AVG 8.5 Anti-Virus plus Firewall User Manual Document revision 85.8 (26.10.2009) Copyright AVG Technologies CZ, s.r.o. All rights reserved. All other trademarks are the property of their respective owners. This product Inc. Created This product This product This product uses RSA Data Security, Inc. MD5 Message-Digest Algorithm, Copyright (C) 1991-2, RSA Data Security, 1991. uses code from C-SaCzech library, Copyright (c) 1996-2001 Jaromir Dolecek (dolecek@ics.muni.cz).
Contents ........................................................................................................................ 7 1. Introduction 8 2. AVG ........................................................................................................................ Installation Requirements .......................................................................................................... 8 2.1 Operation Systems Supported ...................................................................
.......................................................................................................... 30 6.6 AVG Configuration finished ........................................................................................................................ 32 7. Firewall Configuration Wizard .......................................................................................................... 32 7.1 Network Connection Options .........................................................................
.......................................................................................................... 52 10.4.1 Firewall Principles .......................................................................................................... 52 10.4.2 Firewall Profiles .......................................................................................................... 52 10.4.3 Firewall Interface ........................................................................................................
.......................................................................................................... 88 11.7.3 Scan Specific Files or Folders .......................................................................................................... 88 11.7.4 Removable Device Scan 11.8 Schedules.......................................................................................................... 93 .....................................................................................................
.......................................................................................................... 144 13.2.1 Scan Whole Computer .......................................................................................................... 144 13.2.2 Scan Specific Files or Folders .......................................................................................................... 150 13.3 Scanning in Windows Explorer ................................................................................
1. Introduction This user manual provides comprehensive documentation for AVG 8.5 Anti-Virus plus Firewall. Congratulations on your purchase of AVG 8.5 Anti-Virus plus Firewall! AVG 8.5 Anti-Virus plus Firewall is one of a range of award winning AVG products designed to provide you with peace of mind and total security for your PC. As with all AVG products AVG 8.
2. AVG Installation Requirements 2.1. Operation Systems Supported AVG 8.5 Anti-Virus plus Firewall is intended to protect workstations with the following operating systems: Windows 2000 Professional SP4 + Update Rollup 1 Windows XP Home Edition SP2 Windows XP Professional SP2 Windows XP Professional x64 Edition SP1 Windows Vista (x86 and x64, all editions) (and possibly higher service packs for specific operating systems). 2.2.
3. AVG Installation Options AVG can be installed either from the installation file available on your installation CD, or you can download the latest installation file from the AVG website (www.avg.com). Before you start installing AVG, we strongly recommend that you visit the AVG website to check for a new installation file. This way you can be sure to install the latest available version of AVG 8.5 Anti-Virus plus Firewall.
4. AVG Download Manager AVG Download Manager is a simple tool that helps you select the proper installation file for your AVG product. Based on your input data, the manager will select the specific product, license type, desired components, and language. Finally, AVG Download Manager will go on to download and launch the appropriate installation process. Following please find a brief description of each single step you need to take within the AVG Download Manager: 4.1.
If the test shows no connectivity, make sure you are really connected to Internet.
If the check has been successful, press the Next button to continue. 4.3.
If AVG Download Manager was not able to identify your Proxy settings you have to specify them manually. Please fill in the following data: Server - enter a valid proxy server name or IP address Port - provide the respective port number Use proxy authentication - if your proxy server requires authentication, tick this check box. Select authentication - from the drop-down menu select the authentication type.
most: Full version - i.e. AVG Anti-Virus, AVG Anti-Virus plus Firewall, or AVG Internet Security Trial version - provides you an opportunity to use all the features of AVG full product for the limited time period of 30 days Free version - provides protection to home users free of charge, however the application functions are limited! Also, the free version only includes some of the features available in the paid product. 4.5.
5. AVG Installation Process To install AVG on your computer, you need to get the latest installation file. You can use the installation file from the CD that is a part of your box edition but this file might be out-of-date. Therefore we recommended getting the latest installation file online. You can download the file from the AVG website (at www.avg.com) / Downloads section.
5.2. License Agreement The License Agreement dialog provides the full wording of the AVG license agreement. Please read it carefully and confirm that you have read, understood and accept the agreement by pressing the Accept button. If you do not agree with the license agreement press the Don't accept button, and the installation process will be terminated immediately.
5.3. Checking System Status Having confirmed the license agreement, you will be redirected to the Checking System Status dialog. This dialog does not require any intervention; your system is being checked before the AVG installation can start. Please wait until the process has finished, then continue automatically to the following dialog.
5.4. Select Installation Type The Select Installation Type dialog offers the choice of two installation options: standard and custom installation. For most users, it is highly recommended to keep to the standard installation that installs AVG in fully automatic mode with settings predefined by the program vendor. This configuration provides maximum security combined with the optimal use of resources.
number is available (in the email), it is recommended to use the copy and paste method to insert it. Press the Next button to continue the installation process. If in the previous step you have selected the standard installation, you will be redirected directly to the Installation Summary dialog. If custom installation was selected you will continue with the Destination Folder dialog.
5.6. Custom Installation - Destination Folder The Destination Folder dialog allows you to specify the location where AVG should be installed. By default, AVG will be installed to the program files folder located on drive C:. If you want to change this location, use the Browse button to display the drive structure, and select the respective folder. Press the Next button to confirm.
5.7. Custom Installation - Component Selection The Component Selection dialog displays an overview of all AVG components that can be installed. If the default settings do not suit you, you can remove/add specific components. However, you can only select from components that are included in your purchased AVG edition.
5.8. AVG Security Toolbar In the AVG Security Toolbar dialog, decide whether you want to install the AVG Security Toolbar - if you do not change the default settings, this component will be installed automatically into your Internet browser; in conjunction with AVG 8.0 and AVG XPL technologies to provide you with comprehensive online protection while surfing the Internet.
5.9. Windows Firewall The license number you have provided in one of the previous setup steps responds to AVG 8.5 Anti-Virus plus Firewall edition that includes AVG Firewall. AVG Firewall cannot run parallelly with another installed firewall. In this dialog please confirm you want to install AVG Firewall , and you wish to deactivate the Windows Firewall at the same time. Press the Next button to continue.
5.10. Setup Summary The Setup Summary dialog provides an overview of all parameters of the installation process. Please make sure all the information is correct. If so, press the Finish button to continue. Otherwise, you can use the Back button to return to the respective dialog and correct the information. 5.11. Application Termination Before the installation process starts, you might be invited to terminate some of the currently running applications that might collide with the AVG installation process.
Note: Please make sure you have saved all your data before you confirm you want to have the running application closed. 5.12.
Please wait until the installation is complete, then you will be redirected to the Installation Complete dialog. 5.13. Installation Complete The Installation is complete! dialog is the last step of the AVG installation process. AVG is now installed on your computer and fully functional. The program is running in the background in fully automatic mode. After the installation, AVG Basic Configuration Wizard will be launched automatically and in a few steps will lead you through the AVG 8.
6. AVG First Run Wizard When you first install AVG on your computer, the AVG Basic Configuration Wizard pops up to help you with initial AVG 8.5 Anti-Virus plus Firewall settings. Though you can set all of the suggested parameters later on, it is recommended that you take the wizard’s tour to secure your computer’s protection simply and immediately. Follow the steps described in each of the wizard’s windows: 6.1.
6.2. Schedule regular scans and updates In the Schedule regular scans and updates dialog set up the interval for new update files accessibility check-up, and define time when the scheduled scan should be launched. It is recommended to keep the default values. Press the Next button to continue. 6.3.
In the Help us to identify new threats dialog decide whether you want to activate the option of reporting of exploits and bad sites found by users either via AVG SurfShield / AVG Search-Shield features of the LinkScanner component to feed the database collecting information on malicious activity on the web. It is recommended to keep the default value and have the reporting activated. Press the Next button to continue. 6.4.
6.5. Update AVG protection The Update AVG protection dialog will automatically check and download the latest AVG updates. Click on the Next button to download the latest update files and perform the update. 6.6.
Now your AVG 8.5 Anti-Virus plus Firewall has been configured; press the Finish button to start working with AVG.
7. Firewall Configuration Wizard Firewall Configuration Wizard launches automatically right after the AVG 8.5 Anti-Virus plus Firewall installation. Though you can configure the component’s parameters later on, it is recommended that you take the wizard’s tour to ensure the Firewall works properly. Firewall Configuration Wizard can also be called directly from the Firewall interface by pressing the Configuration wizard button. 7.1.
Small home or office network In this dialog please choose the connection type(s), that suit your normal computer usage. You can tick more than one choice that corresponds to your current usage. Confirm your selection by pressing the Next button and proceed to the next dialog. 7.2. Scan for Internet Applications To set the initial Firewall configuration it is necessary to scan your computer and define all applications and system services that need to communicate over the network.
Complete scan - scan all local hard drives of your computer Common directories - (by default) scan program and Windows directories only, scanning time is significantly shorter Selected areas scan - specify selected hard drives to be scanned 7.3. Select Profile to Activate The Select profile to activate dialog informs you about the Firewall configuration set up in the previous dialogs.
This way the profile list will get deactivated and you just press the Next button to continue to the following wizard's dialog. 7.4. Configuration Review The Configuration Review dialog closes the Firewall Configuration Wizard. Press the Finish button to finalize the Firewall's initial settings. If you would like to see a review of set up parameters, or to continue with the detailed configuration of the Firewall component press the Open review button to switch to the Firewall Settings editing interface.
8. After Installation 8.1. Product Registration Having finished the AVG 8.5 Anti-Virus plus Firewall installation, please register you product online on the AVG website, Registration page (follow the instruction provided directly in the page). After the registration you will be able to gain full access to your AVG User account, the AVG Update newsletter, and other services provided exclusively for registered users. 8.2.
Try to download the eicar.com file, and save it on your local disk. Immediately after you confirm downloading of the test file, the Web Shield will react to it with a warning. This Web Shield notice demonstrates that AVG is correctly installed on your computer. If AVG fails to identify the EICAR test file as a virus, you should check the program configuration again! 8.5. AVG Default Configuration The default configuration (i.e. how the application is set up right after installation) of AVG 8.
9. AVG User Interface AVG 8.
Statistics (left bottom section of the window) provide you with all statistical data regarding the programs operation - details >> System Tray Icon (bottom right corner of the monitor, on the system tray) indicates the AVG current status - details >> 9.1. System Menu The System menu is the standard navigation used in all Windows applications. It is located horizontally in the very top part of the AVG 8.5 Anti-Virus plus Firewall main window.
LinkScanner - opens the default page of the LinkScanner component Web Shield - opens the default page of the Web Shield component Resident Shield - opens the default page of the Resident Shield component Update Manager - opens the default page of the Update Manager component 9.1.3.
Scan file - allows you to run an on-demand test over a single file selected from the tree structure of your disk Update - automatically launches the update process of AVG 8.5 Anti-Virus plus Firewall Update from directory - runs the update process from the update files located in a specified folder on your local disk. However, this option is only recommended as an emergency, e.g.
About AVG - opens the Information dialog with five tabs providing data on program name, program and virus database version, system info, license agreement, and contact information of AVG Technologies CZ. 9.2. Security Status Info The Security Status Info section is located in the upper part of the AVG main window. Within this section you will always find information on the current security status of your AVG 8.5 Anti-Virus plus Firewall.
Note: AVG status information can also be obtained at any moment from the system tray icon. 9.3.
9.4. Components Overview The Components Overview section is located in the central part of the AVG User Interface. The section is divided into two parts: Overview of all installed components consisting of a panel with the component's icon and the information of whether the respective component is active or inactive Description of a selected component Within the AVG 8.
E-mail Scanner checks all incoming and outgoing mail for viruses - details >> License provides full wording of the AVG License Agreement - details >> LinkScanner checks the search results displayed in your internet browser details >> Web Shield scans all data being downloaded by a web browser - details >> Resident Shield runs in the background and scans files as they are copied, opened or saved - details >> Update Manager controls all AVG updates - details >> Single-click any component's icon to
9.6. System Tray Icon System Tray Icon (on your Windows taskbar) indicates the current status of your AVG 8.5 Anti-Virus plus Firewall. It is visible at all times on your system tray, no matter whether your AVG main window is opened or closed. If in full color , the System Tray Icon indicates that all AVG components are active and fully functional.
10. AVG Components 10.1. Anti-Virus 10.1.1. Anti-Virus Principles The antivirus software's scanning engine scans all files and file activity (opening/closing files, etc.) for known viruses. Any detected virus will be blocked from taking any action and will then be cleaned or quarantined. Most antivirus software also uses heuristic scanning, where files are scanned for typical virus characteristics, so called viral signatures.
10.1.2. Anti-Virus Interface The Anti-Virus component's interface provides some basic information on the component's functionality, information on the component's current status (Anti-Virus component is active.
10.2. Anti-Spyware 10.2.1. Anti-Spyware Principles Spyware is usually defined as a type of malware, i.e. software, that gathers information from a user's computer without the user's knowledge or consent. Some spyware applications may also be installed on purpose and often contain advertisements, window pop-ups or different types of unpleasant software. Currently, the most common source of infection is websites with potentially dangerous content.
The Anti-Spyware component's interface provides a brief overview on the component's functionality, information on the component's current status (AntiSpyware component is active.
10.3.2. Anti-Rootkit Interface The Anti-Rootkit user interface provides a brief description of the component's functionality, informs on the component's current status (Anti-Rootkit component is active.) and also brings information on the last time the Anti-Rootkit test was launched. In the bottom part of the dialog you can find the Anti-Rootkit settings section where you can set up some elementary functions of the rootkit presence scanning.
Search for rootkits - since the rootkit scan is not an implicit part of the Scan of the whole computer, you can run the rootkit scan directly from the Anti-Rootkit interface using this button Save changes - press this button to save all changes made in this interface and to return to the default AVG user interface (components overview) Cancel - press this button to return to the default AVG user interface (components overview) without having saved any changes you made 10.4. Firewall 10.4.1.
communication on the network ports. By default, if the application is unknown (i.e. has no defined Firewall rules), the Firewall will ask you if you wish to allow or block the communication attempt.
Wizard. The maximum of three custom profiles can be generated through the Wizard: o Standalone computer – suitable for common desktop home computers connected directly to the Internet. o Computer in domain – suitable for computers in a local network, e.g. school or corporate network. It is assumed that the network is protected by some additional measures so that the security level can be lower than for a standalone computer. o Small home or office network – suitable for computers in a small network, e.g.
10.4.3.
within selected Firewall profile o Firewall disabled - this option switches Firewall off completely, all network traffic is allowed but not checked! o Emergency mode (block all internet traffic) - select this option to block all traffic on every single network port; Firewall is still running but all network traffic is stopped Enable gaming mode - Check this option to ensure that when running full-screen applications (games, PowerPoint presentations etc.
sites and filling in online forms with personal data (such as their e-mail address) increase exposure to attacks via e-mail. Companies usually use corporate e-mail accounts and employ anti-spam filters etc, to reduce the risk. The E-mail Scanner component checks every e-mail sent or received, providing much needed protection from e-mail borne threats. AVG supports all leading e-mail clients including MS Outlook, The bat!, Eudora and all other SMTP/POP3 based email clients such as Outlook Express.
Threats found and blocked - provides the number of infections detected in e-mail messages since the last E-mail Scanner launch Installed e-mail protection - information about a specific e-mail protection plug-in referring to your default installed e-mail client Basic component configuration In the bottom part of the dialog you can find the section named E-mail Scanner settings where you can edit some elementary features of the component's functionality: Scan incoming messages - check the item to spec
Cancel - press this button to return to the default AVG user interface (components overview) 10.5.3. E-mail Scanner Detection In the E-mail Scanner detection dialog (accessible via system menu option History / E-mail Scanner detection) you will be able to see a list of all findings detected by the E-mail Scanner component.
10.6. License In the Licence component interface you will find a brief text describing the component's functionality, information on its current status (License component is active.), and the following information: License number - provides the exact form of your license number. When entering your license number, you have to be absolutely precise and type it exactly as shown.
Control buttons Copy license number - press the button to insert the currently used license number into clipboard (just like with CTRL+C), and you can paste it wherever needed Re-activate - opens the Activate AVG dialog with the data you have entered in the Personalize AVG dialog of the installation process. Within this dialog you can enter your license number to either replace the sales number (the number you have installed AVG with), or to replace the old license number (e. g.
10.7.2. Link Scanner Interface The LinkScanner component consists of two parts that you can switch on/off in the LinkScanner component interface: Enable AVG Search-Shield - (on by default): advisory notifying icons on searches performed in Google, Yahoo or MSN having checked ahead the content of sites returned by the search engine. Enable AVG Active Surf-Shield - (on by default): active (real-time) protection against exploitive sites as they are accessed.
links, so you can ensure you only go to safe websites. While a link is being evaluated on the search results page, you will see a graphic sign next to the link informing that the link verification is in progress. When the evaluation is complete, the respective informative icon will be displayed: The linked page is safe (with Yahoo! search engine within AVG Security Toolbar this icon will not be displayed!).
containing exploits or other serious threats, the AVG Security Toolbar will not allow your browser to display it. If you do encounter a malicious web site, within your web browser the AVG Security Toolbar will warn you with a screen similar to: If you still wish to visit the infected page, a link to the page is available on this screen, but continuing to these pages in not recommended! 10.8. Web Shield 10.8.1.
Basic component configuration First of all, you have the option to immediately switch on/off the Web Shield by checking the Enable Web Shield item. This option is enabled by default, and the Web Shield component is active. However, if you do not have a good reason to change this settings, we recommend to keep the component active.
Use heuristic analysis - scan the content of the page to be displayed using the heuristic analysis method (dynamic emulation of the scanned object’s instructions in a virtual computer environment see chapter Anti-Virus Principles) Maximum file size to be scanned - if included files are present in the displayed page you can also scan their content even before these are downloaded to your computer.
Please note: The software vendor has set up all AVG components to give optimum performance. Unless you have a real reason to do so, do not change the AVG configuration. Any changes to settings should only be performed by an experienced user. If you need to change AVG configuration, select the system menu item Tools / Advanced settings and edit the AVG configuration in the newly opened AVG Advanced Settings dialog.
10.9. Resident Shield 10.9.1. Resident Shield Principles The Resident Shield scans files as they are copied, opened or saved. When the Resident Shield discovers a virus in a file that is accessed, it stops the operation currently being performed and does not allow the virus to activate itself. The Resident Shield, loaded in the memory of your computer during system startup, also provides vital protection for the system areas of your computer. 10.9.2.
Basic component configuration In the bottom part of the dialog window you will find the section called Resident Shield settings where you can edit some basic settings of the component's functionality (detailed configuration, as with all other components, is available via the File/Advanced settings item of the system menu). The Resident Shield is active option allows you to easily switch on/off resident protection. By default, the function is on.
Cancel - press this button to return to the default AVG user interface (components overview) 10.9.3. Resident Shield Detection Resident Shield scans files as they are copied, opened or saved.
The Resident Shield detection offers an overview of objects that were detected by the Resident Shield, evaluated as dangerous and either cured or moved to the Virus Vault.
10.10. Update Manager 10.10.1. Update Manager Principles No security software can guarantee true protection from various types of threats unless it is regularly updated! Virus writers are always looking for new flaws that they can exploit in both software and operating systems. New viruses, new malware, new hacking attacks appear daily. For this reason, software vendors are continually issuing updates and security patches, to fix any security holes that are discovered.
functionality and its current status (Update manager is active.
Cancel - press this button to return to the default AVG user interface (components overview) 10.11. AVG Security Toolbar The AVG Security Toolbar is designed to work with MS Internet Explorer (version 6.0 or greater) and Mozilla Firefox (version 1.5 or greater).
Advanced - on this tab you can edit the AVG Security Toolbar protection features. By default, both the AVG Search-Shield and AVG Active Surf-Shield features are enabled.
Yahoo! search. Enter a word or phrase into the search box press Search to start the search on the Yahoo! server directly, no matter what page is currently displayed. The search box also lists your search history. Searches done through the search box are analyzed using the AVG Search-Shield protection.
11. AVG Advanced Settings The advanced configuration dialog of AVG 8.5 Anti-Virus plus Firewall opens in a new window named Advanced AVG Settings. The window is divided into two sections: the left part offers a tree-arranged navigation to the program configuration options. Select the component you want to change the configuration of (or its specific part) to open the editing dialog in the right-hand section of the window. 11.1.
to restart the user interface; follow these steps: Select the desired language of the application and confirm your selection by pressing the Apply button (right-hand bottom corner) Press the OK button to close the Advanced AVG Settings editing dialog Close the AVG user interface via the system menu item option File/Exit Re-open the AVG user interface by one of these options: double-click the AVG system tray icon, double-click the AVG icon on your desktop, or via the menu Start/All Programs/AVG 8.
should be displayed or suppressed; o Display components state change notifications - decide whether information regarding component's activity/inactivity or its possible problem should be displayed. When reporting a component's fault status, this option equals to the informative function of the system tray icon (color changing) reporting a problem in any AVG component. o Display Firewall related tray notifications - decide whether information concerning Firewall status and processes, e.g.
By default, no component is selected in this list.
11.3. Virus Vault The Virus Vault maintenance dialog allows you to define several parameters regarding the administration of objects stored in the Virus Vault: Limit Virus vault size - use the slider to set up the maximum size of the Virus Vault. The size is specified proportionally compared to the size of your local disk. Automatic file deletion - in this section define the maximum length of time that objects should be stored in the Virus Vault (Delete files older than ...
to keep such a program on your computer, you can define it as a potentially unwanted program exception: The Potentially Unwanted Programs Exceptions dialog displays a list of already defined and currently valid exceptions from potentially unwanted programs. You edit, delete, or add new exception.
o File - type the full path to the file that you want to mark as an exception o Checksum - displays the unique 'signature' of the chosen file. This checksum is an automatically generated string of characters, which allows AVG to unequivocally distinguish the chosen file from other files. The checksum is generated and displayed after successful addition of the file. o File Info - displays any additional information available about the file ( license/version information etc.
11.5. Web Shield The Web Protection dialog allows you to activate/deactivate the entire Web Shield component (activated by default). For further advanced settings of this component please continue to the subsequent dialogs as listed in the tree navigation. In the bottom section of the dialog, select in which way you wish to be informed about possible detected threat: via standard pop-up dialog, via tray balloon notification, or via tray icon signalization.
11.5.1. Web Protection In the Web Protection dialog you can edit the component's configuration regarding the scan of the website content. The editing interface allows you to configure the following elementary options: Web protection - this option confirms that the Web Shield should perform scanning of the www pages content. Provided this option is on (by default), you can further switch on/off these items: o Check archives - scan the content of archives possibly included in the www page to be displayed .
o Ports to be scanned - this field lists the standard http communication port numbers. If your computer configuration differs, you can change the port numbers as needed. o Maximum file size to be scanned - if included files are present in the displayed page you can also scan their content even before these are downloaded to your computer. However, scanning of large files takes quite some time and the web page download might be slowed significantly.
In the Instant Messaging Shield dialog you can edit the Web Shield components settings referring to instant messaging scanning. Currently the following three instant messaging programs are supported: ICQ, MSN, and Yahoo - tick the respective item for each of them if you want the Web Shield to verify the on-line communication is virus free.
exploitive sites as they are accessed. Known malicious site connections and their exploitive content is blocked as they are accessed by the user via a web browser (or any other application that uses HTTP). Enable reporting to AVG of exploited websites - (on by default): mark this item to allow back reporting of exploits and bad sites found by users either via Safe Surf or Safe Search to feed the database collecting information on malicious activity on the web. 11.7.
11.7.1. Scan Whole Computer The Scan whole computer option allows you to edit parameters of one of the scans predefined by the software vendor, Scan of the whole computer: Scan settings The Scan settings section offers a list of scanning parameters that can be optionally switched on/off: Automatically heal/remove infection - if a virus is identified during scanning it can be healed automatically if a cure is available.
blocked, or removed; Scan for cookies - this parameter of the Anti-Spyware component defines that cookies should be detected; (HTTP cookies are used for authenticating, tracking, and maintaining specific information about users, such as site preferences or the contents of their electronic shopping carts) Scan inside archives - this parameters defines that scanning should check all files even those stored inside archives, e.g. ZIP, RAR, ...
Click the Set additional scan reports ... link to open a standalone dialog window called Scan reports where you can tick several items to define what scan findings should be reported: 11.7.2. Shell Extension Scan Similar to the previous Scan whole computer item, this item named Shell extension scan also offers several options for editing the scan predefined by the software vendor.
The list of parameters is identical to those available for the Scan of the whole computer . However, the default settings differ: with the Scan of the Whole Computer most parameters are selected while for the Shell extension scan ( Scanning in Windows Explorer) only the relevant parameters are switched on. 11.7.3. Scan Specific Files or Folders The editing interface for Scan specific files or folders is identical to the Scan Whole Computer editing dialog.
11.7.4. Removable Device Scan The editing interface for Removable device scan is also very similar to the Scan Whole Computer editing dialog: The Removable device scan is launched automatically once you attach any removable device to your computer. By default, this scanning is switched off. However, it is crucial to scan removable devices for potential threats since these are a major source of infection.
Program update schedule Anti-Spam update schedule 11.8.1. Scheduled Scan Parameters of the scheduled scan can be edited (or a new schedule set up) on three tabs: On the Schedule settings tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled test temporarily, and switch it on again as the need arises. Next, give a name to the scan you are about to create and schedule. Type the name into the text field by the Name item.
the computer or just a scan of selected files or folders - your own scans will always be a specific version of the scan of selected files or folders. In this dialog you can further define the following parameters of the scan: Schedule running - specify time intervals for the newly scheduled scan launch. The timing can either be defined by the repeated scan launch after a certain period of time (Run every ...) or by defining an exact date and time ( Run at specific time ...
On the How to scan tab you will find a list of scanning parameters that can be optionally switched on/off. By default, most parameters are switched on and the functionality will be applied during scanning. Unless you have a valid reason to change these settings we recommend to keep the predefined configuration: Automatically heal/remove infection - (switched on, by default): if a virus is identified during scanning it can be healed automatically if a cure is available.
electronic shopping carts) Scan inside archives - (switched on, by default): this parameter defines the scanning should check all files even if they are stored inside an archive, e.g. ZIP, RAR, ...
Click the Additional scan settings ... to open a new Computer shutdown options dialog where you can decide whether the computer should be shut down automatically once the running scanning process is over. Having confirmed this option (Shutdown computer upon scan completion), a new option activates that allows the computer to shut down even if it is currently locked (Force shutdown is computer is locked).
11.8.2. Virus Database Update Schedule On the Schedule settings tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled virus database update temporarily, and switch it on again as the need arises. The basic virus database update scheduling is covered within the Update Manager component. Within this dialog you can set up some detailed parameters of the virus database update schedule: Give a name to the virus database update schedule you are about to create.
computer startup). Advanced schedule options - this section allows you to define under which conditions the virus database update should/should not be launched if the computer is in low power mode or switched off completely. Other update settings - check this option to make sure than if the internet connection gets corrupted and the update process fails, it will be launched again immediately after the internet connection is restored.
Next, give a name to the program update schedule you are about to create. Type the name into the text field by the Name item. Try to use brief, descriptive and appropriate names of update schedules to make it easier to recognize the schedule among others later. Schedule running - specify the time intervals for the newly scheduled program update launch. The timing can either be defined by the repeated update launch after a certain period of time (Run every ...
11.8.4. Anti-Spam Update Schedule On the Schedule settings tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled Anti-Spam update temporarily, and switch it on again as the need arises. Basic Anti-Spam update scheduling is covered within the Update Manager component. Within this dialog you can set up some detailed parameters of the update schedule: Next, give a name to the Anti-Spam update schedule you are about to create.
based on computer startup). Advanced schedule options - this section allows you to define under which conditions the Anti-Spam update should/should not be launched if the computer is in low power mode or switched off completely. Task settings - in this section you can uncheck the Enable this task item to simply deactivate the scheduled Anti-Spam update temporarily, and switch it on again as the need arises.
The E-mail Scanner dialog is divided into three sections: E-mail scanning - in this section select whether you want to scan the incoming/outgoing e-mail messages and whether all e-mails should be certified or only e-mails with attachments (e-mail virus-free certification is not supported in HTML/RTF format). Additionally you can choose if you want AVG to modify the subject for messages that contain potential viruses.
11.9.1. Certification In the Certification dialog you can specify exactly what text the certification note should contain, and in what language. This should be specified separately for Incoming mail and Outgoing mail.
11.9.2. Mail Filtering The Attachment filter dialog allows you to set up parameters for e-mail messages attachment scanning. By default, the Remove attachments option is switched off. If you decide to activate it, all e-mail message attachments detected as infectious or potentially dangerous will be removed automatically. If you want to define specific types of attachments that should be removed, select the respective option: Remove all executable files - all *.
11.9.3. Logs and Results The dialog opened via the Logs and Results navigation item allows you to specify parameters for e-mail scanning results maintenance. The dialog is divided into several sections: Logs Maintenance - define whether you want to log e-mail scanning information daily, weekly, monthly, ...
In this dialog (opened via Servers / POP3) you can set up a new E-mail Scanner server using the POP3 protocol for incoming mail: POP3 Server Name - type in the name of the server or keep the AutoPOP3 default name Type of login - defines the method for determining the mail server used for incoming mail: o Automatic - Login will be carried out automatically, according to your e-mail client settings.
o Fixed host - In this case, the program will always use the server specified here. Please specify the address or name of your mail server. The login name remains unchanged. For a name, you may use a domain name (for example, pop.acme.com) as well as an IP address (for example, 123.45.67.89). If the mail server uses a non-standard port, you can specify this port after the server name by using a colon as the delimiter (for example, pop.acme.com:8200). The standard port for POP3 communication is 110.
In this dialog (opened via Servers / SMTP) you can set up a new E-mail Scanner server using the SMTP protocol for outgoing mail: SMTP Server Name - type in the name of the server or keep the AutoSMTP default name Relay Host - defines the method for determining the mail server used for outgoing mail: o Automatic - login will be carried out automatically, according to your e-mail client settings o Fixed host - in this case, the program will always use the server specified here.
uses a non-standard port, you can type this port behind the server name using a colon as the delimiter (for example, smtp.acme.com:8200). The standard port for SMTP communication is 25. Additional settings - specifies more detailed parameters: o Local port - specifies the port on which the communication from your mail application should be expected. You must then specify in your mail application this port as the port for SMTP communication.
11.10. Resident Shield The Resident Shield component performs live protection of files and folders against viruses, spyware and other malware. In the Resident Shield Settings dialog you can activate or deactivate the Resident Shield protection completely by checking/unchecking the Enable Resident Shield item (this option is switched on by default).
also when they are being closed; this feature helps you protect your computer against some types of sophisticated virus Scan boot sector of removable media - (switched on by default) Use Heuristics - (switched on by default) heuristic analysis will be used for detection (dynamic emulation of the scanned object’s instructions in a virtual computer environment) Auto-heal - any detected infection will be healed automatically if there is a cure available 11.10.1.
all circumstances. 11.10.2. Exceptions The Resident Shield - Directory Excludes dialog offers the possibility of defining folders that should be excluded from the Resident Shield scanning.
11.11. Anti-Rootkit In this dialog you can edit the Anti-Rootkit component's configuration: Editing of all functions of the Anti-Rootkit component as provided within this dialog is also accessible directly from the Anti-Rootkit component's interface.
11.12. Update The Update navigation item opens a new dialog where you can specify general parameters regarding the AVG update: When to update files In this section you can select between two alternative options: update can be scheduled for the next PC restart or you can launch the update immediately. By default, the immediate update option is selected since this way AVG can secure the maximum safety level.
Restart immediately - the computer will be restarted automatically immediately after the update process has finished, and your approval will not be required Complete at next computer restart - the update process finalization will be postponed until the next computer restart - again, please keep in mind that this option is only recommended if you can be sure the computer gets restarted regularly, at least daily Additional update options Build new system restore point after each program update - before
11.12.1. Proxy The proxy server is a stand-alone server or a service running on a PC that guarantees safer connection to the Internet. According to the specified network rules you can then access the Internet either directly or via the proxy server; both possibilities can also be allowed at the same time.
If you select manual configuration (check the Manual option to activate the respective dialog section) you have to specify the following items: Server – specify the server’s IP address or the name of the server Port – specify the number of the port that enables Internet access (by default, this number is set to 3128 but can be set differently – if you are not sure, contact your network administrator) The proxy server can also have configured specific rules for each user.
11.12.2. Dial-up All parameters optionally defined in the Update settings - Dial-Up connection dialog refer to the dial-up connection to the Internet. The dialog's fields are inactive until you check the Use dial-up connections option that activates the fields. Specify whether you want to connect to the Internet automatically (Automatically open this connection) or you wish to confirm the connection manually every time ( Ask before connection).
11.12.3. URL The URL dialog offers a list of Internet addresses from which the update files can be downloaded.
11.12.4.
12. Firewall Settings The Firewall configuration opens in a new window where in several dialogs can set up very advanced parameters of the component. The advanced configuration editing is only intended for experts and experienced users. To all other users we highly recommend to keep to the configuration set up via the Firewall Configuration Wizard. 12.1.
12.2.
messages should be displayed - it is recommended to have the critical errors and warnings displayed at all times, and decide voluntarily about the information messages 12.3.
Advanced settings - ticking the respective option will deactivate the feature of displaying an information message 12.4.
Refresh list - all logged parameters can be arranged according to the selected attribute: chronologically (dates) or alphabetically (other columns) just click the respective column header. Use the Refresh list button to update the currently displayed information. Empty list - delete all entries in the chart. 12.5. Profiles In the Profiles' settings dialog you can find a list of all profiles available.
the selected profile configuration will be used by Firewall to control the network traffic Duplicate profile - creates an identical copy of the selected profile; later you can edit and rename the copy to create a new profile based on the duplicated original one Rename profile - allows you to define a new new for a selected profile Delete profile - deletes the selected profile from the list Export profile - records the selected profile's configuration into a file that will be saved for possible furth
12.5.1. Profile Information The Profile information dialog is the first dialog of a section where you can edit configuration of each profile in separate dialogs referring to specific parameters of the profile.
12.5.2. Defined Adapters The Defined adapters dialog offers a list of all adapters that were detected on your computer. A specific network refers to each adapter - for list of all networks consult the Defined Networks dialog.
12.5.3. Defined Networks The Defined networks dialog offers a list of all networks that your computer is connected to. Each network refers to a specific adapter - for list of all adapters see the Defined Adapters dialog.
Within this dialog, you can specify the Network name, provide the Network description and possibly assign the network as safe. The new network can be either defined manually in a standalone dialog opened via the Add IP button (alternatively Edit IP / Delete IP), within this dialog you can specify the network by providing its IP range or mask.
networks Mark as safe - by default, all networks are considered unsafe, and only if you are sure the respective network is safe, you can use this button to assign it so Help - opens the dialog related help file 12.5.4. Defined Services The Defined services dialog opens a list of all services defined for the application in the default configuration, and services that have already been defined by the user.
Add service - opens a new Service items editor dialog window where you define the parameters of the service that is being added: Within the dialog you can specify Service item name and provide a brief Service item description.
12.5.5. Applications In the Applications information dialog you can find an overview of all applications communicating over the network that were detected on your computer either during the Firewall Configuration Wizard's search within the Scan for Internet Applications dialog, or at any time later.
The dialog for defining new application's rule set opens using the Add button from the Applications dialog within the Firewall Settings: Within this dialog you can define: Application basic information - name of application, its brief description and a path to its location on the disk Application action - from the drop-down menu select a rule that should be applied to the application's behavior: Advanced settings - this option allows you to edit the rule set in details in the bottom part of this dial
Ask - any time th application attempts to communicate over the network, you will be asked to decide whether the communication should be allowed or blocked Block - all communication attempts of the application will be blocked Log rule occurrences - tick this option to confirm you wish to have logged all Firewall actions regarding the application that you have been configuring the rule set for. The respective log entries can then be found in the Logs dialog.
The dialog for editing an existing application's rule set opens using the Edit button from the Applications dialog in the Firewall Settings: Within this dialog you can edit all application's parameters: Application basic information - name of application, its brief description 138
and a path to its location on the disk Application action - from the drop-down menu select a rule that should be applied to the application's behavior: Advanced settings - this option allows you to edit the rule set in details in the bottom part of this dialog Allow for all - any communication attempt of the application will be allowed Allow for safe - the application will only be allowed to communicate over safe networks (for instance, communication to the protected company network will be allowed
Each detailed settings further specifies what Defined services / Defined networks / Defined adapters will be used. 12.5.6. System Services Any editing within the System services and protocols dialog is recommended to experienced users only! The System services and protocols dialog opens an overview of system services and protocols communicating over the network.
o Application basic information - name of application and its brief description o Application action - from the drop-down menu select a rule that should be applied to the system service's behavior (compared to applications, there are only three actions available for the system services): Block - all communication attempts of the system service will be blocked Allow for safe - the system service will only be allowed to communicate over safe networks (for instance, communication to the protected company n
Allow for all - any communication attempt of the system service will be allowed o Log rule occurrences - tick this option to confirm you wish to have logged all Firewall actions regarding the system service that you have been configuring the rule set for. The respective log entries can then be found in the Logs dialog. o Application detail rules - for each system service you can further specify detailed rules within the Application detail rules section.
13. AVG Scanning Scanning is a crucial part of AVG 8.5 Anti-Virus plus Firewall functionality. You can run on-demand tests or schedule them to run periodically at convenient times. 13.1. Scanning Interface The AVG scanning interface is accessible via the Computer Scanner quick link. Click this link to switch to the Scan for threats dialog.
View Virus Vault - opens a new window with the Virus Vault - a space where detected infections are quarantined 13.2. Predefined Scans One of the main features of AVG is on-demand scanning. On-demand tests are designed to scan various parts of your computer whenever suspicion of possible virus infection arises. Anyway, it is strongly recommended to carry out such tests regularly even if you think that no virus can be found on your computer. In the AVG 8.
Scan configuration editing You have the option of editing the predefined default settings of the Scan of the whole computer. Press the Change scan settings link to get to the Change scan settings for Scan whole computer dialog.
Scanning parameters - in the list of scanning parameters you can switch on/off specific parameters as needed. By default, most of the parameters are switched on and these will be used automatically during scanning. Scan process priority - you can use the slider to change the scanning process priority. By default, the priority is set to medium level (Automatic scan) that optimizes the scanning process speed and the use of system resources.
Additional scan settings - the link opens a new Computer shutdown options dialog where you can decide whether the computer should be shut down automatically once the running scanning process is over. Having confirmed this option (Shutdown computer upon scan completion), a new option activates that allows the computer to shut down even if it is currently locked (Force shutdown is computer is locked).
scanning use the "!" parameter. Finally, to launch the scanning, press the Start scan button; the scanning process itself is basically identical to the scan of a whole computer. Scan configuration editing You have the option of editing the predefined default settings of the Scan of specific files or folders. Press the Change scan settings link to get to the Change scan settings for Scan of specific files or folders dialog.
Scanning parameters - in the list of scanning parameters you can switch on/off specific parameters as needed (for detailed description of this settings please consult chapter AVG Advanced Settings / Scans / Scan Specific Files or Folders). Scan process priority - you can use the slider to change the scanning process priority. By default, the priority is set to medium level (Automatic scan) that optimizes the scanning process speed and the use of system resources.
Additional scan settings - the link opens a new Computer shutdown options dialog where you can decide whether the computer should be shut down automatically once the running scanning process is over. Having confirmed this option (Shutdown computer upon scan completion), a new option activates that allows the computer to shut down even if it is currently locked (Force shutdown is computer is locked).
Within Windows Explorer highlight the file (or folder) you want to check Right-click your mouse over the object to open the context menu Select the Scan with AVG option to have the file scanned with AVG 13.4. Command Line Scanning Within AVG 8.5 Anti-Virus plus Firewall there is the option of running the scan from the command line. You can use this option for instance on servers, or when creating a batch script to be launched automatically after the computer boot.
The syntax of the command follows: avgscanx /parameter ... e.g. avgscanx /comp for scanning the whole computer avgscanx /parameter /parameter .. with multiple parameters these should be lined in a row and separated by a space and a slash character if a parameters requires specific value to be provided (e.g.
/COMP Scan whole computer /HEUR Use heuristic analyse /EXCLUDE Exclude path or files from scan /@ Command file /file name/ /EXT Scan these extensions /for example EXT=EXE,DLL/ /NOEXT Do not scan these extensions /for example NOEXT=JPG/ /ARC Scan archives /CLEAN Clean automatically /TRASH Move infected files to the Virus Vault /QT Quick test /MACROW Report macros /PWDW Report password-protected files /IGNLOCKED Ignore locked files /REPORT Report to file
/HELP Display help on this topic /PRIORITY settings / Scans) Set scan priority /Low, Auto, High/ (see Advanced /SHUTDOWN Shutdown computer upon scan completion /FORCESHUTDOWN Force computer shutdown upon scan completion /ADS Scan Alternate Data Streams (NTFS only) 13.5. Scan Scheduling With AVG 8.5 Anti-Virus plus Firewall you can run scanning on demand (for instance when you suspect an infection has been dragged to your computer) or based on a scheduled plan.
Control buttons for the scan scheduling Within the editing section you can find the following control buttons: Add scan schedule - the button opens the Settings for scheduled scan dialog, Schedule settings tab. In this dialog you can specify the parameters of the newly defined test. Edit scan schedule - this button can only be used if you have already previously selected an existing test from the list of scheduled tests.
13.5.1. Schedule Settings If you wish to schedule a new test and its regular launch, enter the Settings for scheduled test dialog. The dialog is divided into three tabs: Schedule settings see picture below (the default tab that you will be automatically redirected to), How to scan and What to scan. On the Schedule settings tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled test temporarily, and switch it on again as the need arises.
launch. The timing can either be defined by the repeated scan launch after a certain period of time (Run every ...) or by defining an exact date and time ( Run at specific time ...), or possibly by defining an event that the scan launch should be associated with (Action based on computer startup). Advanced schedule options - this section allows you to define under which conditions the scan should/should not be launched if the computer is in low power mode or switched off completely.
13.5.2. How to Scan On the How to scan tab you will find a list of scanning parameters that can be optionally switched on/off. By default, most parameters are switched on and the functionality will be applied during scanning. Unless you have a valid reason to change these settings we recommend to keep to the pre-defined configuration: Automatically heal/remove infection - (switched on, by default): if a virus is identified during scanning it can be healed automatically if a cure is available.
Scan inside archives - (switched on, by default): this parameters defines that the scanning should check all files even if these are packed inside some type of archive, e.g. ZIP, RAR, ...
Save - saves all changes you have performed on this tab or on any other tab of this dialog and switches back to the AVG scanning interface default dialog. Therefore if you wish to configure the test parameters on all tabs, press the button to save them only after you have specified all your requirements. Cancel - cancels any changes you have performed on this tab or on any other tab of this dialog and switches back to the AVG scanning interface default dialog. 13.5.3.
of this dialog and switches back to the AVG scanning interface default dialog. Therefore if you wish to configure the test parameters on all tabs, press the button to save them only after you have specified all your requirements. Cancel - cancels any changes you have performed on this tab or on any other tab of this dialog and switches back to the AVG scanning interface default dialog. 13.6.
- red icon warns there was an infection detected during the scan and it could not be removed! Each icon can either be solid or cut in half - the solid icons stands for a scan that was completed and finished properly; the cut-in-half icon means the scan was canceled or interrupted. Note: For detailed information on each scan please see the Scan Results dialog accessible via the View details button (in the bottom part of this dialog).
13.7. Scan Results Details If in the Scan Results Overview dialog a specific scan is selected, you can then click the View details button to switch to the Scan Results dialog providing detailed data on the course and result of the selected scan.
13.7.1. Results Overview Tab On the Scan results tab you can find detailed statistics with information on: detected virus infections / spyware removed virus infections / spyware the number of virus infections / spyware that cannot be removed or healed In addition you will find information on the date and exact time of the scan launch, on the total number of scanned objects, on the scanning duration and the number of errors that have occurred during scanning.
13.7.2. Infections Tab The Infections tab is only displayed in the Scan results dialog if a virus infection was detected during scanning.
o Deleted - the infected object was deleted o Added to PUP exceptions - the finding was evaluated as an exception and added to the list of PUP exceptions (configured in the PUP Exceptions dialog of the advanced settings) o Locked file - not tested - the respective object is locked and AVG is therefore unable to scan it o Potentially dangerous object - the object was detected as potentially dangerous but not infected (it can contain macros, for instance); the information should be taken as a warning only o R
Remove selected infections - use the button to move the selected finding to the Virus Vault Remove all unhealed infections - this button deletes all findings that cannot be healed or moved to the Virus Vault Close results - terminates the detailed information overview and returns to the Scan results overview dialog 13.7.3. Spyware Tab The Spyware tab is only displayed in the Scan results dialog in if spyware was detected during scanning.
option in a specific scan settings) o Healed - the infected object was healed automatically and left in its original location o Moved to Virus Vault - the infected object was moved to the Virus Vault quarantine o Deleted - the infected object was deleted o Added to PUP exceptions - the finding was evaluated as an exception and added to the list of PUP exceptions (configured in the PUP Exceptions dialog of the advanced settings) o Locked file - not tested - the respective object is locked and AVG is therefor
In this dialog you can find information on the location of the detected infectious object (Property name). Using the Previous / Next buttons you can view information on specific findings. Use the Close button to leave this dialog.
13.7.6. Information Tab The Information tab contains data on such "findings" that cannot be categorized as infections, spyware, etc. They can neither be positively labeled as dangerous but they are still worth your attention. All data on this tab is merely informative. 13.8. Virus Vault Virus Vault is a safe environment for the management of suspect/infected objects detected during AVG tests.
Path to file - full path to the original location of the detected infectious file Original object name - all detected objects listed in the chart have been labeled with the standard name given by AVG during the scanning process. In case the object had a specific original name that is known (e.g. a name of an e-mail attachment that does not respond to the actual content of the attachment), it will be provided in this column.
14. AVG Updates 14.1. Update Levels AVG offers two update levels to select from: Definitions update contains changes necessary for reliable anti-virus, anti-spam and anti-malware protection. Typically, it does not include any changes to the code and updates only the definition database. This update should be applied as soon as it is available. Program update contains various program changes, fixes and improvements.
Note: Before the AVG program update launch a system restore point is created. In case the update process fails and your operating system crashes you can always restore your OS in its original configuration from this point. This option is accessible via Start / All Programs / Accessories / System tools / System Restore.
15. Event History The Event History dialog is accessible from the system menu via the History/Event History Log item. Within this dialog you can find a summary of important events that occurred during AVG 8.5 Anti-Virus plus Firewall operation.
16. FAQ and Technical Support Should you have any problems with your AVG, either business or technical, please refer to the FAQ section of the AVG website at www.avg.com. If you do not succeed in finding help this way, contact the technical support department by email. Please use the contact form accessible from the system menu via Help / Get help online.
