prevx1 looks like the Holy Grail Protection

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi everyone

I've stumbeld over this www.prevex.com protection software.
I was looking for a solution agains a Trojan that got me
and Norton and Trendmicro was not able to get this thing removed.

prevex1 worked like a charm...
Reading into theire site to me it sounds like this thing is the Holy Grail
against rootkits, virus and all kinds of malware.

Anyone has experience with this software?

Recommendations?

Re: prevx1 looks like the Holy Grail Protection


Quoted text here. Click to load it

The link you provided loads a page which has content such as this quote:
"We have two divisions, HEPAC products and packages for the food industry."
I found nothing about computer related malware.




Re: prevx1 looks like the Holy Grail Protection


Quoted text here. Click to load it

http://www.prevx.com /

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's



Re: prevx1 looks like the Holy Grail Protection


Quoted text here. Click to load it

Thanks Noel.
Have you heard anything about this product? Comparisons to the other
major tools, etc? The webpage hype sounds great.



Re: prevx1 looks like the Holy Grail Protection

From what little I've heard about it, it would seem to be fairly good  -
whether it's worth the money, though, is up to the user! :)

Note that from what it says on the site, I would expect the program to be
more useful in prevention than as a cleaning aid - and I would recommend
making absolutely sure your system is clean prior to installation!

Note also the warnings about installing PrevX with Norton software installed
(why is it ALWAYS Norton that causes a problem? <g>)

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's
Quoted text here. Click to load it



Re: prevx1 looks like the Holy Grail Protection

<Noel Paton> typed:
Quoted text here. Click to load it

There are several FREE applications that are just as good as prevx if not
better!

Microsoft's Windows Defender is very good:
http://www.microsoft.com/athome/security/spyware/software/default.mspx


Install SiteAdvisor that will show you if the site is bad or not:
http://www.siteadvisor.com
--
YoKenny
See CoU at least weekly:
http://www.dozleng.com/updates/index.php?&act=calendar
I support the right to arm bears


Re: prevx1 looks like the Holy Grail Protection


Quoted text here. Click to load it


NOTE that MS Windows Defender is BETA software, and as such is still rather
buggy - users may need to reinstall the OS if something unexpected happens!

SiteAdvisor, OTOH, is a relatively new innovation, which has not yet
'qualified' (my word - can't remember what they call it) many sites, and
relies on feedback - it has also been shown to be just plain *wrong* on a
number of sites. It does seem to be improving though.

There is no better protection than continual awareness, and increasing
knowledge.
--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's



Re: prevx1 looks like the Holy Grail Protection

<Noel Paton> typed:
Quoted text here. Click to load it

Oh dear!
My BS hip waders and headgear are in the cleaners for their annual spring
cleanup and disinfection so this is an off the cuff observation!

"There is no better protection than continual awareness, and increasing
knowledge."
This assumes that there is intelligent life on this beautiful planet.

Windows Defender may be beta but I have had it running sisnce it came out
and I have kept it updated and have NOT had a problem with it!

SiteAdvisor has MANY sites clasified but with the MILLIONS of sites out
there it could take a while to complete.
Do your bit!
If you see a BAD site then inform SiteAdviisor about it and it will get the
special attention it deserves.

By the way, I am wating for the people that have their site listed in
SiteAdvisor to unleash a massive zombie DDoS against them!

I have a question:
Did your parents or grandparents walk in front ot the newfangled thing
called an "automobile" waving a red flag?


Please view:
http://redwing.hutman.net/~mreed/warriorshtm/klaxon.htm
--
YoKenny
See CoU at least weekly:
http://www.dozleng.com/updates/index.php?&act=calendar
I support the right to arm bears


Re: prevx1 looks like the Holy Grail Protection


Quoted text here. Click to load it

[snipped here and there...and there too]

Quoted text here. Click to load it

Good information.


An observation relating to one (or some few) configurations.

Quoted text here. Click to load it

The reason for beta testing is that there are a multitude of differing
configurations out there and it is impossible to test for compatibilty
with them all with an 'in house' QC department. The warning is well
founded, and goes for ALL beta releases.




Re: prevx1 looks like the Holy Grail Protection

Quoted text here. Click to load it


Microsoft's Windows Defender (previously MS AntiSpyware) and WinPatrol
are examples of products that POLL for changes to your system.  That
means everything they find is found too late.  That is why they can
never report what process was trying to make the change because the
process is already done making the change and has gone away.  Try a
test: edit the hosts file using Notepad.  Only when you exit Notepad and
save the file will Windows Defender announce the change but that
announcement is 10 to 50 seconds AFTER the change was already made and
why it cannot report to you which process made the change and they
cannot offer the ability to let the user allow or block future changes
from that product (because they simply don't know WHAT made the change).
WinPatrol is even worse.  It covers less objects to detect changes and
the minimum polling interval is 1 minute (which is WAY after a process
is gone after making the change).

Prevx intercepts the change AS IT OCCURS.  The process that wants to
make the change is made to pend until Prevx notifies the user of the
change and asks for permission to allow or block (and can remember that
selection).  Like a firewall with application allowing/blocking of
Internet connections, you will get prompts in Prevx but not nearly as
many.  It has a large database of known good and bad files.  If you use
Prevx in its ABC mode (rather than Expert), you don't get prompted when
a known good program makes a change.

I've used Prevx since it was called Prevx Home (for the free version).
They no longer provide a free personal-use version and just have their
pro version which is now just called Prevx.  You can get a free
"research" version, though (http://free.prevx.com ).  Since users are
talking about Microsoft Windows Defender which is also still BETA then
obviously they don't care about using another beta version product, and
I've had far less problems with Prevx's beta than I did with Windows
Defender's beta.  They can both be used together but eventually you'll
want to dump one since you are duplicating protective coverage.  I
dumped Windows Defender simply because it catches the changes too late
and won't let you define rules to remember your actions (because it
hasn't a clue what made the changes).  I have had few problems with the
beta version of Prevx and it consumes less resources than WD and impacts
the system less than WD regarding responsiveness.  Prevx is less
susceptible than WD in a pest turning it off or disabling it.

It has never happened to me under several installs but a few testers
have reported high CPU usage when using Prevx.  However, from what I've
read in the WD newsgroup on Microsoft's private NNTP server and in the
Prevx forums, and if the polling-versus-interception paridigm in
detection were ignored, I'd still pick Prevx.  I had both and dumped WD.
There are still some changes to Prevx that I would like to see in the
future.  While it doesn't include a firewall (something promised for
later), it will intercept apps that try to make Internet connects and
ask you to allow or block and if you want to remember your selection.  I
already have a firewall with app rules so this ends up duplicating the
prompts.  However, that is when I run under the Expert mode: in ABC
(simple) mode, good known apps are allowed to connect (so you'll still
want a firewall because to maintain control even over known good apps).
It won't check the file that was called using rundll32.exe but many
products fail that test, so I never define (i.e., remember) a rule to
allow that process so I get prompted each time "rundll32.exe ...
<somefile>.dll ..." is used to run a program.  Unlike Microsoft, Prevx
has been far quicker to fix bugs.  After all, you are testing their
"research" version which is used to develop their released and
commercial version.  Expert mode can be too expert.  There are times
when it alerts on server-side scripts that have you answering prompts
that can be difficult to make a choice on an action at the time.  Prevx
isn't for newbies since the user is expected to know or research a
process reported in a prompt.  Prevx catches the process making a change
but the user is ultimately the authority deciding what to do - but, at
least, the user knows about the change WHEN it occurs rather than
sometime too late when the process isn't even around anymore.

You might also want to look into ProcessGuard (from DiamondCS).  I used
it for awhile and it is good but eventually I considered it overkill.
Too much protection eventually gets in the user's way.  For example, I
have Ad-Aware and Spybot S&D installed but don't bother loading their
real-time monitors (Ad-Watch and TeaTimer) and only use them for
manually initiated scans.  Same for eWido and a-Squared (but I don't
have those installed anymore).

--
__________________________________________________
Post replies to the newsgroup.  Share with others.
For e-mail: Remove "NIX" and add "#VN" to Subject.
__________________________________________________


Re: prevx1 looks like the Holy Grail Protection

Vanguard!

Thanks so much for your indepth review...!


On Sat, 29 Apr 2006 09:08:19 -0500, Vanguard wrote:

Quoted text here. Click to load it

Site Timeline