Prevx1 - Questions

Discussion in 'other anti-malware software' started by ErikAlbert, Oct 4, 2006.

Thread Status:
Not open for further replies.
  1. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    For the record : I removed my post from the thread "Considering Prevx1", because this thread is turning into an endless discussion and I "consider" to keep Prevx1, if I get answers to my questions.

    Subject :
    1. Unknown Programs
    Behavior for unknown programs : Query, Allow, Block.
    and
    2. Caution Programs
    Block Caution programs : Enable, Disable, Query

    Question :
    What does "block" exactly mean ?
    Does it prevent the installation of the unknown/caution program ?
    Does it prevent the execution of the unknown/caution program, even when it is installed ?
    Does Prevx1 have to consult the Community Database to know if a program is unknown or caution or does it consult one time and stores that information in the Local Database ?
    What happens if the internet connection isn't good or the server has problems ?

    TIA :)
     
  2. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    It means that instead of asking you whether you want to allow it, it just automatically blocks the file from running at all. It looks up the file in the community database to see if it's good or bad, if it's neither then it's unknown and it runs the information through heuristics, at which point it *might* be marked caution, and if it can't determine it good or bad heuristically then it will ask you what you want to do but check back with the database periodically until it's marked good or bad. If it can't connect to the database, then it can't see if the file is good or bad, so it's unknown.

    Devinco asked for some info on how Prevx1 works, and I made a rather long writeup here: http://www.castlecops.com/t168087-Does_Prevx1_block_kernel_drivers_and_services.html
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Notok,
    Thanks for answering and I got it. I will read the link too.
     
  4. maddawgz

    maddawgz Registered Member

    Joined:
    Aug 13, 2004
    Posts:
    1,276
    Location:
    Earth
    duz it play well with msoft antispyware?....and after the trial month does it keep updating and so forth...... just doesnt remove stuff right? MD:rolleyes:
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    If you block all unknown and caution programs, you won't get any bad stuff on your computer in theory and what isn't there doesn't need to be removed.
    Keep also in mind that Prevx1 is getting stronger every day because of the Community Database.
    For the moment, I don't take any chances and my frozen snapshot will remove all the bad stuff.
     
  6. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Yes, but remember that Windows Defender is still beta, so it's hard to predict when it will have problems with something.

    Right

    Indeed, malware can't infect your system if it can't run. There's not much that's unknown to the community database, so you wouldn't be missing much. Your plan sounds pretty good :)
     
Thread Status:
Not open for further replies.