Antivirus help

LANDeskAntivirus features are accessed from the Security Configurations tool window (Tools > Security > Security Configurations).

Antivirus lets you download and manage antivirus content (virus definition files); configure antivirus scans; and customize antivirus scanner display/interaction settings that determine how the scanner appears and operates on target devices, and which interactive options are available to end users. You can also view antivirus-related information for scanned devices, enable antivirus alerts, and generate antivirus reports.

The main section for LANDesk Antivirus introduces this complementary security management tool, which is a component of both LANDesk Management Suite and LANDesk Security Suite. In that section you'll find an overview, antivirus content subscription information, as well as step-by-step instructions on how to use Antivirus features.

This section contains the following online help that describes the Antivirus dialogs. From the console interface, these help sections are accessed by clicking the Help button on their respective dialog box:

Antivirus Download Updates help

About the LANDesk Antivirus page on the Download Updates dialog box

Use the LANDesk Antivirus page of the Download Updates dialog box to configure settings for downloading virus definition file updates from LANDesk Security Suite services. You can select to download Antivirus content (virus definition/pattern files), specify when virus definition files are available to distribute to managed devices (immediately or after a pilot test period), and whether definition files are backed up.

You should be aware that the Updates page of the Download updates dialog box includes several Antivirus updates in the definition type list, including one named LANDesk Antivirus Updates. When you select this type, both the scanner detection content AND the virus definition file updates are downloaded.

Antivirus updates are scanner definitions that detect:

NOTE: Antivirus scanner detection content versus virus definition content
Antivirus updates does not imply actual virus definition (or pattern) files. When you download third-party antivirus updates, only scanner detection content is downloaded to the default repository, but scanner-specific virus definition files are not downloaded. However, when you download LANDesk Antivirus updates, both the scanner detection content AND the LANDesk Antivirus-specific virus definition files are downloaded. LANDesk Antivirus virus definition files are downloaded to a separate location on the core server. The default virus definition file repository is the \LDLogon\Antivirus\Bases folder.

You must have the proper LANDesk Security Suite content subscription in order to download each type of security content.

A basic LANDesk Management Suite installation allows you to download and scan for LANDesk software updates, and to create and use your own custom definitions. For all other security content types, such as platform-specific vulnerabilities, spyware, and including virus definition (pattern) files, you MUST have a LANDesk Security Suite content subscription in order to download the corresponding definitions. For information about Security Suite content subscriptions, contact your reseller, or visit the LANDesk Web site.

After you specify the types of content you want to download and the other options on the Download updates dialog box:

NOTE: Task-specific settings and global settings
Note that only the definition types, languages, and definition and patch download settings are saved and associated with a specific task when you create it. Those three settings are considered task specific. However, all of the settings on the other pages of the Download updates dialog box are global, meaning they apply to all subsequent security content download tasks. Global settings include: patch download location, proxy server, spyware autofix, security alerts, and antivirus. Any time you change a global settings it is effective for all security content download tasks from that point on.

To save your changes on any page of this dialog box at anytime, click Apply.

The LANDesk Antivirus page contains the following options:

For a description of the options on the other pages of the Download updates dialog box, see About the Download Updates dialog box in the Patch and Compliance help section.

Antivirus tasks help

About the Create LANDesk Antivirus task dialog box

Use this dialog box to create a task that updates virus definition files, configures antivirus scans on target devices (with antivirus settings), or both. Antivirus settings determine scanner behavior, scanned objects, and end user options.

NOTE: On-demand antivirus scans

You can also run an on-demand antivirus scan on a device via the device's shortcut menu.

This dialog box contains the following options:

About the LANDesk Antivirus scan now task dialog box

Use this dialog box to run an immediate on-demand antivirus scan on one or more target devices.

  1. Right-click the selected device (or up to 20 multi-selected devices), and then click LANDesk Antivirus scan now.
  2. Select an antivirus settings.
  3. Specify whether to update virus definition files before scanning. (Note: This option automatically updates virus pattern files before the scan is launched, including virus definition files that currently reside in the pilot folder.)
  4. Click OK.

Antivirus settings help

About the LANDesk Antivirus settings dialog box

Use this dialog box to create and edit an antivirus settings. Antivirus settings determine whether the LANDesk Antivirus icon appears in the device system tray, availability of interactive options to end users, e-mail scan and real-time protection enabling, file types to scan, files and folders to exclude, infected file quarantine and backup, scheduled antivirus scans, and scheduled virus definition file updates.

If you want to modify a device's default antivirus settings without redeploying an antivirus scan task, make your desired change to any of the settings on the various pages of the Antivirus settings dialog box, assign the new settings to a change settings task, and then deploy the change settings task to target devices.

Once configured, you can apply antivirus settings to antivirus scan tasks and to change settings tasks.

This dialog box contains the following pages:

About the Antivirus: General settings page

Use this page to configure the basic antivirus scanner settings on target devices.

This page contains the following options:

About the Antivirus: Real-time protection page

Use this page to enable and configure real-time file protection, which files to protect and what to exclude, and end user notification.

Real-time protection is an ongoing (background) scan of specified files, folders, and file types by extension. When real-time protection is running, files are scanned for viruses every time they are opened, closed, accessed, copied, or saved.

When real-time protection is enabled, the LANDesk Antivirus system tray icon is yellow. The icon is gray when real-time protection is turned off.

This page contains the following options:

About the Add excluded path dialog box

Use this dialog box (accessed from the Real-time protection dialog box) to add exclusions that specify objects that aren't scanned for viruses by either an antivirus scan or real-time protection. Antivirus scan tasks (and change settings tasks) associated with this antivirus settings will use these exclusions.

You can exclude specific files, entire folders, and file types by their extensions.

This dialog box contains the following options:

About the Antivirus: Virus scan page

Use this page to specify which files to scan for viruses, what to exclude from the scan, and whether to use heuristics to scan for suspicious files.

This page contains the following options:

NOTE: System restore point scanning
LANDesk Antivirus will scan the files in any system restore point folders that may exist on the managed device.

Infectable file types

Infectable file types are identified by their format identifier in the file header rather than by their file extension, ensuring that renamed files are scanned.

Infectable files include: document files such as Word and Excel files; template files that are associated with document files; and program files such as Dynamic Link Libraries (.DLLs), communication files (.COM), Executable files (.EXEs), and other program files. See below for a list of infectable file types by the file format's standard or original file extension.

About the Antivirus: Scheduled scan page

Use this page to enable and configure a recurring scheduled antivirus scan on target devices.

NOTE: LANDesk Antivirus scan types
You can scan your managed devices for viruses with scheduled scans, on-demand scans, as well as real-time file and e-mail protection. End users can also perform on-demand scans of their own computer.

This page contains the following options:

About the Schedule periodic antivirus scans dialog box

If you want this antivirus settings to include a recurring antivirus scan, use this dialog box to specify start time, frequency, time restriction, and bandwidth requirement settings. Antivirus scan tasks (and change settings tasks) associated with this settings will use the rules defined here.

All criteria in this dialog box that you configure must be met before the task will execute. For example, if you configure a schedule that repeats every day between 8 and 9 o'clock with a Machine state of Desktop must be locked, the task will only execute if it's between 8 and 9 o'clock AND the machine is locked.

This dialog box contains the following options:

About the Antivirus: Virus definition updates page

Use this page to configure virus definition (pattern) file updates scheduling, user download options, and access options, for target devices with this antivirus settings.

This page contains the following options:

About the Schedule periodic antivirus updates dialog box

If you want this antivirus settings to include a recurring virus definition update, use this dialog box to specify start time, frequency, time restriction, and bandwidth requirement settings. Antivirus scan tasks (and change settings tasks) associated with this settings will use the rules defined here.

For information about the options, see About the Schedule periodic antivirus scans dialog box above since it is a common dialog box.

About the Antivirus: Quarantine/Backup page

Use this page to configure the size of the quarantine/backup folder, and the object restore options you want to make available to end users.

This page contains the following options: