User manual
Table Of Contents
- 1 Introduction
- 2 Icons and emphases
- 3 Product information
- 4 Installation and uninstallation
- 5 Overview of AntiVir Professional
- 5.1 User interface and operation
- 5.2 How to...?
- 5.2.1 Activate license
- 5.2.2 Avira AntiVir Professional automatic update
- 5.2.3 Start a manual update
- 5.2.4 On-demand scan: Using a scan profile to scan for viruses and malware
- 5.2.5 On-demand scan: Scan for viruses and malware using Dragamp;Drop
- 5.2.6 On-demand scan: Scan for viruses and malware via the context menu
- 5.2.7 On-demand scan: Automatically scan for viruses and malware
- 5.2.8 On-demand scan: Targeted scan for active rootkits
- 5.2.9 Reacting to detected viruses and malware
- 5.2.10 Quarantine: Handling quarantined files (*.qua)
- 5.2.11 Quarantine: Restore the files in quarantine
- 5.2.12 Quarantine: move suspicious files to quarantine
- 5.2.13 Scan profile: Amend or delete file type in a scan profile
- 5.2.14 Scan profile: Create desktop shortcut for scan profile
- 5.2.15 Events: Filter events
- 5.2.16 MailGuard: Exclude email addresses from scan
- 5.2.17 Firewall: Select the security level for the Firewall
- 6 Scanner::Overview
- 7 Updates
- 8 Avira Firewall::Overview
- 9 FAQ, Tips
- 10 Viruses and more
- 11 Info and Service
- 12 Reference: Configuration options
Reference: Configuration options
83
12.2.1.4. Heuristic
This configuration section contains the settings for the heuristic of the Avira AntiVir
Professional search engine.
Avira AntiVir Professional contains very powerful heuristics that can proactively uncover
unknown malware, i.e. before a special virus signature to combat the damaging element
has been created and before a virus guard update has been sent. Virus detection involves
an extensive analysis and investigation of the affected codes for functions typical of
malware. If the code being scanned exhibits these characteristic features, it is reported as
being suspicious. This does not necessarily mean that the code is in fact malware. False
positives do sometimes occur. The decision on how to handle affected code is to be made
by the user, e.g. based on his or her knowledge of whether the source of the code is
trustworthy or not.
Macrovirus heuristics
Macrovirus heuristics
Avira AntiVir Professional contains a highly powerful macro virus heuristic. If this
option is enabled, all macros in the relevant document are deleted in the event of a
repair, alternatively suspect documents are only reported, i.e. you receive an alert. This
option is enabled as the default setting and is recommended.
Advanced Heuristic Analysis and Detection (AHeAD)
enable AHeAD
Avira AntiVir Professional contains a very powerful heuristic in the form of AntiVir
AheAD technology, which can also detect unknown (new) malware. If this option is
activated, you can define how "aggressive" this heuristic should be. This option is enabled
as the default setting.
Low detection level
If this option is enabled, Avira AntiVir Professional detects slightly less unknown
malware, the risk of false alerts is low in this case.
Medium detection level
This setting is activated by default if you have selected the use of this heuristic.
High detection level
If this option is enabled, Avira AntiVir Professional identifies far more unknown
malware, but you must also accept that there are likely to be false positives.
12.2.2 ProActiv
AntiVir ProActive protects you from new and unknown threats for which there are not
yet any virus definitions or heuristics available. ProActive technology is integrated into
the Guard component and observes and analyzes the program actions carried out. The
behavior of the program is checked against typical mailware action patterns: Type of
action and action sequences. If a program exhibits behavior typical of malware, this is
treated as a virus detection : You have the option of blocking the program or ignoring
the notification and continuing to use the program. You can classify the program as
trusted and add it to the application filter for permitted programs. You have the option
of adding the program to the application filter for blocked programs using the Always
block command.