Prevx settings

Discussion in 'Prevx Releases' started by Hugger, Nov 20, 2010.

Thread Status:
Not open for further replies.
  1. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    I've got Prevx 3.0 with SOL on a Windows 7 Pro x64 pc.
    What are my best settings?
    I am also using MSE and Sandboxie.
    Thanks.
    Hugger
     
  2. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,363
    Location:
    Sweden
    The default settings are good enough! If you're really worried or have Internet habits that might expose you to more threats, higher the levers in heuristic settings. In SafeOnline, for HTTPS, you could go for max setting and high when it comes to HTTP.

    I'm not sure how well Sandboxie works with the SafeOnline module for your browser as there have been some issues between them in the past. TripleHelix or PrevxHelp would know this and if they're fixed!
     
    Last edited: Nov 20, 2010
  3. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Sandboxie prevents SafeOnline from seeing into the browser so you won't receive SafeOnline protection for a Sandboxie'd browser, however, all other browsers are secured and you still receive the full antimalware protection in the background :)

    Let me know if you have any other questions!
     
  4. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    To configure Prevx for maximum security, perhaps for on a multi-user computing environment, do the following:

    * In Basic Configuration:

    - Enhanced rootkit detection, automatically download/apply updates, "right-click" scanning, & realtime MBR scanning are essential and rightfully enabled by default.

    - Set a password to prevent other users from modifying settings. Do take note that Prevx settings are NOT administrative. Furthermore, User Account Control/Windows won't protect the settings; YOU have to, with a password. (Share the password only with other trusted computer administrators, and don't make the password fart123...please. And by computer administrators I mean not your little brother that will make detection overrides for his warez. Anyone you give the password to can completely remove Prevx, so be smart.)

    - Remove the error-prone human element of anti-malware software by: Saving/automatically applying block actions, automatically removing blocked files, & automatically blocking files without prompting.

    - Show authenticating files screen, on-bootup splash screen, and/or system tray icon are really personal preference, but good for debugging to ensure Prevx successfully loads.

    * Scan Scheduler:

    - Enable scheduled scans of course, and scan the system every DAY. Scan automatically after bootup for added security on high risk, dynamic systems.

    (Prevx scans so quickly, that it's good practice to scan every few hours anyway. Make it part of your life! :p)

    * Heuristics Settings: (Ooh goodie, time for the fun part!)

    - Advanced heuristics MAXIMUM, program age MAXIMUM, & program popularity MAXIMUM. (I ALWAYS would recommend starting with the most secure settings, and if your system is more of a static setup, you probably won't get any false positives. And if you do...lower it one step at a time.)

    - Applying before versus after is a good setting to experiment with. I am still trying to gain an understanding of what the difference would be from a maximum security goal standpoint. Here is my understanding:

    Adv. Heur > Age/Pop = Behavior detections take priority

    Age/Pop > Adv. Heur = Community takes priority

    Which would you trust more at the front line? You decide. With all at maximum, either way isn't going to put a big hole as far as I can tell.

    * SafeOnline:

    - Maximum. Configure websites for additional protection as needed.

    * Self Protection:

    - Maximum, which should be the default setting if you installed with a RANDOMIZED name, which if you didn't, I would highly advise doing so.

    * Detection Overrides:

    - "Use this feature with caution as it can change the default, community informed responses."

    That's all folks. Hope that helps!
     
  5. Hugger

    Hugger Registered Member

    Joined:
    Oct 27, 2007
    Posts:
    1,003
    Location:
    Hackensack, USA
    Shadek & PrevxHelp-Thanks for the help and information.

    STV0726,
    Thank you for your help.
    It was easy to follow.
    I'm trying it with Max settings all around.
    Hugger
     
  6. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    If you set Adv. Heur > Age/Pop then it will first check with heuristics if it is suspicious and then with the age/popularity detection.
    If you set it Age/Pop > Adv. Heur then it will check with the community first, and only if it is deemed suspicious through that, it will also check with the heuristics, but if not it won't. So it's lighter but potentially less secure.
     
  7. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Thanks for the clarification on the directional options!

    A word also about Sandboxie and Prevx SafeOnline...the best implementation for most security is this:

    - Use Sandboxie for your daily browsing, when you want the OS to be protected from the browser (and any possible drive-by downloads.)

    - Use Prevx SafeOnline when you are specifically doing banking activity, or logging into an account such as World of Warcraft, and you want your browser to be protected from your OS (say to prevent any potential hidden malware from intercepting key strokes.)

    - How about using both at the same time? It was news to me, but apparently, Sandboxie is now compatible with SafeOnline, as long as you mark the check box in the "Accessibility" settings. This allows SafeOnline to see the browser for two-way communication, but apparently, it puts a hole in Sandboxie's protection, so I'm not sure if it's better to do this, or rather use both depending on the activity like I've laid out above.

    Hope that helps.

    EDIT-- Here's the link to Sandboxie's "known conflicts" page, with the SafeOnline description at the top:

    http://www.sandboxie.com/index.php?KnownConflicts#prevxsafeonline

    They say to then enable "Drop Rights" to compensate for some protection lost, but if you are using 64 bit Vista or 7 version of Windows, Drop Rights is already enabled to compensate for the already lost protection due to Patch Guard. So really, how many holes do you feel comfortable putting in Sandboxie? Probably best to use them standalone I would think? Quite honestly I've been slacking on Sandboxed browsing sessions lately because I've got SafeOnline combined with a Software Restriction Policy, so nothing can install anyway.
     
    Last edited: Nov 21, 2010
Thread Status:
Not open for further replies.