Maxing out the facebook offering?

Discussion in 'Prevx Releases' started by iravgupta, Aug 3, 2010.

Thread Status:
Not open for further replies.
  1. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    Installed the FaceBook version, confused by level of configurability (heuristics, age etc.). Questions -
    1. How do I max it out?
    2. Does it have an impact on system performance?
     
  2. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    1. I have
    - "Apply before Age/Pop."
    - Heuristics = Maximum
    - Age = Medium
    - Popularity = Medium

    It's a common set up around here.

    2. Not much for me (quadcore, 4GB RAM).
     
  3. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    1.
    Just put the slider for everything to the right to Max ;)
    Advanced heuristics is just the normal detection to check if the things you execute look like malware. Higher means more sensitive. Program age heuristics is about the age of the program, if a program is still very new and not seen much in the community there is a higher chance it is malware, if you put this setting higher than the bar is raised for how old a file must be to be allowed to execute. Putting it higher can prevent more zero day malware but also cause more false positives. Program popularity heuristics is kinda the same but not about the age of the program but about the percentage of users in the Prevx community need to have seen it before it is allowed.

    To lower impact you can apply advanced heuristics after age/popularity detection, if they think the file is ok, then it won't be scanned by advanced heuristics, if not then it will.

    2.
    The files are scanned in the cloud so there is no impact to system performance, however if you turn heuristics off or change it to apply after age/popularity less files are submitted to Prevx so the Prevx client on you pc doesn't have to wait for them to be scanned and thus some applications that need to be scanned before execution might execute a bit faster, but the resource usage will not change.

    However doing this might lower security and Prevx is already very light so I don't think you would notice a difference anyway.

    Here's some more detailed info on each of the sensitivity levels:
    http://info.prevx.com/help.asp#xheuristicsettings
     
    Last edited: Aug 3, 2010
  4. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I think Kees suggested to set all sliders one notch below the highest setting and to tic Apply after Age/Popularity detection.
     
  5. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    Got this on default settings -
    PrevxFalsePositive.png
    Wonder what happens when I max the settings :eek:
     
  6. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    are those real or FPs.
     
  7. iravgupta

    iravgupta Registered Member

    Joined:
    Dec 17, 2009
    Posts:
    605
    FPs. Scanned system with avast!, malwarebytes, superantispyware, a-squared emergency kit, HitMan Pro to be sure.
     
  8. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    Probably just an FP, if you report it, it will be checked and fixed ASAP :):
    BTW, I have all settings on max for some time now and only get a age/popularity warning sometimes with new versions of Pidgin(an apparently somewhat less used IM program.) But even if you would get such warnings it is easily added to exceptions.
     
  9. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    If you could send a scan log by clicking Tools - Save Scan Results to report@prevxresearch.com, we'll fix them directly :)
     
Thread Status:
Not open for further replies.