What is happening with Prevx1?

Discussion in 'other anti-malware software' started by dja2k, Nov 4, 2006.

Thread Status:
Not open for further replies.
  1. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Look at this image and see what is wrong here. This is the newest prevx1 downloaded and freshly installed some days ago. It has the KAV ADS tag on it and is being automatically blocked. The thing is I don't run KAV 5.0 here. This is weird. I get 49 entries of these when I run Prevx1 after shutting it off manually. ADS Spy doesn't even find this.

    dja2k
     

    Attached Files:

    Last edited: Nov 4, 2006
  2. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Have you run/trialed KAV 5 in the past while PrevX1 was installed?

    Blue
     
  3. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.

    Couple questions. Have you ever run Kav? What AV do you run, as it may be based on the Kav engine.
     
  4. Huwge

    Huwge Registered Member

    Joined:
    Oct 21, 2004
    Posts:
    405
    Location:
    UK
    Online Armor uses the KAV engine iirc:) (I see you have it in your signature)
     
    Last edited: Nov 4, 2006
  5. CJsDad

    CJsDad Registered Member

    Joined:
    Jan 22, 2006
    Posts:
    618
  6. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Never ran KAV 5.0 and Online Armor AV+ (KAV engine) doesn't use the alternative streams like other versions of KAV. Look at the location, its inside the Prevx1 directory and that is the only location I get with that ADS string.

    dja2k
     
  7. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
  8. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Ummm... I think that your Google search will produce discussions about dissatisfaction with KAV's use of KAVICHS, whereas (unless I am mis-reading) dja2k's issue is with the inexplicable appearance of KAVICHS on Prevx. Since dja2k hasn't used KAV, where did that KAVICH schtuff on his Prevx's "blocked" list come from, I wonder?
     
  9. Toby75

    Toby75 Registered Member

    Joined:
    Mar 10, 2006
    Posts:
    480
    Have you ever ran an online scan with kaspersky? When you run their online scan an ActiveX and many of their program files are installed on your computer.
     
  10. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.

    Point well taken. Was only meant as a starting point for trouble shooting, not as a cure. ;)
     
  11. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Never ran a KAV scan online nor had KAV 5.0 installed, only KAV reference I have is from Online Armor AV+ and it doesn't have ADS.

    dja2k
     
  12. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    According to a quick Google, OLA+ dose use the Kav engine.
     
  13. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    We're looking into the specifics, but it does appear to be OA-AV+ setting off the self-protection policies, as only Prevx1 processes are allowed to access this folder to keep malware from disabling/modifying Prevx1.
     
  14. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: Since there is a serious, open and unanswered privacy issues concerning its rival, CyberHawk. I can not help but thinking about this well-received, highly praised application. Does Prevex 1 have similiar issue as CH, sort of community sharing info? I remember its last life, Prevex home and prevex Pro, freeware and paidware respectively. The first had a call-home feature, in order to perfect the pro version. I wish this type of approach has been buried w/ them under 6 feet deep down. Do you still concern at allo_O?
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,048
    I don't see how it could be OA AV+. It just uses the KAV engine. In KAV 5.0 they used the ADS to determine if a file need scanning. Then if it did it got passed to the scanning engine. OA just uses the engine, and uses a different approach to decide what to pass to the engine.
     
  16. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Maybe I am just stupid, but, wouldnt any type of software or application be able to do this, that needs to,"Phone home," for updates.
     
  17. ThunderZ

    ThunderZ Registered Member

    Joined:
    May 1, 2006
    Posts:
    2,459
    Location:
    North central Ohio, U.S.A.
    Yes, if it is coded to do so. In which case it should be completely and clearly stated in the EULA. I question the need for the gathering of such information under any circumstances.
     
  18. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi, folks: If I remember it correctly, the PhoneHome feature built in Prevex Home version was more than just for updates. o_O
     
  19. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    The privacy issue was addressed a couple of times over at CastleCops, here's ONE which links to the other (the other being a little more technical).
     
  20. Perman

    Perman Registered Member

    Joined:
    Nov 23, 2005
    Posts:
    2,160
    Hi,folks: hi, notok, your prompt reply has been acknowleged ,thanks, and the link has been viewed, but I need time to digest it.:)
     
  21. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    If you have further questions, feel free to bring them up over at the Prevx forums or PM me. Privacy concerns are probably a bit OT for this thread.
     
  22. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    ANY software to which I give internet access for ANY reason can (potentially) be used to compromise my computer's security &/or my private information.

    In my view, a Statement of Privacy is only as trustworthy as the company that issues the statement. For instance, when I read Microsoft's very detailed privacy statement, I can't help but remember their WGA push-package -- which more than a few categorized as out-&-out spyware.

    Frankly I DO trust all the software companies that I have enabled to connect to the internet, but my concern is this -- what if they are bought out by a company with ulterior motives?

    I have asked about this issue in THIS Wilder's thread but so far have received only anecdotal answers. I am still hopeful that one of the security gurus, such as Stem or Paranoid or Notok, will offer technically sound ways to protect sensitive data while still enabling me to *fearlessly* participate in communities, automatic updates, and so forth.
     
  23. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006

    i would also like to know the same thing.
    lodore
     
  24. dja2k

    dja2k Registered Member

    Joined:
    Feb 15, 2005
    Posts:
    2,040
    Location:
    South Texas, USA
    Seem my thread got hijacked and lost its main point. Back to the topic of what is going on with prevx1, I found out by uninstalling and reinstalling prevx1 that it now has another different repeat offender. The KAV ADS problem doesn't come up anymore, at least I think it doesn't.

    dja2k
     

    Attached Files:

Loading...
Thread Status:
Not open for further replies.