Returned to try CAV / CIS again after quite a long time away, looks good, but still a bit of confusion that I would appreciate some clarification of please.
Requested to specifically download CAV for Windows 10 but received what appears to be a CIS Premium install file. When clicked to install the default of Firewall was also selected - that’s not nice to see that, confusing for users. Anyway, my main request is that it’s installed as CAV options only on Windows 10 and Windows 7. That’s default settings, not changed anything yet apart from unselecting Firewall option on install page. The documentation says that HIPS should be ON by default, but it is off on both. Is that correct for CAV?
I’m also getting Windows 10 alerts that spyware detection is off, but I thought CAV should cover that angle, no?
If HIPS should be on for CAV, then what other settings under HIPS are default for minimum fuss? This “create rules for know applications” is confusing versus leaving that off, but Safe mode on. For example, on another PC a couple of days ago I enabled HIPS and enabled “create rules for known apps” and I was worryingly requested to approve alerts that came from “system”! I really want CAV with or without HIPS to take care of this level of decision making, similarly to say Webroot Secure Anywhere.
I got to the level of being paranoid about security and what was happening on my PC and whilst I have some technical competency I simply don’t have time to worry about too many such things, I guess I need to know if CAV with default sandbox plus virus scope + using sandboxed browser for banking is enough to keep me safe more than 99% of the time or if I need HIPS as well. If HIPS, then the easiest no-nonsense alerts re SYSTEM wanting access, especially when I install a trusted program. I think all my programs on these PCs are long-established software, nothing too risky, so is HIPS really needed, or will CAV scan any of their dodgy behaviour if these apps are compromised?
A few questions, hopefully a few clear answers please
P.S. is there any difference between running the browser as sandboxed versus launching the whole virtual desktop and running the browser from there?