|
|
README FIRST!: Command AntiVirus for Exchange (MAPI)
README FIRST!
Command AntiVirus(tm) for Microsoft(r) Exchange
NOTE: This version is for ONLY Microsoft(r) Exchange Version 5x
with Service Pack 2. A separate version is available for
Microsoft(r) Exchange Version 5.5 with Service Pack 3 or
higher.
Please read the Command AntiVirus for Exchange Administrator's
Guide that is included with the installation files. It provides
instructions on installing and using this product.
The CMEADMIN.PDF file contains the Command AntiVirus for Exchange
Administrator's Guide. This file can be read with the Adobe(r)
Acrobat(r) Reader that is included on the Command AntiVirus CD.
For instructions on how to install Acrobat Reader, see the README.TXT
file that is located in the ADOBE folder on the CD.
Acrobat Reader is not included with the downloadable versions
of Command AntiVirus. You can download Acrobat Reader from
Adobe Systems Incorporated through our web site at
http://www.commandcom.com/service/tc-viewutil.html.
A Release Notes section is provided for each release. It contains
the following topics:
* Special Notes - contains important pre- and post-installation
information that pertains to the release.
* Product Enhancements - contains information about new virus
signatures, scan engine improvements, and new features.
* Fixes - contains updated information on previously reported
problems that have been fixed.
===================================================================
Notes on Command AntiVirus for Exchange (CSAV) Version 2.37
19 October 2001
SPECIAL NOTES
* This version is for ONLY Microsoft(r) Exchange Version 5x
with Service Pack 2. A separate version is available for
Microsoft(r) Exchange Version 5.5 with Service Pack 3 or
higher.
* All viruses previously referred to as W95/x are now
named W32/x. For example, W95/Nimda.A@mm is now
called W32/Nimda.A@mm.
NOTE: x represents a name variable.
PRODUCT ENHANCEMENTS
* Scan engine enhancements have been added to this release.
It is now possible to disinfect some script viruses,
for example, HTML files modified by the Nimda virus.
* New virus signatures have been added in this release.
FIXES
* Particular types of VBS files caused the scan engine to
false positive. The number of false positives has been
decreased in this release.
* You can now install Command AntiVirus for Microsoft Exchange
on the same computer as CSAV for Windows NT Server Version 4.61
and higher. Previously, doing so caused a conflict between the
two scanners. This condition resulted in an incorrect warning
message that displayed repeatedly and caused slowdowns. This
has been fixed.
__________________________________________
Notes on Command AntiVirus for Exchange (CSAV) Version 2.36
14 September 2001
SPECIAL NOTES
* This version is for ONLY Microsoft(r) Exchange Version 5x
with Service Pack 2. A separate version is available for
Microsoft(r) Exchange Version 5.5 with Service Pack 3 or
higher.
* WARNING: CSAV for Exchange users
We do NOT recommend installing CSAV for Exchange on the same computer
as CSAV for Windows NT Server Version 4.59 and higher. Doing so causes a
conflict between the two scanners that are trying to access the same file.
This condition results in an incorrect warning message that will display
repeatedly and cause slowdowns.
This is a temporary condition and will be fixed in a future commercial
release. Again, the products can coexist on the same network but NOT on
the same computer.
PRODUCT ENHANCEMENTS
* Scan engine enhancements have been added to this release, for
example, an ELF scanner has been added to cover Unix(r) viruses
in native Unix file format.
The scan engine has also been enhanced to help detect some
corrupted (non-working) samples of the Magistr virus.
* New virus signatures have been added in this release.
FIXES
* None for this release.
____________________________________________________________
Notes on Command AntiVirus for Exchange (CSAV) Version 2.35
03/28/01
SPECIAL NOTES
* This version is for ONLY Microsoft(r) Exchange Version 5x
with Service Pack 2. A separate version is available for
Microsoft(r) Exchange Version 5.5 with Service Pack 3 or
higher.
* WARNING: CSAV for Exchange users
We do NOT recommend installing CSAV for Exchange on the same computer
as CSAV for Windows NT Server Version 4.59 and higher. Doing so causes a
conflict between the two scanners that are trying to access the same file.
This condition results in an incorrect warning message that will display
repeatedly and cause slowdowns.
This is a temporary condition and will be fixed in a future commercial
release. Again, the products can coexist on the same network but NOT on
the same computer.
PRODUCT ENHANCEMENTS
* New virus signatures have been added in this release.
* This release contains the following scan engine enhancements:
- Scanning of encrypted VBS files is now supported.
- Scanning of Visio files is now supported. Heuristics scanning
is now in place to help detect unknown Visio viruses.
- Scanning of PIF files is now supported. PIF viruses can now
be listed.
- Scanning of PHP viruses is now supported.
- Heuristics scanning is now in place to help detect unknown VBS
viruses such as new variants of LoveLetter.
- Our HoloCheck technology has been improved to detect a few new
polymorphic viruses.
- Detection for the W95/MTX.9244 virus and X97M/Jini-A1
misdisinfected viruses.
* The speed of scanning CAB files has been improved.
FIXES
* The level of generated false positives for macro viruses has been
reduced.
* Detection of the MTX virus has been improved.
____________________________________________________________
RELEASE NOTES
Notes on Command AntiVirus for Exchange (CSAV) Version 2.33
07/10/00
SPECIAL NOTES
* None for this release.
PRODUCT ENHANCEMENTS
* None for this release.
FIXES
* None for this release.
________
RELEASE NOTES
Notes on Command AntiVirus for Exchange (CSAV) Version 2.32
06/20/00
SPECIAL NOTES
* A new dialog box has been added to the Command AntiVirus for
Exchange installation. This dialog box asks if you want to
run Exchange Optimizer. We recommend that you select NO.
PRODUCT ENHANCEMENTS
* None for this release.
FIXES
* None for this release.
________
Notes on Command AntiVirus for Exchange (CSAV) Version 2.31
05/18/00
PRODUCT ENHANCEMENTS
New virus signatures have been added in this release.
The following improvements have been made to the scan engine:
- Improved HTML and ASCII scanning.
- CSAV now detects W95/Bolzano family viruses.
- Scanning of the following is now supported:
- TAR archives
- RAR archives
- LHA archives
- CAB archives (partially supported)
- GNU GZIP (.GZ files)
- Self-extracting RAR files
- Self-extracting LHA files
FIXES
Some users reported a problem with some documents falsely
being reported as "could be misdisinfected virus." This
has been fixed.
SPECIAL NOTES
None for this release.
________
Notes on Command AntiVirus for Microsoft Exchange Version 2.30
03/6/00
PRODUCT ENHANCEMENTS
None for this release.
FIXES
If there were more than the allowed MAPI limit of 248 mailboxes,
the on-access service stopped and no active scanning took place.
This has been fixed. Now, there is no limit to the number of
mailboxes for active scanning to take place.
SPECIAL NOTES
None for this release.
_____________
Notes on Command AntiVirus for Microsoft Exchange Version 2.20
01/19/00
PRODUCT ENHANCEMENTS
New virus signatures have been added in this release. This includes
signatures for detecting more than 200 new trojans.
The following improvements have been made to the scan engine:
- CSAV now detects malicious or destructive Java code (Java Trojans).
- The handling of script viruses is improved. This includes VBScript
viruses and ASCII-based viruses.
- CSAV now scans file attachments in Rich Text Format (.RTF) files.
- CSAV now disinfects Office 2000 signed documents.
- Scanning of the following is now supported:
- OLE1 embedding (embedded files in WordPad and Microsoft
Word 6)
- WordPerfect 2000 (.WPD) files
- Lotus worksheets (.WKS) files
- LX (OS/2) files as well as the detection of all OS/2 viruses.
- PowerPoint scanning is improved and the disinfection process is revised.
However, as the Microsoft Corporation does not document its compression
method, the disinfection of objects that are embedded in PowerPoint
documents is still not possible.
- CSAV features improved scanning in Windows 32-bit programs resulting
in higher rates of detection and fewer false positives.
- Disinfection of infected .VBS files by deletion.
The following file types are now scanned by default and they cannot
be deleted:
EXE, COM, SYS, VXD, DLL, DRV, SCR, 386, OV?, CPL, FON, TSK, ACM,
ACV, TLB, TSP, OCX, VBX, VOM, VXE, OBJ, SHS, SMM, HLP, CLA, XL?,
DOC, DOT, MDB, RTF, MPP, MPT, PPA, PPS, PPT, POT, WBK, PWZ, MSO,
OBD, OBT, OBZ, OFT, MSG, EML, TD0, BAT, BTM, INI, INF, HT?, VBS,
GMS, CSC, WPD, WK?, DVB, WBT, and CDR
NOTE: Self-extracting files are not scanned by default. However,
the .EXE portion of the self-extracting file is scanned
by default.
You can add up to 20 additional file extensions to the File Extensions
dialog box.
A new virus definition file, SIGN2.DEF, is now included with Command
AntiVirus. This file provides virus signatures for a variety of
scripting viruses and trojans.
The CSAV for Exchange Console, the program's system tray icon, all
configuration options, and all property sheets now display in read-only
mode for users who do not have sufficient access rights.
If the CSAV for Exchange Console was started when (A) the Exchange
Directory service was not running or (B) when the user did not have
sufficient permission on the Exchange server, corresponding dialog
boxes would display. This has been modified. Now, if the user starts
the service or acquires sufficient permission on the Exchange server,
the changes will not be reflected in CSAV for Exchange Console until
it is restarted.
FIXES
The intermittent problem that occurred with on-access scanning has now
been fixed. This involves the on-access scans that take place when the
e-mail is delivered to your mailbox.
If there were more than the allowed MAPI limit of 248 mailboxes, the
on-access service would crash. Now, if that limit is exceeded, the
on-access service simply stops and no active scanning takes place.
The on-access service could not handle Custom Recipients. As Custom
Recipients are not physical mailboxes on the Exchange server, the
on-access service now ignores them.
The on-access service was reported to be using large amounts of memory.
This service has been modified to use memory more efficiently.
Some notifications were being missed during on-access scans. This
resulted in a discrepancy between the number of e-mails scanned and the
number of notifications sent. This has been fixed.
In the Options dialog box, if the path to the quarantine folder ended with
one or more backslashes, the CSAV for Exchange Console would crash. This
also occurred if, during installation, a quarantine path that contained
one or more backslashes was entered in the Options dialog box. Both of
these problems have been fixed.
In Microsoft Exchange Administrator, if the Roles permission for the
quarantine folder was set to "None" and the Folder Visible option was not
selected, CSAV for Exchange would crash. This has been fixed. Now, these
permission options cannot be selected for the quarantine folder.
If a pipe character ("|") existed in a folder's name, that folder would not
be scanned by on-demand scanning. This has been fixed.
Scheduled on-demand scans would crash if two or more tasks were running at
the same time on the same folder. This has been fixed.
The properties of an on-demand task were being displayed when the task's
name was double-clicked in the CSAV for Exchange Console task list. This
has been fixed. Now, double-clicking the task's name launches a scan.
When running two or more on-demand scans with the on-access scan
enabled, the on-demand scans cause intermittent General Protection
Faults (GPFs). This has been fixed.
There was a report that on-demand scans would briefly display the
Statistics Dialog Box and then close back to the GUI. Nothing is
written to the on-demand log file, but Event Viewer shows that the
scans had started but were never completed. This has been fixed.
SPECIAL NOTES
To install Command AntiVirus for Exchange you now must be logged on as:
A. an administrator on the local domain
B. an Exchange Server Administrator. This account should be the
one on which the Exchange services run.
Before installing CSAV for Exchange 2.1, we recommend that you uninstall
any earlier versions of the product. Then reboot your system and install
CSAV for Exchange 2.1. NOTE: If you reinstall CSAV for Exchange 2.1, you
do not need to perform a system reboot.
If the location of the quarantine folder is changed while the on-access
service is running, the on-access service will need to be restarted in
order for the change to take effect.
CSAV for Exchange scans only those e-mail messages that are located on the
Exchange server. As outgoing SMTP e-mail uses a POP3 server instead of the
Exchange server, CSAV for Exchange does not scan those outgoing messages.
If two or more on-demand tasks are run on the same folder simultaneously,
there is a chance that you could receive a "multiple edit conflict"
error message.
To test CSAV for Exchange, you can now download the self-extracting file
named SE_EICAR.EXE from our web site at:
http://www.commandcom.com/html/utils.html
When you run this file, a test file, EICAR.COM (from European Institute
for Computer Anti-Virus Research), is extracted from it.
Changing the quarantine folder while the on-access service is running
requires that you restart the on-access service in order for the change to
take effect.
Running two or more on-demand scan tasks simultaneously on the same
folder may result in a "multiple edit conflict" error message.
________
Notes on Command AntiVirus for Microsoft Exchange version 2.0
10/04/99
PRODUCT ENHANCEMENTS
The scan engine has been optimized to provide faster on-demand
and on-access scans.
New virus signatures have been added in this release.
CSAV for Exchange has been modified to better handle various
error conditions. These conditions include scarce system resources,
improper passwords, and accessing unavailable servers.
FIXES
General Protection Faults occurred when CSAV disinfected user
macros. This has been fixed.
Modifications have been made to the code behavior monitoring process.
These modifications fix a situation that produced false positives.
Two scheduled scan issues have been fixed. One problem consisted of
scheduled scans not running at their specified time. The second
problem consisted of scheduled scan settings not being transferred
successfully from the CSAV console to the scheduler.
The Help buttons did not provide the requested on-line help. This
has been fixed.
SPECIAL NOTES
None for this release.
_____________
Notes on Command AntiVirus for Microsoft Exchange version 1.1
07/12/99
PRODUCT ENHANCEMENTS
New virus signatures have been added in this release.
Command AntiVirus now includes expanded protection for the following:
A. CorelDraw -- The newly discovered CorelDraw virus is now detected.
The .CSC CorelDraw-related extension is now scanned by default.
B. MacOffice -- Viruses in MacOffice documents can be detected and
disinfected. However, as the Macintosh(tm) operating system is
not directly supported by Command AntiVirus, detection is
possible only when the infected Macintosh Office documents
are scanned in a DOS or Windows-based environment. For example,
if you have a floppy disk with infected MacOffice documents
on it, you can disinfect these documents by using CSAV
to scan the floppy disk.
C. Microsoft Office 97 -- The .MPT, .WBK and .MSO extensions are now
scanned by default.
D. Office 2000 -- The heuristics scan engine has been modified so
that it now detects some native Office 2000 viruses.
E. PowerPoint 97 -- PowerPoint 97 viruses are now detected and
disinfected. The .PP?, .POT, and .PWZ PowerPoint 97 file types
are now scanned by default.
An additional generic virus detector has been added. This detector
allows Command AntiVirus to detect approximately 14,000 more
"generic viruses." This brings the total number of viruses detected
by Command AntiVirus to just over 39,500.
The CSAV scanners have been optimized to provide better protection
against "New Executable" file viruses and VxD viruses. Improvements
have also been made to reduce the occurrence of false positives.
If you open an infected Microsoft Office 97 document in Microsoft
Office 2000, our HoloCheck scan engine will detect the infection.
Documents converted to Office 2000 format from Office 97 format
can be disinfected. Currently, disinfecting an Office 2000 document
consists of removing all macros from the document.
Files that do not have a file name extension are now scanned by default.
FIXES
None for this release.
SPECIAL NOTES
None for this release.
Notes on Command AntiVirus for Microsoft Exchange version 1.00
Service Pack 2
05/25/99
SPECIAL NOTES
The instructions for insuring the proper starting of CSAV for Exchange
services has been updated. Please see 04/29/99 SPECIAL NOTES.
04/29/99
PRODUCT ENHANCEMENTS
New virus signatures were added in this release.
FIXES
None for this release.
SPECIAL NOTES
To update Command AntiVirus for Exchange with this service pack, you
must run the service pack's SETUP.EXE program. Note that only the
components that require updating will be modified.
To insure the proper starting of the CSAV for Exchange services, the
administrator who is installing the product must be:
A. a local administrator or a domain administrator (with local
administrator rights) with the Logon as a service right on the
Exchanger Server system.
B. an administrator on the Exchange Server.
To enable the Log on as a service right, follow these steps:
1. In the taskbar, click the Start button.
2. Select Programs.
3. Select Administrative Tools (Common).
4. Click User Manager for Domains. The system displays the User Manager
dialog box.
5. Select the administrator's name from the Username column.
6. Click the Policies menu.
7. Click the User Rights menu item. The system displays the User Rights
Policy dialog box.
8. Select the Show Advanced User rights check box.
9. In the Right drop-down list box, select Log on as a service.
10. Click the Add button. The system displays the Add Users and Groups
dialog box.
11. Click the Show Users button.
12. In the Names list box, select the administrator's name.
13. Click Add.
14. Click OK. The system returns to the User Rights Policy dialog box.
15. Click Ok to finish.
To be an administrator on the Exchange Server, follow these steps:
1. In the taskbar, click the Start button.
NOTE: If you are using Windows NT Server 3.51, double-click the
Microsoft Exchange group.
2. Select Programs.
NOTE: If you are using Windows NT Server 3.51, double-click the
Microsoft Exchange Administrator icon.
3. Select Microsoft Exchange.
4. Click Microsoft Exchange Administrator. The system displays the
Microsoft Exchange Administrator dialog box.
5. Locate the name of your Microsoft Exchange server and click the plus
sign (+) located next to the server's name. The system displays the
Configuration icon and the Recipients icon below the server's name.
6. Select the Configuration icon.
7. On the menu bar, click File. The system displays the drop-down menu.
8. Click Properties. The system displays the Configuration Properties
dialog box.
9. Click the Permissions tab. The system displays the Permissions
dialog box.
10. Click Add.
11. Select the administrator's name from the Names list box.
12. Click Add.
13. Click OK. The system returns to the Configuration Properties
dialog box.
14. Click Apply.
15. Click OK to finish.
Notes on Command AntiVirus for Microsoft Exchange version 1.00
03/19/99
PRODUCT ENHANCEMENTS
None for this release.
FIXES
None for this release.
SPECIAL NOTES
In the "Reports" dialog box, the "Delete attachment if the specified
action fails" item is enabled by default. For maximum protection
against computer viruses, we recommend that you do NOT disable this
item unless it is absolutely necessary to do so.
For detailed virus information, we suggest that you view the Joe Wells
Virus Encyclopedia that is included on the CD. You can open the
encyclopedia by going to the "JoeWells" directory located in the
"Manuals" directory. Then, double-click the file named INDEX.HTM
to display the encyclopedia.
Scan tasks are not sorted when you click the column headers in the
CSAV for Exchange console. This will be corrected in an
upcoming release.
The CSAV for Exchange documentation refers to the scanning of e-mail
that is sent and received. Currently, sent e-mail is defined as
mail that is sent between mailboxes and mail folders within the
Exchange server's domain. The scanning of outgoing e-mail (mail that
is sent to addresses outside the server's domain) is a planned
future enhancement to CSAV for Exchange.
===================================================================
PRODUCT SUPPORT
Command Software Systems' technical support includes a variety of
electronic services. You can contact us at:
Command Software Systems, Inc.
1061 E. Indiantown Rd., Suite 500
Jupiter, FL 33477
Voice: 561/575-3200 8:00 a.m. to 8:00 p.m. Eastern Standard Time.
Fax: 561/575-3026
Internet: [email protected]
FTP: ftp.commandsoftware.com
Web: http://www.commandsoftware.com
In Europe contact:
Command Software Systems, Inc.
UK Branch
Ground Floor
Millbank Tower
Millbank
London SW1P 4QP
If dialing from within the UK:
Voice: 020 7 931-9301
Fax: 020 7 931-9302
If dialing from outside the UK:
Voice: +44 20 7 931-9301
Fax: +44 20 7 931-9302
Internet: [email protected]
[email protected]
[email protected]
In Pacific Rim, contact:
Command Software Systems, PTY Pac Rim
Unit 5, 18-20 Floriston Road
Boronia, VIC 3155
Australia
Voice: 1-300-65-0903 or 613-9762-2203
Fax: 1-300-65-0904
Internet: [email protected]
Web: http://www.commandcom.com.au
====================================== END ========================================
Home � Purchase Center � Virus Center � Support Center
|
|
|
