Prevx real-time, only need AV scan on write?

[InfinityAz]

If you're running Prevx (paid) in real-time mode, does it make sense to only have your AV scan on write, instead of scanning on read and write (running Avira, btw, but could be any AV)?

[Retadpuss]

I would leave Avira set at its default. Prevx does not scan on access - only on exe - which is my only criticism of it.

[raven211]

Quote:

Originally Posted by Retadpuss

I would leave Avira set at its default. Prevx does not scan on access - only on exe - which is my only criticism of it.

Really? I've seen many people indicating that it indeed catches at sight, or atleast protects you at all times - that's obviously their goal afterall. Maybe Joe can enlighten you.

[PrevxHelp]

We really don't see the benefit of scanning every file on write. It introduces a boatload of unnecessary overhead and doesn't actually provide any additional protection - Prevx scans code before it executes so it will protect you against anything as it tries to enter.

However, (and I'm unfamiliar with the individual feature of Avira) scanning on write only seems like a conceptually bad idea... What if the file is identified as a threat in between the time it was written and when it was read? We've written Prevx so that it will be compatible alongside any AV with their default configuration, so feel free to use Avira with its full shields up

[Kees1958]

Setting your AV only makes sense when using with applications like GeSWall or DefenseWall. They keep also downloaded files in a contained environment (so they are harmless). The Av is only used to prevent spreading malware to others.

What is a noce combo is setting PrevX heuristics after AGE, set all settings to medium and use it with DefenseWall. PrevX will only check the newest files, with medium heuristics, causing low CPU load.

Regards Kees

[raven211]

Quote:

Originally Posted by Kees1958

Setting your AV only makes sense when using with applications like GeSWall or DefenseWall. They keep also downloaded files in a contained environment (so they are harmless). The Av is only used to prevent spreading malware to others.

What is a noce combo is setting PrevX heuristics after AGE, set all settings to medium and use it with DefenseWall. PrevX will only check the newest files, with medium heuristics, causing low CPU load.

Regards Kees

Isn't setting Age to Medium even more prone to FPs? You've probably read my lame but true complaints.

[Ilya Rabinovich]

Quote:

Originally Posted by ssj100

However, installing unknown (potentially unsafe) applications as trusted with DefenseWall (because they didn't install properly as untrusted)

Most of the software can be installed as untrusted with DefenseWall.

[jmonge]

@ssj100 same with sandboxie if you run any apps out the box you are vulnerable for malware attack

[Ilya Rabinovich]

Quote:

Originally Posted by ssj100

My point is that there is no protection from that kind of human error.

It's about every HIPS software any kind of.

[jay2007tech]

Quote:

My point was that human error will bypass everything, not just DefenseWall. My other point was a justification of why I use the AV to scan on write only. Thanks mate!

It true, a few months ago, in the chicago area, people got scammed into giving away there property and house.