Kaspersky ANTI-VIRUS 8.0 FOR MAC User Manual
USER GUIDE
P R O GR A M V ER S IO N : 8 . 0 C R I T I CA L F I X 2
Kaspersky Anti-Virus
for Mac
Dear User!
Thank you for choosing our product. We hope that this documentation will help you in your work and will provide answers
regarding this software product.
Any type of reproduction and distribution of any materials, including translation thereof, is allowed only by a written
permission of Kaspersky Lab.
This document and graphic images related to it can be used exclusively for information, non-commercial or personal
purposes.
Kaspersky Lab reserves the right to change the document at any time without notice. For the latest version of this
document refer to Kaspersky Lab's website at http://www.kaspersky.com/docs.
Kaspersky Lab assumes no liability for the content, quality, relevance or accuracy of any materials used in this document
for which the rights are held by third parties, or for the potential damages associated with using such documents.
This document involves the registered trademarks and service marks which are the property of their respective owners.
Revision date: 11/30/09
© 1997-2009 Kaspersky Lab ZAO. All Rights Reserved.
http://www.kaspersky.com
http://support.kaspersky.com
3
TABLE OF CONTENTS
KASPERSKY ANTI-VIRUS ........................................................................................................................................... 6
Hardware and software system requirements .......................................................................................................... 6
Distribution kit .......................................................................................................................................................... 7
Service for registered users ..................................................................................................................................... 7
Obtaining information about the application ............................................................................................................. 7
Sources of information to research on your own ................................................................................................ 8
Contacting Technical Support ............................................................................................................................ 9
Contacting Sales Department .......................................................................................................................... 10
INSTALLING AND REMOVING KASPERSKY ANTI-VIRUS ....................................................................................... 11
APPLICATION INTERFACE ....................................................................................................................................... 13
Main application window ........................................................................................................................................ 13
Application settings window ................................................................................................................................... 15
Kaspersky Anti-Virus icon ...................................................................................................................................... 15
Configuring the Kaspersky Anti-Virus interface ...................................................................................................... 16
QUICK START ............................................................................................................................................................ 18
What is the protection status of your computer? .................................................................................................... 18
How to Scan Your Computer for Viruses ............................................................................................................... 20
How to Perform a Quick Scan of Your Computer .................................................................................................. 20
How to Scan a File, Folder or Disk for Viruses ...................................................................................................... 21
How to update the application ................................................................................................................................ 21
MULTI-TASKED PROTECTION MANAGEMENT ....................................................................................................... 22
Disabling computer protection ............................................................................................................................... 22
Restoring protection on your computer .................................................................................................................. 23
Exporting and importing Kaspersky Anti-Virus settings.......................................................................................... 24
Exiting Kaspersky Anti-Virus .................................................................................................................................. 25
CREATING A PROTECTION SCOPE......................................................................................................................... 26
Selecting malicious programs to be monitored ...................................................................................................... 26
Trusted zone creation ............................................................................................................................................ 27
ANTI-VIRUS PROTECTION OF YOUR COMPUTER'S FILE SYSTEM ...................................................................... 30
Pausing / disabling file protection .......................................................................................................................... 30
Configuring file protection ...................................................................................................................................... 31
Selecting the file security level ................................................................ ......................................................... 32
Specifying the types of files to scan ................................................................................................................. 33
Creating a protection scope ............................................................................................................................. 35
Configuring additional settings ................................................................ ................................ ......................... 37
Selecting actions on objects ............................................................................................................................. 40
Restoring default file protection settings........................................................................................................... 41
File protection statistics.......................................................................................................................................... 42
SCANNING FOR VIRUSES ........................................................................................................................................ 43
Managing virus scan tasks ..................................................................................................................................... 43
Creating the list of objects to scan ......................................................................................................................... 45
Creating virus scan tasks ....................................................................................................................................... 46
Configuring virus scan tasks .................................................................................................................................. 48
K A S P E R S K Y AN T I - VI R U S
4
Selecting a security level .................................................................................................................................. 48
Specifying the types of objects to be scanned ................................................................................................. 50
Selecting actions on objects ............................................................................................................................. 52
Configuring the scan task schedule ................................................................................................................. 54
Running scan tasks under the user account .................................................................................................... 55
Assigning uniform scan settings to all tasks ..................................................................................................... 57
Restoring default scan settings ........................................................................................................................ 58
Virus scan statistics ............................................................................................................................................... 59
UPDATING THE APPLICATION ................................................................................................................................. 61
Starting the update ................................................................................................................................................ 62
Rolling back the latest update ................................................................................................................................ 62
Configuring the update........................................................................................................................................... 63
Selecting an update source .............................................................................................................................. 64
Selecting the update mode and objects ........................................................................................................... 65
Configuring the update task schedule .............................................................................................................. 66
Update distribution ........................................................................................................................................... 67
Actions after update ......................................................................................................................................... 68
Configuring proxy server settings .......................................................................................................................... 69
Update statistics .................................................................................................................................................... 71
LICENSE MANAGEMENT .......................................................................................................................................... 72
QUARANTINE ................................ ................................................................ ............................................................. 75
Actions on quarantined objects .............................................................................................................................. 75
Configuring quarantine settings ............................................................................................................................. 77
BACKUP ...................................................................................................................................................................... 78
Actions on backup copies ...................................................................................................................................... 78
Configuring the backup settings ............................................................................................................................. 79
REPORTS ................................................................................................................................................................... 81
Configuring the report settings ............................................................................................................................... 82
The Detected tab ................................................................................................................................................... 83
The Events tab ....................................................................................................................................................... 84
The Statistics tab ................................................................................................................................................... 84
The Preferences tab .............................................................................................................................................. 86
NOTIFICATIONS ......................................................................................................................................................... 87
HELP INFORMATION ................................................................................................................................................. 89
List of objects to scan by extension ....................................................................................................................... 89
Allowed file exclusion masks ................................................................................................................................. 91
Allowed exclusion masks according to the Virus Encyclopedia classification ........................................................ 92
USING THIRD-PARTY CODE ..................................................................................................................................... 93
CryptoEx LLC ........................................................................................................................................................ 93
Boost 1.30.0 library ................................................................................................................................................ 93
Libcurl 7.19.3 library............................................................................................................................................... 94
Libpng 1.2.8 library ................................................................................................................................................ 94
Libc library ............................................................................................................................................................. 95
Libstdc++ library .................................................................................................................................................. 105
Expat 1.2 library ................................................................................................................................ ................... 113
Growl 1/1/05 ........................................................................................................................................................ 114
T A B L E O F C O N T E N T S
5
Info-ZIP 5.51 library ............................................................................................................................................. 114
LZMA SDK 4.43 library ........................................................................................................................................ 115
RFC1321-based (RSA-free) MD5 LIBRARY library ............................................................................................. 115
Zlib 1.2 library ...................................................................................................................................................... 115
GCC 4.0.1 library ................................................................................................................................................. 116
Sound effects library ............................................................................................................................................ 125
KASPERSKY LAB ..................................................................................................................................................... 126
6
IN THIS SECTION:
Hardware and software system requirements ................................................................................................................... 6
Distribution kit ................................................................................................ ................................ .................................... 7
Service for registered users ............................................................................................................................................... 7
Obtaining information about the application ...................................................................................................................... 7
KASPERSKY ANTI-VIRUS
Kaspersky Anti-Virus for Mac (hereinafter referred to as Kaspersky Anti-Virus) is the new generation of information
protection solutions. It is designed to protect computers managed by Mac OS against viruses and malware. The following
functions are implemented in the application:
Real-time protection of your computer's file system, through: interception and analysis of attempts to access the
file system; disinfection, deletion and isolation of potentially infected objects for further analysis.
Searching and deactivating malicious code at the user's request: search and analysis of infected and potentially
infected objects in the designated scan areas; disinfection, deletion, or isolation of objects for further analysis.
The most useful virus scan tasks are included in the Kaspersky Anti-Virus package: full computer scan and
quick scan of critical areas.
Updating the databases and modules of Anti-Virus from Kaspersky Lab's update servers, creating backup
copies of all the updated files to allow a future roll back; copying the updates into a local source to allow other
networked computers to access them so as to reduce Internet traffic.
Quarantining potentially infected objects: saving potentially infected objects in the quarantine folder, re-scanning
them with updated databases, restoring objects from quarantine at the user's request.
Creating a copy of each infected object to store in the backup area before disinfecting or deleting it, so that it
can later be restored, preserving your valuable information.
Creating a detailed report on the performance of each Kaspersky Anti-Virus component.
Notifying the user about certain events which occur when Kaspersky Anti-Virus runs. You can select the
notification type for each event type: sound or pop-up message.
Kaspersky Anti-Virus boasts an easy-to-use interface, which ensures convenient access to any of the application's
features. You can change the appearance of Kaspersky Anti-Virus by using various graphic elements and selected color
schemes.
When working with Kaspersky Anti-Virus, you will be provided with complete information support: the application returns
messages on the protection status and offers detailed guidance. Security Assistant (see section "What is the protection
status of your computer?" on page 18) included in the application package can present a broad picture of current status
of computer's protection, and proceed to the immediate elimination of problems.
HARDWARE AND SOFTWARE SYSTEM REQUIREMENTS
Your computer should meet the following minimum requirements for Kaspersky Anti-Virus to run properly:
Intel-based Macintosh computer (PowerPC processor not supported);
512 MB free RAM;
K A S P E R S K Y AN T I - V I R U S
7
80 MB free hard drive space;
Mac OS X 10.4.11 operating system, or higher.
DISTRIBUTION KIT
You may purchase Kaspersky Anti-Virus (box edition) from our distributors or at an online store (such as
www.kaspersky.com, eStore section).
If you are purchasing the product in a box, the following will be included in the software product distribution kit:
sealed envelope with the Installation CD that stores product files and documentation in PDF format;
license agreement, which specifies the conditions of using the software product you have purchased.
Before breaking the seal on the installation disk envelope, carefully read through the EULA. If you cannot accept the
provisions of the License Agreement, you may return the box with the product to the distributor you have purchased it
from, and you will be refunded the sum you have paid for the product. In this case, the envelope with the installation CD
should remain sealed. Opening the envelope with the installation CD means acceptance of all the provisions of the
License Agreement.
When purchasing Kaspersky Anti-Virus online, you download the product from Kaspersky Lab website, which includes
this documentation. You will be sent a key file or activation code by email once payment has been made.
SERVICE FOR REGISTERED USERS
Kaspersky Lab offers a broad range of services allowing legal users to increase the efficiency of the application.
After purchasing the license you become a registered application user, so you can be provided the following services until
the license key expiration date:
Hourly update of application databases and provision of new versions of the software.
Consultation on issues regarding installation, configuration and use of the software product provided by phone
and email.
Notification of new software products release by Kaspersky Lab and of new viruses emerging all around the
world. This service is provided to users who have subscribed to Kaspersky Lab's news mail delivery at the
Technical Support Service website http://support.kaspersky.com/subscribe/.
Support on issues related to the performance and use of operating systems, third-party software and the operation of
other technology is not provided.
OBTAINING INFORMATION ABOUT THE APPLICATION
If you have any questions concerning the purchase, installation or use of Kaspersky Anti-Virus, answers are readily
available.
Kaspersky Lab provides a variety of information sources about the application. You can choose the most suitable,
according to the importance and urgency of your question.
K A S P E R S K Y AN T I - VI R U S
8
IN THIS SECTION:
Sources of information to research on your own ............................................................................................................... 8
Contacting Technical Support ........................................................................................................................................... 9
Contacting Sales Department .......................................................................................................................................... 10
SOURCES OF INFORMATION TO RESEARCH ON YOUR OWN
You can refer to the following sources of information about the application:
Page at the Kaspersky Lab website.
Page at the Technical Support Service website (Knowledge Base).
Kaspersky Lab products users forum.
Help system.
Documentation.
Page on the Kaspersky Lab website
This page (http://www.kaspersky.com/kaspersky-anti-virus-for-mac) will provide you with general information on the
application, its features and options. You can purchase Kaspersky Anti-Virus or extend your license in our eStore.
Application page on the Technical Support Service website (Knowledge Base)
Knowledge Base is a separate section of the Technical Support Service website
(http://www.kaspersky.com/support/kavmac), which provides recommendations for working with Kaspersky Lab's
products. This page contains articles published by Technical Support service specialists.
These articles provide useful information, recommendations and answers to frequently asked questions related to
the purchase, installation and use of Kaspersky Anti-Virus. These answers are grouped by topics, for example,
"Working with key files", "Updating the databases", or "Troubleshooting". The articles may answer questions, which
are related not only to Kaspersky Anti-Virus but also to other Kaspersky Lab products; they also may contain
Technical Support service news.
To switch to Knowledge Base, open the main application window (on page 13), click the button and in the
window that opens, use the Technical Support Service button.
Users forum
If your question does not require an urgent answer, you can discuss it with Kaspersky Lab's specialists and other
users in our forum (http://forum.kaspersky.com). It is also made into a separate section at the Technical Support
service website and contains Kaspersky Anti-Virus users' questions, feedback, and requests.
In this forum you can view existing topics, leave your comments, create new topics, and use the search engine.
To go to this resource, open the main application window (on page 13), click the button and in the window that
opens, use the Forum button.
Help system
K A S P E R S K Y AN T I - V I R U S
9
The complete Help system contains information on how to manage computer protection: view protection status, scan
various areas of the computer for viruses, and execute other tasks. To open the help file, select the
Help Kaspersky Anti-Virus Help System command in the Kaspersky Anti-Virus main menu, or click the
button in the main application window (on page 13).
If you have any questions regarding a separate window or tab of Kaspersky Anti-Virus, you can refer to the context
help. To open the context help, open the window or the tab you want, and press the button.
Documentation
The user guide for Kaspersky Anti-Virus contains detailed information on installing and using the application.
If you do not find a solution to your problem in the Knowledge Base, the Users forum, the help system or
documentation, we recommend that you contact Kaspersky Lab Technical Support (see section "Contacting
Technical Support" on page 9).
CONTACTING TECHNICAL SUPPORT
If you have already purchased Kaspersky Anti-Virus, you can obtain information about it from the Technical Support
Service, either by phone or through the Internet. Technical Support Service specialists will answer your questions on
installing and using the application, and if your computer has been infected, they will help you overcome the effects of
malware.
To view information on ways of receiving support for Kaspersky Anti-Virus, open the main application window (on
page 13) and click the button. Before contacting Technical Support Service, please read the support rules
(http://support.kaspersky.com/support/rules).
If problems occur when using Kaspersky Anti-Virus, first check if troubleshooting instructions for the problem are provided
in this documentation, help system, in the Knowledge Base on the Kaspersky Lab Technical Support website or on the
Users Forum (see section "Sources of information to research on your own" on page 8). If you do not find a solution to
your problem, we recommend that you contact Kaspersky Lab Technical Support.
Please note that you have to be a registered user of the commercial version of Kaspersky Anti-Virus to obtain technical
support. No support is provided to users of trial versions.
A new user is registered using the Activation assistant (see section "License management" on page 72), if you are
activating Kaspersky Anti-Virus using the activation code. Under this option, once registration is complete, a customer ID
will be assigned to you. Customer ID is a personal user ID, which is required for phone or web form-based technical
support.
If you are activating the Kaspersky Anti-Virus using a key file, you have to pass the registration procedure at the
Technical Support Service website.
The customer ID and password received when registering are needed to access your Personal Cabinet, your own section
at the Technical Support service website. In the Personal Cabinet you can:
Send requests to the Technical Support without prior registering.
Exchange messages with the Technical Support without using email.
Monitor requests in real time.
View the complete history of your requests to the Technical Support service.
Obtain a backup copy of the key file.
Requesting the Technical Support service by email
K A S P E R S K Y AN T I - VI R U S
10
To contact Technical Support Service, open the web form of the customer request processing system Helpdesk
(http://support.kaspersky.com/helpdesk.html). On the Technical Support Service page that opens, enter your Personal
Cabinet and fill in the request form.
You can send your question in Russian, English, German, French, or Spanish.
In order to send your question by email, specify the Customer ID obtained when registering at the Technical Support
service website, along with your password.
A Technical Support service specialist will reply to your request in your Personal Cabinet and at the email address you
have specified in your request.
Describe the problem you have encountered in the request web form providing as much detail as possible. Specify the
following in the required fields:
Request type. Select the subject that best matches the problem you have encountered, such as "Product
installation/uninstallation problem" or "Virus scan/removal problem". If you have not found an appropriate topic,
select "General question".
Application name and version number.
Request text. Describe the problem in as much detail as possible.
Customer ID and password. Enter the customer ID and the password you received when registering at the
Technical Support service website.
Email address. The Technical Support service will send an answer to your question at this email address.
Phone technical support
If you encounter an urgent problem, you can always call your local Technical Support service. Before contacting
specialists of the Russian (http://support.kaspersky.ru/support/support_local) or international
(http://support.kaspersky.com/support/international) Technical Support, please, collect information
(http://support.kaspersky.com/support/details) about your computer and anti-virus application installed on it. This will help
our support specialists solve your problem more quickly.
CONTACTING SALES DEPARTMENT
If you have questions about selecting or purchasing the application or extending your license, contact the Sales
Department specialists by email at sales@kaspersky.com.
11
INSTALLING AND REMOVING KASPERSKY ANTI-VIRUS
The Kaspersky Anti-Virus installation package includes the installation assistant and the uninstallation assistant.
To install Kaspersky Anti-Virus on your computer,
run the installation file (*.dmg) and select Anti-Virus Installation.
The installation assistant is a sequence of steps. You can switch between them using the Continue (go to the next
step of installation) and Go Back (go one step back) buttons. Let us take a closer look at the steps of installation:
1. Reading important information.
Please read the information about the application you are installing and make sure that your computer
meets the system requirements specified. To print the information, click the Print button. To save the
information as a text file, click the Save button.
2. Reading License Agreement.
Please thoroughly read through the License Agreement for using Kaspersky Anti-Virus between you and
Kaspersky Lab. The text of the agreement is available in several languages.
To print the text of the agreement, click the Print button. To save the agreement as a text file, click
the Save button.
If you accept all the terms of the agreement, click the Continue button and confirm that you accept the
terms of license agreement in the window that opens. Kaspersky Anti-Virus installation will continue.
To return to the text of the license agreement, click the Read license button.
If the Disagree option is selected, installation will be interrupted.
3. Change install location.
This window contains the information about the disk, on which the application is to be installed, and the free
disk space needed for the installation.
If default settings of the installation meet your requirements, click the Install button and enter the
administrator's password to confirm the installation.
You can edit the default installation settings. To do this, click the Edit installation folder button and specify
another disk. To switch to custom installation of Kaspersky Anti-Virus, click the Preferences button.
4. Selecting installation type.
This step of the installation assistant will appear if the custom installation option is selected. You will be
offered to specify which application components should be installed on your computer.
Virus scan. Scan of objects from the user defined scan scopes. Please note that this component will
be unconditionally installed.
File Anti-Virus. Real-time scan of all objects being opened, executed or saved.
Finder Contextual Menu. Scan of objects displayed in Finder. Scan is started from the object
contextual menu.
K A S P E R S K Y AN T I - VI R U S
12
Once the components are selected, please click the Install button and enter the administrator's password to
confirm the installation.
To restore the default installation settings, click the Standard installation button.
5. Completing the installation.
The last window of the installation assistant displays information about the successful completion of the
installation process. To exit the installation assistant, click the Close button.
When the installation assistant is closed, Kaspersky Anti-Virus runs automatically. The computer does not
need to be restarted.
To remove Kaspersky Anti-Virus from your computer,
run the installation file (*.dmg) and select the Kaspersky Anti-Virus Uninstaller assistant.
The uninstallation assistant is a sequence of steps. You can switch between them using the Continue (go to the
next step of installation) and Go Back (go one step back) buttons. Let us take a closer look at the application
uninstallation procedure:
1. Reading important information.
Note that removing Kaspersky Anti-Virus exposes your computer to the risk of infection.
It is recommended that you process all objects stored in quarantine and backup, before starting the
uninstallation procedure. All stored objects that have not been processed will be deleted without any
opportunity to restore them in the future.
To start the uninstallation procedure, click the Delete button and enter the administrator's password to
confirm. The application will then be uninstalled.
2. Completing the uninstallation procedure.
The last window of the uninstallation assistant displays the information about the successful completion of
the uninstallation process. To exit the uninstallation assistant, click the Finish button. The computer does
not have to be restarted after the uninstallation.
13
IN THIS SECTION:
Main application window .................................................................................................................................................. 13
Application settings window ............................................................................................................................................. 15
Kaspersky Anti-Virus icon ................................................................................................................................................ 15
Configuring the Kaspersky Anti-Virus interface ............................................................................................................... 16
APPLICATION INTERFACE
Kaspersky Anti-Virus has a simple and easy-to-use interface. In this section we will take a closer look at its basic
elements: main application window, application settings window and the Kaspersky Anti-Virus icon.
You can change the appearance of the application by using various graphic elements and selected color schemes.
MAIN APPLICATION WINDOW
The basic functions of the main window (see the figure below) are: to inform the user of the computer's protection status
and of possible problems with protection, to provide information about the operation of Kaspersky Anti-Virus' components
(File Anti-Virus, virus scan and update tasks), and to provide access to the main tasks and the application settings
window.
Figure 1: Kaspersky Anti-Virus main window
The color of the main window indicates the current protection status. There are three possible values of the protection
status (see section "What is the protection status of your computer?" on page 18), each of which is associated with a stop
light color. Green indicates that your computer's protection is at an optimal level, while yellow and red warn of the
K A S P E R S K Y AN T I - VI R U S
14
Run Kaspersky Anti-Virus updater. This opens a report window with detailed information about the
task's execution.
Go to virus scan tasks: quick scan, full scan and scan for viruses in the user defined scope.
Switch to managing the licenses, needed to enable Kaspersky Anti-Virus. You can view information on
the current license key files, delete keys, and install new ones.
Open the window which displays the report about the operation of Kaspersky Anti-Virus, to access
quarantine and Backup.
Open the application settings window (on page 15).
Open the Kaspersky Anti-Virus built-in help.
Open the window with information on ways of obtaining technical support.
presence of various problems in the operation or configuration of the application. For more detailed information on these
problems and their quick elimination, use the Security Assistant (see section "What is the protection status of your
computer?" on page 18) that opens when you click on the color indicator.
In addition to the color indicator, the left part of the main window contains a block of text which describes the protection
status, and lists any security threats logged by the Security Assistant. If you have virus scan or update tasks running at
this time, information on their progress (as percentage completion) will also be displayed in the left part of the main
window.
The lower part of the window displays summary statistics on the operation of File Anti-Virus, and information about the
databases being used by the application.
From the main window you can start the Kaspersky Anti-Virus update, modify settings for virus scan tasks in specified
areas and run them, and manage the licenses. To do this, use these buttons:
The navigation bar is located in the upper part of the main window, and contains the following buttons:
A PPL I C A T I O N I N T E R F A C E
15
APPLICATION SETTINGS WINDOW
Kaspersky Anti-Virus settings window (see the figure below) may be accessed from the main window (see section "Main
application window" on page 13), by clicking the button, or by selecting Preferences from the application menu,
which will open if you click the Kaspersky Anti-Virus icon (on page 15) in Dock or Mac OS Menu Bar.
Figure 2: Application settings window. File Anti-Virus
The buttons in the upper part of the settings window give you quick access to the settings of File Anti-Virus, of virus scan
tasks, of updates, and of Kaspersky Anti-Virus tools. To fine-tune certain settings, you will need to open the second- and
third-level settings windows.
To prevent users without administrator privileges from editing Kaspersky Anti-Virus settings, click on the lock icon in the
lower part of the window. You will need to enter the administrator's username and password to access the settings.
The button provides access to Kaspersky Anti-Virus help system with the description of settings for the current
application window.
KASPERSKY ANTI-VIRUS ICON
Immediately after Kaspersky Anti-Virus is installed, its icon appears in the Mac OS Menu Bar. The icon is in itself an
indicator for the application's operation mode. If the icon is active, this means that the computer protection against
malware in real-time mode is enabled. The inactive icon indicates that the protection is disabled. Additionally, the icon
provides access to the commands in Kaspersky Anti-Virus' main menu.
By default, the icon is located on the Mac OS Menu Bar. You can change the icon's location by replacing it onto the
Dock.
To move the application icon onto the Dock:
1. Open the application settings window (on page 15) and select the Appearance section (see figure below).
K A S P E R S K Y AN T I - VI R U S
16
2. In the Show application icon section select the In Dock option. Note that this modification will take place only
after Kaspersky Anti-Virus is restarted.
Figure 3: Application settings window. Appearance
If you selected the option of displaying application icon in MAC OS menu bar, the icon will not appear in Dock when the
application is started or main window is opened.
CONFIGURING THE KASPERSKY ANTI-VIRUS INTERFACE
Kaspersky Anti-Virus gives you the option of changing the appearance of the program by creating and using various
graphic elements and selected color schemes.
To configure Kaspersky Anti-Virus
open application settings window (on page 15) and select the Appearance tab (see figure below).
A PPL I C A T I O N I N T E R F A C E
17
All the colors, fonts, icons and texts used in the Kaspersky Anti-Virus interface can be changed. You can create your own
skins for the application, or localize it in another language. To activate a skin, specify the path to the folder in the Skin
field. To select a folder, use the Select button.
Figure 4: Application settings window. Appearance
Modifications applied to the Kaspersky Anti-Virus interface settings are not saved if you restore default settings or
uninstall the application.
18
IN THIS SECTION:
What is the protection status of your computer? ............................................................................................................. 18
How to Scan Your Computer for Viruses ......................................................................................................................... 20
How to Perform a Quick Scan of Your Computer ............................................................................................................ 20
How to Scan a File, Folder or Disk for Viruses ................................................................................................................ 21
How to update the application ......................................................................................................................................... 21
QUICK START
One of the main goals of Kaspersky Lab specialists when they designed the application was to ensure optimum
configuration of Kaspersky Anti-Virus to provide your computer with protection immediately after the installation.
You are advised to perform the following actions after completing the installation and starting the application on your
computer:
Activate your copy of Kaspersky Anti-Virus (see section "License management" on page 72). Using a licensed
version will let you update the application's databases on a regular basis, and access the Technical Support
Service.
Evaluate the current protection status (see section "What is the protection status of your computer?" on
page 18), to make sure that Kaspersky Anti-Virus ensures the appropriate level of protection.
Update Kaspersky Anti-Virus (see section "How to update the application" on page 21). Kaspersky Anti-Virus
databases should be kept up to date so that they are always ready to help detect and eliminate viruses or other
malware.
Scan your entire computer (see section "How to Scan Your Computer for Viruses" on page 20) for viruses.
If problems or errors occur in the application's operation, please view the report (see section "Reports" on page 81),
which may indicate the cause of failure. If you cannot solve the problem on your own, please contact Kaspersky Lab's
Technical Support Service (see section "Contacting Technical Support" on page 9).
WHAT IS THE PROTECTION STATUS OF YOUR COMPUTER?
Your computer's protection status gives you a summary of your computer's overall security level. These threats include
malicious programs detected and outdated application databases, disabled File Anti-Virus, using minimum settings for
the Kaspersky Anti-Virus operation, etc.
Protection status is displayed in the main application window (see section "Main application window" on page 13) and is
depicted by the corresponding stop light color. Depending on the situation, the color scheme of the window will change,
and if any security threats are detected the color will be supplemented by informative messages.
The Traffic Light Colour can be:
Green. This status indicates that your computer is properly protected.
This means that the databases are updated, File Anti-Virus is enabled, Kaspersky Anti-Virus is running with the
settings recommended by Kaspersky Lab, and either no malicious objects have been discovered by a virus
scan, or all detected malicious objects have been disinfected.
Q U I C K S T A R T
19
Yellow. Your computer's protection is below the previous level. This protection status indicates that there are
problems in the performance or settings of Kaspersky Anti-Virus.
Such problems include, for example: slight deviations from the recommended operation settings, or the
Kaspersky Anti-Virus databases have not been updated for several days.
Red. Your computer is at serious risk of infection. This status indicates that there are problems which may lead
to the infection of your computer and the loss of data.
Such problems include, for example: a failure in File Anti-Virus' operation; the Kaspersky Anti-Virus databases
have not been updated for a long time; malicious objects have been detected and urgently need to be
disinfected, or the application has not been activated.
If there are problems in the protection system, you are advised to fix them immediately. To do this, use the Security
Assistant (see the figure below), which opens if you click on the color indicator in the main window. The Security
Assistant lets you review all the current threats and begin to eliminate them.
Figure 5: Security Assistant interface
To browse the list of existing threats, click the Continue or Go Back buttons. A detailed description is provided for each
threat, and the following actions are available:
Eliminate threat immediately.
To eliminate the threat, click the button with the recommended action. For example, if infected objects were
detected, the recommended action will be Disinfect infected objects, if databases are obsolete, the
recommended action will be Update databases. To obtain detailed information on this threat, you can view the
report file (see section "Reports" on page 81).
Postpone threat elimination.
If for any reason you cannot immediately eliminate the threat, you can postpone this action and return to it later.
To do this, use the Postpone button. Note that the second option is not available for serious threats. Such
threats include, for example, malicious objects not yet disinfected, File Anti-Virus operation failure, or corrupted
Kaspersky Anti-Virus database files.
K A S P E R S K Y AN T I - VI R U S
20
If you still have threats left after you have finished using the Security Assistant, the main window color will indicate
security problems. If you postpone the elimination of some threats, they will not be present in the list of active threats the
next time Security Assistant is opened. However, you can still return to view and eliminate postponed threats by clicking
the View postponed threats button in the last window of the Security Assistant.
HOW TO SCAN YOUR COMPUTER FOR VIRUSES
When installation is complete, Kaspersky Anti-Virus will notify you that the full computer scan has not yet been
performed, and will advise you to run the Full computer scan task immediately.
To open the Full computer scan task:
1. Open the main application window (on page 13) and click the button.
2. Run the Full Scan task. To view task execution results, open report window (see section "Virus scan
statistics" on page 59).
To view or edit current task settings:
1. Open the application settings window (on page 15) and select the Virus Scan tab.
2. Select the Full Scan task in the dropdown list on the left. In the right-hand part of the window edit the list of
objects to scan (see section "Creating the list of objects to scan" on page 45), view the settings that will be used
for a task: security level (see section "Selecting a security level" on page 48) and action (see section "Selecting
actions on objects" on page 52), that will be taken on dangerous objects. If required, configure a task launch
schedule (see section "Configuring the scan task schedule" on page 54).
HOW TO PERFORM A QUICK SCAN OF YOUR COMPUTER
Some areas on your computer are critical for security, such as the folders that contain operating system files and system
libraries. These areas are the main targets for malware which aims to damage your computer.
It is extremely important to protect these critical areas of your computer to ensure that it keeps running. For your
convenience, we have created a dedicated virus scan task for these areas.
To open the quick computer scan task:
1. Open the main application window (on page 13) and click the button.
2. Start the Quick Scan task. To view task execution results, open report window (see section "Virus scan
statistics" on page 59).
To view or edit current task settings:
1. Open the application settings window (on page 15) and select the Virus Scan tab.
2. In the list on the left, select the Quick Scan task. In the right-hand part of the window edit the list of objects to
scan (see section "Creating the list of objects to scan" on page 45), view the settings that will be used for a task:
security level (see section "Selecting a security level" on page 48) and action (see section "Selecting actions on
objects" on page 52), that will be taken on dangerous objects. If required, configure a task launch schedule (see
section "Configuring the scan task schedule" on page 54).
Q U I C K S T A R T
21
HOW TO SCAN A FILE, FOLDER OR DISK FOR VIRUSES
It is useful to be able to scan a part of your computer for viruses rather than the entire computer: for example, the hard
drive containing applications, games, or email databases which have been transferred from work.
To scan an individual object for viruses:
1. Open the main application window (on page 13) and click the button.
2. Select the Virus Scan task and in the window that opens, create the list of objects to scan (see section
"Creating the list of objects to scan" on page 45). To add the object to the scan scope, drag-n-drop it to the
window. To start the task, click the Start button. To view task execution results, open report window (see section
"Virus scan statistics" on page 59).
To view or edit current task settings:
1. Open the application settings window (on page 15) and select the Virus Scan tab.
2. In the list on the left, select the Virus Scan task. In the right-hand part of the window view the settings that will
be used for a task: security level (see section "Selecting a security level" on page 48) and action (see section
"Selecting actions on objects" on page 52) that will be taken on dangerous objects.
If you install an add-in module for the Finder context menu, you can start scan of any object from its contextual menu
directly. To do this, select Scan for viruses from the menu.
HOW TO UPDATE THE APPLICATION
Kaspersky Lab updates Kaspersky Anti-Virus databases and modules using dedicated update servers. Kaspersky Lab's
update servers are Kaspersky Lab's Internet sites to which the Kaspersky Anti-Virus updates are uploaded.
You will need an Internet connection to update Kaspersky Anti-Virus from these servers.
By default, Kaspersky Anti-Virus automatically checks for updates on Kaspersky Lab's servers. If a server contains a new
set of updates, Kaspersky Anti-Virus will download and install them in the background.
To update Kaspersky Anti-Virus,
open the main application window (on page 13) and click the button. As a result, Kaspersky Anti-Virus will start
updating.
22
IN THIS SECTION:
Disabling computer protection ......................................................................................................................................... 22
Restoring the protection on your computer ...................................................................................................................... 23
Exporting and importing Kaspersky Anti-Virus settings ................................................................................................... 24
Exiting Kaspersky Anti-Virus ........................................................................................................................................... 25
MULTI-TASKED PROTECTION MANAGEMENT
By default, Kaspersky Anti-Virus starts when the operating system starts and protects your computer during the entire
session. File-Anti-Virus' activity is indicated by the Kaspersky Anti-Virus icon (on page 15) in the Dock or in the Mac OS
Menu Bar. If the icon is active, your computer's protection is enabled, if the icon is inactive, the protection is disabled.
Kaspersky Lab specialists strongly recommend that you do not disable real-time protection provided by Anti-Virus since
this could lead to an infection of your computer and loss of data.
Note that the icon indicates the status of protection provided by File Anti-Virus (see section "Anti-virus protection of your
computer's file system" on page 30). Disabling or pausing File Anti-Virus does not impact the execution of virus scan
tasks (see section "Scanning for viruses" on page 43) or application updates (see section "Updating the application" on
page 61).
DISABLING COMPUTER PROTECTION
Disabling protection means stopping File Anti-Virus (see section "Anti-virus protection of your computer's file system" on
page 30). Virus scan (on page 43) and update (see section "Updating the application" on page 61) tasks will continue to
run.
If protection is fully disabled, it can only be re-enabled manually by the user. In this case, File Anti-Virus will not be
automatically enabled after the system or Kaspersky Anti-Virus restarts. Note that if Kaspersky Anti-Virus conflicts with
other program(s) installed on your computer, you can pause File Anti-Virus or create an exclusion list (see section
"Trusted zone creation" on page 27).
M U L T I - T A S K E D P R O T E C T I O N M A N A G E M E N T
23
There are several ways to disable computer protection:
Click the Kaspersky Anti-Virus icon (on page 15) in the Dock or in the Mac OS Menu Bar and select the Turn
Protection Off command from the menu that opens.
Figure 6: Disabling protection from the contextual menu
Open the application settings window (on page 15), select the Protection tab and uncheck the Enable File
Anti-Virus box.
Figure 7: Application settings window. File Anti-Virus
RESTORING PROTECTION ON YOUR COMPUTER
If you have paused or fully disabled your computer's protection, you can re-enable it in the following ways:
K A S P E R S K Y AN T I - VI R U S
24
From the menu that opens by clicking the Anti-Virus icon (see section "Kaspersky Anti-Virus icon" on page 15) in
the Mac OS Menu Bar or in the Dock. To do this, select the Turn Protection On item.
Figure 8: Enabling protection from the contextual menu
From the Security Assistant (see section "What is the protection status of your computer?" on page 18)
interface. You significantly increase the risk of infecting your computer if you pause or stop protection, so this
threat is immediately logged by the Security Assistant.
EXPORTING AND IMPORTING KASPERSKY ANTI-VIRUS
SETTINGS
Kaspersky Anti-Virus allows you to export and import its settings. This is useful if, for example, the application is installed
both on your home and office computers. You can configure the application to a convenient mode, save those settings in
a special configuration file on a disk, and then import them quickly onto your office workstation. Settings are stored in a
special configuration file.
To export current application settings:
1. Open the application settings window (on page 15) and select the Service section (see figure below).
2. In the Configuration manager section, click the Save button.
3. Enter the name of the configuration file and specify a location to save it.
To import settings from a configuration file:
1. Open the application settings window (on page 15) and select the Service tab (see figure below).
M U L T I - T A S K E D P R O T E C T I O N M A N A G E M E N T
25
2. In the Configuration manager section click the Load button and select the file you want to import Kaspersky
Anti-Virus settings from.
Figure 9: Application settings window. Service
EXITING KASPERSKY ANTI-VIRUS
If, for any reason, you need to close Kaspersky Anti-Virus, click the Kaspersky Anti-Virus icon (on page 15) in the Mac
OS Menu Bar or in the Dock, and select the Exit command in the menu that opens. The application will close, which
means that your computer will be running unprotected.
If you have closed Kaspersky Anti-Virus, you can enable the protection of your computer by loading the application
manually.
Protection can also be started automatically after restarting your operating system. To enable this mode, open the
application settings window (on page 15), select the Service section (see figure below) and check the Launch
application at startup box in the Autorun section.
Figure 10: Application settings window. Service
26
IN THIS SECTION:
Selecting malicious programs to be monitored ................................................................................................................ 26
Trusted zone creation ...................................................................................................................................................... 27
CREATING A PROTECTION SCOPE
Kaspersky Anti-Virus protection scope is defined on the Threats tab of the application settings window (see section
"Application settings window" on page 15). They include:
list of threats against which Kaspersky Anti-Virus will ensure the protection;
list of objects in the trusted area, which will be excluded from protection.
SELECTING MALICIOUS PROGRAMS TO BE MONITORED
Kaspersky Anti-Virus protects against various types of malware. Regardless of your settings, the application always
protects your computer against the most dangerous types of malware such as viruses, Trojans, and hack tools. These
programs may cause significant damage to your computer. To achieve a greater level of security for your computer, you
can expand the list of threats that the application will detect, so that it will monitor additional types of potentially
dangerous programs.
To select which malware types Kaspersky Anti-Virus will protect from, open the application settings window (on page 15)
and select the Threats tab (see the figure below).
The Malware categories section lists threat types, grouped by severity of threat:
Viruses, worms, Trojans, hack tools. This group contains the most common and dangerous categories of
malware. This is the minimum admissible security level. In accordance with the recommendations of Kaspersky
Lab experts, Kaspersky Anti-Virus always monitors this category of malware.
Spyware and Adware. This group includes potentially dangerous software that could cause inconvenience or
significant damage to a user.
Auto-dialers. This group includes programs, which set up hidden dial-up connections, such as adult services
auto-dialers.
Potentially dangerous software (riskware). This group includes programs that are not malicious or
dangerous, but which under certain circumstances could be used to cause harm to your computer.
The groups listed above govern the complete use of the Kaspersky Anti-Virus databases when scanning objects with File
Anti-Virus (see section "Anti-virus protection of your computer's file system" on page 30) and when scanning for viruses
(see section "Scanning for viruses" on page 43) on your computer.
If all groups are selected, Kaspersky Anti-Virus provides the maximum possible anti-virus protection for your computer. If
the first group is selected, the application will disregard riskware and other programs, which could be installed on your
computer, and which could cause you data loss or material damage.
C R E A T I N G A P R O T E C T I O N S C O P E
27
Kaspersky Lab does not recommend disabling monitoring of Spyware, Adware and Auto-dialers. If Kaspersky Anti-Virus
classifies a program as riskware which you do not consider dangerous, you can configure an exclusion for it (see section
"Trusted zone creation" on page 27).
Figure 11: Application settings window. Threats
TRUSTED ZONE CREATION
Trusted zone is a user-created list of objects which Kaspersky Anti-Virus does not monitor. In other words, it is a set of
exclusions from protection.
The user creates a trusted zone based on the features of the objects he or she uses and the programs installed on his or
her computer. You might need to create such an exclusion list if, for example, Kaspersky Anti-Virus blocks access to an
object or program which you know is safe.
Exclusion rules are sets of conditions under which Kaspersky Anti-Virus does not scan objects. You can exclude files
using several criteria: file format, file name using a file mask, location (for example, a folder or a program), program
processes, or using the Virus Encyclopedia threat type classification.
An excluded object will not be scanned when the disk or folder where it is located is being scanned. However, if you
select to scan this object specifically, the exclusion rule will not be applied.
Threat type is the status that Kaspersky Anti-Virus assigns to an object during the scan. The status is based on the
classification of malware and riskware listed in Kaspersky Lab's Virus Encyclopedia.
Riskware does not have any malicious function but can be used as an auxiliary component by malicious software, since
such programs contain holes and errors. This category includes, for example, remote administration programs, IRC
clients, FTP servers, various utilities for stopping processes or hiding them, keyloggers, password macros, and autodialers. Such programs are classified as not-a-virus. They can be divided into several types such as Adware, Joke, and
Riskware. (For more information about potentially dangerous programs, see the Virus Encyclopedia (www.viruslist.com)).
Based on the scan results, such programs may be blocked. Since several of them are widely used by users, you have the
option of excluding them from the scan. To do this, add the threat name or threat name mask as defined in the Virus
Encyclopedia to a trusted zone.
K A S P E R S K Y AN T I - VI R U S
28
To create an exclusion list:
1. Open the application settings window (on page 15) and select the Threats section (see figure below).
Figure 12: Application settings window. Threats
2. Click the Trusted zone button in the Exclusions section (see figure above). This will open the window
containing a list of objects excluded from protection (see figure below).
Figure 13: The list of exclusion objects
C R E A T I N G A P R O T E C T I O N S C O P E
29
To edit the exclusion rule you are using, select it from the list and click the Edit button. To delete a rule, click
the button. To add a new exclusion rule, click the button and specify the exclusion conditions in the
rule creation window (see figure below).
Object / All objects. Specify the exclusion object, which may be a file, a folder, or a file mask (see section
"Allowed file exclusion masks" on page 91). You can manually enter the object's name or the name mask in
the field, or browse for the object in the window that opens by clicking the Select button. If the All objects
option is selected, all objects on your computer which are of the threat type specified in the field below, will
be excluded from the scan.
Threat type / All threats. Exclude objects from scan based on the threat type assigned according to the
Virus Encyclopedia classification. To enter the name of the threat, use the values of the dropdown list: start
with, contain, end with, and specify the corresponding fragment of the name in the field to the right of the
list. For example, if the start with not-a-virus value is selected, then legal but potentially dangerous
programs will be excluded from scan. Specifying the name of the threat by mask (see section "Allowed
exclusion masks according to the Virus Encyclopedia classification" on page 92) is also admissible. If
the All threats value is selected, then all objects specified in the field above will be excluded from the scan,
regardless of the threat type assigned to them.
If both the exclusion object and the threat type are selected, the rule will apply as follows:
If you specify a certain file as the object and a certain status as the threat type, the specified file will
only be excluded if during the scan it is assigned the selected threat status.
If you select an area or folder as the object and a status (or a mask) as the threat type, objects with that
status will be excluded from the scan only in that area or folder.
Component / All components. Specify which Kaspersky Anti-Virus components should use the rule you
are creating: File Anti-Virus or Virus scan. If the All components option is selected, then all virus scan
tasks and File Anti-Virus will use this rule.
Figure 14: Creating an exclusion rule
30
IN THIS SECTION:
Pausing / disabling file protection .................................................................................................................................... 30
Configuring file protection ................................................................................................................................................ 31
File protection statistics ................................................................................................................................................... 42
ANTI-VIRUS PROTECTION OF YOUR COMPUTER'S FILE SYSTEM
Your computer's file system may contain viruses and other malicious programs that persist for years, having initially
penetrated the computer from a removable disk drive or from the Internet, and never causing any trouble. But once the
infected file is opened, the virus will be activated immediately.
File Anti-Virus is the component that monitors the computer's file system in real-time mode. By default, it launches on
operating system startup, stays in RAM, and scans all files that are opened, started or saved on your computer and all
associated disk drives.
The scan process comprises the following steps:
1. Each attempt by a user or a program to access any file is intercepted by the component.
2. File Anti-Virus scans the iSwift (see section "Configuring additional settings" on page 37) database for
information about the file. A decision whether to scan the file is made based on the information retrieved.
3. The file is analyzed for viruses. Malicious objects are recognized based on the Kaspersky Anti-Virus databases.
These databases contain descriptions of all the currently known malicious programs and the means to neutralize
them.
4. Following the analysis, one of the following Kaspersky Anti-Virus operation modes may be applied:
a. If a malicious code is detected in a file, File Anti-Virus blocks the file and attempts to disinfect it. After
successful disinfection, the file will become accessible. If disinfection fails, the file will be deleted. When the
file is disinfected or deleted, a copy of it is placed into the backup storage (on page 78).
b. If a code that is similar to a malicious one is detected in the file but cannot be proved to be definitely
malicious, the file will be placed into a special storage area called quarantine (on page 75). The application
will attempt to disinfect it later using updated databases.
c. If no malicious code is detected in the file, it will immediately become accessible.
PAUSING / DISABLING FILE PROTECTION
You can disable File Anti-Virus and file protection on your computer using one of the methods described below. However,
before doing so you should determine why you want to disable the component. It may be possible to solve your problem
in another way, such as by changing the security level (see section "Selecting the file security level" on page 32) or by
disabling protection only for certain files.
For example, if you are working with a database that you know to be free from viruses, just specify the folder containing
its files as an exclusion (see section "Trusted zone creation" on page 27).
Loading...