Technology overview

AVG 2011 includes the latest threat prevention technologies. Find out more about how we keep millions of people around the world safe.

Detection methods

AVG’s efficiency in detecting infected files and exploits is driven by multiple layers of protection. Files are pre-processed and areas deemed unnecessary for virus analysis are excluded to enable faster scanning.

  • Signature-based detection
    This technique attempts to match files to known virus signatures - a sequence of bytes known to be characteristic of a specific virus. Detailed analysis is then performed to identify the exact infection.
  • Polymorphic-based detection
    This is a common method for detecting known viruses and it is used to determine new variants of recognized viruses. Polymorphic detection looks for sequences typical of certain viruses. Such sequences usually don't change within the virus when it is modified, even if the behavior of the new variant is different. This method is effective especially in the detection of macro-viruses and script-viruses.
  • Heuristic-based analysis
    The third layer for detecting viruses is heuristic analysis, which looks at a way software behaves in order to identify whether it is malicious. This allows it to detect a virus which is not included in the internal virus database. Two primary methods are employed:
    • Static heuristic analysis looks for suspicious data constructs
    • Dynamic heuristic analysis emulates code within the protected environment of a virtual computer inside AVG
  • Behavior-based analysis
    The fourth layer for detecting viruses is behavior analysis. This patent-pending technology looks at what the software does during execution. Using various classifiers and advanced algorithms, this technology determines the hostile behavior of files and prevents their execution.

Protective Cloud Technology (NEW)

In AVG 2011, Protective Cloud Technology uses multiple scanning engines and behavioral detection simultaneously to identify emerging and previously unknown threats. Once Protective Cloud Technology identifies threats, solutions are developed and AVG clients around the world are updated in near real time.

AVG Community Protection Network (New)

AVG Community Protection Network acts like a neighborhood watch for the online world, helping everyone in the online community to protect each other. Information about the latest threats and AVG product performance is collected from customers who choose to participate in the product improvement program. This information is then analyzed and shared with the AVG community to make sure everyone receives the best possible protection.

AVG Social Networking Protection (New)

AVG’s Social Networking Protection is patent-pending technology that is new AVG 2011. Links that are exchanged within Facebook and MySpace are automatically checked in real time so that people, computers and networks exposed to social networks are safe.

AVG Social Networking Protection is activated automatically when AVG is installed and does not require any specific account or application settings.

AVG LinkScanner® (Enhanced)

AVG LinkScanner® is cutting edge patent pending technology. Surf-Shield actively checks web pages in real time. This ensures protection from web-based attacks that may only be present on websites for a few hours, before moving on to others.

LinkScanner® also features Search-Shield which works with popular search engines (including Google, Yahoo! and Bing) and social sites to show safety ratings within search results. Ratings are both color-coded and labeled with icons to illustrate which sites are safe and which are dangerous.

AVG Firewall (Enhanced)

AVG Firewall protects against malicious attacks by examining communications on each network port. It immediately blocks all unauthorized access attempts and now includes smart intrusion prevention capabilities to keep home and work networks – be they wired or wireless - even more secure. AVG Firewall also protects against both inbound and outbound attacks, whereby malicious software takes control of your computer and attempts to cause damage to other people.

Firewall consults a database of trusted applications every time it detects an attempted connection. It will allow communication to take place if it determines the application is trusted, reducing interruption from pop-ups. Conversely, it automatically blocks all communication if it detects a threat. This significantly reduces the chance of any information leaking before the threat is quarantined. With AVG 2011, the firewall advisor will recommend what action should be taken if the AVG applications database is not being used.

The key advantage of using Firewall is that it is heavily integrated with the other components within the AVG suite, meaning they work together and learn from each other to provide the most complete protection.

AVG Email Scanner

Email scanning is supported either directly through application plug-ins (including Microsoft Outlook and The Bat!) or through a personal email scanner. AVG Email Scanner works at POP 3 and SMTP protocol levels and can also protect email communications of all other email clients.

  • AVG Email Scanner filters attachments by their extensions or by their content
  • The solution at the POP 3/ SMTP protocol level is independent of the email client used
  • It is possible to protect multiple email accounts and to check multiple email servers
  • SMTP authentication is supported
  • Secured (SSL) communication is supported

AVG Resident Shield

The AVG Resident Shield protects whenever the operating system is running. It works in the background and scans when files are executed, opened or saved. If a virus is detected, the shield blocks the opening or running of the infected file. AVG Resident Shield also stores information about files it has checked, eliminating the need to re-check them if no modifications have been made.

AVG Online Shield™

The AVG Online Shield works in the same way as Resident Shield but for network traffic. Network traffic is intercepted and the data is passed into several scanning engines. AVG Online Shield also checks files that are exchanged through Yahoo! Instant Messenger, ICQ and MSN chat sessions.

AVG Smart Scanning (New)

Smart Scanning allows scans to run in high-priority mode when you are away from your computer and switches to low-priority mode as soon as you use your computer (i.e. a mouse is moved or key is pressed). AVG 2011’s scans are faster as trusted files or files that were already scanned but did not change are skipped.

AVG Smart Anti-Rootkit (Enhanced)

AVG Smart Anti-Rootkit technology detects malicious programs that try to hide deep within systems. The user-level view of the file system and processes are analyzed with the operating system’s kernel and any discrepancies are reported as the possible presence of a rootkit.

Update

It is vital to keep AVG & 2011 up to date to ensure protection against the latest threats. AVG offers several ways to achieve this, including a fully automated update process.

The availability of update files is guaranteed even when a large number of requests to download updates are sent to our servers. We distribute our update files using a robust worldwide server network service. Main features include:

  • Small update files (the size is typically only tens of KB)
  • Rare requirements to restart computers after updates
  • Regular updates released twice per week
  • Possibility to schedule or manually perform an update
  • Proxy server authentication support
  • AVG update emails allow registered users to receive the latest update information
  • Update files are available even during periods of high download demand