Optimum Setting For Behavioral Scanner

searchlight

Hi,

I have been using BDAV 2009 for the last two weeks. The anti-virus module is set at the default setting but I have been adjusting the behavioral scanner and found that it is too aggressive when set at high where it asks for many program permissions.

At the default setting, what is the optimal setting or default setting for the behavioral scanner? Is this a good choice. Will I still be protected from zero day attacks?

Thanks:).

Rsenic

the way you set the antivirus depends on how you use your computer and also, on how slow you want it to run if you set it to aggressive it will run slower but you will be more protected. if you do not use an email software (like Outlook) you can just disable the option to check incoming/outgoing emails, for example. If you browse the Internet a lot, but take care of the websites you go to, then disable the Http scanning.

these are just 2 examples, but the most important thing is not to follow every link on the internet and also to scan all the files that you download from 'untrusted' websites.

searchlight

Thanks for the response but this does not answer the question specifically related to the behavioral scanner setting which appears under the anti-virus tab.

I have set the behavioral scanner to moderate and so far so good but I was curious as to what setting most people use to prevent zero day attacks.

alexcrist

I use it on High, and it didn't give me any problems.

Of course there were some alerts about clean files. But the users have to understand: there are no such things as "false positives" about a Behavioral Scanner. The Behavioral Scanner just looks at what an application does, in realtime, and decides if it is suspect or not. It doesn't use signatures, it doesn't look for any predefined files...it just looks at everything, for anything.

So far, I got 6 alerts about clean applications. After I allowed them to run, all worked just fine.

Cris.