For the LGBTI community in the Middle East and North Africa
24 November, 2014
avast! - anti-malware
avast! is a full-featured anti-malware program that detects and removes malware from your computer or removable storage device. Although avast! is free for non-commercial use a personal computer, your free copy must be registered after installation. If you do not register avast! within 30 days, both the software itself and the list of malware that it can recognize will quickly become out of date.
Also if you can afford to purchase a commercial version of the anti-virus software for Microsoft Windows it may offer you more complete protection.
Although operating systems like GNU Linux and Mac OS are more resistant towards viruses, there are compelling reasons for installing an anti-malware program on them. Firstly, there is increasing number of viruses created for these operating systems, and secondly, you may risk spreading viruses that run on MS Windows unknowingly, even if your own system remains immune to them.
Mac OS or Google Android users can install free versions of Avast!, Avira or AVG.
At present, unfortunately, there are no anti-virus programs that we are comfortable recommending for Linux. We see this as a strong insecurity and increasing need for Linux operating system.
1.1 Things you should know about avast! before you start
Computer viruses are malicious programs that can destroy files, spy on your activity, slow your computer down and use your address book to locate and infect other computers. avast! can protect your system against viruses that might infect your computer through downloads from the Internet, email attachments, or transfers from removable media (CDs, DVDs, USB memory sticks, etc).
Make sure that you do not have two anti-virus programs installed and running at the same time. If you are currently using a different program and you want to switch to avast!, you must first uninstall the other anti-virus program before installing avast!.
New malware and viruses are being developed all the time. The avast! database and program itself must be kept up-to-date to effectively protect your computer.
Among the more insidious viruses are those which can actually prevent the installation or running of avast!, and/or viruses that avast! can fail to detect and delete. In these kinds of situations, fairly advanced methods are required, and some of those are discussed in the Advanced Virus Removal Methods section.
Step 1. Double click . The Open File - Security Warning dialog box may appear. If it does, clickYes to activate avast! Installation as follows:
Figure 1: The Free Antivirus Setup-avast! Installation screen
Step 2. UnselectYes, install Dropbox as shown in figure 1 and click .
Note: Selecting Custom installation will allow you to change language settings for your avast!. Otherwise you are able to use Regular installation.
Step 3 Accept the default installation folder and click to activate the following dialog box:
Figure 2: The 'Which components do you want to install?' window
Step 4Select a language, accept all other defaults and click .
Step 5 After reading the license agreement click at the Please Do Not Skip - Read it Carefully screen to begin the installation. The opt-out option will be discussed later in this chapter.
Figure 3: Install the product window
Step 6Click to complete the installation. avast! will launch a quick scan of your computer as shown below:
Figure 4: !avast quick scan
Note Refer to section 4.7 How to Deal with Viruses if !avast detects infected files during the quick scan shown in figure 4.
Once the quick scan has completed, the !avast homepage will display as shown in the screen below. You have now completed the install of !avast.
Figure 5: Thank you for installing !avast Free Antivirus
Important You must register your copy of the software, to ensure that the software engines, virus definitions and the program itself are updated on a regular basis. This is described in the next section.
During the avast! installation process, avast! will automatically enable the Participate in the avast! community option. For reasons of internet privacy and security, it is recommended that you disable this option as shown in the following steps:
Step 1. Click from the left hand column of the avast! home screen.
Step 2. From the General tab unselect the Participate in the Avast community as shown in the following screen:
Figure 13: The Participate in the Avast community screen
Once avast! is installed and running on your computer, you can configure the options below as required.
By default, avast!Mail Shield tool will scan all email including SSL/TLS encrypted connections. This can can cause issues for some email clients such as Thunderbird. SSL scanning of email connections can be disabled to prevent avast! from interfering with email clients.
Step 1. Click from the left hand column of the !avast home screen
Step 2. Click and selectMail Shield and Customize as shown below.
Figure 14: Mail Shield - Customise
Step 3. Click and unselectSSL Scanning as shown below.
avast! runs silently in the background on your computer, automatically downloading and updating its virus definitions every time you connect to the Internet. However, in situations where your internet access is discontinuous, restricted or temporary in some way, performing a manual update may be necessary.
There are two ways of updating avast! manually: The first is through the avast! main user interface, and the second is through a pop-up menu that appears whenever you right click the avast! icon located in the System Tray.
Note: It is advisable not to disable automatically download updates unless necessary.
Browser Cleanup can detect and remove unwanted or malicious add-ons installed in your computers Internet browsers. Such add-ons can spy on your activity, cause an annoyance and slow down your browser. To review and remove unwanted add-ons:
Step 1. Click from the left hand column of the avast! main screen.
Step 2. Click to activate the Browser Cleanup as shown below:
Figure 9 : Browser Cleanup screen
Step 3. Select the browser icon from the left hand menu to show add-ons per browser as shown below:
Figure 10 : Add-ons listed for Internet Explorer
Step 4. Click for the chosen add-on.
Step 5. ClickYes at the prompt Do you really want to permanently remove these add-ons to activate the screen below:
Rescue Disk allows you to create the USB or CD which you can use to start your computer with. This USB/CD contains avast! installation. To create the rescue disk your computer needs to be connected to the internet. But after the rescue disk is ready you can use it to scan any computer even if it is not connected to the Internet. This is useful in a situation when a different computer is infected with a virus that prevents normal functioning of the computers system, avast! or other anti-virus program. The Rescue Disk and the Boot-time Scan options are the most complete and thorough scan of a computer system avast! has to offer. The steps below describe how to create a Rescue Disk using a USB flash drive.
NoteRescue Disk requires downloading large files from the Internet. It also requires an empty USB flash drive with a minimum of 500MB size or a CD/DVD and CD/DVD writer.
Step 1. Click from the left hand column of the !avast main screen.
Step 2. Click to activate the Rescue Disk option as shown below:
Figure 12 : Rescue Disk screen.
Step 3. Click to activate the screen shown below:
Figure 13 : Create Rescue Disk
Step 4. Click and then to begin creating a Rescue Disk as shown below.
Figure 14 : Creating a Rescue Disk
Note: A Rescue Disk can take up to 30 minutes to create.
There are two basic parts to dealing with malware and other assorted viruses when using avast!. The first is scanning your computer to identify such threats. The second involves either deleting or moving such threats to the avast!Virus Chest. Deleting and/or moving malware and viruses to the Virus Chest effectively prevents them from interacting with other programs or files on the computer.
It may seem unusual to store malware or viruses in the Virus Chest. However, if they have attached themselves to important or sensitive information, you may want to recover or save that infected document, file or program as far as possible. Also in rare instances, avast! may misidentify legitimate files or programs as being malware or a virus, events referred to as 'false positives', those files or programs might be important to you or your computer operation, and you may want to examine them carefully, cure and recover.
The avast!Virus Chest is an electronic 'dead zone' or 'quarantine', where you can examine the virus and determine its potential threat by either researching it on the Internet, or submitting it to a virus laboratory - an option available in avast! when you right-click a virus listed in the Virus Chest. Double clicking a virus in the Virus Chest will not activate or run the malware or virus because the Virus Chest keeps it isolated from the rest of your system.
Tip: Alternatively, you can transfer important or sensitive information to the avast!Virus Chest to keep it safe during a virus attack.
There are a number of precautions you can take to limit hostile or malicious threats to your computer system; for instance using updated anti-virus or anti-spyware programs like avast! and Spybot, avoiding dubious or problematic web sites or documents sent to you, or exercising extreme cation when inserting removable media to your computer. Please read more about those steps under Preventing virus infection in the Protect your device from malware and hackers guide. However, despite the precautions we sometimes find our computer infected by a virus. The following points are offered for consideration when dealing with a virus attack:
Disconnect your computer from the Internet or the local network - physically. If you have a wireless connection, disconnect your computer from the wireless network itself. If possible, switch off and/or remove your wireless card. You should disconnect from the Internet all computers that are sharing a local network with your computer.
Schedule a boot-time scan for all computers on the local network. Write down the names of any viruses that you find, so that you can research them - and then delete them, or move them to the avast!Virus Chest. To learn how to perform a boot-time scan, please refer to the Perform a Boot-time Scan section.
Even if a virus has been either deleted or repaired, repeat the previous step, and run boot-time scans on all computers, until avast! no longer displays any warning messages. Depending on the severity of the malware or virus attack, you may not have to perform a boot-time scan more than once.
The avast! main user interface displays numerous tabs on the left side of the window including: Overview, Scan, Tools, and Settings. All the Scan, Tools and Settings tabs contain a menu of items discussed below.
To launch the main user interface click from the system tray (usually bottom-right corner of your computer screen):
Figure 1: The Main User Interface
The following list briefly describes the functions of the main tabs and sub menus:
Overview: The main user interface page displays the working status of avast!.
Scan: This tab can be used to launch different scanning options including:
Smart scan can perform scans below one-by-one;
Scan for viruses like: Quick Scan, Full System Scan, Removable Media Scan, Select Folder to Scan and Boot-time Scan - discussed in details below;
Scan for outdated software;
Scan for network threats can check the security configuration of your home router and advise of settings that may need to be updated;
Scan for performance issues - is only fully available in paid version of avast!.
Tools: This tab features a sub menu of tools including Software Update, Browser Cleanup and Rescue Disk described in Additional features of avast!.
Settings: This tab features a menu including General, Active Protection, Antivirus and Update as described below:
General includes a section on 'Maintenance' were you can configure the Logs and Virus Chest size and history.
Active Protection menu allows you configure settings for File System, Mail and Web scanning. Note it is recommended that you do not change the default settings unless you understand the impact of enabling/disable specific settings.
Antivirus menu allows you to configure global settings for scanning including Exclusions and Alerts.
In this section, you will learn about the available scan options, and how to use them. You will also learn how to perform a full system scan and a folder scan, as well as a boot-time scan.
The Scan pane displays the five scan options available in avast!; to view them:
Step 1. Click
Step 2. Click to activate the following screen:
Figure 2: The Scan tab displaying the default Quick Scan option
The following brief descriptions will help you to choose the appropriate scan option:
Quick scan: This option is recommended for users with a limited amount of time in which to scan for a potential or suspected threat.
Full system scan: This option is recommended when users have sufficient time to schedule a thorough scan of your system. It is also recommended if this is the first time you are using an anti-virus software on your computer. The duration of this scan depends on the number of documents, files, folders and hard drives on your computer, and the computer speed. Please refer to the Perform a full system scan section.
Removable media scan: This option is recommended for scanning external hard drives, USB flash drives, and other media, particularly those which are not your own. It will scan any removable device for malicious programs that automatically run whenever the device is connected.
Select folder to scan: This option is recommended for scanning either a specific folder or multiple folders, especially if you know or suspect, that a particular file or folder might be infected. Please refer to the Perform a folder scan section.
Boot-time scan: The boot-time scan lets you perform a full scan of your hard drive before the Microsoft Windows operating system fully starts running. This option is recommended for a complete and thorough scan of your computer system and may require some time. Please refer to section Perform a boot-time scan section.
Tip: Clicking lets you see and refine the details of the given scan, for instance, the areas being scanned.
Step 1. Select Select folder to scan option from the menu (see figure 2 above).
Step 2. Click to activate the following screen:
Figure 5: The Select the areas dialog box
The Select the areas dialog box lets you specify the folder you would like to scan. You can select more than one folder for scanning purposes. As you check the boxes besides each folder, the folder path is displayed in the Selected paths: text field.
Step 3. Click to begin scanning your folders, and activate the following screen:
Figure 6: The Folder scan in progress.
Tip: avast! lets you scan individual folders though a pop-up menu that appears whenever you right-click on a folder. Simply Select Scan... which appears besides the name of the folder you would like to scan for viruses.
If the folder scan has revealed any threats click on button to open result page. please refer to the Dealing with Viruses section for further steps.
The avast! boot-time scan lets you perform a full scan of your hard drive before the Microsoft Windows operating system fully starts running. At the moment the boot-time scan is performed, all (or majority) of malware programs and viruses are still dormant, that is, they have not had the opportunity to activate themselves, or interact with other system processes yet. As such, they may be easier exposed and removed. The boot-time scan also directly accesses the disk, bypassing the drivers for the Windows file system, which may be infected. This further helps find more viruses and 'rootkits' - the name for a particularly malignant form of malware.
It is strongly recommended that you run a boot-time scan even if there is only a remote suspicion that your computer system may be compromised or infected. The boot-time and rescue disk scans (described in the Rescue Disk section) are the most thorough scans that avast! has to offer. The boot-time scan may require some time, depending on your computer speed and the amount of data and number of hard drives you may have.
To scan your system at boot time, perform the following steps:
Step 1. Click to activate the Scan pane.
Step 2. Select option from the drop down menu.
Step 3. Click to schedule a boot-time scan the next time you start your computer.
Step 3. Restart your computer to start scanning.
Note: A boot-time scan starts before the operating system and interface are fully loaded; as such the progress of the scanning is displayed in the text on your screen as follows:
Figure 7: The avast! Boot-time scheduled scan
avast! will prompt you for a response if viruses are detected. You select possible actions by pressing keys with appropriate numbers on your keyboard. We recommend that you select key 2Fix all automatically to let avast! deal with all the viruses automatically.
Note that moving infected file to the virus chest or removing it may result in some information or functionality of your system being inaccessible. In extreme situation, when a virus infected files vital for the functioning of the operating system, moving to chest or removing this file may result in your computer not being able to successfully start operating system again.
The previous sections demonstrated how to scan for viruses using avast!. If it finds a virus, avast! will let you know as shown in figure 8. To begin dealing with any malware or viruses detected during a scan, perform the following steps:
Figure 8: The Scan completed - threat detected
Step 1. Click to activate the following screen:
Figure 9: The SCAN RESULTS window displaying THREAT DETECTED! warning
Step 2. To display the drop-down list of possible actions to be applied, click the arrow beneath Actions as shown below.
Figure 10: Actions - Move to chest
Note: In this exercise, we are concerned with moving infected files to the Quarantine(Virus Chest). However, the drop-down list displays three other options and they are described below:
Repair: This action will attempt to repair the infected file.
Delete: This action will delete - permanently - the infected file.
Do nothing: This action means exactly what it says, and is definitely not recommended for treating potentially harmful malware or virus threats.
Step 3. Select the Move to Chest item, and then click .
Figure 11: The detected threat has been moved to the Quarantine (Virus Chest)
avast! is also constantly monitoring the computer for viruses and malware in the background as you continue to work.
When avast! detects malware or a suspicious file, it will alert you with a message similar to the screen shot below.
Figure 12: The Virus found
The default action will move the file to the Quarantine (Virus Chest). The next section describes how to deal with any malware or viruses detected during a scan that have been moved to the Quarantine Virus Chest.
During the avast! installation process, the avast!Virus Chest was created on your hard drive. The Virus Chest is a special folder isolated from the rest of your computer system, and used to store malware and viruses detected during the scan, as well as infected or threatened documents, files or folders.
You can access content of the Virus Chest and decide how to deal with the files collected there:
Step 1. Click and click to activate the following screen:
Figure 13: The Virus Chest displaying one virus
Step 2: Right click on each item to display the menu of actions that can be applied to a selected file as follows:
Figure 14: The pop-up menu of actions for viruses in the Virus Chest
Note: Double clicking an item in the Virus Chest will not activate, open or run it. It will only display the file properties, basically the same information you would obtain by selecting Properties from the pop-up menu.
The following list describes the actions used to deal with viruses in the pop-up menu as follows:
Delete: The file will be deleted from the Virus Chest irreversibly.
Restore: The file will be restored to its original location.
Extract: The file will copied to a folder you will specify.
Scan: The file will be scanned.
Submit to virus lab...: Selecting this option will activate a virus submission form for you to fill out and submit the file for further analysis to avast! company lab. Do not submit files that may contain sensitive information!
Properties: This option will reveal more details about the file.
Add...: This option lets you browse your system for other files you would like to add to the Virus Chest. This is potentially very useful if you have files you would like to protect during a virus outbreak.
Refresh all files: This option will update the list of the files in the Virus Chest, so that you will be able to view the latest files.
Sometimes the protection offered by avast!, Comodo Firewall and Spybot is simply not sufficient; despite best efforts, our computer system may become infected by malware and other viruses. In the Short guide to dealing with virus outbreaks, a few methods were offered for dealing with persistent malware and viruses. However, there is more that can be done to eliminate such threats from your computer.
Method A: Using Anti-malware Rescue CDs/DVDs or USB
Some anti-malware software companies offer a free anti-virus 'rescue' CD/DVD. These can be downloaded in ISO image format (that is, a format that can be easily burned onto a CD or DVD or put on USB memory).
To begin using these anti-malware rescue CDs/DVDs/USB, perform the following tasks:
Download specific rescue ISO (see the list below) and burn the anti-malware rescue program to a CD/DVD or put it on USB. You can use free program like ImgBurn to burn the image to the disk. Or you can use free program like Universal USB Installer to put the image on the USBNote: It is best to perform this step on some other, not infected computer if you can.
Insert the disk to CD/DVD player or connect USB to infected computers, and then restart your computer from this USB or CD/DVD. Often you can do this by pressing key F10 or F12 or Esc on your keyboard just after switching on the computer. Pay special attention to the instruction on the screen of your computer while it starts to learn how to do this on your computer. Search in the internet for the instructions on how to start (boot) your computer from USB or CD/DVD. Instructions may differ for each computer.
Once the infected computer starts from the USB/CD/DVD re-connect it to the Internet so that the anti-malware rescue program will be able to update its virus definitions if necessary.
It may be better to connect to the Internet using cable connection if available.
Begin scanning your computer hard drives to remove infections and malware threats.
The following is a list of anti-virus rescue images available for free:
Note: You can use each tool listed above separately to maximise your ability to effectively clean your computer.
Method B: Re-Installing the Microsoft Windows Operating System
In rare instances, a virus infection can be so destructive that the software tools recommended earlier may be rendered useless. In situations like this, we recommend that you perform the following tasks:
Note: Before you begin, make sure you have all the appropriate license or serial numbers, and installation copies for the MS Windows operating system and other programs you require. This procedure may be time consuming but worth the effort if you can't eliminate malware and virus threats the other way.
Create a backup copy of all your personal files on the computer.
Reinstall the Microsoft Windows operating system formatting the entire disk.
Update the Microsoft Windows operating system after the installation has been completed.
Install avast! (or your preferred anti-virus program) and update it.
Install whatever programs you require. Remember to download the latest versions and all the updates for each program. Note: Under no circumstances should you connect your backup disk to your computer before you have successfully performed these tasks. You might risk infecting your computer again.
Connect your backup disk to your computer and scan it thoroughly to detect and eliminate any existing problems.
After you have detected and deleted any problems, you may copy your files from the backup disk to the computer hard drive.
Smart Scan can perform several scans discussed in this chapter all at once. This is a convenient way to run a 'health check' for malware detection, software updater and network security. In the example below, Smart Scan detects some out of date software that requires updating.
Step 1. Click and to activate the screen shown below:
Figure 19 : Smart Scan
When Smart Scan has completed, the status of each scan will be displayed as shown in the screen below.
Figure 20 : Smart Scan - Issues found
Step 2. Click to begin reviewing any issues detected. Note GrimeFighter is not available in the free version of avast!
Figure 21 : Software Updater screen
Step 3. Click to begin updating each application that needs this.
Figure 22: Software updated
Step 4. Follow steps 1 to 3 above to reassess the health of your computer.
Q: If I have to use a computer in an Internet café that doesn't have a virus cleaner installed on it, how can I be sure that my documents will not be infected?
A: Using public computers is always risky, as you have no way of knowing what kinds of malicious software may be lurking on them. Avoid using public computers for private or sensitive work unless you have absolutely no other alternative.
Q: I have several computers on a network - but a slow Internet connection. How can I download the virus definition updates and share them with all of my computers?
A: You can download the latest virus definition updates (VPS - Virus Protection Software) from avast! website. Make sure you download updates for your program version. After downloading the update file, use it on each computer needing updates.
Q: What happens to the files in the Virus Chest if I uninstall avast!?
A: All files in the Virus Chest will be deleted if you uninstall the program.
How can you scan a specific folder for viruses in avast!?
For how many days will an unregistered copy of avast! work?
Is it possible to move a document that is not infected by a virus to the Virus Chest?
What is the difference between deleting a virus and moving it to the Virus Chest?
What is the difference between a boot-time scan and a full-system scan?