OA v2 and Prevx1

Discussion in 'other anti-malware software' started by nixie21, Mar 21, 2007.

Thread Status:
Not open for further replies.
  1. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    Can someone point me to or explain the difference of what these 2 products do? I have a license for both, do I run them together? If not which do I pick and why?

    Thanks as always, I know I ask a lot of questions, but I am learning!!!!

    ***ok a little reading helped, looks like I would run OAv2 with firewall, and Prevx1 one, then keep running NOD32 and sandboxie, is any other program really needed 'Realtime'? (and OA would take the place of winpatrol plus as well?)
     
    Last edited: Mar 21, 2007
  2. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Only;
    FireFox with No Script and AdBlockPlus :D

    BoClean. ;) Always.

    Spywareblaster and Hostsfile ??

    If you really want to push it get some deeper Reg protection.

    Be interesting to see how that (your) combo goes. :eek:

    PS: get a good imaging option or FDISR.
     
  3. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    Yes, I use spyware blaster, firefox, MVPS hostfile, trojanhunter winpatrol plus, comodo, cyberhawk free, sandboxie, NOD32, router firewall, also use True Image for backups

    I want to replace cyberhawk free, comodo, TH and winpatrol with Prevx1 and OAv2 w/ firewall

    That sound like a good plan?

    Thanks
     
  4. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    It's an alternative, yes. Which is best is subjective. Leave TH for on-demand, WinPatrol for information purposes.
     
  5. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    Which setup do you like better? Or with the above, would you do something different?
     
  6. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi Nixie21

    I've been beta testing OA plus firewall (I'm not an expert by the way) and it seems to run fine with Prevx on my machine and vice versa. However, from reading here, from a compatibility point of view, different machines would seem to react differently even though they're running the same set-up. Why that is I just don't know but see how they behave together on your machine.

    Also have NOD32 and Shadowsurfer and sit behind a router and use Opera

    Other than the odd on-demand scanner (have as many as you like :D ) I personally don't feel the need for anything else but others would disagree

    Sure, I have a play with others but this set-up suits me fine.
     
  7. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    The important part is which you like better. But since you ask:) , i'm a fan of Prevx1's concept. It's an AV in 2015.
    OA i don't know much, but it probably will give you more control over things than Prevx1, and don't need comunity, so it's not exactly overlap (but fundamentaly it is imo). They work differently.
    I can almost garantee NOD32+ Prevx1 + OA+FW + SandboxIE must be unbeatable. That's if your computer doesn't cough. If it doesn't, and you're comfortable, that's it, no more programs, except for on-demand.
    You control intrusions with OA's FW, and intrusions through the browser with SandboxIE (the others too, but SandboxIE blocks all blindly), and control what runs in your system with NOD32 (great heuristics), Prevx1 (heuristics and comunity), and OA (HIPS AFAIK).

    About Prevx1: look at the icon- green light, and that means all that's running is known and safe. How about that for status!

    Myself, i would run only OA or Prevx1, but it is you the important part here. With what do you feel comfortable, and keep learning.
    You have an edge with OA which is more control. That's why this is all so subjective, why my config is any better than yours... Opinions.

    Besides all this, even more important is learn to use the programs. All kinds of side effects come from that, like why do i need it, can i do it with something else etc.
    So i suggest stoping the search, and just learn to use everything in the programs.

    2 maybe 3 cents given the length:D
     
  8. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    Can you explain what FDISR is and how it is different than say True Image?

    Thanks
     
  9. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Yes.
    You're obviously doing some good research
    I am simple end user only, often hesitant about offering advice here.
    Often personal opinion, reviews, tests and experience and what works on your box sets the pace.
    Nothing is infallible except the cable cutters :D

    Personal opinion:
    BOClean instead of TH.
    Keep CH.
    SuperAntiSpyware as on demand (with everything else you might not need another realtime scanner?)
    External disc for back-ups and good disciplined back-up strategy.

    Heh, that's a big one.
    Should have been "imager AND FDISR"
    FDISR = Instant System Restore
    CAn have up to 10 bootable snapshots on your system at once, subject to HD space issues, and any number of system archives off line.
    Realistically test whatever combo you like in any snapshot: don't like it: overwrite it or trash the snapshot.
    Dead easy to use even for the very exclusive doofi club. :blink:
    Remarkable flexible multioption rocksolid tool.
    Not an "Imaging" solution for full restore except in some special circumstances.

    Lots of cool users here have combo ATI ( or imager of choice) and FDISR
    Go to the FDISR/Leapfrog forums here and read away.
    Lots of threads re combination of imagers and FDISR and multiple restore options.
    Extra "Layers of security" might even be less important than "Redundancy of back-ups"

    Erik-Albert has written a PhD on how to run ATI and FDISR together. ;)
    Peter2150, Silver et al have tested 'bout every possible imaging/restore option

    Regards.
     
    Last edited: Mar 21, 2007
  10. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Online Armor 2 (firewall, startup/BHO/reg control, IP blacklist) + Prevx (blacklist, behaviour analysis) = Comodo (firewall) + WinPatrol Plus (startup/BHO/reg control) + MVPS hostfile (domain blacklist) + Cyberhawk (behaviour analysis, some blacklist) + Trojan Hunter (blacklist).
     
  11. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    @nixie
    oops always forget what many regard as the sine qua non ; Router/FW

    Heh: could always consider DefenceWall or SSM as HIPS/Application FW's.
    Get lost in the maze :ouch:

    Good post lucas1985

    Regards
     
  12. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    Thanks!
     
  13. Bio-Hazard

    Bio-Hazard Registered Member

    Joined:
    Jan 10, 2007
    Posts:
    529
    Location:
    Cornwall, UK
    I have been using OA v2 FW + Prevx1 + SAS + NOD32 + Defensewall for sometime and it is great set up and runs fine on my machine. I also have noticed that my start up and surfing is quicker now that i replaced Comodo with OA v2 fw. Also you can see from my signature that i use few on-demand scanners and they all work fine with my set up.:thumb:
     
  14. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    I do not have Prevx1 yet, but I installed OA yesterday, I like the 'feel' of it. Good program and runs lighter than comodo. Thanks
     
  15. Bio-Hazard

    Bio-Hazard Registered Member

    Joined:
    Jan 10, 2007
    Posts:
    529
    Location:
    Cornwall, UK
    Sorry :D
     
  16. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    okay like Old Monk, i run Prevx1, OA w/FW, Nod32, Shadowsurfer (used rarely) and Oprah 9.1 sandboxed 99.2% of the time.

    at the present time, my observation is that OA provides stronger classic HIPS protection than does Prevx1. i reached this conclusion via testing live malware and cruising known malicious drive-by sites. OA stopped/blocked/alerted to more stuff than did Prevx1. i posted my findings in Csatlecops Prevx forum. that said, Prevx is simply awesome (to me) to watch do what it does, and it has some peripheral functions i simply now cannot do without: such as the Event Logger; which provides a small dialoge box in the right center portion of my screen to inform me of every process that starts and terminates on my system. also the Process Monitor that i have set to check every hour every running procees on my system against the internal white-list. if it finds something out of sorts it queries it against the community base, if no-joy there, it will query me if i want to allow block (exceptionally rare for that to happen). lastly on Prevx, i run my version in Expert mode and contrary to outside reports and Prevx's own Help file, Expert is not noisy at all, in fact i thought it was not working properly for awhile simply because it is so quiet.

    also on my system i run Regdefend with the expanded rules by Tony i believe (there are a couple out there). and probably byte for byte the best security app i have is Wormguard. unobtrusive, yet highly effective against scripts. i always forget it's even there until it reaches out and slaps down some ill advised move i make.

    i hope this provides some insight into the quality of the apps you are presently running.


    Mike
     
  17. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    @Simmikie

    Nicely summarised Mike :thumb:

    On other thing OA is excellent at alerting to ActiveX content on visited sites
     
  18. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    in your original post, did you not indicate you have a license for both? just wondering if that was a miccommunication.


    Mike
     
  19. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    yeah surprisingly better than Prevx1. my experience showed Prevx1 alerting on 1 of 3 drive-by sites, and an old build of OA (149) alerted to Active X downloads on 3 of 3. OA is strong and getting better with each passing build.


    Mike
     
  20. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Agreed to that :thumb:
     
  21. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    MN:> Editing to demangle my post :)

    If you want OA get "worse" at detecting popups (ie. not annoy you with them) you can have this effect without sacrificing protection. You can go into Options, and uncheck "Prompt when blocking content on unknown sites".

    Content will be blocked, but no popups. In my surfing, the only thing I find gets blocked by this that I actually want is some media (add the site to the trusted list) and that's about it. A neat side effect is lots of ads get dropped as well.

    Just a comment I thought I'd throw in for those that don't like their software to alert on everything :D


    Mike
     
    Last edited: Mar 22, 2007
  22. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    That's why they are different. Prevx1 was looking for malware, OA alerted for new ActiveX, malware or not. Is that what happened?
     
  23. nixie21

    nixie21 Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    279
    Yes, sorry, I won them at CC, but have not received the license as of yet....
     
  24. MikeNash

    MikeNash Security Expert

    Joined:
    Jun 9, 2005
    Posts:
    1,654
    Location:
    Sydney, Australia
    Potentially, yes. Online Armor applies rules to websites you visit - one rule for example - does this site contain an activeX object. Similarly, we check for Java applets, IDN exploits and so on.

    Depending on the status of the site (trusted, not trusted, not rated, blocked) OA will either allow, block or prompt.

    In my experience the only stuff that OA blocks on sites I visit is junk (once I add my regular haunts into it). Sometimes media is blocked - but that is easy enough to deal with - but mostly what gets blocked is tracking java applets, activex cruft and advertising stuff.

    Moving forward, what we'll be doing here in the webshield is to deploy with pre-trusted lists. This won't be for everyone - we'll provide a way around it for advanced users - but it will be good for beginners.

    Of course, it's impractical for all safe sites to be whitelisted at the client (and we do it at the client for privacy reasons - I don't want to know where you surf) - but even, say, the top 1000 or so sites would reduce the number of popups to a significant degree for most users.
     
  25. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Thanks for the reply. It's not that i think it's no good to pop every activex, just pointing out that OA and Prevx1 are different.

    What you said is interesting. Basically, OA puts NoScript aside, no?
    Of course, i'm merely speaking of this particular feature of OA, and i'm not saying NoScript isn't good. It is very good, just irrelevant with OA?

    Also, is that your method, to pay attention to infection vectors, not so much control processes?

    I've got to download your program, even if i'm not going beyond the trial. It sounds good, but i can't seem to grasp the features entirely- have to see it!
    What should i download, so i can peak your fine product?

    :D
     
Thread Status:
Not open for further replies.