I've got Prevx 3.0 with SOL on a Windows 7 Pro x64 pc. What are my best settings? I am also using MSE and Sandboxie. Thanks. Hugger
The default settings are good enough! If you're really worried or have Internet habits that might expose you to more threats, higher the levers in heuristic settings. In SafeOnline, for HTTPS, you could go for max setting and high when it comes to HTTP. I'm not sure how well Sandboxie works with the SafeOnline module for your browser as there have been some issues between them in the past. TripleHelix or PrevxHelp would know this and if they're fixed!
Sandboxie prevents SafeOnline from seeing into the browser so you won't receive SafeOnline protection for a Sandboxie'd browser, however, all other browsers are secured and you still receive the full antimalware protection in the background Let me know if you have any other questions!
To configure Prevx for maximum security, perhaps for on a multi-user computing environment, do the following: * In Basic Configuration: - Enhanced rootkit detection, automatically download/apply updates, "right-click" scanning, & realtime MBR scanning are essential and rightfully enabled by default. - Set a password to prevent other users from modifying settings. Do take note that Prevx settings are NOT administrative. Furthermore, User Account Control/Windows won't protect the settings; YOU have to, with a password. (Share the password only with other trusted computer administrators, and don't make the password fart123...please. And by computer administrators I mean not your little brother that will make detection overrides for his warez. Anyone you give the password to can completely remove Prevx, so be smart.) - Remove the error-prone human element of anti-malware software by: Saving/automatically applying block actions, automatically removing blocked files, & automatically blocking files without prompting. - Show authenticating files screen, on-bootup splash screen, and/or system tray icon are really personal preference, but good for debugging to ensure Prevx successfully loads. * Scan Scheduler: - Enable scheduled scans of course, and scan the system every DAY. Scan automatically after bootup for added security on high risk, dynamic systems. (Prevx scans so quickly, that it's good practice to scan every few hours anyway. Make it part of your life! ) * Heuristics Settings: (Ooh goodie, time for the fun part!) - Advanced heuristics MAXIMUM, program age MAXIMUM, & program popularity MAXIMUM. (I ALWAYS would recommend starting with the most secure settings, and if your system is more of a static setup, you probably won't get any false positives. And if you do...lower it one step at a time.) - Applying before versus after is a good setting to experiment with. I am still trying to gain an understanding of what the difference would be from a maximum security goal standpoint. Here is my understanding: Adv. Heur > Age/Pop = Behavior detections take priority Age/Pop > Adv. Heur = Community takes priority Which would you trust more at the front line? You decide. With all at maximum, either way isn't going to put a big hole as far as I can tell. * SafeOnline: - Maximum. Configure websites for additional protection as needed. * Self Protection: - Maximum, which should be the default setting if you installed with a RANDOMIZED name, which if you didn't, I would highly advise doing so. * Detection Overrides: - "Use this feature with caution as it can change the default, community informed responses." That's all folks. Hope that helps!
Shadek & PrevxHelp-Thanks for the help and information. STV0726, Thank you for your help. It was easy to follow. I'm trying it with Max settings all around. Hugger
If you set Adv. Heur > Age/Pop then it will first check with heuristics if it is suspicious and then with the age/popularity detection. If you set it Age/Pop > Adv. Heur then it will check with the community first, and only if it is deemed suspicious through that, it will also check with the heuristics, but if not it won't. So it's lighter but potentially less secure.
Thanks for the clarification on the directional options! A word also about Sandboxie and Prevx SafeOnline...the best implementation for most security is this: - Use Sandboxie for your daily browsing, when you want the OS to be protected from the browser (and any possible drive-by downloads.) - Use Prevx SafeOnline when you are specifically doing banking activity, or logging into an account such as World of Warcraft, and you want your browser to be protected from your OS (say to prevent any potential hidden malware from intercepting key strokes.) - How about using both at the same time? It was news to me, but apparently, Sandboxie is now compatible with SafeOnline, as long as you mark the check box in the "Accessibility" settings. This allows SafeOnline to see the browser for two-way communication, but apparently, it puts a hole in Sandboxie's protection, so I'm not sure if it's better to do this, or rather use both depending on the activity like I've laid out above. Hope that helps. EDIT-- Here's the link to Sandboxie's "known conflicts" page, with the SafeOnline description at the top: http://www.sandboxie.com/index.php?KnownConflicts#prevxsafeonline They say to then enable "Drop Rights" to compensate for some protection lost, but if you are using 64 bit Vista or 7 version of Windows, Drop Rights is already enabled to compensate for the already lost protection due to Patch Guard. So really, how many holes do you feel comfortable putting in Sandboxie? Probably best to use them standalone I would think? Quite honestly I've been slacking on Sandboxed browsing sessions lately because I've got SafeOnline combined with a Software Restriction Policy, so nothing can install anyway.
