Prevx as standalone av enough?

Discussion in 'other anti-virus software' started by cgeek, May 10, 2010.

Thread Status:
Not open for further replies.
  1. progress

    progress Guest

    ... and you will get more than enough FP :doubt:
     
  2. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,538
    Location:
    Sweden
    Not really. Prevx just prevents you from opening newly seen files in cloud and unpopular files in the cloud. You can easily disable it and it's one of the strengths about Prevx; it'll detect far more malware than any other AV with just 1/3 of its heuristic capabilities. Imagine what it'll do with all thirds. Please see the big-ass MRG online banking test. There were just a two or three applications that actually did good in it; one among them was Prevx.

    However, as with all other AVs on the market, the detection against rouge AVs is 'so-so' and could use some improvements. But then again, that's the case for all the vendors on the Anti-malware market.
     
  3. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    indeed
     
    Last edited: Oct 3, 2010
  4. m0unds

    m0unds Guest

    wow. another one word post with 10+ smileys. you're so insightful.


    thread exorcism (nearly 5 months..) or not, I wouldn't use Prevx by itself. I'm just not comfortable fully relying on cloud-based software quite yet. If there was a way for the client itself to serve as an offline behavior blocker or something that engages when you lose connectivity, then it might be more attractive as a standalone solution since, iirc, it's worthless when you're not connected to the internet. Of course, there aren't too too many threats that spread without an internet connection, it'd still nice to have something able to catch usb-borne stuff.
     
  5. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    No, i do not believe it is. You are much better off with a layered approach. I'm not sure Prevx scans all the protocols that an AV scans. Maybe Prevx could answer that. Does anyone know if Prevx scans all the following protocols for all categories of malware like viruses, trojans, worms, bots, rogues, etc: Http, Https, SMTP, POP3, FTP? I looked, but i didn't see it listed anywhere on their site.
     
  6. progress

    progress Guest

    Don't attack the cowboy :doubt: :) :D :oops:
     
  7. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    Prevx does not scan the following protocol for viruses, trojans, worms, bots, rogues, etc: http, https, SMTP, POP3, FTP. Prevx scans for viruses upon execution of a file. I do not believe Prevx would make a very good replacement for your AV. It was designed to work along side your AV for a layered security approach. An AV scans all of the above Protocols for harmful traffic.
     
  8. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    I used prevx for a long time and I love it. But I cant use it because after I bought a new HP laptop..upon installation prevx informed all the drivers from HP as infected.. I submitted the files..waiting for it to be resolved.. prevx is really awesome BB and about me being insightful its a big :thumbd: :thumbd: :thumbd: :thumbd:
     
  9. atomomega

    atomomega Registered Member

    Joined:
    Jul 27, 2010
    Posts:
    1,292
    I know... that "incredibly massive poster" tag is hard to reach... keep it up boy!

    Back on topic... I don't like the fact that Prevx doesn't offer a free trial of their full product... what a shame.... so I haven't been able to test the "full" product... anyway, I don't like what the "freebie" offers, IMO it's just a web shield...

    EDIT: yes, I've tested the free version... twice already... still don't like it...
     
  10. m0unds

    m0unds Guest

    uhh...most standalone (read: not a suite) products won't do it either. besides, it's been discussed on wilders ad nauseum, but online scanners provide negligible benefit anyway since the resident/on-access scanner will catch the files downloaded anyway...
     
  11. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
    I wonder about this theory because from what I understand, malicious downloads, especially rogue antivirus programs, may include several components that install, maybe even separate malwares altogether in a drive bye download. If this is the case, and if an antivirus did not have a web shield, then maybe of the several different malwares downloaded only a few are caught by the on access scanner and those not caught may proceed. But what if there is a web shield and a blacklisted url stops the web site from loading at all? Or if there is a http scanner then once the download begins there may be a detection of some of the malware which stops the download altogether? Wouldn't this be a better way to go? If so, I would think this approach would be more than a negligible" difference.

    What do others think?

    As for Prevx as a stand alone, I think it's so light that I would want another scanner as a compliment and second opinion, layered approach.
     
  12. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    5,694
    Location:
    USA
    No disrespect intended, but almost all payed AV's do scan http, SMTP, and POP3, and FTP. I believe its always better to block malware before it is executed. I've seen many cases where malware was detected upon execution, but was still able to infect the host. The earlier it is detected the less likely you are to be infected. I have Prevx on all my machines, but i use it to catch what AV's tend to miss. I believe it's always better to have a layered security approach. Don't get me wrong.. I have been using Prevx since it's very first release many moons ago, and it's an awesome product!
     
  13. m0unds

    m0unds Guest

    oh, i totally agree re: blacklisting. preventing downloads (by disallowing a user to reach an infected/compromised host) is important. unfortunately, it still seems (to me at least) that blacklists aren't leveraged as heavily as they should be.

    also, the thing with most drive-by downloads is that they still require code execution in one way or another (running a dropper, executing a rogue installer, what have you) and that still harkens back to a competent on-demand/on-access scanner as the primary prevention method.

    iirc, prevx provides some measure of drive-by protection via safeonline.
     
  14. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    I have to say that the number of FP's reported in this thread alone have given me pause about using it.
     
  15. m0unds

    m0unds Guest

    i've never encountered a false positive with prevx in any environment i've used it in.
     
  16. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    The number of FPs with Prevx now, is no greater then top AVs. Also this entire thread is a joke. Show me where Prevx markets itself as a standalone product. Joe has been very clear about this. The next version may be different though.;)
     
  17. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    indeed:thumb:
     
  18. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,430
    Location:
    Surrey, England.
    Yeah, Prevx 4.0 will be awsome. I get the feeling that there are people out there that are always trying to attack Prevx with POCs etc because they know
    their time is up. PSOL used to be accused of having overly aggressive heuristics and too many FPs, but that has all been ironed out I believe. And the effectiveness of SafeOnLine is there to be seen, and afaik has been tested
    thoroughly, recall WestCoastLabs Platinum mark, MRG etc.
    I have only had two "mis-detections" from PSOL in past 9 months, one a test tool.
     
  19. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    It states on the Prevx site that it can be used as a standalone. "you can use Prevx 3.0 as a primary endpoint security solution, or, you can use Prevx 3.0 as an important component of a layered security setup." http://info.prevx.com/help.asp Sorry Joe.;)
     
  20. m0unds

    m0unds Guest

    haha, made a point of saying i'd never had an FP...lo and behold, prevx's heuristics engine didn't much care for the new version of kitty (fork of PuTTY)
     
  21. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    In fairness Wilders users are more likely than average to be using Beta versions of software,or at least to be among the first to use latest releases.Also users here tend to have uncommon/exotic applications.
     
  22. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,995
    I have no real problems with Prevx although I notice a lot of I/O writes and the scheduler has some issues. If the renewal price was better I think I would be much more likely to add another license or two. The combo of Avast free and Prevx has been pretty top notch for my rigs. I've asked before if Prevx is more of a behavior monitor, HIPS, signature scanner or what and I get different answers.

    I also will add that the support is very good. Questions are answered pretty quickly about compatibility issues and false positives. And upgrades are pretty steady. The lack of a real trial period and not very many quality test vs. malware are negatives, though.

    I think other than the detection and removal ability (support, ease of use, lightness on a system, product upgrades and updates, few conflicts with other programs, relatively few false positives- for me anyway) that Prevx has the ability to be a stand alone product. Certainly detection and removal are important. But we've all seen some products with decent detection ability but poor customer support, difficulty of use or many conflicts with other apps, etc which make the program essentially less qualified as a stand alone.
     
  23. Mongol

    Mongol Registered Member

    Joined:
    Jul 24, 2004
    Posts:
    1,581
    Location:
    Houston, TX
    Actually with the newest .206 update I have noticed the scheduled scans are fixed. My scans start right on time...finally...:)
     
  24. PC__Gamer

    PC__Gamer Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    526
    Prevx is a standalone though, the fact that its been created to coincide with other security products, doesn't effect this.

    They simply shove that information in your face to say that, you can still purchase this software even if you are subscribed to another, and states the advantages the customerwould get if he decided this.

    ... Its actually clever marketing!

    :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.