Page tree
Skip to end of metadata
Go to start of metadata

Antivirus

Real-time protection

The virus monitor real-time protection continuously checks your computer for viruses; it controls read and write operations, and as soon as a program attempts to execute malware or spread malicious files it prevents it from doing so. The virus monitor is your most important protection! It should never be switched off.

The following options are available:

  • Monitor status: Specify here whether the monitor should be enabled or disabled.
  • Use engines: The software works with two engines, which are two essentially independent virus checking programs. Every engine by itself would already provide you with a high degree of protection against viruses, but it is precisely the combination of both engines that gives the very best results. You can accelerate the virus check in older and slower computers by using just one engine, but normally you should keep the setting Both engines.
  • Infected files: If a virus is detected, you will be asked in the default setting how you want to deal with the virus and the infected file. If you would always like to perform the same action, you can set this here. The highest protection for your data is offered here by the setting Disinfect (if not possible: place in quarantine).
  • Infected archive: Here you determine whether archive files (e.g. files with the extension RAR, ZIP or PST) should be handled differently from normal files. However, please note that moving an archive to quarantine can damage it so that it can no longer be used after it is moved back from Quarantine.
  • Behavior monitoring: If behaviour monitoring is enabled, every activity on the system is monitored regardless of the virus monitor. This means that malware for which no signature yet exists is also detected.
  • AntiRansomware: Protection against encryption Trojans.
  • Exploit Protection: An "exploit" exploits vulnerabilities in popular software and can use them to take control of your computer in the worst case. Exploits can even come into effect when applications (e.g. PDF viewer, browser etc) are routinely updated. Exploit Protection protects you against such access – and proactively protects you against previously unknown attacks.

Monitor exceptions

By clicking on the Exceptions button you can exclude specific drives, directories and files from the scan and so significantly accelerate parts of the virus detection process.

To do this, proceed as follows:

1. Click the Exceptions button.

2. Click New in the Monitor exceptions window.

3. Now, select whether you want to exclude a drive, a directory or a file or a file type.

4. Underneath this, select the directory or drive you want to protect. In order to protect files, enter the complete file name in the entry field under File mask. You can also use wildcards here.


Note: Wildcards function as follows:

  • The question mark symbol (?) represents individual characters.
  • The asterisk symbol (*) represents entire character strings.

For instance, in order to protect all files with the file extension .sav, enter *.sav. In order to protect a special selection of files with sequential file names (e.g., text1.doc, text2.doc, text3.doc), enter text?.doc for example.

You can repeat this procedure as often as desired and also delete or modify the existing exceptions.

Monitor - Advanced settings

Furthermore, you can click the button ADVANCED to specify which additional tests should be performed by the virus monitor.

Normally you do not have to change any settings here.

  • Mode: Here you can specify whether files should be checked when run, when read or when written to and read. If a file is checked when written to, the check is carried out as soon as a new file or file version is created to see if an unknown process may have infected this file. Otherwise files are only checked when they are read by programs.
  • Monitor critical folders in particular: You can use this function to specifically check especially critical folders, e.g. folders shared on the network, personal data or Cloud services (such as Microsoft Dropbox, OneDrive, Google Drive etc). After you have made your selection in the dialogue box, this is then always monitored in Check read & write access mode – regardless of the settings you use for all other files, folders and directories. If you have selected the Check read & write access mode for all files by default, the settings option for critical folders is greyed out.
  • Check network access: If your computer has a network connection to unprotected computers (for example, other laptops), it is a good idea to check the network accesses to see if any malicious programs are being transferred. If you use your computer as a stand-alone computer without network access, you don't need to enable this option. If you have installed virus protection on each computer in the network, it is recommended that you turn off this option. Otherwise, some files will be checked twice, which negatively affects speed.
  • Heuristics: In the heuristical analysis, viruses are not only detected by means of virus updates that you regularly receive from us online, but are also identified on the basis of certain characteristics typical of viruses. This method increases the level of security, but in rare cases may generate false alarms.
  • Check archive: Checking compressed data in archives (these can be recognized by their file extensions such as ZIP, RAR or PST) is very time-consuming and can normally be omitted if the virus monitor is generally active on the system. To increase the speed of the virus check, you can limit the size of the archive files that are browsed to a specific value in kilobytes.
  • Check email archives: Because the software already checks incoming and outgoing emails for virus infections, it is usually a good idea to omit regular checks of email archives since this process may take several minutes, depending on the size of the mail archive.
  • Check system areas during system start: In general, system areas (e.g. boot sectors) in your computer should not be excluded from virus checks. You can specify here whether you want to run a check on system start-up or when media is changed (for example, a new CD-ROM). Generally you should have at least one of these two functions activated.
  • Check system areas during change of medium: In general, system areas (e.g. boot sectors) in your computer should not be excluded from virus checks. You can specify here whether these should be checked on system start-up or whenever a media change occurs (new CD-ROM etc). Generally you should have at least one of these two functions activated.
  • Check for diallers / spyware / adware / riskware: You can also check your system for dialers and other malicious programs with this software. These are e.g. programs that establish expensive, unwanted Internet connections, in which the potential for financial damage is no less significant than that of a virus. They may for example secretly record your surfing habits or even all the keyboard entries you make (including your passwords) and forward these to third parties via the Internet at the earliest opportunity.
  • Only check new or modified files: If you activate this function, files that have not been changed for a long time and that were previously flagged as harmless are skipped. This provides a performance improvement in everyday work – without compromising security.

Manual virus check

Here you can configure basic program settings for the manual virus check (also called on-demand scan).

However, in normal operation this is not required.

  • Use engines: The software works with two engines – two virus checking programs optimized for one another. You can accelerate the virus check in older and slower computers by using just one engine, but normally you should keep the setting Both engines.
  • Infected files: Has your software detected a virus? In the standard setting, the software now asks you what you would like to do with the infected file. If you would always like to perform the same action, you can set this here. The highest protection for your data is offered here by the setting Disinfect (if not possible: place in quarantine).
  • Infected archive: Here you determine whether archive files (e.g. files with the extension RAR, ZIP or PST) should be handled differently from normal files. However, please note that moving an archive to quarantine can damage it so that it can no longer be used after it is moved back from Quarantine.
  • Pause the virus check at times of high system load: A virus check should normally be carried out when the computer is not being used. If you then need to use the computer, the virus check is paused so that your computer can run at normal speed for you. This virus check will then carry on when you stop working.

Exceptions for on-demand scan

By clicking on the EXCEPTIONS button you can exclude specific drives, directories and files from the scan and so significantly accelerate parts of the virus detection process.

To do this, proceed as follows:

1. Click the EXCEPTIONS button.

2. Click on  NEW  in the  Exceptions for on-demand scan  window .

3. Now, select whether you want to exclude a drive, a directory or a file or a file type.

4. Underneath this, select the directory or drive you want to protect. In order to protect files, enter the complete file name in the entry field under File mask. You can also use wildcards here.

Note: Wildcards function as follows:

  • The question mark symbol (?) represents individual characters.
  • The asterisk symbol (*) represents entire character strings.

For instance, in order to protect all files with the file extension .sav, enter *.sav. In order to protect a special selection of files with sequential file names (e.g., text1.doc, text2.doc, text3.doc), enter text?.doc for example.

You can repeat this procedure as often as desired and also delete or modify the existing exceptions.


Apply exceptions to idle scan: While the on-demand scan checks the computer for viruses at one specific time, the idle scan is an intelligent virus scanner that continuously checks all files on your computer to see if they aren't already infected. The idle scan works like a screen saver; it only activates when you do not use your computer for a while and stops immediately as soon as you continue to use it again. Here you can specify whether the defined exceptions should also apply to the idle scan.

Manual virus check - Advanced

You can create additional virus scan settings by clicking the ADVANCED button.

In most cases, however, it is completely sufficient to use the specified default settings.

File types: You can specify here which file types should be inspected by the software for viruses. Selecting the option "Program files and documents only" entails certain speed benefits.

Heuristics: In the heuristic analysis, viruses are not only detected by the virus database, which you receive with every update of the antivirus software, but are also identified on the basis of particular characteristics typical of viruses. This method increases the level of security, but in rare cases may generate false alarms.

Check archive: Checking compressed data in archives (these can be recognized by their file extensions such as ZIP, RAR or PST) is very time-consuming and can normally be omitted if the virus monitor is generally active on the system. To increase the speed of the virus check, you can limit the size of the archive files that are browsed to a specific value in kilobytes.

Check email archives: Here you can specify whether your email archive is examined for infections as well.

Check system areas: In general, system areas (e.g. boot sectors) in your computer should not be excluded from virus checks.

Check for diallers / spyware / adware / riskware: You can also check your system for dialers and other malicious programs with this function. These are e.g. programs that establish expensive, unwanted Internet connections, in which the potential for financial damage is no less significant than that of a virus. They may for example secretly record your surfing habits or even all the keyboard entries you make (including your passwords) and forward these to third parties via the Internet at the earliest opportunity.

Check for rootkits: Rootkits attempt to evade conventional virus detection methods. Additional monitoring for this malware is always advisable.

Only check new or modified files: If you activate this function, files that have not been changed for a long time and that were previously flagged as harmless are skipped. This provides a performance improvement in everyday work – without compromising security.

Generate log: You can use this checkbox to require the software to set up a log for the virus check process. This log can be viewed in the Logs area.

Offer virus checking for removable data media: If you check this box, whenever a removable data medium (USB stick, external hard drive etc) is connected to your computer, you will be asked whether the device should be checked for viruses.

Updates

If updating the software or virus signatures via the Internet does not work, you can perform all the operations necessary to enable updates to take place automatically in this area. In the options, enter the access data (user name and password) that you received via email when you registered your software online. The G DATA update server will use this data to recognize you so updates can now run completely automatically.

If you have purchased a new license and want to activate it, select Activate new license. The Internet settings display special options that are only required in a few exceptional cases (proxy server, other region). The version check should only be temporarily disabled if you are having difficulty updating the virus signatures.

Activate new license

If you have not yet registered your G DATA software, you can do this now by clicking on ACTIVATE NEW LICENSE then entering your registration number and customer data. Depending on the type of product, you will find your registration number e.g. on the back of the user manual, in the confirmation email for a software download, or on the CD sleeve. On entering the registration number your product will be enabled.

Click the ACTIVATE NOW button and your access data will be generated on the update server. If the login is successful, an info screen appears with the message Logged in successfully, which you can exit using the CLOSE button.

Warning: You will also receive access data for your documentation and for any software reinstallations by email. Therefore please make sure that the email address indicated in your online registration is correct; otherwise you will not receive the access data.

Finally the access data is automatically transferred to the original input mask so you can now update virus signatures via the Internet.

Unable to activate your license? If you cannot log in to the server, this may be due to a proxy server. Click on the INTERNET SETTINGS button (see help section Internet Settings). You can then check the settings for your Internet connection. If there are problems updating the virus signatures, by default you should first check whether you can access the Internet from a web browser (e.g. Internet Explorer). If you cannot connect to the Internet at all, the problem probably lies with your Internet connection and not with the proxy server data

Internet settings

If you use a proxy server, please put a check-mark next to Use proxy server. You should only change these settings if your virus signature update is not working. If necessary, consult your system administrator or Internet service provider about the proxy address. If necessary you can also enter the access data for the proxy server here.

Proxy server: A proxy server consolidates all requests to networks and distributes them to computers connected to it. If for example you use your computer in a company network, it may be useful for you to connect to the net via a proxy server. In the event of problems with the virus signature update you should generally first check to see if you can access the Internet at all via a web browser. If you cannot connect to the Internet at all, the problem probably lies with your Internet connection and not with the proxy server data.

Manage access

With this option you have the chance of defining for yourself which Internet connections you want use for receiving software updates. This is especially useful if you sometimes connect via a network in which data transfers are paid for, e.g. with specific mobile phone tariffs with no real data flat rate.

Virus signature import/export

With computers that are never or only rarely connected to the Internet, or where there are restrictions on the data volume for downloads, you can also update virus signatures via a data medium (e.g. USB stick), or run an offline update. To do so, you must export the virus signatures to the storage medium using a computer that is connected to the Internet and has the necessary permissions. You can then import them via the "Import from" function on the computer with no Internet connection. The system on this computer will then be protected by the latest virus signatures as well. Unlike regular virus updates via the Internet, here this is up to the user, who must ensure him- or herself that signature updates are run as often as possible.

Automatically update virus signatures

If you do not want the G DATA software to bother automatically updating the virus signatures, you can remove the check here. However, disabling this entails a high security risk and should only be done in exceptional cases. If the period between updates is too short for you, you can adjust it as you want and e.g. specify that updates should only be carried out when connecting to the Internet. This option is useful for example with computers that are not permanently connected to the Internet.

Generate log: If you check this box, every virus signature update is recorded in the log, which you can view in the additional G DATA software functions (in SecurityCenter under Logs). Besides these entries, you will find e.g. information on virus detections and other actions carried out by the software in the log.

Web protection

If web protection is enabled, web content is checked for malware while you are browsing. You can create the following settings here.

  • Scan web content (HTTP): Under the web protection options you can specify that all HTTP web content should be checked for viruses, even when browsing. Infected web content is not run at all and the corresponding pages are not displayed. To set this option, please check Scan web content (HTTP).

If you do not want to check web content, the virus monitor will still of course take action if infected files are executed. That means your system is also protected without checking Internet content as long as the virus monitor is active.

You can also specify certain websites as exceptions if you consider them harmless. For more information please read the section Define exceptions. You can use the Advanced button to create further settings for handling web content.

  • Phishing protection: With so-called phishing, scammers on the Internet attempt to redirect customers of a particular bank or shop to fake websites in order to steal their data there. Activating the phishing protection is highly recommended.
  • Submit URLs of infected websites: Through this function you can automatically – and anonymously of course – report websites that are deemed unsafe by the software. With that, you optimise security for all users.
  • Manage browser extensions (HTTPS): For increased protection against infected and fraudulent websites even when using HTTPS, G DATA  has recently developed additional web protection extensions for the Mozilla Firefox , Google Chrome and Microsoft Edge Internet browsers. We support Microsoft Edge as of Windows Service Pack 5. For information on installing the extensions, click here.
  • BankGuard browser protection: Banking Trojans are becoming more and more of a threat. Every hour, online criminals are developing new malware variants (like ZeuS or SpyEye) that they use to steal your money. Banks secure data traffic on the Internet. However, the data is decrypted in the browser and banking Trojans can attack it there. However, the pioneering BankGuard technology from G DATA secures your banking transactions from the outset and provides instant protection where the attack takes place. By checking that the network libraries used are genuine, G DATA BankGuard ensures that your web browser has not been manipulated by a banking Trojan. We recommend leaving G DATA BankGuard protection switched on.
Note: Besides the man-in-the-middle method, in which the attacker manipulates the communication between the user and the target computer, there is also the man-in-the-browser (MITB) attack method. With this method, the attacker infects the browser itself and accesses the data before it is encrypted. The BankGuard module also protects you against this type of attack, by comparing the so-called digital fingerprint of a file or a part of a web page with a database on the Internet. In this way fraud is immediately detected and the G DATA software automatically converts the fraudulent data connection back to the original.
  • Keylogger protection: Keylogger protection also monitors whether keyboard input on your system is being spied on, independently of virus signatures. This would give attackers the option of logging your password input. This function should always be enabled.

Web protection - Define exceptions

To add a website to the exceptions in the whitelist, please proceed as follows:

  1. Click on the EXCEPTIONS button. The Whitelist window will appear. This will display the websites that have been categorised as safe and entered here.
  2. To add another website, click on the NEW button. An input screen will appear. Enter the name of the website (e.g. www.harmlesssite.com) under URL and, if necessary, enter a comment under Note about why you have included this website. Confirm your input by clicking on OK.
  3. Now click on OK to confirm all changes to the whitelist.

To remove a website from the Whitelist, highlight it in the list using your mouse and then just click on the DELETE button.

Web protection - Advanced settings

Here you can specify which server port numbers should be monitored by web protection. Generally port number 80 will suffice for monitoring normal browsing.

  • Avoid browser timeout: Since the software processes web content before it is displayed in the web browser, it requires a certain amount of time to do so depending on the data traffic. Therefore it is possible for an error message to appear in the web browser because the browser is not receiving data immediately, since the antivirus software is checking it for malicious routines. By activating the Avoid browser timeout checkbox, you can disable this error message and, as soon as all browser data has been checked for viruses, the data will appear as normal in the web browser.
  • Enable notification when checking downloads: Enable this function to get a notification whenever a download is being checked.
  • Size limit for downloads: You can use this function to interrupt HTTP checks for web content that is too large. The contents are then monitored by the virus monitor as soon as suspected malicious routines become active. The advantage of the size limit is that there are no delays caused by virus checks when surfing the web.

Email check

The email check enables you to scan incoming and outgoing emails and file attachments for viruses and eliminate possible infections at the source. The software can directly delete file attachments or repair infected files if viruses are found.

Warning: In Microsoft Outlook, emails are scanned by a plugin. This provides the same level of protection as the protection function for POP3/IMAP offered by AntiVirus. 

Incoming mails

The following options are available for virus protection for incoming emails:

  • In case of an infection: Here you can specify what is supposed to happen if an infected email is discovered. Depending on the purposes for which you are using your computer, different settings apply here. Generally we recommend using the Disinfect (if not possible: delete attachment/text) setting.
  • Check received emails: By activating this option, all emails you receive while you are working on your computer are checked for viruses.
  • Attach report to received infected mails: When you enable the report option and a virus is found, the warning VIRUS appears in the subject header of the infected email. There is also a message at the beginning of the email text: Warning! This email contains the following virus followed by the virus name and whether the virus has been deleted or whether it was possible to repair the infected file.

Outgoing mails

The software also allows you to scan your emails for virus infection before you send them, to ensure you do not inadvertently send viruses yourself. If you try to actually send a virus (unintentionally), the message The email [subject header] contains the following virus: [virus name] appears. The mail cannot be sent, and the corresponding email will not be sent. Please check the box next to Check emails before sending to scan outgoing emails.

Scan options

Here you can enable or disable basic virus check options:

  • Use engines: The software works using two engines – two analysis units optimized for one another. In principle, use of both engines should guarantee optimum virus protection results.
  • OutbreakShield: This option lets you activate the OutbreakShield. With OutbreakShield activated, the software creates checksums of emails, compares these with constantly updated anti-spam blacklists on the Internet and, as a result, is able to react to a mass-mailing before the relevant virus signatures become available. OutbreakShield uses the Internet to monitor increased volumes of suspicious emails, enabling it to close the window between the mass mail outbreak and its containment with specially adapted virus signatures, practically in real time. The OutbreakShield is an integral part of the email virus blocker.

Encrypted connections (SSL)

Many email providers (such as GMX, WEB.DE, T-Online and Freenet) have now started using SSL encryption. This means that emails and email accounts have become significantly more secure. However, it is still necessary to use antivirus software to protect your email as well. G DATA offers the Encrypted Connections (SSL) module for this. This gives you the added option of checking SSL-encrypted email for viruses and malware.

To enable the G DATA software to check email that has been SSL-encrypted, a G DATA software certificate must be imported into the email program. This ensures that your G DATA software can check incoming email.

It supports all email programs that can either import certificates or can access the Windows certificate store, e.g.:

  • Outlook 2003 or higher
  • Thunderbird
  • The Bat
  • Pegasusmail

Please proceed as follows if the G DATA certificate is not installed automatically:

  1. Your email program should not be active when installing the certificate. Therefore please close all email programs before generating and installing the certificate.
  2. In the G DATA software, check the box next to Check SSL Connections.
  3. Click on the Export Certificate button. The G DATA software will now generate a certificate. This file is called GDataRootCertificate.crt.
  4. Now open the GDataRootCertificate.crt file. A dialogue window appears in which you can install the certificate on your computer.
  5. In the dialogue window, click on the Install Certificate button and follow the instructions from the installation wizard.

You are done. Outlook and every other email program that can access the Windows certificate store now has the certificate required for checking SSL-encrypted incoming email for viruses and other malware.

Note: If you use Thunderbird (portable) and the certificate is not imported automatically, you will need to import this later and manage the trust settings for the generated G DATA certificate. To do this, please select the CERTIFICATES button in Thunderbird (portable) under Options > Advanced > Certificates. If you click here, various tabs appear. Please select the Authorities tab and then the IMPORT button. You can now select the "G DATA Mail Scanner Root" certificate.

If you now check the boxes next to the following option fields and click OK, your Thunderbird portable will be protected by G DATA:

  • Trust this CA to identify websites.
  • Trust this CA to identify email users.
  • Trust this CA to identify software developers.

There are similar functions in other email programs for importing certificates. In case of doubt, please see the appropriate help text to read how this works for the email program you use.

Email check - Advanced settings

If you do not use the default ports for your email programs, you can enter the port you use for incoming or outgoing emails under Server port(s). Click on the Default button to automatically restore the default port numbers. You can also enter multiple ports. Separate each of these with a comma.

Warning: Microsoft Outlook is protected by a special plugin that allows you to scan folders and emails directly from Outlook. In order to scan an email or a folder in Outlook for viruses, just click on the G DATA icon and the currently selected email folder will be scanned.

Since the software processes incoming emails before the email program itself, you may get an error message if there is a large quantity of emails or the connection is slow. This is because it is not receiving the email data immediately as it is being scanned for viruses by the software. Such error messages in the email program are prevented by checking the box next to Avoid mail server timeout, and as soon as any email data has been scanned for viruses, it is then forwarded to the email program as normal.

Automatic virus checks

You can switch the idle scan on or off from here. Furthermore you can also regularly scan your computer, or areas of your computer, for infections instead or as well. For example, you can then run such scans at times when you are not using your computer.

Scheduled virus checks: In many cases it is sufficient for the computer to be checked by the idle scan. However, you can also use the New button to set up various automatic virus checks that are independent of one another. Hence it is possible for you to check the Downloads folder daily, whereas you check your MP3 collection only once a month for example.

The following sections explain how you set up individual virus checks.

Automatic virus check - General

Enter the name you want to give the newly created virus check here. It is a good idea to use meaningful names to differentiate between the various jobs, for instance, Local hard disks (weekly scan) or Archive (monthly scan).

If you check Switch off the computer when the job is finished, the computer will automatically shut down once the automatic virus check has been completed. This is useful if for example you want to run a virus check when your day at work has finished.

Job: Each individually listed, automatic task for checking the computer or specific areas of it is called a job.

Analysis scope

Here you can choose whether the virus check should be done on the local hard drives, whether memory and autostart areas should be tested, or if you only want to test certain directories and files. If this is the case, use the Selection button to specify the directories you want.


Check following directories and files: In the directory tree, you can open and select directories by clicking on the plus symbols. Their contents will then be shown in the file view. Each directory or file that you mark with a check will be scanned by the software. If not all files in a directory are checked, this directory is marked with a grey checkmark.

Automatic virus check - Scheduling

This tab allows you to specify when the automatic update should run and how often. You set up the default schedule under Run and then specify it in more detail under Time. Of course, if you select On system start-up, you need not set any scheduling as the software will run the scan each time your computer starts up.

  • Run job automatically on next system startup if systems was powered off at the scheduled start time: Activating this option means that virus checks that are not run automatically are automatically run later as soon as the computer is powered up again.
  • Do not run on batteries: To prevent limiting battery service life unnecessarily, you can specify for notebooks, for example, that automatic virus checks can only be run when the portable computer is connected to the mains.

Scan settings

This area allows you to define which settings should be used for the automatic virus check.

  • Use engines: The software works with two engines – two virus checking programs optimized for one another. You can accelerate the virus check in older and slower computers by using just one engine, but normally you should keep the setting Both engines.
  • Infected files: Has your software detected a virus? In the standard setting, the software now asks you what you would like to do with the infected file. If you would always like to perform the same action, you can set this here. The highest protection for your data is offered here by the setting Disinfect and copy to quarantine.
  • Infected archive: Here you determine whether archive files (e.g. files with the extension RAR, ZIP or PST) should be handled differently from normal files. However, please note that moving an archive to quarantine can damage it so that it can no longer be used after it is moved back.

Furthermore, you can click the button ADVANCED to specify which additional virus checks should be performed or omitted.

In most cases, however, it is completely sufficient to use the specified default settings.

  • File types: You can specify here which file types should be inspected by the software for viruses.
  • Heuristics: In the heuristic analysis, viruses are not only detected by the virus database, which you receive with every update of the software, but are also identified on the basis of particular characteristics typical of viruses. This method increases the level of security, but in rare cases may generate false alarms.
  • Check archive: Checking compressed data in archives (these can be recognized by their file extensions such as ZIP, RAR or PST) is very time-consuming and can normally be omitted if the virus monitor is generally active on the system. The monitor can detect a previously hidden virus while the archive is being unzipped and can automatically prevent it from spreading.
  • Check email archives: Here you can specify whether your email archive is examined for infections as well.
  • Check system areas: In general, system areas (e.g. boot sectors) in your computer should not be excluded from virus checks.
  • Check for diallers / spyware / adware / riskware: You can also use this function to check your system for dialers and other malware (spyware, adware and riskware). These are e.g. programs that establish expensive, unwanted Internet connections, of which the potential for financial damage is no less significant than that of the virus. They may for example secretly record your surfing habits or even all the keyboard entries you make (including your passwords) and forward these to third parties via the Internet at the earliest opportunity.
  • Check for rootkits: Rootkits attempt to evade conventional virus detection methods. Additional monitoring for this malware is always advisable.
  • Generate log: By checking this box, you can specify that the software creates a log of the virus check process. This log can be viewed in the Logs area.

User account

Here you can specify the user account on the computer on which the virus check should take place. This account is required for access to network drives.

  • No labels