User Manual
Contents
1. 3 Using Scanner from Graphic Shell 42 Kbytes Smaller archives are scanned regardless of the compression ratio e Max file size to extract by default is set to 1024 Kbytes Larger archives will not be unpacked Figure 19 Archive tab F DrWeb scanner Advanced options Paths File types Log file Archive other Max compression ratio 5000 la Max archive nesting level a S Compression check threshold 5000 2 Kb Max file size to extract 1024 kb amp Set default Ok apply X Cancel 3 2 5 Other Tab On the Other tab you can set parameters to adjust the computer workload select Updater timeout and enable the heuristic analyser See Figure 20 In the Scan priority group of option buttons you can select the priority of the scanning process compared to other system processes In the Timeout entry field you can edit the default awaiting time of the updating utility when trying to connect to the update 7 ax A AN 3 Using Scanner from Graphic Shell 43 server Selecting the Heuristic analysis checkbox enables the heuristic analyser mode a method of virus detection based on the analysis of actions specific for viruses In the heuristic analyser mode false positives are possible All A objects detected by the heuristic analyser have the suspicious status The analyser is automatically enabled if you choose the Full check mode and disabled in t2. 44 47 49 49 51 55 57 5 Ta J N ax 1 Introduction 1 Introduction Dr Web LiveCD is a software product based on the standard Dr Web anti virus scanner It alows to restore the system when loading a computer from a hard drive is impossible due to high virus activity Using the emergency anti virus assistance disk you can not only clean your computer from infected and suspicious files but also attempt to cure infected objects Dr Web LiveCD is distributed as a boot disk with a portable Linux based operating system and inbuilt software intended to facilitate computer scanning and curing working with the file system viewing and editing text files viewing web pages and sending and receiving e mail messages Thus Dr Web LiveCD provides access to computer resources both when it is impossible to load the system from a hard drive and when there exists a need in a convenient customizable interface for details about this variant of usage see Creating Boot Flash Drives for Dr Web LiveCD You can load Dr Web LiveCD in one of the following modes e standard GUI mode e safe mode with the command line interface Console Scanner The standard mode is preferable because of its user friendly interface and improved functionality The bigger part of this manual describes working in this GUI mode The safe mode is intended for experienced users familiar with Unix based operating systems and is used when the GUI fail
3. to shut down the computer without ejecting the disk e Eject amp Shut Down to eject the disk and shut down the computer If you want to start scanning with special options select Start Shell This will bring up the command line in the bottom of the screen To run console Scanner you can use the following command opt drweb drweb path lt path gt command line parameters where lt path gt is the path to scanned directory or the mask for checked files When Scanner is started only with lt path gt argument without any parameters specified it scans the specified directory using the default set of parameters In the following example drive C is being checked S opt drweb drweb path win C 50 Ta J N ax 4 2 4 Using Console Scanner Command Line Parameters Dr Web Scanner supports numerous command line parameters They are separated from specified path by white space and are prefixed by hyphen To get complete list of parameters start drweb component with h or help parameters Main program parameters can be classified in the following way Scan scan area parameters diagnostics parameters actions parameters interface parameters area parameters determine where the virus check must be performed They include path specify path for scan Several paths can be specified in one parameter lt file gt check objects listed in the specified file Plus
4. Desk For more information about company products visit the Dr Web official web site 1 2 System Requirements Minimum system requirements to start the Dr Web LiveCD anti virus solution e i386 processor e Minimum 128 MB of RAM 64MB to load in safe mode e a CD ROM DVD ROM or flash drive with minimum 128 MB of free space 7 Ta J N ax 1 Introduction 1 3 Launching Dr Web LiveCD Make sure that your computer is set up to boot from the CD drive in which the disk with Dr Web LiveCD is inserted or from any other data carrier on which Dr Web LiveCD is stored At start a menu is displayed from which you can select the load mode Using the arrow keys on your keyboard select one of the following options and press ENTER e To launch the GUI version of Dr Web LiveCD select DrWeb LiveCD e To launch the command line version the Console Scanner select DrWeb LiveCD Safe Mode e To load your computer from the hard drive without launching Dr Web LiveCD select Local HDD cancel launching of Dr Web LiveCD launch the system from the 0 partition of the 0 drive hd0 0 e To test memory for example when you computer is extremely unstable and restarts at random select Test Memory Press TAB to edit each option manually 8 Ta J N ax 2 Dr Web LiveCD Graphic Shell 2 Dr Web LiveCD Graphic Shell The Dr Web LiveCD software includes a graphic shell with a window based interface similar t
5. Other File types F sie Add file type Delete file type ok apply X Cancel 3 2 3 Log File Tab On the Log file tab you can adjust logging parameters See Figure 18 On the Log File Name pane select whether the log should be kept by Dr Web LiveCD or by the system service e File name Dr Web LiveCD will log events to the file specified in the entry field You can edit the path to the log file in the entry field or click the button bo and choose the path via the file system explorer e Syslog the log will be kept by the Syslog system service If you select this method you can specify the logging facility and priority in the two drop down lists below Ta J N ax 3 Using Scanner from Graphic Shell The following log facilities are available Daemon Localo Local7 Kern User Mail You can select between the following priority levels for logging Info Notice Alert Warning A selected Limit log file size checkbox instructs that the log file must not exceed the size specified in the entry field to the right After the maximum has been reached old entries will be gradually deleted to give space to the new ones Clearing the checkbox will remove any limitation to the log file size selected and the default value in the Max log file size 512 Kb It is recommended to keep the default Limit log file size option unchanged In the Updater section you can edit the path to the log file of
6. a newbie to a guru Homepage http www ibiblio org mc Figure 8 File manager config drweb fbpanel icons idesktop local N MC mozilla N 1 O1 JO M 9 O7 NN YS 21 Ta AN ax 3 Using Scanner from Graphic Shell 3 Using Scanner from Graphic Shell This section describes Scanner parameters and settings and how to use it from a Graphic Shell 3 1 Main Options You can access the main options of the Scanner via the Options button on the toolbar or via the menu in the Scanner main window Settings gt Options In this window you can adjust the Scanner GUI specify actions taken upon detection of infected or suspicious objects and set up Scanner interaction with the OS and various modules of the anti virus complex See Figure 9 22 3 Using Scanner from Graphic Shell 23 Figure 9 Scanner main options DrWeb Scanner Options General A Actions Checking Programs Support Path to Scanner opt drweb M Save all settings at exit Scanner Excluded paths proc sfa Add excluded path sys Idev Delete excluded path root drweb Path to key jopt drweb drweb32 key bn Browse set default ok Apply X cancel Main settings are divided between several tabs e General general Scanner settings e Actions adjustment of program s reactions upon detection of virus
7. access the settings Or directly from the Scanner Settings menu select the Advanced mode option button Advanced options item in Settings menu becomes available Select it to access the settings EN UT The advanced options menu allows to adjust manually paths to directories used by the various Scanner components specify types of files for scan set up logging procedure etc See Figure 15 34 3 Using Scanner from Graphic Shell 35 Figure 15 Scanner advanced options DrWeb Scanner Advanced options Paths File types Log file Archive Other Virus databases froot drweb local bases vdb ob Add virus database root drweb local bases VDB em Delete virus database Engine path jroot drweb local lib drweb32 dll Update path root drweb update Temp path jroot drweb temp i amp Set default Ok apply X Cancel The advanced options are divided between several tabs e Paths specify the paths to main Scanner modules e File Types set the file types to be checked e Log File set logging parameters e Archive set limitations to actions to be applied to archives for safety reasons e Other adjust parameters managing computer workload select Updater s timeout and enable the heuristic analyzer In the bottom of the advanced options window the following controls are located e Set default discard the user settings and set the default one
8. click Add button To remove a shortcut select the shortcut in the Places list and click Delete button You can use the shortcuts for navigation through the file system When done with selections click OK to add the selected directory to the list of objects for scan and close the window or click Cancel to close the window without saving the changes To start scan of the selected objects click Start it will turn to the Stop button and scanning process will begin During scan the status bar in the bottom of the window reflects the current program activity for example loading of virus databases or the full path to the file being scanned at the moment To terminate scan click Stop it will turn to the Start button and scanning process will stop You can set additional parameters before scan such as scan mode check severity level actions over detected objects etc For more information on the Scanner settings please refer to the Main Options section 3 3 2 Scan Results Scan results are shown as a table in the bottom of the Scanner main window See Figure 23 There you can find information on infected and suspicious objects found during the scan their location their reasons to be included into the current selection and actions performed by the program over these objects Items in the list of detected objects are displayed in a hierarchical order if a virus is found inside an archive then the archive is displayed as a nod
9. desktop context menu named Openbox by right clicking the desktop Openbox Applications p Desktops gt OpenBox Config Exit Click an area for info For information on how to use Dr Web Scanner for Linux select Help fromthe system menu or use the Help menu of the Scanner main window After the graphic shell has been loaded the main window of Dr Web Scanner for Linux opens by default Dr Web Scanner for Ta J N 2 Dr Web LiveCD Graphic Shell 12 Linux is designed to check all Windows root partitions for viruses 2 1 Settings The Dr Web LiveCD settings are available through the Settings item of the system menu and include the following options e Menu Configuration which allows you to configure appearance of the taskbar e NetWorks Configuration which allows you to configure network e Openbox Configuration Manager which allows you to configure the GUI e Xorg Configuration which allows to configure the X Window System To configure settings select a corresponding item in the menu The settings window opens Ta J ax 2 Dr Web LiveCD Graphic Shell 13 2 1 1 Taskbar Configuration This windows allows you to configure the position size and special effects in appearance of the taskbar on the General tab as well as configure installed GUI plugins on the Plugins tab See Figure 2 Figure 2 Taskbar configuration S f ppanel configurator olix General
10. search for unknown viruses Actions parameters determine what actions must be performed if infected or suspicious files are detected They include cul di m r cure infected files d delete m move r rename infected files ic d m r actions for incurable files d delete m move r rename incurable files spl d m r actions for suspicious files d delete m move r rename suspicious files adw d ml r i actions for files containing adware d delete m move r rename i ignore dls di m r i actions for dialers d delete m move r rename i ignore jok di ml r i actions for joke programs d delete m move r rename i ignore rsk di m rl i actions for potentially dangerous programs d delete m move r rename i ignore hck di m r i actions for hacktools d delete m move r rename i ignore Interface parameters configure Scanner report output v version output information about product and 52 Ta J N ax 4 Using Console Scanner Engine versions e ki output information about key file and its owner in UTF8 encoding only e foreground yes no enable Scanner to run in foreground or in background e ot output information to standard output stdout e og disable information output e ok display Ok for not infected files e log lt path to file gt lo
11. the updating utility Specify it in the Log file entry field or click the button gt and choose the path via the file system explorer In the Level of log drop down list you can select the required log verbosity level The following levels are available Debug Verbose Info Warning Error Quiet 40 3 Using Scanner from Graphic Shell 41 Figure 18 Log file tab DrWeb Scanner Advanced options Fic Paths File types Log file Archive Other Log File Name File name jroot drweb logs scanner log D Syslog M Limit log file size Max log file size 512 A Kb Updater Updater log root drweb logs updater log Level of log Warning c amp Set default ok apply X Cancel 3 2 4 Archive Tab On the Archive tab you can set limitations to actions which will be applied to archives for safety reasons See Figure 19 The parameters on the Archive tab are designed to protect the Scanner from mailbomb attacks They specify limiting values of various archive characteristics excess of which will lead to skipping these archives from scanning in order to avoid exhaustion of system resources Tf it is necessary to change the default settings edit the values in the following entry fields e Max compression ratio by default is set to 5000 e Max archive nesting level by default is set to 8 e Compression check threshold by default is set to 5000 Ta J N ax
12. the user configuration file drweb ini and access Advance options section with advanced Scanner settings 3 Using Scanner from Graphic Shell 29 Figure 12 Checking settings DrWeb Scanner Options gP General A Actions Checking ia Programs Support Check mode O Fast check Full check Advanced model This mode is intended for A experienced users only Save Settings It allows to adjust the parameters which determine the checking thoroughness level manually Click the Advanced Options button below Se to customize the parameters Advanced Options Load Settings LE set default f ok apply X cancel The Checking tab includes e Check mode pane e check modes description pane e settings control buttons A group of radio buttons named Check mode determines the scanning mode the check severity level Ta J N ax 3 Using Scanner from Graphic Shell e Fast check only the files which internal structure allows them to contain virus code are scanned archives and symlink objects are not scanned the heuristic analyzer is disabled The scanning process in this mode is a lot quicker than in the Full check mode at the expense of reduced protection reliability e Full check all selected objects are scanned including archives and symlink objects the heuristic analyzer is enabled This mode is recommended for everyday computer scanning It is s
13. threats or malware e Checking adjustment of scan modes for files possibility to save current settings and restore the defaults e Programs adjustment of interaction with other anti virus components and inbuilt programs e Support updates and technical support In the bottom of this window the following control buttons are located Ta J N ax 3 Using Scanner from Graphic Shell e Set default discard the user settings and set the default ones e Ok save the changes and return to the main window of the Scanner e Apply save the changes and stay in the settings window e Cancel return to the main window of the Scanner and discard the changes 3 1 1 General Tab By default the main options window opens on the General tab See Figure 10 At the top of the General tab you can specify the path to the Scanner In the Path to Scanner entry field type the path or click the button D and select the path via the file system explorer Using the sane algorithm specify the path to the license key file in the Path to key entry field if necessary As usual the path to the Scanner specified by default is correct and there is no need to change it Clear the Save all settings at exit checkbox if you want the settings to be saved in the configuration file only by clicking the Save settings button refer to Checking tab By default this checkbox is selected and the settings are saved every time the S
14. Add file type and Delete file type buttons are active only when the By type check mode is selected e By format files which internal structure allows them to contain viruses are scanned regardless of the names and extensions This mode is set by default when you select Fast check on the Checking tab of the Scanner settings section Below the pane you can select the following options to set up additional restrictions for the scanning process e Select the Follow symlinks checkbox if you want the Scanner to check the files symbolic links to which are included into the scan e Select the Check archives checkbox if you want the Scanner to unpack archives and check the files inside in the By format mode archives should have a suitable format in the By type mode the extension of both the archive and the scanned file should be in the File types list e Select the Check e mail files checkbox if you want the Scanner to check attachments to e mail messages Allthree of the above checkboxes are automatically selected in the Full check mode and cleared in the Fast check mode these modes are availble on the Checking tab of the settings section 38 3 Using Scanner from Graphic Shell 39 Figure 17 File types tab Scan mode O all EXE COM OV O By format BAT M Follow symlinks M Check archives M Check e mail files 4 Set default DrWeb Scanner Advanced options ci Paths File types Logfile Archive
15. I busy i type sdf2 i 238 86M 17 i W95 FAT32 LBA To create a boot flash automatically 1 Connect the flash drive It takes maximum ten seconds for a connection to be registered In the graphic shell double click the Create Live USB 4 icon on the desktop or run create usb command in the console CreateLiveUSB will detect all available partitions automatically Select the suitable partition and press ENTER Files will start to copy automatically Ta AN ax 6 Reporting a bug 6 Reporting a bug If you use graphic shell then to send a report about some bug in program operation you must do the following pass to the main options section of the Scanner using the Options button on the toolbar or using the menu in the Scanner main window Settings gt Options in the main options section select Support tab press the Bug report button on this tab after that an inbuilt mail client will be started with the message template already opened in the Subject field give a brief description of the problem encountered and in the message body describe the problem in every detail including the steps to be made to reproduce it send the message using the default e mail account If you use console then to send a report about a bug use the following algorithm using the arrow keys select the Report Bug items from the Start Menu and press ENTER a console text editor nano will open where you can des
16. Plugins Position Edge Bottom ail Allignment Left Margin o 2 Size Width 100 of edge Height 30 3 pixels cd Effects C Transparency Properties M Set Dock Type M Do not cover by maximized windows O Autohide apply close Ta J i ax 2 Dr Web LiveCD Graphic Shell 14 Position Specify values for the following parameters e the taskbar position on the screen Edge e alignment of the taskbar elements Alignment e the taskbar margine Margine Size Adjust the the taskbar width Width and Height Effects Adjust the taskbar Transparency and Color settings Properties Specify values for other parameters e type of the taskbar Set Dock Type e taskbar covering options Do not cover by maximized windows e hiding options Autohide 2 1 2 NetWorks Configuration This window allows you to configure IP protocol settings manually or receive them via DHCP See Figure 3 2 Dr Web LiveCD Graphic Shell 15 Figure 3 Networks configuration Fr petlua Host drweb com localdomain IP Addr 192 168 DHCP OK PILE Domain none Name 255 0 Cancel Ta 2 AN 2 Dr Web LiveCD Graphic Shell 16 ys 2 1 3 Openbox Configuration Manager This window allows you to configure the Openbox GUI including colour schemes desktop parameters etc See Figure 4 Figure 4 Openbox configuration m Openbox Configuration Mana
17. User Manual 2003 2010 Doctor Web All rights reserved This document is the property of Doctor Web No part of this document may be reproduced published or transmitted in any form or by any means for any purpose other than the purchaser s personal use without proper attribution TRADEMARKS Dr Web the Dr WEB logo SplDer Mail SpIDer Guard Curelt the Dr WEB INSIDE logo are trademarks and registered trademarks of Doctor Web in Russia and or other countries Other trademarks registered trademarks and company names used in this document are property of their respective owners DISCLAIMER In no event shall Doctor Web and its resellers or distributors be liable for errors or omissions or any loss of profit or any other damage caused or alleged to be caused directly or indirectly by this document the use of or inability to use information contained in this document Dr Web LiveCD Version 5 0 2 User Manual 04 02 2010 Doctor Web Head Office 2 12A 3rd str Yamskogo polya Moscow Russia 125124 Web site www drweb com Phone 7 495 789 45 87 Refer to the official web site for regional and international office information Doctor Web Doctor Web develops and distributes Dr Web information security solutions which provide efficient protection from malicious software and spam Doctor Web customers can be found among home users from all over the world and in government enterprises small companies and nationwid
18. anner window DrWeb Scanner og File Settings Help Lleam ex x Bec oh ada ME 0 Delete M Scan subdirectories File Status gt star To add an object to or remove an object from the list of objects for scan either click Add or Delete Ta ax 3 Using Scanner from Graphic Shell 46 1 The Delete button becomes available once you select an object If you do not want the Scanner to check a certain object but you want it to remain in the scanning list clear the checkbox next to this object When you click Add a window opens where you can select objects to scan See Figure 22 Figure 22 File Manager window areg Jelx Ed Create Folder Places Name Y Modified Recently Used root File system hda add OK Cancel Initially the path selection pane at the top contains the following buttons Type a file name open the file name entry field to add a file to close the field click the button again o File System open the list of Dr Web LiveCD file system partitions Ta J N ax 3 Using Scanner from Graphic Shell 47 As you view file system objects the buttons for the directories passed bread crumbs appear on the path selection pane at top of the window Click a button to open the respective directory To add an object as a shortcut select necessary directories in the file system explorer and
19. atabase A window for adding a database will open By default the list contains only two file masks vdb VDB i e files with the vdb or VDB extensions only You can also specify only one symbol to point to files with any extensions To delete a database from the Virus databases list select it and click Delete virus database If necessary you can edit paths to the engine the update directory and the temporary files directory in the corresponding input fields or select these paths via the file system explorer by clicking the button gt next to the relevant field 3 2 2 File Types Tab On the File Types tab you can set up restrictions on the types of files to be checked by the Scanner See Figure 17 On the Scan mode pane set the selection method for files to scan using the group of option buttons e All all files are scanned regardless of their types and internal structure This mode is set by default when you select Full check on the Checking tab of the Scanner settings section By type only files with the extensions specified in the File types list are scanned Executable files and files containing macros are on the list by default To add an extension to the list click Add file type specify the necessary extension in the opened window and then click Apply To delete an extension from the list select it and click Delete file type 37 Ta J N ax 3 Using Scanner from Graphic Shell The
20. bjects or click Select all to select all objects and click Cure or Delete 48 Ta gt AN a 4 Using Console Scanner 49 4 Using Console Scanner This section helps you get started using the Console Scanner 4 1 Starting a Scanning After launching in the safe mode the Start Menu appears See Figure 24 Start Menu Welcome to Dr Web LiveCD Start Xorg Start Shell Start Midnight Commander Start Dr Web Update Choose Language Xorg Configuration Network Configuration Report Bug Restart Shut Down Eject amp Shut Down Copyright c Igor Daniloff 1992 20809 Using the arrow keys select one of the following items from the menu and press ENTER Ta J N ys 4 Using Console Scanner e Start Xorg to launch the GUI version of the Scanner e Start Shell to bring up the command line e Start Midnight Commander to launch the inbuilt file manager e Start Dr Web Scanner to start scanning all hard disk partitions with default settings e Start Dr Web Update to update the virus databases e Choose Language to change the interface language e Xorg Configuration to adjust parameters of the X Window system if it was not configured automatically e Network Configuration to adjust network parameters if the network was not configured automatically e Report Bug to send information about a bug in the product to the developers e Restart to reboot the computer e Shut Down
21. can use the shortcuts for navigation through the file system When done with selections click OK to add the selected directory to the list of objects to be excluded from scan and close the window or click Cancel to close the window without saving the changes To delete an object from the list select this object in the list of excluded paths and click Delete excluded path When you are done click Apply to save the changes and leave the dialog box open 3 1 2 Actions Tab On the Actions tab you can adjust reactions of the program on detected virus threats or some other malware See Figure 11 By default the Report action is set for all types of objects Information on all the detected objects is displayed in the report field of the Scanner main window see the Scan Results section You can select actions to be applied to the certain types of objects manually using the Cure and Delete buttons under the report field 3 Using Scanner from Graphic Shell Figure 11 Actions settings DrWeb Scanner Options amp General A Actions Checking Programs Support Infected Cure Malware Suspicious Report Les Adware Report c Incurable Report Le Dialers Report Le Infected archives Report S Jokes Report s Infected containers Delete re Riskware Report re Infected mail Report a Hacktools Report db set default ok apply X cancel You can change the program s reactio
22. canner is closed 24 3 Using Scanner from Graphic Shell 25 Figure 10 General options DrWeb Scanner Options amp General A Actions Checking Programs Support Path to Scanner opt drweb es M Save all settings at exit Scanner Excluded paths proc sfa Add excluded path Isys Idev Delete excluded path root drweb Path to key jopt drweb drweb32 key bn Browse set default ok Apply X cancel You can specify the list of paths which you do not what to scan To add a certain directory to the list of exclusions click Add excluded path A window for selecting the path will open Initially the path selection pane at the top contains the following buttons 6 Type a file name opens the file name entry field to add a path to file to close the field click the button again o File System opens the list of Dr Web LiveCD file system partitions As you view file system objects the buttons for the directories Ta AN ax 3 Using Scanner from Graphic Shell 26 passed bread crumbs appear on the path selection pane at top of the window Click a button to open the respective directory To add an object as a shortcut select necessary directories in the file system explorer and click Add button To remove a shortcut select the shortcut in the Places list and click Delete button You
23. cribe the encountered problem after finishing the description press CTRL X to exit the text editor before exit you will be prompted to make a decision whether you want to send the bug report or not and press the corresponding key Y to send a report N to discard it 57 2003 2010 Doctor Web
24. e which contents you can expand and collapse 3 Using Scanner from Graphic Shell Figure 23 Scan results DP Webiscanner File Settings Help Dam e x x Bec add MB 0 Delete M Scan subdirectories File Status O cyDocuments and Settings Copy doc _ infected with W97M Belyash O 4 CDocuments and Settings 1 doc com infected with EICAR Test File NOT a Virus i C Program Files adware exe contains an advertising software Adware Dudu M C Program Files upx exe infected with Win32 HLLPJeefo 36352 gt ML Dymessagestbb archive MAIL v M DyMailbase archive MAIL eicar com infected with EICAR Test File NOT a Virus gt EB Dybase64 eml archive MAIL Select all Clear list ga Cure 8 Delete Below the report field is a row of buttons where you can select the desired action for every object in the list Cure or Delete The Cure action is not available for archives containers and mail files If there some other action different from Report was specified for a certain type of detected objects on the Actions tab of Scanner settings section then the result of this action will be shown in the Status colurm When the Cure action is assigned for an object and this object appears to be incurable then the action specified for incurable objects on the Actions tab will be applied To select a desired action for certain found objects manually select o
25. e corporations Dr Web antivirus solutions are well known since 1992 for continuing excellence in malware detection and compliance with international information security standards State certificates and awards received by the Dr Web solutions as well as the globally widespread use of our products are the best evidence of exceptional trust to the company products We thank all our customers for their support and devotion to the Dr Web products Aq P aN A Yy v Table of Contents 1 Introduction 6 1 1 Dr Web Anti Virus Protection 6 1 2 System Requirements 7 1 3 Launching Dr Web LiveCD 8 2 Dr Web LiveCD Graphic Shell 9 2 1 Settings 12 2 1 1 Taskbar Configuration 13 2 1 2 NetWorks Configuration 14 2 1 3 Openbox Configuration Manager 16 2 1 4 X Window Configuration 17 2 2 Inbuilt Applications 18 2 2 1 Browser 18 2 2 2 Mail Client 19 2 2 3 File Manager 21 3 Using Scanner from Graphic Shell 22 3 1 Main Options 22 3 1 1 General Tab 24 3 1 2 Actions Tab 26 3 1 3 Checking Tab 28 3 1 4 Programs Tab 31 3 1 5 Updating and Technical Support 32 3 2 Advanced Options 34 3 2 1 Paths Tab 36 Ta AN aX 3 2 2 File Types Tab 3 2 3 Log File Tab 3 2 4 Archive Tab 3 2 5 Other Tab 3 3 Antivirus Scan 3 3 1 Starting a Scan 3 3 2 Scan Results 4 Using Console Scanner 4 1 Starting a Scanning 4 2 Command Line Parameters 5 Creating Boot Flash Drive 6 Reporting a bug 37 39 41 42 43
26. figuration file in the GUI section settings of the GUI module are stored For more information about the configuration file refer to the Dr Web Anti virus for Linux documentation 3 1 4 Programs Tab On the Programs tab you can adjust Scanner interaction with the other components of Dr Web LiveCD See Figure 13 The Programs tab includes three panes e Updater contains information necessary for Updater adjustment e Mail used for adjustment of call options for the mail client e Browser used for adjustment of call options for the web browser On the top Updater pane e If necessary you can edit the path to the directory with the updating utility To do this specify the path in the Path to directory with file update pl entry field or click the button gt and select it via the file system explorer e If a proxy server is used to receive updates type the login and password to the proxy server in the Proxy login and Proxy password entry fields correspondingly On the Mail pane you can type a command to start the mail client in the batch mode and edit it if necessary Under the entry field you can find possible parameters to be used with this command and their descriptions On the Browser pane you can type a command to start the 31 Ta rt ax 3 Using Scanner from Graphic Shell browser and edit it if necessary Under the entry field you can find possible parameters to be used with this comma
27. ger CIE Theme Theme Appearance O Inactive Windows M Clearlooks ene Normal Move amp Resize Disabled Selected Mouse Desktops Clearlooks Olive Margins Selected Dock m Inactive E Pa Install a new theme fe Create a theme archive obt EA Ta gt AN a 2 Dr Web LiveCD Graphic Shell 17 2 1 4 X Window Configuration This window allows you to configure the system screen resolution type of the video driver and the mouse keys for shifting the keyboard layout See Figure 5 X Window configuration 1 xorg lie BQIE Mouse Keyboard Serial House Ctri Shift Video Monitor vmware 10 8 Cancel Ta 2 N s 2 Dr Web LiveCD Graphic Shell 18 2 2 Inbuilt Applications This section describes applications available within the Dr Web LiveCD anti virus solution Access to these applications can be gained via Network and Utility options of the system menu The Utility option on the system menu opens the drop down list e Create Live USB create boot flash drive e Leafpad open the inbuilt text editor notepad e Midnight Commander open the file manager e Terminal open the command line terminal The Network option on the system menu opens the drop down list e Firefox open the inbuilt browser e Sylpheed open the inbuilt mail client 2 2 1 Browser Even though y
28. gging to specified file e ini lt path to file gt path to alternative configuration file e lng lt path to file gt path to alternative language file You can use hyphen postfix to disable the following parameters ar cu ha ic fl ml ok sd sp For example if you start Scanner with the following command drweb path lt path gt ha heuristic analysis enabled by default will be disabled By default if Scanner configuration was not customized and no parameters were specified Scanner starts with the following parameters ar ha fl ml sd Default Scanner parameters including scan of archives packed files and mailboxes recursive search heuristic analysis etc is sufficient for everyday diagnostics and can be used in typical cases You can also use hyphen postfix to disable some parameters as it was explained above Disabling scan of archives and packed files will significantly decrease antivirus protection level because in archives especially self extracting enclosed in e mail attachments viruses are distributed Office documents potentially susceptible to infection with macro viruses Word Excel are also dispatched via e mail in archives and containers 53 Ta N ax 4 Using Console Scanner When you run Scanner with default parameters no cure actions and no actions for incurable and suspicious files are taken For these actions to be performed you must specify co
29. he Fast check mode Figure 20 Other tab DrWeb Scanner Advanced options Paths File types Log file Archive Other Scan priority O High Normal Low Updater Timeout 90 sec I M Heuristic analysis 4 Set default Ok apply X Cancel Click an area for details 3 3 Antivirus Scan This sections describes how to scan your file system for viruses Ta J N ax 3 Using Scanner from Graphic Shell 44 3 3 1 Starting a Scan Dr Web Scanner for Linux can be started in one of the following ways e Automatically after the graphic shell is loaded e Using the desktop icon e Using of the corresponding item of the system menu After launch the Scanner main window opens See Figure 21 The Scanner allows to check all types of Windows partitions FAT FAT32 NTFS for viruses By default all available partitions of the hard drive are selected for scanning 7 ax A AN 3 Using Scanner from Graphic Shell 45 It is strongly recommended to update the Dr Web virus databases before scanning To do this click the Update Bases button By default all the subdirectories in selected directories are scanned If you want to scan only files in certain selected directories and partitions excluding the content of the enclosed directories in spite of the possible infection clear the Scan subdirectories checkbox Figure 21 Main Sc
30. instructs Scanner not to delete files from the list of objects after scan is completed List file may contain paths to directories that must be scanned regularly or list of files to be checked only once sd recursive search and scan of files in subdirectories starting from the current directory fl follow links both to files and directories Links causing loops are ignored mask ignore masks for file names Diagnostics parameters determining what types of objects must be scanned for viruses al scan all files on specified drive or in specified directory ar d m r n scan files in archives ARJ CAB GZIP RAR TAR ZIP etc d delete m move r rename archives containing infected objects n archiver name output disabled Archives can be in simple tar or compressed forms 51 Ta J N ax 4 Using Console Scanner tar bz2 tbz cn d m r n scan files in containers HTML RTF PowerPoint d delte m move r rename containers containing infected objects n container type output disabled ml d m r n scan files in mailboxes d delete m move r rename mailboxes containing infected objects n mailbox type output disabled up n scan executable files packed with LZEXE DIET PKLITE EXEPACK n packer type output disabled ex diagnostics using file masks see FilesTypes parameter in configuration file ha heuristic analysis
31. lower than the Fast check mode but provides a much higher level of protection e Advanced mode in this mode you can manually adjust the parameters which determine the check severity level It is intended primarily for experienced users When this mode is selected the Advanced Options button becomes available in the bottom left of the tab Click the button to adjust the parameters see the Advanced Options section When you select any mode its detailed description is given in the right part of the tab To save changes to the settings in the configuration file click Save Settings The new settings will now be used each time program starts or settings are loaded from the user configuration file If you restart your system without saving the new settings any changes made to the configuration file will be lost and all the parameters will be reset to the default as when Dr Web LiveCD A was written to the disk or another medium Please note that if you select the Save all settings at exit checkbox on the General tab the settings will be saved automatically every time the Scanner is closed To load the settings from the configuration file click Load Settings 30 Ta J N ax 3 Using Scanner from Graphic Shell When the program starts settings from the configuration file are A loaded automatically Use the Load Settings button only to discard the new changes to the settings you have made In the program s con
32. n case you receive a notification that the browser or the mail client is not found at the attempt to follow any of the links above adjust properly paths to the executable files of the browser and mail client To do this on the Settings menu select Options gt Programs and enter necessary data Figure 14 Support tab Dr Web Scanner Options amp General _A Actions Checking jf Programs Support O Update www drweb com Forum V7 Request to support Bug report 4 44 0 10060 lt API 2 2 gt 5 0 0 12182 lt API 2 2 gt Shell version Engine version Copyright c Igor Daniloff 1992 2009 Virus databases dwr50005 vdb dwr50004 vdb Lt 200 ee Total viruses records 576023 Last update time unknown Key file Jopt drweb drweb32 key Key file number Send file for check Working period unknown LE set default of ok apply X cancel 33 Ta 2 AN 3 Using Scanner from Graphic Shell 3 2 Advanced Options Experienced users may adjust scanning parameters by themselves in the Advanced options section To set individual scanning parameters 1 On the Scanner Settings menu select Options and then select the Checking tab 2 On the Check mode pane select Advanced mode 3 The Advanced Options button in the bottom left of the window becomes available Click the button to
33. n on detected virus threats or malware on the Actions tab To do this select the necessary action from the drop down list near the respective type of object Depending of the threat type these lists contain different sets of available actions e Report report about the detected threat in the report field of the Scanner main window e Cure try to cure the file and restore it to the state before the infection If curing is impossible then the action specified for incurable objects will be applied e Delete delete the file 27 Ta N ax 3 Using Scanner from Graphic Shell 28 When infected or suspicious files are found in archives emails or containers the program applies the assigned action to the whole object and not to a single file inside the object The Scanner can detect the following types of malware Adware used to display advertisements Dialers used to create an unauthorized connection to paid Internet sites over the dial up modem Jokes may scare or distract the user Riskware potentially harmful programs which may be used by the intruder Hacktools programs intended to facilitate unauthorized access to computers When you are done click Apply to save the changes and leave the dialog box open 3 1 3 Checking Tab All main Scanner settings are located on the Checking tab of the Scanner main window See Figure 12 Here you can save necessary settings load the settings from
34. nd and their descriptions When you are done click Apply to save the changes and leave the dialog box open 3 1 5 Updating and Technical Support On the Support tab you can update virus databases contact technical support send information about a bug or a suspicious file for check to Dr Web and view program info See Figure 14 The left pane of the Support tab contains buttons to perform the folowing actions Start the Updater Click Update Open the Dr Web official Web site Click www drweb com Open the Dr Web forum in the web browser window Click Forum The inbuilt browser will open at the page of the Dr Web forum Send a request to the technical support Click Request to support The inbuilt browser will open at the page of the Dr Web support service Report a bug by e mail Click Bug report The inbuilt mail client will open to send a mail message Send files that are probably infected by unknown viruses for analysis to the Dr Web laboratory Click Send file for check A file manager window will open The right pane of the Support tab contains info about the version of the program loaded virus databases last update time and license key number This information is refreshed after every update 32 7 ax A AN 3 Using Scanner from Graphic Shell To update Dr Web virus databases visit the aforementioned web sites send e mail messages and files a connection to the Internet is required I
35. o the Linux operating system GUI By default the desktop with the Dr Web trademark for the background contains icons of applications included in Dr Web LiveCD The taskbar a horizontal bar in the bottom contains e System menu button amp e Quick Launch icons for inbuilt applications e Desktop switching icons e Icons of currently used applications e System clock in the right corner Dr Web LiveCD includes the following basic applications e Dr Web Scanner for Linux e Firefox browser e Sylpheed mail client e Midnight Commander file manager e command line terminal to work directly from under the graphic shell e Leafpad text editor 9 2 Dr Web LiveCD Graphic Shell Dr Web Live CD Click an area for details You can start the main components by e double clicking the icon of the respective component on the desktop by default basic components are represented on the desktop e clicking the icon of the respective component in the taskbar except for the file manager and Dr Web Scanner for Linux e selecting the respective component on the system menu To open the system menu click the system menu amp button in the taskbar User Manual 10 Ta ax 2 Dr Web LiveCD Graphic Shell 11 E Dr Web Scanner Report Bug Help 6 Network gt P Settings gt pe Utility gt Restart Shut Down Eject amp Shut Down Exit Click a command for info You can access the
36. our computer cannot be loaded from the hard drive the Mozilla Firefox web browser included in Dr Web LiveCD will allow you to view web sites and save the pages See Figure 6 You will be able to view the saved pages after the OS is fully restored and loaded Ta AN 2 Dr Web LiveCD Graphic Shell 19 ys An Internet connection via the Local Area Network is required to A access the web pages with the inbuilt browser The browser default start page is the Doctor Web official web site Figure 6 Inbuilt Browser Dr Web tnnovstion Bre Antivirus end entlepem protection Melle tir es File Edt View History Bookmarks Tools Help gt GQ ER r tourmn drneb con Getting Started B Latest Headlines a Products Solutions Dr Web AV Desk Estore Downloads Supp 1 2 a Dr Web AV Desk yy the best service product A Ip J oN by PC Magazine Russia 2 2 2 Mail Client The inbuilt Sylpheed mail client will enable you to carry on e mail correspondence in full volume See Figure 7 An account at the mail drweb com server is preinstalled in the Sylpheed mail client to enable user send messages You can create additional accounts to maintain correspondence To create a new account select Configuration menu gt Create new account Enter all information necessary to enable mail transfer such as sender s e mail address mail sending and receiving paramete
37. pansion With action Move enabled Scanner will move infected or suspicious files to the quarantine directory 54 Ta J N ax 5 Creating Boot Flash Drive 5 Creating Boot Flash Drive Dr Web LiveCD may be used as a portable operating system customized according to the certain user needs to enable access to data on any computer regardless of the OS and software installed To save and reuse individual settings created during a session in Dr Web LiveCD it is necessary to write Dr Web LiveCD files to a flash memory For this purpose the CreateLiveUSB command is used In spite of the fact that CreateLiveUSB does not change or delete the content of devices it is recommended to save the files from the flash drive you are going to use to another data carrier before running the command To enable load of Dr Web LiveCD it is not required to write the product to a CD disk and have a CD drive available You may use a virtual machine with a CD drive emulator instead All Dr Web LiveCD files are written to the boot directory CreateLiveUSB may change the configuration of the partitions of the flash drive if necessary the original configuration is saved to the boot partition backup file CreateLiveUSB copies the MBR on the flash drive the original master boot record is saved to the boot mbr backup file See Figure 25 55 5 Creating Boot Flash Drive 56 Figure 25 Create LiveUSB Create LiveUSB device size
38. rresponding command line parameters explicitly Set of actions parameters may vary in particular cases We recommend the following e cu cure infected files and system areas without deletion moving or renaming infected files e icd delete incurable files e spm move suspicious files e spr rename suspicious files When Scanner is started with Cure action specified it will try to restore the previous state of infected object It is possible only if detected virus is known virus and cure instructions for it are available in virus database though even in this case cure attempt may fail if infected file is seriously damaged by virus If infected files are found inside archives they will not be cured deleted moved or renamed To cure such files you must manually unpack archives to the separate directory and instruct Scanner to check it When Scanner is started with action Delete specified it will delete all infected files from disk This option is suitable for incurable irreversibly damaged by virus files Action Rename makes Scanner replace file extension with a certain specified extension by default i e first extension symbol is replaced with symbol Enable this parameter for files of other OS e g DOS Windows detected heuristically as suspicious Renaming helps to avoid accidental startup of executable files in these OS and therefore prevents infection by possible virus and its further ex
39. rs SMTP and POP3 protocols respectively and Ta N ax 2 Dr Web LiveCD Graphic Shell accompanying information To work with several accounts you can create separate mailboxes To do this select File menu gt Mailbox gt Add mailbox In the e mail box properties specify what account is to be used on the context menu of the mailbox select Properties gt Compose tab gt Account drop down list gt specify the account Figure 7 Mail client l DrWeb syipheed 250 File Edit View Message Tools Configuration Help cet Get all compose v Folder All s Search Mailbox MH Inbox v 8 Subject From Date Size S Sent C Drafts S Queue amp Trash 8 v From Subject Dr Web Sylpheed provides a secure connection to the mail server through the SSL and TLS protocols When your OS is damaged and you cannot use your customary tools this mail client included in Dr Web LiveCD will alow you to keep up a correspondence through your registered e mail account until the problem is solved 20 Ta J N ax 2 Dr Web LiveCD Graphic Shell 2 2 3 File Manager The inbuit Midnight Commander file manager is similar to the Norton Commander file manager See Figure 8 By using full screen display mode it provides an intuitive user interface to the operating system and serves as a useful tool for operations with files suitable for users with any level of experience from
40. s e Ok save the changes and return to the main window of the Scanner A AN 1 v A A Y 3 Using Scanner from Graphic Shell e Apply save the changes and stay in the settings window e Cancel return to the main window of the Scanner and discard the changes 3 2 1 Paths Tab By default the advanced options window opens on the Paths tab See Figure 16 Figure 16 Paths tab DrWeb Scanner Advanced options AE Paths File types Log file Archive Other Virus databases root drweb local bases vdb sfe Add virus database root drweb local bases VDB em Delete virus database Engine path jroot drweb local lib drweb32 dll Update path jroot drweb update Temp path jroot drweb temp amp Set default Ok 45 apply X Cancel In the Virus databases list the location of databases with virus records is specified By default the databases are located in the directory specified during the program installation The Updater module automaticaly puts updated databases to this directory However if you wish to connect some additional databases manually you must add them to the Virus databases list The database files which have a non standard extension should also be added to this list even if they are located in the default directory 36 Ta AN ax 3 Using Scanner from Graphic Shell To add a database to the Virus databases list click Add virus d
41. s to load Working with the console shell is described in the last part of this manual 1 1 Dr Web Anti Virus Protection Dr Web LiveCD is an anti virus solution designed to restore the system after it was crippled as a result of virus or malware activity 6 Ta ax 1 Introduction To protect the system from such situations it is necessary to have constant reliable protection using the most advanced anti virus technologies The Dr Web cutting edge technologies provide solid anti virus protection for your home computer office network and large corporate networks The Dr Web solutions are distinguished for their low system requirements compactness operation speed and reliability in detection of all types of malware Doctor Web company offers the following solutions for constant protection against viruses malware and spam e Protection of corporate networks Dr Web Enterprise Suite e Protection of workstations Dr Web Security Space 5 0 Dr Web for Windows 5 0 Dr Web for Linux Dr Web Console Scanners e Protection of file servers Dr Web for Windows Dr Web for Unix Dr Web for Novell NetWare e Protection of mail Dr Web for MS Exchange Dr Web for IBM Lotus Domino Dr Web for MIMEsweeper e Protection of SMTP gateways Dr Web Mail Gateway e Protection of Internet gateways Dr Web for Unix e Protection of mobile devices Dr Web for Windows Mobile e Internet service for providers Dr Web AV
Download Pdf Manuals
Related Search