PDF Avira AntiVir Personal (UNIX)
Contents
1. shown before a tip that makes it easier to understand and use AntiVir For improved legibility and clear marking the following types of emphasis are also used in the text Emphasis in text Explanation Ctrl Alt Key or key combination 1 4 usr lib AntiVir guard avscan Path and filename ls usr lib AntiVir guard User entries http www avira com URLs Signs and Symbols Page 4 Cross reference within the document Abbreviations The manual uses the following abbreviations Avira GmbH Abbreviation Meaning CLS Command Line Scanner FAQ Frequently Asked Question GUI Graphical User Interface SMTP Simple Mail Transfer Protocol VDF Virus Definition File Avira AntiVir Personal UNIX 2 Product Information Avira GmbH UNIX computers are more often used as file servers or email gateway servers Thus they transfer and store files that have no connection to UNIX e g Office documents and email attachments So viruses can access a server through a Windows Client and freely cause damage isolation infected Server virus free files Avira AntiVir Personal is a comprehensive and flexible tool for confronting viruses and unwanted programs and for reliable protection of your systems Losing valuable files usually has dramatic consequences Not even the best antivirus software can fully protect you2. Page 33 gt Type the command install Please note the dot and slash in the command syntax Typing the command without this path specification leads to another command which is not related to AntiVir installation process and this would result in error messages and unwanted actions Press q to close the license text view 4 The installation script starts After you agree with the license terms it will copy the program files Do you agree to the license terms n y copying install list guard to usr lib AntiVir guard done copying AV WKS PERS to usr lib AntiVir guard done copying LICENSE to usr lib AntiVir guard LICENSE workstation done 1 installing AntiVir Core Components Engine Savapi and Avupdate copying uninstall to usr lib AntiVir guard done copying etc file list to usr lib AntiVir guard done installation of AntiVir Core Components Engine Savapi and Avupdate complete Avira AntiVir Personal UNIX 9 L gt After you type the path to the key file the installer continues with updates configuration 2 Configuring updates An internet updater is available Would you like to create a link in usr sbin for avupdate guard y gt Type y and confirm with Enter L gt Then the script can create a daily cron task for automatic updates linking usr sbin avupdate guard done Would you like to setup Scanner update as cron task y The update cron j
3. The CLS is trying to repair infected files If this fails access is blocked The following option must be active RepairConcerningFiles yes It is not activated by default Action when detecting viruses or unwanted programs If RepairConcerningFiles is not set or repair is not possible access to the file is blocked and the action is logged The following options define the actions of the CLS check the user permissions e none or ignore no further action rename or ren renaming the file by adding the XXX extension delete or del delete the concerning file quarantine move the concerning file into quarantine directory if you have defined one see below You can select only one of these options If more than one is activated AntiVir applies the last one selected in the configuration file Default AlertAction none You have to define the quarantine directory if you want to use the quarantine option for AlertAction see above Default is QuarantineDirectory home quarantine Temporary location of CLS files Temporary files of the CLS are written in this directory Example TemporaryDirectory tmp Setting the on demand scanner behavior for symlinks Symbolic links are followed by default You can use this option to change the behavior Avira AntiVir Personal UNIX 19 FollowSymlink yes ScanMode Configuring files to be scanned This entry sets the procedure to determine whether a file is to be scan
4. Sege 7 1 Compiling Dazuko on your own 33 7 2 Known Issues with dazukofs escsessssssssseseseeseseeseeeesesceaeeceseceesecaesecaesecaecaeaecaesecaesesassesaeaeeeenees 34 8 Service eegene a e KEEN d d Hee EE 36 S 1 SUDDORE EE 36 PAON KaT aKo E eene AET 37 EE EE 37 9 Appendix Se Sege eege Keesen E GR e E 38 9 2 Further Information aia ea ei EE SA a oe AER 39 9 3 Golden Rules for Protection Against Viruses 0 sccssssessesesseteeseteeseneeseecseaenesacsesaseesseeeseeeeaeeees 40 Avira GmbH Avira AntiVir Personal UNIX 1 About this Manual In this Chapter you can find an overview of the structure and contents of this manual After a short introduction you can read information about the following issues e The Structure of the Manual Page 3 Signs and Symbols Page 4 1 1 Introduction 1 2 The Structure of the Manual Avira GmbH We have included in this manual all the information you need about Avira AntiVir Personal and it will guide you step by step through installation configuration and operation of the software The appendix contains a Glossary which explains the basic terms For further information and assistance please refer to our website to the Hotline of our Technical Support and to our regular Newsletter see Service Page 36 Your Avira Team The manual of your AntiVir software consists of a number of Chapters providing you with the following information Cha
5. available categories are adspy Software that displays advertising pop ups or software that very often with out the user s consent sends user specific data to third parties and might therefore be unwanted appl an application of dubious origin or which might be hazardous to use bdc the Control software for backdoors BDCs are generally harmless dial a Dial Up program for connections that charge a fee Its use might lead to huge costs for the user game a game that causes no damage on your computer e hiddenext a file with an executable extension hidden behind a harmless one e joke a harmless joke program present as file e pck a file compressed with an unusual runtime compression tool phish faked emails that are supposed to prompt the victim to reveal confidential information such as user accounts passwords or online banking data on certain web sites spr software that may compromise the security of your system initiate unwanted program activities damage your privacy or spy out your user behavior and might therefore be unwanted alltypes option to detect all supported malware types Syntax list of types separated by whitespace or colon DetectPrefixes lt type gt lt bool gt lt type gt lt bool gt Example DetectPrefixes adspy yes appl no bdc yes dial yes game no hiddenext no joke no pck no phish yes spr no Macrovirus Heuristics Activates the heuristics f
6. avupdate guard conf The settings affect the Avira Updater Updates ensure that Avira AntiVir Personal components Guard Scanner VDF and Engine which provide security against viruses or unwanted programs are always kept up to date With Avira Updater you can update Avira software on your computers using Avira update servers To configure the update process use the options in etc avira avupdate guard conf described below All parameters from avupdate guard conf can be passed to the Updater via command line For example parameter in avupdate guard conf temp dir tmp command line usr lib AntiVir guard avupdate guard temp dir tmp The list of Internet update servers internet srvs http dll pro antivir de http di2 pro antivir de http dl3 pro antivir de Specifies the master idx file Avira AntiVir Personal UNIX 22 install dir temp dir master file idx master idx Specifies the installation directory for updated product files install dir usr lib AntiVir guard Temporary directory for downloading update files temp dir tmp avira_update guard HTTP proxy settings proxy If you use an http proxy server for Internet updates you have to provide the following data proxy host proxy port proxy username proxy password Setting update email reports smtp notify when email to All reports on AntiVir updates are sent to the email address given in avupdate guard
7. extend AntiVir licenses quickly and safely The Online Shop guides you step by step through the order menu A multi lingual Customer Care Center explains the order process payment transactions and delivery Resellers can order by invoice and use a reseller panel 8 3 Contact Address Internet Avira GmbH Avira GmbH Lindauer Strasse 21 D 88069 Tettnang Germany You can find further information on us and our products by visiting http www avira com Avira AntiVir Personal UNIX 37 9 Appendix 9 1 Glossary Item Backdoor BDC cron daemon Daemon dazuko Dialer Engine Heuristic Kernel Logfile Malware Quarantine directory root SAVAPI Script Signature SMP Symmetric Multi Processing Avira GmbH Meaning A backdoor is a program infiltrated in order to steal data or to control the computer without the user s knowledge This program is manipulated by third parties using a backdoor client via the Internet or local network A daemon which starts other programs at specified times A background process for administration on UNIX systems On average there are about a dozen daemons running on a computer These processes usually start up and shut down with the computer See www dazuko org a cross platform device driver that allows applications to control file access on a system Paid dialing program When installed on your computer this program sets up a premium rate number Internet
8. notifications by email You can update Avira AntiVir entirely or only the scanner 2 4 System Requirements Avira AntiVir Personal asks for the following minimum system requirements on your computer 1386 Linux or Sparc SunOS processor e 100 MB free hard disk space 20 MB temporary disk space e 192 MB 512 MB on SunOS free memory space Linux with glibc SunOS You need sufficient disk space on your hard drive to save the temporary guard files We therefore recommend that there are at 2 least 4GB available for the temporary directory Officially supported distributions for Avira AntiVir Personal Red Hat Enterprise Linux 5 Desktop Red Hat Enterprise Linux 4 Desktop Novell SUSE Linux Enterprise Desktop 10 10 2 Novell SUSE Linux Enterprise Desktop 9 Debian GNU Linux 4 stable Ubuntu Desktop Edition 8 Sun Solaris 9 SPARC Sun Solaris 10 SPARC 2 5 Technical Information AntiVir Guard is based on DazukoF S http www dazuko org an open source software project DazukoFS is a kernel module which allows the AntiVir Guard daemon to access the files Avira GmbH Avira AntiVir Personal UNIX 7 3 Installation You can find the current version of Avira AntiVir Personal Free antivirus on www free av com AntiVir is supplied as a packed archive It contains AntiVir Engine Guard Command Line Scanner and the Avira Updater You will be guided step by step throughout the insta
9. owners Protected trademarks are not marked as such in this manual However this does not mean that they may be used freely Avira GmbH All rights reserved This manual was created with great care However errors in design and contents cannot be excluded The reproduction of this publication or parts thereof in any form is prohibited without previous written consent from Avira GmbH Errors and technical subject to RA AVIRA Issued Q1 2010
10. to repair these files Otherwise the program will delete them completely i e repairing tools will not recover them You can use the following options scan mode all Scans all files alert Deletes infected files action delete e alert Tries to repair the infected files and deletes the ones it could action delete not repair 0 In the following examples files are transformed or deleted Therefore OO important data may be lost If you want to delete all infected files from home myhome Check user permissions gt Type the command avscan scan mode all alert action delete home myhome If you want to repair infected files from home myhome and to delete the files that could not be repaired b Type the command avscan scan mode all alert action delete home myhome Avira AntiVir Personal UNIX 30 5 3 Reaction to Detecting Viruses Unwanted Programs If correctly configured Avira AntiVir Personal is set to deal automatically with all the tasks on your computer The infected file is repaired or at least deleted Ifit could not be repaired access to the file is blocked and according to the configuration the file is renamed or moved This eliminates all virus actions You should do the following gt Try to detect the way the virus unwanted program infiltrated your system gt Perform targeted scanning on the data storage supports you us
11. Avira AntiVir Personal unix User Manual Contents 1 About this Manual ee SEENEN See Seege O Ree et EE 3 1 2 The Structure of the Manual eege EEN 3 1 3 Signsand Syimbols idosas ass tos asia Eege iia DOR TTE 4 1 4 haben tee ee RU eee eR Ee 4 2 Product Information SANS EE EEN 5 Set ee ee Eege 6 EE ee CET 6 2 3 Modulesand Operating Mode peiser nine sous SEENEN a a E E a E 6 2ASystem E TE 7 2 5 Technical Information 3 r a a cisma senti oena Ras sian balan sb doa US RR aSa eE ESEE oE ASEE O FETES 7 3 Installation cccesccsseeee Misi sae penta Ee See E 3 1 Getting th Installation Filesi se edd ikini tenen eati dete 8 DZ LICENSING EE 8 3 3 Installing Anti EE 8 3 4 Reinstalling and Uninstalling Ant 13 4 Configuration ee seueiedaseseens SEENEN D LA 4 1 Configuration Fl ss ienaa e E e Ea e aa a A SEA E E a aaas 14 4 2 Testing AntiVir Pers na l aies o eeens eskeen aE E a E Aa N a ido a a e E duda 24 5 Operation 0 ccsceseccccseccvecessesses dee Kee Eege d e 25 5 1 Scanning on access with AntiVir Guard ceseessssseesenceseeseseceesecaenecaesecaesasacsassceaeaesasaeeasaeeaeates 25 5 2 Scanning on demand with AntiVir Command Line Scanner eee 27 5 3 Reaction to Detecting Viruses Unwanted Programs serrana 31 6 Updates usasse nara cessar ias dadas SE Seege See Gl Internet E EE 32 7 The Dazuko Kernel Module E Wee EE
12. against data loss o gt Ensure that you make regular backups of your files An antivirus program can be reliable and effective only if kept up to date gt Ensure that you keep your AntiVir programs up to date using automatic updates as described in this user guide Avira AntiVir Personal UNIX 5 2 1 Features Avira AntiVir Personal offers you extensive configuration possibilities to keep control of your computer The current features of Avira AntiVir Personal are Easy installation using the installation script e Command Line Scanner on demand Configurable on demand search for all known malware types viruses Trojans backdoor programs hoaxes worms etc Resident guard on access Configurable reactions when detecting viruses or unwanted programs repair move rename programs or files automatically remove viruses or unwanted programs e Heuristic detection of macroviruses Detection of all common archive types with certain recursion level in the case of nested archives Automatic Internet Updates for product scan engine and VDF Comprehensive functions for logging warnings and messages for the administrator Self Integrity Program Check which ensures the antivirus system is operating correctly at all times 2 2 Licensing Concept Avira AntiVir Personal Free Antivirus is free for personal use For more details please visit www free av com Self Integrity Check Each A
13. arantine option for AlertAction see above Note If you fail to specify a quarantine directory the following directory is created by default and the infected files are moved into it QuarantineDirectory home quarantine Access mask only for dazuko2 This option sets the access type of AntiVir Guard when scanning files for viruses or unwanted programs Avira AntiVir Personal UNIX 15 IncludePath Temporary Directory ScanMode Avira GmbH 1 Scanning a file when opened e 2 Scanning a file when closed A Scanning a file when executed For setting more access types at the same time you have to add the above values For example to scan files when opened and when closed the value has to be 3 default AccessMask 3 Please note that AntiVir Guard is able to react to these situations and Q to scan files only if the kernel module supports these events Not every operating system supports all events in every kernel version Moreover some kernel modules offer the possibility to activate or deactivate certain events Independent from the use of the other events we recommend that you always keep the option Scanning files when opened activated Scanned directories only for dazuko2 AntiVir Guard scans the files in the specified directories including their subdirectories Usually the most vulnerable file system is home since the data of different users is located there IncludePath home You can sp
14. atch mode In this mode all decisions are carried out based on the given configuration file and command line settings The user will not be asked to make or confirm any decisions Note If you had set the alert action to delete the alert action for files which are only considered suspicious is automatically reset by avscan to quarantine when operating in batch mode config Prints a sample configuration C lt configuration file gt detect prefixes lt spec gt Use a specific configuration file instead of the default one Specifies which kind of malware or unwanted software should get detected Virus detection is always active Accepts whitespace or colon separated list of lt type gt lt bool gt detect prefixes adspy yes joke no spr bdc To scan for all types of malware detect prefixes alltypes See the list of accepted types at DetectPrefixes Page 18 Repair concerning files if possible follow symlink yes no help Follows symbolic links Default yes Prints usage information about avscan abbreviation h or heur level lt int gt Specifies the Win32 file heuristics level Available values are 0 off 1 low 2 medium and 3 high could result in false alerts Not activated by default heur macro lt yes no gt Enables or disables macro heuristics log file lt filename gt Specifies the file for log me
15. components checking for C compiler cc found checking for C compiler gcc found checking for kernel sources found detecting kernel version 2 6 18 unpacking dazuko 3 0 0 rc4_2 6 18 done installing dazuko 3 0 0 rc4_2 6 18 initiate dazukofs done linking usr lib AntiVir guard libdazuko so to usr lib AntiVir guard libdazuko3compat2 so If the attempt to install dazuko fails you have to compile the module yourself For more details see The Dazuko Kernel Module Page 33 AntiVir can be installed even without dazuko but in this case it will run without AntiVir Guard The installer then reads etc fstab to check the directories to be mounted as dazukofs If no entry is found it asks you to enter one directory to be scanned by the Guard Guard will automatically protect all directories which are mounted upon dazukofs filesystem Please specify at least one directory to be protected by Guard to add in etc fstab home There are some file systems that should not be overlayed by dazukofs since no security gain would be achieved but on the contrary it could lead to 2 system malfunction Examples of these file systems are sysfs sys procfs proc usbfs These file systems do not allow the creation of files anyway so they do not need to be protected against malware The special directory root should not be mounted with dazukofs because it may also be the root f
16. conf Authentication for smtp connection Activate the auth method option and then provide the smtp server port user and password mailer smtp sendmail auth method password smtp user lt your username gt smtp password lt your_ password gt smtp server lt servername gt smtp port lt port gt There are three situations to set for email notifications e O no email notifications are sent e 1 email notifications are sent in case of successful update unsuccessful update or up to date 2 email notification only in case of unsuccessful update 3 email notification only in case of successful update notify when 3 The recipient of notification emails email to root localhost Logfile settings log log rotate log append Avira GmbH Specify a full path with a filename to which AntiVir Updater will write its log messages log var log avupdate log By default the logfile is overwritten log rotate You can use this option to append the logfile log append Avira AntiVir Personal UNIX 23 4 2 Testing AntiVir Personal After completing the installation and configuration you can test the functionality of AntiVir Personal using a test virus This will not cause any damage but it will force the security program to react when the computer is scanned Testing AntiVir Guard with a Test Virus v VV VV Go to http www eicar org Read the information about the test viru
17. connection charging you at high rates This can lead to huge phone bills AntiVir detects Dialers The scanning module of AntiVir software The systematic process of solving a problem using general and specific rules drawn from previous experience However solution is not guaranteed AntiVir uses a heuristic process to detect unknown macro viruses When typical virus like functions are found the respective macro is classified as suspicious The basic component of a UNIX operating system which performs elementary functions e g memory and process administration also Report file A file containing reports generated by the program during run time when a certain event occurs Generic term for foreign bodies of any type These can be interferences such as viruses or other software which the user generally considers as unwanted see also Unwanted Programs The directory where infected files are stored to block the user s access to them The user with unlimited access rights such as system administrator on Windows Secure AntiVirus Application Programming Interface A text file containing commands to be executed by the system similar to batch files in DOS A Byte combination used to recognize a virus or unwanted program UNIX SMP UNIX version for computers with parallel processors Avira AntiVir Personal UNIX 38 Item SMTP syslog daemon Meaning Simple Mail Transfer Protocol protocol for email transmissi
18. ctivated with a at the beginning of the line commented or can be set with default values These can be activated by removing the character or by changing the values You must restart the AntiVir Guard if you modify any values Q manually in the configuration files The changes only take effect after a restart gt Type usr lib AntiVir guard avguard restart All Configuration of AntiVir Guard in avguard conf OnAccess Management Avira GmbH This section provides a short description of the entries in avguard conf The settings affect only the behavior of Avira AntiVir Personal and no other AntiVir programs Enable Disable on access protection This option allows you to explicitly enable disable on access protection of specified directories provided by Guard using dazukofs dazuko kernel module Avira AntiVir Personal UNIX 14 Num Daemons Repair Concerning Files AlertAction Quarantine Directory AccessMask Avira GmbH When set to auto Guard will determine if the system has dazuko dazukofs support at startup and use it to provide on access protection automatically If you set it to no or the system has no dazuko dazukofs support Guard will not provide any on access protection In this case only the on demand scanner avscan can be used 0 All on access options will be inactive if you disable the Guard For O setting on demand scanner options check the avscan conf file OnAccessManagemen
19. e Guard is running the command avguard status returns the message Status avguard bin running To scan on access using certain parameters avguard option Options Option Function alert action lt spec gt Sets the action to be taken when detecting viruses or unwanted programs See the actions list at AlertAction Page 15 alert action quarantine archive max count lt spec gt Sets a limit to the number of files in an archive or mailbox that will be scanned by the Guard Guard will stop scanning at the set number of files Avira GmbH Avira AntiVir Personal UNIX 25 Avira GmbH archive max count action Alert action for the above condition It can be set to ignore warn block or alert archive max ratio lt spec gt Limits the archive or mailbox ratio The Guard does not scan beyond the configured limits archive max ratio action Alert action for the above condition It can be set to ignore warn block or alert archive max recursion lt spec gt Limits the archive or mailbox recursion The Guard does not scan beyond the configured limits archive max recursion action archive max size lt spec gt archive max size action Alert action for the above condition It can be set to ignore warn block or alert Limits the archive or mailbox size The Guard does not scan beyond the configured limits Alert action f
20. ecify only one folder in a command line You can enter more folders by typing the command for each one Example IncludePath var tmp IncludePath tmp LU If no folder is specified AntiVir Guard will not start Dazuko3 ignores this option It it therefore not advisable to use it in conjunction with Dazuko3 AntiVir Guard will otherwise fail to start Temporary location of Guard files Temporary files of the Guard are written in this directory Example TemporaryDirectory tmp Note Please make sure that there is sufficient disk space i e at least 4GB available at the location of the temporary files directory Configuring files to be scanned This entry sets the procedure to determine whether a file is to be scanned or not The available methods are e extlist scan only files with certain extensions smart scan files based on both their name and file type e all always scan files of all types and names The default is ScanMode all Avira AntiVir Personal UNIX 16 ArchiveScan ArchiveMax Size ArchiveMax Recursion Archive MaxRatio Archive MaxCount Archive Actions MaxReports PerFile Avira GmbH Scanning archives on access AntiVir Guard scans archives when opened depending on the setting for ArchiveMaxSize ArchiveMaxRecursion and ArchiveMaxRatio This is activated by default in order to maintain the highest security ArchiveScan yes Maximum archive size Thi
21. ed gt Inform your team superiors or partners gt Inform your system administrator and security provider Submit Infected Files to Avira GmbH Avira GmbH gt Please send us the viruses unwanted programs and suspicious files that our product does not yet recognize or detect and also any suspicious files Send us the virus or unwanted program packed in a password protected archive PGP gzip WinZIP PKZip Arj attached to an email message to virus avira com When packing use the password virus This way the file will not be deleted by virus scanners on the email gateway Avira AntiVir Personal UNIX 31 6 Updates With Avira Updater you can update Avira software on your computers using Avira update servers The program can be configured either by editing the configuration file see 4 1 4 Configuration of Avira Updater in avupdate guard conf or by using parameters in the command line It is recommended to run the Updater as root If the Updater does not run as root it does not have the necessary rights to restart AntiVir daemons so the restart has to be made manually as root Advantage any running processes of AntiVir daemons such as Scanner AntiVir Guard are automatically updated with the current antivirus files without interrupting the running scan processes It is thus ensured that all files are scanned 6 1 Internet Updates Manually Avira GmbH If you want to update Avira AntiVir Personal or some o
22. er installation The most common settings are suggested You can modify these settings anytime to adjust the product to your requirements After a short overview you will be guided step by step through the configuration process Description of the configuration files Configuration of AntiVir Guard in avguard conf Page 14 Configuration of the Command Line Scanner in avscan conf Page 19 Scanner specific configuration in avguard scanner conf Page 22 Configuration of Avira Updater in avupdate guard conf Page 22 Testing AntiVir Personal Page 33 after completing the configuration 4 1 Configuration Files The configuration is defined in four files etc avira avguard conf configures the on access scanner etc avira avscan conf configures the on demand scanner etc avira avguard scanner conf configures Savapi3 etc avira avupdate guard conf defines the automatic updates The settings can be made directly in the configuration files or as o parameters when using the Command Line Scanner The parameters given in command lines take precedence of those saved in configuration files This part describes the structure of Avira AntiVir Personal configuration files Avira AntiVir Personal reads these files on program start up It ignores empty lines and commented lines beginning with The program is provided with default values which are important for many procedures Some options can be dea
23. f its components gt Use the command usr lib AntiVir guard avupdate guard product product As product you can use Scanner recommended to update the scanner engine and vdf files Guard complete update Guard Scanner engine and vdf files If you just want to check for a new AntiVir version without updating AntiVir gt Use the command usr lib AntiVir guard avupdate guard check product product The product values are the same as above Avira AntiVir Personal UNIX 32 7 The Dazuko Kernel Module Dazuko kernel module is required by all platforms for allowing the on access scanner AntiVir Guard to run Avira AntiVir Personal can be installed even without dazuko but in this case it will run without AntiVir Guard For using Avira AntiVir Personal Unix v 3 with AntiVir Guard we Q recommend and support dazuko3 dazukofs The installation script will also install dazuko3 if it detects the needed build components on your system C compiler cc C compiler gcc kernel sources kernel versions 2 6 18 2 6 20 2 6 22 2 6 24 2 6 26 or 2 6 27 However if you want to use dazuko2 this Chapter offers some basic instructions If the attempt to install dazuko with the product s install script fails you have to compile the module yourself o If your distribution supplier offers an exact matching module to your kernel b Check the name of the module on the system you might use this i
24. g 253 Error while preparing on demand scan 254 Configuration error invalid parameter in command line or configuration file 255 Internal error Example Performing Complete Scan Avira GmbH After installation it is important to perform a complete scan of the system The following parameters should be used scan mode all Scans all files detect prefixes alltypes Scans for all types of malware Avira AntiVir Personal UNIX 29 s Scans all subfolders scan in archive Scans packed files too gt The command is avscan scan mode all detect prefixes alltypes s Scan in archive Example Performing Partial Scan Usually scanning the directories that contain incoming and outgoing data mailbox Internet text folders may be sufficient These files are usually in var If you have any DOS partitions on your UNIX system you also have to scan them You can use the following parameters scan mode all Scans all files s Scans all subfolders scan in archive Scans packed files too If your DOS partitions are in mnt and the incoming and outgoing files are in var gt Use the command avscan scan mode all s scan in archive var mnt Example Deleting Infected Files Avira GmbH Avira AntiVir Personal can delete files which contain viruses or unwanted programs Optionally AntiVir can first try
25. ing certain parameters avscan option directory 1 Ifyou have not specified any directory it scans only the current directory Ifyou want to scan certain files in a directory the syntax is avscan option directory 1 filename Options You can use the following options for the Command Line Scanner in various combinations All non option strings are considered files or directories to be scanned by default no recursion beyond the first level of the directory structure Option Function alert action lt spec gt Sets the action to be taken when detecting viruses or unwanted programs See the actions list at AlertAction Page 15 alert action quarantine archive max count lt N gt Sets a limit to the number of files in an archive or mailbox that will be scanned by the Guard Guard will stop scanning at the set number of files archive max ratio lt N gt Limits the archive or mailbox ratio The CLS does not scan beyond the configured limits archive max recursion lt N gt Limits the archive or mailbox recursion The CLS does not scan beyond the configured limits archive max size lt N gt Limits the archive or mailbox size The CLS does not scan beyond the configured limits Avira GmbH Avira AntiVir Personal UNIX 27 batch Enables batch mode If you enable this option avscan will enter the non interactive b
26. limited to a given number of files within a recursion level The zero value means no limit is set Default ArchiveMaxCount 0 You can speed up the archive scanning process by adjusting the settings manually ARCHIVE MAX RECURSION 1 ARCHIVE MAX COUNT 10 ARCHIVE MAX SIZE 1000KB The reliability of the scan will not be affected LogFile Logfile AntiVir logs all important operations via the syslog daemon It can also create an Avira GmbH Avira AntiVir Personal UNIX 20 Syslog DetectPrefixes Heuristics Macro Heuristics Level Avira GmbH additional logfile There is no default setting You must enter the full path to the logfile in order to use this option LogFile var log avscan log Syslog settings AntiVir Personal sends messages for all important operations to the syslog daemon You may specify the facility and priority for these messages Default is SyslogFacility user SyslogPriority notice With the SyslogPriority you specify that all those messages are logged which have an equal or higher priority than the one specified These values apply even if the LogF ile option is not active Detection of other types of unwanted programs Besides viruses there are other types of harmful or unwanted software You can activate their detection using the following options The virus detection is not optional and you can not deactivate it The
27. ll be displayed and you can solve the situation afterwards gt Goto the temporary directory where you unpacked Dazuko for example Avira GmbH Avira AntiVir Personal UNIX 33 cd tmp antivir workstation pers lt version gt contrib dazuko dazuko lt version gt gt Check the configuration of your computer with the configure script This information will provide appropriate guidance for further installation of the software configure gt Compile Dazuko make gt Optionally verify if the newly installed module works with the computer s running kernel make test Depending on your operating system you will receive the file dazuko o or dazuko ko in the temporary directory AntiVir installation script will ask for the path to this file later Further information on Dazuko can be found on the website http www dazuko org You may find distribution specific details already documented in the FAQ section 7 2 Known Issues with dazukofs Mounting dazukofs It is highly recommended to mount dazukofs very early during system startup via etc fstab for optimum functionality and protection It is not recommended to unmount dazukofs once loaded For more details please refer to the dazukofs documentation http dazuko dnsalias org files README dazukofs Mounting removable media Removable media such as USB sticks and CD ROMs should be automatically mounted Else If the media is not mounted via dazukofs i
28. llation procedure This Chapter is divided into the following sections Getting the Installation Files Page 8 e Licensing Page 8 Installing AntiVir Page 8 Reinstalling and Uninstalling AntiVir Page 13 e Page 13 3 1 Getting the Installation Files Downloading the Installation Files from the Internet gt Download the current version of Avira AntiVir Personal Free antivirus from www free av com to your local computer Save the file in the temporary folder tmp on the computer on which you want to run Avira AntiVir Personal The file name is antivir workstation pers tar gz Unpacking Program Files gt Goto the temporary directory cd tmp gt Unpack the archive containing the AntiVir kit tar tar xzvf antivir workstation pers tar gz 4 Inthe temporary directory will then appear antivir workstation pers lt version gt 3 2 Licensing Avira AntiVir Personal Free Antivirus is free for personal use If the initial license expires you can extend it without reinstalling the product by downloading the current license file from www free av com Copying the License File gt Copy the license file hbedv key to the installation directory on your system if the license in your Avira AntiVir Personal has expired tmp antivir workstation pers lt version gt 3 3 Installing AntiVir AntiVir is automatically installed using a script This script performs the following tasks e Checks integ
29. logged as a warning access is not blocked by the guard block access is blocked e alert access is blocked the alert action is performed highest priority Each of the following conditions can be set to ignore warn block or alert Default settings ArchiveMaxSizeAction block ArchiveMaxRecursionAction block ArchiveMaxRatioAction block ArchiveMaxCountAction block Limit the number of scanner alert messages The upper limit of messages that are issued per scanned file Usually this only affects archive scanning This option can be used to prevent the scanner from Denial Of Service Avira AntiVir Personal UNIX 17 LogFile Syslog DetectPrefixes Avira GmbH attacks generated by crafted archives that otherwise would provoke millions of alerts A value of O means no limit is set MaxReportsPerFile 100 Logfile AntiVir logs all important operations via the syslog daemon It can also create an additional logfile There is no default setting You must enter the full path to the logfile in order to use this option LogFile var log avguard log Syslog settings Avira AntiVir Personal sends messages for all important operations to the syslog daemon You may specify the facility and priority for these messages Default is SyslogFacility user SyslogPriority notice Setting the SyslogPriority determines that all those messages which are equal or higher than the priority specified are logged Con
30. m 0 since AntiVir Guard will otherwise fail to start Check the messages in the logfile of AntiVir Guard or in syslog in order to isolate errors Avira AntiVir Personal UNIX 24 9 Operation After concluding installation and configuration AntiVir Guard guarantees continuous scanning on your system During operation there may be the need for occasional changes in Configuration Page 14 Nevertheless a manual scan for viruses or unwanted programs might be needed This is where you can use AntiVir Command Line Scanner This program enables scanning for many specific targets AntiVir Command Line Scanner can be integrated into scripts and also regularly activated by cron jobs Users familiar with UNIX have various possibilities available to set optimum monitoring of their systems This Chapter has the following structure Scanning on access with AntiVir Guard Page 25 summarizes all options for the resident scanner avguard e Scanning on demand with AntiVir Command Line Scanner Page 27 lists the options for on demand scanner avscan and describes some examples of working with the Command Line Scanner Reaction to Detecting Viruses Unwanted Programs Page 31 gives you some hints on how to react when AntiVir has done its work 2 1 Scanning on access with AntiVir Guard Syntax To start stop or restart the AntiVir Guard as root or to check its status avguard start stop status restart Example If th
31. ned or not The available methods are e extlist scan only files with certain extensions smart scan files based on both their name and file type e all always scan files of all types and names The default is ScanMode smart ArchiveScan Scanning archives on demand The CLS scans archives on demand depending on the setting for ArchiveMaxSize ArchiveMaxRecursion and ArchiveMaxRatio This is activated by default in order to maintain the highest security ArchiveScan yes ArchiveMax Maximum archive size Size This option limits the scanning process to the files with unpacked size smaller than the specified value in bytes KB MG GB The zero value means no limit The default setting is 1 Gigabyte ArchiveMaxSize 1GB ArchiveMax Maximum recursion level Recursion When scanning recursive archives the level of recursion can be limited The zero value means all archives are completely unpacked regardless of their recursion level Default ArchiveMaxRecursion 20 Archive Maximum compression rate for archives MaxRatio This option limits the scanning to files which do not exceed a certain compression level It ensures protection against so called mail bombs which occupy an unexpectedly large amount of memory when decompressed The zero value means all archives are completely decompressed regardless of their compression rate Default ArchiveMaxRatio 150 Archive Number of files in an archive MaxCount The archive scanning is
32. nformation for further installation of AntiVir Guard Use the following command find lib modules uname r name dazuko d The installation pack for SunOS Sparc and i386 contains a binary module and you do not have to install it on this platform yourself The procedure is described so that you do not need expert knowledge to perform it Nevertheless knowledge of UNIX kernel compilation is needed especially when errors are encountered Further information on this can be found at http www tldp org HOWTO Kernel HOWTO html 7 1 Compiling Dazuko on your own v Make sure that the source code for UNIX kernel is in usr src linux If not install or link it there Information on this subject can be found in your UNIX provider documentation v Check if you have on your computer the kernel compiling programs for example gcc This also applies to UNIX standard installations If not install the required packages Information on this subject can be found in your UNIX provider documentation v Your UNIX kernel must be based on the source code from usr src linux as in most cases especially in a UNIX reinstallation You can only be absolutely certain by recompiling the installed kernel using exactly these sources Ifyou are not certain about your UNIX kernel status you should proceed with the installation In the worst case Dazuko will not be integrated into your UNIX kernel and the AntiVir Guard will not start A message wi
33. ntiVir executable binary is signed and performs a self integrity check during startup The self integrity check cannot protect against forgery e g to check if the complete package is faked or crafted attacks e g the function 2 call that performs the self integrity check is bypassed Such a verification has to be performed from outside the package 2 3 Modules and Operating Mode The Avira security software consists of the following program components AntiVir Engine AntiVir Guard e AntiVir Command Line Scanner Avira Updater AntiVir Engine AntiVir Engine essentially represents the scanning and repairing modules of Avira software These are also used by the other AntiVir products Avira GmbH Avira AntiVir Personal UNIX 6 AntiVir Guard AntiVir Guard runs as a daemon process It permanently monitors all user access in the network on access and it protects the files against viruses and unwanted programs It immediately blocks access to infected files which can be automatically renamed repaired or moved AntiVir Command Line Scanner AntiVir CLS can always be launched from the command prompt on demand Infected files and suspicious macros can be isolated or deleted using a number of options It can be integrated and used within scripts Avira Updater Avira Updater downloads current updates from the AntiVir web servers and installs them at regular intervals manually or automatically It can also send update
34. ob uses the minute when the product was installed If you want another update time you can change the entries later in etc cron d avira_updater L gt You can specify the time of the day when the updates should start The AntiVir Updater can be set to always check for updates at a particular time of day This is specified in a HH MM format where HH is the hour and MM is the minutes If you do not have a permanent connection you may set it to a time when you are usually online available option HH MM What time should updates be done 00 15 gt Press Enter or set another time first L gt Then the installer asks if you want to check for Product updates every week Would you like to check for Guard updates once a week n gt Press y if you want to create this task or just press Enter if you don t L gt The next step of the installation process is installing the main program If no dazuko device is detected on your system the script tries to install dazuko 3 installing main program copying bin linux glibc22 libdazuko3compat2 so to usr lib AntiVir guard done No Dazuko device found on your system Would you like to install dazuko now y gt Press y if you want to install dazuko and use AntiVir Guard then press Enter Avira AntiVir Personal UNIX 10 Dazuko3 package is installed installing dazuko Available Dazuko3 Package 3 0 0 rc4 checking for needed build
35. on on the Internet A daemon used by programs for logging various information These reports are written in different logfiles The syslog daemon configuration is in etc syslog conf Unwanted programs The name for programs that do not directly harm the computer but are not wanted by the user or administrator These can be backdoors dialers jokes and games AntiVir detects various types of unwanted programs VDE Virus Definition A file with known signatures for viruses and unwanted programs In many File VES cases it is enough for an update to load the most recent version of this file Virtual File System 9 2 Further Information Avira GmbH You can find further information on viruses worms macro viruses and other unwanted programs at http www avira com en threats index html AntiVir Guard is based on DazukoFS http www dazuko org an open source software project DazukoFS is a kernel module which allows the AntiVir Guard daemon to access the files Avira AntiVir Personal UNIX 39 9 3 Golden Rules for Protection Against Viruses Avira GmbH gt Always keep boot floppy disks for your network server and for your workstations gt Always remove floppy disks from the drive after finishing the work Even if they have no executable programs disks can contain program code in the boot sector and these can serve to carry boot sector viruses gt Regularly back up your files gt Limit program exchange par
36. or macroviruses in office documents HeuristicsMacro yes Win32 Heuristics Sets the level of heuristic detection in all types of files Available values are 0 off 1 low 2 medium and 3 high could result in false alerts HeuristicsLevel 1 Avira AntiVir Personal UNIX 21 4 1 3 Scanner specific configuration in avguard scanner conf Syslog Facility ReportLevel LogFileName AlertURL Anew configuration file has been introduced starting with Avira AntiVir Personal v3 0 0 avguard scanner conf It contains configuration options specific to the new scanner backend Usually you don t have to change the options in this file but there might be a few exceptions Facility used when logging SyslogFacility user The scanner can be set to log on different levels e 0 Log errors e 1 Log errors and alerts 2 Log errors alerts and warnings 3 Log errors alerts warnings and debug messages alerts means information about potential malicious code Default ReportLevel 0 Path to the scanner logfile LogFileName NONE You can use this option to retrieve information about virus alerts via Internet Currently supported URLs English http www avira com en threats q 1 German http www avira com de threats q 1 AlertURL lt URL gt 4 1 4 Configuration of Avira Updater in avupdate guard conf internet srvs master file Avira GmbH This section provides a short description of the settings in
37. or other file systems which likewise should not be mounted with dazukofs Mounting could also be dangerous due to the fact that there will very likely be processes already working on files under before dazukofs is mounted This might result in undefined file states if those files are later accessed through the dazukofs layer b Type one directory which you want to be protected on access for example home and press Enter Ifyou want to modify the list of protected directories you can add or remove entries later by editing etc fstab file and remounting dazukofs Avira GmbH Avira AntiVir Personal UNIX 11 Avira GmbH L Then the installer checks if the default quarantine directory exists home quarantine the AVIRA Guard default quarantine directory does not exist INFO You can change the quarantine directory in etc avira avguard conf and etc avira avscan conf after the installation Would you like to create home quarantine y gt Type Enter to create the directory if necessary You can change it later in the configuration files 4 Then the script can install a GNOME plug in which would allow you to add the status icon for AntiVir Guard to the panel e Guard is active PM Guard is inactive Would you like to install the AVIRA Guard GNOME plugin n gt Typeyand press Enter if you want to install the plug in or just press Enter if you don t Then you are asked if you want to c
38. or the above condition It can be set to ignore warn block or alert config Prints a sample configuration C lt configuration file gt detect prefixes lt spec gt Use a specific configuration file instead of the default one Specifies which kind of malware or unwanted software should get detected Virus detection is always active Accepts whitespace or colon separated list of lt type gt lt bool gt detect prefixes adspy yes joke no spr bdc To scan for all types of malware detect prefixes alltypes See the list of accepted types at DetectPrefixes Page 18 help Prints usage information about avguard bin heur level lt int gt Specifies the Win32 file heuristics level Available values are 0 off 1 low 2 medium and 3 high could result in false alerts Not activated by default heur macro lt bool gt Enables or disables macro heuristics scan in archive lt bool gt Enables or disables recursion into archive containers By default on Avira AntiVir Personal UNIX 26 scan mode lt spec gt Instructs the scanner how a sample should be scanned ScanMode all smart ext temp dir lt dir gt Defines the absolute path of the temporary directory version Prints version information 2 2 Scanning on demand with AntiVir Command Line Scanner Syntax To scan on demand us
39. pter Contents 1 About this Manual The structure of the manual signs and symbols 2 Product Information General information about Avira AntiVir Personal its modules features system requirements and licensing 3 Installation Instructions to install AntiVir on your system using the installation script 4 Configuration Directions for optimum settings of AntiVir components on your system 5 Operation Working with AntiVir after installation targeted scanning for viruses and unwanted programs reactions when viruses and unwanted programs are detected 6 Updates Carrying out automatic or manual Internet updates 7 The Dazuko Kernel Module Information about compiling and using dazuko 8 Service Support and Service 9 Appendix Glossary of technical terms and abbreviations Golden Rules for Protection against Viruses Avira AntiVir Personal UNIX 3 1 3 Signs and Symbols The manual uses the following signs and symbols Symbol Meaning v shown before a condition that must be met prior to performing an action gt shown before a step you have to perform Ly shown before the result that directly follows the preceding action shown before a warning if there is a danger of critical data loss or hardware damage shown before a note containing particularly important information e g on the steps to be followed
40. r system initiate unwanted program activities damage your privacy or spy out your user behavior and might therefore be unwanted alltypes option to detect all supported malware types Syntax list of types separated by whitespace or colon DetectPrefixes lt type gt lt bool gt lt type gt lt bool gt Example DetectPrefixes adspy yes appl no bdc yes dial yes game no hiddenext no joke no pck no phish yes spr no Avira AntiVir Personal UNIX 18 Heuristics Macro Heuristics Level ActiveLockFile Macrovirus Heuristics Activates the heuristics for macroviruses in office documents HeuristicsMacro yes Win32 Heuristics Sets the level of heuristic detection in all types of files Available values are 0 off 1 low 2 medium and 3 high could result in false alerts HeuristicslLevel 1 Guard s shared lockfile You must specify the absolute path to the Guard s lockfile so that other software on the computer can detect Guard s presence The file is also used for the Gnome plug in ActiveLockFile var lock LCK avguard Default ActiveLockFile NONE 4 1 2 Configuration of the Command Line Scanner in avscan conf Repair Concerning Files AlertAction Quarantine Directory Temporary Directory FollowSymlink Avira GmbH A new configuration file for the on demand scanner has been introduced starting with Avira AntiVir Personal v 3 0 0 avscan conf Repairing files
41. reate a link to avguard and if the Updater should be automatically activated at system start Would you like to create a link in usr sbin for avguard y linking usr sbin avguard to usr lib AntiVir guard avguard done Please specify if boot scripts should be set up Set up boot scripts y gt Confirm with Enter L gt The automatic system start is configured setting up boot script done installation of AVIRA Guard complete L gt The installation process is complete You can start AntiVir Guard if dazuko is correctly compiled Would you like to start AVIRA Guard now y Starting Avira AntiVir Workstation Personal Starting avguard bin L You will see a report that indicates the completion of the installation Installation of the following features complete AntiVir Core Components Engine Savapi and Avupdate AVIRA Internet Updater AVIRA Guard gt Finally you can start AntiVir usr lib AntiVir guard avguard start Modified binaries will not run For example if binaries are prelinked Either disable prelinking or add 2 usr lib AntiVir guard as an excluded prelink path in etc prelink conf Avira AntiVir Personal UNIX 12 3 4 Reinstalling and Uninstalling AntiVir You can launch the installation script at any time There are several possible situations such as Later installation of some components e g AntiVir Guard or Avira Updater Activating or deactivating the a
42. rity of the installation files Avira GmbH Avira AntiVir Personal UNIX 8 Checks for the required permissions for the installation Checks for an existing version of AntiVir on the computer Copies the program files Overwrites existing obsolete files Copies AntiVir configuration files Existing AntiVir configuration files are inherited Optional it creates a link in usr bin so that AntiVir can be called from any folder without needing a given path Optional it installs the resident scanner AntiVir Guard and the dazuko module Optional it installs a Gnome plug in Optional it installs Avira Updater Optional it configures an automatic start for Avira Updater and AntiVir Guard on system start up Preparing Installation gt gt Login as root Otherwise you do not have the required authorization for installation and the script returns an error message Go to the directory in which you unpacked AntiVir cd tmp antivir workstation pers lt version gt Installing AntiVir Avira GmbH For using Avira AntiVir Personal v 3 with AntiVir Guard we recommend and support dazuko3 dazukofs The installation script will also install dazuko3 if it detects the needed build components on your system If the installation script cannot detect a supported linux kernel version you can only install Avira AntiVir without AntiVir Guard AntiVir Guard can be easily installed later For more details see The Dazuko Kernel Module
43. s eicar com Download the test virus to your computer for exp in a directory named TEST On dazuko3 systems mount the directory in which you downloaded eicar com mount t dazukofs TEST TEST Try to access the file via the shell command less L gt AntiVir Guard will deny the access Testing AntiVir Command Line Scanner with a Test Virus vvvv Go to http www eicar org Read the information about the test virus eicar com Download the test virus to your computer for exp in a directory named TEST Execute the command avscan TEST 4 AntiVir will notify you about malware detection and will ask you to select an action Scanning for Possible Errors If you notice that AntiVir Guard does not display the expected messages or does not take the relevant action you have to check the configuration gt gt gt Avira GmbH Check whether AntiVir Guard is running Type usr lib AntiVir guard avguard status Start AntiVir Guard if necessary If you use AntiVir Guard in conjunction with dazukofs ensure that the file system location for which you want to enable OnAccess protection is mounted with dazukofs Use the mount command to see a list of all mounted file systems partitions If you use AntiVir Guard in conjunction with dazuko2 make sure that the file system location you want to protect is specified by means of the IncludePath option Also ensure that the AccessMask is set to a value different fro
44. s option limits the scanning process to the files with unpacked size smaller than the specified value in bytes KB MB GB The zero value means no limit The default setting is approx 1 Gigabyte ArchiveMaxSize 1GB Maximum recursion level When scanning recursive archives the level of recursion can be limited The zero value means all archives are completely unpacked regardless of their recursion level Default ArchiveMaxRecursion 20 Maximum compression rate for archives This option limits the scanning to files which do not exceed a certain compression level It ensures protection against so called mail bombs which occupy an unexpectedly large amount of memory when decompressed The zero value means all archives are completely decompressed regardless of their compression rate Default ArchiveMaxRatio 150 Number of files in an archive The archive scanning is limited to a given number of files within a recursion level The zero value means no limit is set Default ArchiveMaxCount 0 settings manually ARCHIVE MAX RECURSION 1 ARCHIVE MAX COUNT 10 ARCHIVE MAX SIZE 1000KB The reliability of the scan will not be affected You can speed up the archive scanning process by adjusting the Alert actions based on archive scanning settings Based on the specific action the alert is treated as follows e ignore the alert is ignored warn the condition is
45. sequently you receive with the Priority Warning all those messages labelled Alert Error orWarning Since Info has a lower priority than Warning you will not receive any Info messages These values apply even if the LogFile option is not active Detection of other types of unwanted programs Besides viruses there are other types of harmful or unwanted software You can activate their detection using the following options The virus detection is not optional and you can not deactivate it The available categories are adspy software that displays advertising pop ups or software that very often with out the user s consent sends user specific data to third parties and might therefore be unwanted appl an application of dubious origin or which might be hazardous to use bdc the Control software for backdoors BDCs are generally harmless dial a Dial Up program for connections that charge a fee Its use might lead to huge costs for the user game a game that causes no damage on your computer e hiddenext a file with an executable extension hidden behind a harmless one e joke a harmless joke program present as file pck a file compressed with an unusual runtime compression tool e phish faked emails that are supposed to prompt the victim to reveal confidential information such as user accounts passwords or online banking data on certain web sites spr software that may compromise the security of you
46. ssages max runtime lt seconds gt This option can be invoked for normal or scheduled scanning It defines a soft overall time limit If the time limit is exceeded the job will stop after completing the currently pending subtask scan database action quarantine dir lt dir gt Specifies the quarantine directory for infected files Avira GmbH Avira AntiVir Personal UNIX 28 This option enables recursive scanning of all subdirectories within a specified path scan in archive lt yes no gt Enables or disables recursion into archive containers By default on scan mode lt spec gt Instructs the scanner how a sample should be scanned ScanMode all smart extlist temp lt dir gt Defines the absolute path of the directory for temporary files v Set verbose mode on This option should SE be used in exceptional cases only as for example after a virus detection removal version Prints version information Exit Codes AntiVir Command Line Scanner issues exit codes after operation UNIX users can include them in scripts Exit Code Meaning 0 Normal program termination nothing found no error 1 Found concerning file 3 Suspicious file found 4 Warnings were issued 249 Scan process not completed 250 Cannot initialize scan process 251 The avguard daemon is not accessible 252 The avguard daemon is not runnin
47. t auto Number of daemons The number of simultaneous AntiVir Guard daemons can be set between 3 and 20 The default is 3 and it is appropriate for smaller standard computers For servers with high traffic a larger number would be necessary NumDaemons 3 If the value is 0 AntiVir Guard is deactivated Repairing files If RepairConcerningFiles is set AntiVir Guard will try to remove any alert by repairing the infected file If the repair has been carried out successfully access is granted and no further action besides logging is taken If the repair fails access is blocked and the AlertAction if you have selected one is carried out The following option must be active RepairConcerningFiles It is not activated by default Action when detecting viruses or unwanted programs If RepairConcerningFiles is not set or if repair is not possible the access to the file is blocked and the action is logged The following options define the actions of AntiVir Guard none or ignore no further action rename or ren renaming the file by adding the XXX extension e delete or del delete the concerning file quarantine move the concerning file into quarantine if you defined one see below You can select only one of these options If more than one is activated AntiVir applies the last one selected in the configuration file Default AlertAction none You have to define the quarantine directory if you want to use the qu
48. t is not protected If it is mounted via dazukofs you cannot unmount the media without unmounting dazukofs first which can break some applications Scanning on access symlinks Please note how dazukofs handles symlinks In case a folder is mounted as dazukofs and a file file a within that folder is a symbolic link to another file which is not in a folder mounted as dazukofs for example file b access to file a is always granted while file b is not scanned since it is not accessed through dazukofs Unsupported system calls Avira GmbH Dazukofs currently does not support the sendfile system call This may lead to problems if you want to use dazukofs in conjunction with applications that rely on sendfile as for example apache servers If you want to use dazukofs to protect the document root dir of an apache server add the following line to the httpd conf lt Directory var www gt EnableSendfile Off lt Directory gt Avira AntiVir Personal UNIX 34 Avira GmbH This will prevent apache from using the sendfile system call Dazukofs also currently does not support writing via the mmap system call This may lead to problems data loss at worst if applications rely on memory mapped writing Avira AntiVir Personal UNIX 35 8 Service 8 1 Support Support Service Forum FAQ Email Support Avira GmbH Our website http www avira com contains all the necessary information on our extensive s
49. ticularly with other networks mailboxes Internet and acquaintances gt Scan new programs before installation and the disk after this If the program is archived you can detect a virus only after unpacking and during installation If there are other users connected to your computer you should set the following rules for protection against viruses gt Use atest computer for controlling downloads of new software demo versions or virus suspicious media floppies CD R CD RW removable drives Disconnect the test computer from the network gt gt Appoint a person responsible for virus infection operations and define all steps for virus elimination gt Organize an emergency plan as a precaution for avoiding damage due to destruction theft failure or loss change due to incompatibility You can replace programs and storage devices but not your vital business data Set up a plan for data protection and recovery vv Your network must be correctly configured and the access rights must be wisely assigned This is good protection against viruses Avira AntiVir Personal UNIX 40 Avira AntiVir Personal unix Www avira com Avira GmbH Lindauer Str 21 88069 Tettnang Germany Telephone 49 0 7542 500 0 Fax 49 0 7542 525 10 Internet http www avira com AntiVir is a registered trademark of the Avira GmbH All other brand and product names are trademarks or registered trademarks of their respective
50. upport service The expertise and experience of our developers is available to you The experts of Avira answer your questions and help you with difficult technical problems During the first 30 days after you have purchased a license you can use our AntiVir Installation Support by phone email or by online form In addition we recommend that you also purchase our AntiVir Classic Support with which you can contact and obtain advice from our experts during business hours when technical problems are encountered The annual fee for this service which includes eliminating viruses and hoax support is 20 of the list price of your purchased AntiVir program Another optional service is the AntiVir Premium Support which offers you in addition to the scope of the AntiVir Classic Support the possibility of contacting expert partners at any time even after business hours in the event of an emergency When virus alerts occur you will receive an SMS on your cellphone Before you contact our Hotline we recommend that you visit our user forum at http forum antivir de as well as the FAO section on our website Your questions may already have been answered for another user and posted on the forum Support via email can be obtained at http www avira com Avira AntiVir Personal UNIX 36 8 2 Online Shop Would you like to buy our products with a mouse click You can visit Avira Online Shop at http www avira com and buy upgrade or
51. utomatic start of Avira Updater or AntiVir Guard Reinstalling AntiVir The procedure applies to all above mentioned cases v First of all you have to make sure that AntiVir Guard is stopped usr lib AntiVir guard avguard stop b Open the temporary directory where you unpacked AntiVir Personal cd tmp antivir workstation pers lt version gt gt Type install 4 The installation script performs as described in Installing AntiVir Page 8 gt Make the changes you need during installation procedure Ly AntiVir is installed with the required features Uninstalling AntiVir You can use the uninstall script located in the temporary AntiVir directory to remove Avira AntiVir Personal The syntax is uninstall product productname inf inf file force version help where productname is Guard b Open the AntiVir directory cd usr lib AntiVir guard gt Type uninstall product Guard 4 The script starts uninstalling the product asking you step by step if you want to keep backups for the license file for the configuration files and logfiles it can also remove the cronjobs you made for Guard and Scanner gt Answer the questions with y or n and press Enter L gt Avira AntiVir Personal is removed from your system Avira GmbH Avira AntiVir Personal UNIX 13 4 Configuration You can adjust Avira AntiVir Personal for optimum performance You can make the main adjustments immediately aft
Download Pdf Manuals
Related Search