Dr. Web Antivirus

Version: 
5.00
Release date: 
Monday, 6 April, 2009

License:

Interface:

Authors/Port authors:

A Russian antivirus program.

This software is distributed as compressed package. You have to download and manually install it; if prerequisites are required, you will have to manually install them too.

Manual installation

Program is distributed as ZIP package: download to temporary directory and unpack to destination folder. Run drweb2cl.exe. See below for download link(s).

Following ones are the download links for manual installation:

Dr. Web Antivirus v. 5.00 (6/4/2009, Doctor Web Ltd.) Readme/What's new
Dr.Web(R) Antivirus for OS/2 (or DrWeb2CL) Version 5.00 This program is a representative of the 32-bit family of the Dr.Web anti-virus programs. This family includes programs for Microsoft Windows, MS-DOS 386, Novell NetWare, IBM Operating System/2, Linux, FreeBSD, and other Unix-like systems. INSTALLATION NOTES There is no install shield in this distribution package of DrWeb2CL. To install the program, create an installation directory (for example, DRWEB) and unpack the distribution archive into it. Then run DRWEB2CL.EXE. Note that all Dr.Web family programs can be installed in the same directory. The distribution packages of all family programs include the following common files: - DRWEB32.DLL (Dr.Web engine) - DRWEBASE.VDB (main virus database) - Dr.Web virus database add-ons (*.VDB and corresponding *.TXT files with information on the virus records, which the add-on contains) - DRWEB32.INI (Dr.Web configuration file) Even though all family programs use the same configuration file, each product uses its own section. All new virus base adds-on should be placed in the installation directory. Additionally, the distribution package may include language resource files named <lang>-DRWEB.DWL (for example, RU-DRWEB.DWL, DE-DRWEB.DWL, etc.). The resource files contain program messages written in the respective language. The language resource files are also common to all Dr.Web family programs. The default language is English. The language can be changed by use of the /LNG command line option. LICENSE KEY FILE The use rights for the program are regulated by the key file. A key file has the .KEY extension and contains, among other, the following information: - list of antivirus components licensed to the user - license period for the product - period of versions updating (also called "subscription period" and may not be equal to the license period) - other restrictions (the number of protected computers etc.) By defalut, the key file must be located in the installation directory. ATTENTION! The key file has a write-protected format and therefore can not be edited. Editing such file makes it invalid. It is not recommended to open the key file with a text editor, since it may occasionally corrupt it. There are two types of key files: - license key file is purchased with the Dr.Web software and allows purchasers to use the software and receive technical support. Parameters of the license key file are set in accordance with the software's license agreement. The file also contains information about the purchaser and seller. - demo key file is used for evaluation of Dr.Web products. It is distributed free of change and provides full functionality of the software. However demo key files have limited validity period and cannot be renewed. A valid license key file satisfies the following criteria: - license is not expired - the license applies to all components of the product - integrity of the license key file is not violated ATTENTION! If any of the conditions are violated, the license key file becomes invalid, the program stops detecting and neutralizing malicious programs. Commercial users who have purchased the program from certified partners receive a license key file. The parameters of this key file are set in accordance with the user agreement. Such file also includes information about the customer and the selling company. You can receive a license key file in one of the following ways: - by email in an archived attachment - with the program distribution kit - on separate media To acquire a license key file by email: 1. Launch an Internet browser and go to the site which is specified on the product registration card supplied with your copy of the product. 2. Fill in the registration form. 3. Enter the serial number which is typed on the registration card. 4. The license key file is archived and sent to the email address you specified in the registration form. Extract the license key file and copy it to the installation directory. For demonstrative purposes Doctor Web may provide you with a trial license key file. Trial license allows you to access full functionality of the program for a short-term period. No support is provided during trial period. On the expiration of the trial license, you will need to purchase a full license to continue working with the product. To receive a trial license key file by email, fill in the registration form at http://download.drweb.com/demoreq/. For more information on licensing and types of license key files, visit the Doctor Web official website at http://www.drweb.com. COMMAND LINE OPTIONS To start the program, use the following command line: <program> [disk:][path] [options] where program - executable module name (DrWeb2CL), disk: - logical drive of a hard disk, floppy drive, network drive, CD-ROM, or * (all local logical drives); path - location of files to be checked; it may contain path to the directory on local/network drive (or network directory) and, optionally, filename (or filename mask). The command line may contain several [disk:][path] parameters delimited with blanks. In this case, the program will sequentially scan the specified objects. Command line options (delimited with blanks) /@[+]<file> - check objects listed in <file>. Each object must be identified on a separate line containing a full pathname (to check file) or the "?boot" keyword (to check boot sectors). The list file can be created with any text editor. When scan is completed, Dr.Web deletes the list file, unless "+" is included in the option; /ADW[I|D|M|R] - determine the actions for detected adware: I - ignore; D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); /AL - scan all files on a given drive or directory; /AR[D|M|R][N] - check all files inside archives (ARJ, CAB, GZIP, LZH, RAR, TAR, ZIP...). Use the optional parameters to specify how archives with infected (or suspicious) objects should be treated as a whole: D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); the N option suppresses the archive type after the name of the archive file; /CN[D|M|R][N] - determine how containers (HTML, RTF, PowerPoint,..) with infected (or suspicious) objects should be treated as a whole: D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); the N option suppresses the container type after the name of the container file; /CU[D|M|R] - cure infected objects and delete incurable files. Or use the optional parameters to specify how infected filed should be treated: D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); /DA - run Dr.Web only once in a day. For this option, the configuration file, (INI-file) containing the date of the next scanning session must be present; /DLS[I|D|M|R] - determine the actions for detected dialers: I - ignore; D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); /EX - scan files that have extensions associated with executable modules and MS Office documents (COM, EXE, SYS, BAT, CMD, DRV, BIN, DLL, OV?, BOO, PRG, VXD, 386, SCR, FON, DO?, XL?, WIZ, RTF, CL*, HT*, VBS, JS*, INF, A??, ZIP, R??, PP?, HLP, OBJ, LIB, MD?, INI, MBR, IMG, CSC, CPL, MBP, SH, SHB, SHS, SHT*,MSG, CHM, XML, PRC, ASP, LSP, MSO, OBD, THE*, EML, NWS, TBB); /GO - run without asking you what to do next (in such situations as not enough disk space for unpack operation, invalid parameters in the command line, Dr.Web infected by unknown virus, etc.). This option might be useful, say, for automatic check of incoming e-mail; /HA - enable the heuristic analyzer that can detect unknown viruses; /HCK[I|D|M|R] - determine the actions for detected hack tools: I - ignore; D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); /IC[D|M|R] - determine how to treat incurable files: D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); /INI:<path> - use an alternative configuration file (INI-file); /JOK[I|D|M|R] - determine the actions for detected joke programs: I - ignore; D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); /LNG[:<path>] - use an alternative language file (DWL-file), or built-in (english) language; /ML[D|M|R][N] - check files of mail format (UUENCODE, XXENCODE, BINHEX, MIME,...). Use the optional parameters to specify how mail files with infected (or suspicious) objects should be treated as a whole: D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); the N option suppresses the mail type after the name of the mail file; /MW[I|D|M|R] - determine the actions for all types of malware programs (i.e. adware, dialers, hack tools, jokes, riskware): I - ignore; D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); /NI - ignore the settings in the configuration file (DRWEB32.INI); /NM - skip memory test; /NS - run non-stop (no interruption by pressing ESC); /OK - write a full list of scanned objects and display "OK" next to clean objects; /PF - display the "Scan another diskette?" prompt after checking a floppy disk; /PR - prompt to confirm an action on an infected or suspicious file; /RP[+]<file> - write the scan results to a file (by default, <program>.LOG), <file> is the full pathname of a report file. If the plus sign is included, the recent report will be appended to the report file; otherwise the report file will be overwritten; /RSK[I|D|M|R] - determine the actions for detected riskware: I - ignore; D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); /SCP:<n> - specify the priority of the scanning process over other processes in the system (n - number from 1 to 50; default value is 25); /SD - scan subdirectories; /SO - play sounds; /SP[D|M|R] - determine how to treat suspicious files: D - delete, M - move (by default, to the INFECTED.!!! directory), R - rename (by default, the extension's first character is changed to "#"); /SS - save current settings when the program terminates; /TB - scan boot sectors and master boot record; /TM - scan memory for viruses (including Windows system memory); /TS - scan startup files; /UPN - disable the output of names of file packers used for packing the scanned executable files to the log file; /WA - wait after scan is finished if viruses or suspicious objects were found; /? - display help. If DBWEB32.INI is not present or not used, the default options are: /AL /AR /HA /ML /PR /SD /TB /TM /TS Some options can be postfixed with the "-" character. This "negation" form disables the respective function or mode. It might be useful if the mode is enabled by default or via settings in the INI-file. The negation form can be applied to the following command-line options: /ADW /AR /CU /DLS /FN /HCK /JOK /HA /IC /ML /MW /OK /PF /PR /RSK /SD /SO /SP /TB /TM /TS /UP /WA Note that the negation form of /CU, /IC and /SP cancels all actions enabled by these options. It means that information about infected and suspicious objects will appear in the report file only. /AL, /EX and /FM cannot be used in the negation form. However, any of these options disables the other two. RETURN CODES The values of the return code and corresponding events are as follows: 0 - OK, no virus found 1 - known virus detected 2 - modification of known virus detected 4 - suspicious object found 8 - known virus detected in archive (container, mail file) 16 - modification of known virus detected in archive (container, mail file) 32 - suspicious file found in archive (container, mail file) 64 - at least one infected object successfully cured 128 - at least one infected or suspicious file deleted/renamed/moved The actual value returned by the program is equal to the sum of codes for the events that occured during scanning. Obviously, the sum can be easily decomposed into separate event codes. For example, return code 9 = 1 + 8 means that known viruses were detected, including viruses in archives; curing and others actions were not executed; no other "virus" events occured during scanning. LIMITATIONS IN THIS VERSION - Virus check of main memory is not supported. ====================== Copyright (C) Doctor Web, Ltd. Russia, Moscow - Saint Petersburg Official site: http://www.drweb.com Technical support site: http://support.drweb.com
 www.os2site.com/sw/util/antivirus/drweb-500-os2.zip  local copy
Record updated last time on: 17/09/2021 - 19:16

Translate to...

Add new comment