User guide
Table Of Contents
- ESET NOD32 Antivirus 6
- Installation
- Beginner's guide
- Work with ESET NOD32 Antivirus
- Computer
- Web and email
- Updating the program
- Tools
- User interface
- Advanced user
- Glossary
18
4.1.1 Antivirus and antispyware
Antivirus and antispyware protection guards against malicious system attacks by controlling file, email and Internet
communication. If a threat with malicious code is detected, the Antivirus module can eliminate it by first blocking it, and
then cleaning, deleting or moving it to quarantine.
Scanner options for all protection modules (e.g. Real-time file system protection, Web access protection, ...) allow you
to enable or disable detection of the following:
Potentially unwanted applications (PUAs) are not necessarily intended to be malicious, but may affect the
performance of your computer in a negative way.
Read more about these types of applications in the glossary.
Potentially unsafe applications refers to legitimate commercial software that has the potential to be misused for
malicious purposes. Examples of potentially unsafe applications include remote access tools, password-cracking
applications, and keyloggers (programs recording each keystroke typed by a user). This option is disabled by default.
Read more about these types of applications in the glossary.
Potentially suspicious applications include programs compressed with packers or protectors. These types of
protectors are often exploited by malware authors to evade detection.
Anti-Stealth technology is a sophisticated system providing detection of dangerous programs such as rootkits, which
are able to hide themselves from the operating system. This means it is not possible to detect them using ordinary
testing techniques.
4.1.1.1 Real-time file system protection
Real-time file system protection controls all antivirus-related events in the system. All files are scanned for malicious
code at the moment they are opened, created or run on your computer. Real-time file system protection is launched at
system startup.
Real-time file system protection checks all types of media and is triggered by various system events such as accessing a
file. Using ThreatSense technology detection methods (as described in the ThreatSense engine parameter setup
section), Real-time file system protection may vary for newly created files and existing files. For newly created files, it is
possible to apply a deeper level of control.
To ensure a minimal system footprint when using real-time protection, files which have already been scanned are not
scanned repeatedly (unless they have been modified). Files are scanned again immediately after each virus signature
database update. This behavior is configured using Smart optimization. If this is disabled, all files are scanned each
time they are accessed. To modify this option, press F5 to open the Advanced setup window and click Computer >
Antivirus and antispyware > Real-time file system protection in the Advanced setup tree. Then click Setup... next
to ThreatSense engine parameter setup, click Other and select or deselect Enable Smart optimization.