Copyright (c) 1997 - 2005 Kaspersky Lab

IMPORTANT NOTES

1. To manage Kaspersky Anti-Virus 5.0 for Windows File Servers using Kaspersky Administration Console, install a new version of Console Plug-in (klcfginst.exe) after installing the application and Kaspersky Administration Kit.

To install Kaspersky Administration Kit please refer to Chapter 3 "INSTALLING KASPERSKY ADMINISTRATION KIT" and Chapter 6.3 "Local installation of applications" of Kaspersky Administration Kit documentation.
  
2. To be able to cure Microsoft Outlook and Microsoft Outlook Express mail banks, you should have these program installed on your computer.

3. The %TEMP%\~1.tmp and %TEMP%\MSI57576.log files can remain in the user temporary folder if installation of Kaspersky Anti-Virus5.0 for Windows File Servers failes for some reason. The user can manually delete these files.

4. After updating Kaspersky Anti-Virus for Windows File Servers from 4.x to 5.0 version, you must restart your computer.

5. Use of environment variables while setting application parameters has some restrictions:
- while using environment variables from the command prompt both local and system variables are acceptable. In this case variables will be replaced by their real values by system command processor.
- while using environment variables to set parameters in administration system it is allowed to use system variables only, as only these variables will be available when tasks are executed under service control.

6. To intercept file operations the application uses klif.sys driver installed into \SYSTEM32\DRIVERS\ subfolder of the WINDOWS folder.

7. The length of updates retranslation folder name in anti-virus database update task is limited to 200 symbols. This constraint is caused by the necessity to create service subfolders in this folder during updates retranslation.


INTRODUCTION

1. Kaspersky Anti-Virus 5.0 for Windows File Servers protects file servers from the activities of malicious programs that interfere with the normal software operation and that damage information stored within computer file systems.

2. Technologies developed by Kaspersky Lab and used in Kaspersky Anti-Virus 5.0 for Windows File Servers allow for implementation of the following features:

- Real-time antiviral protection of the file system against harmful programs;
- Search and neutralization of harmful programs on demand;
- Blocking of dangerous scripts coming from the Internet;
- Isolation of suspicious objects in quarantine and saving copies of the initial documents in the backup storage;
- Maintenance of up-to-date status of antiviral bases of the application;
- Remote administration using Kaspersky Administration Kit centralized management system.


BASIC CAPABILITIES

1. Antiviral functionality

- Real-time monitoring of file system objects.
- On-demand check-up of file system objects.
- About 90 (in more than 200 versions) supported archives and installation systems! 
- More than 400 (in more than 1100 versions) supported utilities of packing executable modules!  
- Disinfection of file system objects, memory, and sectors.
- Check-up and disinfection of Microsoft Outlook and Microsoft Outlook Express mail bases.
- Cleaning files in the ZIP, ARJ, CAB, and RAR archives.
- Check-up of  VBScript and JavaScript scripts downloaded from the Internet.

2. Auxiliary functionality

- Remote installation of the application - without the active participation of a local administrator - with automatic registration on the administration server.
- Simultaneous installation of the application on several file servers via Kaspersky Administration Kit.
- Correct installation of the application if a previously installed antiviral software from another manufacturer is detected.
- Possibility of smooth update with replacement of previous versions 4.x
- Availability of a few scanning tasks with the possibility of both scheduling start-up and setting advanced parameters.
- Advanced mechanism of task scheduling.
- A special storage area for isolation of suspicious objects - Quarantine.
- A special storage area for isolation of original objects - Backup.
- Updating from the local folder or the centralized update relay server.
- Creating a local updating source for antiviral bases, urgent or all available updates of application modules.
- Increased update speed owing to automatic detection of the least busy Kaspersky Lab update server and to an algorithm for resuming update download in the event of disconnection.
- Update of the application components.
- Possibility of rolling back the antiviral bases.
- Joint operation within the comprehensive antiviral protection system; application control using administration server Kaspersky Administration Kit.
- Updating using proxy server requiring Basic or NTLM authentication. 
- Command line utility supporting updating, antiviral scanning and managing real-time protection.

3. User Interface

- Administrator interface established according to the Microsoft Management Console standard with the possibility of flexibly adjusting the application and available in Kaspersky CS Administration Kit.
- Easy settings for real-time protection with the possibility of selecting one of three preset levels of real-time protection: "maximum protection", "recommended", and "high speed".
- Event log with ability to set up filters of the registered events and the actions if the specified events occur: "save in Windows Event Log", "notification via E-mail", "notification via NET SEND", "OS command execution".


LIMITATIONS AND KNOWN ISSUES

1. Problems encountered when working with the quarantine and backup storages:

- Files with alternate NTFS streams cannot be quarantined.

2. Problems related to the application interface and the administration system:

- The trial and the commercial license keys, installed concurrently, cannot be deleted.

3. Problems that occur while updating:

- Updates cannot be performed using FTP servers via a proxy server if the proxy server does not process or does not output the extended data set in response to the HEAD command.

4. The functionality pertaining to trusted processes is limited while running under Microsoft Windows NT and Microsoft Windows 2000: 

- the application monitors actions performed by a trusted process over the file system for a short period (fraction of a second) after process start, and then the application discontinues activity control

- applications launched from a network resource will be monitored even if added to the list of trusted processes.

5.  When the application detects in archives objects belonging to Riskware type and the objects have to be added to the list of exceptions, you should modify the relevant exception path after that replacing the object’s path with *.

6. (for 64-bit version only) The program does not scan scripts executed in 64-bit version of Microsoft Internet Explorer without prior saving to disk. To resolve the problem, use the default 32-bit version of Microsoft Internet Explorer installed in the system.

7. (for 64-bit version only) Administration Console of Kaspersky Administration Kit is a 32-bit application run by the WOW64 subsystem, which limits the access of 32-bit applications to 64-bit binary modules in the %systemroot%\System32\ directory. The limitation prevents addition of executable modules of those 64-bit processes to the list of trusted processes. To resolve the problem, copy the modules to another directory and after their addition to the list modify the module paths accordingly.