Absolutely Loving WSA - Couple Questions

Discussion in 'Prevx Releases' started by STV0726, Dec 3, 2011.

Thread Status:
Not open for further replies.
  1. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    I have recently upgraded to Webroot SecureAnywhere Essentials (Thanks again, Joe!) and even though I have seen the product previously and played with it in a sandbox a month ago, I still am speechless at how much I love this interface. Wow! :thumb: *Applaud*

    I just had a few questions in going over the settings, online portal, and transferring configurations between computers...

    1.) If I were to select to change the security settings of a computer from the web management portal, does Webroot push the new heuristic settings ONLY...-OR- does it also overwrite all OTHER settings (i.e. basic configuration, self protection, etc.) to default? I ask because the help icon when clicked explains the changes that can be made to the heuristics by the presets, but it says that all other settings will be from the default installation options. I have altered and customized my other settings aside from heuristics and I do not want to lose them.

    2.) When I transferred settings from one computer to another using the import functionality, I noticed it also imported my quarantine and detection rules, which seems odd, since those are specific to the computer that which the infection occurred on. Is this intended to work like this?

    3.) Lastly, speaking of quarantine: when Webroot did the initial scan it detected something called "psdriver_8[1]" in the temporary internet files of my administrator account, which I don't ever use to browse the web. As you probably know, I have had Prevx 3.0 installed and set to maximum heuristics for over a year now and it has not detected that, so I am assuming it is a detection coming from the new Webroot definitions that were added to the database. Additionally, Webroot also detected a driver for a legacy keyboard I have which I know is safe--it comes from M-Audio. I have submitted that as a false positive. Please note that these two detections are with default heuristic settings.

    Wow, I am amazed with this product. I just love it. Thanks Webroot and Prevx!
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Glad to hear it! :)

    Each protection profile changes several different settings and if you apply it to a specific computer, it will overwrite the local configuration. In our business product (which will be available in the next couple months), you'll be able to configure each individual option centrally but we've made a more high-level interface for the average user, rather than trying to have them wade through 120+ options for each PC.

    That's correct - you can remove them on the other PCs if wanted but we consider "Detection Configuration" to be part of the overall configuration as well.

    It's possible that these are indeed false positives from the added protection in the new cloud on top of the P3 detection. Sending a scan log to our support team will include all previous detections so they should be able to take care of it without a problem.

    Thank you, and please let me know if you have any other questions! :)
     
  3. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    So are you saying that changing those presets or "protection profiles" changes more than just the Heuristics settings? According to the help page on the website, it implies it only changes Heuristics and leaves the other settings alone...

    WSA Web Console Heuristic Settings.JPG

    I can definitely understand why "Detection Configuration" would be part of the overall configuration, but to me it seems dangerous to include the Quarantine specifically into the configuration file. For example, if I wanted to roll back configuration, then any files I have since quarantined would be let lose on the system and Webroot would have to hurry up and seize them again, unless of course I am not understanding something.

    Are we talking the old Prevx 3.0 support at prevx.com, or the new support at Webroot.com?

    Also, one final question: Is it alright that I downloaded and ran the Prevx 3.0 Removal Tool with Webroot SecureAnywhere installed? It shouldn't affect WSA since they are separate programs, right?

    As always, thanks Joe!
     
  4. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    These configuration profiles do overwrite other options as well, not only just heuristics.


    The quarantined files won't be restored into the system, they're stored inert and encrypted and can't be executed. You can always erase files from quarantine if wanted, but they pose no risk when stored.


    The new support at Webroot (and indeed, all of the Prevx support team members are still working at the Webroot support team as well).

    You shouldn't have any problems as they're completely different.

    Hope that helps! :)
     
  5. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Thanks Joe!
     
Thread Status:
Not open for further replies.