Discussion in 'other anti-malware software' started by 50000000, Jun 27, 2005.
is there any software like Prevx or better
Why not just use Prevx?
Probably because it's crappy (at least that's my experience; slow, conflicts)
How about winsonar?
Winsonar tracks running processes and attempts to highlight new ones so that they can be authorized or killed.
Prevx doesn't really monitor processes, but it does pro-actively defend several types of system resources - e.g. the registry, system/windows files. It does overlap in some ways with products like RegDefend, and some of the anti-spyware products which also monitor system files.
Since I do not like Prevx, right now I use a combination of ProcessGuard (for executable protection which Prevx does not provide to the best of my knowledge), RegDefend (for registry protection), and Giant AS (for limited system file monitoring which is not as good as Prevx but also not as talkative).
Giant AS sucks more RAM (12MB) than Prevx and doesn't not do a good job as Prevx.
Right now on this computer, Prevx is using only 1.2MB of RAM
Doesn't Prevx have two running processes? PXAgent.exe & SAGUI.exe. Because PXAgent is currently using 4,784k and SAGUI 4,644k. That's about 9 1/2 MB's total. Not too bad IMO for the kind of protection Prevx provides. I don't know how you got 1.2MB's total mem usage Squash, that's amazingly low for Prevx.
MSAS alone is using about twice as much memory as Prevx. I get a total of 18,464k of mem usage from MSAS!
I guess it may be different on different peoples systems, but Prevx is usually very quite on my system.
Some other somewhat similar programs to Prevx are Process Guard & System Safety Monitor (SSM). I would say programs like Winsonar and Abtrusion Protector are not really in the same class as Prevx but still fairly decent programs to consider.
Polling is memory intensive?
I would think that the closest application to PrevX is SurfinGuard Pro. And it works on Win 9x as well!!!
yes...if you can create an intercepter I believe it would be less memory intensive...RegRun (not kerneldriven/selfprotection capacities) can poll every 1min. maximum... but you have to set ip up to 1min (default is 10!!!m)
regdefend, prevx, tiny uses another algorithm means kernel driven or using some kind of hook that also intercepts.
and I don't think there are a lot of others however I was very very pleasantly surprised with StarForce new creation : SafeNSec
Hi Infinity et al,
Thanks for the link to SurfinGuard. I read the features and brochure and it would seem that SurfinGuard is more like a combination of ProcessGuard and WormGuard. Correct me if I am mistaken.
Also, have you been running SafenSecure on your production machine? If so, have you noticed any differences between the SnS's protection and that which is provided by ProcessGuard - more or less.
In regards to Prevx, I believe that the two primary areas of protection (as near as I can remember) were the registry and system/program files as well as buffer overflow protection. I do not think there is a program that provides this particular mix. Products like RegDefend and RegMon provide comparable registry protection, Parador provides comparable file protection (but the one review on download.com was pretty negative so the current version may not be reliable enough for users), and BufferShield provides comparable (though most probably quite different) buffer overflow protection. ProcessGuard provides executable protection which Prevx (as far as I remember) does not and to a degree it provides some system file protection since it is monitoring whether authorized programs have changed. So there is plenty of overlap and differences between all of these security programs.
The bottom line is that no one of these programs is equivalent to any other so it is a question of mixing and matching to achieve the protection that one is looking for and having enough control over the programs so that overly redundant (and possible conflicting) features can be suppressed.
yes very true. the problem (my problem) is that with all those kernel applications...I cannot use Tiny and SafeNSec together, I've emailed Starforce two months back I believe and the support is second to none, I can tell you that.
I choosed to run Tiny above the rest... that's the history. But if I hadn't Tiny, SafenSec would be my choice I guess. together with Bitdefender av this is as close as I've seen programs to what I need. /edit: I miss a memory scanner
But at the end it's like you said...you got to choose and I believe it is for the better to have a mix of programs anyway ... cause it would get too big. And I don't have that good experience with it.
Same with Prevx, home version was very stable but for some reason the pro wouldn't work in cooperation with pg. so it had to go too...
I believe there is a limit in having kernel driven programs. that's what I've been trying to say a while back...it cannot be that all those programs can run into one of the deepest levels without going unnoticed.
at my place the limit is three/four more then enough ...
/big edit: a while back I addressed this here and I didn't received any answer either (I just hope it's not personal...) but I wonder if it's all that good for our system to have all this deeplevel things going on...how weird is that? That's the world upside down
OK, I was initally wrong (I only saw one process), heres the correct stats:
Still good... Still less than GIANT (MSAS)
Too bad it's a piece of crap.
It seems more geared towards the enterprise market anyway. I can't think of any feature it has that makes it comparable to Processguard.
SurfinGuard Pro is not a piece of crap. In fact it has proved itself very capable of intercepting new malware that was not detected by all the top AV's. It runs very well, and i tried it against a number of firewall leaktesters which it intercepted successfully. If you would care to justify your comments, it would be appreciated.
This other thread is discussing a free software called "Spy-the-Spy" which seems a lot like Prevx (functionally) but is an "after-the-fact" detection (as opposed to pro-active) tool. It seems interesting enough and the description on the home page lays out the products functionality and usage pretty well.
interesting read Rich, but I can only find one other reference to it in 17 pages of google. Gave up searching for it after that.
Yep, I noticed the same thing Vickorr. It was just a package mentioned on another thread.
Well what did you expect ? It's new. The first day Processguard (Regdefend,Prevx etc) appeared there were also probably as few references.
I realise that if it's brand new that it won't have many reviews, but the first thing any sensible business would do upon making a new product, is release it for testing to as many review sites as possible (that are willing to review it).
You would think they would also release it to software download sites (which I presume would also run brief tests)
This appears to be a very very small "business" (small even when we compare to Diamond CS ), and it doesn't seem geared to make money off this anyway (no pro version). Seems to be a "hey I just programmed this cool tool, you want it too" kind of project, that explains I guess the less than "sensible business" practice.
You trust those sites? LoL. In any case, wait a couple of weeks, I'm sure reviews will start poping up.
"You trust those sites? LoL. In any case, wait a couple of weeks, I'm sure reviews will start poping up."
The download sites that link to the home pages of app's I've read reviews of <from reputable sites> ? Seems fair enought to me. I use a site called tucows. I use it occasionally to see what sort of software is out there (if I'm looking for a specific type of application). It's an easy way to see find out what's out there.
In relation to the 'LoL' - no need to be rude.
Separate names with a comma.