hello
I notice that running an antivirus, has a noticably negative impact on read/write/copy etc file speed
if this is true, I suppose it is because before accessing a file, it is firstly read and scanned by the antivirus, which causes a delay
to overcome this problem, I wonder if we can run every new file sandboxed by default, so that we wont have any delay (afaik, to be honest I 've never used sandbox) and afterwards, antivirus may scan the file, or afterwards, if antivirus will not detect malicious behaviour, the file to be removed from sandbox
this way, the whole system will be more secure (since malicious file detect wont lay only to heuristics analysis, but also its real behaviour will be examined), and moreover, the whole system will be more responsive and there will be no negative impact to its performance
your opinion?
thanks!