Prevx support sucks

Prevx is a good product, and the site provides a lot of useful information, so it should continue to do well.

Threedog, regarding Antiviris 2009, I was using/trying a popular AV and did the same as you and wanted to test if 'Antivirus 2009' could get through, got stung, and had to rollback. SAS added the definition a few days later, along with most others, so I wouldn't say it was a prevx problem, more like a timing issue with the malware being relatively 'new' on the scene.

 

what is AV 2009? rogue anti-virus? i will preface by stating i am not challenging your findings, nor 'sticking-up' for Prevx. rogue anti-virus could be a tough one for BB, as most behave very closely to real AV's. the difference is the rogue AV informs the user there are infections, where there aren't, in the hopes the end-user will purchase the product. also, afaik, there are usually pop-up advertisements as well. again close to legit AV's. i use Avira free, and after every update recieve the 'you should buy me' pop-up.

in Prevx case, if the community database has not determined AV 2009 as bad, and the behaviour did not trigger anything, then yes, the rogue gets through. btw, and i realise you may not accept this, Pro mode does not increase protection. it merely queries more functions/processes. i agree if the end user chose deny within any of the pop-ups, then that particular file would have been jailed halting the infection. but how many folks would have, in this case, denied any pop-ups, especially in light of the fact they believed they were installing real AV software.

in any case, i am going to attempt to find this rogue, and run it against A2 Anti-malware on one snapshot, and Threatfire 3.5 on another, to test my rogue AV is difficult for BB softs theory. i'll be back!


Mike

 

Usually something like that it "orange flags", though.

 

A2s scan results are more to trust then PrevX, prevx tends to flag everything. They create a huge database of all files they find no matter if good or bad I don´t know if this is a good strategy. People become confused, they should only flag bad files that are really bad.

 

well the facts have brought to light, i have no idea of what i am talking about. Prevx2 should have snagged the rogue.

i found 3 older AV 2008 variants and tested against A2 Antimalware & Threatfire, and since i have a 13 month old in my lap, that is not allowing me to type, the results are. Threatfire only alerted to an autorun, which if i believed i were installing a legit anti-virus app, i personally would have allowed.

A2 alerted on the bad file (from signatures)
the autorun (behaviour, allowed)
code injection (behaviour, again i allowed)
installing invisibly (behaviour, which i blocked and quranteed)


Mike

 

We will see.

I doubt you can find many "civilians" who have been/are more ethusiastic on Prevx than Mike and me, and we have also put some effort on testing in order to help developing Prevx (Most of the work has been presented in our numerous posts here and especially at Castlecops during last 2 years, some has remained between us and Prevx).

Shoot the messager...

 

Prevx 2.0 has been one of my most recommended security apps to people but now I am having reservations on it. Like, I don't know what the Marketing people are thinking (smoking) over there with all their focus being on CSI and cleanup, but what the people want is PREVENTION! With 2.0 they have an app that has the ability to be top dog in this market. It's easy for the "non Wilders" computer user to understand and use. It just needs a little more TLC by the Prevx ladies and lads.

 

this really is true. in spite of the 'let's shoot ourselfs in the foot' approach to customer relations, i am very much looking forward to a revamped Prevx2 or P3.

i have finally weaned myself from classic HIPS, and am running Comodo Pro as a firewall only (one must disable D+, reboot, and then uncheck all of the Monitor This boxes, reboot, and D+ is sterile/gone) Defensewall (replacing D+ and SafeSpace), Avira, & Threatfire (these 2 to be replaced with A2 Antimalware as soon as i get to my primary snapshot). but as soon as P3 or reworked P2 surface, i will without hesitation replace A2 (as impressed as i am by it) with Prevx's latest offering. i believe wholeheartedly in the concept, and Prevx ability to execute. it's their commitment to the home user base i question.


Mike

 

Sorry, I don't understand what and why should I reply. His post was totally sarcastic, so I don't see why I should reply.

Every answer I could give, it wouldn't change Mike's thoughts - as he has always said on his posts.

So, what should I reply? I've already written what I had to write.

 

Totally wrong and simplistic thougt used when someone doesn't know exactly how does everything work behind the database.

 

I could show you n-thousands malwares that bypass most security solutions, it *could* happen to every security software, even to Prevx.

We do the best to prevent every malware to damage your system, but if something - for any reason - bypass Prevx, then it could be really useful to report the sample to Prevx Research labs so that the detection can be added.

 

You're doing fine MG: grateful for you responding at all.
WE did actually pay some $$ for this and expect some 'service' more than the utility sitting there.

Cant speak for him: but he has always described liking PX: just wants clear feedback and a roadmap it seems.
Devt, Position of CSI v PX, etc etc..

Still doing fine.

LOl we are a bunch of dogs chewing on a bone: MG are you marketing support or high placed tech person.?
These comments actually express strong interest and clear commitment from endusers.
The exact role of CC forum remains unclear: support or feedback.??
Not counting the really slow load times and drop-outs.
TBH with some of the e-mail support some responses were: hmm a little less than adequate.
The forum format at least 'expands' the kb in a rapid way and allows collective increase in experience.

Need a "better" forum methinks.
You (MG) seem to be the only responder to any comments or q's lately and mostly here.

 

not true MG. changing my mind about Prevx as an organization, will only require one simple action. communicate. i am already a beliver in the product (Prevx2) and at one time was very positive about Prevx support.

no end-user should feel as though they are an imposition when attempting to get answers to questions we feel are relevant to the usage or understanding of the product.

my mind is very willing to be changed, but the ball is in your court, not mine.


Mike

 

Now that the Prevx2 software has stabilised in the past year, I have been using Prevx2 very successfully on both my own & my customer systems. I have found PrevxCSI to also be a useful cleaner & will tend to try this product first in infection situations. On all occasions I have found that PrevxCSI will clean the Antivirus2008/2009 spyware.

 

I think Longboard and Simmikie already answered this. You of course cannot tell details of roadmap etc, but we would like to get answers to relevant questions. Why Prevx decided to stop communicating at Castlecops support forum?

 

Maybe the same reason as me? I've not been able to reach Castlecops for over 2 weeks!

 

I'm malware researcher and developer, nothing related to marketing support

 

And as we know a bloody good one
Sorry, that was badly phrased q. I knew that.


get the publicity/marketing/'relationship' guys to come and take some flack: do they care about grumbles ??

Yes.
Very a big shame, such a great site.
I know they have issues with servers , but, it's a real effort getting there let alone posting.

hint to PrevX : @Wilders
There's a parallel universe here already.

 

Not totally wrong, it is simplistic thought yes but maybe you can shed some light about the system.

 

My sympathies are with CastleCops proponents. However, it is of questionable utility for Prevx to maintain its support forum on a host that is often down &, when up, often can't seem to provide enough bandwidth to enable users to readily post there.

I suggest Prevx re-locate their support forum to another provider such as...

Gladiator Security Forums
OR
Smokey's
OR
Dozleng

OR -- maybe Prevx should set-up its own, stand-alone support forum, as has been done by several others such as Online Armor, Drive Sentry, & System Safety Monitor.

In my case, I will not buy any software as complex as a security app UNLESS it has a VIABLE support forum, plus an excellent reputation for fast & friendly & effective support. As of now, Prevx does not meet those criteria.

 

@bellgamin: I don't think it's necessary to move their forum After all, I don't remember seeing many posts from PrevX staff for a long time there. Perhaps if they actually were active there it'd be worth the trouble to relocate it ...

 

In the past, we've revealed some info on our how databases work, but, our policy has changed and no one is allowed to say anything about how any of our back end software works. Yes, it's a bit of security by obscurity, but having a majority of our code on the server prevents malware authors from doing any reverse engineering and getting around our systems.

@All:

We're looking into options outside of castlecops for a forum, but we probably won't establish anything at least until P3 is released.

Btw I'll be out during all the next week, so if I won't reply please don't write immediately "Ah, Prevx support sucks because they don't reply etc...etc..."

 

just to be clear!


Mike

 

"Hey, no problem we already n know where you're going.. heheheheh

 

That's good news!

Have a nice week/vacation(?)

Thank you for your comments.