AVG 9 Internet Security User Manual Document revision 90.16 (19.11.2009) C opyright AVG Technologies C Z, s.r.o. All rights reserved. All other trademarks are the property of their respective owners. This product uses RSA Data Security, Inc. MD5 Message-Digest Algorithm, C opyright (C ) 1991-2, RSA Data Security, Inc. C reated 1991. This product uses code from C -SaC zech library, C opyright (c) 1996-2001 Jaromir Dolecek (dolecek@ics.muni.cz).
Contents ........................................................................................................................ 8 1. Introduction ........................................................................................................................ 9 2. AVG Installation Requirements 9 2.1 Operation.......................................................................................................... Systems Supported 9 2.2 Minimum ......................................................
.......................................................................................................... 30 6.5 Eicar Test .......................................................................................................... 31 6.6 AVG Default Configuration ........................................................................................................................ 32 7. AVG User Interface 33 7.1 System........................................................................................
.......................................................................................................... 55 8.6.3 Firewall Interface .......................................................................................................... 59 8.7 E-mail Scanner .......................................................................................................... 59 8.7.1 E-mail Scanner Principles ..........................................................................................................
.......................................................................................................... 100 9.7 Anti-Spam .......................................................................................................... 100 9.7.1 Settings .......................................................................................................... 100 9.7.2 Performance 100 9.7.3 .......................................................................................................... RBL 100 9.7.4 .
........................................................................................................................ 159 10. Firewall Settings .......................................................................................................... 159 10.1 General .......................................................................................................... 160 10.2 Security 161 10.3 Areas......................................................................................................
........................................................................................................................ 215 13. Event History ........................................................................................................................ 217 14. FAQ and Technical Support AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
1. Introduction This user manual provides comprehensive documentation for AVG 9 Internet Security . Congratulations on your purchase of AVG 9 Internet Security! AVG 9 Internet Security is one of a range of award winning AVG products designed to provide you with peace of mind and total security for your PC.
2. AVG Installation Requirements 2.1.
· 510 MB of free hard drive space (for installation purposes) AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
3. AVG Installation Options AVG can be installed either from the installation file available on your installation CD, or you can download the latest installation file from AVG website (http://www.avg.com/). Before you start installing AVG, we strongly recommend that you visit AVG website (http://www.avg.com/) to check for a new installation file. This way you can be sure to install the latest available version of AVG 9 Internet Security.
4. AVG Download Manager AVG Download Manager is a simple tool that helps you select the proper installation file for your AVG product. Based on your input data, the manager will select the specific product, license type, desired components, and language. Finally, AVG Download Manager will go on to download and launch the appropriate installation process.
4.2. Connectivity Check In the next step, AVG Download Manager will attempt to establish an Internet connection so that updates can be located. You will not be allowed to advance the download process until the AVG Download Manager is able to complete the connectivity test. · If the test shows no connectivity, make sure you are really connected to Internet.
4.3. Proxy Settings If AVG Download Manager was not able to identify your Proxy settings you have to specify them manually. Please fill in the following data: · Server - enter a valid proxy server name or IP address · Port - provide the respective port number · Use proxy authentication - if your proxy server requires authentication, tick this check box. · Select authentication - from the drop-down menu select the authentication type.
4.4. Download Files to Install Now, you have provided all information needed for the AVG Download Manager to start the installation package download, and launch the installation process. Further, advance to the AVG Installation Process. AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
5. AVG Installation Process To install AVG 9 Internet Security on your computer, you need to get the latest installation file. You can use the installation file from the CD that is a part of your box edition but this file might be out-of-date. Therefore we recommended getting the latest installation file online. You can download the file from AVG website (http://www. avg.com/), the Support Center / Download section.
5.2. License Agreement The License Agreement dialog provides the full wording of the AVG license agreement. Please read it carefully and confirm that you have read, understood and accept the agreement by marking the I have read license agreement check box and pressing the Accept button. If you do not agree with the license agreement press the Don't accept button, and the installation process will be terminated immediately. 5.3.
5.4. Select Installation Type The Select Installation Type dialog offers the choice of two installation options: standard and custom installation. For most users, it is highly recommended to keep to the standard installation that installs AVG in fully automatic mode with settings predefined by the program vendor. This configuration provides maximum security combined with the optimal use of resources.
shown. If the digital form of the license number is available (in the email), it is recommended to use the copy and paste method to insert it. Press the Next button to continue the installation process. If in the previous step you have selected the standard installation, you will be redirected directly to the AVG Security Toolbar dialog. If custom installation was selected you will continue with the Destination Folder dialog. AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o.
5.6. Custom Installation - Destination Folder The Destination Folder dialog allows you to specify the location where AVG 9 Internet Security should be installed. By default, AVG will be installed to the program files folder located on drive C:. In case the folder does not exist yet, you will be asked in a new dialog to confirm you agree AVG creates this folder now. If you want to change this location, use the Browse button to display the drive structure, and select the respective folder.
5.7. Custom Installation - Component Selection The Component Selection dialog displays an overview of all AVG 9 Internet Security components that can be installed. If the default settings do not suit you, you can remove/add specific components. However, you can only select from components that are included in your purchased AVG edition.
· Remote Administration If you plan to connect your computer to the AVG Remote Administration later, please mark the respective item to be installed as well. Continue by pressing the Next button. 5.8.
5.9. AVG Security Toolbar In the AVG Security Toolbar dialog, decide whether you want to install the AVG Security Toolbar (verification of search results of the supported Internet search engines). If you do not change the default settings, this component will be installed automatically into your Internet browser (currently supported browsers are Microsoft Internet Explorer v. 6.0 or higher, and Mozilla Firefox v. 2.
5.10. Close down open applications The Close down open applications dialog appears during the installation process only in case there are some other clashing programs running on your computer at the moment. Then, the list of programs that need to be closed in order to sucessfuly finish the installation process will be provided. Press the Next button to confirm you agree to close down the respective applications, and to continue to the next step.
5.11. Installing AVG The Installing AVG dialog shows the progress of the installation process, and does not require any intervention: After the installation process is finished, you will be redirected to the next dialog automatically. AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
5.12. Schedule regular scans and updates In the Schedule regular scans and updates dialog set up the interval for new update files accessibility check-up, and define time when the scheduled scan should be launched. It is recommended to keep the default values. Press the Next button to continue. 5.13. Computer usage selection AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
In this dialog, the Firewall Configuration Wizard asks what type of computer you use. For instance, your notebook, that connects to the Internet from many different locations (airports, hotel rooms, etc.) requires security rules that are stricter than those of a computer in a domain (company network, etc.). Based on the selected computer usage type the Firewall default rules will be defined with a different security level.
· Your computer is a part of domain Select the connection type that best describes your computer connection to the Internet. Confirm your selection by pressing the Next button and proceed to the next dialog. 5.15. AVG protection configuration is complete Now your AVG 9 Internet Security has been configured. In this dialog you decide whether you want to activate the option of anonymous reporting of exploits and bad sites to AVG virus lab.
6. After Installation 6.1. Scan optimization The scanning optimization functionality searches the Windows and Program files folders where it detects appropriate files (at the moment those are the *.exe, *.dll and *.sys files) and saves the information on these files. With the next access these files will not be scanned again and this reduce the the scanning time significantly.
· from the menu Start/Programs/AVG 9.0/AVG User Interface 6.4. Scanning of the whole computer There is a potential risk that a computer virus has been transmitted to your computer prior to AVG 9 Internet Security installation. For this reason you should run a Scan of the whole computer to make sure there are no infections on your PC. For instructions on running a Scan of the whole computer please consult the chapter AVG Scanning. 6.5.
you to download this file and save it on your local disk but then the Resident Shield detects the 'virus' as you try to unpack it. If AVG fails to identify the EICAR test file as a virus, you should check the program configuration again! 6.6. AVG Default Configuration The default configuration (i.e. how the application is set up right after installation) of AVG 9 Internet Security is set up by the software vendor so that all components and functions are tuned up to achieve optimum performance.
7.
· Statistics (left bottom section of the window) provide you with all statistical data regarding the programs operation - details >> · System Tray Icon (bottom right corner of the monitor, on the system tray) indicates the AVG current status - details >> 7.1. System Menu The System menu is the standard navigation used in all Windows applications. It is located horizontally in the very top part of the AVG 9 Internet Security main window.
· License - opens the default page of the License component · Web Shield - opens the default page of the Web Shield component · Resident Shield - opens the default page of the Resident Shield component · Update Manager - opens the default page of the Update Manager component 7.1.3.
the tree structure of your disk · Update - automatically launches the update process of AVG 9 Internet Security · Update from directory - runs the update process from the update files located in a specified folder on your local disk. However, this option is only recommended as an emergency, e.g. in situations where there is no connection to the Internet (for example, your computer is infected and disconnected from the Internet; your computer is connected to a network with no access to the Internet, etc.).
the program right away. For AVG 9 Internet Security installed with a sales number, the items display as Register and Activate. For more information please consult the License section of this documentation. · About AVG - opens the Information dialog with five tabs providing data on program name, program and virus database version, system info, license agreement, and contact information of AVG Technologies CZ. 7.2.
case the report indicates any problem, go ahead and try to solve it immediately. Otherwise your computer is at risk! Note: AVG status information can also be obtained at any moment from the system tray icon. 7.3.
· Description of a selected component Within the AVG 9 Internet Security the Components Overview section contains information on the following components: · Anti-Virus ensures that your computer is protected from viruses trying to enter your computer - details >> · Anti-Spyware scans your applications in the background as you run them details >> · Anti-Spam checks all incoming e-mail messages and marks unwanted e-mails as SPAM - details >> · Firewall controls how your computer exchanges data with other comp
Right-click you mouse over a component's icon to expand a context menu: besides opening the component's graphic interface you can also select to Ignore component state. Select this option to express you are aware of the component's error state but for some reason you wish to keep your AVG so and you do not want to be warned by the system tray icon. 7.5. Statistics The Statistics section is located in the left bottom part of the AVG User Interface.
The System Tray Icon can also be used as a quick link to access the AVG main window at any time - double click on the icon. By right-click on the System Tray Icon you open a brief context menu with the following options: · Open AVG User Interface - click to open the AVG User Interface · Update - launches an immediate update AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
8. AVG Components 8.1. Anti-Virus 8.1.1. Anti-Virus Principles The antivirus software's scanning engine scans all files and file activity (opening/ closing files, etc.) for known viruses. Any detected virus will be blocked from taking any action and will then be cleaned or quarantined. Most antivirus software also uses heuristic scanning, where files are scanned for typical virus characteristics, so called viral signatures.
8.1.2. Anti-Virus Interface The Anti-Virus component's interface provides some basic information on the component's functionality, information on the component's current status (Anti-Virus component is active.
Advanced Settings dialog. 8.2. Anti-Spyware 8.2.1. Anti-Spyware Principles Spyware is usually defined as a type of malware, i.e. software, that gathers information from a user's computer without the user's knowledge or consent. Some spyware applications may also be installed on purpose and often contain advertisements, window pop-ups or different types of unpleasant software. Currently, the most common source of infection is websites with potentially dangerous content.
8.2.2. Anti-Spyware Interface The Anti-Spyware component's interface provides a brief overview on the component's functionality, information on the component's current status (AntiSpyware component is active.
Advanced Settings dialog. 8.3. Anti-Spam Spam refers to unsolicited e-mail, mostly advertising a product or service that is mass mailed to a huge number of e-mail addresses at a time, filling recipients’ mail boxes. Spam does not refer to legitimate commercial e-mail for which consumers have given their consent. Spam is not only annoying, but also can often be a source of scams, viruses or offensive content. 8.3.1.
8.3.2. Anti-Spam Interface In the Anti-Spam component's dialog you will find a brief text describing the component's functionality, information on its current status (Anti-Spam component is active.
8.4. Anti-Rootkit A rootkit is a program designed to take fundamental control of a computer system, without authorization by the system's owners and legitimate managers. Access to the hardware is rarely required as a rootkit is intended to seize control of the operating system running on the hardware. Typically, rootkits act to obscure their presence on the system through subversion or evasion of standard operating system security mechanisms.
The Anti-Rootkit user interface provides a brief description of the component's functionality, informs on the component's current status (Anti-Rootkit component is active.) and also brings information on the last time the Anti-Rootkit test was launched. In the bottom part of the dialog you can find the Anti-Rootkit settings section where you can set up some elementary functions of the rootkit presence scanning.
· Network connections - list of currently active connections · Autostart - list of all applications that are executed during Windows system start-up · Browser Extensions - list of plug-ins (i.e. applications) that are installed inside your Internet browser · LSP Viewer - list of Layered Service Providers (LSP) Specific overviews can also be edited but this is only recommended for highly experienced users! 8.5.1. Processes The Processes dialog contains a list of processes (i.e.
· Path - physical path to the running process · Window - if applicable, indicates application Window name · Internet - indicates if the running process also connects to the Internet (Yes/ No) · Service - shows if the running process is a service (Yes/No) · PID - process identification number is a unique Windows internal process identifier Control buttons The control buttons available within the System Tools interface are as follows: · Refresh - updates the list of processes according to the current status
8.5.2. Network Connections The Network Connections dialog contains a list of currently active connections.
To list only external connections, tick the Hide local connections checkbox in the bottom section of the dialog under the list. Control buttons The control buttons available are: · Terminate Connection - closes one or more connections selected in the list · Terminate Process - closes one or more applications related to connections selected in the list · Back - switch back to the default AVG user interface (components overview).
system start-up. Very often, several malware applications add themselves automatically to the start-up registry entry. You can delete one or more entries by selecting them and pressing the Remove selected button. The Back button switches you back to the default AVG user interface (components overview). We strongly suggest not to delete any applications from the list, unless you are absolutely sure that they represent a real threat! 8.5.4.
· Remove selected object - removes the plug-in that is currently highlighted in the list. We strongly suggest not to delete any plug-ins from the list, unless you are absolutely sure that they represent a real threat! · Back - switches you back to the default AVG user interface (components overview) 8.5.5. LSP Viewer The LSP Viewer dialog shows a list of Layered Service Providers (LSP). A Layered Service Provider (LSP) is a system driver linked into the networking services of the Windows operating system.
To include Windows LSP in the list, uncheck the Hide Windows LSP checkbox. The Back button switches you back to the default AVG user interface (components overview). 8.6. Firewall Firewall is a system that enforces an access control policy between two or more networks by blocking/permitting traffic. Firewall contains a set of rules that protect the internal network from attacks originating outside (typically from the Internet) and controls all communication on every single network port.
What AVG Firewall can do: · Allow or block communication attempts of known applications automatically, or ask you for confirmation · Use complete profiles with predefined rules, according to your needs · Switch profiles automatically when connecting to various networks, or using various network adapters 8.6.2. Firewall Profiles The Firewall allows you to define specific security rules based on whether your computer is located in a domain, or it is a standalone computer, or even a notebook.
and connecting with your notebook from various unknown and possibly dangerous places (internet café, hotel room etc.). More restrictive rules will be created, as it is assumed that these computers have no additional protection and therefore require the maximum protection. o Computer in domain – suitable for computers in a local network, e.g. school or corporate network.
8.6.3.
communication for unknown applications. In case an unknown application tries to communicate over the network at that time, the Firewall will allow or block the attempt automatically according to settings in the current profile.
exposure to attacks via e-mail. Companies usually use corporate e-mail accounts and employ anti-spam filters etc, to reduce the risk. 8.7.1. E-mail Scanner Principles The E-mail Scanner component scans incoming/outgoing e-mails automatically. You can use it with e-mail clients that do not have their own plug-in in AVG (e.g. Outlook Express, Mozilla, Incredimail, etc.).
8.7.2. E-mail Scanner Interface In the E-mail Scanner component's dialog you can find a brief text describing the component's functionality, information on its current status (E-mail Scanner is active. ), and the following statistics: · Total e-mails scanned - how many e-mail messages were scanned since the E-mail Scanner was last launched (if needed, this value can be reset; e.g.
· Scan incoming messages - check the item to specify that all e-mails deliver ed to your account should be scanned for viruses. By default, this item is on, and it is recommended not to change this setting! · Scan outgoing messages - check the item to confirm all e-mail sent from your account should be scanned for viruses. By default, this item is off.
8.7.3. E-mail Scanner Detection In the E-mail Scanner detection dialog (accessible via system menu option History / E-mail Scanner detection) you will be able to see a list of all findings detected by the E-mail Scanner component.
Control buttons The control buttons available within the E-mail Scanner detection interface are as follows: · Refresh list - updates the list of detected threats · Back - switches you back to the default AVG user interface (components overview) 8.8.
being monitored by IDP · Behaviors monitored - number of specific actions running within the monitored applications Basic component configuration In the bottom part of the dialog you will find the Identity Protection settings section where you can edit some elementary features of the component's functionality: · Identity Protection is active - (on by default): check to activate the IDP component, and to open further editing options.
recommended not to change it unless you have a real reason to do so) o Automatically quarantine detected threats - all applications detected as malware will be blocked automatically o Automatically quarantine known threats - only those applications that are with absolute certainty detected as malware will be blocked Control buttons The control buttons available within the Identity Protection interface are as follows: · Save changes - press this button to save and apply any changes made in this dialog · Can
component's functionality, information on its current status (License component is active.), and the following information: · License number - provides the exact form of your license number. When entering your license number, you have to be absolutely precise and type it exactly as shown. Therefore we strongly recommend to always use "copy & paste" method for any manipulation with the license number. · License type - specifies the product type installed.
8.10.1. Link Scanner Principles The LinkScanner component provides protection against websites, that are designed to install malware into your computer via the web browser or its plugins. The LinkScanner technology consists of two features, AVG Search-Shield and AVG Active Surf-Shield: · AVG Search Shield contains list of websites (URL addresses) which are known to be dangerous.
In the bottom part of the dialog you can edit several options: · Enable AVG Search-Shield - (on by default): advisory notifying icons on searches performed in Google, Yahoo!, Bing, Baidu, Yandex, or Altavista: having checked ahead the content of sites returned by the search engine. · Enable AVG Active Surf-Shield - (on by default): active (real-time) protection against exploitive sites as they are accessed.
While a link is being evaluated on the search results page, you will see a graphic sign next to the link informing that the link verification is in progress. When the evaluation is complete, the respective informative icon will be displayed: The linked page is safe (with Yahoo! search engine within AVG Security Toolbar this icon will not be displayed!). The linked page does not contain threats but is somewhat suspicious ( questionable in origin or motive, therefore not recommended for e-shopping etc.).
browser to display it. If you do encounter a malicious web site, within your web browser the AVG Link Scanner will warn you with a screen similar to: Entering such web site is highly risky and it cannot be recommended! 8.11. Web Shield 8.11.1. Web Shield Principles Web Shield is a type of a real time resident protection; it scans the content of visited web pages (and possible files included in them) even before these are displayed in your web browser or downloaded to your computer.
First of all, you have the option to immediately switch on/off the Web Shield by checking the Enable Web Shield item. This option is enabled by default, and the Web Shield component is active. However, if you do not have a good reason to change this settings, we recommend to keep the component active.
displayed using the heuristic analysis method (dynamic emulation of the scanned object’s instructions in a virtual computer environment see chapter Anti-Virus Principles) Ø Maximum file size to be scanned - if included files are present in the displayed page you can also scan their content even before these are downloaded to your computer. However, scanning of large files takes quite some time and the web page download might be slowed significantly.
Please note: The software vendor has set up all AVG components to give optimum performance. Unless you have a real reason to do so, do not change the AVG configuration. Any changes to settings should only be performed by an experienced user. If you need to change AVG configuration, select the system menu item Tools / Advanced settings and edit the AVG configuration in the newly opened AVG Advanced Settings dialog.
For each detected object the following information is provided: · Infection- description (possibly even name) of the detected object · Object - object source (web page) · Result - action performed with the detected object · Detection time - date and time the threat was detected and blocked · Object Type - type of the detected object · Process - what action was performed to call out the potentially dangerous object so that it could be detected In the bottom part of the dialog, under the list, you will find i
8.12. Resident Shield 8.12.1. Resident Shield Principles The Resident Shield component gives your computer continuous protection. It scans every single file that is being opened, saved, or copied, and guards the system areas of the computer. When Resident Shield discovers a virus in a file that is accessed, it stops the operation currently being performed and does not allow the virus to activate itself.
· Resident Shield has been active for - provides the time since the latest component's launch · Threats detected and blocked - number of detected infections that were prevented from being run/opened (if needed, this value can be reset; e.g.
· Manage exceptions - opens the Resident Shield - Directory Excludes dialog where you can define folders that should be left out from the Resident Shield scanning · Save changes - press this button to save and apply any changes made in this dialog · Cancel - press this button to return to the default AVG user interface (components overview) 8.12.3. Resident Shield Detection Resident Shield scans files as they are copied, opened or saved.
Resident Shield detection dialog accessible from Resident Shield findings: via system menu option History / The Resident Shield detection offers an overview of objects that were detected by the Resident Shield, evaluated as dangerous and either cured or moved to the Virus Vault.
objects (Empty list). The Refresh list button will update the list of finding detected by Resident Shield. The Back button switches you back to the default AVG user interface (components overview). 8.13. Update Manager 8.13.1. Update Manager Principles No security software can guarantee true protection from various types of threats unless it is regularly updated! Virus writers are always looking for new flaws that they can exploit in both software and operating systems.
8.13.2. Update Manager Interface The Update Manager's interface displays information about the component's functionality and its current status (Update manager is active.
Further you can define when the update should be launched: o Periodically - define the time interval o At a specific time - define the exact day and time By default, the update is set for every 4 hours. It is highly recommended to keep this setting unless you have a true reason to change it! Please note: The software vendor has set up all AVG components to give optimum performance. Unless you have a real reason to do so, do not change the AVG configuration.
8.14.1. AVG Security Toolbar Interface The AVG Security Toolbar is designed to work with MS Internet Explorer (version 6.0 or greater) and Mozilla Firefox (version 2.0 or greater).
start searchin using the specified search engine (you can specify the desired search engine to be used within the AVG Security Toolbar Advanced Options, and you can choose either Yahoo!, Wikipedia, Baidu, WebHledani, or Yandex), no matter what page is currently displayed. The search box also lists your search history. Searches done through the search box are analyzed using the AVG Search-Shield protection.
the button within the AVG Security Toolbar panel you can open a dropdown menu with links to up-to-date AVG related press releases. o AVG Info Button - the AVG Info button opens the menu with the following options: § Toolbar Info - opens the AVG Security Toolbar product page with detailed information on the component § About Threats - opens the AVG virus lab web page with information on current threats, virus removal recommendations, FAQ list, etc.
The Security tab is divided into two sections, AVG Browser Security and Ratings, where you can mark specific check-boxes to assign AVG Security Toolbar functionality you want to use: o AVG Browser Security - check this item to activate or switch-off the AVG Search-Shield and/or AVG Active Surf-Shield service o Ratings - select graphical symbols used for search results ratings by the AVG Search-Shield component that you want to use: § page is safe § page is somewhat suspicious § page containing links to
pages containing active and dangerous threats cannot be switchedoff. Again, it is recommended to keep the default configuration set by the program vendor unless you have a real reason to change it. · Advanced Options On the Advanced Options tab first select what search engine you want to use as default. You have the choice of Yahoo!, Baidu, WebHledani, and Yandex. Having changed the default search engine, please restart your internet browser for the change to take effect.
automatically redirected to a web page that allows you to select from an overview of alternative topic-related pages. o Set and keep Yahoo! as the search provider for your browser - (off by default) - Yahoo! is the default search engine for web search within AVG Security Toolbar, and activating this option it can also become your web browser default search engine.
9. AVG Advanced Settings The advanced configuration dialog of AVG 9 Internet Security opens in a new window named Advanced AVG Settings. The window is divided into two sections: the left part offers a tree-arranged navigation to the program configuration options. Select the component you want to change the configuration of (or its specific part) to open the editing dialog in the right-hand section of the window. 9.1.
Selection).
problem should be displayed.
Then, select the respective event from the list and browse (Browse) your disk for an appropriate sound you want to assign to this event. To listen to the selected sound, highlight the event in the list and push the Play button. Use the Delete button to remove the sound assigned to a specific event. Note: Only *.wav sounds are supported! AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
9.3. Ignore Faulty Conditions In the Ignore faulty components conditions dialog you can tick those components that you do not want to get informed about: By default, no component is selected in this list.
yourself, and you are aware of the potential risk. At the same time, once being displayed in grey color, the icon cannot actually report any possible further error that might appear. For this situation, within the above dialog you can select components that may be in an error state (or switched off) and you do not wish to get informed about it. The same option of Ignoring component state is also available for specific components directly from the components overview in the AVG main window. 9.4.
Identity Protection is active (on by default) – uncheck to turn off the Identity Protection component. We strongly recommend not to do this unless you have to! When the Identity Protection is activated, you can specify what to do when a threat is detected: · Always prompt (on by default) - when a threat is detected, you will be asked whether it should be moved to quarantine to make sure no applications you want to run are removed.
9.4.2. Allowed List If within the Identity Protection settings dialog you decided to keep the Automatically quarantine detected threats item unchecked, every time a possibly dangerous malware is detected, you will be asked whether it should be removed.
The control buttons available within the Allowed list dialog are as follows: · Add - press this button to add a new application to the allowed list. The following dialog pops-up: o File - type the full path to the file (application) that you want to mark as an exception o Checksum - displays the unique 'signature' of the chosen file. This checksum is an automatically generated string of characters, which allows AVG to unequivocally distinguish the chosen file from other files.
9.5. Virus Vault The Virus Vault maintenance dialog allows you to define several parameters regarding the administration of objects stored in the Virus Vault: · Limit Virus Vault size - use the slider to set up the maximum size of the Virus Vault. The size is specified proportionally compared to the size of your local disk. · Automatic file deletion - in this section define the maximum length of time that objects should be stored in the Virus Vault (Delete files older than ...
adware might be detected and reported by AVG as a potentially unwanted program . If you wish to keep such a program on your computer, you can define it as a potentially unwanted program exception: The Potentially Unwanted Programs Exceptions dialog displays a list of already defined and currently valid exceptions from potentially unwanted programs. You can edit the list, delete existing items, or add new exceptions.
· Edit - opens an editing dialog (identical with the dialog for a new exception definition, see below) of an already defined exception where you can change the exception's parameters · Remove - deletes the selected item from the list of exceptions · Add exception - open an editing dialog where you can define parameters of the new exception to be created: o File - type the full path to the file that you want to mark as an exception o Checksum - displays the unique 'signature' of the chosen file.
9.7.1. Settings In the Anti-Spam basic settings dialog you can check/uncheck the Turn on AntiSpam protection checkbox to allow/forbid the anti-spam scanning of e-mail communication. This option is on by default, and as always, it is recommended to keep this configuration unless you have a real reason to change it. Next, you can also select more or less aggressive scoring measures. The Anti-Spam filter assigns each message a score (i.e.
· Value 80-89 - E-mail messages likely to be spam will be filtered out. Some non-spam messages may be incorrectly filtered as well. · Value 60-79 - Considered as a quite aggressive configuration. E-mail messages that are possibly spam will be filtered out. Non-spam messages are likely to be caught as well. · Value 1-59 - Very aggressive configuration. Non-spam e-mail messages are as likely to be caught as real spam messages. This threshold range is not recommended for normal use.
There are the following options to choose from: · A specific e-mail client - if you use one of the listed e-mail clients (MS Outlook, Outlook Express, The Bat!, Mozilla Thunderbird), simply select the respective option · Folder with EML files - if you use any other e-mail program, you should first save the messages to a specific folder (in .eml format), or make sure that you know the location of your e-mail client message folders.
In this dialog, please select the folder with the messages you want to use for training. Press the Add folder button to locate the folder with the .eml files (saved e-mail messages). The selected folder will then be displayed in the dialog. In the Folders contain drop-down menu, set one of the two options - whether the selected folder contains wanted (HAM), or unsolicited (SPAM) messages.
Note: In case of Microsoft Office Outlook, you will be prompted to select the MS Office Outlook profile first. In the Folders contain drop-down menu, set one of the two options - whether the selected folder contains wanted (HAM), or unsolicited (SPAM) messages. Please note that you will be able to filter the messages in the next step, so the folder does not have to contain only training e-mails. A navigation tree of the selected e-mail client is already displayed in the main section of the dialog.
In this dialog, you can set filtering of the e-mail messages. If you are sure that the selected folder contains only messages you want to use for training, select the All messages (no filtering) option. If you are unsure about the messages contained in the folder, and you want the wizard to ask you about every single message (so that you can determine whether to use it for training or not), select the Ask for each message option. For more advanced filtering, select the Use filter option.
9.7.2. Performance The Engine performance settings dialog (linked to via the Performance item of the left navigation) offers the Anti-Spam component performance settings. Move the slider left or right to change the level of scanning performance ranging between Low memory / High performance modes. · Low memory - during the scanning process to identify spam, no rules will be used. Only training data will be used for identification.
if you have a valid reason to do so. Any changes to this configuration should only be done by expert users! 9.7.3. RBL The RBL item open an editing dialog called Realtime Blackhole Lists: In this dialog you can switch on/off the Query RBL servers function. The RBL (Realtime Blackhole List) server is a DNS server with an extensive database of known spam senders.
server database. No personal data is sent to the server! 9.7.4. Whitelist The Whitelist item opens a dialog named Approved e-mail senders list with a global list of approved sender e-mail addresses and domain names whose messages will never be marked as spam. In the editing interface you can compile a list of senders that you are sure will never send you unwanted messages (spam). You can also compile a list of full domain names (e.g. avg.com), that you know do not generate spam messages.
domain name) per line. · Export - if you decide to export the records for some purpose, you can do so by pressing this button. All records will be saved to a plain text file. · Import - if you already have a text file of email addresses/domain names prepared, you can simply import it by selecting this button. The input file must be in plain text format, and the content must contain only one item (address, domain name) per line. 9.7.5.
them by either of the following methods: by direct entry of each e-mail address or by importing the whole list of addresses at once. The following control buttons are available: · Edit - press this button to open a dialog, where you can manually enter a list of addresses (you can also use copy and paste). Insert one item (sender, domain name) per line. · Export - if you decide to export the records for some purpose, you can do so by pressing this button. All records will be saved to a plain text file.
9.8. Web Shield The Web Protection dialog allows you to activate/deactivate the entire Web Shield component via the Enable Web Shield option (activated by default).
9.8.1. Web Protection In the Web Protection dialog you can edit the component's configuration regarding the scan of the website content. The editing interface allows you to configure the following elementary options: · Enable Web protection - this option confirms that the Web Shield should perform scanning of the www pages content.
o Ports to be scanned - this field lists the standard http communication port numbers. If your computer configuration differs, you can change the port numbers as needed. o Maximum part size of a file to be scanned - if included files are present in the displayed page you can also scan their content even before these are downloaded to your computer. However, scanning of large files takes quite some time and the web page download might be slowed significantly.
9.8.2. Instant Messaging In the Instant Messaging Shield dialog you can edit the Web Shield components settings referring to instant messaging scanning. Currently the following three instant messaging programs are supported: ICQ, MSN, and Yahoo - tick the respective item for each of them if you want the Web Shield to verify the on-line communication is virus free.
9.9. Link Scanner The LinkScanner settings dialog allows you to switch on/off the elementary features of the LinkScanner: · Enable AVG Search-Shield - (on by default): advisory notifying icons on searches performed in Google, Yahoo, Bing, Yandex, Altavista or Baidu having checked ahead the content of sites returned by the search engine. · Enable AVG Active Surf-Shield - (on by default): active (real-time) protection against exploitive sites as they are accessed.
9.10.
9.10.1. Scan Whole Computer The Scan whole computer option allows you to edit parameters of one of the scans predefined by the software vendor, Scan of the whole computer: Scan settings The Scan settings section offers a list of scanning parameters that can be optionally switched on/off: · Automatically heal/remove infection - if a virus is identified during scanning it can be healed automatically if a cure is available.
executable files that can run as spyware or adware) and these can then be blocked, or removed; · Scan for Tracking Cookies - this parameter of the Anti-Spyware component defines that cookies should be detected; (HTTP cookies are used for authenticating, tracking, and maintaining specific information about users, such as site preferences or the contents of their electronic shopping carts) · Scan inside archives - this parameters defines that scanning should check all files even those stored inside archives,
scan, and will slow down your other activities on the PC (this option can be used when your computer is switched on but nobody is currently working on it). On the other hand, you can decrease system resources usage by extending the scanning duration. Set additional scan reports ... Click the Set additional scan reports ... link to open a standalone dialog window called Scan reports where you can tick several items to define what scan findings should be reported: 9.10.2.
The list of parameters is identical to those available for the Scan of the whole computer. However, the default settings differ: with the Scan of the Whole Computer most parameters are selected while for the Shell extension scan ( Scanning in Windows Explorer) only the relevant parameters are switched on. Note: For a description of specific parameters please consult the chapter AVG Advanced Settings / Scans / Scan Whole Computer. 9.10.3.
All parameters set up in this configuration dialog apply only to the areas selected for scanning with the Scan of specific files or folders! Note: For a description of specific parameters please consult the chapter AVG Advanced Settings / Scans / Scan Whole Computer. AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
9.10.4. Removable Device Scan The editing interface for Removable device scan is also very similar to the Scan Whole Computer editing dialog: The Removable device scan is launched automatically once you attach any removable device to your computer. By default, this scanning is switched off. However, it is crucial to scan removable devices for potential threats since these are a major source of infection.
9.11. Schedules In the Schedules section you can edit the default settings of: · Whole computer scan schedule · Virus database update schedule · Program update schedule · Anti-Spam update schedule 9.11.1. Scheduled Scan Parameters of the scheduled scan can be edited (or a new schedule set up) on three tabs: AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
On the Schedule settings tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled test temporarily, and switch it on again as the need arises. Next, in the text field called Name (deactivated for all default schedules) there is the name assigned to this very schedule by the program vendor.
always be a specific version of the scan of selected files or folders. In this dialog you can further define the following parameters of the scan: Schedule running Here, you can specify time intervals for the newly scheduled scan launch. The timing can either be defined by the repeated scan launch after a certain period of time (Run every ...) or by defining an exact date and time (Run at specific time interval ...
On the How to scan tab you will find a list of scanning parameters that can be optionally switched on/off. By default, most parameters are switched on and the functionality will be applied during scanning. Unless you have a valid reason to change these settings we recommend to keep the predefined configuration: · Automatically heal/remove infection - if a virus is identified during scanning it can be healed automatically if a cure is available.
· Scan for Tracking Cookies - (switched on, by default): this parameter of the Anti-Spyware component defines that cookies should be detected during scanning; (HTTP cookies are used for authenticating, tracking, and maintaining specific information about users, such as site preferences or the contents of their electronic shopping carts) · Scan inside archives - (switched on, by default): this parameter defines the scanning should check all files even if they are stored inside an archive, e.g. ZIP, RAR, ...
Within the Scan process priority section you can further specify the desired scanning speed dependent on system resource usage. By default, this option is set to the medium level of automatic resource usage. If you want the scanning to run faster, it will take less time but the system resources usage will increase significantly during the scan, and will slow down your other activities on the PC (this option can be used when your computer is switched on but nobody is currently working on it).
On the What to scan tab you can define whether you want to schedule scanning of the whole computer or scanning of specific files or folders. If you select scanning of specific files or folders, in the bottom part of this dialog the displayed tree structure activates and you can specify the folders to be scanned. AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
9.11.2. Virus Database Update Schedule On the Schedule settings tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled virus database update temporarily, and switch it on again as the need arises. The basic virus database update scheduling is covered within the Update Manager component.
Schedule running In this section, specify the time intervals for the newly scheduled virus database update launch. The timing can either be defined by the repeated update launch after a certain period of time (Run every ...) or by defining an exact date and time (Run at specific time ...). Advanced schedule options This section allows you to define under which conditions the virus database update should/should not be launched if the computer is in low power mode or switched off completely.
9.11.3. Program Update Schedule On the Schedule settings tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled program update temporarily, and switch it on again as the need arises. In the text field called Name (deactivated for all default schedules) there is the name assigned to this very schedule by the program vendor.
timing can either be defined by the repeated update launch after a certain period of time (Run every ...) or by defining an exact date and time (Run at specific time ...), or possibly by defining an event that the update launch should be associated with ( Action based on computer startup). Advanced schedule options This section allows you to define under which conditions the program update should/ should not be launched if the computer is in low power mode or switched off completely.
9.11.4. Anti-Spam Update Schedule On the Schedule settings tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled Anti-Spam update temporarily, and switch it on again as the need arises. Basic Anti-Spam update scheduling is covered within the Update Manager component.
Schedule running Here, specify the time intervals for the newly scheduled Anti-Spam update launch. The timing can either be defined by the repeated Anti-Spam update launch after a certain period of time (Run every ...) or by defining an exact date and time (Run at specific time ...), or possibly by defining an event that the update launch should be associated with (Action based on computer startup).
9.12. E-mail Scanner The E-mail Scanner dialog is divided into three sections: · E-mail scanning - in this section select whether you want to scan the incoming/outgoing e-mail messages and whether all e-mails should be certified or only e-mails with attachments (e-mail virus-free certification is not supported in HTML/RTF format). Additionally you can choose if you want AVG to modify the subject for messages that contain potential viruses.
macro containing files and/or files with hidden extension detected as an attachment of the scanned e-mail message. If such a message is identified during scanning, define whether the detected infectious object should be moved to the Virus Vault. 9.12.1. Certification In the Certification dialog you can specify exactly what text the certification note should contain, and in what language. This should be specified separately for Incoming mail and Outgoing mail.
9.12.2. Mail Filtering The Attachment filter dialog allows you to set up parameters for e-mail messages attachment scanning. By default, the Remove attachments option is switched off. If you decide to activate it, all e-mail message attachments detected as infectious or potentially dangerous will be removed automatically. If you want to define specific types of attachments that should be removed, select the respective option: · Remove all executable files - all *.
9.12.3. Logs and Results The dialog opened via the Logs and Results navigation item allows you to specify parameters for e-mail scanning results maintenance. The dialog is divided into several sections: · Logs Maintenance - define whether you want to log e-mail scanning information daily, weekly, monthly, ...
In this dialog (opened via Servers / POP3) you can set up a new E-mail Scanner server using the POP3 protocol for incoming mail: · POP3 Server Name - type in the name of the server or keep the AutoPOP3 default name · Type of login - defines the method for determining the mail server used for incoming mail: o Automatic - Login will be carried out automatically, according to your email client settings.
o Fixed host - In this case, the program will always use the server specified here. Please specify the address or name of your mail server. The login name remains unchanged. For a name, you may use a domain name (for example, pop.acme.com) as well as an IP address (for example, 123.45.67.89). If the mail server uses a non-standard port, you can specify this port after the server name by using a colon as the delimiter (for example, pop.acme.com:8200). The standard port for POP3 communication is 110.
In this dialog (opened via Servers / SMTP) you can set up a new E-mail Scanner server using the SMTP protocol for outgoing mail: · SMTP Server Name - type in the name of the server or keep the AutoSMTP default name · Relay Host - defines the method for determining the mail server used for outgoing mail: o Automatic - login will be carried out automatically, according to your email client settings o Fixed host - in this case, the program will always use the server specified here.
uses a non-standard port, you can type this port behind the server name using a colon as the delimiter (for example, smtp.acme.com:8200). The standard port for SMTP communication is 25. · Additional settings - specifies more detailed parameters: o Local port - specifies the port on which the communication from your mail application should be expected. You must then specify in your mail application this port as the port for SMTP communication.
9.13. Resident Shield The Resident Shield component performs live protection of files and folders against viruses, spyware and other malware. In the Resident Shield Settings dialog you can activate or deactivate the Resident Shield protection completely by checking/unchecking the Enable Resident Shield item (this option is switched on by default).
objects (e.g.
circumstances. 9.13.2. Directory Exludes The Resident Shield - Directory Excludes dialog offers the possibility of defining folders that should be excluded from the Resident Shield scanning.
· Remove path – allows you to delete the path to a selected folder from the list 9.13.3. Excluded Files The Resident Shield - Excluded files dialog behaves just like the previously described Resident Shield - Directory Excludes but instead of folders you can now define specific files that should be excluded from the Resident Shield scanning.
· Edit list – allows you to edit the list of files · Remove – allows you to delete the path to a selected file from the list 9.14. Anti-Rootkit In this dialog you can edit the Anti-Rootkit component's configuration: Editing of all functions of the Anti-Rootkit component as provided within this dialog is also accessible directly from the Anti-Rootkit component's interface.
· Quick rootkit scan - scans all running processes, loaded drivers and the system folder (typically c:\Windows) · Full rootkit scan - scans all running processes, loaded drivers, the system folder ( typically c:\Windows), plus all local disks (including the flash disk, but excluding floppy disk/CD drives) 9.15.
maximum safety level. Scheduling an update for the next PC restart can only be recommended if you are sure the computer gets restarted regularly, at least daily.
· Check computer time - mark this option to declare you wish to have notification displayed in case the computer time differs from the correct time more than specified number of hours. 9.15.1. Proxy The proxy server is a stand-alone server or a service running on a PC that guarantees safer connection to the Internet. According to the specified network rules you can then access the Internet either directly or via the proxy server; both possibilities can also be allowed at the same time.
If you select any option using proxy server, you will have to specify some further data. The server settings can be configured either manually or automatically.
9.15.2. Dial-up All parameters optionally defined in the Update settings - Dial-Up connection dialog refer to the dial-up connection to the Internet. The dialog's fields are inactive until you check the Use dial-up connections option that activates the fields. Specify whether you want to connect to the Internet automatically (Automatically open this connection) or you wish to confirm the connection manually every time ( Ask before connection).
9.15.3. URL The URL dialog offers a list of Internet addresses from which the update files can be downloaded.
9.15.4.
9.16. Remote Administration The Remote Administration settings refer to connecting the AVG client station to the remote administration system.
The Test connection button helps you to verify that all above stated data are valid and can be used to successfully connect to DataCenter. Note: For a detailed description on remote administration please consult the AVG Network Edition documentation. AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
10. Firewall Settings The Firewall configuration opens in a new window where in several dialogs can set up very advanced parameters of the component. However, the advanced configuration editing is only intended for experts and experienced users. 10.1. General In the General information you can Export / Import Firewall configuration; i.e. export the defined Firewall rules and settings to the back-up files, or on the other hand to import the entire back up file.
10.2.
into a specified group (Power User) and define authorities of the group members o All Users – other users not assigned into any specific group 10.3. Areas and Adapters Profiles In the Adapters and network areas settings dialogs you can edit setting related to assigning of defined profiles to specific adapters and referring and respective networks: · Disable area detection and automatic profile switch - one of the defined profiles can be assigned to each network interface type, respectively to each area.
specific profile from the menu of defined profiles. To open this menu, click the respective item in the list of adapters, and select the profile. · Advanced settings - ticking the respective option will deactivate the feature of displaying an information message. 10.4.
communication should be allowed for the respective application. First, AVG searches the Trusted database, and if the application is listed, it will be automatically granted access to the network. Only after that, provided there are no information on the application available in the database, you will be asked in a stand-alone dialog whether you want to allow the application to access network. Control buttons · Help - opens the dialog related help files.
10.5. Profiles In the Profiles' settings dialog you can find a list of all profiles available.
· Delete profile - deletes the selected profile from the list · Toggle Trusted Database - for the selected profile you can decide to use the Trusted Database information (Trusted Database is AVG internal database collecting data on trusted and certified applications that can always be allowed to communicate online.
The Profile information dialog is the first dialog of a section where you can edit configuration of each profile in separate dialogs referring to specific parameters of the profile. · Use Trusted Database for this profile - (on by default) mark the option to activate the Trusted Database (I.e. AVG internal database collecting information on trusted and certified application communicating online.
10.5.2. Defined Networks The Defined networks dialog offers a list of all networks that your computer is connected to.
Within this dialog, you can specify the Network name, provide the Network description and possibly assign the network as safe. The new network can be either defined manually in a standalone dialog opened via the Add IP button (alternatively Edit IP / Delete IP), within this dialog you can specify the network by providing its IP range or mask.
· Mark as safe - by default, all networks are considered unsafe, and only if you are sure the respective network is safe, you can use this button to assign it so (and vice versa, once the network is assigned as safe, the button text changes to "Mark as unsafe"). · Help - opens the dialog related help file 10.5.3.
The applications in the list were detected on your computer (and assigned respective actions) either during the Firewall Configuration Wizard's search, or, in case of an unknown or newly installed application, at a later time. Note: Please note that only application already installed could be detected, so if you install a new application later, you will have to define Firewall rules for it.
In this dialog, you can define settings for the respective application in detail. Page actions · Back to the list button will display the overview of all defined applications rules. · Delete this rule button will erase currently displayed application rule. Please note that this action cannot be reversed! Application basic information In this section, fill in the Name of the application, and optionally a Description (a brief comment for your information).
In the drop-down menu, you can select the Firewall rule for the application, i.e. what the Firewall should do when the application tries to communicate over the network: · Allow for all will allow the application to communicate over all defined networks and adapters without limitations. · Allow for safe will only allow the application to communicate over networks defined as Safe (trustworthy).
10.5.4. System Services Any editing within the System services and protocols dialog is intended for experienced users ONLY! The System services and protocols dialog lists Windows standard system services and protocols that might need to communicate over the network. The chart consists of the following columns: · Log rule action - this box enables you to switch on recording each rule application in the Logs. · System service and protocols - this column shows a name of the respective system service.
o Block communication · Networks - this column states on which specific network the system rule applies. The list (including assigned actions) can be edited using the following buttons: · To edit settings of any item in the list (including the assigned actions), rightclick the item and select Edit. · To open a new dialog for defining your own system service rule (see picture below), press the Manage user system rules button.
numbers, IP address definitions etc., please do not modify these settings! Log unknown traffic · Log unknown incoming traffic – check the box to record in the Logs every unknown attempt to connect to your computer from outside. · Log unknown outgoing traffic – check the box to record in the Logs every unknown attempt from your computer to connect to an outside location. AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
11. AVG Scanning Scanning is a crucial part of AVG 9 Internet Security functionality. You can run ondemand tests or schedule them to run periodically at convenient times. 11.1. Scanning Interface The AVG scanning interface is accessible via the Computer Scanner quick link. Click this link to switch to the Scan for threats dialog.
Control buttons Control buttons available within the testing interface are the following: · Scan history - displays the Scan results overview dialog with the entire history of scanning · View Virus Vault - opens a new window with the Virus Vault - a space where detected infections are quarantined 11.2. Predefined Scans One of the main features of AVG 9 Internet Security is on-demand scanning.
Scan configuration editing You have the option of editing the predefined default settings of the Scan of the whole computer. Press the Change scan settings link to get to the Change scan settings for Scan whole computer dialog. It is recommended to keep to the default settings unless you have a valid reason to change them! AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
· Scanning parameters - in the list of scanning parameters you can switch on/ off specific parameters as needed. By default, most of the parameters are switched on and these will be used automatically during scanning. · Additional scan settings - the link opens a new Additional scan settings dialog where you can specify the following parameters: AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
o Computer shutdown options - decide whether the computer should be shut down automatically once the running scanning process is over. Having confirmed this option (Shutdown computer upon scan completion), a new option activates that allows the computer to shut down even if it is currently locked (Force shutdown if computer is locked).
Warning: These scan settings are identical to the parameters of a newly defined scan - as described in the chapter AVG Scanning / Scan scheduling/ How to Scan. Should you decide to change the default configuration of the Scan the whole computer you can then save your new setting as the default configuration to be used for all further scans of the whole computer. 11.2.2.
Scan configuration editing You have the option of editing the predefined default settings of the Scan of specific files or folders. Press the Change scan settings link to get to the Change scan settings for Scan of specific files or folders dialog. It is recommended to keep to the default settings unless you have a valid reason to change them! AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
· Scanning parameters - in the list of scanning parameters you can switch on/off specific parameters as needed (for detailed description of this settings please consult chapter AVG Advanced Settings / Scans / Scan Specific Files or Folders). · Additional scan settings - the link opens a new Additional scan settings dialog where you can specify the following parameters: AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
o Computer shutdown options - decide whether the computer should be shut down automatically once the running scanning process is over. Having confirmed this option (Shutdown computer upon scan completion), a new option activates that allows the computer to shut down even if it is currently locked (Force shutdown if computer is locked).
Warning: These scan settings are identical to the parameters of a newly defined scan - as described in the chapter AVG Scanning / Scan scheduling/ How to Scan. Should you decide to change the default configuration of the Scan specific files or folders you can then save your new setting as the default configuration to be used for all further scans of specific files or folders.
Scan configuration editing Anti-Rootkit scan is always launched in the default settings, and editing of the scan parameters is only accessible within the AVG Advanced Settings / Anti-Rootkit dialog. In the scanning interface, only the following configuration is available: · Automatic scan - you can use the slider to change the scanning process priority. By default, the priority is set to medium level (Automatic scan) that optimizes the scanning process speed and the use of system resources.
11.3. Scanning in Windows Explorer Besides the pre-defined scans launched for the entire computer or its selected areas, AVG 9 Internet Security also offers the option of quick scanning of a specific object directly in the Windows Explorer environment. If you want to open an unknown file and you cannot be sure of its content, you may want to have it checked on demand.
11.4. Command Line Scanning Within AVG 9 Internet Security there is the option of running the scan from the command line. You can use this option for instance on servers, or when creating a batch script to be launched automatically after the computer boot. From the command line, you can launch the scanning with most parameters as offered in AVG graphical user interface.
CMD scanning launched from graphic interface When you run your computer in Windows Safe Mode, there is also a possibility to launch the command line scan from the graphic user interface. The scan itself will be launched from the command line, the Command Line Composer dialog only allows you to specify most scanning parameters in the comfortable graphic interface.
· /REPAPPEND Append to the report file · /REPOK Report uninfected files as OK · /NOBREAK Do not allow CTRL-BREAK to abort · /BOOT Enable MBR/BOOT check · /PROC Scan active processes · /PUP Report "Potentially unwanted programs" · /REG Scan registry · /COO Scan cookies · /? Display help on this topic · /HELP Display help on this topic · /PRIORITY settings / Scans) Set scan priority /Low, Auto, High/ (see Advanced · /SHUTDOWN Shutdown computer upon scan completion · /FORCESHUTDOWN Forc
section called Schedule scans: Schedule scans Click the graphical icon within the Schedule scans section to open a new Schedule scans dialog where you find a list of all currently scheduled scans: AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
You can edit / add scans using the following control buttons: · Add scan schedule - the button opens the Settings for scheduled scan dialog, Schedule settings tab. In this dialog you can specify the parameters of the newly defined test. · Edit scan schedule - this button can only be used if you have already previously selected an existing test from the list of scheduled tests.
11.5.1. Schedule Settings If you wish to schedule a new test and its regular launch, enter the Settings for scheduled test dialog (click the Add scan schedule button within the Schedule scans dialog). The dialog is divided into three tabs: Schedule settings - see picture below (the default tab that you will be automatically redirected to), How to scan and What to scan.
In this dialog you can further define the following parameters of the scan: · Schedule running - specify the time intervals for the newly scheduled scan launch. The timing can either be defined by the repeated scan launch after a certain period of time (Run every ...) or by defining an exact date and time ( Run at specific time ...), or possibly by defining an event that the scan launch should be associated with (Action based on computer startup).
11.5.2. How to Scan On the How to scan tab you will find a list of scanning parameters that can be optionally switched on/off. By default, most parameters are switched on and the functionality will be applied during scanning. Unless you have a valid reason to change these settings we recommend to keep to the pre-defined configuration: · Automatically heal/remove infection - (switched on, by default): if a virus is identified during scanning it can be healed automatically if a cure is available .
specific information about users, such as site preferences or the contents of their electronic shopping carts); · Scan inside archives - (switched on, by default): this parameters defines that the scanning should check all files even if these are packed inside some type of archive, e.g. ZIP, RAR, ...
down even if it is currently locked (Force shutdown if computer is locked).
Note: By default, the scanning configuration is set up for optimum performance. Unless you have a valid reason to change the scanning settings it is highly recommended to stick to the predefined configuration. Any configuration changes should be performed by experienced users only. For further scanning configuration options see the Advanced settings dialog accessible via the File / Advanced setting system menu item.
11.5.3. What to Scan On the What to scan tab you can define whether you want to schedule scanning of the whole computer or scanning of specific files or folders. In case you select scanning of specific files or folders, in the bottom part of this dialog the displayed tree structure activates and you can specify folders to be scanned ( expand items by clicking the plus node until you find the folder you wish to scan). You can select multiple folders by checking the respective boxes.
· Shared Documents - C:\Documents and Settings\All Users\Documents\ · Windows folder - C:\Windows\ · Other o System drive - the hard drive on which the operating system is installed (usually C:) o System folder - Windows/System32 o Temporary Files folder - Documents and Settings/User/Local Settings/ Temp o Temporary Internet Files - Documents and Settings/User/Local Settings/ Temporary Internet Files Control buttons of the Settings for scheduled scan dialog There are two control buttons available on all th
11.6. Scan Results Overview The Scan results overview dialog is accessible from the AVG scanning interface via the Scan history button. The dialog provides a list of of all previously launched scans and information of their results: · Name - scan designation; it can either be the name of one of the predefined scans, or a name you have given to your own scheduled scan.
Note: For detailed information on each scan please see the Scan Results dialog accessible via the View details button (in the bottom part of this dialog).
· Spyware - this tab is displayed only if spyware was detected during scanning · Warnings - this tab is displayed for instance if cookies were detected during scanning · Rootkits - this tab is displayed only if rootkits were detected during scanning · Information - this tab is displayed only if some potential threats were detected but these cannot be classified as any of the above categories; then the tab provides a warning message on the finding.
In addition you will find information on the date and exact time of the scan launch, on the total number of scanned objects, on the scanning duration and the number of errors that have occurred during scanning. Control buttons There is only one control button available in this dialog. The Close results button returns to the Scan results overview dialog. 11.7.2. Infections Tab The Infections tab is only displayed in the Scan results dialog if a virus infection was detected during scanning.
o Infected - the infected object was detected and left in its original location (for instance if you have switched off the automatic healing option in a specific scan settings) o Healed - the infected object was healed automatically and left in its original location o Moved to Virus Vault - the infected object was moved to the Virus Vault quarantine o Deleted - the infected object was deleted o Added to PUP exceptions - the finding was evaluated as an exception and added to the list of PUP exceptions (confi
In this dialog you can find information on the location of the detected infectious object (Property name). Using the Previous / Next buttons you can view information on specific findings. Use the Close button to close this dialog.
location (for instance if you have switched off the automatic healing option in a specific scan settings) o Healed - the infected object was healed automatically and left in its original location o Moved to Virus Vault - the infected object was moved to the Virus Vault quarantine o Deleted - the infected object was deleted o Added to PUP exceptions - the finding was evaluated as an exception and added to the list of PUP exceptions (configured in the PUP Exceptions dialog of the advanced settings) o Locked f
In this dialog you can find information on the location of the detected infectious object (Property name). Using the Previous / Next buttons you can view information on specific findings. Use the Close button to leave this dialog.
This is a brief description of the most common examples of such objects: · Hidden files - The hidden files are by default not visible in Windows, and some viruses or other threats may try to avoid their detection by storing their files with this attribute. If your AVG reports a hidden file which you suspect to be malicious, you can move it to your AVG Virus Vault.
system running on the hardware. Typically, rootkits act to obscure their presence on the system through subversion or evasion of standard operating system security mechanisms. Often, they are also Trojans as well, thus fooling users into believing they are safe to run on their systems. Techniques used to accomplish this can include concealing running processes from monitoring programs, or hiding files or system data from the operating system.
usually means that some file is constantly being used by the system (e.g. swap file). 11.8. Virus Vault Virus Vault is a safe environment for the management of suspect/infected objects detected during AVG tests. Once an infected object is detected during scanning, and AVG is not able to heal it automatically, you are asked to decide what is to be done with the suspect object. The recommended solution is to move the object to the Virus Vault for further treatment.
labeled with the standard name given by AVG during the scanning process. In case the object had a specific original name that is known (e.g. a name of an e-mail attachment that does not respond to the actual content of the attachment), it will be provided in this column.
12. AVG Updates Keeping your AVG up-to-date is crucial to ensure that all newly discovered viruses will be detected as soon as possible. Since AVG updates are not released according to any fixed schedule but rather in reaction to amount and severity of new threats, it is recommended to check for new updates at least once a day. Checking every 4 hours will guarantee that your AVG Virus base is kept up-to-date also during the day. 12.1.
Once you start the update, AVG will first verify whether there are new update files available. If so, AVG starts their downloading and launches the update process itself. During the update process you will get redirected to the Update interface where you can view the process progressing in its graphical representation as well as in an overview of relevant statistic parameters (update file size, received data, download speed, elapsed time, ...).
13. Event History The Event History dialog is accessible from the system menu via the History/Event History Log item. Within this dialog you can find a summary of important events that occurred during AVG 9 Internet Security operation.
· Empty list - deletes all entries in the list of events · Refresh list - updates all entries in the list of events AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.
14. FAQ and Technical Support Should you have any problems with your AVG, either business or technical, please refer to the FAQ section of AVG website (http://www.avg.com/). If you do not succeed in finding help this way, contact the technical support department by email. Please use the contact form accessible from the system menu via Help / Get help online. AVG 9 Internet Security © 2009 C opyright AVG Technologies C Z, s.r.o. All rights reserved.