Prevx1 final released

Discussion in 'other anti-malware software' started by Notok, Dec 19, 2005.

Thread Status:
Not open for further replies.
  1. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    v1.1.0.32
    With a new site as well that has much more malware information:
    http://www.prevx.com/

    There's a whole lot new in this version than from Prevx Pro/Home, and still quite a bit new from previous beta versions of Prevx 1.
    • Now community database driven with automatic malware determination and file verification with the central database.
    • New improved interface
    • Three modes of operation: ABC for those that want the least amount of noise, Pro will alert on some actions by only unknown programs, and Expert will alert on more actions by both known and unknown programs. Pro and Expert include outbound network control.
    • Optional notification dialog available to let you know when an event has occured
    • Program monitor to see a report of all actions made by a selected program.
    • Health Screen to scan for ActiveX components, BHOs, IE Components, and/or Rootkits! (you select which ones it scans for, validates files against the central database)
    • Web based support interface available through the program interface
    • Easier control of personal rule settings
    • LOTS of improvements under-the-hood

    By going to the Malware Center from the program itself, or the Virus Info Center from the website, you can now get a much clearer idea of what info is collected and how it is used. Advanced users will also see a full list of what areas are monitored when changing modes. On the website you can go to ABC for the most simpllified description, Pro for a more detailed description, and Expert for a more technical description.
     
    Last edited: Dec 21, 2005
  2. DigitalMan

    DigitalMan Registered Member

    Joined:
    Sep 9, 2004
    Posts:
    90
    Obvious question: I'm a PrevX Pro paid user - can I "upgrade" to PrevX1 for free?
     
  3. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Yup, I'm still using the same key as Pro. :)
     
  4. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Re: Prevx1 Expert released

    ~edited out link due to thread\post merge of pertanent info....Bubba~

    Prevx1 is not purely a HIPS product anymore, but rather a community based IPS. You can think of it as something in between an anti-spyware/trojan program and a HIPS product. There's actually three modes of operation; Expert, Pro, and ABC. Expert has the most generic behavior blocking, Pro alerts on fewer actions and only actions taken by unknown processes, and ABC works mostly automatically.

    The idea now is that it validates files in real-time against a central server. It will report technical information about what various programs do (set BHO, auto-start with Windows, install a driver, act like a keylogger, etc. - see the Malware Center on the website for examples) to the database. If Prevx can determine that a process is behaving in what is clearly a malicious manner, it will automatically stop it, on your machine and ever other Prevx user's as well. If you are in Pro or Expert mode, it may prompt you. In either case, if you run something that is determined to be malware, the analysts can easily see what's going on, and that determination will be made instantly available to all Prevx users, since each program is validated against the database when it's run. This can go a long way towards closing the gap between when malware is discovered and when your standard signature scanners get updated.. and you don't have to send the malware in yourself.

    There are quite a few options available to more advanced users that feel confident in making the right decisions with HIPS based products, and you can switch back and forth. This is especially good for when you are installing programs and want a minimum of alerts.

    There are a couple things to keep in mind here; 1) the original PAWS data sadly showed that the majority of users were not able to distinguish between legitimate and malicious actions, so the approach has been changed a bit in Prevx1. 2) in some of the HIPS tests you see around the web, any malware would have triggered several alerts before ever getting to the point of performing some of the actions that made it "lose". The tests don't do much to show how Prevx could prevent infection, only how it "scores" against individual actions. A bit like going to a soccer practice and judging a player by how well he can kick the ball into an unguarded net. The tests do hold merit, but they must be kept in perspective.

    With all of that in mind, Prevx1 DOES now cover some of those areas, and in fact even quite a few more. Just what it covers depends on what mode you are using Prevx1 in. There are also options to see a notification when a monitored event occurs, and to monitor a file when it runs to see all of what actions are taken. If you are an advanced user, this information will allow you to see what's going on behind the scenes, and help you make more will informed decisions. It also now includes improved buffer overflow protection, keylogger detection, a rootkit scanner, and more. It's most basic HIPS type function is to prompt you when an program starts (execution control) that is unknown to the central database- which is already quite large.

    Those that have been wanting an outbound-only firewall will also be pleased with this version in Pro or Expert mode. Personally I still feel that you should run an actual firewall, and not just a router, but you can now choose one of the excellent free firewalls that do not include application control.

    Overall many improvements have been made in many areas. It is a whole new program from what we knew as Prevx Home/Pro. There's also a lot more information on malware on the website, this also shows just what's being done with the information collected for those that had any concerns previously.

    Hope that helps, just ask if you need clarification on anything.
     
    Last edited by a moderator: Dec 21, 2005
  5. Engine

    Engine Guest

    Prevx Home replaced by Prevx1 "R"

    With releasing Prevx1 from its beta stage to the final release, Prevx have officially announced the demise of Prevx Home (see http://info.prevx.com/discontinuedproducts.asp). Instead of the Home version they are offering Prevx1 "R" (see http://free.prevx.com/) what is practically a Beta version of Prevx1. Users can use their very latest software free before it is made available for general release. It means that users will get free use of Prevx1 latest technology in return for helping Prevx to test it in the field.

    Good approach I rate it but as everything, it has its pros and cons ... Pros are clear, you can freely use, let me dare to say, state-of-the-art technology. Cons are also obvious, experiencing all troubles which may occur with beta testing. To be honest I am not interested in the paid Prevx1 for the time being but as the former Home user I want to benefit from Prevx1 technology.

    Well, I am a little bit scared to use Prevx1 "R" (beta version) because I never been using any beta versions.

    Anyhow, can someone refutate my doubts and recommend to use Prevx1 "R"? Do you think that even if the "R" is beta it's stable and thus usable for non-experts. You know, I want to avoid PC damage ...

    BTW, along Prevx Home so far using Ad-aware, SpywareBlaster, WinPatrol, ZA Pro, NOD32, ProcessGuard all on winXP pro.

    Thanks for your comments and regards,
    Engine
     
  6. RealResults

    RealResults Guest

    Re: Prevx1 Expert released

    Notok,

    Thank you for the detailed and informative response. The only other question I have is can the PAWS feature be deactivated in this version. And, if so, is the program still as effective with the PAWS feature deactivated. I am a little concerned, and maybe unnecessarily, about files and their behavior and other information on my system being communicated to Prevx servers.

    The FAQ on their website says they offer a 45 day fully functional trial. I may download the trial and give it a try this weekend. Thanks again.
     
  7. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Re: Prevx1 Expert released

    Nope. The live connection with the database is the whole point of the program. It's kind of like having your antivirus using a central database instead of downloading a new database everyday. It will still do a bit of the same, but you are afforded better protection while online. "Signatures" can be created in real-time, and then you have access to those signatures realtime. So for instance, when a new worm comes out, they may be able to see it within a few mins of the first infection, create a rule, and everyone is instantly protected just a few mins after it's first release, instead of hours or days. It will also get behavioral rules from the database to see if it should block it automatically- so there might not be any wait at all.

    If you're wondering about privacy, though, I would recommend going to the site, into the Virus Info Center, and click on one of the malware names. It's only very technical info that is collected. For example, for "SysCovert Variations" (a family of malware) it just sees: "NGYFHUSXO.EXE - in the Windows\System32\ directory - Installs programs. Deletes programs. Creates Run Keys. Examines running processes. Terminates processes. Hijacks running processes. Could log keystrokes. Creates registry entries. Creates run keys for known malware. Creates known malware." You can also look at the Prevx1 console and double click on any program in the "Status" window to see all the information collected on that file.
     
    Last edited: Dec 21, 2005
  8. Rainwalker

    Rainwalker Registered Member

    Joined:
    May 18, 2003
    Posts:
    2,106
    Location:
    USA
    Anyone else having problems with the latest version slowing things to a crawl..........my computers have never like Prevx, as it slows them down....this version came close stopping everything.....had to dump it..............
    BTW.......P4 3.2 1500 DDR2 Dialup 50.6 kbps
     
  9. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    I've got a ton of stuff running right now (mostly non security related) and I don't see any real slowdown that I can attribute to Prevx1. I was having some slowdowns with the event notification enabled, but that's because I use a real-time backup program, so it was constantly trying to catch up, but once I turned that off it was fine. You might contact support.
     
  10. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    Prevx support has been really helpful. Even with me running their "R" version. :D

    Much props to that.

    But still cannot get Prevx1 to install on my main machine. :/

    And does anyone know how fast the automatic update works? I was about an hour before I manually updated 5 "rules" on another computer.
     
  11. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    from the description, prevx1 seems like a combination of pcinternet patrol and a sandbox. i will check it out this weekend.
     
  12. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Looks like there's a program update out.
     
  13. sosaiso

    sosaiso Registered Member

    Joined:
    Nov 12, 2005
    Posts:
    601
    When does Prevx1 automatically update? I just found out it checks daily. Is there anyway to designate a time?
     
  14. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma

    It doesn't slow me up at all Here is a screen shot of what it is actually useing in the way of resources
     

    Attached Files:

  15. Rainwalker

    Rainwalker Registered Member

    Joined:
    May 18, 2003
    Posts:
    2,106
    Location:
    USA
    Interesting..............i DO have more security stuff running then you do bigc.....
    would you want to say something about your OS and hardware ?
     
  16. Rock Smasher

    Rock Smasher Registered Member

    Joined:
    Nov 13, 2005
    Posts:
    41
    Location:
    Earth.
    I've been using Prevx Home since March of 2005 and just noticed
    that it is no longer supported.

    I downloaded Prevx 1 "R" but haven't installed it yet.

    I figured I'd ask you guys about the Pros & Cons
    of this before hand.

    The Home version has done a great job of keeping
    spyware and other filth out of my system. :thumb:

    Is Prevx 1 "R" just as good? Better? o_O
     
  17. Engine

    Engine Guest

    Prevx1 does ultimately better job than former Home version, it is next evolutional step in development of a comprehensive security tool. As you have already downloaded the "R" version you probably have read thoroughly their web where a very decent explanation of Prevx1 features is provided. You also probably encountered that in Prevx1 you can set 3 modes depending on your knowledge and needs so you can easily customize it.

    So I would recommend to give it a try at least and see but be aware that "R" is a research beta version with
    + free of charge
    - even if the "R" is understood to be quite stable you have to keep in mind possible hitches and problems since it isn't the final end-user release

    I am still using the Home version and am reluctant to load it on my machine because I can't afford to endanger my laptop.

    Success!

    Regards,
    Engine
     
Loading...
Thread Status:
Not open for further replies.