A Russian antivirus program.
Program is distributed as ZIP package: download to temporary directory and unpack to destination folder. Run drweb2cl.exe
. See below for download link(s).
Following ones are the download links for manual installation:
Dr. Web Antivirus v. 5.00 (6/4/2009, Doctor Web Ltd.) | Readme/What's new |
Dr.Web(R) Antivirus for OS/2
(or DrWeb2CL)
Version 5.00
This program is a representative of the 32-bit family of the Dr.Web anti-virus
programs. This family includes programs for Microsoft Windows, MS-DOS 386,
Novell NetWare, IBM Operating System/2, Linux, FreeBSD, and other Unix-like
systems.
INSTALLATION NOTES
There is no install shield in this distribution package of DrWeb2CL. To install
the program, create an installation directory (for example, DRWEB) and unpack
the distribution archive into it. Then run DRWEB2CL.EXE.
Note that all Dr.Web family programs can be installed in the same directory.
The distribution packages of all family programs include the following common
files:
- DRWEB32.DLL (Dr.Web engine)
- DRWEBASE.VDB (main virus database)
- Dr.Web virus database add-ons (*.VDB and corresponding *.TXT files with
information on the virus records, which the add-on contains)
- DRWEB32.INI (Dr.Web configuration file)
Even though all family programs use the same configuration file, each product
uses its own section.
All new virus base adds-on should be placed in the installation directory.
Additionally, the distribution package may include language resource files
named <lang>-DRWEB.DWL (for example, RU-DRWEB.DWL, DE-DRWEB.DWL, etc.).
The resource files contain program messages written in the respective language.
The language resource files are also common to all Dr.Web family programs. The
default language is English. The language can be changed by use of the /LNG
command line option.
LICENSE KEY FILE
The use rights for the program are regulated by the key file.
A key file has the .KEY extension and contains, among other, the following
information:
- list of antivirus components licensed to the user
- license period for the product
- period of versions updating (also called "subscription period" and may
not be equal to the license period)
- other restrictions (the number of protected computers etc.)
By defalut, the key file must be located in the installation directory.
ATTENTION! The key file has a write-protected format and therefore can
not be edited. Editing such file makes it invalid. It is not
recommended to open the key file with a text editor, since it
may occasionally corrupt it.
There are two types of key files:
- license key file is purchased with the Dr.Web software and allows purchasers
to use the software and receive technical support. Parameters of the license
key file are set in accordance with the software's license agreement.
The file also contains information about the purchaser and seller.
- demo key file is used for evaluation of Dr.Web products. It is distributed
free of change and provides full functionality of the software. However demo
key files have limited validity period and cannot be renewed.
A valid license key file satisfies the following criteria:
- license is not expired
- the license applies to all components of the product
- integrity of the license key file is not violated
ATTENTION! If any of the conditions are violated, the license key file becomes
invalid, the program stops detecting and neutralizing malicious
programs.
Commercial users who have purchased the program from certified partners
receive a license key file. The parameters of this key file are set in
accordance with the user agreement. Such file also includes information
about the customer and the selling company.
You can receive a license key file in one of the following ways:
- by email in an archived attachment
- with the program distribution kit
- on separate media
To acquire a license key file by email:
1. Launch an Internet browser and go to the site which is specified on the
product registration card supplied with your copy of the product.
2. Fill in the registration form.
3. Enter the serial number which is typed on the registration card.
4. The license key file is archived and sent to the email address you
specified in the registration form. Extract the license key file and copy
it to the installation directory.
For demonstrative purposes Doctor Web may provide you with a trial license
key file. Trial license allows you to access full functionality of the program
for a short-term period. No support is provided during trial period.
On the expiration of the trial license, you will need to purchase a full
license to continue working with the product.
To receive a trial license key file by email, fill in the registration form
at http://download.drweb.com/demoreq/.
For more information on licensing and types of license key files, visit the
Doctor Web official website at http://www.drweb.com.
COMMAND LINE OPTIONS
To start the program, use the following command line:
<program> [disk:][path] [options]
where
program - executable module name (DrWeb2CL),
disk: - logical drive of a hard disk, floppy drive, network drive, CD-ROM,
or * (all local logical drives);
path - location of files to be checked; it may contain path to the
directory on local/network drive (or network directory) and,
optionally, filename (or filename mask).
The command line may contain several [disk:][path] parameters delimited with
blanks. In this case, the program will sequentially scan the specified objects.
Command line options (delimited with blanks)
/@[+]<file> - check objects listed in <file>.
Each object must be identified on a separate line containing
a full pathname (to check file) or the "?boot" keyword (to check
boot sectors). The list file can be created with any text editor.
When scan is completed, Dr.Web deletes the list file, unless
"+" is included in the option;
/ADW[I|D|M|R] - determine the actions for detected adware: I - ignore;
D - delete, M - move (by default, to the INFECTED.!!! directory),
R - rename (by default, the extension's first character is changed to
"#");
/AL - scan all files on a given drive or directory;
/AR[D|M|R][N] - check all files inside archives (ARJ, CAB, GZIP, LZH, RAR,
TAR, ZIP...). Use the optional parameters to specify how archives with
infected (or suspicious) objects should be treated as a whole:
D - delete, M - move (by default, to the INFECTED.!!! directory),
R - rename (by default, the extension's first character is changed to
"#"); the N option suppresses the archive type after the name of the
archive file;
/CN[D|M|R][N] - determine how containers (HTML, RTF, PowerPoint,..) with
infected (or suspicious) objects should be treated as a whole:
D - delete, M - move (by default, to the INFECTED.!!! directory),
R - rename (by default, the extension's first character is changed to
"#"); the N option suppresses the container type after the name of the
container file;
/CU[D|M|R] - cure infected objects and delete incurable files. Or use the
optional parameters to specify how infected filed should be treated:
D - delete, M - move (by default, to the INFECTED.!!! directory),
R - rename (by default, the extension's first character is changed to
"#");
/DA - run Dr.Web only once in a day. For this option, the configuration file,
(INI-file) containing the date of the next scanning session must be
present;
/DLS[I|D|M|R] - determine the actions for detected dialers: I - ignore;
D - delete, M - move (by default, to the INFECTED.!!! directory),
R - rename (by default, the extension's first character is changed to
"#");
/EX - scan files that have extensions associated with executable modules
and MS Office documents (COM, EXE, SYS, BAT, CMD, DRV, BIN, DLL, OV?,
BOO, PRG, VXD, 386, SCR, FON, DO?, XL?, WIZ, RTF, CL*, HT*, VBS, JS*,
INF, A??, ZIP, R??, PP?, HLP, OBJ, LIB, MD?, INI, MBR, IMG, CSC, CPL,
MBP, SH, SHB, SHS, SHT*,MSG, CHM, XML, PRC, ASP, LSP, MSO, OBD, THE*,
EML, NWS, TBB);
/GO - run without asking you what to do next (in such situations as not
enough disk space for unpack operation, invalid parameters in the
command line, Dr.Web infected by unknown virus, etc.). This option
might be useful, say, for automatic check of incoming e-mail;
/HA - enable the heuristic analyzer that can detect unknown viruses;
/HCK[I|D|M|R] - determine the actions for detected hack tools: I - ignore;
D - delete, M - move (by default, to the INFECTED.!!! directory),
R - rename (by default, the extension's first character is changed to
"#");
/IC[D|M|R] - determine how to treat incurable files: D - delete, M - move
(by default, to the INFECTED.!!! directory), R - rename (by default,
the extension's first character is changed to "#");
/INI:<path> - use an alternative configuration file (INI-file);
/JOK[I|D|M|R] - determine the actions for detected joke programs: I - ignore;
D - delete, M - move (by default, to the INFECTED.!!! directory),
R - rename (by default, the extension's first character is changed to
"#");
/LNG[:<path>] - use an alternative language file (DWL-file), or built-in
(english) language;
/ML[D|M|R][N] - check files of mail format (UUENCODE, XXENCODE, BINHEX,
MIME,...). Use the optional parameters to specify how mail files with
infected (or suspicious) objects should be treated as a whole:
D - delete, M - move (by default, to the INFECTED.!!! directory),
R - rename (by default, the extension's first character is changed to
"#"); the N option suppresses the mail type after the name of the mail
file;
/MW[I|D|M|R] - determine the actions for all types of malware programs (i.e.
adware, dialers, hack tools, jokes, riskware): I - ignore; D - delete,
M - move (by default, to the INFECTED.!!! directory), R - rename (by
default, the extension's first character is changed to "#");
/NI - ignore the settings in the configuration file (DRWEB32.INI);
/NM - skip memory test;
/NS - run non-stop (no interruption by pressing ESC);
/OK - write a full list of scanned objects and display "OK" next to clean
objects;
/PF - display the "Scan another diskette?" prompt after checking a floppy
disk;
/PR - prompt to confirm an action on an infected or suspicious file;
/RP[+]<file> - write the scan results to a file (by default,
<program>.LOG), <file> is the full pathname of a report file. If the
plus sign is included, the recent report will be appended to the
report file; otherwise the report file will be overwritten;
/RSK[I|D|M|R] - determine the actions for detected riskware: I - ignore;
D - delete, M - move (by default, to the INFECTED.!!! directory),
R - rename (by default, the extension's first character is changed to
"#");
/SCP:<n> - specify the priority of the scanning process over other processes
in the system (n - number from 1 to 50; default value is 25);
/SD - scan subdirectories;
/SO - play sounds;
/SP[D|M|R] - determine how to treat suspicious files: D - delete, M - move
(by default, to the INFECTED.!!! directory), R - rename (by default,
the extension's first character is changed to "#");
/SS - save current settings when the program terminates;
/TB - scan boot sectors and master boot record;
/TM - scan memory for viruses (including Windows system memory);
/TS - scan startup files;
/UPN - disable the output of names of file packers used for packing the
scanned executable files to the log file;
/WA - wait after scan is finished if viruses or suspicious objects were found;
/? - display help.
If DBWEB32.INI is not present or not used, the default options are:
/AL /AR /HA /ML /PR /SD /TB /TM /TS
Some options can be postfixed with the "-" character. This "negation" form
disables the respective function or mode. It might be useful if the mode is
enabled by default or via settings in the INI-file.
The negation form can be applied to the following command-line options:
/ADW /AR /CU /DLS /FN /HCK /JOK /HA /IC /ML /MW /OK /PF /PR /RSK /SD /SO /SP
/TB /TM /TS /UP /WA
Note that the negation form of /CU, /IC and /SP cancels all actions enabled
by these options. It means that information about infected and suspicious
objects will appear in the report file only.
/AL, /EX and /FM cannot be used in the negation form. However, any of these
options disables the other two.
RETURN CODES
The values of the return code and corresponding events are as follows:
0 - OK, no virus found
1 - known virus detected
2 - modification of known virus detected
4 - suspicious object found
8 - known virus detected in archive (container, mail file)
16 - modification of known virus detected in archive (container, mail file)
32 - suspicious file found in archive (container, mail file)
64 - at least one infected object successfully cured
128 - at least one infected or suspicious file deleted/renamed/moved
The actual value returned by the program is equal to the sum of codes for
the events that occured during scanning. Obviously, the sum can be easily
decomposed into separate event codes.
For example, return code 9 = 1 + 8 means that known viruses were detected,
including viruses in archives; curing and others actions were not executed;
no other "virus" events occured during scanning.
LIMITATIONS IN THIS VERSION
- Virus check of main memory is not supported.
======================
Copyright (C) Doctor Web, Ltd.
Russia, Moscow - Saint Petersburg
Official site: http://www.drweb.com
Technical support site: http://support.drweb.com |
www.os2site.com/sw/util/antivirus/drweb-500-os2.zip | local copy |
This work is licensed under a Creative Commons Attribution 4.0 International License.
Add new comment