Age/popularity heuristics

Discussion in 'Prevx Releases' started by BoerenkoolMetWorst, Oct 10, 2011.

Thread Status:
Not open for further replies.
  1. BoerenkoolMetWorst
    Offline

    BoerenkoolMetWorst Registered Member

    I was trying to trigger the age/pop heuristics by executing rare and newer software but I haven't been able to trigger a detection so far. Even with both age and popularity set to maximum it does not trigger on software that would normally have been triggered with Prevx 3 on lower settings. Is it fully working?

    Also I did this to check if some improvements were already implemented which I suggested here and were confirmed for v4:
    http://www.wilderssecurity.com/showthread.php?t=283838
    Are they implemented in WSA?
  2. PrevxHelp
    Offline

    PrevxHelp Prevx Moderator

    The Age/Popularity heuristics now take into account the behavior of a program. As we're just coming out of the beta, the Age/Popularity heuristics aren't fully enabled but once we establish a good baseline of users, we'll be turning them on.

    In the meantime, you can set specific areas to block any non-whitelisted file or by raising the Advanced Heuristics which will show a "HIPS" warning like the one below:

    image003.png
  3. BoerenkoolMetWorst
    Offline

    BoerenkoolMetWorst Registered Member

    Thanks.

    How to do this? Are these the options in the Core system shield which are already enabled by default?(Except for HOSTS file modification.)
  4. Romagnolo1973
    Offline

    Romagnolo1973 Registered Member

    pc security - edit heuristic - set "warn when new programs execute taht are not trusted", in this case you bypass heuristics and are you that decide what allow or not
  5. PrevxHelp
    Offline

    PrevxHelp Prevx Moderator

    Exactly :thumb:
  6. TonyW
    Offline

    TonyW Registered Member

    Just to clarify in case anyone is trying to find this - find it here: PC Security/Shields/Edit Heuristics.

    Alternatively, click on Settings and go to Heuristics.
  7. BoerenkoolMetWorst
    Offline

    BoerenkoolMetWorst Registered Member

    Yes, but that is about the execution of untrusted files(a nice feature btw), but I asked about blocking modifications done by untrusted files, like setting itself up to automatically start on boot like shown in Joe's screen.
  8. PrevxHelp
    Offline

    PrevxHelp Prevx Moderator

    You can do that by raising the Advanced Heuristics one or two levels from the default Medium.
  9. BoerenkoolMetWorst
    Offline

    BoerenkoolMetWorst Registered Member

    Thanks :)
  10. BoerenkoolMetWorst
    Offline

    BoerenkoolMetWorst Registered Member

    WSA has been released for a while now and a lot of old Webroot customers have been transfered, so are they completely enabled now?
  11. PrevxHelp
    Offline

    PrevxHelp Prevx Moderator

    I believe they're still slightly different than the P3 age/popularity heuristics in how they work (as they're taking into account the behavior of files still) but we're currently working on tuning them fairly regularly to see how to best work within the configuration :)
  12. BoerenkoolMetWorst
    Offline

    BoerenkoolMetWorst Registered Member

Thread Status:
Not open for further replies.