Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Editionand Administration Tools of Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition Version 8.0.0.559 Release date: 29.11.2010 WHAT'S NEW - The product has been migrated to a new anti-virus engine providing more efficient protection and affecting the host computer less. - General performance of Kaspersky Anti-Virus has been improved. - Improved Kaspersky Anti-Virus operation on terminal servers, work with network folders and roaming user profiles. - Extended the functionality of the heuristic analyzer, which helps detect malicious applications that are unknown yet. - Added Hierarchical Storage Management support. - Extended return codes of the command line utility (KAVSHELL.EXE) for the SCANCRITICAL and SCAN commands. - Added opportunity to install the product as upgrade for Kaspersky Anti-Virus 6.0 for Windows Servers Enterprise Edition and Kaspersky Anti-Virus 6.0 for Windows Servers preserving the product settings and its tasks. - Added opportunity to import / export the trusted zone settings from/to specified file. - Redesigned product interface facilitates easy and convenient user interaction with the product. - Information about general Kaspersky Anti-Virus status has been added instead of the separate Statistics node in the Kaspersky Anti-Virus MMC Console. - The "task report" notion has been replaced with "task log". Task logs are gathered in one node - Logs. - Added opportunity to view the information about available critical fixes and maintenance packs in the Kaspersky Anti-Virus MMC Console. - Added opportunity to view information about revoked critical updates to application modules in the Kaspersky Anti-Virus MMC Console. - Full computer scanning task has been changed to the task for scanning of critical computer areas. The new task completes faster because it scans the critical areas on host computer only. The event "Full computer scan not performed for a long time" has been changed to the "Critical areas have not been scanned for a long time", too. - Functionality for blocking of access from computers has been removed. - Functionality for application integrity check at the start has been removed. LIMITATIONS AND KNOWN ISSUES - Computer restart is required when the product is installed as an upgrade for Kaspersky Anti-Virus 6.0 for Windows Servers. - Task reports will not be imported when installing the product over Kaspersky Anti-Virus 6.0 for Windows Servers. - When scanning of archives is enabled in the protection settings, the Anti-Virus will check not only objects in regular archives, but also objects in SFX- archives, no matter how scanning of SFX archives is configured. Thus, separate scanning of archives without checks of SFX archives is not possible. However, scanning of SFX archives only without checks of regular archives is possible if you enable scanning of SFX archives only in the protection settings. - A warning about too long path is displayed when a folder longer than 150 characters is selected as the destination for product setup. However, in that case Kaspersky Anti-Virus will be installed successfully, and it will function correctly. - Installation of this version of Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition will require computer restart if the server is running the SNMP service and the "SNMP support" component of Kaspersky Anti-Virus is installed. - The Installation folder setting will be ignored if the computer has Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition installed. - The license will not be installed if you select the path to a key file on a SUBST or network drive in the license selection dialog of Kaspersky Anti-Virus setup wizard. - When configuring protection and scan scopes via local UI, just one path mask is allowed and only in the end of file path. Examples of correct masks: "C:\Temp\Temp*" or "C:\Temp\Temp???.doc" or "C:\Temp\Temp*.doc". This rule doesn't apply when configuring trusted zone. - User notification via the messaging service (net send) is not performed if the user computer is running Windows Vista. Windows Vista does not support the messaging service. - Users and administrators are not notified using the messaging service (net send) if the protected server is running Microsoft Server 2008. - National characters (e.g., in task names containing national characters) may not display properly in the command line utility. Check to make sure that the regional settings of the operating system match the application localization that you are using. - If you enter user name and password for proxy server authentication (BASIC-authentication) in multi-byte encoding, errors may occur. - The Encrypted file attribute is not restored when objects are restored from Quarantine or Backup. - When objects are restored from Quarantine or Backup to their original locations in network folders, an error occurs and restoration to the original location is not performed. In such cases use the functionality for restoration to the default folder. - OS environment variables (system or user-defined), created after Kaspersky Anti-Virus launch cannot be used while creating the trusted zone rules or trusted processes. Kaspersky Anti-Virus can only use the environment variables, which have been created and initialized before its start. To bypass that limitation, use the management console to restart Kaspersky Anti-Virus after creation and initialization of your environment variables. - File activity interception driver (non-WDM driver) of Kaspersky Anti-Virus is installed using the SETUPAPI.DLL library instead of the InstallHInfSection function. - When critical updates to the Anti-Virus modules are installed, the tray application will be unloaded automatically (if it has been started) without its subsequent restart. Once the modules update procedure is complete, you can start the tray application manually (if it is installed). To do that, select in the system Start menu: Programs -> Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition -> Tray Application. - At the first launch, Kaspersky Anti-Virus Console tries to connect to Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition installed on local computer. - In some systems the Kaspersky Anti-Virus MMC Console installed with the application may not display the details pane content or its tasks panel may be inactive. In that case you should switch to the standard console view (the "Standard" tab). However, the tasks pane will not be available then. - When filtering in the "Quarantine", "Backup", "System audit log", and "Logs" console nodes is configured, the filter settings are case-sensitive. - Installation of the Administration Tools using the group policies of Microsoft Active Directory is currently unsupported. - When the User Account Control (supported by Microsoft Windows Server 2008 operating system) is enabled, double left-click of the mouse on the application icon on the taskbar always results in displaying the "About the program" dialog box. You should add the user account to the KAVWSEE Administrators group to enable the anti-virus management console to run by double left-click on the application icon on the taskbar. Kaspersky Anti-Virus management console can also be enabled via this iconҳ context menu or via Start menu of the system. - When selecting the "new window from here" item from the context menu of the Scope Pane tree node, an additional windows opens. You can't open Task execution log in this window. To resolve the problem, it is recommended not to use the additional window. - If Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition has been installed, Kaspersky Anti-Virus 6.0 products for Windows Servers and Kaspersky Anti-Virus 6.0 are allowed to be installed. The incorrect performance of both the installed products is possible. Before installing 6.0 version products, version 8.0 products should be deleted. - In some cases, when addressing a file on the protected server from a remote workstation, the IP address of the remote workstation and the username provided with access to the file, may not be defined. At further addressing to server files from this remote workstation, all event fields will be filled properly. - The Task execution log dialog box will automatically close when selecting a node from the list of elements included in the "On-demand scan" node. To resolve the problem, you have to reopen Task execution log using the link in section "Administration", on the "Overview and administration" tab. - When installing Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition as an upgrade for Kaspersky Anti-Virus 6.0 for Windows Servers, the"%personal%" protection scope will be created intead of "My documents" protection scope, if the "My documents" folder is included in the protection scope in Kaspersky Anti-Virus 6.0 for Windows Servers settings. - CaminoSoft Managed Server HSM v.5.2 uses additional thread to access files in remote storages. Scan of files located in remote storage can only be performed under user account. ------------------------------------------------------------------------------------------------------------------- Application management plug-in of Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition WHAT'S NEW - Added opportunity to manage the real-time protection tasks through group policies. Added opportunity to manage both the protection scope and current status of the real-time protection tasks for all computers in a group. - Redesigned tabs structure in the policy configuration and application properties dialogs for better usability. - Added opportunity for importing into a group policy the trusted zone settings exported from Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition. - Added opportunity to transfer objects from Quarantine and Backup to Administration Server. - Added opportunity for automatic installation / removal of licenses through the Network Agent working with the Administration Server subsystem for licensing control. - Added opportunity to create test policies and group tasks (on-demand scan, database update, modules update), intended for validation of the updates received by an Administration Server. - Added opportunity to create policies and group tasks by importing policies and group tasks files created via the application management plug-in of Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition. - Removed opportunity to define the update settings in a policy. - Removed opportunity to define the settings of on-demand scan tasks in a policy. LIMITATIONS AND KNOWN ISSUES - The schedule type "After Administration Server has retrieved updates" does not work for local tasks. That schedule type is only supported in group and global tasks. - In certain cases, when objects in the network Quarantine are restored, their status in the Administration Server console remains set to "Recovering" although the product has already completed actual restoration of the objects. - When the "Object deleted" and "Object disinfected" events are published on Administration Server during performance of on-demand scan tasks, the events miss the field containing the account used to start the corresponding task. - When group tasks are created by importing tasks from version 6.0 of the product, the application does not transfer the settings of the account used to start a task and the settings for notifications about task activity. - If Administration Server scans the updates received from the source prior to their distribution, then the application database updates will only be scanned for Kaspersky Anti-Virus 8.0 for Windows Servers Enterprise Edition, the application modules are not checked for consistency of received updates. - To view or modify system access rights when connecting to the remote server via administration console from local user account, the following conditions should be met: - local user account should be created on the computer with administration console; - password for local user account should coincide with password of local user account on the protected server; - local user account should be part of the Administrators group on the computer with administration console.