AVG Internet Security 2012 User Manual Document revision 2012.24 (19.6.2012) C opyright AVG Technologies C Z, s.r.o. All rights reserved. All other trademarks are the property of their respective owners. This product uses RSA Data Security, Inc. MD5 Message-Digest Algorithm, C opyright (C ) 1991-2, RSA Data Security, Inc. C reated 1991. This product uses code from C -SaC zech library, C opyright (c) 1996-2001 Jaromir Dolecek (dolecek@ics.muni.cz).
Contents ........................................................................................................................ 5 1. Introduction ........................................................................................................................ 6 2. AVG Installation Requirements 6 2.1 Operation.......................................................................................................... Systems Supported 6 2.2 Minimum ......................................................
.......................................................................................................... 50 6.5 Anti-Rootkit 52 6.6 System.......................................................................................................... Tools .......................................................................................................... 58 6.7 PC Analyzer 59 6.8 Identity..........................................................................................................
........................................................................................................................ 143 11. Firewall Settings .......................................................................................................... 143 11.1 General .......................................................................................................... 144 11.2 Security 145 11.3 Areas......................................................................................................
1. Introduction This user manual provides comprehensive documentation for AVG Internet Security 2012. AVG Internet Security 2012 provides multiple layers of protection for everything you do online, which means you don’t have to worry about identity theft, viruses, or visiting harmful sites.
2. AVG Installation Requirements 2.1. Operation Systems Supported AVG Internet Security 2012 is intended to protect workstations with the following operating systems: Windows XP Home Edition SP2 Windows XP Professional SP2 Windows XP Professional x64 Edition SP1 Windows Vista (x86 and x64, all editions) Windows 7 (x86 and x64, all editions) (and possibly higher service packs for specific operating systems) Note: The ID Protection component is not supported on Windows XP x64.
3. AVG Installation Process Where do I get the installation file? To install AVG Internet Security 2012 on your computer, you need to get the latest installation file. To make sure you are installing the up-to-date version of AVG Internet Security 2012, it is recommended that you download the installation file from the AVG website (http://www.avg.com/). T he Support Center / Download section provides a structured overview of the installation files for each AVG edition.
Attention: At the moment you are only selecting the language of the installation process. The AVG Internet Security 2012 application will be installed in the selected language, and in English which is always installed automatically. However, it is possible to have more languages installed and to work with AVG Internet Security 2012 in any of these. You will be invited to confirm your full selection of alternative languages in one of following setup dialogs named Custom Options. 3.2.
Back - Click to return one step back to the previous setup dialog. Accept - Click to confirm you have read, understood, and accepted the license agreement. The installation will continue, and you will go on one step further to the following setup dialog. 3.3.
Press and hold Ctrl,and then press C. This copies the number. Point and click the position where you would like to paste the copied number. Press and hold Ctrl,and then press V. This pastes the number to the location you selected. Control buttons As in most setup dialogs, there are three control buttons available: Cancel - click to exit the setup process immediately; AVG Internet Security 2012 will not be installed! Back - click to go one step back to the previous setup dialog.
combined with the optimal use of resources. In the future, if the need arises to change the configuration, you will always have the option of doing so directly in the AVG Internet Security 2012 application. Press the Next button to proceed to the following dialog of the installation process. Custom installation Custom Install should only be used by experienced users who have a valid reason to install AVG Internet Security 2012 with non-standard settings; e.g. to fit specific system requirements.
3.5. Custom options The Custom Options dialog allows you to set up detailed parameters for the installation: The Component Selection section provides an overview of all AVG Internet Security 2012 components that can be installed. If the default settings do not suit you, you can remove/add specific components.
3.6. Install progress The Install Progress dialog shows the progress of the installation process, and does not require any intervention: After the installation process is finished, you will be automatically redirected to the next dialog. Control buttons There are two control buttons available in this dialog: Minimize - The installation process may take several minutes. Click the button to minimize the dialog window into an icon visible on the system bar.
3.7. Installation was successful The Installation was successful dialog confirms that your AVG Internet Security 2012 has been fully installed and configured: Product Improvement Program and Privacy Policy Here you can decide whether you want to participate in the Product Improvement Program (for details see the chapter AVG Advanced Settings / Product Improvement Program) that collects anonymous information on detected threats in order to increase the overall Internet security level.
4. After Installation 4.1. Product registration Having finished the AVG Internet Security 2012 installation, please register you product online on the AVG website (http://www.avg.com/). After the registration you will be able to gain full access to your AVG user account, the AVG Update newsletter, and other services provided exclusively for registered users. The easiest way to register is directly from the AVG Internet Security 2012 user interface. In the main menu please select the Help/Register now item.
From the http://www.eicar.com website you can also download the compressed version of the EICAR 'virus' (e.g. in the form of eicar_com.zip). Online Shield allows you to download this file and save it on your local disk but then the Resident Shield (within Anti-Virus component) detects the 'virus' as you try to unpack it. If AVG fails to identify the EICAR test file as a virus, you should check the program configuration again! 4.5. AVG default configuration The default configuration (i.e.
5.
AVG gadget (Windows sidebar, supported in Windows Vista/7) allows quick access to scanning and updating within AVG Internet Security 2012 - details >> 5.1. System Menu The System menu is the standard navigation used in all Windows applications. It is located horizontally in the very top part of the AVG Internet Security 2012 main window. Use the system menu to access specific AVG components, features, and services. The system menu is divided into six main sections: 5.1.1.
5.1.3.
5.1.5. Help Contents - opens the AVG help files Get Support - opens the AVG website (http://www.avg.com/) at the customer support center page Your AVG Web - opens the AVG website (http://www.avg.com/) About Viruses and Threats - opens the online Virus Encyclopedia where you can look up detailed information on the identified virus Reactivate - opens the Activate AVG dialog with the data you have entered in the Personalize AVG dialog of the installation process.
The License and Support tab provides information on the product name (type of licence, and number of seats), the license number, and the expiration date: Control buttons and links You will find the following buttons and hyperlinks in the tab: (Re)Activate - Click the button to open the new AVG Activate Software dialog.
The Product Information tab provides an overview of the AVG Internet Security 2012 most important technical data: The tab is divided into several sections: Product information - provides information on the AVG Internet Security 2012 version, the virus database version, the LinkScanner version, and the AVG Security Toolbar version. Installed components - provides a complete list of all currently installed components.
On the Program tab you can find information on the AVG Internet Security 2012 program file version, and on the third parties code used in the product: A V G I nternet Sec urity 2 0 1 2 © 2 0 1 2 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
On the License Agreement tab you can read the full wording of the license agreement between you and AVG Technologies: 5.2. Security Status Info The Security Status Info section is located in the upper part of the AVG Internet Security 2012 main window. Within this section you will always find information on the current security status of your AVG Internet Security 2012.
the AVG Internet Security 2012 main window. Select this option to state you are aware of the component's error state but for some reason you wish to keep your AVG Internet Security 2012 so and you do not want to be warned by the system tray icon. You may need to use this option in a specific situation but it is strictly recommended that you switch off the Ignore component state option as soon as possible.
you open the AVG scanning interface where you can run scans, schedule scans, or edit their parameters. (For details see chapter AVG Scanning) Scan options - use this link to switch from any currently opened AVG dialog to the default window with an overview of all installed components. (For details see chapter Components Overview) Update now - the link provides the date and time of the update last launch. Press the button to run the update process immediately, and to follow its progress.
Anti-Rootkit scans for dangerous rootkits hidden inside applications, drivers, or libraries details >> System Tools offers a detailed summary of the AVG environment and operating system information - details >> PC Analyzer analyzer provides information about your computer status - details >> Identity Protection is constantly protecting your digital assets from new and unknown threats - details >> Remote Administration is only displayed within AVG Business Editions in case you have specified during the insta
AVG System Tray Icon display In full color with no added elements the icon indicates that all AVG Internet Security 2012 components are active and fully functional. However, the icon can also be displayed this way in a situation when one of the components is not fully functional but the user has decided to ignore the component state.
Internet Security 2012; just double-click the icon. By right-click the icon you open a brief context menu with the following options: Open AVG User Interface - click to open the user interface of AVG Internet Security 2012. Temporarily disable AVG protection - the option allows you to switch off the entire protection secured by your AVG Internet Security 2012 at once.
Specifically, AVG Advisor monitors the following: The state of any currently opened web browser. Web browsers may overload the memory, especially if multiple tabs or windows have been opened for some time, and consume too much of system resources, i.e. slowing down your computer. In such situation, restarting the web browser usually helps. Running Peer-To-Peer connections. After using the P2P protocol for sharing files, the connection can sometimes remain active, using up certain amount of your bandwidth.
Quick access to scanning and updating If needed, the AVG gadget allows you to launch a scan or an update immediately: Scan now - click the Scan now link to start the whole computer scan directly. You can watch the progress of the scanning in the alternative user interface of the gadget. A brief statistical overview provides information on the number of scanned objects, threats detected, and threats healed. During the scan you can always pause , or stop the scanning process.
Twitter link - opens a new AVG gadget interface providing an overview of the latest AVG feeds posted to Twitter. Follow the View all the AVG Twitter feeds link to open your Internet browser in a new window, and you will be redirected directly to the Twitter website, specifically to the page devoted to AVG news: Facebook link - opens your Internet browser to the Facebook website, specifically on the AVG community page. LinkedIn - this option is only available within the network installation (i.e.
6. AVG Components 6.1. Anti-Virus The Anti-Virus component is a cornerstone of your AVG Internet Security 2012 and it combines several fundamental features of a security program: Scanning Engine Resident Protection Anti-Spyware Protection 6.1.1. Scanning Engine The scanning engine which is the base of the Anti-Virus component scans all files and file activity (opening/closing files, etc.) for known viruses.
6.1.2. Resident Protection AVG Internet Security 2012 gives you continuous protection in the form of so-called resident protection. The Anti-Virus component scans every single file (with specific extensions or without extensions at all) that is being opened, saved, or copied. It guards the system areas of the computer, and removable media (flash disk etc.).
Configuration options The dialog provides some elementary configuration options for features available within the AntiVirus component. You can find a brief description of these below: View an online report for how AVG has protected you - the link redirects you to a specific page on the AVG website (http://www.avg.com/). On the page you can find a detailed statistical overview of all AVG Internet Security 2012 activities performed on your computer within a specified period of time and in total.
option on to achieve maximum security levels, however it is switched off by default. o Enable Instant Messaging and P2P downloads protection - check this item if you wish to verify that the instant messaging communication (e.g. ICQ, MSN Messenger, ...) is virus free. Advanced settings... - click the link to get redirected to the respective dialog within the Advanced settings of AVG Internet Security 2012. There you can edit the component's configuration in detail.
6.1.5. Resident Shield Detections Resident Shield scans files as they are copied, opened, or saved. When a virus or any kind of threat is detected, you will be warned immediately via the following dialog: Within this warning dialog you will find data on the file that was detected and assigned as infected ( File name), the name of the recognized infection (Threat name), and a link to the Virus encyclopedia where you can find detailed information on the detected infection, if known (More info).
Resident Shield detections overview The entire overview of all threats detected by Resident Shield can be found in the Resident Shield detection dialog accessible from the system menu option History / Resident Shield detection: The Resident Shield detection offers an overview of objects that were detected by the Resident Shield, evaluated as dangerous, and either cured or moved to the Virus Vault.
default AVG main dialog (components overview). 6.2. Link Scanner LinkScanner protects you from the increasing number of ‘here today, gone tomorrow’ threats on the web. These threats can be hidden on any type of website, from governments to big, well-known brands to small businesses, and they rarely stick around on those sites for more than 24 hours.
6.2.1. Link Scanner Interface The LinkScanner component main dialog provides a brief description of the component's functionality and information on its current status (Active): In the bottom part of the dialog basic configuration options for the component are available: Enable Surf-Shield - (on by default): Active (real-time) protection against exploitive sites as they are accessed.
Entering such website is highly risky and cannot be recommended! 6.2.3. Online Shield detections Online Shield scans the content of visited web pages and possible files included in them even before these are displayed in your web browser or downloaded to your computer.
Close - click the button to close the warning dialog. The suspicious web page will not be opened, and the threat detection will be logged in the list of Online Shield findings - this overview of detected threats is accessible via the system menu History / Online Shield findings.
Refresh list - update the list of findings detected by Online Shield Back - switch back to the default AVG main dialog (components overview) 6.3. E-mail Protection One of the most common sources of viruses and trojans is via e-mail. Phishing and spam make email an even greater source of risks. Free e-mail accounts are more likely to receive such malicious e-mails (as they rarely employ anti-spam technology), and home users rely quite heavily on such email.
Anti-Spam checks all incoming e-mail messages and marks unwanted e-mails as spam. AntiSpam can modify the subject of the email (that has been identified as spam) by adding a special text string. You can then easily filter your emails in your email client. The Anti-Spam component uses several analysis methods to process each e-mail message, offering maximum possible protection from unwanted e-mail messages. Anti-Spam uses a regularly updated database for the detection of spam.
In the E-mail Protection dialog you can also edit some elementary features of the component's functionality: Scan incoming messages (on by default) - tick the box to specify that all e-mails delivered to your account should be scanned for viruses. Scan outgoing messages (off by default) - tick the box to confirm all e-mail sent from your account should be scanned for viruses.
6.3.4. E-mail Scanner Detections In the E-mail Scanner detection dialog (accessible via system menu option History / E-mail Scanner detection) you will be able to see a list of all findings detected by the E-mail Protection component.
Back - switches you back to the previously displayed dialog. 6.4. Firewall The Firewall is a system that enforces an access control policy between two or more networks by blocking/permitting traffic. The Firewall contains a set of rules that protect the internal network from attacks originating outside (typically from the Internet) and controls all communication on every single network port. The communication is evaluated according to the defined rules, and then either allowed or forbidden.
adapters 6.4.2. Firewall Profiles The Firewall allows you to define specific security rules based on whether your computer is located in a domain, is a standalone computer, or even a notebook. Each of these options requires a different level of protection, and the levels are covered by the respective profiles. In short, a Firewall profile is a specific configuration of the Firewall component, and you can use a number of such predefined configurations.
The profile switching feature allows the Firewall to switch automatically to the defined profile when using a certain network adapter, or when connected to a certain type of network. If no profile has been assigned to a network area yet, then upon next connection to that area, the Firewall will display a dialog asking you to assign a profile.
Select Firewall profile - from the roll-down menu select one of the defined profiles (for a detailed description of each profile and its recommended use please consult chapter Firewall Profiles) Enable Game mode - check this option to ensure that when running full-screen applications (games, presentations, movies, etc.), the Firewall will not display dialogs asking you whether you want to allow or block communication for unknown applications.
What is a rootkit? A rootkit is a program designed to take fundamental control of a computer system, without authorization by the system's owners and legitimate managers. Access to the hardware is rarely required as a rootkit is intended to seize control of the operating system running on the hardware. Typically, rootkits act to obscure their presence on the system through subversion or evasion of standard operating system security mechanisms.
In the bottom part of the dialog you can set up some elementary functions of the rootkit presence scanning. First, mark up the respective check-boxes to specify objects that should be scanned: Scan applications Scan drivers You can also pick the rootkit scanning mode: Quick rootkit scan - scans all running processes, loaded drivers, and the system folder ( typically c:\Windows). Full rootkit scan - scans all running processes, loaded drivers, the system folder (typically c:\Windows), plus all local disks (i
6.6.1. Processes The Processes dialog contains a list of processes (i.e. running applications) that are currently active on your computer.
Back - switches you back to the default AVG main dialog (components overview) 6.6.2. Network Connections The Network Connections dialog contains a list of currently active connections.
Control buttons The control buttons available within the Network Connections tab are as follows: Terminate Connection - closes one or more connections selected in the list Terminate Process - closes one or more applications related to connections selected in the list Back - switches back to the default AVG main dialog (components overview). Sometimes it is possible to terminate only applications that are currently in the connected state.
Remove selected - press the button to delete one or more selected entries. Back - switches you back to the default AVG main dialog (components overview). We strongly suggest not deleting any applications from the list, unless you are absolutely sure that they represent a real threat! 6.6.4. Browser Extensions The Browser Extensions dialog contains a list of plug-ins (i.e. applications) that are installed inside your Internet browser.
6.6.5. LSP Viewer The LSP Viewer dialog shows a list of Layered Service Providers (LSP). A Layered Service Provider (LSP) is a system driver linked into the networking services of the Windows operating system. It has access to all data entering and leaving the computer, including the ability to modify this data. Some LSPs are necessary to allow Windows to connect you to other computers, including the Internet.
6.7. PC Analyzer The PC Analyzer component is able to scan your computer for system problems, and give you a transparent overview of what might be aggravating your computer’s overall performance. In the component's user interface you can see a chart divided into four lines referring to respective categories: registry errors, junk files, fragmentation, and broken shortcuts: Registry Errors will give you the number of errors in Windows Registry.
The results overview provides the number of detected system problems (Errors) divided according to the respective categories tested. The analysis results will also be displayed graphically on an axis in the Severity column. Control buttons Analyze now (displayed before the analysis stars) - press this button to launch the immediate analysis of your computer Fix now (displayed once the analysis is finished) - press the button to get to the AVG website (http://www.avg.
Identity Protection gives your computer a realtime protection against new and even unknown threats. It monitors all (including hidden) processes and over 285 different behaviour patterns, and can determine if something malicious is happening within your system. For this reason, it can reveal threats not even yet described in the virus database. Whenever an unknown piece of code comes onto your computer, it is immediately watched for malicious behaviour, and tracked.
the user interface of the System tools component where you can find a detailed overview of all monitored processes. Basic Identity Protection settings In the bottom part of the dialog you can edit some elementary features of the component's functionality: Activate Identity Protection - (on by default): check to activate the IDP component, and to open further editing options. In some cases, Identity Protection may report that some legitimate file is suspicious or dangerous.
opened via the Support system menu item). For detailed description of the component's options and functionality within the AVG Remote Administration system please refer to the specific documentation dedicated to this topic exclusivity. This documentation is available for download at AVG website (http://www.avg.com/), in the Support center / Download / Documentation section. A V G I nternet Sec urity 2 0 1 2 © 2 0 1 2 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
7. My Apps My Apps dialog (accessible via the My Apps button directly from the AVG main dialog) provides an overview of AVG standalone applications, both already installed on your computer, or ready to be installed, as options: The dialog is divided into two sections: Your AVG Apps - provides an overview of all AVG standalone applications that are already installed on your computer; Get AVG Apps - offers an overview of AVG standalone applications, that you might be interested in.
For detailed information please visit the dedicated AVG webpage, where you can also download the component immediately. To do so, you may use the AVG Family Safety link within the My Apps dialog. 7.2. AVG LiveKive AVG LiveKive is dedicated to online data backup on secured servers. AVG LiveKive automatically backs up all your files, photos, and music to one safe place, allowing you to share them with family and friends and access them from any web-enabled device, including iPhones and Android devices.
download the component immediately. To do so, you may use the AVG Mobilation link within the My Apps dialog. 7.4. AVG PC Tuneup AVG PC Tuneup application is an advanced tool for detailed system analysis and correction, as to how the speed and overall performance of your computer might be improved. AVG PC Tuneup features include: Disk Cleaner - removes junk files that slow down a computer. Disk Defrag - defragments disk drives and optimizes system files placement.
within the My Apps dialog. A V G I nternet Sec urity 2 0 1 2 © 2 0 1 2 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
8. AVG Security Toolbar AVG Security Toolbar is a tool that closely cooperates with the LinkScanner component, and guards your maximum security while browsing the Internet. Within AVG Internet Security 2012, the installation of AVG Security Toolbar is optional; during the installation process you were invited to decide whether the component should be installed. AVG Security Toolbar is available directly in your Internet browser.
Delete - the 'trash bin' button offers a roll down the menu where you can select whether you want to delete information on your browsing, downloads, online forms, or delete all of your search history at once. Weather - the button opens a new dialog providing information on the current weather in your location, and the weather forecast for the next two days. This information is updated regularly, every 3-6 hours.
9. AVG Do Not Track AVG Do Not Track helps you identify websites that are collecting data about your online activities. An icon in your browser shows the websites or advertisers collecting data about your activity and gives you the choice to allow or disallow it. AVG Do Not Track provides you with additional information about privacy policy of each respective service as well as a direct link to Opt-out from the service, if that is available.
9.1. AVG Do Not Track interface While online, AVG Do Not Track warns you as soon as any kind of data collection activity is detected. You will see the following dialog: All detected data collection services are listed by name in the Trackers on this page overview. There are three types of data collection activities recognized by AVG Do Not Track: Web Analytics (allowed by default): Services used to improve the performance and experience of the respective website.
What is tracking? - click this link in the upper section of the dialog to get redirected to the dedicated webpage providing detailed explanation on the tracking principles, and description of specific tracking types. Settings - click this link in the bottom section of the dialog to get redirected to the dedicated webpage where you can set the specific configuration of various AVG Do Not Track parameters (see the AVG Do Not Track settings chapter for detailed information) 9.2.
may break functionality in the respective webpage where the service is running!) - If you do not want to block all the detected services at once, you can specify whether the service should be allowed or blocked individually. You may allow running of some of the detected systems (e.g. Web Analytics): these systems use the collected data for their own website optimization, and this way they help to improve the common Internet environment for all users.
Notification position (Top-Right by default) - Open the roll-down menu to specify in which position you want the AVG Do Not Track dialog to appear on your monitor. Display notification for (10 by default) - In this field you should decide for how long (in seconds) you wish to see the AVG Do Not Track notification on your screen. You may specify a number ranging from 0 to 60 seconds (for 0, the notification will not appear on your screen at all).
Networks. By default, AVG Do Not Track blocks some of Ad Networks automatically and it remains up to your decision whether the rest should be blocked as well, or left allowed. To do so, just click the Block All button under the list.
10. AVG Advanced Settings The advanced configuration dialog of AVG Internet Security 2012 opens in a new window named Advanced AVG Settings. The window is divided into two sections: the left part offers a treearranged navigation to the program configuration options. Select the component for which you want to change the configuration (or its specific part) to open the editing dialog in the right-hand section of the window. 10.1.
Confirm your selection by pressing the Apply button (right-hand bottom corner of the dialog) Press the OK button confirm A new dialog pops-up informing you that in order to change the language of the application, you need to restart your AVG Internet Security 2012 Press the Restart the application now button to agree with the program restart, and wait a second for the language change to take effect: System tray notifications Within this section you can suppress displaying system tray notifications on the s
information upon automatic launch of the scheduled scan, its progress, and results should be displayed. o Display Firewall related tray notifications (on, by default) - decide whether information concerning Firewall status and processes, e.g. component's activation/ deactivation warnings, possible traffic blocking etc. should be displayed.
10.2. Sounds Within the Sounds dialog you can specify whether you want to be informed about specific AVG Internet Security 2012 actions by a sound notification: The settings are only valid for the current user account. That means, each user on the computer can have their own sound settings. If you want to allow the sound notification, keep the Enable sound events option checked (the option is on, by default) to activate the list of all relevant actions.
10.3. Temporarily disable AVG protection In the Temporarily disable AVG protection dialog you have the option of switching off the entire protection secured by your AVG Internet Security 2012 at once.
software etc. You can decide for a longer time period, however this option is not recommended if not absolutely necessary. Afterwards, all deactivated components will be automatically activated again. At most, you can disable the AVG protection till the next computer restart. 10.4. Anti-Virus The Anti-Virus component protects your computer continuously from all known types of viruses and spyware (including so-called sleeping and non-active malware, i.e.
10.4.1. Resident Shield Resident Shield performs live protection of files and folders against viruses, spyware, and other malware. In the Resident Shield Settings dialog you can activate or deactivate the resident protection completely by checking or unchecking the Enable Resident Shield item (this option is switched on by default).
Report enhanced set of Potentially Unwanted Programs (off by default) - mark to detect extended packages of spyware: programs that are perfectly ok and harmless when acquired from the manufacturer directly, but can be misused for malicious purposes later. This is an additional measure that increases your computer's security even more, however it can possibly block legal programs, and is therefore switched off by default.
In the Files scanned by the Resident Shield dialog it is possible to configure which files will be scanned (by specific extensions): Mark the respective checkbox to decide whether you want to Scan all files or Scan infectable files and selected types of documents only. If you have chosen the latter option, you can further specify a list of extensions defining files that should be excluded from scanning, and also a list of file extensions defining files that must be scanned under all circumstances.
The Resident Shield - Exceptions dialog offers the option of defining files and/or folders that should be excluded from the Resident Shield scanning.
10.4.2. Cache Server The Cache Server Settings dialog refers to the cache server process designed to speed up all types of AVG Internet Security 2012 scans: The cache server gathers and keeps information on trustworthy files (a files is considered trustworthy if signed with digital signature on a trustworthy source). These files are then automatically considered to be safe, and do not need to be re-scanned; therefore these files are skipped during scanning.
10.5. E-mail protection In the E-mail protection section you can edit the detailed configuration of E-mail Scanner and AntiSpam: 10.5.1.
Scanning properties In this section, you can specify how the e-mail messages will be scanned: Use Heuristics (on by default) - check to use the heuristics detection method when scanning e-mail messages. When this option is on, you can filter e-mail attachments not only by the extension but the actual contents of the attachment will also be considered. The filtering can be set in the Mail Filtering dialog.
file "something.txt.exe" appear as harmless plain text file "something.txt"; check the box to report these as potentially dangerous. Move reported attachments to Virus Vault - specify whether you wish to be notified via email about password protected archives, password protected documents, files containing macros, and/or files with hidden extensions detected as an attachment to the scanned email message.
The Attachment filter dialog allows you to set up parameters for e-mail message attachment scanning. By default, the Remove attachments option is switched off. If you decide to activate it, all e-mail message attachments detected as infected or potentially dangerous will be removed automatically. If you want to define specific types of attachments that should be removed, select the respective option: Remove all executable files - all *.exe files will be deleted Remove all documents - all *.doc, *.docx, *.
You can also define new servers for incoming or outgoing mail, using the Add new server button. POP3 In this dialog (opened via Servers / POP3) you can set up a new E-mail Scanner server using the POP3 protocol for incoming mail: POP3 Server Name - in this field you can specify the name of newly added servers (to add a POP3 server, click the right mouse button over the POP3 item of the left navigation menu). For automatically created "AutoPOP3" servers this field is deactivated.
delimiter (for example, pop.acme.com:8200). The standard port for POP3 communication is 110. Additional settings - specifies more detailed parameters: o Local port - specifies the port on which the communication from your mail application should be expected. You must then specify in your mail application this port as the port for POP3 communication. o Connection - in the drop-down menu, you can specify which kind of connection to use (regular/SSL/SSL default).
SMTP Server Name - in this field you can specify the name of newly added servers (to add a SMTP server, click the right mouse button over the SMTP item of the left navigation menu). For automatically created "AutoSMTP" servers this field is deactivated.
In this dialog (opened via Servers / IMAP) you can set up a new E-mail Scanner server using the IMAP protocol for outgoing mail: IMAP Server Name - in this field you can specify the name of newly added servers (to add a IMAP server, click the right mouse button over the IMAP item of the left navigation menu ). For automatically created "AutoIMAP" servers this field is deactivated.
o Connection - in this drop-down menu, you can specify which kind of connection to use (regular/SSL/SSL default). If you choose a SSL connection, the data sent is encrypted without the risk of being traced or monitored by a third party. This feature is available only when the destination mail server supports it. E-mail client IMAP server activation - check/uncheck this box to activate/deactivate the IMAP server specified above 10.5.2.
Value 80-90 - e-mail messages likely to be spam will be filtered out. Some non-spam messages may be incorrectly filtered as well. Value 60-79 - considered as a quite aggressive configuration. E-mail messages that are possibly spam will be filtered out. Non-spam messages are likely to be caught as well. Value 50-59 - very aggressive configuration. Non-spam e-mail messages are as likely to be caught as real spam messages. This threshold range is not recommended for normal use.
There are the following options to choose from: A specific e-mail client - if you use one of the listed e-mail clients (MS Outlook , Outlook Express, The Bat!), simply select the respective option Folder with EML files - if you use any other e-mail program, you should first save the messages to a specific folder (in .eml format), or make sure that you know the location of your e-mail client message folders.
In this dialog, please select the folder with the messages you want to use for training. Press the Add folder button to locate the folder with the .eml files (saved e-mail messages). The selected folder will then be displayed in the dialog. In the Folders contain drop-down menu, set one of the two options - whether the selected folder contains wanted (HAM), or unsolicited (SPAM) messages.
profile first. In the Folders contain drop-down menu, set one of the two options - whether the selected folder contains wanted (HAM), or unsolicited (SPAM) messages. Please note that you will be able to filter the messages in the next step, so the folder does not have to contain only training e-mails. A navigation tree of the selected e-mail client is already displayed in the main section of the dialog. Please locate the desired folder in the tree and highlight it with your mouse.
Performance The Engine performance settings dialog (link ed to via the Performance item of the left navigation) offers the Anti-Spam component performance settings: Move the slider left or right to change the level of scanning performance ranging between Low memory / High performance modes. Low memory - during the scanning process to identify spam, no rules will be used. Only training data will be used for identification.
have a valid reason to do so. Any changes to this configuration should only be made by expert users! RBL The RBL item opens an editing dialog called Realtime Blackhole Lists where you can switch the Query RBL servers functions: The RBL (Realtime Black hole List) server is a DNS server with an extensive database of known spam senders. When this feature is switched on, all e-mail messages will be verified against the RBL server database and marked as spam if identical to any of the database entries.
Whitelist The Whitelist item opens a dialog named Approved e-mail senders list with a global list of approved sender e-mail addresses and domain names whose messages will never be marked as spam. In the editing interface you can compile a list of senders that you are sure will never send you unwanted messages (spam). You can also compile a list of full domain names (e.g. avg.com), that you know do not generate spam messages.
this button. All records will be saved to a plain text file. Import - if you already have a text file of email addresses/domain names prepared, you can simply import it by selecting this button. The content of the file must contain only one item ( address, domain name) per line. Blacklist The Blacklist item opens a dialog with a global list of blocked sender e-mail addresses and domain names whose messages will always be marked as spam.
The following control buttons are available: Edit - press this button to open a dialog, where you can manually enter a list of addresses ( you can also use copy and paste). Insert one item (sender, domain name) per line. Export - if you decide to export the records for some purpose, you can do so by pressing this button. All records will be saved to a plain text file. Import - if you already have a text file of email addresses/domain names prepared, you can simply import it by selecting this button.
10.6.1. Link Scanner settings The LinkScanner settings dialog allows you to switch the elementary features of the LinkScanner: Enable Search-Shield - In the configuration dialog, this option is deactivated since the Search-Shield services has been terminated in all AVG products. Enable Surf-Shield - (on by default): active (real-time) protection against exploitative sites as they are accessed.
10.6.2. Online Shield The Online Shield dialog offers the following options: Enable Online Shield (on, by default) - activate/deactivate the entire Online Shield service. For further advanced settings of Online Shield please continue to the subsequent dialog called Web Protection. Enable AVG Accelerator (on, by default) - activate/deactivate the AVG Accelerator service that allows smoother online video playback and makes additional downloads easier.
In the Web Protection dialog you can edit the component's configuration regarding the scan of the website content. The editing interface allows you to configure the following elementary options: Enable Web protection - this option confirms that the Online Shield should perform a scan o the www page content. Provided this option is on (by default), you can also switch these items in/off: o Check archives - (off by default): scan the content of archives possibly included in the www page to be displayed.
o Use heuristic analysis - (on by default): scan the content of the page to be displayed using the heuristic analysis method (dynamic emulation of the scanned object’s instructions in a virtual computer environment). o Enable thorough scanning (off by default) - in specific situations (suspicions about your computer being infected) you may check this option to activate the most thorough scanning algorithms that will scan even those areas of your computer that rarely get infected, just to be absolutely sure.
10.7.1. Whole computer scan The Whole Computer scan option allows you to edit parameters of one of the scans predefined by the software vendor, Whole computer scan: Scan settings The Scan settings section offers a list of scanning parameters that can be optionally switched on/ off: Heal / remove virus infection without asking me (on by default) - if a virus is identified during scanning it can be healed automatically if a cure is available.
additional measure that increases your computer security even more, however it may block legal programs, and is therefore switched off by default.
scanning speed dependent on system resource usage. By default, this option value is set to user sensitive level of automatic resource usage. If you want the scanning to run faster, it will take less time but the system resources used will increase significantly during the scan, and will slow down your other activities on the PC (this option can be used when your computer is switched on but nobody is currently work ing on it).
The list of parameters is identical to those available for the Scan of the whole computer. However, the default settings differ (for instance, Whole Computer scan by default does not check the archives but it does scan the system environment; vice versa with the Shell Extension Scan). Note: For a description of specific parameters please consult the AVG Advanced Settings / Scans / Whole Computer scan chapter.
All parameters set up in this configuration dialog apply only to the areas selected for scanning with Scan of specific files or folders! Note: For a description of specific parameters please consult the AVG Advanced Settings / Scans / Whole Computer scan chapter. A V G I nternet Sec urity 2 0 1 2 © 2 0 1 2 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
10.7.4. Removable device scan The editing interface for Removable device scan is also very similar to the Whole Computer scan editing dialog: The Removable device scan is launched automatically once you attach any removable device to your computer. By default, this scan is switched off. However, it is crucial to scan removable devices for potential threats since these are a major source of infection.
10.8.1. Scheduled Scan The parameters of the scheduled scan can be edited (or a new schedule set up) on three tabs. On each tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled test temporarily, and switch it on again as the need arises: Schedule settings Next, the text field called Name (deactivated for all default schedules) states the name assigned to this very schedule by the program vendor.
Schedule running Here, you can specify time intervals for the newly scheduled scan launch. The timing can either be defined by the repeated scan launch after a certain period of time (Run every ...) or by defining an exact date and time (Run at specific time interval ...), or possibly by defining an event that the scan launch should be associated with (Run on computer startup).
On the How to scan tab you will find a list of scanning parameters that can be optionally switched on/off. By default, most parameters are switched on and the functionality will be applied during scanning. Unless you have a valid reason to change these settings we recommend that you keep the predefined configuration: Heal / remove virus infection without asking me (on by default): if a virus is identified during scanning it can be healed automatically if a cure is available.
preferences or the contents of their electronic shopping carts) Scan inside archives (off by default): this parameter specifies that the scanning should check all files even if they are stored inside an archive, e.g. ZIP, RAR, ...
Set additional scan reports Click the Set additional scan reports ... link to open a standalone dialog window called Scan reports where you can tick several items to define what scan findings should be reported: Additional scan settings Click the Additional scan settings ... to open a new Computer shutdown options dialog where you can decide whether the computer should be shut down automatically once the running scanning process is over.
On the What to scan tab you can define whether you want to schedule scanning of the whole computer or scanning of specific files or folders. If you select scanning of specific files or folders, in the bottom part of this dialog the displayed tree structure activates and you can specify the folders to be scanned. A V G I nternet Sec urity 2 0 1 2 © 2 0 1 2 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
10.8.2. Definitions Update Schedule If really necessary, you can uncheck the Enable this task item to simply deactivate the scheduled definitions update temporarily, and switch it on again later: Within this dialog you can set up some detailed parameters for the definition update schedule. The text field called Name (deactivated for all default schedules) shows the name assigned to this very schedule by the program vendor.
Other update settings Finally, check the Run the update again as soon as the Internet connection is available option to make sure than if the Internet connection is interrupted and the update process fails, it will be launched again immediately after the Internet connection is restored.
update launch should be associated with (Action based on computer startup). Advanced schedule options This section allows you to define under which conditions the program update should/should not be launched if the computer is in low power mode or switched off completely.
10.8.4. Anti-Spam Update Schedule If really necessary, you can uncheck the Enable this task item to simply deactivate the scheduled Anti-Spam update temporarily, and switch it on again later: Within this dialog you can set up some detailed parameters for the update schedule. The text field called Name (deactivated for all default schedules) states the name assigned to this very schedule by the program vendor.
Other update settings Check the Run the update again as soon as the Internet connection is available option to make sure that if the Internet connection is interrupted and the Anti-Spam update process fails, it will be launched again immediately after the Internet connection is restored.
Require confirmation from the user (by default) - you will be asked to approve a PC restart needed to finalize the update process Restart immediately - the computer will be restarted automatically immediately after the update process has finished, and your approval will not be required Complete at next computer restart - the update process finalization will be postponed until the next computer restart.
10.9.1. Proxy The proxy server is a stand-alone server or a service running on a PC that guarantees safer connection to the Internet. According to the specified network rules you can then access the Internet either directly or via the proxy server; both possibilities can also be allowed at the same time.
Port – specify the number of the port that enables Internet access (by default, this number is set to 3128 but can be set differently – if you are not sure, contact your network administrator) The proxy server can also have specific rules configured for each user. If your proxy server is set up this way, check the Use PROXY authentication option to verify that your user name and password are valid for connecting to the Internet via the proxy server.
Specify whether you want to connect to the Internet automatically (Automatically open this connection) or you wish to confirm the connection manually every time (Ask before connection). For automatic connection you should further select whether the connection should be closed after the update is finished (Close dial-up connection when finished). A V G I nternet Sec urity 2 0 1 2 © 2 0 1 2 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
10.9.3.
10.9.4. Manage The Update management dialog offers two options accessible via two buttons: Delete temporary update files - press this button to delete all redundant update files from your hard disk (by default, these files are saved for 30 days) Revert virus database to previous version – press this button to delete the latest virus base version from your hard disk, and return to the previously saved version (new virus base version will be a part of the following update) 10.10.
Editing all functions of the Anti-Rootkit component as provided within this dialog is also accessible directly from the Anti-Rootkit component's interface. Scan applications and Scan drivers enable you to specify in detail what should be included in antirootkit scanning. These settings are intended for advanced users; we recommend that you keep all options switched on.
10.10.1. Exceptions Within the Anti-Rootkit Exceptions dialog you can define specific files (for instance some drivers that might be incorrectly detected as rootk it) that should be excluded from this scan: 10.11. Identity Protection Identity Protection is an anti-malware component that protects you from all kinds of malware ( spyware, bots, identity theft, ...
10.11.1. Identity Protection Settings The Identity Protection settings dialog allows you to switch the elementary features of the Identity Protection component on/off: Activate Identity Protection (on by default) – uncheck to turn off the Identity Protection component.
You can also assign specific items to optionally activate more Identity Protection functionality: Prompt to save your work before removal - (on by default) - keep this item checked if you wish to be warned before the application detected as possible malware gets removed to quarantine. If you are currently working with the application, your project might be lost and you need to save it first. By default, this item is on and we strongly recommend that you keep it so.
The Identity Protection Allowed list provides the following information on each application: Level - graphical identification of the respective process severity on a four-level scale from less important ( ) up to critical ( ) Process path - path to the application's (process) executable file location Date allowed - date when you manually assigned the application as safe Control buttons The control buttons available within the Identity Protection Allowed list dialog are as follows: Add - press this button t
on your computer, you can define it as a potentially unwanted program exception: The Potentially Unwanted Programs Exceptions dialog displays a list of already defined and currently valid exceptions from potentially unwanted programs. You can edit the list, delete existing items, or add new exceptions.
Add exception - opens an editing dialog where you can define parameters of the new exception to be created: o File - type the full path to the file that you want to mark as an exception o Checksum - displays the unique 'signature' of the chosen file. This checksum is an automatically generated string of characters, which allows AVG to unequivocally distinguish the chosen file from other files. The checksum is generated and displayed after successful addition of the file.
10.13. Virus Vault The Virus Vault maintenance dialog allows you to define several parameters regarding the administration of objects stored in the Virus Vault: Limit Virus Vault size - use the slider to set up the maximum size of the Virus Vault. The size is specified proportionally compared to the size of your local disk. Automatic file deletion - in this section define the maximum length of time that objects should be stored in the Virus Vault (Delete files older than ...
Within the dialog, the following setting options are available: Allow reporting (on by default) - If you want to help us further improve AVG Internet Security 2012, keep the checkbox marked. This will enable all encountered threats to be reported to AVG, so we will be able to collect up-to-date information on malware from all participants worldwide, and in return improve protection for everyone.
checked if really infected, to sort out false positives. Most common threats Nowadays, there are far more threats out there than plain viruses. Authors of malicious codes and dangerous websites are very innovative, and new kinds of threats emerge quite often, the vast majority of which are on the Internet. Here are some of the most common: Virus is a malicious code that copies and spreads itself, often unnoticed until the damage is done.
Overview chapter. 10.15. Ignore error status In the Ignore error status dialog you can tick those components that you do not want to get informed about: By default, no component is selected in this list.
For this situation, within the above dialog you can select components that may be in an error state ( or switched off) and you do not wish to receive information about it. The same option (Ignore component state) is also available for specific components directly from the components overview in the AVG main window. 10.16.
11. Firewall Settings The Firewall configuration opens in a new window where in several dialogs you can set up very advanced parameters for the component. However, the software vendor has set up all AVG Internet Security 2012 components to give optimum performance. Unless you have a real reason to do so, do not change the default configuration. Any changes to settings should only be performed by an experienced user! 11.1.
Enable all traffic to VPN (on by default) - if you use a VPN (Virtual Private Network ) connection, e.g. to connect to your office from home, we recommend that you check the box. AVG Firewall will automatically search through your network adapters, find those used for VPN connection, and allow all applications to connect to the target network (only applies to applications with no specific Firewall rule assigned).
Show confirmation dialogs for - specify to whom the confirmation dialogs (dialogs ask ing for decisions in situations that are not covered by a defined Firewall rule) should be displayed. In both cases you can assign the specific right to one of the following user groups: Administrator – controls the PC completely and has the right of assigning every user to groups with specifically defined authorities.
List of adapters, areas and assigned profiles - in this list you can find an overview of the detected adapters and areas. To each of them you can assign a specific profile from the menu of defined profiles. To open this menu, left-click the respective item in the list of adapters (in the Assigned profile column), and select the profile from the context menu.
The Intrusion Detection System (IDS) settings dialog offers these configuration options: Block (Port scan and ARP attacks) attackers for defined time period - here you can specify for how many seconds a port be blocked, whenever a suspicious communication attempt is detected on it. By default, the time interval is set to 1800 seconds (30 minutes). Block Port Scan (on by default) – check the box to block communication attempts over all TCP and UDP ports coming to the computer from outside.
11.5. Logs The Logs dialog allows you to review the list of all logged Firewall actions and events with a detailed description of relevant parameters (event time, application name, respective log action, user name, PID, traffic direction, protocol type, numbers of the remote and local ports, etc.) on four tabs: Traffic Logs - offers information about activities by all application that have tried to connect to the network.
Refresh list - all logged parameters can be arranged according to the selected attribute: chronologically (dates) or alphabetically (other columns) - just click the respective column header. Use the Refresh list button to update the currently displayed information. Delete logs - press to delete all entries in the chart. 11.6. Profiles In the Profiles' settings dialog you can find a list of all profiles available: System profiles (Allow all, Block all) cannot be edited.
Export profile - records the selected profile's configuration into a file that will be saved for possible further use. Import profile - configures the selected profile's settings based on the data exported from the backup configuration file. In the bottom section of the dialog you can find the description of a profile that is currently selected in the above list.
Enable Virtual Machines Bridged networking (off by default) - tick this item to allow virtual machines in VMware to connect directly to the network. Use behavior detection for traffic qualification (on by default) - mark this option to allow the Firewall to use the Identity Protection functionality when evaluating an application Identity Protection can tell whether the application shows any suspicious behavior, or it can be trusted and allowed to communicate online.
11.6.2. Defined Networks The Defined networks dialog offers a list of all networks that your computer is connected to. The list provides the following information on every detected network: Networks - provides name list of all networks that the computer is connected to.
Within this dialog, you can specify the Network name, provide the Network description and possibly assign the network as safe. The new network can be either defined manually in a standalone dialog opened via the Add IP button (alternatively Edit IP / Delete IP), within this dialog you can specify the network by providing its IP range or mask.
11.6.3. Applications The Applications information dialog lists all installed applications that might need to communicate over the network and icons for the assigned action: The applications in the List of applications are those detected on your computer (and assigned respective actions).
Apart from applications, the list also contains two special items: Priority Application Rules (at the top of the list) are preferential, and are always applied prior to the rules for any individual application. Other Applications Rules (at the bottom of the list) are used as a "last instance", when no specific application rules apply, e.g. for an unknown and undefined application.
In the Page actions dialog, you can define the settings for the respective application in detail: Control buttons Two control buttons are available at the top of the dialog: Back to the list - press the button to display the overview of all defined applications rules. Delete this rule - press the button to erase the currently displayed application rule.
Allow for all - allows the application to communicate over all defined networks and adapters without limitations. Allow for safe - only allows the application to communicate over networks defined as safe (trustworthy). Block - forbids automatic communication; the application will not be allowed to connect to any network. Ask - displays a dialog enabling you to decide whether you want to allow or block the communication attempt at that moment.
List of system services and protocols The chart consists of the following columns: Log rule action - This box enables you to switch on recording for each rule application in the logs. System service and protocols - This column shows the name of the respective system service.
Please bear in mind that detail rule settings are advanced and primarily intended for network administrators who need full control over Firewall configuration. If you are not familiar with types of communication protocols, network port numbers, IP address definitions etc., please do not modify these settings! If you really need to change the configuration, please consult the respective dialog help files for specific details.
12. AVG Scanning By default, AVG Internet Security 2012 does not run any scans, as after the initial one, you should be perfectly protected by the resident components of AVG Internet Security 2012 that are always on guard, and do no let any malicious code get into your computer. Of course, you can schedule a scan to run at regular intervals, or manually launch a scan according to your needs any time. 12.1. Scanning Interface The AVG scanning interface is accessible via the Scan options quick link.
Scan history - displays the Scan results overview dialog with the entire history of scanning View Virus Vault - opens a new window with the Virus Vault - a space where detected infections are quarantined 12.2. Predefined Scans One of the main features of AVG Internet Security 2012 is on-demand scanning. On-demand tests are designed to scan various parts of your computer whenever suspicion about possible virus infection arises.
Scan configuration editing You have the option of editing the predefined default settings for the Whole computer scan. Press the Change scan settings link to get to the Change scan settings for Whole Computer scan dialog (accessible from the scanning interface via the Change scan settings link for the Whole computer scan). It is recommended that you keep the default settings unless you have a valid reason to change them! A V G I nternet Sec urity 2 0 1 2 © 2 0 1 2 C opyright A V G T ec hnologies C Z, s .r.
Scanning parameters - in the list of scanning parameters you can switch on/off specific parameters as needed: o Heal / remove virus infection without asking me (on by default) - If a virus is identified during scanning it can be healed automatically if a cure is available. If the infected file cannot be healed automatically, the infected object will be moved to the Virus Vault.
o Scan inside archives (off by default) - This parameter specifies that scanning should check all files stored inside archives, e.g. ZIP, RAR, ... o Use Heuristics (on by default) - Heuristic analysis (dynamic emulation of the scanned object’s instructions in a virtual computer environment) will be one of the methods used for virus detection during scanning. o Scan system environment (on by default) - Scanning will also check the system areas of your computer.
All file types with the option of defining exceptions from scanning by providing a list of comma separated file extensions that should not be scanned; Selected file types - you can specify that you want to scan only files that can be infected (files that cannot get infected will not be scanned, for instance some plain text files, or some other non-executable files), including media files (video, audio files - if you leave this box uncheck ed, it will reduce the scanning time even more, because these files a
Scan launch The Scan of specific files or folders can be launched directly from the scanning interface by clicking on the scan's icon. A new dialog called Select specific files or folders for scanning opens. In the tree structure of your computer select those folders you want to scan. The path to each selected folder will be generated automatically and appear in the text box in the upper part of this dialog.
Scanning parameters - in the list of scanning parameters you can switch specific parameters on/off as needed: o Heal / remove virus infection without asking me (on by default) - if a virus is identified during scanning it can be healed automatically if a cure is available. If the infected file cannot be healed automatically, the infected object will be moved to the Virus Vault.
o Scan inside archives (on by default) - this parameters defines that scanning should check all files stored inside archives, e.g. ZIP, RAR, ... o Use Heuristics (on by default) - heuristic analysis (dynamic emulation of the scanned object’s instructions in a virtual computer environment) will be one of the methods used for virus detection during scanning. o Scan system environment (off by default) - scanning will also check the system areas of your computer.
audio files - if you leave this box uncheck ed, it will reduce the scanning time even more, because these files are often quite large and are not lik ely to be infected by a virus). Again, you can specify by extensions which files should always be scanned. Optionally, you can decide to Scan files without extension - this option is on by default, and it is recommended that you keep it so unless you have a real reason to change it.
Within Windows Explorer highlight the file (or folder) you want to check Right-click your mouse over the object to open the context menu Select the Scan with AVG option to have the file scanned with AVG Internet Security 2012 12.4. Command Line Scanning Within AVG Internet Security 2012 there is the option of running the scan from the command line. You can use this option for instance on servers, or when creating a batch script to be launched automatically after the computer boot.
avgscanx /parameter /parameter .. with multiple parameters these should be lined up in a row and separated by a space and a slash character if a parameter requires specific value to be provided (e.g. the /scan parameter that requires information on the selected areas of your computer that are to be scanned, and you have to provide an exact path to the selected section), the values are separated by semicolons, for instance: avgscanx /scan=C:\;D:\ Scanning parameters To display a complete overview of availab
/TRASH Move infected files to the Virus Vault /QT Quick test /LOG Generate a scan result file /MACROW Report macros /PWDW Report password-protected files /ARCBOMBSW Report archive bombs (repeatedly compressed archives) /IGNLOCKED Ignore locked files /REPORT Report to file /file name/ /REPAPPEND Append to the report file /REPOK Report uninfected files as OK /NOBREAK Do not allow CTRL-BREAK to abort /BOOT Enable MBR/BOOT check /PROC Scan active processes /PUP Report Potentially unwa
/CLOUDCHECK Check for false positives /ARCBOMBSW Report re-compressed archive files 12.5. Scan Scheduling With AVG Internet Security 2012 you can run scan on demand (for instance when you suspect an infection has penetrated your computer) or based on a scheduled plan. It is highly recommended that you run the scans based on a schedule: this way you can make sure your computer is protected from any possibility of getting infected, and you will not have to worry about if and when to launch the scan.
You can edit / add scans using the following control buttons: Add scan schedule - the button opens the Settings for scheduled scan dialog, Schedule settings tab. In this dialog you can specify the parameters of the newly defined test. Edit scan schedule - this button can only be used if you have already previously selected an existing test from the list of scheduled tests. In that case the button appears active and you can click it to switch to the Settings for scheduled scan dialog, Schedule settings tab.
On the Schedule settings tab you can first check/uncheck the Enable this task item to simply deactivate the scheduled test temporarily, and switch it on again as the need arises. Next, give a name to the scan you are about to create and schedule. Type the name into the text field by the Name item. Try to use brief, descriptive, and apt names for scans to make it easier to later recognize the scan from others.
There are two control buttons available on all three tabs of the Settings for scheduled scan dialog (Schedule settings, How to scan and What to scan) and these have the same functionality no matter on which tab you currently are: Save - saves all changes you have performed on this tab or on any other tab on this dialog and switches back to the AVG scanning interface default dialog.
risk, some of these programs can be installed intentionally. We recommend that you keep this feature activated as it increases your computer security. Report enhanced set of Potentially Unwanted Programs (off by default): mark to detect extended packages of spyware: programs that are perfectly ok and harmless when acquired from the manufacturer directly, but can be misused for malicious purposes later.
o Computer shutdown options - decide whether the computer should be shut down automatically once the running scanning process is over. Having confirmed this option (Shutdown computer upon scan completion), a new option activates that allows the computer to shut down even if it is currently locked (Force shutdown if computer is locked).
Control buttons There are two control buttons available on all three tabs of the Settings for scheduled scan dialog ( Schedule settings, How to scan, and What to scan) and these have the same functionality no matter on which tab you currently are: Save - saves all changes you have performed on this tab or on any other tab on this dialog and switches back to the AVG scanning interface default dialog.
On the What to scan tab you can define whether you want to schedule scanning of the whole computer or scanning of specific files or folders. In case you select scanning of specific files or folders, in the bottom part of this dialog the displayed tree structure activates and you can specify the folders to be scanned (expand items by click ing the plus node until you find the folder you wish to scan). You can select multiple folders by checking the respective boxes.
Control buttons The same two control buttons are available on all three tabs on the Settings for scheduled scan dialog (Schedule settings, How to scan, and What to scan): Save - saves all changes you have performed on this tab or on any other tab on this dialog and switches back to the AVG scanning interface default dialog. Therefore if you wish to configure the test parameters on all tabs, press the button to save them only after you have specified all of your requirements.
- blue icon announces there was an infection detected during the scan but the infected object was removed automatically - red icon warns there was an infection detected during the scan and it could not be removed! Each icon can either be solid or cut in half - the solid icon stands for a scan that was completed and finished properly; the cut-in-half icon means the scan was canceled or interrupted.
Infections - this tab is displayed only if a virus infection was detected during scanning Spyware - this tab is displayed only if spyware was detected during scanning Warnings - this tab is displayed for instance if cookies were detected during scanning Rootkits - this tab is displayed only if rootkits were detected during scanning Information - this tab is displayed only if some potential threats were detected but these cannot be classified as any of the above categories; then the tab provides a warning me
Control buttons There is only one control button available in this dialog. The Close results button returns to the Scan results overview dialog. 12.7.2. Infections Tab The Infections tab is only displayed in the Scan results dialog if a virus infection was detected during scanning.
o Added to PUP exceptions - the finding was evaluated as an exception and added to the list of PUP exceptions (configured in the PUP Exceptions dialog of the advanced settings) o Locked file - not tested - the respective object is locked and AVG is therefore unable to scan it o Potentially dangerous object - the object was detected as potentially dangerous but not infected (it may contain macros, for instance); the information should be taken as a warning only o Reboot is required to finish the action - the
12.7.3. Spyware Tab The Spyware tab is only displayed in the Scan results dialog in if spyware was detected during scanning.
o Potentially dangerous object - the object was detected as potentially dangerous but not infected (it may contain macros, for instance); the information is a warning only o Reboot is required to finish the action - the infected object cannot be removed, to remove it completely you have to restart your computer Control buttons There are three control buttons available in this dialog: View details - the button opens a new dialog window named Detailed object information: In this dialog you can find detailed
This is a brief description of the most common examples of such objects: Hidden files - the hidden files are by default not visible in Windows, and some viruses or other threats may try to avoid their detection by storing files with this attribute. If AVG Internet Security 2012 reports a hidden file which you suspect to be malicious, you can move it to your Virus Vault.
Hidden extension - files with hidden extensions may appear to be e.g. pictures, but in fact they are executable files (e.g. picture.jpg.exe). The second extension is not visible in Windows by default, and AVG Internet Security 2012 reports such files to prevent them being opened accidentaly. Improper file path - if an important system file is running from other than the default path ( e.g. winlogon.exe running from other than Windows folder), AVG Internet Security 2012 reports this discrepancy.
Severity - in case you decided to install the Identity Protection component within your AVG Internet Security 2012, a graphical identification of the respective finding severity on a fourlevel scale from unobjectionable ( ) up to very dangerous ( ) will be provided in this section; and the information on the infection type (based on their infection level - all listed objects can be positively or potentially infected) Virus Name - specifies the name of the detected infection according to the Virus Encycloped
Delete - removes the infected file from the Virus Vault completely and irreversibly Empty Vault - removes all Virus Vault content completely. By removing the files from the Virus Vault, these files are irreversibly removed from the disk (not moved to the recycle bin ). A V G I nternet Sec urity 2 0 1 2 © 2 0 1 2 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
13. AVG Updates No security software can guarantee true protection from various types of threats unless it is regularly updated! Virus writers are always looking for new flaws that they can exploit in both software and operating systems. New viruses, new malware, new hacking attacks appear daily. For this reason, software vendors are continually issuing updates and security patches, to fix any security holes that are discovered.
Note: Before each AVG program update launch, a system restore point is created. If the update process fails and your operating system crashes you can always restore your operating system to its original configuration from this point. This option is accessible via the Windows menu: Start / All Programs / Accessories / System tools / System Restore. Recommended for experienced users only! 13.3.
14. Event History The History dialog is accessible from the system menu via the History/Event History Log item. Within this dialog you can find a summary of important events that occurred during AVG Internet Security 2012 operation.
Control buttons Empty list - press the button to deletes all entries in the list of events Refresh list - press the button to updates all entries in the list of events A V G I nternet Sec urity 2 0 1 2 © 2 0 1 2 C opyright A V G T ec hnologies C Z, s .r.o. A ll rights res erved.
15. FAQ and Technical Support Should you have any sales or technical trouble with your AVG Internet Security 2012 application, there are several ways to obtain help. Please chose from the following options: Get Support: Right within the AVG application you can reach a dedicated customer support page on the AVG website (http://www.avg.com/). Select the Help / Get Support main menu item to get redirected to the AVG website with available support avenues.
well-organized way into sales, technical, and virus categories. About viruses & threats: A specific part of the AVG website (http://www.avg.com/) is dedicated to virus issues (the webpage is accessible from the main menu via the Help / About Viruses and Threats option). In the menu, select Support Center / About viruses & threats to enter a page providing a structured overview of information related to online threats.
