 Ta N ax 4 Using Console Scanner When you run Scanner with default parameters no cure actions and no actions for incurable and suspicious files are taken For these actions to be performed you must specify corresponding command line parameters explicitly Set of actions parameters may vary in particular cases We recommend the following e cu cure infected files and system areas without deletion moving or renaming infected files e icd delete incurable files e spm move suspicious files e spr rename suspicious files When Scanner is started with Cure action specified it will try to restore the previous state of infected object It is possible only if detected virus is known virus and cure instructions for it are available in virus database though even in this case cure attempt may fail if infe
32. okmarks Tools Help gt GQ ER r tourmn drneb con Getting Started B Latest Headlines a Products Solutions Dr Web AV Desk Estore Downloads Supp 1 2 a Dr Web AV Desk yy the best service product A Ip J oN by PC Magazine Russia 2 2 2 Mail Client The inbuilt Sylpheed mail client will enable you to carry on e mail correspondence in full volume See Figure 7 An account at the mail drweb com server is preinstalled in the Sylpheed mail client to enable user send messages You can create additional accounts to maintain correspondence To create a new account select Configuration menu gt Create new account Enter all information necessary to enable mail transfer such as sender s e mail address mail sending and receiving parameters SMTP and POP3 protocols respectively and Ta N ax 2 Dr Web LiveUSB Graphic Shell accompanying information To work with several accounts you can create separate mailboxes To do this select File menu gt Mailbox gt Add mailbox In the e mail box properties specify what account is to be used on the context menu of the mailbox select Properties gt Compose tab gt Account drop down list gt specify the account Figure 7 Mail client l DrWeb syipheed 250 File Edit View Message Tools Configuration Help cet cet all compose v Folder All s Search Mailbox MH Inbox
33. or suspicious files are found in archives emails or containers the program applies the assigned action to the whole object and not to a single file inside the object The Scanner can detect the following types of malware Adware used to display advertisements Dialers used to create an unauthorized connection to paid Internet sites over the dial up modem Jokes may scare or distract the user Riskware potentially harmful programs which may be used by the intruder Hacktools programs intended to facilitate unauthorized access to computers When you are done click Apply to save the changes and leave the dialog box open 3 1 3 Checking Tab All main Scanner settings are located on the Checking tab of the Scanner main window See Figure 12 Here you can save necessary settings load the settings from the user configuration file drweb ini and access Advance options section with advanced Scanner settings 3 Using Scanner from Graphic Shell 30 Figure 12 Checking settings DrWeb Scanner Options gP General A Actions Checking ia Programs Support Check mode O Fast check Full check Advanced model This mode is intended for A experienced users only Save Settings It allows to adjust the parameters which determine the checking thoroughness level manually Click the Advanced Options button below Se to customize the parameters Advanced Options Load Settings
34. rn to the main window of the Scanner and discard the changes 3 1 1 General Tab By default the main options window opens on the General tab See Figure 10 At the top of the General tab you can specify the path to the Scanner In the Path to Scanner entry field type the path or click the button D and select the path via the file system explorer Using the sane algorithm specify the path to the license key file in the Path to key entry field if necessary As usual the path to the Scanner specified by default is correct and there is no need to change it Clear the Save all settings at exit checkbox if you want the settings to be saved in the configuration file only by clicking the Save settings button refer to Checking tab By default this checkbox is selected and the settings are saved every time the Scanner is closed 25 3 Using Scanner from Graphic Shell 26 Figure 10 General options DrWeb Scanner Options amp General A Actions Checking Programs Support Path to Scanner opt drweb es M Save all settings at exit Scanner Excluded paths proc sfa Add excluded path Isys Idev Delete excluded path root drweb Path to key jopt drweb drweb32 key bn Browse set default ok Apply X cancel You can specify the list of paths which you do not what to scan To add a certain directory to the
35. rs 5 Reporting a bug 37 38 40 42 43 44 45 48 50 50 52 56 5 Ta J N ax 1 Introduction 1 Introduction Dr Web LiveUSB is an anti virus solution designed to restore the system after it was crippled as a result of virus or malware activity To protect the system from such situations it is necessary to have constant reliable protection using the most advanced anti virus technologies The Dr Web cutting edge technologies provide solid anti virus protection for your home computer office network and large corporate networks The Dr Web solutions are distinguished for their low system requirements compactness operation speed and reliability in detection of all types of malware Doctor Web company offers the following solutions for constant protection against viruses malware and spam e Protection of corporate networks Dr Web Enterprise Security Suite e Protection of workstations clients of terminal servers clients of virtual servers and clients of inbuilt systems Dr Web Desktop Security Suite e Protection of file servers and application servers both virtual and terminal Dr Web Server Security Suite e Protection of mail Dr Web Mail Security Suite e Protection of SMTP and internet gateways Dr Web Gateway Security Suite e Protection of mobile devices Dr Web Mobile Security Suite For more information about company products visit the Dr Web official web site 1
36. s ARJ CAB GZIP RAR TAR ZIP etc d delete m move r rename archives containing infected objects n archiver name output disabled Archives can be in simple tar or compressed forms 52 Ta J N ax 4 Using Console Scanner tar bz2 tbz cn d m r n scan files in containers HTML RTF PowerPoint d delte m move r rename containers containing infected objects n container type output disabled ml d m r n scan files in mailboxes d delete m move r rename mailboxes containing infected objects n mailbox type output disabled up n scan executable files packed with LZEXE DIET PKLITE EXEPACK n packer type output disabled ex diagnostics using file masks see FilesTypes parameter in configuration file ha heuristic analysis search for unknown viruses Actions parameters determine what actions must be performed if infected or suspicious files are detected They include cul di m r cure infected files d delete m move r rename infected files ic d m r actions for incurable files d delete m move r rename incurable files spl d m r actions for suspicious files d delete m move r rename suspicious files adw d ml r i actions for files containing adware d delete m move r rename i ignore dls di m r i actions for dialers d delete m move r r
37. t of parameters In the following example drive C is being checked S opt drweb drweb path win C 51 Ta J N ax 4 2 4 Using Console Scanner Command Line Parameters Dr Web Scanner supports numerous command line parameters They are separated from specified path by white space and are prefixed by hyphen To get complete list of parameters start drweb component with h or help parameters Main program parameters can be classified in the following way Scan scan area parameters diagnostics parameters actions parameters interface parameters area parameters determine where the virus check must be performed They include path specify path for scan Several paths can be specified in one parameter lt file gt check objects listed in the specified file Plus instructs Scanner not to delete files from the list of objects after scan is completed List file may contain paths to directories that must be scanned regularly or list of files to be checked only once sd recursive search and scan of files in subdirectories starting from the current directory fl follow links both to files and directories Links causing loops are ignored mask ignore masks for file names Diagnostics parameters determining what types of objects must be scanned for viruses al scan all files on specified drive or in specified directory ar d m r n scan files in archive
38. text editor 10 2 Dr Web LiveUSB Graphic Shell Dr Web Live CD Click an area for details You can start the main components by e double clicking the icon of the respective component on the desktop by default basic components are represented on the desktop e clicking the icon of the respective component in the taskbar except for the file manager and Dr Web Scanner for Linux e selecting the respective component on the system menu To open the system menu click the system menu amp button in the taskbar User Manual 11 Ta ax 2 Dr Web LiveUSB Graphic Shell 12 E Dr Web Scanner Report Bug Help 6 Network gt P Settings gt pe Utility gt Restart Shut Down Eject amp Shut Down Exit Click a command for info You can access the desktop context menu named Openbox by right clicking the desktop Openbox Applications p Desktops gt OpenBox Config Exit Click an area for info For information on how to use Dr Web Scanner for Linux select Help fromthe system menu or use the Help menu of the Scanner main window After the graphic shell has been loaded the main window of Dr Web Scanner for Linux opens by default Dr Web Scanner for Ta 2 N 2 Dr Web LiveUSB Graphic Shell Linux is designed to check all Windows root partitions for viruses 2 1 Settings The Dr Web LiveUSB settings are available through the Settings item of the system
39. uction 8 To view the License Agreement follow the corresponding link in the program window default browser will be started Press Generate Dr Web LiveUSB to create a boot flash drive 5 Files will start to copy automatically 6 Press Exit to close the program window Create Emergency System Recovery Disk on a USB drive Dr Web LiveUSB created successfully Dr Web LiveUSB created successfully To load with emergency recovery disk restart computer and choose Load from flash drive in boot menu Generate Dr Web LiveUSB 1 3 System Requirements Minimum system requirements to start the Dr Web LiveUSB anti virus solution e i386 processor e Minimum 128 MB of RAM 64MB to load in safe mode e a USB flash drive with minimum 256 MB of free space To boot from USB flash drive BIOS of your computer must support USB HDD as a boot device Ta J N ax 1 Introduction 1 4 Launching Dr Web LiveUSB Make sure that your computer is set up to boot from the USB flash drive created with Dr Web LiveUSB At start a menu is displayed from which you can select the load mode Using the arrow keys on your keyboard select one of the following options and press ENTER e To launch the GUI version of the Dr Web LiveUSB anti virus solution select DrWeb LiveUSB To launch the command line version of the Dr Web LiveUSB anti virus solution select DrWeb LiveUSB Safe Mode e To load your computer from the h
40. w keys select one of the following items from the menu and press ENTER Ta J N ys 4 Using Console Scanner e Start Xorg to launch the GUI version of the Scanner e Start Shell to bring up the command line e Start Midnight Commander to launch the inbuilt file manager e Start Dr Web Scanner to start scanning all hard disk partitions with default settings e Start Dr Web Update to update the virus databases e Choose Language to change the interface language e Xorg Configuration to adjust parameters of the X Window system if it was not configured automatically e Network Configuration to adjust network parameters if the network was not configured automatically e Report Bug to send information about a bug in the product to the developers e Restart to reboot the computer e Shut Down to shut down the computer without ejecting the disk e Eject amp Shut Down to eject the disk and shut down the computer If you want to start scanning with special options select Start Shell This will bring up the command line in the bottom of the screen To run console Scanner you can use the following command opt drweb drweb path lt path gt command line parameters where lt path gt is the path to scanned directory or the mask for checked files When Scanner is started only with lt path gt argument without any parameters specified it scans the specified directory using the default se
Download Pdf Manuals
Related Search