Using the Avast Geek settings area in Avast Antivirus

The Avast Geek settings area contains options for advanced program configuration, and is designed for users with high-level understanding of Avast Antivirus functionality. To specify everyday program behavior, we recommend using basic settings, which are configured by default to provide optimum protection and security. For more information about configuring program behavior in Avast Antivirus using basic settings, refer to the following article:

The Avast Geek settings area is available in Avast Antivirus version 19.0 and higher. To update your application to the latest version, refer to instructions in the following article:


To open the Avast Geek settings area:

  1. Open the Avast Antivirus user interface and go to MenuSettings.
  2. Click Search in the top-right corner.
  3. Type geek:area into the search field, and select Avast Geek from the search results.
  4. Avast Geek settings are organized by component. Click Search in the top-right corner and type a component name, then select the relevant search result. Alternatively, scroll down to the relevant section.

Refer to the sections below for detailed information about each of the Avast Geek settings options.

Update

Specify how frequently Avast Antivirus automatically checks for and downloads updates to Virus definitions and application version (default value 240 minutes).

Avast checks for and downloads updates via your internet connection, so regular checks may reduce browsing speed.

Troubleshooting

Restrict guest users (secondary accounts logged in to your PC) from accessing or modifying your Avast Antivirus settings. We recommend keeping this option enabled to ensure only authorized users have this permission.

Virus Scans

You can configure the following settings for each type of Virus Scan:

Not all options are available for every scan.

Automatic actions

For each listed scan type, specify which action is applied when the scan detects a threat. Select one of the following actions from the drop-down menu:

  • Auto (selected by default): Run a sequence of actions (repair file; if not possible, then move to Virus Chest; if not possible, then delete).
  • Move to Chest: Send the threat to Virus Chest, where it cannot harm your system.
  • Repair: Remove only malicious code attached to an otherwise safe file; this is not possible for files which are entirely malware.
  • Delete: Permanently remove the file from your computer.
  • Nothing: No action is taken during the scan; the threat is listed in your scan results and you can decide what to do later.

Processing of infected archives

For each listed scan type, specify which action is applied when the scan detects an infected archive. Select one of the following actions from the drop-down menu:

  • Try to remove only the packed file from the archive; if it fails, do nothing (enabled by default).
  • Try to remove only the packed file from the archive; if it fails, remove the whole archive.
  • Always remove the whole archive.

Performance settings

For each listed scan type, configure the following performance settings which impact scan speed:

  • Speed up scanning by using persistent cache (enabled by default): Enables the scan to refer to information retained from previously scanned files. Trusted files that have already been verified as safe are not scanned again, which enables scans to process faster.
  • Store data about scanned files in the persistent cache: Stores data about scanned files in your system's permanent memory, so that future scans can refer to this data and run faster. The information stored in persistent cache is not lost after a system restart or virus definitions update.
  • Speed up scaning by reading files in the order they are stored on the disk (enabled by default): Reduces the amount of time the scan takes to locate stored data by scanning files in the order that their physical data is stored on the disk (faster) rather than the order that the files are organized in the file system (slower). This option is only effective for NTFS (New Technology File System) formatted drives.

Report file settings

By default, Avast Antivirus creates report files of scan results. When troubleshooting issues with Avast Support, you may be requested to provide a report file. Report files are saved to the following location:

  • C:\ProgramData\AVAST Software\Avast\report

Configure your report file settings by specifying the following values for each listed scan type:

  • Report file name: Enter a name for the report file.
  • Report file type: Select the format of the report file (plain text (ANSI), plain text (Unicode), or XML).
  • If report file exists: Select Append if you want new results to be added to the end of the previous report, or Overwrite if you want new results to replace the previous report.
  • Reported items: Define which events appear in report files. Type any of the following events into the text box provided, ensuring entries are separated by semicolons:
    • Infected: Files and areas of the scanned environment that the virus scan identifies as containing malware.
    • HardErrors: Unexpected errors that require further investigation.
    • SoftErrors: Minor errors, such as a file being unable to be scanned because it was in use.
    • OK: Files and areas that the virus scan identified as being clean.
    • Skipped: Files and areas that the virus scan did not check because of the scan settings.

The following additional options can be useful for troubleshooting purposes if scans in Avast take a long time to complete:

  • Enable raw disk access during an Avast Boot-Time scan (enabled by default): This option applies only to Boot-Time Scan and enables Avast to access and scan the entire disk, including dropped files and file fragments that may contain malicious code. Disabling this option may slightly speed up Boot-Time scans but weaken your antivirus protection.
  • Skip checking of digital signatures of infected files: This option applies to all scans in Avast and enables scans to report any files as suspicious, even if they are from trusted publishers, which can speed up the scanning process. However, this option is disabled by default to avoid false positive detections.

Scan logs

Avast scan logs contain details of events detected during a scan. By default, Avast creates scan logs each time you run a scan. Avast scan logs are stored in the following location:

  • C:\ProgramData\AVAST Software\Avast\report

Scan log settings apply to all scans in Avast Antivirus. The following options are available:

  • Delete scan logs (enabled by default): Allows Avast to delete scan logs after a specified time period.
  • Delete scan logs older than: Specify after how long Avast deletes scan logs.
  • Delete temporary scan logs (enabled by default): Allows Avast to delete temporary scan logs after a specified time period.
  • Delete temporary scan logs older than: Specify after how long Avast deletes temporary scan logs.
  • Clear scan history: Click Perform to immediately delete all currently stored scan logs.

Behavior Shield

Behavior Shield monitors programs installed on your PC for suspicious behavior that may indicate the presence of malicious code. Configure how Behavior Shield deals with suspicious program behavior by selecting one of the following options from the drop-down menu:

  • Always ask: Avast asks what you want to do with each detected threat.
  • Automatically move detected threats to Chest (enabled by default): Threats that behave similarly to known threats listed on the Avast virus definitions database are moved to Virus Chest, where they cannot harm your system.
  • Automatically move known threats to Chest: Threats that are listed on the Avast virus definitions database are moved to Virus Chest, where they cannot harm your system.

File Shield

File Shield actively scans all programs and files on your hard drive as they are opened, run, modified, and saved. Avast Geek settings allow you to specify which action File Shield performs when it detects a threat (virus, potentially unwanted program, or suspicious object). For each individual threat type, select an action from the drop-down menu:

  • Auto (selected by default): Run a sequence of actions (repair file; if not possible, then move to Quarantine; if not possible, then delete)
  • Ask: Avast asks what you want to do with each detected threat.
  • Nothing: No action is taken during the scan; the threat is listed in your scan results and you can decide what to do later.
  • Move to Chest: Send the threat to Quarantine, where it cannot harm your system.
  • Repair: Remove only malicious code attached to an otherwise safe file; this is not possible for files that are entirely malware.
  • Delete: Permanently remove the file from your computer.

To stop recieving a notification each time File Shield detects a threat, untick Show a notification window when an action is taken.

Report file settings

By default, File Shield creates a report file of every scan result. When troubleshooting issues with Avast Support, you may be requested to provide a report file. Report files are saved to the following location:

  • C:\ProgramData\AVAST Software\Avast\report

Configure your report file settings by specifying the following values:

  • Report file name: Enter a name for the report file.
  • Report file type: Select the format of the report file (plain text (ANSI), plain text (Unicode), or XML).
  • If report file exists: Select Append if you want new results to be added to the end of the previous report, or Overwrite if you want new results to replace the previous report.
  • Reported items: Define which events appear in report files. Type any of the following events into the text box provided, ensuring entries are separated by semicolons:
    • Infected: Files and areas of the scanned environment that File Shield identifies as containing malware.
    • HardErrors: Unexpected errors that require further investigation.
    • SoftErrors: Minor errors, such as a file being unable to be scanned because it was in use.
    • OK: Files and areas that File Shield identified as being clean.
    • Skipped: Files and areas that File Shield did not check because of the scan settings.

Mail Shield

Mail Shield scans for threats in your incoming and outgoing email messages. Avast Geek settings allow you to specify which action Avast Antivirus performs when Mail Shield detects a threat (virus, potentially unwanted program, or suspicious object). For each threat type, select an action from the drop-down menu:

  • Auto (selected by default): Run a sequence of actions (repair file; if not possible, then move to Virus Chest; if not possible, then delete)
  • Ask: Avast asks what you want to do with each detected threat.
  • Nothing: No action is taken during the scan; the threat is listed in your scan results and you can decide what to do later.
  • Move to Chest: Send the threat to Virus Chest, where it cannot harm your system.
  • Repair: Remove only malicious code attached to an otherwise safe file; this is not possible for files that are entirely malware.
  • Delete: Permanently remove the file from your computer.

The following options allow you to further configure Mail Shield behavior:

  • Show a notification window when an action is taken (enabled by default): You recieve a notification from Avast each time Mail Shield detects a threat.
  • Scan archived messages when opening: Scans archived messages every time they are opened.
  • Scan SSL connections (enabled by default): Enables scanning of emails sent or received using SSL/TLS encrypted connection. If disabled, only emails sent or received via unsecured connections are scanned.

Export a Mail Shield certificate

Click Perform to export a Mail Shield certificate from Avast Antivirus. This is useful for troubleshooting error messages about invalid server certificates from third party email clients, such as Mozilla Thunderbird.


Report file settings

By default, Mail Shield creates report files of scan results. When troubleshooting issues with Avast Support, you may be requested to provide a report file. Report files are saved to the following location:

  • C:\ProgramData\AVAST Software\Avast\report

Configure your report file settings by specifying the following values:

  • Report file name: Enter a name for the report file.
  • Report file type: Select the format of the report file (plain text (ANSI), plain text (Unicode), or XML).
  • If report file exists: Select Append if you want new results to be added to the end of the previous report, or Overwrite if you want new results to replace the previous report.
  • Reported items: Define which events appear in report files. Type any of the following events into the text box provided, ensuring entries are separated by semicolons:
    • Infected: Files and areas of the scanned environment that Mail Shield identifies as containing malware.
    • HardErrors: Unexpected errors that require further investigation.
    • SoftErrors: Minor errors, such as a file being unable to be scanned because it was in use.
    • OK: Files and areas Mail Shield identified as being clean.
    • Skipped: Files and areas Mail Shield did not check because of the scan settings.

Web Shield

Web Shield actively scans data that is transferred when you browse the internet to prevent malware from being downloaded and run on your PC. Avast Geek settings allow you to specify which action Web Shield performs when it detects a threat (virus, potentially unwanted program, or suspicious object). For each individual threat type, select an action from the drop-down menu:

  • Abort connection (selected by default): Terminates your connection with the applicable website as soon as a potential threat is detected.
  • Ask: Gives you the option to terminate the connection with the applicable website or remain connected when a potential threat is detected. Remaining connected may be risky.

The following options allow you to further configure Web Shield behavior:

  • Scan traffic from well-known browser processes only: With this option enabled, Web Shield only monitors HTTP traffic for the most common browsers.
  • Show a notification window when an action is taken (enabled by default): You recieve a notification from Avast each time Web Shield detects a threat.
  • Do not unpack archives with valid digital signatures (enabled by default): Excludes trusted archive files from verified publishers from being scanned.

Script Shield protection

Script Shield prevents browsers and other applications from running potentially malicious scripts. This includes remote threats from the web and outside sources, local threats downloaded to your hard drive or in the browser cache, and scripts that come from encrypted connections.

Tick or untick the relevant box to specify which browsers and applications are protected by Script Shield. Commonly used browsers, Adobe Acrobat Reader, and all other applications on your PC are protected by default.

Virus Chest

Virus Chest is an isolated space where you can safely store potentially dangerous files or send them to the Avast Threat Labs for analysis. Avast Geek settings allow you to specify the maximum size of files that Avast sends to Virus Chest. The default value is 16384 KB.

Firewall

Firewall is a paid feature available in Avast Premium Security and Avast Omni that monitors all network traffic between your PC and the outside world to protect you from unauthorized communication and intrusions. You can configure the following aspects of Firewall behavior:

  • Show notifications about newly created "block" rules (enabled by default): Sends an alert message each time a new rule related to prohibiting communication is created by the auto-decide feature.
  • Internet Connection Sharing mode: Allows a trusted user to connect to the internet through your PC, or to troubleshoot problems with devices, such as a printer that is connected to the internet via your PC. Ticking this option opens certain ports which are usually closed, decreasing the level of security.
    Always untick this option when the user no longer needs access to your internet connection or you finish troubleshooting.
  • Allow all connections with Friends when in Private mode: Allows all networks listed as Friends when you are connected to a Private mode network.
  • Enable automatic profile switching (enabled by default): Authorizes Avast to automatically change the Firewall profile when you connect to a known network with a different profile to the previously connected network.
  • Show notifications about automatic profile switching: Alerts you each time your Firewall profile changes (for example, when you change from a Private network to a Public network or vice versa). Enabling this option may result in potentially annoying alerts.
  • Enable automatic port scan detection: Authorizes Firewall to detect port scan attempts. Port scanning is a technique hackers commonly use to identify vulnerable or unsecure devices on a network. If Firewall detects a port scan, the offending IP address is blacklisted and all communication with that IP address is blocked until you reboot your PC.
  • IP block timeout: Configure how far back Firewall searches network traffic history for suspicious network packets. 1800000 is the default value, which is equal to 30 minutes. Increasing this value can lead to false positive detections.
  • Enable raw sockets (enabled by default): Enables communication with applications that use raw sockets instead of specific communication protocols. Disabling this option slightly increases the security of your PC but creates significant connectivity issues with any applications that use raw sockets.

Sandbox

Sandbox is a virtualization tool in Avast Premium Security and Avast Omni that allows you to browse the web or run an application in a completely isolated, safe environment. You can configure the following aspects of Sandbox behavior:

  • Override the maximum copy filesize limit and specify the size manually: Allows you to specify the size of files that applications can duplicate for further modifications while running in Sandbox. If a Sandboxed application rejects a file, change the default 51 MB limit.
  • Drop administrative rights and run virtualized applications as a limited user: Removes administrative rights for applications run in Sandbox to prevent applications from accessing restricted system components.
  • Cache web browser's files (sandbox will not be automatically deleted) (enabled by default): Save only virtualized files for web browsers, which improves the browser's performance in Sandbox.
  • Delete cached contents: Click to immediately remove cached contents from Sandbox.
  • Generate report file: Enable this option to ensure Sandbox automatically creates reports of virtualized applications. When troubleshooting issues with Avast Support, you may be requested to provide a report file.

Do Not Disturb Mode

Do Not Disturb Mode works to silence unnecessary notifications while you run almost any application in fullscreen. Configure these settings to customize system behavior while Do Not Disturb Mode is enabled, and further maximize the performance of applications running in fullscreen. All options are enabled by default with the following exceptions:

  • Disable draw over window: Blocks the appearance of notifications from other applications while you are running an application in fullscreen.
  • Suspend Non-gaming user processes: Suspends applications that could reduce performance while you play games in fullscreen.
  • Set CPU limit: Applies limits to ensure that while using Do Not Disturb Mode, your main system resources are available to run other applications.

Software Updater

Software Updater keeps commonly used third party software up to date to eliminate potential security risks. You can configure the following aspects of Software Updater behavior:

  • Enable Software Updater (enabled by default): Untick this option to disable Software Updater.
  • Allow update of system-wide products for administrators only: When enabled, only administrators have authority to update system-wide products via Software Updater.
  • Automatically download updates if possible (enabled by default): Allow Software Updater to automatically download available updates for your third-party software to save time. This option is only available in paid versions of Avast Antivirus.
  • Database reset (troubleshooting): Click Perform to reset the internal database of Avast Software Defender to default values. This action cannot be undone and is recommended if Software Updater shows invalid data, or if an application installation error occurs.

General

The following additional settings are available:

  • Enable reputation services (enabled by default): Allows you to anonymously contribute technical information to help us better identify malware threats.
  • Check my browsers regularly for toolbars with bad user ratings (enabled by default): Checks commonly used browsers for toolbars with poor ratings and offers to remove them. To determine a toolbar's rating, Avast uses a cloud-based rating system based on blacklists and whitelists, heuristic algorithms, Avast's Recommendation Engine, and user ratings.
  • Avast Premium Security 19.x
  • Avast Free Antivirus 19.x
  • Avast Omni 1.x
  • Avast Premier 19.x
  • Avast Internet Security 19.x
  • Avast Pro Antivirus 19.x
  • Microsoft Windows 10 Home / Pro / Enterprise / Education - 32 / 64-bit
  • Microsoft Windows 8.1 / Pro / Enterprise - 32 / 64-bit
  • Microsoft Windows 8 / Pro / Enterprise - 32 / 64-bit
  • Microsoft Windows 7 Home Basic / Home Premium / Professional / Enterprise / Ultimate - Service Pack 1, 32 / 64-bit

Was this article helpful?

Yes No

Need additional help?

Contact us

Avast Premium Tech Support

Solve any issue
for any device
Call now for free consultation 0800-085-4825