Would it be a nono teaming this up with Treathfire?

-{ Quote: "Would it be a nono teaming this up with Treathfire?" }-
wouldnt being hooked on phonics be a wonderful thing to.;)

-{ Quote: "Would it be a nono teaming this up with Treathfire?" }-

It does work alongside Threatfire, but we've had a couple users complain about PC Tools Firewall. You "may" want to set self protection to Minimum (but if you're using 64bit it should actually be fine out-of-the-box :))

People dont want to use this with Treathfire, they want to use it by itself. That is why it is imperative a customer has the option to block automatically. Edge should not need crutches. Is that why .37 has the default for self protection set at minimum. Not good. Edge sets the standard, let the others adjust to it.

-{ Quote: "People dont want to use this with Treathfire, they want to use it by itself. That is why it is imperative a customer has the option to block automatically. Edge should not need crutches. Is that why .37 has the default for self protection set at minimum. Not good. Edge sets the standard, let the others adjust to it." }-

Edge's self protection setting by default is Medium but we do periodically have to recommend setting it to Minimum because of other products with aggressive protection modules that are incompatible with Edge.

"Block automatically" is definitely a good feature to have - it won't make this imminent release but the next major release will include it :)

then GES/POR and I, are at peace.8)

-{ Quote: "Yes ;D ;D We are working on cutting it back though - we <cannot> break 1MB!" }-

Someone could not believe us, but we're seriously taking care of that ;D

With Block Automatically, Edge will have bridged the gap between AV and HIPS. A product that has yet to be defined into a specific security application gender. It continues to evolve, left and right each week. It really is a trip watching where this may eventually end up.

-{ Quote: "Edge's self protection setting by default is Medium but we do periodically have to recommend setting it to Minimum because of other products with aggressive protection modules that are incompatible with Edge.

" }-
After installing on my Vista set-up, Prevx Edge has always had a default self-protection setting of Minimum.

Does the program set its own level depending upon what other security products it detects during install?

-{ Quote: "Edge's self protection setting by default is Medium but we do periodically have to recommend setting it to Minimum because of other products with aggressive protection modules that are incompatible with Edge.

"Block automatically" is definitely a good feature to have - it won't make this imminent release but the next major release will include it :)" }-

using Avira Premium + Mamutu as main realtime secuirty apps, would u advise keeping edge at the default self protection level or medium or do u think i should put it to minimum? :-\

-{ Quote: "After installing on my Vista set-up, Prevx Edge has always had a default self-protection setting of Minimum.

Does the program set its own level depending upon what other security products it detects during install?" }-

im on vista and its default was Medium with Avira + Mamutu installed :-\

-{ Quote: ""Block automatically" is definitely a good feature to have - it won't make this imminent release but the next major release will include it :)" }-

Another vote for this :thumb: I did raise this point a long time back soon after Edge came out.
This is getting to look better and better :)

-{ Quote: "using Avira Premium + Mamutu as main realtime secuirty apps, would u advise keeping edge at the default self protection level or medium or do u think i should put it to minimum? :-\" }-
I like the term, "main realtime secuirty" though I dont agree, with respect. Try medium and if a issue drop it one level.

-{ Quote: "I like the term, "main realtime secuirty" though I dont agree, with respect. Try medium and if a issue drop it one level." }-

well i dont really consider WinPatrol or Rollback Rx as so much as real-time protection with self-defence, i consider them more as just regular apps that run in realtime yet provide protection/utility for me. and i havent noticed any issues, but im wondering if their could be an issue behind the scenes that i dont notice by keeping it at medium.

I know my friend. I think Avira and Edge though, are a killer combo and will be light on your resources. Kind of like what I am using. I am not sold, on Mamutu.

-{ Quote: "I know my friend. I think Avira and Edge though, are a killer combo and will be light on your resources. Kind of like what I am using. I am not sold, on Mamutu." }-

im using free trial of edge though, just as a notification tool sort of is why. since it adds NO slowdowns of any kind, i thought i might as well keep it as reassurance :P

It still has a impact on resources. I am trying Chrome and like it. With what I have it allows me just that extra little bit of speed when loading web pages.

The reality is, Avira covers just about all, forget tests and what others say, nothing can touch it right now. Edge is different but pretty much covers your ass like Avira. They dont conflict, they use very little resources and with the 2, you really cant get any more protected. With the 2 you have the best out there right now. Plain and simple.

Of course Sandboxie is nice to.;)

Avira Personal and Edge Free has got to be the most populair freeware sec. combo on here now, havent seen it any sigs but im pretty sure alot of lurkers have it runnin and cant disagree. Speed of development is quit high(frequent program updates) + support is grand + high detection + low resource usage :thumb: but the frigging best of all is i kinda look at these apps as "by users, for users" as in user input is processed

-{ Quote: "Avira Personal and Edge Free has got to be the most populair freeware sec. combo on here now, havent seen it any sigs but im pretty sure alot of lurkers have it runnin and cant disagree. Speed of development is quit high(frequent program updates) + support is grand + high detection + low resource usage :thumb: but the frigging best of all is i kinda look at these apps as "by users, for users" as in user input is processed" }-

i definetly agree with you ;D

-{ Quote: "After installing on my Vista set-up, Prevx Edge has always had a default self-protection setting of Minimum.

Does the program set its own level depending upon what other security products it detects during install?" }-

There are some factors which come into play in defining the default self protection level, but you may consider uninstalling and reinstalling to see if that resets it to medium, if not, Edge has probably determined that Minimum is the best setting for your system.

I have mine set to the MAX and no conflicks with what I use!

TH

Joe just to let you know all of my Right Click Scans are working flawlessly even single file scans!

Thanks again,

TH

-{ Quote: "Joe just to let you know all of my Right Clicks Scans are working flawlessly even single file scans!

Thanks again,

TH" }-

Excellent, thanks! ;D

-{ Quote: "Excellent, thanks! ;D" }-
So, is the new version out yet? I've read on one of the posts that it should be out this week.

-{ Quote: "So, is the new version out yet? I've read on one of the posts that it should be out this week." }-

The release is scheduled for tomorrow :)

Good glad to hear that.:thumb:

-{ Quote: "Avira Personal and Edge Free has got to be the most populair freeware sec. combo on here now, havent seen it any sigs but im pretty sure alot of lurkers have it runnin and cant disagree. Speed of development is quit high(frequent program updates) + support is grand + high detection + low resource usage :thumb: but the frigging best of all is i kinda look at these apps as "by users, for users" as in user input is processed" }-

add SBIE and you have killer security.

Ice

Version 3.0.1.38 is now out!

TH

-{ Quote: "Version 3.0.1.38 is now out!

TH" }-

No changes to the consumer version, just changes to the enterprise code :) (but we're keeping everyone synchronized :))

-{ Quote: "No changes to the consumer version, just changes to the enterprise code :) (but we're keeping everyone synchronized :))" }-

Is it final now?

-{ Quote: "Version 3.0.1.38 is now out!

TH" }-

Frigging sweet! TY

It's not 100% final yet, but it's 99% final ;D Should be out soon :)

-{ Quote: "It's not 100% final yet, but it's 99% final ;D Should be out soon :)" }- like ace ventura says"already then";D

-{ Quote: "like ace ventura says"already then";D" }-

Pet detective?

-{ Quote: "Pet detective?" }-

Prevx detective? ;D

Bought Prevx EDGE ;)
Happy customer (so far ;D ;D )

-{ Quote: "Bought Prevx EDGE ;)
Happy customer (so far ;D ;D )" }-

Welcome to the club! :thumb:

And now v3.0.1.38 is officially released :) It will be available for update soon but it is available for download immediately :)

now the tray icon.;)

-{ Quote: "now the tray icon.;)" }-
Looks the same to me. ???

Looks better now. GJ The green point has 3d now.

-{ Quote: "Looks the same to me. ???" }-

Me too. Looks the same as .17 AND .37, dunno. ??? Dl'd .38 cuz laptop did not auto update. As long as the baddies stay out.....

-{ Quote: "Me too. Looks the same as .17 AND .37, dunno. ??? Dl'd .38 cuz laptop did not auto update. As long as the baddies stay out....." }-

I hope so, I can't tell the differance on my laptop ???

TH

If the window says 3.0.1.38 in the bottom right corner, you're on the right version and the baddies will stay out ;D

-{ Quote: "Looks better now. GJ The green point has 3d now." }-

Yep, upgraded and it's better now:thumb:
Any changelog? Or just minor updates for incoming "massive" updates?

-{ Quote: "Yep, upgraded and it's better now:thumb:
Any changelog? Or just minor updates for incoming "massive" updates?" }-

Relatively minor changes between 3.0.1.17 and .38. The large changes are still in development but getting larger every day :)

When will .38 be available for "Check for Updates" ??? Update keeps telling me that I'm using the newest PrevX software and I'm currently at .17


PrevX should give the user the option if they want latest update as soon as possible or wait for PrevX to make it available to the client updates.

-{ Quote: "When will .38 be available for "Check for Updates" ??? Update keeps telling me that I'm using the newest PrevX software and I'm currently at .17


PrevX should give the user the option if they want latest update as soon as possible or wait for PrevX to make it available to the client updates." }-

We always wait before releasing it to existing users to ensure that no conflicts exist and that all of the false positives are corrected from other vendors. Its generally safer to wait about 1 day until we release it but for now you can get the newest version from http://info.prevx.com/downloadedge.asp :)

-{ Quote: "If the window says 3.0.1.38 in the bottom right corner, you're on the right version and the baddies will stay out ;D" }-

We were talking about the Icon what is the differance? :blink:

-{ Quote: "We were talking about the Icon what is the differance? :blink:" }-

It has a minor change in a few pixels to make the center more '3d'. If you go back to .17 and then switch to .38 you may notice the difference (its small ;D)

-{ Quote: "It has a minor change in a few pixels to make the center more '3d'. If you go back to .17 and then switch to .38 you may notice the difference (its small ;D)" }-

im curious now, could someone post a screenshot of the new icon?

-{ Quote: "im curious now, could someone post a screenshot of the new icon?" }-

The new version .38 is released officially so you can download it directly from http://info.prevx.com/downloadedge.asp ;)

-{ Quote: "im curious now, could someone post a screenshot of the new icon?" }-
http://i39.tinypic.com/fx4qa.jpg

The better way is to follow PrevxHelp's directions.

-{ Quote: "http://i39.tinypic.com/fx4qa.jpg

The better way is to follow PrevxHelp's directions." }-

i can sorta see the difference, the image is very small though, thx. i do like the new icon btw ;D

Very slick interface and seems to do a good job at detection. I'm using the trial and like it but it seems to be flagging this file: vistaessentials.dll in my crytek\wars\tools directory. Low risk adware. I tried uploading at virus totals and no other AV flagged the file. Just curious, is this a FP or really an adware type file.

Ice

-{ Quote: "Very slick interface and seems to do a good job at detection. I'm using the trial and like it but it seems to be flagging this file: vistaessentials.dll in my crytek\wars\tools directory. Low risk adware. I tried uploading at virus totals and no other AV flagged the file. Just curious, is this a FP or really an adware type file.

Ice" }-

I can check it out if you want - sometimes programs have semi-adware components attached in them which could be what this is being flagged as.

If you could click Tools > Save Scan Results and then send me the line of the scan lo which includes the file, I'll analyze it ASAP :)

-{ Quote: "I can check it out if you want - sometimes programs have semi-adware components attached in them which could be what this is being flagged as.

If you could click Tools > Save Scan Results and then send me the line of the scan lo which includes the file, I'll analyze it ASAP :)" }-

Sure. who do I send the log file to? I noticed in the log its a few lines down. Very impressive log file I might add. vistaessentials.dll I put it in the exclude list for now, to ignore.

Al

-{ Quote: "Sure. who do I send the log file to? I noticed in the log its a few lines down. Very impressive log file I might add. vistaessentials.dll I put it in the exclude list for now, to ignore.

Al" }-

I've sent you a PM with my email address :)

-{ Quote: "I've sent you a PM with my email address :)" }-

thanks Joe. You should be receiving it shortly.
Al

-{ Quote: "The new version .38 is released officially so you can download it directly from http://info.prevx.com/downloadedge.asp ;)" }-

Thanks Joe installed and running smoothly.

With the new version .38 I can no longer right-click and do a scan on an individual file.

-{ Quote: "With the new version .38 I can no longer right-click and do a scan on an individual file." }-i click update and it doesnt update it says i have the latest:) what happen?;D

-{ Quote: "With the new version .38 I can no longer right-click and do a scan on an individual file." }-

Can you try uninstalling and reinstalling directly with v.38? It should be fixed, but there may be a bit of residual problems from the old version.

-{ Quote: "i click update and it doesnt update it says i have the latest:) what happen?;D" }-

It is released for new users but not as an update yet :) We will probably have a new version with a minor bugfix released as .39 by tomorrow or so which will then come out for updates :)

-{ Quote: "It is released for new users but not as an update yet :) We will probably have a new version with a minor bugfix released as .39 by tomorrow or so which will then come out for updates :)" }-ah i see,thanks that is for tomorrow cool;)

-{ Quote: "It is released for new users but not as an update yet :) We will probably have a new version with a minor bugfix released as .39 by tomorrow or so which will then come out for updates :)" }-
v3.0.1.39 installed and running very well here...as expected. Won't bother to ask what has changed given the aforementioned "...a minor bugfix released as .39..." above. ;D

The new version is running well here also!

TH

-{ Quote: "v3.0.1.39 installed and running very well here...as expected. Won't bother to ask what has changed given the aforementioned "...a minor bugfix released as .39..." above. ;D" }-

only for House M.D tv show fans ;D

-{ Quote: "only for House M.D tv show fans ;D" }-

lol, nice ;D

Keep stepping on those Bugs.

-{ Quote: "Can you try uninstalling and reinstalling directly with v.38? It should be fixed, but there may be a bit of residual problems from the old version." }-

Joe - Never mind figured it out. My HIPS (RegDefend) was blocking it. When I went in the Protection Settings and unchecked and rechecked Enable Right Click I got the prompt and allowed it in RegDefend. Works fine now. Sorry for the post (but as always thanks for your quick response).

I've version 3.0.1.17 installed, trial mode.

When i force the check for updates it says that the software is up to date but i see that on the site you download an higher version.

Which could be the problem?

Thanks in advance and best regards

-{ Quote: "I've version 3.0.1.17 installed, trial mode.

When i force the check for updates it says that the software is up to date but i see that on the site you download an higher version.

Which could be the problem?

Thanks in advance and best regards" }-

You can download the newest version from http://info.prevx.com/downloadedge.asp (which is now v3.0.1.40) but we are waiting until Sunday before we release the version to existing users for updates :)

Many thanks for your quick reply...........no hurry, just wondering if something was wrong (and it wasn't :D)

I'll just wait for official release.

Best Regards

Joe: auto updated to .40 little while ago. Noticed the icon in the tray had a orange circle imposed on lower right of icon. It is disabling itself! After numerous reboots and enabling on the reboot, it disables and disappears. Is this a glitch in the .40 version? :-\ Until this one came out, all was ok. Let us know.

-{ Quote: "Joe: auto updated to .40 little while ago. Noticed the icon in the tray had a orange circle imposed on lower right of icon. It is disabling itself! After numerous reboots and enabling on the reboot, it disables and disappears. Is this a glitch in the .40 version? :-\ Until this one came out, all was ok. Let us know." }-

Hmm.... nothing was really changed in .40 so I'm not sure why it would cause a problem. Could you try uninstalling, rebooting, and then reinstalling fresh directly to .40?

Dunno, but think I fixed the problem. Discovered a program called DISCATALOG sitting on HD since 06. I got rid of it and its been 10 minutes or so, and the green light is still burning. :) Sorry I pushed the panic button to soon, but thats the way it is sometimes w/old folks. ;)

-{ Quote: "Dunno, but think I fixed the problem. Discovered a program called DISCATALOG sitting on HD since 06. I got rid of it and its been 10 minutes or so, and the green light is still burning. :) Sorry I pushed the panic button to soon, but thats the way it is sometimes w/old folks. ;)" }-

No problem :) I never mind investigating a possible issue!

-{ Quote: "You can download the newest version from http://info.prevx.com/downloadedge.asp (which is now v3.0.1.40) but we are waiting until Sunday before we release the version to existing users for updates :)" }-

Is it a final Joe?

TIA,

TH

-{ Quote: "Is it a final Joe?

TIA,

TH" }-

Yes, still going to release it on Sunday for update and it is released officially now :)

-{ Quote: "Yes, still going to release it on Sunday for update and it is released officially now :)" }-

Thanks ;)

Joe, v3.0.1.40 installed (auto) and running smooth as silk here. Dare I ask about a changelog? ;)

-{ Quote: "Joe, v3.0.1.40 installed (auto) and running smooth as silk here. Dare I ask about a changelog? ;)" }-

Only one minor change for the enterprise version so nothing that directly affects everyone else :)

-{ Quote: "Only one minor change for the enterprise version so nothing that directly affects everyone else :)" }-
Gracias!

New version installed and running fine. :thumb:

On to the Prevx blog world: Pretty serious stuff :thumb: :thumb: :thumb:

http://www.prevx.com/blog/116/Learning-from-Rustock-rootkit.html

-{ Quote: "On to the Prevx blog world: Pretty serious stuff :thumb: :thumb: :thumb:

http://www.prevx.com/blog/116/Learning-from-Rustock-rootkit.html" }-
yep, they do take this stuff seriously.;)

Edge is quickly leaving traditional AV's behind in the dust. I still run one but not without Edge.

The new .40 version is running flawlessly here also...:thumb:

-{ Quote: "The new .40 version is running flawlessly here also...:thumb:" }-
Yup, getting bored! Can't wait for the next beta and the 'tons' of exciting new features that Joe has hinted at. Bring it on! ;D

Running great here as always also. Wish I had more time off work to have more puter time to do more beta testing with Prevx. I was in on the initial round had enjoyed it. Kind of good to know that some of your input helped to make such an excellent program.

-{ Quote: "Yup, getting bored! Can't wait for the next beta and the 'tons' of exciting new features that Joe has hinted at. Bring it on! ;D" }-

Prevx is so complete a program that with my Avira license running out in 3 months I may just run it with Online Armor. Thats as solid and light a set up I can think of since I have a license with OA also...:o ;D

-{ Quote: "Reboot got me a consistent BSOD from pxscan.sys with the message DRIVER_UNLOADED_WITHOUT_CANCELLING_PRNDING_OPERATION. " }-
I had this too. I have to use autoruns to get Prevx not to load at startup. But I even cannot uninstall Prevx, if I try I get this BSOD >:(

-{ Quote: "I had this too. I have to use autoruns to get Prevx not to load at startup. But I even cannot uninstall Prevx, if I try I get this BSOD >:(" }-

I've sent you a PM to hopefully resolve the problem.

Why no Prevx forum here.This is used like one and more active than many others here

You cant have a forum for every product spoke about here. It just isnt feasible. But it is nice to have a place where we can come and discuss all the different products.

If anyone can help that would be great I also did contact Prevx support but I bought edge and used it for a while and did uninstall it,but to day I tried to reinstall it and I got this error:LO55 This license may only be used on one pc.Can anyone help with this?

-{ Quote: "I had this too. I have to use autoruns to get Prevx not to load at startup. But I even cannot uninstall Prevx, if I try I get this BSOD >:(" }-

I have had similar issues to Yamaneko. It has really messed things up on 2 different machines. How do we resolve this?

Thanks,

Dave

My resolution was to go back to an image, so not much help there unless you are also using Acronis.

PrevxHelp (joe) is probably just sleeping. You only have to look at any page in this thread to realise he helps every person who asks.

So no need to panic, he'll be on soon. :)

I haven't had any problems with uninstalling/installing, but I agree, an uninstall tool is always welcomed from any product.

Thanks for the reply.I do monitor Wilders alot and their are alot of good people here.I know that PrevxHelp is on here alot to try to resolve any issues and that`s why I posted here to.I have it installed right now in trial mode and that will be ok till it gets resolved because I also use Avira Premium Security Suite version 9.

Another great update, I sure feel secure. Keep up the great work.:thumb:

-{ Quote: "I have had similar issues to Yamaneko. It has really messed things up on 2 different machines. How do we resolve this?
" }-
First I go to Safe mode (http://windowshelp.microsoft.com/Windows/en-US/Help/d063548a-3fc9-4723-99f3-b12a0c4354a81033.mspx), run Autoruns (http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx) and unselected everything associated with Prevx (pxprot.sys, pxrts.sys, pxscan.sys, CSIScanner). That made possible to start Windows normally.

Then I run uninstall tool (http://info.prevx.com/download.asp?grab=csiuninstalltool) as Prevx-support adviced and installed new version (http://info.prevx.com/downloadedge.asp).

Thanks yamaneko. I will try your recommendations.

Dave ;D

-{ Quote: "If anyone can help that would be great I also did contact Prevx support but I bought edge and used it for a while and did uninstall it,but to day I tried to reinstall it and I got this error:LO55 This license may only be used on one pc.Can anyone help with this?" }-
Have you tried deleting the machines tied to the license with MyPrevx Web Consol?

-{ Quote: "You cant have a forum for every product spoke about here. It just isnt feasible. But it is nice to have a place where we can come and discuss all the different products." }-
:thumb: :thumb: ;D

No I haven't tried that.Thanks for the info.I didn't know you could do that.Will try when I return home.Out and about replying using my Iphone.

This might sound like a silly question but do the heuristics work in the trial mode? Also, is there a way to test the heuristic model of Prevx Edge?

thanks
Ice

-{ Quote: "This might sound like a silly question but do the heuristics work in the trial mode? Also, is there a way to test the heuristic model of Prevx Edge?

thanks
Ice" }-

yes they work, everything in edge works in trial, just wont remove anything it finds :-\

-{ Quote: "yes they work, everything in edge works in trial, just wont remove anything it finds :-\" }-

thanks! I tried messing around with the heuristic settings but couldn't get it to bark at anything I did. I guess I'm a safe computer user. :argh:

Ice

Your safe and secure Cube.:thumb:

Will Edge prevent/cleanup Vundo variants?

-{ Quote: "Will Edge prevent/cleanup Vundo variants?" }-
Definitely!

-{ Quote: "Will Edge prevent/cleanup Vundo variants?" }-

Yes, Edge prevents and cleanup Vundo variants. Last variant has ransomware-like behavior. We've already reversed it and written a decrypter. We are going to release it soon along with a blog post about the last variant.

-{ Quote: "Yes, Edge prevents and cleanup Vundo variants. Last variant has ransomware-like behavior. We've already reversed it and written a decrypter. We are going to release it soon along with a blog post about the last variant." }-

I look forward to reading it. Your blogs have been making for interesting and informative reading. :thumb:

-{ Quote: "I look forward to reading it. Your blogs have been making for interesting and informative reading. :thumb:" }-

Another :thumb: :thumb: :thumb:

Keep up the great work Prevx!

-{ Quote: "Yes, Edge prevents and cleanup Vundo variants. Last variant has ransomware-like behavior. We've already reversed it and written a decrypter. We are going to release it soon along with a blog post about the last variant." }-


That's what I thought but unfortunately my wife's laptop was hit with it while running a licensed copy of Edge (some darn java based game from what I can tell, who knows).

It was discovered by a scan with MBAM after she claimed her web browsing became very slow and wouldn't connect to some of her main websites.

Of course I asked her if the Prevx box popped up which she said no. I've ran MBAM, SAS Pro in safe mode, both found stuff related to Vundo, now they come back clean but the effects are still there, still trying to figure it out. I do realize nothing is perfect though needless to say I'm bummed as I was really hoping Edge would help with her 'clicking on s&!t'.

-{ Quote: "That's what I thought but unfortunately my wife's laptop was hit with it while running a licensed copy of Edge (some darn java based game from what I can tell, who knows).

It was discovered by a scan with MBAM after she claimed her web browsing became very slow and wouldn't connect to some of her main websites.

Of course I asked her if the Prevx box popped up which she said no. I've ran MBAM, SAS Pro in safe mode, both found stuff related to Vundo, now they come back clean but the effects are still there, still trying to figure it out. I do realize nothing is perfect though needless to say I'm bummed as I was really hoping Edge would help with her 'clicking on s&!t'." }-
Hopefully Joe or EraserHW will be able to offer some help shortly...they have never failed us yet...as far as I am aware! ;D

-{ Quote: "Hopefully Joe or EraserHW will be able to offer some help shortly...they have never failed us yet...as far as I am aware! ;D" }-

I'll see if I kept a scan log to identify the variant, not positive though. Anyways I realize stuff happens. I should also mention that the system was uning a fully functional version of Dr. Web A/V, so it wasn't just Edge. I have subsequently dumped it for Avira 9 which I should've had on there to begin with:(.

-{ Quote: "I'm bummed as I was really hoping Edge would help with her 'clicking on s&!t'." }-

There's no program that can defeat(protect) wives. Clicking s... is my wife's best online activity too. The only thing I can tell you is that with the time things get better...it takes years but finally things get really better. The best strategy is to not change often the security related software on her pc.

-{ Quote: "There's no program that can defeat(protect) wives. Clicking s... is my wife's best online activity too. The only thing I can tell you is that with the time things get better...it takes years but finally things get really better. The best strategy is to not change often the security related software on her pc." }-or denny access by default;)

-{ Quote: "or denny access by default;)" }-

Actually best would be deny access to the pc....;D

The bad thing is that wives don't accept limitations of any kind...and if you apply some...be sure...that in a few minutes...you'll have to answer some questions...why I can't do that...why that message...etc

Obviously we are all happy to help wives and girlfriends with their PCs :o :wacko:

-{ Quote: "or denny access by default;)" }-

@jmonge: What does your wife say about that? :P

People just have understand no security product is 100% safe 100% of the time!

TH

Hello all,
Sorry for the belated responses - I've been on a plane flying back to the US from the UK ;D

ExCavTanker: If you could PM/email me a scan log - that would let me identify what the threat is and if we miss it. We block boatloads of Vundo every day - its one of the largest infections out now - but no product is 100% against it (or any threat for that matter :)) If you could find a copy of the files, it would be very helpful as I can then have the research team update the rules against the new variant :)

Onslaught3566/Dave53: You can fix it yourself using the MyPrevx console and remove the machine from your setup or you can write a support email into our support inbox and they'll solve it for you ASAP :) (they're better at licensing things than I am ;D)

I'm back (and jetlagged) but I'll be awake for another 5-6 hours tonight in case anyone else has problems but then I'll be back on a more normal schedule :) Sorry for the delayed responses!

-{ Quote: "@jmonge: What does your wife say about that? :P

People just have understand no security product is 100% safe 100% of the time!

TH" }-she does not understand but doesnt mind as long as she doesnt get infected;D also as long as her hips doesnt block her facebook everything is just find;)

-{ Quote: "she does not understand but doesnt mind as long as she doesnt get infected;D also as long as her hips doesnt block her facebook everything is just find;)" }-

You shouldn't say that about her HIPS! ;D

-{ Quote: "You shouldn't say that about her HIPS! ;D" }-
nice hips lol;)
look what the hips can do, look at my avatar:) 1,2,3 kids:) the hips could block that for sure:)

-{ Quote: "Hopefully Joe or EraserHW will be able to offer some help shortly...they have never failed us yet...as far as I am aware! ;D" }-

I quote what PrevxHelp said :) I've had a trip too and then other 2 hours from the airport back to home. A prevx scan log would be really helpful :)

I'm going to sleep a bit: I've been awake for more than 30 hours, I need to check if the bed is still there :)

Joe & EraserHW

Night, night both! Sleep tight!

What is the difference between a licensed and unlicensed one? Im sure it has been answered already but I'm having trouble searching for it and dont want to read a 100 page thread.

-{ Quote: "What is the difference between a licensed and unlicensed one? Im sure it has been answered already but I'm having trouble searching for it and dont want to read a 100 page thread." }-

Licensed removes the threats found unlicensed does not!

TH

-{ Quote: "Licensed removes the threats found unlicensed does not!

TH" }-
Thanks for that. The free one does still block infections right?

-{ Quote: "Thanks for that. The free one does still block infections right?" }-

The free one does not block infections - it warns when a bad file is found and scans in realtime for free :)

-{ Quote: "The free one does not block infections - it warns when a bad file is found and scans in realtime for free :)" }-
Let me just clarify,

The free/unlicensed version will scan for infections.
It does not block infections (i.e. like a resident guard)
It does not clean infections

Is this correct?

-{ Quote: "Let me just clarify,

The free/unlicensed version will scan for infections.
It does not block infections (i.e. like a resident guard)
It does not clean infections

Is this correct?" }-

That's correct - however, if you are using the free version the overhead is identical to the paid version (so you can expect the same performance once licensed).

Can anyone explain to me the 3 levels of heuristics? This seems like a really nice feature but is there a way I could test it?

thanks
Ice

-{ Quote: "Hello all,
Sorry for the belated responses - I've been on a plane flying back to the US from the UK ;D

ExCavTanker: If you could PM/email me a scan log - that would let me identify what the threat is and if we miss it. We block boatloads of Vundo every day - its one of the largest infections out now - but no product is 100% against it (or any threat for that matter :)) If you could find a copy of the files, it would be very helpful as I can then have the research team update the rules against the new variant :)

Onslaught3566/Dave53: You can fix it yourself using the MyPrevx console and remove the machine from your setup or you can write a support email into our support inbox and they'll solve it for you ASAP :) (they're better at licensing things than I am ;D)

I'm back (and jetlagged) but I'll be awake for another 5-6 hours tonight in case anyone else has problems but then I'll be back on a more normal schedule :) Sorry for the delayed responses!" }-

I'll check tomorrow, I'm burned out right now:) Thanks

-{ Quote: "Can anyone explain to me the 3 levels of heuristics? This seems like a really nice feature but is there a way I could test it?
" }-

I tested the latest unlicensed version by setting both 'Age' and 'Popularity' to Maximum, and then running a .exe which I modified, but got no warnings. It seems these two heuristics don't work in unlicensed mode. I wonder if 'Advanced Heuristics' also applies to only the licensed version?

-{ Quote: "I tested the latest unlicensed version by setting both 'Age' and 'Popularity' to Maximum, and then running a .exe which I modified, but got no warnings. It seems these two heuristics don't work in unlicensed mode. I wonder if 'Advanced Heuristics' also applies to only the licensed version?" }-
The heuristics only work in the paid version. That is part of the real-time component of Prevx.

-{ Quote: "The heuristics only work in the paid version. That is part of the real-time component of Prevx." }-

Thank you for your response :). It would be clearer if those items which do not apply to the unlicensed version were disabled.

-{ Quote: "The heuristics only work in the paid version. That is part of the real-time component of Prevx." }-

thank you for confirming. I tried also to make the thing bark but got no response at any settings.

Ice

i'm trying PrevxEdge right now....hopefully KIS2009 will not duplicate much of PrevxEdge works or vice-versa.

in-case they duplicate each other, what will be the problem or is there any advantage?

-{ Quote: "
Ironically, I just came across a piece of malware which modifies dozens of system components and patches them with its own code, loads a rootkit and hides its service, then proceeds to collect personal information from the user and send it out.

I then proceeded to test it against identical system images of 20 odd AVs, all up to date, all with maximum heuristics enabled. None of them found it on demand, and none found it on access during the infection.

I then ran it against Edge (after making sure it was not already marked in our database to have it be a fair test) which blocked it before it installed, so, for good measure and out of curiosity, I allowed it to install, despite Edge's recommendation, and then Edge subsequently blocked the driver as it was attempting to load - citing first a 'Cloaked Malware' infection, followed by an "Age/Spread" violation (one of our heuristics) on the driver.
" }-

How was Edge able to block this malware before installation (assuming 'installation'=execution)? Was it because of information already at the servers from a person who previously encountered the same malware? Or because of heuristics that are computed locally? If the latter, is this functionality that can only be tested in the licensed version?

-{ Quote: "i'm trying PrevxEdge right now....hopefully KIS2009 will not duplicate much of PrevxEdge works or vice-versa." }-

There is some duplication but that is not a problem...beter safe tahn sorry in case one does not catch something ans the other does. ;D

-{ Quote: "in-case they duplicate each other, what will be the problem or is there any advantage?" }-None whatsoever. I have been running KIS 2009 (506a) & Edge since the early releases and have NEVER experienced an issue. They co-exist beautifully IMHO. ;D ;D

-{ Quote: "How was Edge able to block this malware before installation (assuming 'installation'=execution)? Was it because of information already at the servers from a person who previously encountered the same malware? Or because of heuristics that are computed locally? If the latter, is this functionality that can only be tested in the licensed version?" }-
A bit of both I believe but mainly because of the former, ie, "...because of information already at the servers from a person who previously encountered the same malware", or at least that is how I understand that it works.

-{ Quote: "There is some duplication but that is not a problem...beter safe tahn sorry in case one does not catch something ans the other does. ;D

None whatsoever. I have been running KIS 2009 (506a) & Edge since the early releases and have NEVER experienced an issue. They co-exist beautifully IMHO. ;D ;D" }-

thanks Baldrick! my only concern is they might affect each other efficiency because of duplicate protection.

also i noticed after i installed PrevxEdge, my shutdown time increase by almost 10secs....instead of 10secs to shutdown, now its 20secs. Does PrevxEdge do something during shutdown process?

-{ Quote: "thanks Baldrick! my only concern is they might affect each other efficiency because of duplicate protection." }-

A wise thought and question...but I can say again that I have never experienced any such issue. 8)

-{ Quote: "also i noticed after i installed PrevxEdge, my shutdown time increase by almost 10secs....instead of 10secs to shutdown, now its 20secs. Does PrevxEdge do something during shutdown process?" }-

Interesting...and more difficult to answer as there could be a number of factors involved. I personally have never noticed any effect due to Edge and my rig shuts down pretty quick. ???

I would time the shutdown a couple of times with Edge installed, then uninstall Edge and do the same again, ie, time a coupl eof shutdowns, and finish that off with a reinstall and timing a couple of shut downs with Edge installed again.

Then post back your results here and PrevxHelp (Joe...he is very good you know...;) ) may be around to offer some advice re. the results that you find. I am fairly sure that he will be interested in the information if it goes against what he would expect to happen in your circumstances.

;D

-{ Quote: "I quote what PrevxHelp said :) I've had a trip too and then other 2 hours from the airport back to home. A prevx scan log would be really helpful :)

I'm going to sleep a bit: I've been awake for more than 30 hours, I need to check if the bed is still there :)" }-

Do you boys get paid overtime ::) ;D

-{ Quote: "also i noticed after i installed PrevxEdge, my shutdown time increase by almost 10secs....instead of 10secs to shutdown, now its 20secs. Does PrevxEdge do something during shutdown process?" }-

I have had this slower shutdown with Edge since testing the first beta before its existence was made public here on Wilders. I understand its checking on shutdown and varies depending on your individual computer setup and software.
Remove Edge and the computer both shuts down and starts up almost straight away.
A small price to pay for the extra security.

To Joe Prevx Help
Today my previx tray to updete hemself but doesn't work >:(
the error is that an istruction point to a part of the memory but the mamory can't be read???
http://img16.imageshack.us/img16/4311/appunti01h.jpg


So i try to uninstall my Edge Pro but I don't find Edge on Control pannel-Add Application >:(
http://img25.imageshack.us/img25/2663/appunti02d.jpg

I try do turn off the edge Icon but the protection turn on automaticaly , I try to turn off CSIScanner from the Windows services but windows said Error 1053: the service don't aswer and obviosly I wasn't able to open the main gui of Edge, it works onli the icon on the try
How can i solve???? Edge protection was secting to minimum I think

Prevxedge give me this infection pop ups....i scan this with KIS2009, it says it's clean....

FP?

I went to my prevx this morning and the issue with my key was already resolved.The support team must have went in and deleted the original installation.My key now works.Thanks All for the help.:thumb:

-{ Quote: "The free one does not block infections - it warns when a bad file is found and scans in realtime for free :)" }-

Isn't a trial license possible if contacting you or anyone else of the support team?

-{ Quote: "To Joe Prevx Help
Today my previx tray to updete hemself but doesn't work >:(
the error is that an istruction point to a part of the memory but the mamory can't be read???


So i try to uninstall my Edge Pro but I don't find Edge on Control pannel-Add Application >:(

I try do turn off the edge Icon but the protection turn on automaticaly , I try to turn off CSIScanner from the Windows services but windows said Error 1053: the service don't aswer and obviosly I wasn't able to open the main gui of Edge, it works onli the icon on the try
How can i solve???? Edge protection was secting to minimum I think" }-
Hi Romagnolo

I can definitively see a Prevx Edge entry in Add/Remove programs on my rig. Perhaps if you go to the folder where Edge is installed and try double clicking the .exe you find there it may attempt to reinstall itself and recreate the Add/Remove link for you to then use to uninstall/reboot/re-install it?

-{ Quote: "Prevxedge give me this infection pop ups....i scan this with KIS2009, it says it's clean....

FP?" }-

Click back.
Head to Tools - Save scan results.
Send it to user PrevxHelp and he will correct it ;)

-{ Quote: "To Joe Prevx Help
Today my previx tray to updete hemself but doesn't work >:(
the error is that an istruction point to a part of the memory but the mamory can't be read???
http://img16.imageshack.us/img16/4311/appunti01h.jpg


So i try to uninstall my Edge Pro but I don't find Edge on Control pannel-Add Application >:(
http://img25.imageshack.us/img25/2663/appunti02d.jpg

I try do turn off the edge Icon but the protection turn on automaticaly , I try to turn off CSIScanner from the Windows services but windows said Error 1053: the service don't aswer and obviosly I wasn't able to open the main gui of Edge, it works onli the icon on the try
How can i solve???? Edge protection was secting to minimum I think" }-

Try
http://info.prevx.com/download.asp?grab=csiuninstalltool
Use, reboot, install
http://www.prevx.com/prevxedge.asp

-{ Quote: "Prevxedge give me this infection pop ups....i scan this with KIS2009, it says it's clean....

FP?" }-
Most likely an FP, especialy if you are running v3.0.1.40. There seems to be a small window, just after a new build is release, when there is a spate (but getting smaller with each build IMHO) of what apppears to be FPs. I tend to hit Back, then Settings\Detection Overrides where I mark the offending item as an FP and then notify Joe (PrevxHelp) with a Scan Log taken ASAP after the detection occurs.

Of course, before I mark the offending item as an FP I do check up on the web as to the abckground of the item concerned and only proceed as such if I am reasonably happy that it looks like an FP. If worried about that then just leave as is and notify Joe (PrevxHelp) with the Scan Log.:)

-{ Quote: "Most likely an FP, especialy if yo are running v3.0.1.40. There seems to be a small window, just after a new build is release, when there is a spate (but getting smaller with each build IMHO) of what apppears to be FPs." }-

is PrevxEdge prone to FP?....

-{ Quote: "is PrevxEdge prone to FP?...." }-
Hi fce

Any such application is not immune from FPs...it is the nature of the beast...but as far as I am aware whilst Edge does have some this is a really, really small proportion of the total number of files they analyse and have recorded in their databases...and IMHO that very, very small proportion has been getting smaller as time goes by and use of Edge increases...which is all to the good.

No need to worry. Just follow what I have suggested in terms of getting any such 'sightings' to Joe as soon as possible...they tend to be dealt with speedily. :)

-{ Quote: "thanks Baldrick! my only concern is they might affect each other efficiency because of duplicate protection.

also i noticed after i installed PrevxEdge, my shutdown time increase by almost 10secs....instead of 10secs to shutdown, now its 20secs. Does PrevxEdge do something during shutdown process?" }-

Hello,
Edge actually doesn't do anything during shutdown so I'd be surprised if it actually is increasing the time or if it is a case of the Heisenberg Uncertainty Principle ;D If you would like, send me a PM and I'll see if there is anything in your scan log which would indicate a possible bad interaction :)

-{ Quote: "Prevxedge give me this infection pop ups....i scan this with KIS2009, it says it's clean....

FP?" }-

I've PM'd you with my email address if you could send me a scan log I'll fix the FP :)

-{ Quote: "Hi fce

Any such application is not immune from FPs...it is the nature of the beast...but as far as I am aware whilst Edge does have some this is a really, really small proportion of the total number of files they analyse and have recorded in their databases...and IMHO that very, very small proportion has been getting smaller as time goes by and use of Edge increases...which is all to the good.

No need to worry. Just follow what I have suggested in terms of getting any such 'sightings' to Joe as soon as possible...they tend to be dealt with speedily. :)" }-

Exactly :) Edge periodically may produce a FP but so does every other AV - there's simply no way around it because there is such a large volume of software in the world and such a large volume of malware, there will always be a bit of overlap :)

-{ Quote: "Isn't a trial license possible if contacting you or anyone else of the support team?" }-

Yes, send me a PM or write in a support email and we'll give you a full trial license (for 7 days or so :))

-{ Quote: "Can anyone explain to me the 3 levels of heuristics? This seems like a really nice feature but is there a way I could test it?

thanks
Ice" }-

You can learn more about the configurable heuristics at http://info.prevx.com/edgehelp.asp (they're under Edge Settings > Heuristics Settings).

Let me know if you need any clarification on them :)

Also FWIW - the Edge heuristics for Age/Popularity apply primarily to real infections so just modifying an exe would make it new so it would appear to fall under the "young" age/"low" popularity, but there may be other factors which made it pass through heuristics (like location on the system, behaviors seen from the file, etc.)

Hi Joe

Glad to have you back. Hope that you are rested and recovered from your jet lag. I would not like to have to do the travelling that you seem to have to. ;D

-{ Quote: "Hi Joe

Glad to have you back. Hope that you are rested and recovered from your jet lag. I would not like to have to do the travelling that you seem to have to. ;D" }-

;D More or less recovered! (zzzzzzz ;D)

(And FWIW - we're still on schedule to release .40 to existing users as an update today :))

you're fast men!
thanks!

i got 3 more infection aside from the FP that i posted.
it says i need to turn OFF my internet and AV. I turned off the internet but not my AV, it says its already cleaned. i hope the infection is done now.

i scan my system using KIS (without Prevx installed) it never detected the 3 infection. I installed Prevx it give me 1 FP and when i activated my Prevx it do automatic scan and FP is solved and detected 3 new infection.

-{ Quote: "you're fast men!
thanks!

i got 3 more infection aside from the FP that i posted.
it says i need to turn OFF my internet and AV. I turned off the internet but not my AV, it says its already cleaned. i hope the infection is done now.

i scan my system using KIS (without Prevx installed) it never detected the 3 infection. I installed Prevx it give me 1 FP and when i activated my Prevx it do automatic scan and FP is solved and detected 3 new infection." }-

Edge recommends that you turn off your AV when cleaning to prevent interactions which would block cleanup. If you would like me to check that the files are really malicious, send another email over to my address and I'll analyze them :)

-{ Quote: "Edge recommends that you turn off your AV when cleaning to prevent interactions which would block cleanup. If you would like me to check that the files are really malicious, send another email over to my address and I'll analyze them :)" }-

check your email and please let me know what is that 3 infection that Prevx cleaned. i remember its Powerdvd .dll

i'm running my powerdvd right now without problem after the clean-up

-{ Quote: "check your email and please let me know what is that 3 infection that Prevx cleaned. i remember its Powerdvd .dll

i'm running my powerdvd right now without problem after the clean-up" }-

Got it - and found the reason behind the false positives and its now fixed for all of them :) Those powerdvd files are using an encryption technique used almost always only by malware but they are indeed legitimate.

I'm not sure what they actually do in context to the rest of the program, but if you do need to, you can restore them with the "Undo Cleanup" feature under Tools.

Sorry for the FP, but they definitely won't happen again :) (and this signature actually explains a handful of the more recent FPs reported here so this should cut down the complaints quite a bit :))

-{ Quote: "You can learn more about the configurable heuristics at http://info.prevx.com/edgehelp.asp (they're under Edge Settings > Heuristics Settings).

Let me know if you need any clarification on them :)

Also FWIW - the Edge heuristics for Age/Popularity apply primarily to real infections so just modifying an exe would make it new so it would appear to fall under the "young" age/"low" popularity, but there may be other factors which made it pass through heuristics (like location on the system, behaviors seen from the file, etc.)" }-

thanks!

-{ Quote: "Got it - and found the reason behind the false positives and its now fixed for all of them :) Those powerdvd files are using an encryption technique used almost always only by malware but they are indeed legitimate.

I'm not sure what they actually do in context to the rest of the program, but if you do need to, you can restore them with the "Undo Cleanup" feature under Tools.

Sorry for the FP, but they definitely won't happen again :) (and this signature actually explains a handful of the more recent FPs reported here so this should cut down the complaints quite a bit :))" }-

thanks. so the 3 infection that reported by Prevx is also FP?

Joe I'm sending you a file I just want to know if it is a PDF Exploit malware? And if it is can you tell me what it does?

TIA,

TH

-{ Quote: "thanks. so the 3 infection that reported by Prevx is also FP?" }-

Yes - they are all related to the previous FP you had (all detected by the same signature) so they should all be corrected now :)

-{ Quote: "Joe I'm sending you a file I just want to know if it is a PDF Exploit malware? And if it is can you tell me what it does?

TIA,

TH" }-

Finally got the infection working ;D We block it heuristically - it just looks like a downloader/dropper so nothing too fancy :) Let me know if you have anything else in need of investigating!

-{ Quote: "Finally got the infection working ;D We block it heuristically - it just looks like a downloader/dropper so nothing too fancy :) Let me know if you have anything else in need of investigating!" }-

Thank You!! As always Great Support!

TH

Tried changing various paramaters; no impact. Ran a scan and CPU down to normal during scan, then back to 50%. Will try a reboot and see if that helps.

-{ Quote: "Tried changing various paramaters; no impact. Ran a scan and CPU down to normal during scan, then back to 50%. Will try a reboot and see if that helps." }-

It may also be worth uninstalling and reinstalling - I'm surprised that the CPU usage would go down during the scan as normally that would be the time that it would go up :-\

Let me know what you find after rebooting or uninstalling :)

Rebooting fixed in for now. If it happens again, I will uninstall and reinstall. CPU to normal during scan surprised me too, was just looking for a related hang.

-{ Quote: "The heuristics only work in the paid version. That is part of the real-time component of Prevx." }-

Can an official rep please confirm this?

Thank you for answering, ambient_88 :).

-{ Quote: "Can an official rep please confirm this?

Thank you for answering, ambient_88 :)." }-

Oops - missed that post :) The heuristics are enabled in the trial version, but malware is not blocked in the trial. Also note that a lot of the heuristics only apply to real infections in their natural locations so running samples in a malware collection does not completely mimic the proper "shape" of an infection that a user would normally encounter :)

-{ Quote: "Oops - missed that post :) The heuristics are enabled in the trial version, but malware is not blocked in the trial. Also note that a lot of the heuristics only apply to real infections in their natural locations so running samples in a malware collection does not completely mimic the proper "shape" of an infection that a user would normally encounter :)" }-

Thanks for the fast response! By 'enabled', do you also mean that the trial version will give alerts (with no blocking allowed) upon a heuristic positive? I had taken a piece of a malware installer that Edge detects as bad, modified it, then run it with the Age and Popularity sliders set to Maximum, but got no alerts; thus I assume that the licensed version would also have given no alert with the same settings and modified malware installer?

-{ Quote: "Thanks for the fast response! By 'enabled', do you also mean that the trial version will give alerts (with no blocking allowed) upon a heuristic positive? I had taken a piece of a malware installer that Edge detects as bad, modified it, then run it with the Age and Popularity sliders set to Maximum, but got no alerts; thus I assume that the licensed version would also have given no alert with the same settings and modified malware installer?" }-

That is correct, however, modifying the installer could have corrupted it or changed it - could you send me the sample so I can see why we missed it? (I'll PM you my email address :))

-{ Quote: "That is correct, however, modifying the installer could have corrupted it or changed it - could you send me the sample so I can see why we missed it? (I'll PM you my email address :))" }-

I justed retested by modifying the original malware installer again, in a slightly different manner this time, and this time I already get a 'medium risk malware' message before I even install! This did not happen yesterday. Do you still need the sample? By the way, I should point out, that even yesterday, when I rescanned the altered malware installer after about 10 minutes, Prevx did already flag it as bad; does this count as a heuristic catch or not?

By the way, do we need to manually report false positives here (or by email), outside of already marking as 'false positive' within Edge itself?

-{ Quote: "I justed retested by modifying the original malware installer again, in a slightly different manner this time, and this time I already get a 'medium risk malware' message before I even install! This did not happen yesterday. Do you still need the sample? By the way, I should point out, that even yesterday, when I rescanned the altered malware installer after about 10 minutes, Prevx did already flag it as bad.

By the way, do we need to manually report false positives here or by email, outside of already marking as 'false positive' within Edge itself?" }-

Ah great :) That's the benefit of automated analysis :)

Correcting the file locally will send a recommendation to our researchers which requires a manual process to override it and correct the FP but if you want the file prioritized, feel free to PM or email me and I'll take care of it ASAP :)

-{ Quote: "Ah great :) That's the benefit of automated analysis :)

Correcting the file locally will send a recommendation to our researchers which requires a manual process to override it and correct the FP but if you want the file prioritized, feel free to PM or email me and I'll take care of it ASAP :)" }-

Yes very good :). Would yesterday's results count as a hit or miss on the heuristics settings though, as I did not get any alert immediately yesterday?

-{ Quote: "Yes very good :). Would yesterday's results count as a hit or miss on the heuristics settings though, as I did not get any alert immediately?" }-

Possibly a miss in this case, but depending on the sample, it may take more than one user seeing it to identify it as bad immediately. My guess is that the file was marginally suspicious yesterday but once we got another report of it we were able to track it down more accurately :)

-{ Quote: "Possibly a miss in this case, but depending on the sample, it may take more than one user seeing it to identify it as bad immediately. My guess is that the file was marginally suspicious yesterday but once we got another report of it we were able to track it down more accurately :)" }-

Great - maybe because I tried a few different modified versions :).

If a file is caught by the heuristics settings alone, and not flagged as bad in your database, does the alert clearly state the fact that the heuristics settings resulted in the alert?

-{ Quote: "Great - maybe because I tried a few different modified versions :).

If a file is caught by the heuristics settings alone, and not flagged as bad in your database, does the alert clearly state the fact that the heuristics settings resulted in the alert?" }-

Our database is built primarily on heuristics as well, but the client-side heuristics will result in warnings which are titled: "Age/Spread Criteria Violation" or "Edge Heuristics Warning".

However, we quickly identify malware as real threats so it is possible that something would have been caught by a heuristic warning but it is immediately identified completely as malware and the determinations updated centrally so its hard to say exactly which of our many engines found the file initially from the resulting determination :)

-{ Quote: "Possibly a miss in this case, but depending on the sample, it may take more than one user seeing it to identify it as bad immediately. My guess is that the file was marginally suspicious yesterday but once we got another report of it we were able to track it down more accurately :)" }-

By the way, here is a report on a newly modified version I created, which is now flagged already upon right click in explorer: http://info.prevx.com/aboutprogramtext.asp?Opt=C&AGENTPROFILE=CSIPLUS&MID=ac6beadc0b571b2cd3887a2b7d8a4aa5ca28d7e9b129a5edbdf4fec1672316c9&CMD=appinfo&PX5=BA46934418A10DBB6D0203CD9D34AC00446340B3&LIC=F09762B6-6342-4F2C-949E-26D6B91262B3&SFT=EDGE&HN=minerva&sessionID=A9D6FF45-A2B1-4919-B822-783BEFEC52D9

-{ Quote: "Our database is built primarily on heuristics as well, but the client-side heuristics will result in warnings which are titled: "Age/Spread Criteria Violation" or "Edge Heuristics Warning".
" }-

Thanks for the info :). I did not see either of these 2 warning titles yet.

If it's not a trade secret, what are the different levels of threats in your database? It seems that there is more than just 'bad', 'good', or 'not yet determined'.

-{ Quote: "If it's not a trade secret, what are the different levels of threats in your database? It seems that there is more than just 'bad', 'good', or 'not yet determined'." }-

We have quite a few different levels - we recently started breaking threats down by Low Risk/Medium Risk/High Risk and then infection type (adware/targeted information stealer/fraudulent security program/etc.), separate identification of programs which are identified as rootkits, identification of programs which are held as "caution" instead of outwardly malicious (unwanted software instead of malicious software), and then the heuristic determinations as well, and a separate category for infections which we cleanup for free.

Hope that helps!

-{ Quote: "
Hope that helps!" }-

It does, thanks! :)

Are all of these different levels also presented to the user in alerts? Or, if not, will be someday?

I'm glad to hear about the 'caution' level, because I believe most of my false positives ought to be classified as 'caution' programs.

Hi

Not sure if I should post this on this topic. Moderators please move if post is in the wrong section.

Below is copy of message sent to Prevx :

"New customer - great application by the way.
Have been using Prevx Edge for about 2 weeks before my purchase.
Have just received an e-mail from Prevx advising of system infection.
Previous scans have reported my system is infected. The offending files are:-
(a)wscui.cpl
(b)winhttp.dll
I treated these files as false positives and searched google to confirm that these are essential Microsoft files.
I am running Windows 7 build 7057 for evaluation purposes.

Would appreciate if you could confirm above and avise what further action is required on my part.

Regards

xxxxxxxxxxx "

Have any other users had similar problems with above 2 files. They reside in
Windows- System 32 on my comuter.

Any advice/assistance would be appreciated.

noel1947

-{ Quote: "....Have just received an e-mail from Prevx advising of system infection.
..." }-Wow, I had no idea that was an option. Should I have been able to see this in the trial version?

another question....

1> I'm using KIS2009, do i need to add PrevxEdge as KIS trusted application?

2> Is there an option also under PrevxEdge setting that i can add KIS as trusted application?

3> Is it advisable to add each other as trusted application? I don't want the time comes when there's incoming malware and both of them are fighting each other to detect the malware......while the malware is already doing bad thing on my laptop because of duplicate functionality & conflict of PrevxEdge & KIS.

-{ Quote: "another question....

1> I'm using KIS2009, do i need to add PrevxEdge as KIS trusted application?

2> Is there an option also under PrevxEdge setting that i can add KIS as trusted application?

3> Is it advisable to add each other as trusted application? I don't want the time comes when there's incoming malware and both of them are fighting each other to detect the malware......while the malware is already doing bad thing on my laptop because of duplicate functionality & conflict of PrevxEdge & KIS." }-

You don't need to add KIS to the Edge list, but KIS will warn if Edge is installed when you first install KIS. We're trying to get them to change this, but for now, you're going to have to uninstall Edge if you need to reinstall KIS.

We've developed Edge to be compatible with other security software so you don't have to worry about incompatibilities when malware is detected :)

-{ Quote: "Wow, I had no idea that was an option. Should I have been able to see this in the trial version?" }-

This is only available in the registered version with a license key using our "My Prevx" console where you can get reports of infections, manage PCs, and view the status of all of your PCs whenever you like :)

-{ Quote: "
I treated these files as false positives and searched google to confirm that these are essential Microsoft files.
I am running Windows 7 build 7057 for evaluation purposes." }-

Hello,
We have not yet whitelisted all of the Windows 7 build 7057 files but the research team will respond to you tonight or tomorrow from the support inbox about your report :)

PrevxHelp

Many thanks for your reply.

noel1947

-{ Quote: "It does, thanks! :)

Are all of these different levels also presented to the user in alerts? Or, if not, will be someday?

I'm glad to hear about the 'caution' level, because I believe most of my false positives ought to be classified as 'caution' programs." }-

Most of the levels are differentiated to the user except for the caution level currently but we are going to be changing the reporting for caution programs shortly to better differentiate and clarify the intent of the detected programs :)

-{ Quote: "This is only available in the registered version with a license key using our "My Prevx" console where you can get reports of infections, manage PCs, and view the status of all of your PCs whenever you like :)" }-
Hmmmm, thanks for response. Sounds miiiighty tempting.:)

I have to admit, at first I thought the way the trial worked was all wrong. But in reality, its really an ingenious idea. The trial lets the user use the program without any time limit but only acts as an identifier of sorts. This gives the user a very good understanding of how the program works and if needed, purchase it for a realtime defense. Plus, Prevxhelp has been a great help on answering any questions that have been brought up. Two thumbs up.:thumb: :thumb:

Ice

-{ Quote: "Hmmmm, thanks for response. Sounds miiiighty tempting.:)" }-i was tempted and i bought my self 2 copies;)

PrevxHelp

Unbelievable technical support. They have fixed the problem.
Only approx 2.5 hours from my first contact and I presume it is still
Sunday in your part of the world.

Best regards

noel1947

-{ Quote: "i was tempted and i bought my self 2 copies;)" }-Hehe, yeah, I have 6 machines to cover and it's just a little beyond my authority level, the CIO (I) will have to sell it to my CFO (wife).

-{ Quote: "Hehe, yeah, I have 6 machines to cover and it's just a little beyond my authority level, the CIO (I) will have to sell it to my CFO (wife)." }-;D got it:)

I purchased Prevx Edge about a week ago and I love it. Removed a worm last night and the instructions from Prevx Edge were right on and easy to understand. I also have Geswall Pro. I hope I am not getting off topic but I do have a question. I currently have Norton Internet Security 2009 and a subscription that is no where near running out. Would I be better off with OA Premium Firewall and Avira Premium? That might not be a fair question to ask here but I have been reading this Forum for a while before joining and I know I will get honest and unbiased answers.:) :isay:;) Thanks

-{ Quote: "I purchased Prevx Edge about a week ago and I love it. Removed a worm last night and the instructions from Prevx Edge were right on and easy to understand. I also have Geswall Pro. I hope I am not getting off topic but I do have a question. I currently have Norton Internet Security 2009 and a subscription that is no where near running out. Would I be better off with OA Premium Firewall and Avira Premium? That might not be a fair question to ask here but I have been reading this Forum for a while before joining and I know I will get honest and unbiased answers.:) :isay:;) Thanks" }-
If I were you I'd keep NIS 2009. Its detection is outstanding and has minimal impact on system resources.

I think I saw a post about this before but that's a strange little sweet spot they have in their pricing structure, at 1 year, moving from 1 license to 2 is really cheap, and cheaper yet for more but not as generously so as the movement from 1 to 2. There must be some purposeful business reason for that, but it's way over my merely practical engineer head.*puppy*

-{ Quote: "If I were you I'd keep NIS 2009" }-Let's be fair and stay on the thread topic.

Thanks Ambient88 for the answer:) did not mean to get you noticed and I apologize Ronjor for getting off Topic. This was only my second post and first about software. sorry

-{ Quote: "If I were you I'd keep NIS 2009. Its detection is outstanding and has minimal impact on system resources." }-Glad to hear you say that. I have all of my home machines on NIS2009 and the Prevx Edge trial has gone very well on my laptop. It seems so far like a very good potential addition to avoid "all your eggs in one basket"-itis. (On top of WinPatrol+, SWBlaster, MVPShost, OpenDNS and SecuniaPSI - yeah, maybe too many baskets?:P )

P.S. OK, just saw Ronjor's note but my primary interest here IS Prevx Edge, for sure.

-{ Quote: "You don't need to add KIS to the Edge list, but KIS will warn if Edge is installed when you first install KIS. We're trying to get them to change this, but for now, you're going to have to uninstall Edge if you need to reinstall KIS.

We've developed Edge to be compatible with other security software so you don't have to worry about incompatibilities when malware is detected :)" }-

thanks for the head-up.

btw when i installed PrevxEdge, KIS tagged it as riskware.Trojan generic.

Apologies if this has been posted previously, but Joe or EraserHW, can you weigh-in on this topic and Edge's capabilities to detect or prevent it, if possible:

http://www.theregister.co.uk/2009/03/24/persistent_bios_rootkits/

Basically rootkits that dump their payload into BIOS to survive reformats.

Thanks in advance,
Mark.

-{ Quote: "Hi

Not sure if I should post this on this topic. Moderators please move if post is in the wrong section.

Below is copy of message sent to Prevx :

"New customer - great application by the way.
Have been using Prevx Edge for about 2 weeks before my purchase.
Have just received an e-mail from Prevx advising of system infection.
Previous scans have reported my system is infected. The offending files are:-
(a)wscui.cpl
(b)winhttp.dll
I treated these files as false positives and searched google to confirm that these are essential Microsoft files.
I am running Windows 7 build 7057 for evaluation purposes.

Would appreciate if you could confirm above and avise what further action is required on my part.

Regards

xxxxxxxxxxx "

Have any other users had similar problems with above 2 files. They reside in
Windows- System 32 on my comuter.

Any advice/assistance would be appreciated.

noel1947" }-


I have the same issue with those files and Prevx using Win7 build 7057

-{ Quote: "Apologies if this has been posted previously, but Joe or EraserHW, can you weigh-in on this topic and Edge's capabilities to detect or prevent it, if possible:

http://www.theregister.co.uk/2009/03/24/persistent_bios_rootkits/

Basically rootkits that dump their payload into BIOS to survive reformats.

Thanks in advance,
Mark." }-

Hello,

yes, it has been demonstrated a BIOS attack. But it's just a proof of concept hardware-dependent and really hard to exploit. That just doesn't mean it isn't impossible, but I would suggest you to read this blog post: http://www.prevx.com/blog/113/SMM-Rootkits-Less-of-a-threat-than-that-link-you-got-IMd.html

It's about SMM rootkits, but the concept is almost the same :)

Kind regards,
Marco

Thanks Marco - will read it now...!

Best,
Mark.

I am just thinking about one thing.
If we scan new malware under VT or other similar multi-scanning engine and Prevx1 doesn't seem to find malware on that file, will it still protect users?
I mean, if we run malware, Prevx will give a alert about Medium risk malware or something similar? And if it does, it is being sent to Automated malware analysis and if it gets needed info, other users will be protected agains that threat as well?
Am I right? (sorry for misspelling if there is any)

-{ Quote: "I am just thinking about one thing.
If we scan new malware under VT or other similar multi-scanning engine and Prevx1 doesn't seem to find malware on that file, will it still protect users?
I mean, if we run malware, Prevx will give a alert about Medium risk malware or something similar? And if it does, it is being sent to Automated malware analysis and if it gets needed info, other users will be protected agains that threat as well?
Am I right? (sorry for misspelling if there is any)" }-

Yes, the detections given by VT are only a very very small subset of what we actually detect. They use a cut-down version of the scanner which detects only a fraction of what Edge can :)

-{ Quote: "Yes, the detections given by VT are only a very very small subset of what we actually detect. They use a cut-down version of the scanner which detects only a fraction of what Edge can :)" }-

Are they/you able to update it ;)?
Thanks you for replay!

-{ Quote: "Are they/you able to update it ;)?
Thanks you for replay!" }-

Sadly no :( All of the scanners at VT are significantly different from the consumer versions just because they have to be run in a different environment. They don't contain any of the behavioral analysis and most have more time-consuming heuristics disabled because of the nature of the service.

I've noticed quite a few times recently my hard drive activity light running steady for awhile when I have nothing activated to run so I checked my processes and found prevx.exe using about 80-81,000k in memory and 1-3% on cpu activity. I have NOT initiated a scan. What is Edge doing to my computer without any input from me?

-{ Quote: "I've noticed quite a few times recently my hard drive activity light running steady for awhile when I have nothing activated to run so I checked my processes and found prevx.exe using about 80-81,000k in memory and 1-3% on cpu activity. I have NOT initiated a scan. What is Edge doing to my computer without any input from me?" }-

This could sound like a scheduled scan is running - could you check your scheduler settings and see if they're set to approximately one hour around the time the increased activity happens?

-{ Quote: "
Also FWIW - the Edge heuristics for Age/Popularity apply primarily to real infections so just modifying an exe would make it new so it would appear to fall under the "young" age/"low" popularity, but there may be other factors which made it pass through heuristics (like location on the system, behaviors seen from the file, etc.)" }-

Do Age/Popularity heuristics apply to installers?

-{ Quote: "Do Age/Popularity heuristics apply to installers?" }-

They apply primarily to the files after the initial installation but depending on the installer it may also trigger Age/Popularity as well.

-{ Quote: "This could sound like a scheduled scan is running - could you check your scheduler settings and see if they're set to approximately one hour around the time the increased activity happens?" }-

Bingo, that was it. It was scheduled to scan when the computer is off (i.e. I'm at work), but it was checked to scan after bootup if it missed the scheduled time.

I never bothered looking at that before as I never felt the need to do scheduled scanning since I initiallly installed it because of it's realtime protection. Is that perhaps a redundant setting or am I missing something? Thanks for the super quick answer though!

-{ Quote: "Bingo, that was it. It was scheduled to scan when the computer is off (i.e. I'm at work), but it was checked to scan after bootup if it missed the scheduled time.

I never bothered looking at that before as I never felt the need to do scheduled scanning since I initiallly installed it because of it's realtime protection. Is that perhaps a redundant setting or am I missing something? Thanks for the super quick answer though!" }-

Scheduled scanning is largely a redundant feature but many users like that extra level of assurance for security :) The one benefit of it is that it rechecks a lot of files with our database so it can improve performance once we change a new file from "unknown" to "trusted" which tells Edge to significantly reduce the amount of data it bothers collecting, so, if you do experience any slowdown/lagging, just run another scan and it should improve performance :)

-{ Quote: "Scheduled scanning is largely a redundant feature but many users like that extra level of assurance for security :) The one benefit of it is that it rechecks a lot of files with our database so it can improve performance once we change a new file from "unknown" to "trusted" which tells Edge to significantly reduce the amount of data it bothers collecting, so, if you do experience any slowdown/lagging, just run another scan and it should improve performance :)" }-

Got it, thanks!

anybody experience increase shutdown time after installing Prevx?

from 10secs shutdown time, now it goes to 30secs shutdown time....thats almost 20secs increase of shutdown time. Is there any scanning Prevx do when shutting OFF PC? I'm using default setting.

-{ Quote: "anybody experience increase shutdown time after installing Prevx?

from 10secs shutdown time, now it goes to 30secs shutdown time....thats almost 20secs increase of shutdown time. Is there any scanning Prevx do when shutting OFF PC? I'm using default setting." }-

Hello,
Edge actually doesn't do anything during shutdown so I'd be surprised if it actually is increasing the time or if it is a case of the Heisenberg Uncertainty Principle ;D If you would like, send me a PM and I'll see if there is anything in your scan log which would indicate a possible bad interaction.

Can I run PrevX Edge parallel with NOD32?

-{ Quote: "Can I run PrevX Edge parallel with NOD32?" }-

Yes :) You can use it alongside NOD32 and any other antivirus/security solution :)

-{ Quote: "Hello,
Edge actually doesn't do anything during shutdown so I'd be surprised if it actually is increasing the time or if it is a case of the Heisenberg Uncertainty Principle ;D If you would like, send me a PM and I'll see if there is anything in your scan log which would indicate a possible bad interaction." }-

thanks!

i'll send it to you later.

btw, do you have incoming discount or promo? :)

-{ Quote: "Yes :) You can use it alongside NOD32 and any other antivirus/security solution :)" }-

Thanks for the quick answer. I am currently on the "Buy Now" page... searching for a coupon code...

-{ Quote: "thanks!

i'll send it to you later.

btw, do you have incoming discount or promo? :)" }-

Nothing in particular at the moment but we do have a discount if you purchase a multi-year license or if you purchase a multi-computer license :)

Never mind discount code. I just purchased a 1-year license. Thanks for this great program.

But I have an issue, it flags PS3 Media Server as malware (and this is 100% not malware)...

Well, I took the plunge and bought 6 licenses last night.

Problem getting it installed at all on one laptop. Then I noticed NIS2009 icon was not displayed and I could not start its GUI interface. A safe mode full scan with NIS2009 came up negative.

I used the Norton Removal tool to deinstall NIS2009 and re-downloaded the NIS2009 install.

I am currently backing this machine up with IFW while I download latest Norton Recovery Tool ISO to burn, boot from and run after the backup is complete.

Next, I will try reinstall of NIS2009.

THEN, I will retry install of Prevx Edge.

Any guidance advice on my plan?

How can I exclude drives or folders from being scanned?

Help file:
http://info.prevx.com/edgehelp.asp

soft, see detection overrides.

"Detection Overrides provide the user with the ability to change the default Edge behavior when it encounters specific files or folders. To add an override, click the "Add Override" button. This will open a dialog which will allow you to browse to a file or folder which you would like to modify the Edge behavior over.

If you select a folder, the folder will continue to be scanned but no detections will be reported. Edge will prevent you from selecting certain system folders from being excluded from the scan to prevent malicious software from exploiting the feature to evade detection."

Folks,

Can anyone confirm that PE is *Fully* Vista x64 compatible?.Has anyone had any issue's.

TIA

-{ Quote: "Folks,

Can anyone confirm that PE is *Fully* Vista x64 compatible?.Has anyone had any issue's.

TIA" }-

It has been developed to be a native x64 application and is fully compatible with x64 :)

-{ Quote: "It has been developed to be a native x64 application and is fully compatible with x64 :)" }-

Thanks PrevxHelp,

I'll take the eval. ver. for a test drive on the new Asus G50vt, Vista home premium x64 box.

Joe, just checking to make sure that the option Block All will still be added one day.

-{ Quote: "Joe, just checking to make sure that the option Block All will still be added one day." }-

Just to clarify - block all meaning the automatic block function? That will be in the next release we put out (as well as a more logical Block dialog :))

Correct, so like on my kids PC, they dont get the option, it just blocks. The one reason I cant use a HIPS on their PCs, is, they have no idea.;)

-{ Quote: "Correct, so like on my kids PC, they dont get the option, it just blocks. The one reason I cant use a HIPS on their PCs, is, they have no idea.;)" }-this will be a good feature from prevx edge;)

-{ Quote: "Correct, so like on my kids PC, they dont get the option, it just blocks. The one reason I cant use a HIPS on their PCs, is, they have no idea.;)" }-

teach them the ways of HIPS :P lol sit them down and give them a lesson on it like theyre at school, haha ;D

-{ Quote: "Correct, so like on my kids PC, they dont get the option, it just blocks. The one reason I cant use a HIPS on their PCs, is, they have no idea.;)" }-
When the (Block all option) version comes out. I will buy the multi-computer license so I can use it on my kids PC too. :thumb:

Well, I FINALLY got my 6th license installed, 18 hours after buying them for the family network machines! Still got problems on that laptop, have recurrent chkdsk, can't get NIS2009 reinstalled so that it will open gui - cranking on it with Dr.Web right now.>:(

Although there were a few obvious false positives, Prevx Edge spotted and cleaned about a half dozen actual bad actors from several machines, a couple in the high threat class.:thumb:
I love the MyPrevx console to get the overall picture!