Kaspersky Lab WorkSpace Security EU ED, 25-49u, 3Y, RNW KL4851XAPTR ユーザーズマニュアル
製品コード
KL4851XAPTR
V
A L I D A T I N G
K
A S P E R S K Y
A
N T I
- V
I R U S S E T T I N G S
179
After you have added a prefix to the test "virus", save the new file under a different name, for example: eicar_dele.com.
Assign similar names to all modified "viruses".
Assign similar names to all modified "viruses".
Table 1.
Modifications of the test "virus"
Prefix
Object status
Object processing information
No prefix, standard
test "virus".
test "virus".
Infected.
Object contains code
of a known virus. You
cannot disinfect the
object.
Object contains code
of a known virus. You
cannot disinfect the
object.
The application identifies the object as a non-disinfectable virus.
An error occurs while attempting to disinfect the object; the action
performed will be that specified for non-disinfectable objects.
performed will be that specified for non-disinfectable objects.
CORR
–
Corrupted.
The application could access the object but could not scan it because
it is corrupted (for example, the file structure is corrupted, or the file
format is invalid). You can find the information that the object has
been processed in the report on application operation.
it is corrupted (for example, the file structure is corrupted, or the file
format is invalid). You can find the information that the object has
been processed in the report on application operation.
WARN
–
Suspicious.
Object contains code
of an unknown virus.
You cannot disinfect
the object.
Object contains code
of an unknown virus.
You cannot disinfect
the object.
The object has been found suspicious by the heuristic code analyzer.
At the time of detection, the Anti-Virus threat signature databases
contain no description of the procedure for treating this object. You
will be notified when an object of this type is detected.
At the time of detection, the Anti-Virus threat signature databases
contain no description of the procedure for treating this object. You
will be notified when an object of this type is detected.
SUSP
–
Suspicious.
Object contains
modified code of a
known virus. You
cannot disinfect the
object.
Object contains
modified code of a
known virus. You
cannot disinfect the
object.
The application detected a partial correspondence of a section of
object code with a section of code of a known virus. At the time of
detection, the Anti-Virus threat signature databases contain no
description of the procedure for treating this object. You will be
notified when an object of this type is detected.
object code with a section of code of a known virus. At the time of
detection, the Anti-Virus threat signature databases contain no
description of the procedure for treating this object. You will be
notified when an object of this type is detected.
ERRO
–
Scanning error.
An error occurred during a scan of an object. The application could
not access the object, since the integrity of the object has been
breached (for example, no end to a multivolume archive) or there is
no connection to it (if the object is scanned on a network resource).
You can find the information that the object has been processed in
the report on application operation.
not access the object, since the integrity of the object has been
breached (for example, no end to a multivolume archive) or there is
no connection to it (if the object is scanned on a network resource).
You can find the information that the object has been processed in
the report on application operation.
CURE
–
Infected.
Object contains code
of a known virus.
Disinfectable.
Object contains code
of a known virus.
Disinfectable.
Object contains a virus that can be disinfected. The application will
disinfect the object; the text of the "virus" body will be replaced with
the word CURE. You will be notified when an object of this type is
detected.
disinfect the object; the text of the "virus" body will be replaced with
the word CURE. You will be notified when an object of this type is
detected.
DELE
–
Infected.
Object contains code
of a known virus. You
cannot disinfect the
object.
Object contains code
of a known virus. You
cannot disinfect the
object.
The application identifies the object as a non-disinfectable virus.
An error occurs while attempting to disinfect the object; the action
performed will be that specified for non-disinfectable objects.
performed will be that specified for non-disinfectable objects.
You will be notified when an object of this type is detected.
T
ESTING THE
HTTP
TRAFFIC PROTECTION
In order to verify that viruses are successfully detected in data stream transferred via the HTTP protocol, please do
the following:
the following:
Try to download this test "virus" from the EICAR's official website at
When the computer attempts to download the test "virus", Kaspersky Anti-Virus will detect the object, identify it as an
infected object that cannot be disinfected, and will perform the action specified in the HTTP traffic settings for objects with
this status. By default, when you attempt to download the test "virus", the connection with the website will be terminated
and the browser will display a message indicating that the object is infected with the EICAR-Test-File virus.
infected object that cannot be disinfected, and will perform the action specified in the HTTP traffic settings for objects with
this status. By default, when you attempt to download the test "virus", the connection with the website will be terminated
and the browser will display a message indicating that the object is infected with the EICAR-Test-File virus.