ESET EAVB-N1C-25-V4D manuale d’uso

User Guide (intended for pr oduct version 4.2 and higher) Microsoft® Windows® 7 / Vista / XP / NT4 / 2000 / 2003 / 2008 ESET NOD32 Antivirus 4[...]

1 . ESET NOD32 Antivirus 4 .......................... 4 1 . 1 What ’s new .................................................................. 4 1 . 2 System r equirements .................................................... 4 2. Installation ............................................ 5 2. 1 T ypical installation .................................[...]

4. 1.5 On‑demand computer scan ...................................16 4. 1.5. 1 Type of scan ..........................................................16 4. 1.5. 1. 1 Smar t scan ...........................................................16 4. 1.5. 1.2 Custom scan.........................................................16 4. 1.5.2 Scan targets ...[...]

4 1 . ESET NOD32 Antivirus 4 ESET NOD32 Antivirus 4 is the successor to the awar d‑winning product ESET NOD32 Antivirus 3.0 . It utilizes the scanning speed and the precision of ESET NOD32 Antivirus, granted by the most recent version of the ThreatSense® scanning engine. The implemented advanced techniques are capable of pr oactively blocking vi[...]

5 2. Installation After purchase, the ESET NOD32 Antivirus installer can be downloaded from ESET ’s w ebsite as an .msi package. Launch the installer and the installation wizard will guide you thr ough the basic setup. There ar e two types of installation a vailable with dierent lev els of setup details: 1. T ypical installation 2. Custom inst[...]

6 2. 2 Custom installation Custom installation is designed for users who hav e experience with fine ‑tuning programs and who wish to modify advanced settings during installation. After selecting the installation mode and clicking Next , you will be prompted to select a destination location for the installation. By default, the program installs i[...]

7 Click Next to proceed to Configur e automatic update settings . This step allows you to designate how automatic program component updates will be handled on your system. Click Change... to access the advanced settings. If you do not want program components to be updated, select the Never update program components option. Select the Ask before do[...]

8 2.5 On‑demand computer scan After installing ESET NOD32 Antivirus, a computer scan for malicious code should be performed. From the main program window , click Computer scan and then click Smar t scan . For more inf ormation about On‑demand computer scans, see section 4. 1. 4, “On‑demand computer scan” .[...]

9 3. Beginner ’s guide This chapter provides an initial overview of ESET NOD32 Antivirus and its basic settings. 3. 1 Introducing user interface design – modes The main program window of ESET NOD32 Antivirus is divided into two main sections. The primar y window on the right displays information that corresponds to the option selected fr om the[...]

10 If you are unable to solve a pr oblem using the suggested solutions, click Help and suppor t to access the help files or search the Knowledgebase. If you still need assistance, you can submit an ESET Customer Care support request. ESET Customer Care will respond quickly to your questions and help determine a resolution. 3. 2 Update setup Updati[...]

11[...]

12 4. W ork with ESET NOD32 Antivirus 4. 1 Antivirus and antispyware pr otection Antivirus protection guar ds against malicious system attacks by controlling file, email and Internet communication. If a threat with malicious code is detected, the Antivirus module can eliminate it by first blocking it, and then cleaning, deleting or moving it to q[...]

13 4. 1. 1.3 When to modify real‑time pr otection configuration Real‑time protection is the most essential component of maintaining a secure system. Therefore, please use caution when modifying its parameters. We r ecommend that you only modify its parameters in specific cases. For example, if ther e is a conflict with a cer tain application[...]

14 4. 1.3. 1. 1 Compatibility Cer tain email programs ma y experience problems with POP3 filtering (e.g., if receiving messages with a slow Internet connection, timeouts may occur due to checking). If this is the case, tr y modifying the way control is performed. Decr easing the control level ma y improve the speed of the cleaning process. T o adj[...]

15 4. 1.4 W eb access protection Internet connectivity is a standard f eature in a personal computer . Unfortunately , it has also become the main medium for transferring malicious code. Because of this, it is essential that you car efully consider your W eb access protection. We str ongly recommend that the Enable web access pr otection option is [...]

16 also contains the submenu Active mode , which defines the checking mode for Internet browsers. Active mode is useful because it examines transferr ed data as a whole. If it is not enabled, communication of applications is monitored gradually in batches. This decreases the eectiv eness of the data verification process, but also provides high[...]

17 4. 1.5.3 Scan profiles Y our preferr ed scan parameters can be saved f or future scanning. W e recommend that you create a dierent pr ofile (with various scan targets, scan methods and other parameters) f or each regularly used scan. T o create a new profile, open the Advanced Setup window (F5) and click On‑demand computer scan > Pro?[...]

18 • Real‑time file system protection • System startup file check • Email protection • W eb access protection • On‑demand computer scan The ThreatSense parameters are highly optimized f or each module, and their modification can significantly influence system operation. For example, changing parameters to always scan runtime pack[...]

19 W arning: In the Default mode, the entire archiv e file is deleted only if all files in the archive are inf ected. If the archive also contains legitimate files, it will not be deleted.If an infected archiv e file is detected in Strict cleaning mode, the entire archiv e will be deleted, even if clean files are pr esent. 4. 1.7 .4 Extensions[...]

20 the real‑time pr otection module, you will be asked to select an option in an aler t window . Usually , the options Clean , Delete and Leav e are available. Selecting Lea ve is not recommended, since the infected file(s) would be left untouched. The exception to this is when you are sure that the file is harmless and has been detected by mis[...]

21 In the profile setup you can specify the update server from a list of available servers, or a new server can be added. The list of existing update servers is accessible via the Update server: drop‑down menu. T o add a new update ser ver , click Edit… in the Update settings for selected profile section and then click the Add button. 4. 2. 1[...]

22 system, authentication for each network connection is r equired by default. In most cases, a local system account does not ha ve sucient rights to access the Mirror folder (the Mirr or folder contains copies of update files). If this is the case, enter the username and passwor d in the update setup section, or specify an existing account und[...]

23 W arning: If you want to allow access to the update files via the HT TP server , the Mirror f older should be located on the same computer as the ESET NOD32 Antivirus instance creating it. After configuration of the Mirror is complete, go to the workstations and add a new update server in the format http://IP _address_of_ your_server:2221 . T [...]

2 4 By default, the following scheduled tasks ar e displayed in Scheduler : • Regular automatic update • Automatic update after dial‑up connection • Automatic update after user logon • Automatic star tup file check after user logon • Automatic star tup file check after successful update of the virus signature database T o edit the con[...]

25 Files stored in the quarantine folder can be view ed in a table which displays the date and time of quarantine, the path to the original location of the infected file, its size in bytes, reason ( added by user … ), and number of threats (e.g., if it is an archiv e containing multiple infiltrations). 4.4. 1 Quarantining files ESET NOD32 Anti[...]

26 the main program window . Click Setup > Enter entire advanced setup tree... > T ools > Log files . You can specify the f ollowing options for log files: • Delete recor ds automatically: Log entries older than the specified number of days ar e automatically deleted • Optimize log files automatically : Enables automatic defragment[...]

27 and do not require or oer user interaction. They are displa yed in the notification area at the bottom right corner of the screen. T o activate displaying Desktop notifications, select the Displa y notifications on desktop option. More detailed options – notification displa y time and window transparency can be modified by clicking the[...]

28 recommended if a permanent Internet connection is a vailable and suspicious files can be delivered without dela y . Select the During update option for suspicious files to uploaded to ThreatSense.Net during the next update. Exclusion filter – The Exclusion filter allows you to exclude cer tain files/folders from submission. For example, i[...]

29 • Remote Administrator requires authentication – Allows you to enter a password to connect to the ERA Server , if required. Click OK to confirm changes and apply the settings. ESET NOD32 Antivirus will use these settings to connect to the ERA Server . 4.9 Licenses The Licenses branch allows you to manage the license keys for ESET NOD32 Anti[...]

30 5. Advanced user This chapter describes features of ESET NOD32 Antivirus which may be useful for more advanced users. Setup options for these featur es are accessible only in Advanced mode. To switch to Advanced mode, click Change... in the bottom left corner of the main program window or press CTRL + M on your keyboar d. 5. 1 Pro xy ser ver set[...]

31 0 – no threat found 1 – threat found but not cleaned 10 – some infected files remained 101 – archive error 102 – access error 103 – internal error NO TE: Exit codes greater than 100 mean that the file was not scanned and thus can be infected. 5.4 ESET SysInspector ESET SysInspector is an application that thor oughly inspects your c[...]

32 well as various other functions like finding information online. NO TE : Items highlighted in red ar e unknown and are theref ore considered potentially danger ous. If an item is in red, it does not automatically mean that you can delete the file. Befor e deleting, please make sure that the files are truly danger ous or not needed. Help – C[...]

33 tree structure section contains r emoved values value / file has been changed tree structure section contains modified values / files the risk level has decreased / it was higher in the pr evious log the risk level has increased / it was low er in the previous log The explanation section displayed in the bottom left corner describes all symbo[...]

34 + c:windowssystem32khbekhb.dll ‑ c:windowssystem32advapi32.dll [...] In this example the module khbekhb.dll was marked by a “+” . When the script runs, it will recognize the pr ocesses using that specific module and end them. 03) T CP connections This section contains information about existing TCP connections. Example: 03) TCP conn[...]

35 […] The selected items will either be deleted or reset to their original values. 5.4. 1.5.3 How to execute Service scripts Mark all desired items, then sa ve and close the script. Run the edited script directly fr om the SysInspector main window by selecting the Run Service Script option from the File menu. When you open a script, the program [...]

36 5.5. 2.4 Bootable USB device If you have selected USB device as your tar get medium, you can select one of the available USB media on the Bootable USB device tab (in case there are mor e USB devices). W arning: The selected USB device will be formatted during ESET SysRescue cr eation. All data on the device will be deleted. 5.5. 2.5 Burn If you [...]

37 6. Glossar y 6. 1 T ypes of infiltrations An Infiltration is a piece of malicious software trying to enter and/or damage a user ’s computer . 6. 1. 1 Viruses A computer virus is an infiltration that corrupts existing files on your computer . Viruses are named after biological viruses, because they use similar techniques to spread fr om one[...]

38 to be safe than sorry .If there is a file detected as adwar e on your computer , it is advisable to delete it, since ther e is a high probability that it contains malicious code. 6. 1.6 Spyware This category covers all applications which send private information without user consent/awar eness. Spywar e uses tracking functions to send various s[...]