As I become more disillusioned with standards antivirus products reliability it leaves me wondering if products like Prevx are not now ready for prime time. I am a firm believer in some sort of virtualization software and use Sandboxie. I am starting to think that a combo like Prevx and Sandboxie would fit the bill allot more then the standard AV.

"Smart HIPS" definitely do seem to be the right direction to go for me too.

You can add my vote on this one!

Hi,

A good friend of mine, who happens to be a penny-pincher, is still using the following combo; a full duty firewall, virtualization app (deepfreeze in his case), and Prevx 2. That is all he needs, and never has failed him in the last good while. ::)

Sounds like a smart man.:)

Woaaa... Nice shiny new logo TrJam ;D

{QUOTE-> Sounds like a smart man.:) <-QUOTE}
Hi,

I love to relay your message to him.
BTW. a nice/wise logo you just added. :thumb:

yep, I am going to be in just a little while, the new Wilders guinea pig. Going run with these 2 apps and nothing else for 6 months. Can you believe it.::)
Look Ma, no AV.;)

{QUOTE-> yep, I am going to be in just a little while, the new Wilders guinea pig. Going run with these 2 apps and nothing else for 6 months. Can you believe it.::)
Look Ma, no AV.;) <-QUOTE}

You realize that you will be missing the file scanner in your email? That could open up doors you may not want opened...

I can either sandbox it, or let Prevx catch it once it gets loose.

{QUOTE-> I can either sandbox it, or let Prevx catch it once it gets loose. <-QUOTE}

You are a brave man Trjam... I don't have this much guts!:o
I do have a lot of faith in the product but I currently look at PREVX as a complement to one's existing defenses not a complete replacement yet...
However be assured I will be watching closely!

{QUOTE-> yep, I am going to be in just a little while, the new Wilders guinea pig. Going run with these 2 apps and nothing else for 6 months. Can you believe it.::)
Look Ma, no AV.;) <-QUOTE}

Alas trjam you aren't the first. Quite a few folks are running this way. I have no AV or AS installed. Just Online Armor, now Anti Executable, and Sandboxie. No issues at all.

Pete

{QUOTE-> Alas trjam you aren't the first. Quite a few folks are running this way. I have no AV or AS installed. Just Online Armor, now Anti Executable, and Sandboxie. No issues at all.

Pete <-QUOTE}
Thanks Pete, that builds me up.:thumb: I want to run OA, but Mike is still banging his head over a beer truck and Vista.;) :D

{QUOTE-> You realize that you will be missing the file scanner in your email? That could open up doors you may not want opened... <-QUOTE}
Hi,

In this case, I would use web email service exclusively, and let ISP's AV pre-scanning those attachments before me. ;)

Hi, Trjam,
This hint may help: empty your sandboxie or reboot your virtualization app every 30 min. You are probably in good hands. Good luck.

Said goodbye to my AVs, locked and loaded Prevx2 on both machines and away we go. Of course they say disable uac with vista, but that worthless module was already deactivated. Ran extensive scans on both and are clean. I never used version 2 and a lot has changed. The GUI is a hell of a lot better and the added ability to scan archives is nice. A lot lighter then version 1. I like it 10 times better then version 1. I like the ability with the module to monitor a specific application or program. It does search for rootkits. And it is very light. Feel totally secure with this and sandboxie. Will do a periodic scan with Kaspersky about every month, but for what this cost coupled with Sandboxie and Firefox for free, well, what can I say.:thumb:

{QUOTE-> Feel totally secure with this and sandboxie. <-QUOTE}

{QUOTE-> Will do a periodic scan with Kaspersky about every month <-QUOTE}

Love that one ;)

I think I might cut down on my security some time soon but I'm not sure which add on to remove adblock plus or CS lite ? and then again I don't really want to take risks so perhaps I'd better keep them both just in case ?

@Long View: Wow! your system is way to bloated. If I where you I would get rid off adblock to begin with. If that doesn´t speed up your system, then CS lite is the next one to go.

/C.

This will probably sound biased (as all I ever tend to comment on are threads related to Prevx), however I have reason to do so - as I have run only Prevx2.0 plus the hardware firewall provided by my router for the last 12 months +, and the only programs that have stated I require cleanup during sporadic on-demand checks, are PCTools' Spyware Doctor, and Webroot's Spysweeper who supposedly find malicious tracking cookies...

Of course, we have to admit however, that I'm an educated internet user, able to spot the scams and frauds throwns at me every minute of every day, therfore probably avoid 99% of possible infections already.

Unfortunately it's the "everyday Joes" out there who download something risky, then believe the "You are infected" popups they receive constantly - so much that they use their credit card to rid themselves of such issues - whilst at the same time providing the scum with all the details they need to fuel credit card fraud.

Not sure what my point is here anymore, but Prevx2.0 has proven itself to me at least. Whether is would also prove 100% effective under the contol of an internet newbie remains to be seen...

{QUOTE->


Unfortunately it's the "everyday Joes" out there who download something risky, then believe the "You are infected" popups they receive constantly - so much that they use their credit card to rid themselves of such issues - whilst at the same time providing them with all the details they need to fuel credit card fraud.
<-QUOTE}

I agree with you fully minus the credit card bit. However I must point that People pay me all the time to clean up malware from their computers, actually I make a living doing it. Often they are university educated and quite net savvy, and yes they use their credit card!!! However Since I insist they process via paypal it makes things a lot safer for all involved! But I recognize some of the bogus product you refer too and must assume you are not insinuating what I do is wrong...

Another point I'd like to make is that even the best and brightest cant defend themselves in browsing to sites that are of honest stock but compromised with the inclusions of IFrames for examples. Thus rendering the "safe" browsing habits moot...

{QUOTE-> I agree with you fully minus the credit card bit. People pay me all the time to clean up malware from their computers. Often they are university educated and quite net savvy, and yes they use their credit card!!! However Since I insist they process via paypal it makes things a lot safer for all involved! <-QUOTE}
What I was implying was that these "everyday Joes" pay people like "Malware Burn", "Virusprotectpro", etc, with their credit card to rid themselves of the annoying "You are Infected" popups which the people they are paying actually provided in the first place!

As well as getting cash out of these people, the scammers also now have their valid credit card details which they can sell on, or use themselves further for criminal gain.

I wasn't meaning that you and your malware removal services were bad ;)

I also said goodbye to AV/AS/AT/AK/AR-scanners, including Prevx and that makes my e-life alot easier.
Give me any scanner and it won't find anything on my system. I remove even malware that is not mentioned in the community database of Prevx or isn't born yet. I don't run after the bad guys, I run faster than the bad guys, that's how I win this Malware War and how I will win Malware War III. End of rant. ;D

{QUOTE-> What I was implying was that these "everyday Joes" pay people like "Malware Burn", "Virusprotectpro", etc, with their credit card to rid themselves of the annoying "You are Infected" popups which the people they are paying actually provided in the first place!

As well as getting cash out of these people, the scammers also now have their valid credit card details which they can sell on, or use themselves further for criminal gain.

I wasn't meaning that you and your malware removal services were bad ;) <-QUOTE}


Oh and you forgot malwarealarm.com one of my favorites.
Actually to strengthen this momentum there is a site I sometimes refer to when In doubt about rogue products: Corrupt Anti Spyware http://www.2-spyware.com/corrupt-anti-spyware I think you may find interesting... The list is frighteningly long.

{QUOTE-> I also said goodbye to AV/AS/AT/AK/AR-scanners, including Prevx and that makes my e-life alot easier.
Give me any scanner and it won't find anything on my system. I remove even malware that is not mentioned in the community database of Prevx or isn't born yet. I don't run after the bad guys, I run faster than the bad guys, that's how I win this Malware War and how I will win Malware War III. End of rant. ;D <-QUOTE}
If only everyone could be so secure!

I'd be interested to know how you go about avoiding things like drive-by-malware-installs, etc, with absolutely zero protection though? Not saying it's impossible, but I'd imagine you'd have to be a very safe surfer and never delve into the greyer corners of the internet as the majority of users do... ;)

{QUOTE-> Oh and you forgot malwarealarm.com one of my favorites. <-QUOTE}
Never used MalwareAlarm myself, but am very interested to try it out. I read very recently (this week?) that they had released a new version of this, but I see you have to go through a registration screen to use it? At first I thought it may be vapor-ware which Panda were simply researching interest in - but if there's actually a real product behind that then I may well give it a go now.

What are your impressions so far of it? Does it strike any similarities to Prevx or Threatfire?

[EDIT] Hang on - I think I'm getting confused with Panda's "Malware Radar".

Isn't Malware Alarm a rogue anti-spyware!? :S

{QUOTE-> Never used MalwareAlarm myself, but am very interested to try it out. I read very recently (this week?) that they had released a new version of this, but I see you have to go through a registration screen to use it? At first I thought it may be vapor-ware which Panda were simply researching interest in - but if there's actually a real product behind that then I may well give it a go now.

What are your impressions so far of it? Does it strike any similarities to Prevx or Threatfire? <-QUOTE}


Ahem... well. MalwareAlarm.com is a web site that pops up from time to time and it's a bad one.
Sorry to bust yer enthusiasm.

here I just did a scan of it for ya's..

{QUOTE-> I also said goodbye to AV/AS/AT/AK/AR-scanners, including Prevx and that makes my e-life alot easier.
Give me any scanner and it won't find anything on my system. I remove even malware that is not mentioned in the community database of Prevx or isn't born yet. I don't run after the bad guys, I run faster than the bad guys, that's how I win this Malware War and how I will win Malware War III. End of rant. ;D <-QUOTE}
@ErikAlbert: But the price you pay to maintain your methodology is a strict discipline that isn´t practical for everyday use for either Joe, Jane, grandma and many others. But I´m glad it works for you! :)

/C.

{QUOTE-> Ahem... well. MalwareAlarm.com is a web site that pops up from time to time and it's a bad one.
Sorry to bust yer enthusiasm. <-QUOTE}
Go back and read my edit ;)

By the way - I wish edits had time stamps no matter what, as I added that edit before your reply - honest :)

{QUOTE-> If only everyone could be so secure!

I'd be interested to know how you go about avoiding things like drive-by-malware-installs, etc, with absolutely zero protection though? Not saying it's impossible, but I'd imagine you'd have to be a very safe surfer and never delve into the greyer corners of the internet as the majority of users do... ;) <-QUOTE}
Simple. It's in his signature. RIPS...

{QUOTE-> Go back and read my edit ;)

By the way - I wish edits had time stamps no matter what, as I added that edit before your reply - honest :) <-QUOTE}

Sure! But I couldn't help but laugh over this one! :)

{QUOTE-> Sure! But I couldn't help but laugh over this one! :) <-QUOTE}
:D

I'd hope the fact that I went on to mention "Malware Alarm" as a Panda product puts me in the clear here! :D

Leading on from this - has anyone actually used Panda's Malware Radar?

{QUOTE-> If only everyone could be so secure!

I'd be interested to know how you go about avoiding things like drive-by-malware-installs, etc, with absolutely zero protection though? Not saying it's impossible, but I'd imagine you'd have to be a very safe surfer and never delve into the greyer corners of the internet as the majority of users do... ;) <-QUOTE}
I don't know what drive-by-malware-installs are, but installs means, that they have to "change" my system partition.
Two possibilities :
1. My security software stop them and if they don't, which wouldn't surprise me.
2. My boot-to-restore will remove them, no change = no change.
They can't infect my data partition, because that partition is locked, while I'm on the internet, which means no reading, no writing, no stealing, no nothing.

{QUOTE-> :D

I'd hope the fact that I went on to mention it as a Panda product puts me in the clear here! :D

Leading on from this - has anyone acyually used Panda's Malware Radar? <-QUOTE}

Your mistake was pretty obvious... ;)

{QUOTE-> I don't know what drive-by-malware-installs are, but installs means, that they have to "change" my system partition.
Two possibilities :
1. My security software stop them and if they don't, which wouldn't surprise me.
2. My boot-to-restore will remove them, no change = no change.
They can't infect my data partition, because that partition is locked, while I'm on the internet, which means no reading, no writing, no stealing, no nothing. <-QUOTE}

Drive by installs usually refers to some type of server cross scripting event over a web browser either direct or via Iframes imbeded into a web page, which usually are simple statements that invoke scripts or executables from other points in cyber space to interact within your web browser and infect you with some exploit or install a download.

About your security:
This re imaging appears to be effective as a restore to an original configuration. However it does appear to be rather tedious having to re image the disk after each session... Unless this is some type of full system virtualisation a la sandboxie?

{QUOTE->
About your security:
This re imaging appears to be effective as a restore to an original configuration. However it does appear to be rather tedious having to re image the disk after each session... Unless this is some type of full system virtualisation a la sandboxie? <-QUOTE}
My boot-to-restore takes less than 2 minuts (1m42s) from desktop to desktop and during that reboot any change on my system partition is removed.
Is the total scan time of all your scanners faster than 2 minuts and is it really clean after that, no missing signatures ?
That is just my first defense, I have other methods, which are even more effective.

{QUOTE-> My boot-to-restore takes less than 2 minuts (1m42s) from desktop to desktop and during that reboot any change on my system partition is removed.
Is the total scan time of all your scanners faster than 2 minuts and is it really clean after that, no missing signatures ? <-QUOTE}
I'll have to admit that your style of PC protection sounds most interesting, and is another one I have yet to try.

The only other scanner I have run that takes under 2 minutes is the Prevx CSI scanner - but that doesn't actually remove malware - just tells you whether Prevx recognise active malware resident on your PC... :(

Having checked my clean status last week, I can tell you how annoyed I would get having to sit through 1 hour+ scans every week that the majority of vendors seem to take. Checking your PC with 5-6 products can consume the best part of your entire day these days - whereas being able to simply delete any trace of malware you came across and start afresh within 2 minutes is most appealing...

Back on topic :). I tried Prevx2 for about a month and was surprised that it worked fine. I've read about many problems people were having, but it ran ok on my machine. The only thing I didn't like was the constant internet communications and the fact Prevx didn't know what to do without a connection. I still think there are a few bugs to be worked out, but the idea is a good one. FWIW, I ran it with an AV and HIPS/firewall. I think that was before I was using Sandboxie ;).

innerpeace

{QUOTE-> Back on topic :). I tried Prevx2 for about a month and was surprised that it worked fine. I've read about many problems people were having, but it ran ok on my machine. The only thing I didn't like was the constant internet communications and the fact Prevx didn't know what to do without a connection. I still think there are a few bugs to be worked out, but the idea is a good one. FWIW, I ran it with an AV and HIPS/firewall. I think that was before I was using Sandboxie ;). <-QUOTE}
I'll have to agree.

I have spent much time lurking and reading the Prevx forum over at Castlecops, and from the majority of posts, you'd imagine Prevx basically bricked every computer it was installed on! :D

But then maybe I'm one of the lucky ones? I've installed and re-installed on many occasions with no issues - yet I regularly read that people are unable to remove it from their PC, so there must be an issue somewhere they're missing.

I cross my fingers that I remain untroubled, and i have to admit that I'm surprised I have managed to stay clean with only Prevx installed - even though I have the huge benefit of being a knowledgable internet user. Goes to show that maybe not all of us need 8 layers of protection to ensure you're safe?

{QUOTE-> I'll have to agree.

I have spent much time lurking and reading the Prevx forum over at Castlecops, and from the majority of posts, you'd imagine Prevx basically bricked every computer it was installed on! :D

But then maybe I'm one of the lucky ones? I've installed and re-installed on many occasions with no issues - yet I regularly read that people are unable to remove it from their PC, so there must be an issue somewhere they're missing.

I cross my fingers that I remain untroubled, and i have to admit that I'm surprised I have managed to stay clean with only Prevx installed - even though I have the huge benefit of being a knowledgable internet user. Goes to show that maybe not all of us need 8 layers of protection to ensure you're safe? <-QUOTE}
I'm glad you mentioned that. Prevx uninstalled rather cleanly here. I was pleasantly surprised to see it go away easily. I try to make sure a programs processes are disabled before uninstalling. I've also read the forum at CC's and seen the horror stories. Perhaps I got lucky too.

I do think Prevx and Sandboxie would make a good combo along with a little common sense. If Prevx doesn't catch it, then emptying the sandbox should take care of it.

{QUOTE-> @ErikAlbert: But the price you pay to maintain your methodology is a strict discipline that isn´t practical for everyday use for either Joe, Jane, grandma and many others. But I´m glad it works for you! :)

/C. <-QUOTE}
I don't pay any price. Do you consider a simple reboot as discipline ? Everybody reboots his computer.
I also do "dangerous" stuff in my system partition, just like anybody else.
Restoring my system partition is peanuts.
I only care about my data partition, which is locked when I do "dangerous" off-line or on-line.

I also used Prevx, even the paid version, because I liked the idea behind Prevx.
But Prevx, how good it may be, remains a protection that is based on blacklists regarding malware and needs to be updated.
Prevx is always too late, because new malware needs to be discovered first and then they have to write an anti-dote and store it in the community database.
I don't need all that, because each malware = change, I don't remove malware, I remove changes and I have no false/positives.

{QUOTE-> The only other scanner I have run that takes under 2 minutes is the Prevx CSI scanner - but that doesn't actually remove malware - just tells you whether Prevx recognise active malware resident on your PC... :(
<-QUOTE}

:lurking: Watch this space... cleanup is coming... ;)

of course people complain about the negatives of a product, its human nature. Well I put the desktop through everywhere last night and the kids put the laptop through hell, and Prevx does very well. There are no slowdowns. But in the past it was always mentioned to let it "compliment" your AV product. Well, now is the time to let Sandboxie "compliment Prevx.

{QUOTE-> I also used Prevx, even the paid version, because I liked the idea behind Prevx.
But Prevx, how good it may be, remains a protection that is based on blacklists regarding malware and needs to be updated.
Prevx is always too late, because new malware needs to be discovered first and then they have to write an anti-dote and store it in the community database.
<-QUOTE}

Just a quick clarification... Prevx does not need to "write an anti-dote" or store it anywhere. The Prevx community database contains data about each unique program that has been seen by a Prevx product. One field contains its determination - that is: whether the program is good, bad or undecided. As soon as that field is set to Bad (usually automatically by the database itself), any Prevx program asking about that program will be informed of this status. The malware removal performed by Prevx is completely generic; no instructions or anti-dote is required.

A program can be marked Bad on the very first interaction from a Prevx product - before any behavioural data is captured for it. That is, even though a program has never been seen before, the Prevx database may still automatically mark it Bad before it runs on any PC in the community.

{QUOTE-> Just a quick clarification... Prevx does not need to "write an anti-dote" or store it anywhere. The Prevx community database contains data about each unique program that has been seen by a Prevx product. One field contains its determination - that is: whether the program is good, bad or undecided. As soon as that field is set to Bad (usually automatically by the database itself), any Prevx program asking about that program will be informed of this status. The malware removal performed by Prevx is completely generic; no instructions or anti-dote is required.

A program can be marked Bad on the very first interaction from a Prevx product - before any behavioural data is captured for it. That is, even though a program has never been seen before, the Prevx database may still automatically mark it Bad before it runs on any PC in the community. <-QUOTE}
So each little virus, spyware, trojan, worm, keylogger, etc. ... program is marked as bad in the community database, no signatures or heuristics needed ?

{QUOTE-> So each little virus, spyware, trojan, worm, keylogger, etc. ... program is marked as bad in the community database, no signatures or heuristics needed ? <-QUOTE}

Correct that each program is marked individually. No signatures are required in the traditional AV sense. Heuristics may be involved in determining whether a sample is bad or not, but not always.

In the Prevx database, each program is uniquely identified using a suite of identification signatures. Some of these are traditional hashes like MD5 and SHA1 so unique identification can be made. Others are "family" related - we often find that one or more of these will be the same for a whole family of malware. Or that one or more are the same between two families which at first glance don't appear to be related at all.

{QUOTE-> So each little virus, spyware, trojan, worm, keylogger, etc. ... program is marked as bad in the community database, no signatures or heuristics needed ? <-QUOTE}

Such are any scanners, even the Online Community connected ones like PrevX although useful for many, I simply don't use them anymore.
My dual Boot-To-Restore is instantaneous and fail-proof. I can virtualize my entire drive of FD-ISR Snapshots with Power Shadow while the browser also is trapped courtesy SandboxIE plus with PC Security my data partition is "hid & locked" from both system & internet. As a bonus if i use FREEZE feature of FD-ISR then everything that WAS anything including my surf history is dropped from disc, but Power Shadow does that anyway. After Boot_To_Restore theres simply nothing anyway whatsoever to detect, and as such theres nothing to become alarmed of either. My disc retains it's "clean" pristine state after one press of the mouse button. That only takes seconds. I don't have to wait for something to happen because if it does it can't operate anyway with EQS. That HIPS is a basic shield w/ file protections & rules that are local. No extra resources or drive space, no "live" internet connection to blacklists/whitelists which on dial-up can make for delays anyway. Everything is machine based.


{QUOTE-> I also used Prevx, even the paid version, because I liked the idea behind Prevx.
But Prevx, how good it may be, remains a protection that is based on blacklists regarding malware and needs to be updated.
Prevx is always too late, because new malware needs to be discovered first and then they have to write an anti-dote and store it in the community database.
I don't need all that, because each malware = change, I don't remove malware, I remove changes and I have no false/positives. <-QUOTE}

Isn't it better to prevent BEFORE the fact then AFTER? I don't have to wait for malware either, or an alert that malware is present, because it simply has too many screens to cross in the first place, and if they can get thru all those, my Boot-To-Restore will just cancel them anyway and flush them away.

{QUOTE-> Such are any scanners, even the Online Community connected ones like PrevX although useful for many, I simply don't use them anymore.
My dual Boot-To-Restore is instantaneous and fail-proof. I can virtualize my entire drive of FD-ISR Snapshots with Power Shadow while the browser also is trapped courtesy SandboxIE plus with PC Security my data partition is "hid & locked" from both system & internet. As a bonus if i use FREEZE feature of FD-ISR then everything that WAS anything including my surf history is dropped from disc, but Power Shadow does that anyway. After Boot_To_Restore theres simply nothing anyway whatsoever to detect, and as such theres nothing to become alarmed of either. My disc retains it's "clean" pristine state after one press of the mouse button. That only takes seconds. I don't have to wait for something to happen because if it does it can't operate anyway with EQS. That HIPS is a basic shield w/ file protections & rules that are local. No extra resources or drive space, no "live" internet connection to blacklists/whitelists which on dial-up can make for delays anyway. Everything is machine based.




Isn't it better to prevent BEFORE the fact then AFTER? I don't have to wait for malware either, or an alert that malware is present, because it simply has too many screens to cross in the first place, and if they can get thru all those, my Boot-To-Restore will just cancel them anyway and flush them away. <-QUOTE}

Everyone is going to ultimately decide what to use. I am happy for you Easter that yours works. If mine does to, then there isnt a difference. If a plain AV and firewall works, then there isnt a difference. Individual setups, Individual results.

{QUOTE->
Isn't it better to prevent BEFORE the fact then AFTER? I don't have to wait for malware either, or an alert that malware is present, because it simply has too many screens to cross in the first place, and if they can get thru all those, my Boot-To-Restore will just cancel them anyway and flush them away. <-QUOTE}
My boot-to-restore would indeed remove what passed through Prevx.
It's hard for me to believe that Prevx will protect me against any possible known and unknown infection, no scanner gives that guarantee.
Scanners give you the illusion in your mind, that your computer is malware-free by telling you "Congrats, no threats found", that message wasn't enough for me, because it isn't always true.
I'm not even aware, if my system partition is infected or not and by which malware. I just remove any bad change and any good change, because I don't need these good changes as long everything is working fine. If I want a good change, I do it myself. :)

Hi, folks:

Technical comparison between Prevx and Boot-Restore could be very profound and detailed, but I would look at it from this perspective:

Prevx is your 24 hr surveillance mechanism, while
Boot-Restore is your comprehensive Home Insurance with total replacement cost option.
Prevx can spot any initial intrusion/violation, and deal with it right there. No further damage will subsequently develop.
While Boot-Restore option will let any, virtually any event to occur at its own pace. When it is time to clean the house, call insurance broker to claim damage-total replacement-rebuild.
Therefore, there are pros and cons here. IMO, no clear winner can be declared, just your own preference, that is all. Keep your option if it suits your need. Take care.

{QUOTE-> Alas trjam you aren't the first. Quite a few folks are running this way. I have no AV or AS installed. Just Online Armor, now Anti Executable, and Sandboxie. No issues at all.

Pete <-QUOTE}Oi vey, Pete -- I thought they didn't allow forum members to post unless they have at least 12 security programs running full-blast at all times. 8)

But seriously folks...
QUESTION- Does Prevx require annual renewal, or is it a one-off?

{QUOTE-> Oi vey, Pete -- I thought they didn't allow forum members to post unless they have at least 12 security programs running full-blast at all times. 8)

But seriously folks...
QUESTION- Does Prevx require annual renewal, or is it a one-off? <-QUOTE}

Pay...Ya must pay Bellgamin... I know it hurts but you'll survive! :D
The actual renewal is at a slightly lower premium than the original purchase price...

Hi,

Renewal for Prevx-- could be a piece of cake; I have two, one was given by a mod of this forum, the other was picked up at giveawayoftheday promotion. If you are lucky enough, you can capture couple at castlecop's annual competition event. Prevx is so popula rnow(IMO) due to its innovative concept and growing faith in its always-in-contact protection mechanism. I was very critical of its approach(along with CyberHawk at the time), now I am a firm believer; the info it collects, if any, will not be more than the data Uncle Sam has compiled up over the years. Your employer may have more of yours than Prevx does. :) Take care.

The report is not about personal data but about Executables and supporting elements.

You have nothing to fear but fear itself... and a few of the hidden programs already reporting how many times you wiped your nose on your sleeve today;D

Hi,
When it boils down, it is the issue of privacy. Whether is flesh(personal data) or electronic(details of your box). Fears? if any, then do not touch the rod(the mighty computer). Perhaps old day's file cabinet will preserve more privacy than modern day's keyboard stuff. Eh? Take care. Hope Argos and Raptors can win this weekend. Take care.

{QUOTE-> Hi,
When it boils down, it is the issue of privacy. Whether is flesh(personal data) or electronic(details of your box). Fears? if any, then do not touch the rod(the mighty computer). Perhaps old day's file cabinet will preserve more privacy than modern day's keyboard stuff. Eh? Take care. Hope Argos and Raptors can win this weekend. Take care. <-QUOTE}


Aaah... a fellow Canuck! I hope at least one of them bring the tin home!;D

I PULLED PREVX! ;) Decided to do this right I needed to reimage both computers to do this right. I have a lot of old crap and registry entries that really could skew my findings and that would not be fair to Prevx or anyone here based on what I find. So my night will be busy. I know, I know, why not buy software that restores in a reboot. I am old schooled and actually like doing a reomage. I always do something different. Have a good weekend folks, I am really impressed how quite and active at the same time Prevx has been in the last 24 hours. It passed the kids test last night. Ran Kasperskys online scan after all the my space crap and all clean. Good product, especially combined with my freebies.

Users have been deliberately left in the dark for as long as Windows is been their choice O/S, vendors know this and although they do work to address certain potential problems, face it, a Boot-To-Restore is much simpler and eons more instant in eliminating those possibilities, and that's if anything can even protrude thru basic front line walls of HIPS/Sandboxes/Virtuals. So scanners of any sort aren't even in the same league because they are constantly searching for matches (blacklist/whitelist) and that consumes additional machine energy even when nothing is discovered, which then becomes lost time better spent making images and/or archives for safety rescue.

Oh! look how much coverage this scanner can cover they claim, but can those results return 100% accuracy? Boot-To-Restore eliminates those doubts and avoids confusions plus you don't have the added burden of constantly adjusting settings or always waiting to update scanners databases.

Just the facts.

The best option would be to have the O.S. minted on a chip. Have it static on, and Boot from some type of firmware, CMOS or perhaps protected Flash Memory, and let it run in RAM this way no permanent modifications of any sort could be made. but the configuration could be written to disk for application and personal preferences without modifications to the actual operating system. Other programs could easily be on chips as well. Like in the old video games consoles or run like current programs that run without requirement for registry integration or other types of installation. Just click and run... And it would allow for all applications to be standardized. No more proprietary Microsoft, linux or apple... All working together (I'm dreaming).

Also you could simply purchase any OS upgrade on a chip and simply remove the obsolete one and plug in the new one... This design would be far more effective from a security perspective, and eliminate the need for the majority of our existing defense requirements... It would create new logistical problems, but a disabled or exploited OS would be a thing of the past.

Corporate types could standardized on a business model that includes all the required corporate apps and then lock the setup out. Reducing overhead security and support...

I never clearly understood why the industry continue to insist operating the way it currently is...

{QUOTE-> The best option would be to have the O.S. Stored and Boot from some type of firmware, CMOS or perhaps protected Flash Memory and run in RAM this way no modifications of any sort could be made. Hard disk could be used for data space and personal configuration. You could simply purchase any OS upgrade on a chip and simply remove one and plug the new one... This design would be far more effective and eliminate the need for the majority of our existing defense requirement... I would create no logistical problems but a disabled or exploited OS would be a thing of the past.

I never understood why the industry continue to insist operating the way it currently is... <-QUOTE}
You mean like Wubi???

{QUOTE-> You mean like Wubi??? <-QUOTE}

Not exactly. Wubi is modified whenever you update an application. Resulting in possible security problems. Besides it runs from your hd or USB flash which is not protected anyone can modify it...

After posting, I re-read yours just to get my head rapped around the concept, and the game-console comparison sunk in. The OS is dedicated and any "saves" are written separately but still accessed through the OS. So anything that was needed, say office or design apps would remain separate and accessed only thru the OS, sort of portable plug&play, as you could plug your chip into receptacle to use it...

{QUOTE-> After posting, I re-read yours just to get my head rapped around the concept, and the game-console comparison sunk in. The OS is dedicated and any "saves" are written separately but still accessed through the OS. So anything that was needed, say office or design apps would remain separate and accessed only thru the OS, sort of portable plug&play, as you could plug your chip into receptacle to use it... <-QUOTE}

That's it! :thumb:

But wouldn't you still have to protect the "saves" from corruption, so when "plugged-in" nothing from the write-accessible could be, um... broadcast for lack of a better word???

{QUOTE-> But wouldn't you still have to protect the "saves" from corruption, so when "plugged-in" nothing from the write-accessible could be, um... broadcast for lack of a better word??? <-QUOTE}

99% of viruses, Trojans and other Malware are able run because they are able to hide within the operating system. Think rootkits that cloak and become invisible. This would be impossible. to do since you could not modify the os in any way. You could only customize the loading of programs and those areas can be easily protected. Every virus would become dead on every re boot since all one would require is a simple visual inspection of a text file containing the config. Easy to protect with a simple process management component. It loads and tries to modify that file... you get a bug screen asking you to autorize it.. and so on... not very complicated at all actually. Get hit with a virus... Boot in a protected mode that doesn't load the config file or use an alternate or default configuration. Delete config file or modify its content to prevent virus to load and voila... back to normal.

This would require every one to standardize their software development to a specific series of instruction sets. However it would open the competition and revitalize the playing field... Right now there is no innovators because Microsoft kills them all in the bud...

So a checksum would be the only needed, to verify files before opening.

{QUOTE-> So a checksum would be the only needed, to verify files before opening. <-QUOTE}

I would see something like the functionality of threat fire or PREVX being integrated in the OS perhaps, but most other systems would be moot. A process management tool simply to keep things under level playing field... That is if you use software from Internet downloads. However if all the software you choose to purchase is is distributed via some type of locked Flash with it's MD5 registered with a monitoring authority for later validation purposes (sort of like with online application certificates) and pre scanned for impropriety it would completely eliminate the need for security because it would practically eliminate all the bad actors out of the market. Simple economics would prohibit them from risking large investments into malware that would be so easily detected. Only the "maker" of the os could be corrupt and perhaps easily spy on us.... But with competition comes options and they could be easily bypassed. Unlike right now.

This is an idea whose time has come I believe... From a technological perspective there is no reasons why it is not already in place. Besides I would think Military applications already work pretty much this way. A nice indicator of things to come...

We need creative and intelligent innovators with deep pockets otherwise we are doomed to keep chasing our own tale like dogs spinning around mindlessly and simply keep our head buried deep inside Microsoft's ass and forget what fresh air smells like! :o

Sorry I keep writing then editing... (I'm actually doing 3 things at once right now)...

The trouble with security conscious geeks like us is that thanks to engenious developers who take the opposite road to malware writers, we quickly catch on to the programs that never were intended to become reality if Behemoth Microsoft had their way, and once news spreads like wildfire on any program that can easily plus more efficiently protect our chosen investments, efforts quickly become afoot to begin to either crush the competition or create a new O/S to make them obsolete ($M mindset policy). Only this time the flood of intelligent minds have overwhelmed $M since Vista didn't get out of the gate in time enough to prevent it. Which spells SATISFACTION with a capital "S" for all users of XP systems.

{QUOTE-> If only everyone could be so secure!

I'd be interested to know how you go about avoiding things like drive-by-malware-installs, etc, with absolutely zero protection though? Not saying it's impossible, but I'd imagine you'd have to be a very safe surfer and never delve into the greyer corners of the internet as the majority of users do... ;) <-QUOTE}
I have been on the internet for 12 years now, 5 or 6 on cable, and used IE at least half the time, and never ever have I had a drive-by install, even going to all the typical places where the nasties occur.. I did use Firefox instead of IE6 for a long time, so perhaps that's why, I think IE6 was the one with the heavy reputation for drive-by problems... But either I have just had extra good luck, or the drive-by issue is highly overrated.

Heretic - just because you and I and many others have never seen something does not mean that it does not exist. 2302 posts and the faith police haven't picked you up yet - truly amazing :dry:

{QUOTE-> I have been on the internet for 12 years now, 5 or 6 on cable, and used IE at least half the time, and never ever have I had a drive-by install, even going to all the typical places where the nasties occur.. I did use Firefox instead of IE6 for a long time, so perhaps that's why, I think IE6 was the one with the heavy reputation for drive-by problems... But either I have just had extra good luck, or the drive-by issue is highly overrated. <-QUOTE}

Thing is Kerodo, that often people have no idea how they got infected by something... Perhaps an email attachment they click or via some site they visited doing a background install via a script of some sort.

I find most users I do a security audit have some type of infections often because someone knew how to exploit their specific configuration... The users however had no idea it was there... Also keep in mind that the most serious of infections are designed with stealth in mind.

{QUOTE-> Thing is Kerodo, that often people have no idea how they got infected by something... Perhaps an email attachment they click or via some site they visited doing a background install via a script of some sort.

I find most users I do a security audit have some type of infections often because someone knew how to exploit their specific configuration... The users however had no idea it was there... Also keep in mind that the most serious of infections are designed with stealth in mind. <-QUOTE}
Yes, I understand that, and you're right. Many, if not most, users have trouble staying out of trouble.. I consider myself a smart and educated user, so I probably get better results than most with minimal security.

{QUOTE-> Yes, I understand that, and you're right. Many, if not most, users have trouble staying out of trouble.. I consider myself a smart and educated user, so I probably get better results than most with minimal security. <-QUOTE}

The hilarious thing is I have a client who is disabled. He has no idea about anything related to his computer and he probably spends 5-7 hours a day online browsing mostly porn sites... I have never found exploits on his machine, only the typical virus and adware/spyware everybody gets from time to time... It goes to say you never can tell who/where/when... Perhaps he has a higher power protecting him.. :dry:

this is a good decision. No issues with Prevx.

did some tests this weekend with Prevx and some know bad places. It caught everything I threw at it, or jailed it. Came back with a Kaspersky online scan and clean. Added Opera, dropped Firefox and I swear I cant fathom and much faster my PC has gotten with Prevx and Opera.

{QUOTE-> Added Opera, dropped Firefox and I swear I cant fathom and much faster my PC has gotten with Prevx and Opera. <-QUOTE}

I assume you mean while on line ? How is the speed with Prevx running the rest of the time ?

I dont notice any slowdown, and I am very picky about this.:thumb:

Trjam,
Long time user of Prevx along with Online Armor, nothing else. I trust Prevx to catch anything I might allow through OA with an incorrect answer to a pop-up query. Am interested to know what Mode Setting you are running Prevx in, ABC or Pro? Darren (Ghiser 1) has said that in cases where Prevx has failed a test it can often be because the user/tester was running it in Pro or Expert Mode and incorrectly answering the pop-up queries where if it had been running in ABC Mode it would have automatically stopped the infection from running or executing without asking. Will be following this thread with great interest,
Ian

I run in Pro.;)

Hi, Prevx uers,

If you have a full trust in Prevx's central command, select ABC mode.
If you wish to take everything into your own hand, you can select Pro or even Expert mode, Turing it into a classic HIPS, more funs but more headaches. Take care.

:o Good point, I will switch mine to this setting and see how it does. Anyway, what gives me the right to think I am a "Pro."::)

Prevx2 is a great product, but, I have to admit the layered approach is the only true way to try and get to 100 percent protection.

{QUOTE-> Prevx2 is a great product, but, I have to admit the layered approach is the only true way to try and get to 100 percent protection. <-QUOTE}

Hi Trjam, can you explain to a 'noob' what you mean by this?

Like in winter you are better off wearing several layers against the cold a similar situation arises with your defenses.

Basically there is no single line of defense that can fully protect you 100% regardless of vendor marketing claims or users bragging of perfection in their security...

You must address practically every single attack vectors leveraged by those bent on owning your pc... and this requires some thoughts and a slight investment.

LOL Many layers of clothing will no doubt keep you warm in winter. However, I just can't get the image out of my mind of the same amount of clothing being worn by people in a sweltering hot summer - just in case the temperature happens to drop.