Prevx1 How many people are using?

Discussion in 'other anti-malware software' started by jlo, Dec 30, 2006.

Thread Status:
Not open for further replies.
  1. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Hi,

    I have just downloaded prevx1 and am running alongside Antivir.

    Just wondered how many other users out there and what your experiences have been?

    I like the fact it has auto analaysis when you submit programs and I can see it being a strong program in the future although I would not give up using an Antivirus alongside it?

    Cheers

    Jlo
     
  2. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    I have been using it for a couple of months. It is working nice along with all the other apps I have. Not had any major problems with it (I run the research version). I have tried it against three, four trojan, keylogger and virus samples and Prevx1 did react on them but I can not say more than that since I never seem to encounter any live malware, mainly because I use FF with noscript I guess, and I never get any spam or dont find any malware in the p2p stuff I download. I would not run without any antivirus though, yet anyway I prefer more experience with Prevx1 first.

    Their support are fast to respond and investigate the things you report.
    I like their selling model - you dont have to pay for it until it catches the first malware. Until that happens it is fully functional and free.
     
  3. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    I have been using it for about 4 months now. I really like it. Has a very extensive whitelist which means I don't get bothered by it when I install or run something that is a known "good" file. If I receive an 'Amber' warning regarding an "Unknown" then I pay particular attention before allowing it(maybe Googling for more info) unless I explicitely know it's legit. A red warning is when it has stopped a known "bad" file. I find it is a low maintainance application, in that I'm not forever having to answers prompts. It's not a resource hog and is easy to use.

    muf
     
  4. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Prevx1's concept seems to be an AV substitute. A more capable one. That said, it's a new concept and product, and i don't think it's there yet.
    Don't remove your AV. They should run just fine together.:thumb:

    To me Prevx1 is fantastic so far. It's like an expert working with you in real time. White list to reduce noise, black to act as an Anti-Malware, and in the middle lies heuristics, sort of HIPS (Notok will disagree, lol). Even if you allow an unknown process, it's being analyzed for malware, without user intervention.

    The only security program i seriously consider paying, if it finds malware. So far, my computer is apparently clean.
     
  5. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    I have'nt toyed with PrevX for sometime since an older version but even then i was impressed with the core concept behind it and it excelled at the tests that i threw at it back then:thumb:

    But since then my understanding of malware propagation has grown and knowledge of PrevX's more recent capabilities have diminished so i am now curious as to how does it deal with DLL's that are delivered by DLL injection ,is the control(safechecks) on DLL's loaded into memory the same as on executables when they run ?

    TIA for any information from thoes in the know:)
     
  6. duke1959

    duke1959 Very Frequent Poster

    Joined:
    Jul 21, 2006
    Posts:
    1,238
    Hey fcukdat. what do you think of Cyberhawk? I like the idea of Prevx 1, but I'm not sure I would purchase it if it ever found something.
     
  7. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I have been trying Prevx1 for a week now - fortunately it has found nothing so I can't really comment on how well it works.
    As I don't like active security slowing me down every few days I have simply installed and run the program. Having checked for problems I then restored my old system image.

    One thing that concerns me is that I now only have 23 days left of my trial.
    As I have only restored to a clean system image how is Prevx keeping tabs on me ? Not sure that I'm too happy with a program that monitors me without me knowing how.
     
  8. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    fcukdat, i wouldn't know how to answer better than provide this link. And the FAQ.

    And:
    "Prevx 1 gives all executable programs a unique identifier known as a PX5. This allows Prevx 1 to monitor the behavior and actions of each program individually or throughout the entire Prevx 1 community. This approach enables a more thorough ability to make a determination."

    Notok! :p
     
  9. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Long View: if it found nothing, and the countdown started, go to support. Unless you have tested Prevx1 (termination thingy, ...)
     
  10. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Good to hear some good poitive replies.

    I sent a support message and got a reply back within an hour on a Saturday so I am impressed with the support.

    Cheers

    Jlo
     
  11. egghead

    egghead Registered Member

    Joined:
    Aug 27, 2005
    Posts:
    443
    Location:
    The Netherlands
    I have used PrevxR for 3 months on my test partition alongside a firewalled router.

    PrevX has a beautiful GUI and is easy to use. Support is quick in responding but not always answering your question: e.g. I wrote support that it had missed a certain Trojan. The answer was that the community base had a lot of variants of this trojan (SIC!).

    The company’s claim to faim that you can use it as a standalone proggie ( that is replacing your AV) I have found not to be true. When downloading stuff from the darkside of the web it missed quite a few trojans. As an extra layer of defense PrevX is good

    I think that for set-and-forget-users with “normal” surf behavior PrevX is very suitable, but it has to be used next to an AV. Antivir free plus Prevx would be an outstanding combi.
     
  12. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Yes it does. It doesn't matter whether the DLL was loaded by rundll32.exe, regsvr32.exe, injected, or anything else. It also has a real memory scan in case something is already loaded when you install Prevx1.
     
  13. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    Have used it on the Mrs.`s PC for a while now as a set and forget security layer. While she is aware of the dangers lurking on the net. she tends to forget as she go`s merrily along in her pursuit of what ever it is she pursues.... For ease of use not many can beat it IMO. Occasional full scans with A-Squared, Super Anti-Spyware and Nod32 (BlaclSpear settings all show clean) seem to prove it dose its` job.
     
  14. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi

    Have currently switched from SSM paid to Prevx1 and I must say I really like it.

    The GUI is very polished and my first post in their forum at Castle Cops was answered very promptly.

    This may well stay on my laptop.

    One gripe, it jailed a dll from a Paragon Drive Back Up 8.5 beta and now my clean up period is on countdown for clean up/protection so that facility will now have to be paid for if I need it which is a bit annoying.

    False positives shouldn't count !
     
  15. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.


    Did the same with an ATI driver file when I first installed it on the Wifes. After some Googling (I think I posed the question here as well) it was determined a FP. A re-install took care of the count down. If it dose not in your case you may want to contact Tech. Support.
     
  16. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Thanks ThunderZ - I'll try that. :)
     
  17. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.

    My pleasure. Let us know how it works out.
     
  18. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Hi Notok

    Did you just post because I saw it and now it's gone ?
     
  19. Cloudcroft

    Cloudcroft Registered Member

    Joined:
    Feb 29, 2004
    Posts:
    433
    Location:
    The Hill Country of Texas
    This happened to me too, on a weekend. I contacted tech support, and before the weekend was over, they had reset the countdown. I was pretty impressed!
     
  20. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Thanks Cloudcroft.

    That's what I'll do. I must say, they do seem to have the customer first and foremost in mind :thumb:
     
  21. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    I am more and more inpressed. Just sent another support message at 9.35 GMT New Years Eve (Sunday) and had a reply 10 mins later.

    I was asking why a file I submitted a couple of days ago had not been determined bad. The support guy manually changed it to 'bad' there and then.

    But an interesting thing with regards there heuristics. It works by running the programs not just uploading them.

    So the moral of the story if you manually upload a known recent malware then send a message to support at the same time writing down the reference number of the case and it will be dealt with quickly.

    This was the very helpful response to my reply.

    'Well, you are certainly the first one to see this threat. And our heurisitcs would only start kicking in once we see what the file does. This file has never been executed in our community, thus not much for us to go on as we dont harvest samples but look at data captures by the software as to what a program does. This lets us see if its malicious or benign.

    Thanks for uploading it ! Its now determined :)'

    All interesting stuff.


    Cheers

    Jlo
     
  22. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    I've been trying out Prevx1 on a few machines and have found a file which I would think is a false positive. is there a way to upload or send to them ? would they be interested ? I'm assuming false pos because the file is old and several other programs do not identify it as a problem.
     
  23. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Yes, Open up your Prevx1 console, click on advanced and then click on the research tab. You will see a button marked add.

    This will open a browser, browse to the suspect program and click open. This will add it to be researched. Then click upload.

    Then double click on the file name (Within the Research Box) and it will open up to online anaysis. You will see a number at the top of the web page giving a descripion of the program. Make a note of this and then contact Prevx1 through support giving them the reference number and they will personally look in to the file.

    Hope this helps.

    Jlo
     
  24. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Thanks - I'm only using it to check system images at the moment - so the next time I install I will send them the file.
     
  25. Old Monk

    Old Monk Registered Member

    Joined:
    Feb 8, 2005
    Posts:
    633
    Location:
    Sheffield, UK
    Worked out just fine :)

    Trial reset. Very helpful and swift support from Prevx :thumb:
     
Loading...
Thread Status:
Not open for further replies.