This is how it works: When a suspicious file is detected on any computer running Avira, a fingerprint of that specific file is generated and uploaded anonymously to Avira so that they can scan it and report its status (whether it’s safe or dangerous) back to every Avira user so that the program can take appropriate action.