User Manual
7
6.1 Antivirus and antispyware protection
Antivirus protection guards against malicious system attacks
by modifying files that pose potential threats. If a threat with
malicious code is detected, the Antivirus module can eliminate
it by blocking it and then cleaning it, deleting it or moving it to
quarantine.
6.1.1 Real-time file system protection
Real-time file system protection checks all types of media and
triggers a scan based on various events. Using ThreatSense
technology (described in the section titled ThreatSense engine
parameter setup ), Real-time file system protection may
vary for newly created files and existing files. For newly
created files, it is possible to apply a deeper level of control.
By default, Real-time protection launches at system startup
and provides uninterrupted scanning. In special cases (e.g., if
there is a conflict with another Real-time scanner), Real-time
protection can be terminated by clicking the ESET Cyber
Security icon located in your menu bar (top of the screen)
and then selecting Disable Real-time File System Protection.
Real-time file system protection can also be disabled from the
main program window (click Setup > Computer and switch
Real-time file system protection to DISABLED).
To modify advanced settings for Real-time file system
protection, go to Setup > Enter application preferences ... (or
press
cmd-,
) > Real-Time Protection and click Setup... next to
Advanced Options (described in the section titled Advanced
scan options ).
6.1.1.1 Scan on (Event triggered scanning)
By default, all files are scanned upon file opening, file creation
or file execution. We recommend that you keep these default
settings, as they provide the maximum level of Real-time
protection for your computer.
6.1.1.2 Advanced options
In this window you can define object types to be scanned by
the ThreatSense engine and enable/disable Advanced
heuristics as well as modify settings for archives and file
cache.
We do not recommend changing the default values in the
Default archives settings section unless this is necessary to
resolve a specific issue, as higher archive nesting values can
impede system performance.
You can toggle ThreatSense Advanced heuristics scanning for
executed, created and modified files separately by selecting
the Advanced heuristics checkbox in each of the respective
ThreatSense parameters sections.
To minimize system footprint when using Real-time
protection, you can define the size of the optimization cache.
Enable clean file cache must be enabled for this setting to
take effect. If Enable clean file cache is disabled, all files are
scanned each time they are accessed. Files will not be scanned
repeatedly after being cached (unless they have been
modified), until the cache is full. Files are scanned again
immediately after each virus signature database update. Click
Enable clean file cache to enable/disable this function. To set
the amount of files to be cached simply enter the desired
value in the input field next to Cache size.
Additional scanning parameters can be set in the ThreatSense
Engine Setup window. You can define what type of Objects
should be scanned, using which Options and Cleaning level, as
well as defining Extensions and file-size Limits for Real-time
file system protection. You can enter the ThreatSense engine
setup window by clicking Setup... next to ThreatSense Engine
in the Advanced Setup window. For more detailed information
about ThreatSense engine parameters see ThreatSense engine
parameter setup .
6.1.1.3 When to modify Real-time protection configuration
Real-time protection is the most essential component for
maintaining a secure system with ESET Cyber Security. Use
caution when modifying the Real-time protection parameters.
We recommend that you only modify these parameters in
specific cases. For example, a situation in which there is a
conflict with a certain application.
After installing ESET Cyber Security, all settings are optimized
to provide the maximum level of system security for users. To
restore default settings, click Default at the bottom-left of the
Real-Time Protection window (Setup > Enter application
preferences ... > Real-Time Protection).
6.1.1.4 Checking Real-time protection
To verify that Real-time protection is working and detecting
viruses, download the eicar.com test file and check to see that
ESET Cyber Security identifies it as a threat. This test file is a
special, harmless file detectable by all antivirus programs. The
file was created by the EICAR institute (European Institute for
Computer Antivirus Research) to test the functionality of
antivirus programs.
9
7
9