User guide
Table Of Contents
- ESET NOD32 Antivirus 6
- Installation
- Beginner's guide
- Work with ESET NOD32 Antivirus
- Computer
- Web and email
- Updating the program
- Tools
- User interface
- Advanced user
- Glossary
27
4.1.1.6.2 Options
Use the Options section to select the methods used when scanning the system for infiltrations. The following options
are available:
Heuristics – A heuristic is an algorithm analyzing the (malicious) activity of programs. The main advantage is the ability
to identify malicious software which did not exist, or was not identified by previous virus signatures databases. The
disadvantage is the small probability of false alarms.
Advanced heuristics/DNA/Smart signatures – Advanced heuristics consist of a unique heuristic algorithm developed
by ESET, optimized for detecting computer worms and trojan horses and written in high level programming languages.
Thanks to advanced heuristics, the detection capabilities of the program are significantly higher. Signatures can reliably
detect and identify viruses. Utilizing the automatic update system, new signatures are available within a few hours of a
threat discovery. The disadvantage of signatures is that they only detect viruses they know (or their slightly modified
versions).
ESET Live Grid – Thanks to ESET's reputation technology, information about scanned files is verified against data from
the cloud-based ESET Live Grid to improve detection and scanning speed.
4.1.1.6.3 Cleaning
The cleaning settings determine the behavior of the scanner while cleaning infected files. There are 3 levels of cleaning:
No cleaning – Infected files will not be cleaned automatically. The program will display a warning window and allow the
user to choose an action. This level is designed for more advanced users who know which steps to take in the event of
an infiltration.
Standard cleaning – The program will attempt to automatically clean or delete an infected file based on a predefined
action (depending on the type of infiltration). Detection and deletion of an infected file is signaled by a notification the
bottom-right corner of the screen. If it is not possible to select the correct action automatically, the program provides
other follow-up actions. The same happens when a predefined action cannot be completed.
Strict cleaning – The program will clean or delete all infected files. The only exceptions are the system files. If it is not
possible to clean them, the user is prompted to select an action by a warning window.
Warning: If an archive contains a file or files which are infected, there are two options for dealing with the archive. In
standard mode (Standard cleaning), the whole archive would be deleted if all the files it contains are infected files. In
Strict cleaning mode, the archive would be deleted if it contains at least one infected file, regardless of the status of the
other files in the archive.
4.1.1.6.4 Extensions
An extension is a part of a file name delimited by a period. An extension defines the type and content of a file. This
section of the ThreatSense parameter setup lets you define the types of files to scan.
By default, all files are scanned regardless of their extension. Any extension can be added to the list of files excluded
from scanning. If the Scan all files option is deselected, the list changes to show all currently scanned file extensions.
To enable scanning files without an extension, select the Scan extensionless files option. The Do not scan
extensionless files option becomes available when the Scan all files option is enabled.
Excluding files is sometimes necessary if scanning certain file types prevents the program which is using the extensions
from running properly. For example, it may be advisable to exclude the .edb, .eml and .tmp extensions when using
Microsoft Exchange servers.
Using the Add and Remove buttons, you can allow or prohibit scanning of specific file extensions. Typing an Extension
activates the Add button, which adds the new extension to the list. Select an extension in the list and then click the
Remove button to delete that extension from the list.
The special symbols * (asterisk) and ? (question mark) can be used. The asterisk substitutes any character string, and the
question mark substitutes any symbol. Particular care should be taken when specifying excluded addresses, because
the list should only contain trusted and safe addresses. Similarly, it is necessary to ensure that the symbols * and ? are
used correctly in this list.
To scan the default set of extensions only, click Default and click Yes when prompted to confirm.