Prevx support sucks

Discussion in 'other anti-malware software' started by ako, Aug 6, 2008.

Thread Status:
Not open for further replies.
  1. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Prevx is a good product, and the site provides a lot of useful information, so it should continue to do well.

    Threedog, regarding Antiviris 2009, I was using/trying a popular AV and did the same as you and wanted to test if 'Antivirus 2009' could get through, got stung, and had to rollback. SAS added the definition a few days later, along with most others, so I wouldn't say it was a prevx problem, more like a timing issue with the malware being relatively 'new' on the scene. :)
     
  2. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321

    what is AV 2009? rogue anti-virus? i will preface by stating i am not challenging your findings, nor 'sticking-up' for Prevx. rogue anti-virus could be a tough one for BB, as most behave very closely to real AV's. the difference is the rogue AV informs the user there are infections, where there aren't, in the hopes the end-user will purchase the product. also, afaik, there are usually pop-up advertisements as well. again close to legit AV's. i use Avira free, and after every update recieve the 'you should buy me' pop-up.

    in Prevx case, if the community database has not determined AV 2009 as bad, and the behaviour did not trigger anything, then yes, the rogue gets through. btw, and i realise you may not accept this, Pro mode does not increase protection. it merely queries more functions/processes. i agree if the end user chose deny within any of the pop-ups, then that particular file would have been jailed halting the infection. but how many folks would have, in this case, denied any pop-ups, especially in light of the fact they believed they were installing real AV software.

    in any case, i am going to attempt to find this rogue, and run it against A2 Anti-malware on one snapshot, and Threatfire 3.5 on another, to test my rogue AV is difficult for BB softs theory. i'll be back! :D


    Mike
     
  3. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Usually something like that it "orange flags", though.
     
  4. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    :D :D
    A2s scan results are more to trust then PrevX, prevx tends to flag everything. They create a huge database of all files they find no matter if good or bad I don´t know if this is a good strategy. People become confused, they should only flag bad files that are really bad.
     
  5. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    well the facts have brought to light, i have no idea of what i am talking about. Prevx2 should have snagged the rogue.

    i found 3 older AV 2008 variants and tested against A2 Antimalware & Threatfire, and since i have a 13 month old in my lap, that is not allowing me to type, the results are. Threatfire only alerted to an autorun, which if i believed i were installing a legit anti-virus app, i personally would have allowed.

    A2 alerted on the bad file (from signatures)
    the autorun (behaviour, allowed)
    code injection (behaviour, again i allowed)
    installing invisibly (behaviour, which i blocked and quranteed)


    Mike
     
  6. ako

    ako Registered Member

    Joined:
    Nov 16, 2006
    Posts:
    647
    We will see. :D

    I doubt you can find many "civilians" who have been/are more ethusiastic on Prevx than Mike and me, and we have also put some effort on testing in order to help developing Prevx (Most of the work has been presented in our numerous posts here and especially at Castlecops during last 2 years, some has remained between us and Prevx).

    Shoot the messager...
     
  7. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Prevx 2.0 has been one of my most recommended security apps to people but now I am having reservations on it. Like, I don't know what the Marketing people are thinking (smoking) over there with all their focus being on CSI and cleanup, but what the people want is PREVENTION! With 2.0 they have an app that has the ability to be top dog in this market. It's easy for the "non Wilders" computer user to understand and use. It just needs a little more TLC by the Prevx ladies and lads.
     
  8. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    this really is true. in spite of the 'let's shoot ourselfs in the foot' approach to customer relations, i am very much looking forward to a revamped Prevx2 or P3.

    i have finally weaned myself from classic HIPS, and am running Comodo Pro as a firewall only (one must disable D+, reboot, and then uncheck all of the Monitor This boxes, reboot, and D+ is sterile/gone) Defensewall (replacing D+ and SafeSpace), Avira, & Threatfire (these 2 to be replaced with A2 Antimalware as soon as i get to my primary snapshot). but as soon as P3 or reworked P2 surface, i will without hesitation replace A2 (as impressed as i am by it) with Prevx's latest offering. i believe wholeheartedly in the concept, and Prevx ability to execute. it's their commitment to the home user base i question.


    Mike
     
  9. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    Sorry, I don't understand what and why should I reply. His post was totally sarcastic, so I don't see why I should reply.

    Every answer I could give, it wouldn't change Mike's thoughts - as he has always said on his posts.

    So, what should I reply? I've already written what I had to write.
     
    Last edited: Aug 8, 2008
  10. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    Totally wrong and simplistic thougt used when someone doesn't know exactly how does everything work behind the database.
     
  11. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    I could show you n-thousands malwares that bypass most security solutions, it *could* happen to every security software, even to Prevx.

    We do the best to prevent every malware to damage your system, but if something - for any reason - bypass Prevx, then it could be really useful to report the sample to Prevx Research labs so that the detection can be added.
     
  12. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,217
    Location:
    Sydney, Australia
    You're doing fine MG: grateful for you responding at all.
    WE did actually pay some $$ for this and expect some 'service' more than the utility sitting there. :)
    Cant speak for him: but he has always described liking PX: just wants clear feedback and a roadmap it seems.
    Devt, Position of CSI v PX, etc etc..
    Still doing fine.

    LOl we are a bunch of dogs chewing on a bone: MG are you marketing support or high placed tech person.?
    These comments actually express strong interest and clear commitment from endusers.
    The exact role of CC forum remains unclear: support or feedback.??
    Not counting the really slow load times and drop-outs.
    TBH with some of the e-mail support some responses were: hmm a little less than adequate.
    The forum format at least 'expands' the kb in a rapid way and allows collective increase in experience.

    Need a "better" forum methinks.
    You (MG) seem to be the only responder to any comments or q's lately and mostly here.
    :thumb:
     
    Last edited: Aug 8, 2008
  13. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    not true MG. changing my mind about Prevx as an organization, will only require one simple action. communicate. i am already a beliver in the product (Prevx2) and at one time was very positive about Prevx support.

    no end-user should feel as though they are an imposition when attempting to get answers to questions we feel are relevant to the usage or understanding of the product.

    my mind is very willing to be changed, but the ball is in your court, not mine.


    Mike
     
  14. Biscuit

    Biscuit Registered Member

    Joined:
    May 26, 2006
    Posts:
    978
    Location:
    Isle of Man
    Now that the Prevx2 software has stabilised in the past year, I have been using Prevx2 very successfully on both my own & my customer systems. I have found PrevxCSI to also be a useful cleaner & will tend to try this product first in infection situations. On all occasions I have found that PrevxCSI will clean the Antivirus2008/2009 spyware.
     
  15. ako

    ako Registered Member

    Joined:
    Nov 16, 2006
    Posts:
    647
    I think Longboard and Simmikie already answered this. You of course cannot tell details of roadmap etc, but we would like to get answers to relevant questions. Why Prevx decided to stop communicating at Castlecops support forum?
     
  16. Biscuit

    Biscuit Registered Member

    Joined:
    May 26, 2006
    Posts:
    978
    Location:
    Isle of Man
    Maybe the same reason as me? I've not been able to reach Castlecops for over 2 weeks! :(
     
  17. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    I'm malware researcher and developer, nothing related to marketing support :)
     
  18. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,217
    Location:
    Sydney, Australia
    And as we know a bloody good one
    Sorry, that was badly phrased q. I knew that.

    ;)
    get the publicity/marketing/'relationship' guys to come and take some flack: do they care about grumbles ??
    :(
    Yes.
    Very a big shame, such a great site.
    I know they have issues with servers , but, it's a real effort getting there let alone posting.

    :shifty: hint to PrevX : @Wilders
    There's a parallel universe here already. ;)
     
    Last edited: Aug 9, 2008
  19. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Not totally wrong, it is simplistic thought yes but maybe you can shed some light about the system.
     
  20. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    6,689
    Location:
    Hawaii
    My sympathies are with CastleCops proponents. However, it is of questionable utility for Prevx to maintain its support forum on a host that is often down &, when up, often can't seem to provide enough bandwidth to enable users to readily post there.

    I suggest Prevx re-locate their support forum to another provider such as...

    Gladiator Security Forums
    OR
    Smokey's
    OR
    Dozleng

    OR -- maybe Prevx should set-up its own, stand-alone support forum, as has been done by several others such as Online Armor, Drive Sentry, & System Safety Monitor.

    In my case, I will not buy any software as complex as a security app UNLESS it has a VIABLE support forum, plus an excellent reputation for fast & friendly & effective support. As of now, Prevx does not meet those criteria.
     
  21. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    @bellgamin: I don't think it's necessary to move their forum :) After all, I don't remember seeing many posts from PrevX staff for a long time there. Perhaps if they actually were active there it'd be worth the trouble to relocate it ...
     
  22. EraserHW

    EraserHW Malware Expert

    Joined:
    Oct 19, 2005
    Posts:
    588
    Location:
    Italy
    In the past, we've revealed some info on our how databases work, but, our policy has changed and no one is allowed to say anything about how any of our back end software works. Yes, it's a bit of security by obscurity, but having a majority of our code on the server prevents malware authors from doing any reverse engineering and getting around our systems.

    @All:

    We're looking into options outside of castlecops for a forum, but we probably won't establish anything at least until P3 is released.

    Btw I'll be out during all the next week, so if I won't reply please don't write immediately "Ah, Prevx support sucks because they don't reply etc...etc..."
     
  23. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    :eek: :D :argh: :thumb: :thumb: :D just to be clear! :cool:


    Mike
     
  24. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,217
    Location:
    Sydney, Australia
    "Hey, no problem we already n know where you're going.. heheheheh :ninja:
     
  25. ako

    ako Registered Member

    Joined:
    Nov 16, 2006
    Posts:
    647
    That's good news! :thumb:

    Have a nice week/vacation(?) :)

    Thank you for your comments.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.