Manualshelf

User guide

ManualsBrandsESET ManualsSoftwareSMART SECURITY
21222324252627282930
29
4.1.1.6 ThreatSense engine parameters setup
ThreatSense is technology comprised of many complex threat detection methods. This technology is proactive,
which means it also provides protection during the early spread of a new threat. It uses a combination of code
analysis, code emulation, generic signatures and virus signatures which work in concert to significantly enhance
system security. The scanning engine is capable of controlling several data streams simultaneously, maximizing the
efficiency and detection rate. ThreatSense technology also successfully eliminates rootkits.
ThreatSense engine setup options allow you to specify several scan parameters:
File types and extensions that are to be scanned,
The combination of various detection methods,
Levels of cleaning, etc.
To enter the setup window, click Setup... in the Advanced setup window for any module that uses ThreatSense
technology (see below). Different security scenarios may require different configurations. With this in mind,
ThreatSense is individually configurable for the following protection modules:
Real-time file system protection,
Document protection,
Email client protection,
Web access protection,
Computer scan.
ThreatSense parameters are highly optimized for each module, and their modification can significantly influence
system operation. For example, changing parameters to always scan runtime packers, or enabling advanced
heuristics in the Real-time file system protection module could result in a system slow-down (normally, only newly-
created files are scanned using these methods). We recommend that you leave the default ThreatSense parameters
unchanged for all modules except Computer scan.
4.1.1.6.1 Objects
The Objects section allows you to define which computer components and files will be scanned for infiltrations.
Operating memory Scans for threats that attack the operating memory of the system.
Boot sectors Scans boot sectors for the presence of viruses in the master boot record.
Email files The program supports the following extensions: DBX (Outlook Express) and EML.
Archives The program supports the following extensions: ARJ, BZ2, CAB, CHM, DBX, GZIP, ISO/BIN/NRG, LHA,
MIME, NSIS, RAR, SIS, TAR, TNEF, UUE, WISE, ZIP, ACE, and many others.
Self-extracting archives Self-extracting archives (SFX) are archives needing no specialized programs archives – to
decompress themselves.
Runtime packers After executing, runtime packers (unlike standard archive types) decompress in memory. In
addition to standard static packers (UPX, yoda, ASPack, FSG, etc.), the scanner supports (thanks to code emulation)
many more types of packers.
4.1.1.6.2 Options
Use the Options section to select the methods used when scanning the system for infiltrations. The following
options are available:
Heuristics A heuristic is an algorithm analyzing the (malicious) activity of programs. The main advantage is the
ability to identify malicious software which did not exist, or was not identified by previous virus signatures
databases. The disadvantage is the small probability of false alarms.
Advanced heuristics/DNA/Smart signatures Advanced Heuristics is one of the technologies used by ESET Smart
Security to provide proactive threat detection. It provides the ability to detect unknown malware based on its
functionality through emulation. This new binary translator helps bypass anti-emulation tricks used by malware