Clarification about Prevx1

Discussion in 'other anti-malware software' started by Gen, Jan 9, 2007.

Thread Status:
Not open for further replies.
  1. Gen

    Gen Registered Member

    Joined:
    Jan 9, 2007
    Posts:
    73
    Hello everyone, first post ever here.
    I would like to ask a question about Prevx1, a program i do not use yet as i'm using Geswall.
    If i understood well, Prevx1 scans by using its online database and a behaviour analysis, so technically behaviour analysis could be used against unknown malaware?
    If it's the case, then i cannot explain why it 'missed' 5 threats in the AV-comparative chart. I mean even if they were not in the online database, the behaviour analysis should have caught them. Missing something?

    Thanks.
     
  2. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Hi,

    I am not an expert with Prevx1 but from what I understand if you do a manual scan from Prevx it will verfy the files to see if they are known malware on the comunity database.

    The Bahaviour/heuruistic stuff does not kick un untill you run the file on the computer. If the file has never been seen you will see a box stating (File not seen before are you sure you want to run the computer) before Prevx allows it to run. Then the behaviour blocking kicks in.

    I think that is how it works but sure someone else will be along to clarify.

    Cheers

    Jlo
     
  3. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Short answer: No
    Read the whole report from AVC
    Having seen the malware PX blocked them next time around and they responded well to the results of that test.

    AFAICR there were some threads at CastleCops Prevx forum about those results with really less than illuminating replies.
    Prevx is still evolving. The concept seems good.
    Free trial unlimited trial till malware found.
    no real incompatabilities mentioned yet,
    plenty of criticism of their detection rates
    bold marketing claims
    Very responsive support

    Could be a great app.
    I have it on board.
    Watching and waiting. :)
     
  4. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    I think the problem lies in Prevx1's detection method - what they call their 4 axis of evil. My opinion is that it's a very good methodology/concept, but it's not a comprehensive methodology/concept (but that's only my opinion)...look up their website for more info on their 4 axis of evil.

    My doubt about Prevx1 is that if it doesn't trigger the 4 axis, then it doesn't get reported (that's just a guess on how it works...maybe Notok or someone else can clarify)...which means it may miss some less harmful malware, or malware designed to behave differently to the vast majority of malware.

    Because of that, I would like to know if Prevx1 missed any actuall nasty malware (I mean, information stealing malware, remote access trojans etc).

    Anyway...they are still evolving their heuristics. I like the program as is, and like their dedication to development, so am veryhappy to have their program on my computer (but with an antivirus running alongside).
     
    Last edited: Jan 9, 2007
  5. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Not comprehensive, how? Like not analyzing browser addons? Or not getting cookies?
    I think i know what you mean, but please elaborate.
    I agree on the heuristics. There's room for improvement.
     
  6. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    Look at the 4 axis of evil, and tell me how old style viruses (true viruses, not worms/trojans etc) would trigger their criteria, or ones that don't connect to the internet but rather damage your computer...how do they trigger the 4 axis?

    Granted they are 'old style' and not common any more, but you did ask.

    Also, simple proof exists in the fact that they miss malware.
     
  7. Gen

    Gen Registered Member

    Joined:
    Jan 9, 2007
    Posts:
    73
    Thank you all for your replies.

    I tried installing prevx1 but the was an error in the middle (forgot to disable PG) anyways i can't install it anymore. It keeps on telling me it's already installed while i removed it. I tried the forums but couldn't find the error so now i'm stuck, althought i removed it from the registry and everything o_O
    I'll try to figure out something, thanks anyways.
     
  8. ghiser1

    ghiser1 Developer

    Joined:
    Jul 8, 2004
    Posts:
    132
    Location:
    Gloucester, UK
    Can you download the following tool and run from your desktop:

    http://info.prevx.com/download.asp?grab=PREVX1REMOVAL

    This should remove any items that may be left still on your system after a failed install. Always reboot your system after running this tool.

    Let us know if you have any further issues.

    Regards,

    Prevx Support
     
  9. Gen

    Gen Registered Member

    Joined:
    Jan 9, 2007
    Posts:
    73
    Yes thanks to you everything is in order. Used the program and reinstalled Prevx1.
    Seems to be a cool program except that it completely shutted down my Firefox, i could barely open 1 page then nothing, as if i didnt have a connection. When i uninstall it, everything went back to normal. Any ideas?
     
  10. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Hi,

    Using Firefox and IE7 depending on what mood I am in and having no probs here. Strange.

    I would drop a line to online support via the PRevx console.

    Cheers

    Jlo
     
Thread Status:
Not open for further replies.