Neat Net Tricks Software Reviews

Reviewed August 2007

What’s It Do? Prevx claims to be “the most powerful security solution in the World” safeguarding one’s PC and personal information “…from theft and attack by Spyware, Rootkits, Trojans, Viruses, Bots, Adware, and all other forms of Malware and Crimeware.”

Does it do what it promises?

Reviewer 1: It’s hard for me to say, since Prevx never found any malware to warn me about. Then again, I tend to be pretty cautious about where I go and what I download, so it’s not at all unreasonable that it found nothing.

Reviewer 2: Yes, once I got it running, it seems to work well.

Reviewer 3: No. Its claim that Prevx 2.0 is the most powerful security solution in the World is not provable let alone substantiated, but it is the worst case of hyperbole I think I have yet seen by a software developer. Anytime a software developer needs to stoop to such obviously inflated and ridiculous claims, I am left unsure whether it is to oversell a lesser product or simply hold its customer’s intelligence in contempt.

Reviewer 4: Without being an expert in the field of Windows Internet security, in my experience over several months, I would say, yes, it does. However, I am somewhat skeptical of the claim that it is “the most powerful security solution in the World”; this smacks of hyperbole. I tested Prevx on three different computers. In all cases, when I had it run the complete scan, it found malware products, usually (but not always) in archival areas of the disks. In one case, it dug out two programs that had been identified four or five years ago, and had been “cleaned” by other anti-malware products. Prevx found zipped versions of the programs, buried deep down inside some sort of restore folder that I did not know existed on my extra backup drive. They had been missed by many “complete system scans” by a good number of other products that I have used or tested in the past few years. On another computer, it identified a malware product that had crept in recently past three active anti-spyware programs and one active anti-virus program. Prevx does not produce the usual list of “cookies” often turned up by the dozen by other programs in an attempt to scare people into buying their product, but real .exe files that have been allowed onto the computer in spite of being scanned by the “active protection” of other, highly-rated programs.

Reviewer 5: My experience with Prevx was that it generally performed as promised.

Reviewer 6: Yes, it seems to. By the very nature of detection programs, it cannot be conclusively determined that it detects all malware and harmful activity, but for those items detected, the remedial measures as described seemed to flawlessly function as promised. As the developer promised, the program runs smoothly in the background, monitoring activity on a real-time basis, interrupting workflow with a notification only if a known or questionable process attempts to run. Automatic scanning of already-installed active processes at repeating intervals is also provided.

Was it easy to install?

Reviewer 1: Yes. I uninstalled and reinstalled Prevx several times, and I encountered only one minor problem during one of the installations. I was told to restart my computer in order to complete the installation, but one time when I did, a message flashed on the screen saying that something had failed to initialize because the system was shutting down. The message disappeared before I could read it fully. It didn’t seem to affect Prevx’ performance.

Reviewer 2: No. I had a difficult time getting it to install. I suffered several system lock ups requiring hard shut down. (power button off.) This is never a good thing to do to any system. I had to boot into safe mode and turn the console off via msconfig. The Prevx console will not run in Safe Mode. I rebooted again and clicked the desktop icon, and my system again froze.
I finally had to download a removal tool from the Prevx site. I ran this to get it off the system and then sent a support request via email. They responded the next day and had me download a new version, Prevx 2.0. Although Prevx claims to “play nice” with other AV and malware solutions, I turned them all off for this install. This time everything went fine and Prevx installed and ran with no problems.

Reviewer 3: No. For a program that installs, in reality, only an “agent” on your computer and not an entire program (that is left on the company’s servers), the very large 13.43MD download is inexplicable. If not already installed, it also installs Windows C++ Visual Studio on your computer; although, I could find nowhere that this was divulged in the Prevx documentation. Additionally, it integrates itself into the Windows Security Center causing conflicts; and it installs a .dll (Dynamic Link Library) in the Windows Security Center through the process wmiprsve.exe and runs invisibly in one of the svchost.exe processes in your computer—this in addition to the two process it does make visible as running as active tasks. While the actual installation was essentially only a two-click process and a reboot, this is where the problems began, with a BSOD (“Blue Screen Of Death”) upon reboot and going downhill from there.

Reviewer 4: Yes. It is the usual Windows installation, without any peculiarities or difficulties. Once Prevx has been installed, the computer needs to be rebooted, at which time it runs some other setup procedures. Once these have been finished, I had it run a full system scan. This can take quite some time, depending on the size and number of hard disks that are being scanned, so usually I do this when I can leave the computer doing this on its own. Once the scan is finished, the malware found (if any) is listed. At that point, I have it put in the “jail.” In the cases that I have done this, I have found that it requires most of the computer resources, and is also time-consuming. So again, I leave the computer alone until it has completed its task.

Reviewer 5: My initial attempt at installation failed because online access was required for activation of either the trial or registered version. After I was online, updates began to load automatically. Each update was downloaded separately and a reboot was required to complete each one. Because of a problem with another program, I restored my system to an earlier state from a backup image, and therefore had to reinstall Prevx a second time. I was online during this second installation and it went more smoothly and the updating process was more transparent.

Reviewer 6: Installation was a snap, requiring user involvement only to the extent of asking if the user wished to do a trial, to buy or to provide serial number if already purchased. The download is not a large one (13 MB), manageable even on a phone modem hook-up.

Good Points:

Reviewer 1: Prevx offers an impressive array of anti-malware tools covering not just the programs run but also specific aspects of one’s browser, drivers, email (Outlook), memory, and network traffic (FTP, HTTP, IRC, POP3, SMTP, and Hosts File modification), Windows Startup, advanced aspects of program execution (especially behavior of DLLs), and more. It also permits monitoring activity of specific programs or activity of all programs for a short period of time and scans all programs when starting the computer. The online tutorial provides a clear, well-illustrated overview of Prevx’s functions. Prevx can be set to provide information in accordance with the user’s level of computer expertise. The program offers three levels: ABC (the most basic and the default), Pro, and Expert. The ABC level is for those with limited computer expertise or who prefer to simply install Prevx and have the program make most decisions without asking for input from the user. The two more advanced levels involve increasingly greater levels of user involvement in deciding what actions should be taken. I didn’t notice any difference between “ABC” and “Pro,” but that was probably because Prevx found no threats to ask me about. Prevx allows free use of the software as long as it doesn’t detect any problems. This is a great way to get the protection Prevx offers at no cost. If and when Prevx does find malware, it will deal with the problem and then give a 30-day trial, after which the user must either buy the program or remove it.

Reviewer 2: Prevx 2.0 appears to run fine with other anti-virus and anti-malware programs with no apparent conflicts and little impact on the system. On first run, it analyzes the current system setup and running programs This took about 7-10 minutes. Prevx uses a combination of an updated “local database” on one’s computer and a “Community Database” via the Internet to monitor starting programs. They are either determined to be ok, not ok or query. It allows the good ones to start, blocks the bad ones and queries the questionable ones and allows the to decide if it is Okay to run. The “Community Database” is generated from reports from experts and other users that the programs sends in during “update” operations.

Reviewer 3: There really are no good points, but there are many good ideas. I had great expectations for this program as its theory is innovative, its technical support and developers seem dedicated to trying making this a great product, and the product seems to at least try to do what it claims. Unfortunately, this program is simply not yet ready for prime time, and performed on my machine and for me as an early Beta product at best. This product is seriously flawed and poses a potential danger to one’s equipment. Additionally, I am not satisfied that it fully discloses how it purports to work or how deeply and intrusively it imbeds itself into the operating system. For this reason and the reasons I have detailed below, not only can I not recommend this software but I would urge the greatest caution against installing it on any computer.

Reviewer 4: Right-clicking on the Prevx icon in the system tray and selecting Console opens the main navigation screen, This is one of the best-designed anti-malware screens that I have seen. Not only is it attractive visually, it is easy both to understand and to navigate. Each Main Menu item navigates to a particular module of the program, which has its own sub-menu. One of the more interesting ones is “Program Activity”. This lists all the programs that have been recently run. Clicking on a program will open the Prevx Community Database, with quite extensive information about that program. I know that I have often seen programs listed in the Task Manager (Ctrl-Alt-Del) that always seem to be there, but I don't really quite know what they do. So apart from any “anti-malware” or security safety information, this is interesting information in and of itself. Another is the ability to monitor any particular program desired. Prevx will create a log-file of all the activities of that particular program. Again, even if it does not turn up nasty or criminal behavior, the exercise will give a good idea of what that program does. Or, all activity can be monitored, but this requires a lot of system resources to track all running programs. Prevx updates itself regularly and this process works in the background, without causing any slowdown. When it is finished, it will pop up a message stating that it needs to restart without any apparent effect on other work being done at the time.. Other functions are also unobtrusive. For example, whenever I install a new piece of software, Prevx, like many other anti-malware products, will monitor the installation; however, the popup in the lower right-hand corner of the screen is small, and semi-transparent It briefly announces what Prevx is doing (for example: “Newfile.exe is being verified”), then goes away. Many other programs also produce a pop-up, but often it is in bright colors, and requires one, two or three interventions (mouse-clicks in various boxes) from the user. I never had to tell Prevx what to do, so I can only assume that the program or activity had been cleared by Prevx, and had been judged safe. I was also pleased that Prevx did not require that I give permission for programs to be included in the start-up process -- I am already monitoring that aspect of Windows, and do not need anti-malware programs to do so for me. Although I did not have much reason to call on the Prevx support people, when I did so, I received prompt and courteous replies to my questions.

Reviewer 5: No conflicts were observed with other programs on my system including anti-virus and anti-spyware programs. There were no false positive malware results found after the initial scan. After it was fully installed and updated, Prevx ran unobtrusively in the background with little observable change from baseline except for the green icon visible in the task bar, and the slower system startup described below.

Reviewer 6: Whether testing or for personal use, I prefer applications that can be run right “out-of-the-box”, without conflicting with existing software; then, after growing familiar with the program, to apply my own preferences and delve into advanced settings and processes. Prevx is such a program. Except for updating the database, the program can be run unobtrusively in the background without resorting to manuals and a myriad of settings. The database consists of known malicious processes as well as those reported by the Prevx community – the users. In addition, Prevx is engineered to detect malware and suspicious activity by its own analysis of “signatures”. One may respond to alerts of suspicious activity by allowing the program/process to run or to stop it from running and placing it in “jail”. Known good or previously accepted programs/processes are automatically allowed. Known bad ones are automatically stopped and placed in the jail, with notification by means of a flashing icon in the task bar. That program/process may then be accepted, with the help of details on file with Prevx, or rejected and reported to Prevx to be added to the database. Consistent with the elegant simplicity of this application, the nerve center of Prevx is the Prevx console. Its friendly interface serves as the starting point for almost all user involvement. It is here that the user gains access to the jail or performs scans, finds information on programs and what they do and which have been recently run, establishes settings, accesses help and FAQs, performs updates and so on. The basic functions are all directed from this well laid out central controlling console. The help and FAQ sections are well written and organized. I never needed to contact Prevx support to solve a problem or to explain a process or procedure for me, although that too is freely available online, as is a tutorial and an excellent far-reaching and active forum. Although I never did figure out a consistent relationship between posting order and the posting dates, there was a lot of good reading there. Two features I really liked (accessible through the console), were Restore Settings, with which system defaults can be reset after having dealt with malware that might have changed them and the Scans for files and processes. Further details to make decisions can be accessed by clicking on the item of interest.

Weak Points?

Reviewer 1: Prevx’s Program Monitor feature lacks needed explanations and information. I used it to try to track down the source of a problem I was having, and it reported half a dozen “process hijack events” along with a number of “DLL events.” There was no explanation of these or what was being hijacked. When I wrote to Prevx to ask for an explanation of the terms, they replied promptly but with an inadequate “don’t worry about it” message that told me very little. I wrote back, asking for more information. They responded by telling me that “It means that the actor process requested access to the victim process using the OpenProcess() system call where it requested write access to the memory of the victim process. This can be the first step on a DLL injection or a code modification attack.” This was somewhat more informative, though it provided no identification of the “actor process,” nor do I understand why Prevx initially told me not to worry about these events. If in fact they are truly harmless, Prevx’s terminology (“hijack event,” “victim process”) seems inappropriate and misleading. As far as I can tell, there’s no way to shut Prevx down completely except by uninstalling the program. It’s easy to shut down the Console, but I could find no way to prevent the Prevx Agent from running. That made it hard to assess Prevx’s affect on other programs. Prevx apparently has no ability to scan an individual file. McAfee anti-virus, AVG anti-spyware, a-squared, The Cleaner, and other anti-malware programs all make it possible to right click on a file and do a scan with that program. I could get Prevx to scan a single directory, but not single files within the directory. I also had a problem with the pop-up messages that Prevx issued from time to time. Often, the messages disappeared from the screen before I had a chance to read them in full. I was somewhat disconcerted by the fact that every time I closed down my computer, I received an error message about a Runtime Error. The Prevx FAQ acknowledges this error and assures people that it does not affect Prevx’ performance. The FAQ also suggests unregistering the PrevxWMIProvider DLL to stop the error, but the error message persisted even after I had followed the suggestion.

Reviewer 2: None really. Other than a slight “hit” while it scans a startup program, it sits quietly in the system tray and monitors the system with little or no demand on system resources.
To be fully functional, Prevx requires access to the Internet at all times in order to compare the local database and the community database. This is not much different than any other protection software that requires updating to remain effective.

Reviewer 3: Upon installation and reboot I immediately got a BSOD (Blue Screen of Death) fatal error 0x00000050 (this typically means a driver problem). Normally, this alone is enough to cause me to remove the offending software and thus any testing and review; however, because this is a new and innovative product I decided to continue. The BSOD was resolved by booting into safe mode and then back again into regular mode, but the BSOD reoccurred several times over the ten days that I continued to try to test this product and the problem was never satisfactorily resolved. I next discovered that Prevx had destroyed my Internet connection. I found that my DNS client and DHCP services has been disabled and that I had a TCP/IP diver error. I re-enabled the necessary services and reinstalled the driver but found that while my Westfal modem seemed to be working (I could surf the modem) it was not allowing me to connect to Web sites. A lengthy one-hour troubleshooting session with BellSouth Fast Access, my DSL provider, found that something had caused my modem to become “out of sync.” A reset of my modem solved this problem. Now I was left only with a “C++ runtime error” each time I shut down my machine. Disturbing, but not disabling. Problems at bay for the moment, and in between recurrences of these problems, my testing revealed additional weaknesses. First, Prevx slowed down my system drastically: an over all slower response, slower boot time (it added 68 seconds to my boot time), and slower Web page loading with constant “Website not found” errors. Memory use was excessive, CPU would spike to 100% on loading, and there were constant CPU spikes as well as HDD activity while using Prevx. As for results using Prevx, there were constant popups from my firewall asking to allow Prevx to phone home, as well as many false-positives. Many of the false positives provided no description other than %mai% that I learned from support to mean Malware Automatic Intrusion and had something to do with the environmental variables I had set on my machine (and no, I still have no idea what this meant!). I discovered that in addition to two new services (actually three counting the one hidden in svchost.exe—see above) that would remain running (and consuming resources) even when Prevx was disabled, there was a new service running in my local network. I decided I could do no more with this product and needed to remove it from my machine before any serious harm might be done, and discovered I could not remove it. Using, the Windows add/remove applet was useless as was trying several third part uninstaller programs. In each case there was still a process running that could not be killed using either Window’s Task Manager or killed or removed using WinPatrol. I tied the special removal tool which is available on the Prevx website and still there were active remnants of Prevx. Finally, I had to reboot into safe mode to remove this software. Once the program was ostensibly removed, I checked the registry for leftover or orphaned entries and found 422 remnants. In over 20 years of testing computer software, never have I found even half this number of empty or orphaned entries left in a registry by a single software program. But that is still not all. I finally had to open Device Manager and manually delete the several Prevx drivers that still remained and continued to cause conflicts. Prevx has found a way to out do even McAfee as being the most offensive, sloppy, and difficult program to uninstall. There is technical support, a FAQ, a tutorial, and a very active (as you might suspect) Forum available to help with technical issues. The FAQ is useless, the Forum only allows you to realize the old adage about misery loves company, and technical support—while quick—seems to offer only complicated and highly technical solutions requiring registry edits or command (CMD) line entries. Even for the power user or highly skilled, these instructions were difficult. Furthermore, I do not like to force my computer to make system or kernal changes to accommodate sloppy and poorly written code by programmers who are seemingly passing a Beta product as a general release and selling anything but quality control. So, again, I am suggesting readers to stay far away from this product as it now stands. This is a truly horrendous software program that cripples computers (see below for further comments and reports of other users with similar experiences).

Reviewer 4: My main criticism of Prevx is that the link from the Web site to the users forum is not at all obvious. The forum is, in fact, Castlecops, and is an outstanding resource. Not only is there a sub-forum on Prevx, but a good number of other well-known software programs are there as well, including some that have previously been reviewed by the Neat Net Tricks Software Review Panel. This forum should be included as a specific topic in the help file, and as an item in the right-click menu of Prevx in the System Tray and it should be much more prominently displayed on the Web site, so that there is easy one-click access. Many questions that would otherwise be sent to the Prevx support staff can be easily answered in the forum.

Reviewer 5: The license is restricted to installation on a single computer; this is more restrictive than many programs available today. (There is also a “Family Plan” which allows purchase of four licenses for less than the cost of 3 individual ones.) Upon completion of the initial scan the Prevx taskbar icon displayed the following message: “Prevx1 has detected you are running a program unknown to the Prevx1 Local and Central database. This doesn't mean the program is malware simply unknown, however you should run the program with caution. To view further details double-click the program listed in the Recent Program Activity.” I went to the “Recent Program Activity” section and found a list of currently running programs. All had the accompanying Green (Good) icon except MS Word and Windows Update Automatic Update which were associated with amber icons. Clicking on them brought up an online analysis showing that they were both good. While the end result of this report was good, there was more uncertainty, time spent, and alarm triggered than should have been with such mainstream Windows programs. I noticed a small but significant delay in the amount of time for Windows XP to boot to its fully ready state after the addition of Prevx to my system. This seems to be due to a startup scan of my system and/or Prevx’ search for updates.

Reviewer 6: I found nothing that I was concerned about. The program requires Windows 2000 or newer, 32 or 64-bit. Vista users should be cautioned that as of this writing, Prevx 2.0 is available only in Beta.

Comments:

Reviewer 1: When I started using Prevx several months ago, it slowed my system substantially, and it more than doubled the time required for some procedures. But I’ve now downloaded several newer versions, and the most recent version seems not to affect my computer in this way. In fact, each new version seems to work noticeably better than the ones before it.

Reviewer 2: The Prevx “Console” provides 8 sections or buttons to manually trigger various operations: Jail – Blocked programs are sent here. They can be viewed or accessed from this location; Program Activity – Here the user can view information about programs that have recently been run; Scan & Monitor – Here one can manually scan Files, Processes and Programs and run a “restore setting” after a clean up of a malware infection; Advanced – This 4-tabbed section contains extensive tools to control and monitor the system (BHO’s, Drivers, Email, Memory hacks, Network operations etc.) The program offers a deep toolbox; Preferences – This section allows the user to set various settings like “Event Notification”, “Caution Programs”, automatic updates, password protection for the console itself and the ability to set up a Proxy Server configuration. The user can also access Prevx Support and submit a trouble ticket and manually check for updates via the main menu on the Console. Right-clicking the Prevx icon in the system tray accesses a menu that includes a fairly thorough Tutorial via the internet and browser.

Reviewer 3: It is important to understand that this is a server-based and not a desktop-based program. The actual program resides on Prevx’ servers with only an agent on the local computer; thus the need for it to constantly phone home. Additionally, however, this means that Prevx is making server-side decisions about one’s computer without any user input. This is a dangerous software practice and all too reminiscent of Microsoft’s love of long-distant control. Secondly, Prevx says it reports anonymous information on attempted intrusions back to a central database but that it will not use the information, and I quote, for any purpose other than analyzing and publishing overall threat activity on the Internet, researching threats, compiling statistics, and to further refine and improve the performance of the Prevx Software. This is simply not true as according to Gladiator Security (and again I quote) Prevx anonymously and automatically sends us threat data each time an attack is made on your PC. We sell this data to organizations such as ISPs and Prevx Enterprise customers. Prevx analyzes this threat data to track the emergence and spread of new security threats. So like our corporate customers, you benefit from the continual improvements made to the security policies that are such an integral part of our security solutions. This, in and of itself, would meet some definitions of spyware and depends on how much trust can be placed in that word “anonymously.” Finally, for further information on the problems that I described with Prevx, I would encourage referring to the well-known Castle Cops security forum as well as the highly-reputed Wilders Security forum to see that my experiences are not unique and have been shared by many, many others. While I was unable to actually test how well Prevx performed, there are several such comparison tests available, two of which can be found here and here.

Reviewer 4: Prevx offers a couple of interesting marketing approaches to potential users. One is the “Free Trial Plus” that provides a fully-functional version of the program for free until it detects a malware product. The 30-day normal trial period, still fully functional, begins at that point. Unlike other programs, a license can be purchased for a month, a quarter or a year. Prevx can be purchased for a “Family” at a much-reduced rate for each computer. Increasingly, households have several computers at home to meet the needs of work and school. They are often networked, to share printers, Internet connections and so on, and will sometimes transmit malware from the one to the other. Prevx offers a license for each computer in the family at a reduced rate -- a marketing approach that could be a model for other producers. In the Family approach, there is also a Central Control “Dashboard.”

Reviewer 5: Since Prevx relies on malware reports from individual users to alter and update its malware database for all users, this program must be allowed to “phone home” with reports of any malware found.

Reviewer 6: Prevx is a refreshingly uncluttered, easy-to-use program with a small footprint. It will run gently in the background, not interfering with other programs or normal operations – unless something questionable attempts to enter one’s system. Those not sure about purchase of this program may conditionally use it for free. The detection facility will remain free, but after malware is detected and rejected by Prevx another 30 days with full free protection is provided but purchase is then required in order to continue with full protection; otherwise, Prevx reduces to detection mode only.

Will you continue to use it?

Reviewer 1: No. I don’t feel that I need the kind of “always on” protection that Prevx offers. However, people who surf or download less cautiously than I do may find Prevx a useful tool.

Reviewer 2: Yes. It’s a fairly low impact solution that works well. I have thrown out paid-for solutions that demanded too much system resources.

Reviewer 3: Under no circumstances whatsoever!

Reviewer 4: Yes. I intend to go the Family Route.

Reviewer 5: Yes.

Reviewer 6: Yes. The database and detection methods seem like a unique and excellent blend and approach for protection against malicious programs and processes, even including hacking attempts.

Prevx replied: We’re delighted with the overwhelmingly positive comments from all but one of the reviewers. We appreciate that in the very early versions of Prevx 2.0, which was released as these reviewers were testing the product, a number of users experienced issues with the installation process. This has now been fully remedied and a brand new MSI installation routine has been implemented in later versions of Prevx 2.0 to ensure totally smooth installation and deployment of the product. Separately, I am still surprised by the level of vitriol displayed by Reviewer 3, who has gone out of his way to rubbish a product that all the other reviewers were impressed by, even to the extent of quoting blog entries that are 2 years out of date and refer to a different product.

OPERATING SYSTEMS USED IN THIS REVIEW
Windows XP Pro, XP Home

Back