Kaspersky Lab KL1829GBAFS/KIT Bedienungsanleitung


Lesen Sie kostenlos die 📖 deutsche Bedienungsanleitung für Kaspersky Lab KL1829GBAFS/KIT (89 Seiten) in der Kategorie Antivirensoftware. Dieser Bedienungsanleitung war für 30 Personen hilfreich und wurde von 2 Benutzern mit durchschnittlich 4.5 Sternen bewertet

Seite 1/89
U
U
U
UU '
'
'
'' G
G
G
GG
S
S
S
SSE
E
E
EER
R
R
RR S
S
S
S S U
U
U
UUI
I
I
IID
D
D
DDE
E
E
EE
KASPERSKY
INTERNET
SECURITY 2009
Dear User of Kaspersky Internet Security 2009!
Thank you for choosing our product. We hope that this documentation will help
you in your work and will provide answers regarding this software product.
Warning! This document is a property of Kaspersky Lab's and all rights to this
document are reserved by the copyright laws of the Russian Federation and
international treaties. Illegal reproduction and distribution of this document or
parts thereof result in civil, administrative or criminal liability pursuant to the laws
of the Russian Federation. Any type of reproduction and distribution of any
materials, including their translation, is allowed only by a written permission of
Kaspersky Lab. This document and graphic images related to it can be used
exclusively for information, non-commercial or personal purposes.
This document can be amended with no prior notification. For the latest version
of this document refer to Kaspersky Lab's website at
http://www.kaspersky.com/docs. Kaspersky Lab does not assume any liability for
the content, quality, relevancy or accuracy of the materials used in this document
rights for which are held by third parties and for the potential damages
associated with using such documents.
This document includes registered and non-registered trademarks. All said
trademarks are the property of their corresponding owners.
© Kaspersky Lab, 1996- 2008
+7 (495) 645-7939,
Tel., fax: (495) -8700, +7 797
+7 (495) 956-7000
http://www.kaspersky.com/
http://support.kaspersky.com/
Revision date: ril , 2008 Ap 29
TABLE OF CONTENT
INTRODUCTION .................................................................................................. 6
Obtaining information about the application .................................................... 6
Sources of information to research on your own ....................................... 6
Contacting the Sales Department 7..............................................................
Contacting the Technical Support service ................................................. 7
Discussing Kaspersky Lab applications on the web forum ........................ 9
What's new in Kaspersky Internet Security 2009 ............................................ 9
Application protection concept ...................................................................... 11
Wizards and Tools ................................................................................... 12
Support features ...................................................................................... 13
Heuristic analysis .................................................................................... 13
Hardware and software system requirements ............................................... 15
THREATS TO COMPUTER SECURITY ............................................................ 16
Threat applications ........................................................................................ 16
Malicious programs ................................................................................. 17
Viruses and worms ............................................................................ 17
Trojans ............................................................................................... 20
Malicious utilities ................................................................................ 26
Potentialy unwanted programs ................................................................ 29
Adware .............................................................................................. 30
Pornware ........................................................................................... 30
Other Riskware Programs ................................................................. 31
Methods of detecting infected, suspicious and potentially dangerous
objects by the application ........................................................................ 35
Internet threats .............................................................................................. 35
Spam or unsolicited incoming mail .......................................................... 36
Phishing .................................................................................................. 36
Hacker attacks ......................................................................................... 37
Banners display ....................................................................................... 37
INSTALLING APPLICATION ON THE COMPUTER .......................................... 39
Step 1. Searching for a newer version of the application .............................. 40
4 Kaspersky Internet Security 2009
Step 2. Verifying the system's conformity to the installation requirements .... 41
Step 3. Wizard's greeting window ................................................................. 41
Step 4. Viewing the License Agreement ....................................................... 41
Step 5. Selecting the installation type ........................................................... 42
Step 6. Selecting the installation folder ......................................................... 42
Step 7. Selecting application components to be installed ............................. 43
Step 8. Searching for other anti-virus software ............................................. 44
Step 9. Final preparation for the installation .................................................. 45
Step 10. Completing the installation .............................................................. 45
APPLICATION INTERFACE ............................................................................... 46
Notification area icon .................................................................................... 46
Shortcut menu ............................................................................................... 47
Main application window ............................................................................... 49
Notifications .................................................................................................. 52
Application settings configuration window ..................................................... 52
GETTING STARTED .......................................................................................... 54
Selecting network type .................................................................................. 55
Updating the application ............................................................................... 56
Security analysis ........................................................................................... 56
Scanning computer for viruses ...................................................................... 57
Participating in Kaspersky Security Network ................................................. 58
Security management ................................................................................... 59
Pausing protection ........................................................................................ 61
VALIDATING APPLICATION SETTINGS ........................................................... 63
Test "virus" EICAR and its modifications ...................................................... 63
Testing the HTTP traffic protection ............................................................... 67
Testing the SMTP traffic protection ............................................................... 67
Validating File Anti-Virus settings .................................................................. 68
Validating virus scan task settings ................................................................ 69
Validating Anti-Spam settings ....................................................................... 69
KASPERSKY SECURITY NETWORK DATA COLLECTION STATEMENT ...... 70
KASPERSKY LAB .............................................................................................. 76
Other Kaspersky Lab Products ..................................................................... 77
Table of content 5
Contact Us .................................................................................................... 86
CRYPTOEX LLC ................................................................................................ 88
MOZILLA FOUNDATION ................................................................................... 89
LICENSE AGREEMENT .................................................................................... 90
INTRODUCTION
OBTAINING INFORMATION ABOUT THE
APPLICATION
If you have any questions regarding purchasing, installing or using the
application, you can easily receive answers to them.
Kaspersky Lab has many sources of information and you can select the source
most convenient to you depending on how urgent and important your question is.
SOURCES OF INFORMATION TO RESEARCH ON
YOUR OWN
You can use the system. Help
Help system contains information on managing the computer protection: view the
protection status, scan various areas of the computer and perform other tasks.
To open Help, click the link in the main application window or press . Help <F1>
IN THIS SECTION:
Obtaining information about the application 6 .........................................................
What's new in Kaspersky Internet Security 2009 .................................................. 9
Application protection concept ............................................................................ 11
Hardware and software system requirements .................................................... 14
Introduction 7
CONTACTING THE SALES DEPARTMENT
If you have questions regarding selecting or purchasing the application or
extending the period of its use, you can phone Sales Department specialists in
our Central Office in Moscow at:
+7 (495) 797- - (495) - -87 00, +7 645 79 39, +7 (495) 956- -70 00.
The service is provided in Russian or English.
You can send your questions to the Sales Department to e-mail address
sales@kaspersky.com.
CONTACTING THE TECHNICAL SUPPORT
SERVICE
If you already purchased the application you can obtain information about it from
the Technical Support service by phone or via internet.
The Technical Support service specialists will answer your questions regarding
the installation and the use of the application and if your computer has been
infected, will help you eliminate the consequences of the activities of malware.
Before contacting the Technical Support service please read the support rules
(http://support.kaspersky.com/support/rules ).
An e-mail request to the Technical Support service (for registered users
only)
You can ask your question to the Technical Support Service specialists by
filling out a Helpdesk web form
(http://support.kaspersky.com/helpdesk.html).
You can send your question in Russian, English, German, French or
Spanish.
In order to send an e-mail message with your question, you must indicate
the obtained during the registration at the Technical Support client number
service website along with your . password
8 Kaspersky Internet Security 2009
Note
If you are not yet a registered user of Kaspersky Lab's applications, you can
fill out a registration form
(https://support.kaspersky.com/en/PersonalCabinet/Registration/Form/).
During the registration you will have to supply the activation code or key file
name.
You will receive a Technical Support service specialist's response to your
request in your Personal Cabinet
(https://support.kaspersky.com/en/PersonalCabinet) and at the e-mail
address you have specified in your request.
Describe the problem you have encountered in the request web form with as
much detail as possible. Specify the following in the mandatory fields:
 . Questions most frequently asked by users are Prompt type
grouped into special topics, for example "Product
installation/removal problem" or "Virus scan/removal problem". If
you have not found an appropriate topic, select "General Question".
 .Application name and version number
 . Describe the problem you have encountered with as Prompt text
much detail as possible.
 . Enter the client number and the Client number and password
password which you have received during the registration at
Technical Support service website.
 . The Technical Support service specialists will use E-mail address
this e-mail address to send their answer to your question.
Technical support by phone
If you have a problem requiring urgent help, you can call the Technical
Support service located in ur town. Please do not forget to supply yo
necessary information (http://support.kaspersky.com/support/details) when
you apply to Russian (http://support.kaspersky.com/support/support_local)
or international (http://support.kaspersky.com/support/international)
Technical Support. This will help our specialists to process you request as
soon as possible.
Introduction 9
DISCUSSING KASPERSKY LAB APPLICATIONS
ON THE WEB FORUM
If your question does not require an urgent answer, you can discuss it with
Kaspersky Lab's specialists and other users of Kaspersky Lab's anti-virus
applications in our forum located at Kaspersky Lab's web forum
http://forum.kaspersky.com.
In this forum you can view topics published earlier, leave your comments, create
new topics and use the search engine.
W ' KHAT S NEW IN ASPERSKY
I S NTERNET ECURITY 2009
Kaspersky Internet Security 2009 is a totally new approach to data security. The
main feature of the application is restricting the programs' rights to access the
system resources. It helps prevent unwanted actions by suspicious and
hazardous programs. The application's capabilities in the protection of user's
confidential data have been considerably enhanced. The application now
includes wizards and tools which substantially facilitate execution of specific
computer protection tasks.
Let's take closer look at the new features in Kaspersky Internet Security 2009:
New Protection Features
ï‚· Kaspersky Internet Security now includes Application Filtering
component along with Proactive Defense and Firewall which
implements a new universal approach to the system protection against
any threats including existing threats and threats that are unknown at
the moment. Kaspersky Internet Security now requires considerably
less input from the user due to the use of lists of trusted applications
(whitelisting).
ï‚· Scanning of operating system and software for vulnerabilities with their
subsequent elimination maintains a high system security level and
prevents sneaking of hazardous programs into your system.
 New wizards Security Analyzer and Browse Configuration facilitate –r
the scanning for and elimination of security threats and vulnerabilities in
1 0 Kaspersky Internet Security 2009
the applications installed on your computer, operating system's and
browser settings.
ï‚· Kaspersky Lab now reacts to new threats faster due to the use of
Participating in Kaspersky Security Network technology that gathers
data about infection of users' computers and sends it to Kaspersky
Lab's servers.
 New tools Network Monitor and Network Package Analysis - facilitate –
collection and analysis of information about network activities on your
computer.
 New wizard System Restore helps fix system damages after malware –
attacks.
New confidential data protection features:
ï‚· A new component Application Filtering effectively monitors access to
confidential data, user's file and folders by applications.
ï‚· Security of confidential data entered from the keyboard is ensured by a
new tool Virtual keyboard. –
ï‚· Kaspersky Internet Security structure includes Privacy Cleaner wizard
which deletes all information about his or her actions which can present
an interest to intruders (list of visited websites, opened files, cookies,
etc.) from the user's computer.
New anti-spam features:
ï‚· Efficiency of spam filtering by the Anti-Spam component has been
increased due to the use of Recent Terms server technologies.
ï‚· The use of Microsoft Office Outlook, Microsoft Outlook Express, The
Bat! and Thunderbird extension plug-ins simplifies the process of
configuring the anti-spam settings.
ï‚· Revised Parental Control component allows effective restriction of
undesirable access of some internet resources by children.
New protection features for internet use:
ï‚· Protection against internet intruders has been upgraded due to the
extended databases of phishing sites.
ï‚· ICQ and MSN traffic scan has been added which ensures safety of the
use of internet pagers.
ï‚· Security of the use of wireless networks is ensured through the scan of
Wi-Fi connections.
Introduction 1 1
New program's interface features
ï‚· The new program's interface reflects the comprehensive approach to
information protection.
ï‚· High information capacity of dialog boxes helps user quickly make
decisions.
ï‚· The functionality of reports and statistics information about the
application's operation has been extended. The possibility of using
filters allowing flexible setup when working with reports makes this
product irreplaceable for professionals.
APPLICATION PROTECTION CONCEPT
Kaspersky Internet Security ensures protection of your computer against known
and new threats, hacker and intruder attacks, spam and other unwanted dat a.
Each type of threats is processed by an individual application's component. This
makes setup flexible, with easy configuration options for all of the components
tailored to the needs of a specific user or business as a whole.
Kaspersky Internet Security includes:
ï‚· Application's activities monitoring in the system preventing execution of
dangerous actions by applications.
ï‚· Malware protection components, providing real-time protection of all
data transfer and input paths through your computer.
ï‚· Components of protection when working in the internet ensuring
protection of your computer against network and intruder attacks known
at the moment.
ï‚· Components of filtering of unwanted data helping save time, web traffic
and money.
ï‚· Virus scan tasks, used to scan individual files, folders, drives, or areas
for viruses or to perform a full computer scan. Scan tasks can be
configured to detect vulnerabilities in the applications installed on the
computer.
ï‚· Update, providing internal application modules state, and also are used
for threats scan, hack attacks and spam messages detection.
ï‚· Wizards and tools facilitating execution of tasks occurring during the
operation of Kaspersky Internet Security.
1 2 Kaspersky Internet Security 2009
ï‚· Support features which provide information support for working with the
application and expanding its capabilities.
WIZARDS AND TOOLS
Ensuring computer security is a rather difficult task requiring knowledge about
operating system's features and methods utilized to take advantage of its
weaknesses. Besides, a large number and diversity of information about the
system security makes it analysis and processing more difficult.
In order to make specific computer security tasks easier to perform Kaspersky
Internet Security includes a number of wizards and tools:
ï‚· Security Analyzer W ard that performs computer diagnostics and iz
searches for vulnerabilities in the operating system and programs
installed on the computer.
ï‚· Browser Configuration Wizard that performs analysis of Microsoft
Internet Explorer browser settings evaluation them, first of all, from the
security point of view.
ï‚· System Restore Wizard is used to eliminate the traces of the malware
objects presence in the system.
ï‚· Privacy Cleaner Wizard that searches for and eliminates traces of user's
activities in the system and operating system's settings which allow
gathering of information about the user's activities.
ï‚· The Resque Disk is designed to restore system functionality after a
virus attack that damaged system files of the operating system and
made it impossible to startup.
ï‚· Network Pack Analysis that intercepts network packets and displays age
their details.
ï‚· Network Monitor that displays details about the network activity on your
computer.
ï‚· Virtual keyboard allows to prevent interception of data entered from the
keyboard.
Introduction 1 3
SUPPORT FEATURES
The application includes a number of support features. They are designed to
provide maintain the application up- -date, expand the capabilities of the to
program and to assist you as you use it.
Kaspersky Security Network
Kaspersky Security Network a system providing an automatic transfer of –
reports about detected and potential threats into the centralized database.
This database ensures an even faster reaction to most common threats and
notification of users about virus outbreaks.
License
When you purchase Kaspersky Internet Security, you enter into a licensing
agreement with Kaspersky Lab which governs the use of the application as
well as your access to application database updates and Technical Support
over a specified period of time. The term of use and other information
necessary for full functionality of the application are provided in a key file.
Using the function you can obtain details of the license you are License
using, purchase a new license or renew your current license.
Support
All register Kaspersky Internet Security users can take advantage of our ed
technical support service. In order to learn where exactly you can receive
technical support, use the Support function.
By following the corresponding links you can access Kaspersky Lab product
users' forum, send an error report to Technical Support, or application
feedback by completing a special online form.
You also have access to online Technical Support, Personal User Cabinet
Services; and our personnel will be always happy to provide you with
telephone support for Kaspersky Internet Security.
HEURISTIC ANALYSIS
Heuristics are used in some real-time protection components, such as File Anti-
Virus, Mail Anti-Virus, and Web Anti-Virus, and in virus scans.
Introduction 1 5
HARDWARE AND SOFTWARE SYSTEM
REQUIREMENTS
To ensure normal functioning of the application the computer must conform to
the following minimum requirements:
General requirements:
ï‚· free hard drive space. 75 MB
ï‚· -ROM (for installation of the application from the installation CD). CD
ï‚· A mouse.
ï‚· Microsoft Internet Explorer 5.5 or higher (for updating application's
bases and software modules via Internet).
ï‚· Microsoft Windows Installer 2.0.
Microsoft Windows XP Home Edition (SP2 or above), Microsoft Windows XP
Professional (SP2 or above), Microsoft Windows XP Professional x64 Edition:
ï‚· Intel Pentium 300 MHz processor or higher (or a compatible equivalent).
ï‚· 256 MB free RAM.
Microsoft Windows Vista Starter x32, Microsoft Windows Vista Home Basic,
Microsoft Windows Vista Home Premium, Microsoft Windows Vista Business,
Microsoft Windows Vista Enterprise, Microsoft Windows Vista Ultimate:
ï‚· Intel Pentium 800 MHz 32-bit (x86) / 64-bit (x64) processor or higher (or
a compatible equivalent).
ï‚· 512 MB free RAM.
THREATS TO COMPUTER
SECURITY
A considerable threat to the computer security is imposed by threat applications.
Additionally, such threat is imposed by spam, phishing, hacker attacks and
adware ad banners. These threats are related to internet use.
T HREAT APPLICATIONS
Kaspersky Lab's application can detect hundreds thousands of malware
programs that may reside on your computer. Some of these programs impose a
greater threat for your computer; others are only dangerous when certain
conditions are met. After the application detects a malware application, it
classifies it and assigns to it a danger level (high or medium).
Kaspersky Lab's virus analysts distinguish two main categories: malware
programs and potentially unwanted programs.
Malware programs (see page ) (Malware) are created with the purpose to 17
damage a computer and its user, for example, to steal, block, modify or erase
information, disrupt operation of a computer or a computer network.
Potentially unwanted programs (see page ) (PUPs), unlike malware programs, 29
are not intended solely to inflict damage.
Virus Encyclopedia (http://www.viruslist.com/en/viruses/encyclopedia) contains a
detailed description of these programs.
IN THIS SECTION:
Threat applications ............................................................................................. 16
Internet threats ................................................................................................... 35
Threats to computer security 1 7
MALICIOUS PROGRAMS
Malicious programs are created specifically to inflict harm to computers and
their users: steal, block, modify or erase information, disrupt the operation of
computers or computer networks.
Malware programs are divided into three subcategories: viruses and worms,
Trojans programs and malware utilities.
Viruses and worms (see page ) (Viruses_and_Worms) can create copies of 17
themselves which are, in turn, capable of creating their own copies. Some of
them run without user's knowledge or participation, others require actions on the
user's part to be run. These programs perform their malicious actions when run.
Trojan programs (see page ) (Trojan_programs) do not create copies of 20
themselves, unlike worms and viruses. They sneak into a computer, for example,
via e-mail or using a web browser when the user visits an "infected" website. To
be launched they require user's actions and start performing their malicious
actions as they run.
Malware utilities (see page ) (Malicious_tools) are created specifically to inflict 26
damage. However, unlike other malware programs, they do not perform
malicious actions immediately as they are run and can be safely stored and run
on the user's computer. Such programs have functions used to create viruses,
worms and Trojan programs, arrange network attacks on remote servers,
hacking computers or other malicious actions.
VIRUSES AND WORMS
Subcategory : viruses and worms (Viruses_and_Worms)
Severity level: high
Classic viruses and worms perform on the computer actions not allowed by the
user and can create copies of themeselves which are also able of creating their
own copies.
Classic virus
After a classic virus infiltrates into the system, it infects a file, activates in it,
performs its malicious action and then adds copies of itself into other files.
1 8 Kaspersky Internet Security 2009
Classic viruses reproduce only on the local resources of a certain computer, they
cannot independently penetrate other computers. They can penetrate other
computers only if it adds its copy into a file stored in a shared folder or on a CD
or if the user forwards an e-mail messages with at infected attachment.
Code of a classic virus can penetrate various areas of a computer, operating
system or application. Based on the environment, there is a distinction between
file, boot, script and macro viruses.
Viruses can infect files using various methods. Overwriting viruses write their
own code replacing the code of the file they infect and after they destroy the
content of such file. The infected file stops working and cannot be disinfected.
Parasitic viruses Companion modify files leaving them fully or partially operating.
viruses do not modify files but create their duplicates. When such infected file is
opened, its duplicate, that is the virus, will be run. There are also link viruses,
(OBJ) viruses that , viruses that infect object modules infect compiler libraries
(LIB), viruses that , etc. infect original text of programs
Worm
After it penetrates the system, the code of a network worm, similarly to the
classic virus code, gets activated and performs its malicious action. The network
worm received its name due to its ability to tunnel from one computer to another -
without he user's knowledge - to send copies of itself through various information
channels.
The major method of proliferation is the main attribute that differentiates various
types of worms. The table below lists types of worms based on the method of
their proliferation.
Table 1 Worms by the method of proliferation.
T YPE
N AME
D ESCRIPTION
IM-
Worm
IM worms
These worms propagate through IM (instant
messaging) clients, such as ICQ, MSN
Messenger, AOL Instant Messenger, Yahoo
Pager or Skype.
Usually such worm uses contact lists to send
messages containing a link to a file with its copy
on the website. When a user downloads and
opens such file, the worm will be activated.
Threats to computer security 1 9
T YPE
N AME
D ESCRIPTION
Email-
Worm
E-mail worms
E-mail worms infect computers via e-mail.
An infected message contains an attached file
containing a copy of a worm or a link to such file
uploaded to a website that, for example, can be
hacked or be a hacker's site itself. When you
open such attachment the worm gets activated;
when you click the link, download and then open
a file, the worm will also start performing its
malicious action. After this it will continue
reproduce through its copies finding other e-mail
addresses and sending infected messages to
them.
IRC-
Worms
IM worms
Worms of this type get into computers through
Internet Relay chats - service systems used to
communicate with other people via internet in
real-time format.
This worm publishes in the internet chat a file
with its copy or a link to such file. When a user
downloads and opens such file, the worm will be
activated.
Net-
Worms
Network worms
(worms residing in
computer
networks)
These worms are distributed via computer
networks.
Unlike worms of other types, network worms are
propagated without the user's participation.
They search in the local area networks
computers using programs containing
vulnerabilities. For this it sends a special
network packet (exploit) containing its code or a
part of such code. If there is a vulnerable
computer in the network, such computer will
receive such packet. Once the worm fully
penetrates the computer, it gets activated.
2 0 Kaspersky Internet Security 2009
T YPE
N AME
D ESCRIPTION
P2P-
Worm
File exchange
worms
File exchange worms propagate through file-
exchange peer- -peer networks, such as to
Kazaa, Grokster, EDonkey, FastTrack or
Gnutella.
In order to sneak into a file exchange network,
the worm copies itself into the file-exchange
folder usually located on the user's computer.
The file-exchange network displays information
about this fact and the user can "find" the
infected file in the network, like any other file,
downloaded it and open it.
More complex worms imitate network protocols
of a specific file exchange network: they provide
positive responses to search requests and offer
their copies for downloading.
Worm
Other worms
Other network worms include:
ï‚· Worms that distribute their copies via network
resources. Using the operating system's
functionality, they go through available
network folders, connect to computers in the
global network and attempt to open their
drives for full access. Unlike computer
network worms, the user has to open a file
containing a copy of the worm to activate it.
ï‚· Worms that do not use any method of
propagation described in this table (for
example, worms propagating via mobile
phones).
T ROJANS
Subcategory: Trojans (Trojan_programs)
Severity level: high
2 2 Kaspersky Internet Security 2009
T YPE
D ESCRIPTION
Trojans
Trojans include the following malicious
programs:
ï‚· ; they classic Trojan programs
perform only major functions of Trojan
programs: blocking, modification or
erasing of data, disruption of the
operation of the computers or computer
networks; they do not have any
additional functions characteristic of
other types of Trojan programs
described in this table;
ï‚· " " Trojan programs; they multi-purpose
have additional functions characteristic
of several types of Trojan programs.
Trojans-
Ransoms
They "take hostage" information on the
user's computer, modifying or blocking it
or disrupt the operation of the computer
so that the user would be unable to use
the data. Then the intruder demands a
ransom from the user in exchange to the
promise to send the program that will
restore the computer's operability.
Trojans-
Clickers
These programs access web pages from
the user's computer: they send a
command to the web browser or replace
web addresses stored in the system files.
Using these programs the intruders
arrange network attacks and increase the
traffic to such sites to increase the rate of
displaying ad banners.
Trojans-
Downloader
s
They access the intruder's web page,
download from it other malware programs
and install them on the user's computer;
they can store the name of the
downloadable malware program filename
in themselves or receive it from the web
page they access.
Threats to computer security 2 3
T YPE
D ESCRIPTION
Trojan-
Droppers
These programs save programs
containing other Trojan programs on the
computer's disk and then install them.
Intruders can use Trojans-Droppers:
ï‚· install a malware programs without the
user's knowledge: trojans-droppers do
not display any messages or do display
false messages, for example, notifying
about an error in the archive or about
using the wrong version of the
operating system;
ï‚· protect another known malware
program from being detected: not any
anti-virus program can detect a
malware program located inside a
trojan-dropper.
Trojans-
Notifiers
They notify the intruder that the infected
computer is connected; and then - transfer
information about such computer to the
intruder, including: IP address, number of
an open port or the e-mail address. They
communicate to the intruder by e-mail, via
FTP, by accessing the intruder's web
page or using other methods.
Trojans-notifiers are often used in sets
comprised of various Trojan programs.
They notify the intruder that other Trojan
programs are successfully installed on the
user's computer.
Trojans-
Proxies
They allow the intruder to access web
pages anonymously using the user's
computer and are often used to send
spam.
Threats to computer security 2 5
T YPE
D ESCRIPTION
Trojans-IMs
These programs steal numbers and
passwords of the IM client users (instant
messaging programs), such as ICQ, MSN
Messenger, AOL Instant Messenger,
Yahoo Pager or Skype. Then they transfer
information to the intruder by e-mail, via
FTP, by accessing the intruder's website
or using other methods.
Rootkits
These programs conceal other malware
programs and their activity and, thus,
extend the existence of such programs in
the system; they hide files or processes in
the memory of an infected computer or
register keys run by the malware
programs or conceal data exchange
between the applications installed on the
user's computer and other computes in
the network.
Trojans-
SMS
These programs infect mobile phones and
send from the sms messages to numbers
for which the user of the infected phone is
charged.
Trojans-
GameThiev
es
These programs steal user account
information of network game users; they
then transfer this information to the
intruder by e-mail, via FTP, by accessing
the intruder's website or using other
methods.
Trojans-
Bankers
These programs steal banking account
information or electronic/digital money
account information; they transfer data to
the intruder by e-mail, via FTP, by
accessing the intruder's website or using
other methods.
2 8 Kaspersky Internet Security 2009
T YPE
N AME
D ESCRIPTION
Flooders
Programs used for
flooding networks
They send a great number of messages via
network channels. These channels include,
for example, programs used for flooding
internet relay chats.
However, this type of malware does not
include programs flooding e-mail traffic and
IM and SMS channels. Such programs are
classified as individual types described in
the table below (Email-Flooder, IM-Flooder
and SMS-Flooder).
HackTools
Hacking Tools
Hacking tools are used to hack computer
on which they are installed or to arrange
attacks on another computer (for example,
to add other system users without
permission; clear the system logs in order
to conceal any traces of they presence in
the system). They include some sniffers
which perform malicious functions, for
example, intercept passwords. Sniffers are
programs which allow viewing network
traffic.
not-
virus:Hoax
Hoax programs
These programs scare the user with virus-
like messages: they can "detect" a virus in
a clean file or display a message about
disk formatting which will not take place.
Spoofers
Spoofers
These programs send messages and
network request with a fake sender's
address. Intruders use spoofers in order,
for example, to pretend to be a sender.
VirTools
They are tools
used to create
modifications of
malware programs
They make it possible to modify other
malware programs in order to hide them
from anti-virus applications.
3 0 Kaspersky Internet Security 2009
Potentially unwanted programs are installed using one of the following methods:
ï‚· They are installed by the user, individually or along with another
program (for example, software developers include adware programs
into freeware or shareware programs).
ï‚· They are also installed by intruders, for example they include such
programs into packages with other malware programs, use
"vulnerabilities" of the web browser or Trojan downloaders and
droppers, when the user visits an "infected" website.
A DWARE
Subcategory: Adware
Severity level: medium
Adware programs involve display of advertising information to the user. They
display ad banners in other program's interface and redirect search queries to
advertising websites. Some adware programs collect and redirect to their
developer marketing information about the user, for example, which sites he or
she visits or which search requests he or she performs (unlike Trojan spies,
these programs transfer this information with the user's permission).
P ORNWARE
Subcategory: Pornware
Severity level: medium
Usually, users install such programs themselves in order to search for or
download pornographic information.
Intruders also can install these programs on the user's computer in order to
display ads of commercial pornographic sites and services to the user without his
or her permission. To be installed, they use vulnerabilities of the operating
system or web browser, Trojan downloaders and Trojan droppers.
There are three types of pornographic nature distinguished based on their
functions. These types are described in the table below.
3 2 Kaspersky Internet Security 2009
Table 5 Types of other riskware distinguished based on their functions .
T YPE
N AME
D ESCRIPTION
Client-IRC
Internet chat client
programs
Users install these programs to
communicate through Internet Relay
Charts. Intruders use them to spread
malware programs.
Dialers
Automatic dialing
programs
These programs can establish
"hidden" phone connections via the
modem.
Downloaders
Downloaders
These programs can secretly
download files from websites.
Monitors
Monitors
These programs allow monitor
activities of computers on which they
are installed (monitor performance of
applications, how they exchange data
with applications on other computers,
etc.)
PSWTools
Password recovery
tools
These programs are used to view and
recover forgotten passwords.
Intruders pursue exactly the same
purpose when they install them on
users' computers.
Threats to computer security 3 3
T YPE
N AME
D ESCRIPTION
RemoteAdmin
Remote
administration
programs
These programs are often used by
system administrators; they provide
access to the remote computer's
interface to monitor and manage it.
Intruders pursue exactly the same
purpose when they install them on
users' computers to monitor and
manage them.
Remote administration riskware
programs are different from Trojan
remote administration programs
called Backdoor. Trojan programs
have functions which allow them to
independently infiltrate the system
and install themselves; riskware
programs do not have this
functionality.
Server-FTP
FTP servers
These programs perform the
functions of FTP servers. Intruders
install them on the users' computers
to obtain remote access via FTP
protocol.
Server-Proxy
Proxy servers
These programs perform the
functions of proxy servers. Intruders
install them on the users' computers
to send spam on the users' behalf.
Server-Telnet
Telnet servers
These programs perform the
functions of Telnet servers. Intruders
install them on the users' computers
to obtain remote access via Telnet
protocol.
Server-Web
Web servers
These programs perform the
functions of web servers. Intruders
install them on the users' computers
to obtain remote access via HTTP
protocol.
3 4 Kaspersky Internet Security 2009
T YPE
N AME
D ESCRIPTION
RiskTool
Local computer tools
These tools provide users with
additional functionality and are used
within the user's computer only (they
allow hiding files or windows of active
applications, closing active
processes).
NetTool
Network tools
These tools provide a user of the
computer on which they are installed
additional functionality for managing
other computers within the network
(restart them, find open ports, run
programs installed on these
computers).
Client-P2P
Peer- -peer client to
programs
These programs are used for using
peer- -peer networks. Intruders can to
use them to spread malware
programs.
Client-SMTP
SMTP clients
These programs send e-mail
messages in hidden mode. Intruders
install them on the users' computers
to send spam on the users' behalf.
WebToolbar
Web toolbars
These programs add their own
search toolbars to other applications'
toolbars.
FraudTool
Fraud programs
These programs camouflage as other
real programs. For example, there
are fraudulent anti-virus programs;
they display messages about
detection of malware programs, but
they do not find or disinfect anything.
3 6 Kaspersky Internet Security 2009
ï‚· phishing ( page on 36);
ï‚· hacker attacks (on page 37);
ï‚· banners display (on page 37).
SPAM OR UNSOLICITED INCOMING MAIL
Kaspersky Lab's application protects users from spam. Spam is unsolicited
incoming mail often of advertising nature. Spam is an additional load on the
channels and provider's mail servers. The recipient pays for the traffic created by
Spam and non-spam mail travels slower. Therefore spam is illegal in many
countries.
Kaspersky Lab's application scans incoming Microsoft Office Outlook, Microsoft
Outlook Express and The Bat! messages and if, if it detects any message as
spam, it performs actions you selected, for example, moves such messages into
a special folder or deletes them.
Kaspersky Lab's application detects spam with a great degree of accuracy. It
applies several Spam filtering technologies: it detects Spam based on the
sender's address as well as words and phrases in the messages subject line; it
detects graphic spam and uses self-training algorithm for detecting Spam based
on the message text.
Anti-Spam databases contain the "black" and the "white" lists of senders'
addresses, lists of words and phrases related to various categories of spam such
as advertising, medicine and health, gambling, etc.
PHISHING
Phishing is a type of fraudulent Internet activity involving "fishing" from users of
numbers of credit cards, pins and other personal information in order to steal
their money.
Phishing is often related to internet bankers. Intruders create an exact copy of
the bank they target and then send messages to its clients on it behalf. They
notify them that due to the changes in or failure of the web banking software
users' accounts were lost and that the user must confirm or change his or her
information on the bank's website. The user clicks the link to the website created
by the intruders and enter his or here personal data there.
Threats to computer security 3 7
Anti-phishing databases contain the list URLs of websites known as sites used
for phishing attacks.
Kaspersky Lab's application analyzes incoming Microsoft Office Outlook and
Microsoft Outlook Express messages and if it finds a link to a URL included into
the databases, it marks this message as Spam. If the user opens the message
and tries to follow the link, the application blocks this website.
HACKER ATTACKS
Network attack is an intrusion into a remote computer's system in order to gain
control over it and cause its failure or obtain access to protected information.
Network attacks are either actions of intruders (for example, scanning ports,
attempts to hack passwords) or malware programs running commands on user's
behalf and transferring information to its "master" or perform other functions
related to network attacks. They include some Trojan programs, DoS attacks,
malicious scripts and certain types of network worms.
Network attacks are spread in the local area and global networks using
vulnerabilities in the operating systems and applications. They can be transferred
as individual IP data packets during network connections.
Kaspersky Lab's application stops network attacks without disrupting network
connections. It uses special Firewall databases. These databases contain
records identifying IP data packets characteristic of various hacking programs.
The application analyzes network connections and blocks in them those IP
packets it finds dangerous.
BANNERS DISPLAY
Banners or ads which are links to the advertiser's website are more often than
not displayed as images. Display of banners on the website does not impose any
threat to the computer's security, but is still considered an interference into the
normal operation of the computer. Banner's flickering on the screen worsens
working conditions decreasing efficiency. The user is distracted by irrelevant
information. Following banner links increases the internet traffic.
Many organizations prohibit displaying banners in the interfaces as a part of their
data security policies.
3 8 Kaspersky Internet Security 2009
Kaspersky Lab's application blocks banners based on the URL of the website to
which the banner has a link. It uses updatable Anti-Banner databases which
contain the list of URLs of Russian and foreign banner networks. The application
goes through the links of the website being loaded, compares them to the
addresses in the databases and if it finds a certain link in one of them, it deletes
the link to this address from the site and continues loading the page.
INSTALLING APPLICATION
ON THE COMPUTER
The application is installed on the computer in the interactive mode using the
application setup wizard.
Warning!
We recommend that you close all running applications before proceeding with
the installation.
To install the application on your computer run the distribution file (file with *.exe
extension).
Note
Installation of the application from the installation file downloaded via Internet is
fully identical to the installation from CD.
After this the setup wizard will scan for the application installation package (file
with extension *.msi) and, if such file is found, the wizard will scan for a newer
version on Kaspersky Lab's internet servers. If the installation package file was
not found, you will be offered to download it. Once the file is downloaded, the
application setup will be started. If you cancel downloading the application
installation process will be resumed in normal mode.
The setup program is implemented as a wizard. Each window contains a set of
buttons to control the installation process. Provided below is the brief description
of their purpose:
 accept the action and switch to the next step of the installation Next –
process.
 return to the previous step of the installation process. Previous –
 cancel the installation. Cancel –
 complete the application installation procedure. Finish –
A detailed discussion of each step of the package installation is provided below.
4 0 Kaspersky Internet Security 2009
S
S
S
SS S
S
S
SS
TEP
TEP
TEP
TEP TEP 1.
1.
1.
1.1.
EARCHING FOR A NEWER
EARCHING FOR A NEWER
EARCHING FOR A NEWER
EARCHING FOR A NEWER EARCHING FOR A NEWER
VERSION OF THE APPLICATION
VERSION OF THE APPLICATION
VERSION OF THE APPLICATION
VERSION OF THE APPLICATIONVERSION OF THE APPLICATION
Before installing the application on your computer, the wizard will access
Kaspersky Lab's update servers to check whether a newer version of the
application being installed exists.
If such newer version was not detected on the Kaspersky Lab's update servers,
the setup wizard will be started to install the current version.
If a newer version of the application is found on the servers you will be offered to
download it. If you cancel the download, the setup wizard will be started to install
the current version. If you decide to install a newer version the installation files
will be downloaded to your computer and the setup wizard will be automatically
started to install the newer version. For more details on the installation of a
newer version refer to the documentation of the corresponding application
version.
IN THIS SECTION:
Step 1. Searching for a newer version of the application .................................... 40
Step 2. Verifying the system's conformity to the installation requirements ......... 41
Step 3. Wizard's greeting w indow....................................................................... 41
Step 4. Viewing the License Agreement ............................................................. 41
Step 5. Selecting the installation type ................................................................. 42
Step 6. Selecting the installation folder ............................................................... 42
Step 7. Selecting application components to b installed e ................................... 43
Step 8. Searching for other anti-virus software ................................................... 44
Step 9. Final preparation for the installation ....................................................... 45
Step 10. Completing the installation ................................................................... 45
Installing application on the computer 4 1
S
S
S
SS 2.
2.
2.
2.2. V
V
V
VV '
'
'
''
TEP
TEP
TEP
TEP TEP
ERIFYING THE SYSTEM
ERIFYING THE SYSTEM
ERIFYING THE SYSTEM
ERIFYING THE SYSTEMERIFYING THE SYSTEM S
S
S
S S
CONFORMITY TO THE INSTALLATION
CONFORMITY TO THE INSTALLATION
CONFORMITY TO THE INSTALLATION
CONFORMITY TO THE INSTALLATION CONFORMITY TO THE INSTALLATION
REQUIREMENTS
REQUIREMENTS
REQUIREMENTS
REQUIREMENTSREQUIREMENTS
Before installing the application on your computer the wizard will verify the
conformity of the operating system and service packs installed to the software
installation requirements (see section "Hardware and software system
requirements on page It will also verify that the required programs are " 14).
install on your computer and that you have the rights required to install ed
software on it.
If any of the requirements is not met, a corresponding notification will be
displayed on the screen. We recommend that you install the required updates
using the service and the required programs before the Windows Update
installation of the Kaspersky Lab's application.
S W ' TEP 3. IZARD S GREETING WINDOW
If your system fully conform to the requirements (see section "Hardware and
software system requirements on page ), no newer version of the application " 14
was found at Kaspersky Lab's update servers or if you cancelled installation of
such newer version, the setup wizard will be started to install the current version
of the application. The first dialog box of the setup wizard containing information
about commencement of the application installation on your computer will then
be displayed on the screen.
To proceed with the installation press the button. To cancel installation Next
press the button. Cancel
S V LTEP 4. IEWING THE ICENSE
A GREEMENT
Next wizard's dialog box contains the license agreement between you and
Kaspersky Lab. Read it carefully and if you agree with all terms and conditions of
the agreement, select and press I accept the terms of the license agreement
the button. The installation will be continued. Next
4 2 Kaspersky Internet Security 2009
To cancel the installation press the button. Cancel
S STEP 5. ELECTING THE
INSTALLATION TYPE
During this step you will be offered to select the installation type that suits you
best:
ï‚· . If you select this option, the entire application will Express installation
be installed on your computer with the protection settings recommended
by Kaspersky Lab's experts. Once the installation is complete the
Application Setup wizard will be started.
ï‚· . In this case you will be offered to select the Custom installation
application's components you wish to install on your computer, specify
folder into which the application will be installed (see section "Step 6.
Selecting the installation folder" on page ), to activate the application 42
and configure it using a special wizard.
If you select the first option, the application installation wizard will switch directly
to Step 8 see section "Step 8. Searching for other anti-virus applications" on (
page Otherwise your input or confirmation will be required at each step of 44).
the installation.
S STEP 6. ELECTING THE
INSTALLATION FOLDER
Note
This step of the installation wizard will be performed only if you selected the
custom installation option (see section "Step 5. Selecting the installation type" on
page 42 ).
During this step you will be offered to identify a folder on your computer into
which the application will be installed. The default path is:
ï‚· <Drive> \ Program Files \ Kaspersky Lab \ Kaspersky Internet
Security 2009 for 32-bit systems. –
Installing application on the computer 4 3
ï‚· <Drive> \ \ Kaspersky Lab \ Kaspersky Internet Program Files (Ñ…86)
Security 2009 for 64-bit systems. –
You can specify a different folder by pressing the button and selecting a Browse
folder in the standard folder select dialog box or entering the path to it in the
entry field provided.
Warning!
Please note that if you manually enter the full path to the installation folder, its
length should not exceed 200 characters and the path should not contain special
characters.
To proceed with the installation press the button. Next
S STEP 7. ELECTING APPLICATION
COMPONENTS TO B INSTALLEDE
Note. This step of the installation wizard will be performed only if you selected
the custom installation option (see section "Step 5. Selecting the installation
type" on page 42).
In case of a custom installation you must select the application's components
you wish to be installed on your computer. By default all application's
components are selected for installation: protection, scan and updating
components.
To make a decision which components you do not wish to install, use brief
information about components. To do it select the component from the list and
read information about it in the field below. Information includes a brief
description of the component and the free hard drive space required for its
installation.
To cancel installation of any component, open the shortcut menu by clicking the
icon next to the component's name and select the Component will not be
available item. Note that if you cancel installation of any component you will not
be protected against a number of hazardous programs.
To select a component to be installed, open the shortcut menu by clicking the
icon next to the component's name and select Component will be installed on
local hard drive.


Produktspezifikationen

Marke: Kaspersky Lab
Kategorie: Antivirensoftware
Modell: KL1829GBAFS/KIT

Brauchst du Hilfe?

Wenn Sie Hilfe mit Kaspersky Lab KL1829GBAFS/KIT benötigen, stellen Sie unten eine Frage und andere Benutzer werden Ihnen antworten