User manual
Table Of Contents
- 1 Introduction
- 2 Icons and emphases
- 3 Product information
- 4 Installation and uninstallation
- 5 Overview of AntiVir Professional
- 5.1 User interface and operation
- 5.2 How to...?
- 5.2.1 Activate license
- 5.2.2 Avira AntiVir Professional automatic update
- 5.2.3 Start a manual update
- 5.2.4 On-demand scan: Using a scan profile to scan for viruses and malware
- 5.2.5 On-demand scan: Scan for viruses and malware using Dragamp;Drop
- 5.2.6 On-demand scan: Scan for viruses and malware via the context menu
- 5.2.7 On-demand scan: Automatically scan for viruses and malware
- 5.2.8 On-demand scan: Targeted scan for active rootkits
- 5.2.9 Reacting to detected viruses and malware
- 5.2.10 Quarantine: Handling quarantined files (*.qua)
- 5.2.11 Quarantine: Restore the files in quarantine
- 5.2.12 Quarantine: move suspicious files to quarantine
- 5.2.13 Scan profile: Amend or delete file type in a scan profile
- 5.2.14 Scan profile: Create desktop shortcut for scan profile
- 5.2.15 Events: Filter events
- 5.2.16 MailGuard: Exclude email addresses from scan
- 5.2.17 Firewall: Select the security level for the Firewall
- 6 Scanner::Overview
- 7 Updates
- 8 Avira Firewall::Overview
- 9 FAQ, Tips
- 10 Viruses and more
- 11 Info and Service
- 12 Reference: Configuration options
Viruses and more
61
A honeypot is a service (program or server) installed in a network. It has the function to
monitor a network and to protocol attacks. This service is unknown to the legitimate
user - because of this reason he is never addressed. If an attacker examines a network for
the weak points and uses the services which are offered by a Honeypot, it is logged and
an alert is triggered.
Macro viruses
Macro viruses are small programs that are written in the macro language of an
application (e.g. WordBasic under WinWord 6.0) and that can normally only spread
within documents of this application. Because of this, they are also called document
viruses. In order to be active, they need that the corresponding applications are activated
and that one of the infected macros has been executed. Unlike "normal" viruses, macro
viruses do consequently not attack executable files but they do attack the documents of
the corresponding host-application.
Pharming
Pharming is a manipulation of the host file of web browsers to divert enquiries to
spoofed websites. This is a further development of classic phishing. Pharming fraudsters
operate their own large server farms on which fake websites are stored. Pharming has
established itself as an umbrella term for various types of DNS attacks. In the case of a
manipulation of the host file, a specific manipulation of a system is carried out with the
aid of a Trojan or virus. The result is that the system can now only access fake websites,
even if the correct web address is entered.
Phishing
Phishing means angling for personal details of the Internet user. Phishers generally send
their victims apparently official letters such as emails that are intended to induce them
to reveal confidential information to the culprits in good faith, in particular user names
and passwords or PINs and TANs of online banking accounts. With the stolen access
details, the phishers can assume the identities of the victims and carry out transactions
in their name. What is clear is that banks and insurance companies never ask for credit
card numbers, PINs, TANs or other access details by email, SMS or telephone.
Polymorph viruses
Polymorph viruses are the real masters of disguise. They change their own programming
codes - and are therefore very hard to detect.
Program viruses
A computer virus is a program that is capable to attach itself to other programs after
being executed and cause an infection. Viruses multiply themselves unlike logic bombs
and Trojans. In contrast to a worm, a virus always requires a program as host, where the
virus deposits his virulent code. The program execution of the host itself is not changed
as a rule.
Rootkit