Prevx releases Prevx1 beta

Before you install any "low-level" program, but especially with newer HIPS programs (which are all in their infant stages), I would highly recommend that you take an image copy of your hard drive, if you have the facilities available to do so.

While my experiences with Prevx are dated at this point, it did completely hose my system several months ago. More recently, after I uninstalled Prevx after aborted install of the Prevx Pro, there was some "ghost" images appearing after I re-booted, which I couldn't clear (using registry cleaners, etc.). I used my image copy to restore to a previous clean state. You should probably check their forum to get a general idea of what is happening nowadays.

In the case of Safe N' Sec, I did receive an alert from ProcessGuard (on two seperate occassions) that ZoneAlarm application had "changed", after I installed SnS. I used a previous image copy to recover my system to its state before the install.

I haven't experienced any problems with ProcessGuard or Online Armor, but I am sure the potential is there. So image copy if you can.

Regards,
Rich

 

Right now, I am just watching all the HIPS products evolve. I am not completely sure that the first HIPS products coming out of the gate will be the eventual "winners".

There are a few other developers that have yet to throw their hat in the ring with their products. I expect DCS, BoClean, Ghost Security, Ewido and maybe a few bigger AV's will also probably join the game soon.

I am not sure who will put out the best solution and I don't want to buy like 4 or 5 HIPS products. I am just observing...for now.

Who knows....a year from now people might decide that maybe HIPS products are not the best solution. Just look how fast everyone seems to be turning their back on the scanner solution.

I have a feeling that as all these HIPS products get more sophisticated that they all might not play well with one another. The last thing I want is a bunch of products that don't work well together.

Right now, I am just watching how both PREVX and all the others evolve.


Starrob

 

My workstation Prevx 1 beta is working without any trouble with NOD32, Process Guard and RegDefend.

Installing programs is a bit of a pain because I get lots of popups, but I can live with that. I don't mean a lot of popups from Prevx but a lot of popups from all my security software.

 

Well I'm not sure if everyone is turning their back on the scanner solution. Though I suppose reading this forum can be misleading in that way. Despite all the hype, scanners are still the main form of protection.

This whole idea that behavior monitoring is better than signatures is not really new, every once in a while someone will 'discover' it again and boast their product is superior cos it doesn't use signatures.

Scanners are still here though.

I'm surprised that you would miss out all the fun, playing with them.

Though I do agree that people are jumping on the band wagon way too early. And worse still, misleading others who are not equipped to handle these products, that they need HIPS.

 

i dont think the scanner/signature method will go away anytime soon, but heuristics and behavior blocking is just a great way to detect unknown threats and other malicious actions. IMHO, neither one method is completely better than the other and they should both work side by side to protect ur computer. as for HIPS, i dont think its too early to adopt as malware is evolving each day as well and u need protection because u wont always have a definition for it.

 

Right now, it is very early in the game for HIPS products. Most of the HIPS products are very unpolished and incomplete with "promises" of additional features to come.

I am not sure if all of these products will work as good as most people think, many are still in a testing stage.

Look how long it took for PG to become what it is today and even that product needs additional improvements.

It may be another year or two for a lot of these HIPS products to become fairly polished. There are a number of reasons that I am hesitant to play with these products. Many operate at a low level and I have a feeling that the stability of my computer will be effected by using too many of these products or lots of installing and uninstalling "expirements" by developers.

I also don't want to jump on a product because of all the "hype" and then 3 months later find out I bought a product that was technically inferior to some of the products put out by people that have yet to throw their hat in the ring.

A number of people that have made superior software in the past have yet to really play in a big way this area....including the AV's like KAV and NOD. Then you have Ghost Security, DCS, Ewido, and BoClean.

It is highly likely that people that are raving about one particular product now will jump to Ghost Security products or BoClean, or Ewido or KAV or NOD or DCS or once they come out.

It is ok to try all these products if a person likes to expirement. It is fun to expirement sometimes but it is just that I have other things to do besides experimenting with all these products.

I am personally waiting about 6 months to a year because I have a feeling that most of the cream will rise to the top by that time and I will have more information to make better decisions. I am not just interested in "how it plays on my computer" but also interested in knowing the strenght and weaknesses of different approaches to security. It may possibly be that all these HIPS products may contain certain flaws that might make me decide to use none of them. I am a open book on this.



Starrob

 

well that could be said of many different products not just software and such. but i can see how buying an HIPS now can be a bad investment and they improve and new ones enter the market. at the same time tho, u could just keep watching them for eternity. the trick is deciding when a product has matured enough to be worth the money. u also have to keep an eye on the company and see how stable it is.

 

I pretty much think along the same lines. For me, it's like going to the movies. If I hear a new movie has come out, I read the reviews (imdb.com is my favorite), talk to a few friends, and if it sounds good, I go. Total cost: about $30, the cost of a good HIPS program. If a better movie comes out the following week, I either see it, if I have the money, or don't, if I am short. It doesn't bother me that I might not see every good movie out there, as long as the one I saw was a good one. Right now, ProcessGuard, RegDefend, WormGuard, (all licensed) and Online Armor (trial), are giving me more than my money's worth, so I am satisfied.

Cya,
Rich

 

My guess is that The best HIPS product will come from DCS. They have always been ahead in the past, and with all their experience I have little doubt they will come out on top again. I'm not a DCS cheerleader, just an opinion about a company that has put out very good programs in the past.

 

The best HIPS product could very well come from DCS.....we will have to see.


Starrob

 

I just can't fathom Bluetack bundling malware into blocklistmanager. This is false isn't it?

http://img266.imageshack.us/img266/8080/false7ie.jpg

 

Perhaps . However I cant help wondering if a organisation like OA ,who specialise in this area will be perhaps more appealing for the majority of average online users. DSC do seem to provide software for users who like to geek around alot with things. This usually means that for the majority of home users they may find such confusing. I like the way OA has been travelling so that the product can almost run itself .There is not a seeming mystery surrounding their moves and communication at each step of developement and support is virtually instant. They also focus there expertise on the one product , so to speak , which for smaller organisations means they can put all there expertise into such rather than trying to cover lots of diffirent areas with limited staff and resources.

 

That is OA biggest advantage. Superior communications and customer service. They seem to really care what their users think. They seem to take suggestions very well. There is also not a big cloud of secrecy around things they do. Isn't it nice to be informed?


Starrob

 

Double click on the entry for IPSCAN.EXE in the Holding Cell. A web page will be displayed that shows the view of the file that we have in the community database.

If the status for that file has changed (and you using version 1.0.0.60) it will be removed from the jail automatically. If your not on 1.0.0.60, you'll need to upgrade first.

If its still marked bad on the web page, post the file details back here (or preferably to us through the support tab in Prevx 1). You'll need to supply the number in the bit that says (e.g.) "A Report on the file known as 5e099834".

That number will allow us to identify the exact file that you've got and to investigate why its set to Bad.

 

FYI, in the latest Prevx 1 update, they now cover some areas like the HOSTS file, physical memory access, etc. See screenshot (font errors are just due to my WindowBlinds skin)

 

This is not directed to Mike from online Armor, but a general comment.

It seems that many startups begin with excellent service, fast responses etc.
Partly this reflects the small user base they have to support , partly it is because starting out, they are full of energy and zeal to promote their new product. This may not last.

And of course, they know making a good impression on the early adopters such as the people here is critical for a good launch.

With time this may change.

 

SnS have been around for a good few months now, i've always had really promt responses from them 9-5 russian time.

I hope they keep it up!

 

I don't think that's because the people who start the new product change. I think it may go more like this :

1. Small company : good service
2. Launch new product : very good service
3. Product becomes more popular = hire more people
4. Product becomes very popular = hire customer service people

At stage 4, if the people doing the customer service aren't involved in the development of the software, they may feel powerless to make changes.

If they feel powerless to make changes time and time again...they likely grow to not care...what can they do anyway ?

At that stage, customer service becomes a non entity.

Hmmm...I wonder if people who do start these products end up managing the people instead of the product...which may actually lead to that cycle in stage 4.

Lol, okay...I think too much

 

I like everything about Prevx1 beta so far, except one thing: does it absolutely need to have that annoying giant splash screen when your computer first starts, telling you it is doing a security status check? Can't it just have some small tray icon animation, like Avast!Antivirus does when it is monitoring some activity?

Other than that I have had no problems with it at all. Am also running Avast! and ZoneAlarm Pro 6.

 

Hehe, there's worse things, I guess. They had added the ability to turn off the splash screen in home/pro, so I bet they'll do the same w/ Prevx 1.

 

I just started to use prevx home this past few days and I think it is a good program. But I was wondering and possibly looking foward to buying the pro version , though should I buy the prevx1 one instead? It seems most of you have it running with processguard and regdefend with no problem as that is my setup as well. So with that in mind, prevx pro or prevx1 ?

dja2k

 

You should download it and try it out for yourself.. nobody can really make that determination for you. Prevx 1 may be better for some, Prevx Home/Pro may be better for others.

 

So I am guessing that the prevx1 beta uses PAWS also like the Home and Pro version though the pro was able to shut it off, don't think you can on the prevx1 though. So far I am using prevx1 which is more quiet than the home\pro version. What alerts do you people get out of Prevx1 cause all I get is program allowed, never anything else so far (not that I want it to show red or anything), but just wondering if it is doing its job furhter than just execution control.

dja2k