-{ Quote: "Hi

when ever i use multiples security, i have used bit defender for 3 years now, their support always will blame any other security software for my problems, they always tell me to uninstall all other security software/" }-
Yeah, that may be true, but you will find the support from Prevx a tad bit different. Ya see, if they stepped on your toe, they will tell you.

Work with them, not against them.;)

-{ Quote: "Seems Edge and CSI may be the same app with less features turned on in CSI.

If CSI is installed first then the CSI gui comes up at installing Edge?" }-

That is correct - both use the same back end. You will have to uninstall CSI and then reinstall as Edge to get the Edge features (or put an Edge license into CSI and it will automatically up-convert to Edge).

Edge does duplicate everything in CSI, so, you'll be covered :)

-{ Quote: "Hi

when ever i use multiples security, i have used bit defender for 3 years now, their support always will blame any other security software for my problems, they always tell me to uninstall all other security software/" }-

This is a relatively standard response by antivirus companies. We tend to think differently and recommend that users be as protected as they want by using as many products as they can :) We won't tell you to uninstall any software you have installed, rather, we will make our software work around any incompatibilities you may experience.

If you are running into a problem with Bitdefender + Edge, please let us know and we'll investigate the issue further :)

-{ Quote: "Yeah, that may be true, but you will find the support from Prevx a tad bit different. Ya see, if they stepped on your toe, they will tell you.

Work with them, not against them.;)" }-


i just dont think bit defender like you using other apps, they told me to get rid of a squared even though i only used it as an on demand scanner

-{ Quote: "i just dont think bit defender like you using other apps, they told me to get rid of a squared even though i only used it as an on demand scanner" }-
well then, I would say the heck with BitDefender. And it would not be the first time I said it. I mean come on, you were talking about using A-Square on demand and they said that was the issue! Talk to the Prevx guys here and see how they can help but I would not keep a product that used that as an excuse. Get Dr Web and Edge.;)

-{ Quote: "well then, I would say the heck with BitDefender. And it would not be the first time I said it. I mean come on, you were talking about using A-Square on demand and they said that was the issue! Talk to the Prevx guys here and see how they can help but I would not keep a product that used that as an excuse. Get Dr Web and Edge.;)" }-

Kaspersky even prevents installation of their AV if the user has CSI installed... CSI is a completely on-demand program. :(

Some AV companies are apparently very strict about their monopolize security policies. It is understandable in some cases where incompatibilities exist, but we disagree and prefer to work with other products :)

-{ Quote: "well then, I would say the heck with BitDefender. And it would not be the first time I said it. I mean come on, you were talking about using A-Square on demand and they said that was the issue! Talk to the Prevx guys here and see how they can help but I would not keep a product that used that as an excuse. Get Dr Web and Edge.;)" }-

well i have only 60 days left of licence and at the moment on my vista partition which is my main one i have norton, but i do like the set up edge, i would like to run it with prevx 2.0 and i have never tried dr web, what are its detection figures like

when will prevx 2.0 be out of beta for vista, and will edge be recognised by vista security centre as an anti virus, i think that is the same issue for prevx 2

-{ Quote: "well i have only 60 days left of licence and at the moment on my vista partition which is my main one i have norton, but i do like the set up edge, i would like to run it with prevx 2.0 and i have never tried dr web, what are its detection figures like" }-
They would compliment Edge very well.

-{ Quote: "They would compliment Edge very well." }-
well on your recommendation Trjam im going to download dr web 30 day trial now, and run it for 30 days on xp any advice on firewall or would you use xp's

XP my friend

-{ Quote: "Hello,
We will have a new test version out later today which would be very helpful if you wouldn't mind trying out :) Or, one of our researchers can connect to your comp now and help you solve it immediately." }-

OK I will wait for the new version.

About the connection of one of the Prevx researchers we have to postpone it to tomorrow unless everything goes well with the new version.

Let me also say that I still bought a license. One more license to help this project to go on to a higher stage. I'm quite confident on it.

-{ Quote: "when will prevx 2.0 be out of beta for vista, and will edge be recognised by vista security centre as an anti virus, i think that is the same issue for prevx 2" }-

Prevx2 is fundamentally incompatible with Vista's UAC so it won't be out of beta.

Edge will be recognized by the Vista Security Center in one of the next updates :)

-{ Quote: "OK I will wait for the new version.

About the connection of one of the Prevx researchers we have to postpone it to tomorrow unless everything goes well with the new version.

Let me also say that I still bought a license. One more license to help this project to go on to a higher stage. I'm quite confident on it." }-

We are still working on some upgrades, so, the update may not be released just yet. When you get a chance, let me know. If we don't release the update today, we can try it on your system or check your system to see if the update would fix it.

These compatibility problems are always difficult to address as they are very "hit and miss", which is why many AVs tend to say "No, you can't use any other product except ours".

-{ Quote: "Prevx2 is fundamentally incompatible with Vista's UAC so it won't be out of beta.

Edge will be recognized by the Vista Security Center in one of the next updates :)" }-

that is a shame i wanted to run it on vista,with edge does disabling the uac make prevx 2.0 run without any problem

-{ Quote: "that is a shame i wanted to run it on vista,with edge does disabling the uac make prevx 2.0 run without any problem" }-

If you disable UAC, you can use Prevx 2.0 on Vista, however, you can use Edge with UAC enabled if you want as Edge is fully compatible with Vista.

-{ Quote: "Hi thanks for your response. The infection was not on before I used Prevx. It happened whilst I was using it, and it did not prevent it from installing enough components to function. Unfortunately I do not trust a system that has had a rootkit on it, so acronis was the only answer for me. If its a stealth rootkit, you never know which bits are still on there and working. I am not knocking the new prevx, but it does not hold enough confidence for me to run as an only program. I have been running NIS for some time and never had a problem ( confirmed by other scans such as MBAM) I have prevx on for one day, get hosed. I guess it is good to run along side other programs but not what I was looking for." }-

In future, sample submissions would be very useful in this case, I am really at a loss as to how this could happen ???

-{ Quote: "In future, sample submissions would be very useful in this case, I am really at a loss as to how this could happen ???" }-
Hi, Thanks for taking time out to read this and assist.
Although I don't have the files any more as I did acronis back, I will pm you with the link to where I got hosed. Hopefully that will help.

Rollers

Thanks, I'll report back any findings.

Still running with no problems. Only thing I have added is Sandboxie. The two work excellently together.

is the new trial out yet, the one with the real-time protection enabled for a certain amount of time?

-{ Quote: "is the new trial out yet, the one with the real-time protection enabled for a certain amount of time?" }-

Hello,
No it is not yet. We will let you know when we have finalized everything :)

ok, hopefully it will be out soon ;D

where do you people get test malware files from

-{ Quote: "where do you people get test malware files from" }-

People like me. ;)

Ive managed to replicate a few of the issues stated in this thread and have made contact with other team members to resolve said issues as quickly as possible.

We do appreciate everyones input so far and much appreciate all those who are testing the beta and full releases.

My signature is what I use. Each time I tried Edge I removed TF and trusted Edge in DW and Avira.
I have had problems with hang ups when starting and shutting down, and with Edge starting in the Enabled position.
Too frequently I've had to Enable Edge and reboot. Then I get 2 Edge icons for awhile. One of them eventually goes away. An hour ago I booted my pc and had to reboot to enable Edge just to see it become disabled 20 minutes later.
I have not had these problems with any other application.
Later this week I'll be installing a new hard drive and doing a clean install of XP Pro w/SP3.
And I'll try Edge again.
I've removed Edge and cleaned my system of whatever remnants I could find.
No more hang ups.
This isn't a complaint. Just my own experiences with Edge.
I'd be happier if it worked for me because when it is working right it's nice and light.
Hugger

-{ Quote: "My signature is what I use. Each time I tried Edge I removed TF and trusted Edge in DW and Avira.
I have had problems with hang ups when starting and shutting down, and with Edge starting in the Enabled position.
Too frequently I've had to Enable Edge and reboot. Then I get 2 Edge icons for awhile. One of them eventually goes away. An hour ago I booted my pc and had to reboot to enable Edge just to see it become disabled 20 minutes later.
I have not had these problems with any other application.
Later this week I'll be installing a new hard drive and doing a clean install of XP Pro w/SP3.
And I'll try Edge again.
I've removed Edge and cleaned my system of whatever remnants I could find.
No more hang ups.
This isn't a complaint. Just my own experiences with Edge.
I'd be happier if it worked for me because when it is working right it's nice and light.
Hugger" }-

Thank you for your information. We are still working to correct some incompatibilities and will have a new version shortly.

Intended too keep Edge for a couple of weeks, but its not reliable on my system.

Trayicon sometimes shows sometimes not though I can see it in TMGR. Sometimes evaluation monitoring is on sometimes not.

I was just curious - dont think I really need it. So its off and it didnt uninstall totally smoothly either.

Best Regards

-{ Quote: "Intended too keep Edge for a couple of weeks, but its not reliable on my system.

Trayicon sometimes shows sometimes not though I can see it in TMGR. Sometimes evaluation monitoring is on sometimes not.

I was just curious - dont think I really need it. So its off and it didnt uninstall totally smoothly either.

Best Regards" }-

For what its worth, what didn't uninstall properly with in?

I got amessage that it might not have uninstalled properly and I should do it again - at least remove the folder. After that I cleaned with Clary, Eusing and C Cleaner and my PC is back to speed.

Hugger and me seems to have equal setup. Have Edge team ever tried Edge against such a setup? I am not savvy enough to help you evaluate. Edit; sorry I saw he has a lot I dont.

Best Regards

-{ Quote: "Hugger Premium Security Suite:
Defensewall, Shadow Protect Desktop, Shadow Defender, Avira Premium, Threatfire free, SAS on demand, Spyware Blaster, router w/firewall, prayer and a tiny bit of common sense." }-

This is not intended to make fun of or disrespect your setup but if you put that much on my shoulders,I doubt I could get much done either.

That is indicitive of gross overkill and a pure assault on any kernel.

Ive run edge directly beside full version of Avira ISS and have not once in 4 months of testing ever had a slow start or slow shutdown,so my common sense says you just went to one too many Police Officers in House.

For any future testing,this type of setup is not good for a fully biased and fair opinion.

A single Internet Security Suite and then testing edge is fine but add in all the other trimmings this is gonna yield inaccurate and un usable results.

-{ Quote: "well on your recommendation Trjam im going to download dr web 30 day trial now, and run it for 30 days on xp any advice on firewall or would you use xp's" }-

Privatefirewall, Online Armor, Comodo, Sunbelt

rec. 4 av: drweb, fprot, nod32

Nice.... :)
I'll get it as soon as a free key promotion is on ;D

-{ Quote: "This is not intended to make fun of or disrespect your setup but if you put that much on my shoulders,I doubt I could get much done either.

That is indicitive of gross overkill and a pure assault on any kernel.

Ive run edge directly beside full version of Avira ISS and have not once in 4 months of testing ever had a slow start or slow shutdown,so my common sense says you just went to one too many Police Officers in House.

For any future testing,this type of setup is not good for a fully biased and fair opinion.

A single Internet Security Suite and then testing edge is fine but add in all the other trimmings this is gonna yield inaccurate and un usable results." }-

Welcome to Wilders, where we like to run our own suites :thumb:

-{ Quote: "This is not intended to make fun of or disrespect your setup but if you put that much on my shoulders,I doubt I could get much done either.

That is indicitive of gross overkill and a pure assault on any kernel.

Ive run edge directly beside full version of Avira ISS and have not once in 4 months of testing ever had a slow start or slow shutdown,so my common sense says you just went to one too many Police Officers in House.

For any future testing,this type of setup is not good for a fully biased and fair opinion.

A single Internet Security Suite and then testing edge is fine but add in all the other trimmings this is gonna yield inaccurate and un usable results." }-

Threatfire was uninstalled. DW and Avira Personal Premium were active.
I'm hoping Edge works outr so that Avira can then be used on demand.Spyware Blaster just sits there not bothering anything and all others are on demand as needed.
I don't understand how that's overkill.
Hugger

Edit: Since the others have been working well together the logical conclusion is that the weak link was Edge. To suggest that I lose my other porgrams so that Edge can work is not logical

-{ Quote: "Kaspersky even prevents installation of their AV if the user has CSI installed... CSI is a completely on-demand program. :(

Some AV companies are apparently very strict about their monopolize security policies. It is understandable in some cases where incompatibilities exist, but we disagree and prefer to work with other products :)" }-

On the bright side, it'd appear Kaspersky's GSI parser doesn't identify CSI as potentially incompatible software :)

Perhaps the installation issue is more of making sure their product gets properly installed w/o any other application interfering? Just a thought.

-{ Quote: "On the bright side, it'd appear Kaspersky's GSI parser doesn't identify CSI as potentially incompatible software :)

Perhaps the installation issue is more of making sure their product gets properly installed w/o any other application interfering? Just a thought." }-

Sure, I wouldn't doubt it. They're just looking to make sure that the product which their user downloaded/purchased will work on the destination computer.

I swapped my Prevx 2 license for a Edge license. After entering new key in Prevx 2 (initially I thought the Prevx site was telling me to enter the key in the opening/main screen of CSI; but there is no such screen) it still works as Prevx 2. I saw in a post above that CSI has to be uninstalled to run Edge. Is that true?

I was initially (and maybe still) confused about the roles of Prevx 2, Edge and CSI. They do not have a clear statement about what to use with what. Lots of feature lists; but not necessarily understandable to someone not into this whole thing as a competitive sport. Anyway.

My current understanding - PrevxEdge is essentially Prevx 3. It also replaces CSI. Apparently entering the new key in the Prevx 2 should make it magically change to Edge. Is that correct? If not could someone please explain.

-{ Quote: "I swapped my Prevx 2 license for a Edge license. After entering new key in Prevx 2 (initially I thought the Prevx site was telling me to enter the key in the opening/main screen of CSI; but there is no such screen) it still works as Prevx 2. I saw in a post above that CSI has to be uninstalled to run Edge. Is that true?

I was initially (and maybe still) confused about the roles of Prevx 2, Edge and CSI. They do not have a clear statement about what to use with what. Lots of feature lists; but not necessarily understandable to someone not into this whole thing as a competitive sport. Anyway.

My current understanding - PrevxEdge is essentially Prevx 3. It also replaces CSI. Apparently entering the new key in the Prevx 2 should make it magically change to Edge. Is that correct? If not could someone please explain." }-

Minor confusion going on here, most likely because the website isn't completely clear.

Edge (aka Prevx 3) and Prevx 2 are different but achieve the same goal - securing the system. Prevx 2 does it by using HIPS style notifications to tell the user when behaviors are happening, however, Edge does it silently and analyzes behaviors primarily in the background (Edge is also lighter and has newly upgraded heuristics, and compatible with Vista).

Edge also duplicates all of the functionality of CSI. If you want to get Edge, you can either download it from our website directly or you can insert a valid Edge license into a copy of CSI running v3.0.0.172 and it will upconvert into Edge automatically.

I hope that helps, if not, please let me know. We will be improving our product placement clarity soon, and we are still going to be making a userguide to help clear up any additional confusion.

What do you mean enter the key into CSI. I can find no way to do that.

-{ Quote: "What do you mean enter the key into CSI. I can find no way to do that." }-

In CSI, on the front screen, there is an option called "License Information". If you click that, it will open a screen which says "Get License" and a box to insert a license with an Activate button next to it.

Let me know your results :)

CSI has no screens. Prevx has a screen. Entering in Prevx changed nothing.

-{ Quote: "CSI has no screens. Prevx has a screen. Entering in Prevx changed nothing." }-

Not sure what you mean. What version of CSI are you using? It should show it on the bottom right corner. If you look on: http://www.prevx.com/freescan.asp there is a screenshot of CSI - that is where the License Information page is.

Personally I'll stick with PrevxCSI since I don't fancy running anything in real-time,however light on resources,that doesn't actually block any malware.One big annoyance for me is that the same old false positives are there despite me reporting them on numerous occasions (DriveimageXML is not malicious!)

That aside I do like CSI and Edge looks very promising,good to see Prevx back at last.

-{ Quote: "Personally I'll stick with PrevxCSI since I don't fancy running anything in real-time,however light on resources,that doesn't actually block any malware.One big annoyance for me is that the same old false positives are there despite me reporting them on numerous occasions (DriveimageXML is not malicious!)

That aside I do like CSI and Edge looks very promising,good to see Prevx back at last." }-

Not sure who was handling your false positives, but could you save a CSI scan log? I'll correct them immediately :)

-{ Quote: "Not sure who was handling your false positives, but could you save a CSI scan log? I'll correct them immediately :)" }-
Yes I'd be delighted to;D

-{ Quote: "Yes I'd be delighted to;D" }-

Oops, didn't notice the attachment :-[ I've corrected the false positives now - if you rescan, they won't be found anymore :)

-{ Quote: "Oops, didn't notice the attachment :-[ I've corrected the false positives now - if you rescan, they won't be found anymore :)" }-

Thanks for the quick response,keep up the good work!:thumb:

I disvocered the CSI screen. The CSI icon does not work like the Prevx icon. Right clicking on it does not bring up a complete list of options (like the oft mentioned front screen). I just never tried left clicking it because of my familiarity with the method in Prevx. I assumed same vendor, same interface.

I thought the only place to execute CSI is from the actual folder in Program Files. There is no option in the start menue folder that installation or something created for start CSI. Only one that says scan my computer. Those do not mean the same thing. Why not make that lable descriptive. For the last many months, csi just started at boot. I did not have to do anything.

Edge indeed appeared and failed immediatly. DR Watson sent a report to MS. Tried starting again and it now says I have to reboot the PC. I swear I say it stated in your literature that you don't do that.

-{ Quote: "Minor confusion going on here, most likely because the website isn't completely clear.

Edge (aka Prevx 3) and Prevx 2 are different but achieve the same goal - securing the system. Prevx 2 does it by using HIPS style notifications to tell the user when behaviors are happening, however, Edge does it silently and analyzes behaviors primarily in the background (Edge is also lighter and has newly upgraded heuristics, and compatible with Vista).

Edge also duplicates all of the functionality of CSI. If you want to get Edge, you can either download it from our website directly or you can insert a valid Edge license into a copy of CSI running v3.0.0.172 and it will upconvert into Edge automatically.

I hope that helps, if not, please let me know. We will be improving our product placement clarity soon, and we are still going to be making a userguide to help clear up any additional confusion." }-

PrevX I really have to compliment you: http://www.wilderssecurity.com/showpost.php?p=1156681&postcount=3

Quotes from this "post for argument sake" have been tackled:

PrevX uses to many technology to be the champion of its category (using many technologies, means many competitors, which makes it hard to describe your relative advantage). Examplary is how they advertise PrevX2 " If anyone else in the community has ever seen a malicious file, which is about to attack your machine, then it will automatically be blocked from harming you. If you're the first person ever to see a particular malicious file, then all Prevx2.0's defences will be deployed to understand and intercept the file, before it causes you any harm" So I am protected either way? What is the use of community protection then, when all PREVX defences are sufficient by itself?

Edge has become a clearer application for me now:
When I would be the first one to encounter a threat (intrusion), Edge would mark it as suspicious and silently watch its behaviour with a higher level of alert. In the mean time it would be sent to the central (CSI like) automated analysis centre. There the decision would be made to qualify it good or bad (after automated/professional analysis and not by empty headed community voting)

Question: does Edge watch marked suspicious items with a higher alert level (until answer is received from the community analysis process)? How does it bridge the time between zero day and threat identification? Does it place these 'researched threats' in a temporary locker/vault/quarantaine?

Thanks Kees

yep, took it off for 3 days, mainly to try a new HIPS. Did not take me long to realize how much I missed it and how well it worked. I may never fully understand HIPS products, but I do understand Edge.;) :thumb:

-{ Quote: "I disvocered the CSI screen. The CSI icon does not work like the Prevx icon. Right clicking on it does not bring up a complete list of options (like the oft mentioned front screen). I just never tried left clicking it because of my familiarity with the method in Prevx. I assumed same vendor, same interface.

I thought the only place to execute CSI is from the actual folder in Program Files. There is no option in the start menue folder that installation or something created for start CSI. Only one that says scan my computer. Those do not mean the same thing. Why not make that lable descriptive. For the last many months, csi just started at boot. I did not have to do anything.

Edge indeed appeared and failed immediatly. DR Watson sent a report to MS. Tried starting again and it now says I have to reboot the PC. I swear I say it stated in your literature that you don't do that." }-

Hello,
Over the last few months we have made significant improvements to CSI but have not changed the shortcuts during an update because that tends to annoy users (restoring, changing possibly deleted shortcuts). You don't have to do anything with CSI (it automatically scans, etc.) but you can now do things with CSI if you want as we've added a number of new features.

I've PM'd you a link to an update for Edge. If you could install this, I believe it will correct your problems. We will be releasing it as an update shortly.

-{ Quote: "
Edge has become a clearer application for me now:
When I would be the first one to encounter a threat (intrusion), Edge would mark it as suspicious and silently watch its behaviour with a higher level of alert. In the mean time it would be sent to the central (CSI like) automated analysis centre. There the decision would be made to qualify it good or bad (after automated/professional analysis and not by empty headed community voting)

Question: does Edge watch marked suspicious items with a higher alert level (until answer is received from the community analysis process)? How does it bridge the time between zero day and threat identification? Does it place these 'researched threats' in a temporary locker/vault/quarantaine?" }-

You hit the nail on the head :) That is precisely how it works - except we don't only watch samples when you are the first person to encounter a threat, we watch them and build information on the file across thousands of users as many threats appear differently to different users (different configurations, different IP addresses, etc.) and we do not use community voting at all like some of the other vendors do.

Until a program is completely determined as "good", Edge monitors and learns about hundreds of unique program behaviors to attempt to build the clearest picture of a threat possible. If a file is really "borderline", it may be submitted into our server-side sandboxing system where we can tear it apart piece by piece. If it still can't be decided upon quickly, one of our researchers will get notified and will analyze it manually and write heuristic rules to teach the DB how to block similar threats in the future (however, in most cases, malware is blocked before it even needs to get through any of these processes).

Threat identification is generally immediate, however, sometimes it may take a few minutes and during that time, Edge will continue to monitor and track what the program is doing, so, if it does turn out to be bad, Edge will be able to remove any malicious registry entries associated with the file and close down any other pieces of malware associated with it.

Hope that helps! :)

Just an update, running extremely well alongside Avast!, sandboxie and Shadow Defender (on demand).

The first few days or so, many applications were being 'analysed' for a few seconds before startup, but now it seems everything (all applications and web browsing) loads and responds as if the program wasn't even loaded in the first place.

:)

My two cents:

Running KIS 2009, PrevX Edge and Malware Defender 1.2.1 (Overkill ?! ::) ).

Works fine here...


H

-{ Quote: "My two cents:

Running KIS 2009, PrevX Edge and Malware Defender 1.2.1 (Overkill ?! ::) ).

Works fine here...


H" }-


Um, yeah. That's a bit much.

-{ Quote: "You hit the nail on the head :)

Threat identification is generally immediate, however, sometimes it may take a few minutes and during that time, Edge will continue to monitor and track what the program is doing, so, if it does turn out to be bad, Edge will be able to remove any malicious registry entries associated with the file and close down any other pieces of malware associated with it.

Hope that helps! :)" }-


Great thx, just an additional question (and I hope you say ney, otherwise Edge really has to much of an edge over the top of breed competition)

Does Edge do registry key and file tracking (like ThreatFire) or does it also keep track of the changes (like Spyberus). In the last case a value change from say 10 to 20 could be revoked to 10 again.

Nice to see that behavior blocking indeed is using virtualisatioin to gain time for analysis of patterns (as predicted :) )

-{ Quote: "In the last case a value change from say 10 to 20 could be revoked to 10 again. " }-

I will have to say nay (for now) to this :) Our implementation is not quite this advanced.... yet.... but we are developing this extended system currently. The only reason why it is not completely in the current version is that it does require some additional overhead to store backup copies of every value, when most values that are changed will not turn out to be malicious, but, we are working on an optimal solution which will be pushed out to all clients as an update in a few weeks when it has been thoroughly tested and proven :)

As well as this extended feature, we have a number of other exciting improvements, so, stay tuned ;D Prevx is not sitting idle at all ;D

Hi,

A couple of questions?

1) If I run a exe file via Sandboxie, if it exhibits malware charactistics will EDGE flag it even though its been run within a sandbox?

2) There is the option to manually detect a file that you know is malware and prevx does not detect. As soon as you do this PREVX recognises it as malware on your computer. If you double click on the detection you can then see the file on Prevx database and it generally gets listed as 'These files have yet to be determined.......'

If another user clicks on the same exe file, will it get listed as malware on their Prevx Edge as well or will the file be allowed to run untill its determined as malware on the database (or of course if it trips you central heuristcs it will do this automatically)

Sorry for the lenthy question!

Best wishes

Jlo

Does Prevx have regular signature updates like AVs? I'm using it right now as my AV.

-{ Quote: "My two cents:

Running KIS 2009, PrevX Edge and Malware Defender 1.2.1 (Overkill ?! ::) ).

Works fine here...


H" }-

Not too much for me, if it works. KIS won't install, though, if Prevx is already on the machine.

-{ Quote: "Hi,

A couple of questions?

1) If I run a exe file via Sandboxie, if it exhibits malware charactistics will EDGE flag it even though its been run within a sandbox?

2) There is the option to manually detect a file that you know is malware and prevx does not detect. As soon as you do this PREVX recognises it as malware on your computer. If you double click on the detection you can then see the file on Prevx database and it generally gets listed as 'These files have yet to be determined.......'

If another user clicks on the same exe file, will it get listed as malware on their Prevx Edge as well or will the file be allowed to run untill its determined as malware on the database (or of course if it trips you central heuristcs it will do this automatically)
" }-

(Lengthy questions are always preferred :) My responses tend to be just as lengthy so I deserve some retaliation!! ;D)

1) We haven't tried running malware from within a sandbox and seeing what Edge can see but I'd imagine that if the sandbox was working properly, Edge would not be able to see the behavior as the sandbox would isolate it from reaching the system at all. I also don't know how the internals of Sandboxie work

2) Our Community approach does not take the opinions of the users in the community, rather, it looks at the behavior of programs on the computers in the community. Therefore, even if 5,000 users mark a file as 'Good' in Edge, it will not automatically mark it as good in the database. This prevents Mr. Malware Author from getting a bunch of computers together and fooling us into thinking it is good.

The same goes in the opposite direction - if 5,000 people mark a file as bad, it will not be automatically changed to bad (as there is the possibility that Mr. Malware Author just wants to discredit us by marking good files as bad).

In both cases, samples with overridden determinations, either good or bad, are sent into manual analysis or deeper automated server-side analysis, so, there will be some delay from when you override to when we actually change the global determination.

However, if you do have overrides on malware to block them, feel free to let any of the Prevx people here know and we can mark them as bad immediately. Going through the overrides every day does take time and logic to reason through and sort out the incorrect user overrides, so, it would be faster if you send the samples in question through to us directly (we will provide you with email addresses, etc. and we are in the process of developing a sample submission system to help out in automated analysis of manual overrides).

I hope my verbosity make you dismiss the message! ;D Let me know if you have any further questions!

-{ Quote: "Not too much for me, if it works. KIS won't install, though, if Prevx is already on the machine." }-

KIS appears to check for the registry key HKEY_LOCAL_MACHINE\Software\PCSI, which is our main registry key (just has a couple values in it).

If you want to get Edge/CSI to work alongside KIS, you will want to first uninstall our products, make sure that the key is removed completely, and then install KIS and after that install Edge/CSI on top.

This has worked for users that have come into our inbox with the question, but if not, please let us know and we'll try and find another workaround :)

-{ Quote: "Does Prevx have regular signature updates like AVs? I'm using it right now as my AV." }-

We have extremely regular signature updates, but they are nothing like normal AVs. We add literally thousands of new samples every hour to our definitions and heuristics, but everything takes place on the Community-side, so, you never need to download updates - the clients just check against the newest definitions on the server.

well, i must say.

I do love the new version, like a kid with a new toy. ::)

so, have i mis-read something, or are more security-features for the EDGE product on its way via updates?

-{ Quote: "(Lengthy questions are always preferred :) My responses tend to be just as lengthy so I deserve some retaliation!! ;D)

1) We haven't tried running malware from within a sandbox and seeing what Edge can see but I'd imagine that if the sandbox was working properly, Edge would not be able to see the behavior as the sandbox would isolate it from reaching the system at all. I also don't know how the internals of Sandboxie work
" }-

From my experiences using Edge and Sandboxie together, Edge will see and block malware if it starts to run in the sandbox. Pretty much the same as using an AV together with Sandboxie. Programs outside the sandbox can look in but programs in the sandbox can't look out.

-{ Quote: "(Lengthy questions are always preferred :) My responses tend to be just as lengthy so I deserve some retaliation!! ;D)

1) We haven't tried running malware from within a sandbox and seeing what Edge can see but I'd imagine that if the sandbox was working properly, Edge would not be able to see the behavior as the sandbox would isolate it from reaching the system at all. I also don't know how the internals of Sandboxie work

2) Our Community approach does not take the opinions of the users in the community, rather, it looks at the behavior of programs on the computers in the community. Therefore, even if 5,000 users mark a file as 'Good' in Edge, it will not automatically mark it as good in the database. This prevents Mr. Malware Author from getting a bunch of computers together and fooling us into thinking it is good.

The same goes in the opposite direction - if 5,000 people mark a file as bad, it will not be automatically changed to bad (as there is the possibility that Mr. Malware Author just wants to discredit us by marking good files as bad).

In both cases, samples with overridden determinations, either good or bad, are sent into manual analysis or deeper automated server-side analysis, so, there will be some delay from when you override to when we actually change the global determination.

However, if you do have overrides on malware to block them, feel free to let any of the Prevx people here know and we can mark them as bad immediately. Going through the overrides every day does take time and logic to reason through and sort out the incorrect user overrides, so, it would be faster if you send the samples in question through to us directly (we will provide you with email addresses, etc. and we are in the process of developing a sample submission system to help out in automated analysis of manual overrides).

I hope my verbosity make you dismiss the message! ;D Let me know if you have any further questions!" }-

Thank you for the excellent answers.

Best wishes

Jlo

I agree with you CSJ, Edge has permanently taken the place of an AV on my computer.

-{ Quote: "well, i must say.

I do love the new version, like a kid with a new toy. ::)

so, have i mis-read something, or are more security-features for the EDGE product on its way via updates?" }-

Oh yes ;D While they won't be released for a few weeks, we have a number of security-related features that will be incrementally added into Edge, coming down to clients via automatic updates.

(Note: We do have an update scheduled for later today in Edge as well which fixes a lot of the compatibility issues with other AVs)

-{ Quote: "From my experiences using Edge and Sandboxie together, Edge will see and block malware if it starts to run in the sandbox. Pretty much the same as using an AV together with Sandboxie. Programs outside the sandbox can look in but programs in the sandbox can't look out." }-

Brilliant. thats just what I wanted to know.

Jlo

-{ Quote: "From my experiences using Edge and Sandboxie together, Edge will see and block malware if it starts to run in the sandbox. Pretty much the same as using an AV together with Sandboxie. Programs outside the sandbox can look in but programs in the sandbox can't look out." }-

Good to know! Thanks for the clarification :)

No problem!!! :)

-{ Quote: "Oh yes ;D While they won't be released for a few weeks, we have a number of security-related features that will be incrementally added into Edge, coming down to clients via automatic updates.

(Note: We do have an update scheduled for later today in Edge as well which fixes a lot of the compatibility issues with other AVs)" }-
cool, cant wait.

so, what kind of things? (in a few weeks)

will they help detection, removal or what? :)


---

also, i do wonder how EDGE would perform in one of the tests compared to the traditional antivirus solutions do you not think it should be included? :)

-{ Quote: "KIS appears to check for the registry key HKEY_LOCAL_MACHINE\Software\PCSI, which is our main registry key (just has a couple values in it).

If you want to get Edge/CSI to work alongside KIS, you will want to first uninstall our products, make sure that the key is removed completely, and then install KIS and after that install Edge/CSI on top.

This has worked for users that have come into our inbox with the question, but if not, please let us know and we'll try and find another workaround :)" }-

I'm trying KIS 2009 and Prevx together now. No major problems yet, but after Prevx finished scanning and went to real time, KIS popped up with a "Trojan.Generic" alert that I think might have been related to Prevx, since the only option was to allow. Maybe this can be checked out. Thanks for all your help!

-{ Quote: "cool, cant wait.

so, what kind of things? (in a few weeks)

will they help detection, removal or what? :)


---

also, i do wonder how EDGE would perform in one of the tests compared to the traditional antivirus solutions do you not think it should be included? :)" }-

We have a number of new behavior modeling algorithms baking in the oven as well as removal improvements and a whole mess of other things ;D

I think comparing Edge against traditional antivirus products is a bit unfair for both ends. Firstly, standard AVs detect a great deal of things that Edge won't, for example, old DOS viruses from 20 years ago and corrupt virus samples that have remnants of old, inactive infections in them.

On the other hand, Edge detects a great deal of things normal AVs don't detect, in the time that it takes them to release an update.

If you look at it graphically, normal AVs have to cover all old samples, even ones that can't affect users, up until new samples. However, based on the conceptual problems in definition updates, it isn't possible to have extremely fast detection of new threats.

However, if you look at Edge, which covers malware that actually affects users today rather than users of 20 years ago, all the way up to malware that will be affecting users next week, you see that there is some overlap but not a whole lot.

With how fast infections are mutating, testing antivirus products is becoming increasingly difficult and time consuming. Rather than being able to just right click on a folder and select 'Scan', testers now have to take into account whether the file is detected in realtime, while loading, on demand, in memory, if under a rootkit, coming via an exploit, etc. etc.

Honestly, in today's threat landscape, I would not want to be a tester ;D

To make a long story short (too late), Edge and conventional AVs shouldn't really be tested side by side as they both have very different intentions. I hope that helps, sorry for the essay! ;D

-{ Quote: "I'm trying KIS 2009 and Prevx together now. No major problems yet, but after Prevx finished scanning and went to real time, KIS popped up with a "Trojan.Generic" alert that I think might have been related to Prevx, since the only option was to allow. Maybe this can be checked out. Thanks for all your help!" }-

Interesting that the only option is to allow. Could you send a screenshot of KIS's detection? This might help us narrow down the problem with them :)

-{ Quote: "Interesting that the only option is to allow. Could you send a screenshot of KIS's detection? This might help us narrow down the problem with them :)" }-

Oops.. forgot to take one and it hasn't come up again. Will be sure to take one if I see it again.

Well I have changed changed my security set up.
Avast Free edition and as of tonight :) Prevx Edge paid.

Ran it though first bit of malware and detected it as a worm. Really seems super software.

Cheers

Jlo

-{ Quote: "We have a number of new behavior modeling algorithms baking in the oven as well as removal improvements and a whole mess of other things ;D

I think comparing Edge against traditional antivirus products is a bit unfair for both ends. Firstly, standard AVs detect a great deal of things that Edge won't, for example, old DOS viruses from 20 years ago and corrupt virus samples that have remnants of old, inactive infections in them.

On the other hand, Edge detects a great deal of things normal AVs don't detect, in the time that it takes them to release an update.

If you look at it graphically, normal AVs have to cover all old samples, even ones that can't affect users, up until new samples. However, based on the conceptual problems in definition updates, it isn't possible to have extremely fast detection of new threats.

However, if you look at Edge, which covers malware that actually affects users today rather than users of 20 years ago, all the way up to malware that will be affecting users next week, you see that there is some overlap but not a whole lot.

With how fast infections are mutating, testing antivirus products is becoming increasingly difficult and time consuming. Rather than being able to just right click on a folder and select 'Scan', testers now have to take into account whether the file is detected in realtime, while loading, on demand, in memory, if under a rootkit, coming via an exploit, etc. etc.

Honestly, in today's threat landscape, I would not want to be a tester ;D

To make a long story short (too late), Edge and conventional AVs shouldn't really be tested side by side as they both have very different intentions. I hope that helps, sorry for the essay! ;D" }-
Totally agree. That is why I now feel using a product like Edge in conjunction with a sandboxing product is about as good as it gets, or as simple. Sandboxie keeps it contained, while Edge alerts me to any detections. Along with protecting other ways on entry besides my web browser. The 2 applications are about as light as you can get without the massive signature database of a AV stored on my PC. My version is working very good together, PH.;)

-{ Quote: "Oops.. forgot to take one and it hasn't come up again. Will be sure to take one if I see it again." }-

No problem :) We'll check if we can reproduce it here as well to see if there is something easy to fix with them.

-{ Quote: "Well I have changed changed my security set up.
Avast Free edition and as of tonight :) Prevx Edge paid.

Ran it though first bit of malware and detected it as a worm. Really seems super software.

Cheers

Jlo" }-

Great! Let me (or one of the other Prevx representatives know if you run into any trouble :))

Hmmmmm trjam is copying my setup. :P

-{ Quote: "Totally agree. That is why I now feel using a product like Edge in conjunction with a sandboxing product is about as good as it gets, or as simple. Sandboxie keeps it contained, while Edge alerts me to any detections. Along with protecting other ways on entry besides my web browser. The 2 applications are about as light as you can get without the massive signature database of a AV stored on my PC. My version is working very good together, PH.;)" }-

Great :) AV databases are definitely not turning around in size any time soon either. It really is much faster and smaller (once the technicalities are solved) for the AV company to hold all of the definitions/whitelist/heuristics/etc. instead of trying to download the whooole database to the user's computer.

-{ Quote: "Hmmmmm trjam is copying my setup. :P" }-
Hmm, with a few extras.;)

-{ Quote: "cool, cant wait.

so, what kind of things? (in a few weeks)

will they help detection, removal or what? :)


---

also, i do wonder how EDGE would perform in one of the tests compared to the traditional antivirus solutions do you not think it should be included? :)" }-
also, id like to know the difference between the scans.

the scan from the main GUI 'scan now' scans my machine in just 33 seconds, 15,000 files, is this the deep scan?

full scan did 111,000 files in 11 minutes.

is the deep scan only detecting active running processes, i doubt this though, as malware i simply place on my desktop that shouldn't be active gets detected in the main GUI scan.

And to add to C.S.J.s comment, just what happens when you tic the box to use Smart Scanning.

-{ Quote: "We have extremely regular signature updates, but they are nothing like normal AVs. We add literally thousands of new samples every hour to our definitions and heuristics, but everything takes place on the Community-side, so, you never need to download updates - the clients just check against the newest definitions on the server." }- I'm sorry but with the number of posts I may have missed the answer, so I ask the question which is: How much protection do I have if I'm not connected to the internet? I'm on dial-up and so I download new programs, disconnect, and while not connected I switch to a test snapshot (First Defense - ISR) and install the new program and then run it. If I like it I copy to the primary snapshot if not, I copy primary to test and the programs gone. So, in theory, I should be OK even if not connected, but does Edge provide some protection while I'm doing this? http://www.wilderssecurity.com/images/icons/icon5.gif
Jim C.

-{ Quote: "also, id like to know the difference between the scans.

the scan from the main GUI 'scan now' scans my machine in just 33 seconds, 15,000 files, is this the deep scan?

full scan did 111,000 files in 11 minutes." }-

(If you missed my post, I responded :))

To respond to this question: The Deep Scan is identical to the scan in the front screen which is labeled Scan Now. We highly recommend this scan as it will thoroughly check for rootkits living in the disk/registry/memory, active malware, malware that can load on bootup, and inactive malware living in common places on disk.

However, it does not go through your entire system, looking at every file as this is mostly unnecessary. This is where the full scan comes in.

The full scan will go through every individual file on disk. This may lead to finding slightly more pieces of malware but all of those samples would be inactive and the malware would not actually be infecting the computer (rather, it is just left-behind pieces that were missed but are now dormant). We generally don't recommend running a full scan as it takes quite a while to complete (just because of how much data it has to sift through) and it has marginal benefits over the default scan.

Answering trjam's question: Smart Scanning looks at file characteristic metrics to scan quicker by eliminating the need to scan for certain types of threats on certain systems/setups. If you are actually looking to test the effectiveness of Edge against a broad range of malware on a system which may or may not be affected by that malware, we recommend against checking that box (which is why it is off by default to prevent confusion), but, if you are actually using the full system scanner on a normal computer in a normal environment, it would be rare that something would slip past it that would be actually able to infect the system.

Also, just in case anyone has missed part of the thread, the best way to check Edge's detection is to run the malware (under a virtual machine of course ;D) as this will catch pieces of malware that wouldn't normally be found in a simple on-demand scan.

Apologies for any redundancy, but on the Prevx site it says that Vista is one of the OS that PE requires, but you also state in this thread here that:

---Edge does not currently support Vista or XP x64 and it won't work correctly under WOW64. We are adding this, but it is a slow and grueling process. ---

Can you please clarify suitability for Vista again?


Thanks in advance,
Mark.

-{ Quote: "Apologies for any redundancy, but on the Prevx site it says that Vista is one of the OS that PE requires, but you also state in this thread here that:

---Edge does not currently support Vista or XP x64 and it won't work correctly under WOW64. We are adding this, but it is a slow and grueling process. ---

Can you please clarify suitability for Vista again?


Thanks in advance,
Mark." }-

Ah, that is not clear at all. Edge does not support Vista x64 or XP x64.

It works fine on the 32bit versions. Thanks for pointing that out :) I'll try and find that post to clarify it via editing ;D

-{ Quote: "(If you missed my post, I responded :))

To respond to this question: The Deep Scan is identical to the scan in the front screen which is labeled Scan Now. We highly recommend this scan as it will thoroughly check for rootkits living in the disk/registry/memory, active malware, malware that can load on bootup, and inactive malware living in common places on disk.

However, it does not go through your entire system, looking at every file as this is mostly unnecessary. This is where the full scan comes in.

The full scan will go through every individual file on disk. This may lead to finding slightly more pieces of malware but all of those samples would be inactive and the malware would not actually be infecting the computer (rather, it is just left-behind pieces that were missed but are now dormant). We generally don't recommend running a full scan as it takes quite a while to complete (just because of how much data it has to sift through) and it has marginal benefits over the default scan.

Answering trjam's question: Smart Scanning looks at file characteristic metrics to scan quicker by eliminating the need to scan for certain types of threats on certain systems/setups. If you are actually looking to test the effectiveness of Edge against a broad range of malware on a system which may or may not be affected by that malware, we recommend against checking that box (which is why it is off by default to prevent confusion), but, if you are actually using the full system scanner on a normal computer in a normal environment, it would be rare that something would slip past it that would be actually able to infect the system.

Also, just in case anyone has missed part of the thread, the best way to check Edge's detection is to run the malware (under a virtual machine of course ;D) as this will catch pieces of malware that wouldn't normally be found in a simple on-demand scan." }-
well, in my little test.

prevx detected 50% by the scanner alone, and a further 40+ percent with the behaviour-based technologys.

so, you think a 90+ percent would be a good target to start with for EDGE? :)

as for your other post (yeah, i did miss it :) ), i still think you should allow it to be tested against the traditional AV products, people will understand its a different kind of product and that the detection is based on the scanner-alone, i just think it would be very curious to see those kind of results.

and something totally off topic, you a brit? or working in brit? :)

Thanks very much for the amazingly quick reply and for the info...

Best,
Mark.

-{ Quote: "
Can you please clarify suitability for Vista again?
[/I]

Thanks in advance,
Mark." }-
works great here on Vista x86

-{ Quote: "I'm sorry but with the number of posts I may have missed the answer, so I ask the question which is: How much protection do I have if I'm not connected to the internet? I'm on dial-up and so I download new programs, disconnect, and while not connected I switch to a test snapshot (First Defense - ISR) and install the new program and then run it. If I like it I copy to the primary snapshot if not, I copy primary to test and the programs gone. So, in theory, I should be OK even if not connected, but does Edge provide some protection while I'm doing this? http://www.wilderssecurity.com/images/icons/icon5.gif
Jim C." }-

Some of Edge's engines will work offline, however, to maintain maximum effectiveness, most of them do require a consistent internet stream (broadband/dsl/etc.) Prevx is not a very dialup-friendly technology and when it was first pioneered, there were far fewer broadband users so it was initially discredited as a viable solution.

So, for you, I would recommend scanning+starting to install the program before disconnecting from the internet, then, after you see the "Authenticating New Files" popup disappear, you should be fine to disconnect and stay safe.

Great thanks - looking forward to checking it out.

Mark.

I just purchased Edge as a replacement for MBAM. But, I am having issues with it. As I described before everything is slower to initialize. I am even noticing dramatic differences in the amount of time it takes to image my active partition with Drive Snapshot; it used to take just under three minutes and now it takes nearly fourteen. Verifying the images is also very slow. Has anyone else experienced this?

-{ Quote: "I just purchased Edge as a replacement for MBAM. But, I am having issues with it. As I described before everything is slower to initialize. I am even noticing dramatic differences in the amount of time it takes to image my active partition with Drive Snapshot; it used to take just under three minutes and now it takes nearly fourteen. Verifying the images is also very slow. Has anyone else experienced this?" }-

I'll have QA take a look at it in the morning, but I'm surprised there is that significant of a difference as Edge does not scan files as they're created, only as they're loaded.

Drive Snapshot could be doing some strange when copying files of course, but I somewhat doubt it. I'll let you know what we find by doing side by side comparisons of having only Edge installed versus not having Edge installed at all and see if we can get a fix out if there is some incorrect behavior going on.

One more thing, if you wouldn't mind. I have a partition that I store DS images on (Z). That partition is setup to be hidden under My Computer (so that only I can access it). But with Edge that partition keeps being 'unhidden' when I scan.

-{ Quote: "One more thing, if you wouldn't mind. I have a partition that I store DS images on (Z). That partition is setup to be hidden under My Computer (so that only I can access it). But with Edge that partition keeps being 'unhidden' when I scan." }-

Is the partition "unhidden" when you click "Add File/Folder" or during the actual scan itself? We scan drives regardless of if they are hidden or not just because malware has recently been hiding drives frequently, so, we don't want to run into the case where malware hides the C drive and then none of the system files are scanned :)

-{ Quote: "Is the partition "unhidden" when you click "Add File/Folder" or during the actual scan itself? We scan drives regardless of if they are hidden or not just because malware has recently been hiding drives frequently, so, we don't want to run into the case where malware hides the C drive and then none of the system files are scanned :)" }-

That was my mistake. This seems to be happening upon cleanup, not scanning. As far as my scanning settings are concerned, I use the default 'deep' settings.

-{ Quote: "That was my mistake. This seems to be happening upon cleanup, not scanning." }-

Ahhh yes. Now I know what you mean :) We automatically unhide all drives during cleanup to undo the changes frequently made by malware to hide them.

For now, this may continue to be an annoyance until we make a feature to configure exactly what to remove on cleanup, but, because of the vast number of users being infected with malware that hides their drives and the relatively low number of users who actually use that functionality for legitimate purposes, we tend to have to side with cleaning the infected users.

I will make a note of this to ensure we do eventually allow configuration of what is removed.

-{ Quote: "Ahhh yes. Now I know what you mean :) We automatically unhide all drives during cleanup to undo the changes frequently made by malware to hide them.

For now, this may continue to be an annoyance until we make a feature to configure exactly what to remove on cleanup, but, because of the vast number of users being infected with malware that hides their drives and the relatively low number of users who actually use that functionality for legitimate purposes, we tend to have to side with cleaning the infected users.

I will make a note of this to ensure we do eventually allow configuration of what is removed." }-


Thank you very much. I hope Prevx realizes what an asset they have in you. You have been extremely helpful (and prompt).

-{ Quote: "Thank you very much. I hope Prevx realizes what an asset they have in you. You have been extremely helpful (and prompt)." }-

No problem :) Always glad to help!

Sometimes when I am toggling the Enable Self-Protection setting and then saving the settings, Edge just unloads totally and I have to manually start it again.

Anything I can do to help troubleshoot this?

Thanks,
Mark.

I think there is an issue with the self protection right now Mark. I think they are going to have it fixed in the next release coming shortly.

Wonderful - thank you Threedog.

Best,
Mark.

Glad to be of help.

Am I correct in assuming that there was an incompatability issue between Edge and WinPatrol Plus? I think I remember reading about that earlier in this thread. I have both installed in real-time and I am not experiencing any issues at all.

I've had no problems at all with Edge/WinPatrol Plus with all beta tests and public releases.

-{ Quote: "I've had no problems at all with Edge/WinPatrol Plus with all beta tests and public releases." }-

Good to know. I haven't either but I thought it was documented in this thread.

Love it on my XP and Vista32 laptops, and I'm waiting for the 64bit version to try on my Vista64 desktop. Is there any indication as to when a 64bit version will be arriving?

Prevx Edge 3.0.0.180 is released. This version has solved the self protection issue on my XP Pro SP3 machine. It's running well, and getting along with my other active security apps (ZAP8, AntiVir Premium). Nice work Prevx people regarding the speed of this update!

-{ Quote: "Prevx Edge 3.0.0.180 is released. This version has solved the self protection issue on my XP Pro SP3 machine. It's running well, and getting along with my other active security apps (ZAP8, AntiVir Premium). Nice work Prevx people regarding the speed of this update!" }-

Any idea how to update it to the newest version. I'm runninng 3.0.0.172 and the updater says there is no new version out.

-{ Quote: "Any idea how to update it to the newest version. I'm runninng 3.0.0.172 and the updater says there is no new version out." }-

I did a clean install. Fast and easy!

-{ Quote: "Any idea how to update it to the newest version. I'm runninng 3.0.0.172 and the updater says there is no new version out." }-

The update will be available to existing users within a day or two - we generally ship them out slowly to manage new features.

Downloading the newest version directly or uninstalling/reinstalling will get you the update immediately (and yes, it corrects the self protection issues and a number of compatibility problems :))

-{ Quote: "Love it on my XP and Vista32 laptops, and I'm waiting for the 64bit version to try on my Vista64 desktop. Is there any indication as to when a 64bit version will be arriving?" }-

The 64bit version is on the horizon but honestly, there are a number of features ahead of it in priority. I would peg it at > 1 month as we just have so much we want to get added in to the 32bit version.

-{ Quote: "Am I correct in assuming that there was an incompatability issue between Edge and WinPatrol Plus? I think I remember reading about that earlier in this thread. I have both installed in real-time and I am not experiencing any issues at all." }-

I haven't heard an update, but I know our head of research was going to be getting in touch with WinPatrol to correct a false positive which was killing Edge. It looks like things are working better now based on user reports, however :)

:thumb: to the fast response by WinPatrol :)

-{ Quote: "Sometimes when I am toggling the Enable Self-Protection setting and then saving the settings, Edge just unloads totally and I have to manually start it again.

Anything I can do to help troubleshoot this?

Thanks,
Mark." }-

Threedog was right - there was an issue in build 3.0.0.172 with enabling Self Protection. However, we have corrected this problem and you can now download the newest version from http://info.prevx.com/downloadedge.asp

Try just running that version from the download link directly - it should automatically update the installed copy. If it doesn't, try uninstalling and reinstalling. Based on all reports, the self protection problems are fixed, as well as a number of incompatibilities :)

Please let us know if you run into any further problems!

-{ Quote: "I will have to say nay (for now) to this :) Our implementation is not quite this advanced.... yet.... but we are developing this extended system currently. The only reason why it is not completely in the current version is that it does require some additional overhead to store backup copies of every value, when most values that are changed will not turn out to be malicious, but, we are working on an optimal solution which will be pushed out to all clients as an update in a few weeks when it has been thoroughly tested and proven :)

As well as this extended feature, we have a number of other exciting improvements, so, stay tuned ;D Prevx is not sitting idle at all ;D" }-

Help me:

a) when heuristics detection is on an advanced level, say better than AVG or AVAST

b) behavior finds another portion to outcompete AVIRA and A2/Ikarus

AND WITHOUT REGRETTING A TEMPORARY OKAY

c) suspicious piece of code you may proceed, because I track the changes

THEN ON FINAL ANAYLYSIS OF PREVX SERVER PARC/SPECIALIST

d) you have a take control feature (like in SPyberus) which will remove malware in sort of safe re-boot mode and actually reverts the tracked changes



What would I need else?

Put your effort in improving the scanner (in stead of adding features), that is what people look first at! When scanner is lousy (say on Comodo level) in AV comparatives, you should position it as an add on, which is always considered an unnessecary extra by the majority of PC users.


Cheers Kees

-{ Quote: "The 64bit version is on the horizon but honestly, there are a number of features ahead of it in priority. I would peg it at > 1 month as we just have so much we want to get added in to the 32bit version." }-+1 for XP x64 version. I only run Windows x64 so unfortunately can't test it properly on my main machines, although I may try it in a VM as it sounds interesting.

If it would mean an x64 version could be released sooner, could you just release it with the detection capability, without the self-protection & cleaning technology ?

This would at least give us x64 outcasts something to salivate about. ;D

-{ Quote: "Interesting that the only option is to allow. Could you send a screenshot of KIS's detection? This might help us narrow down the problem with them :)" }-

I also encountered this "riskware Trojan.generic" with KIS 8.0.0.454, I believe it was a behavioural alert, right after the scan following installation. I do use KIS in interactive mode.

I have not seen it since.

Hey Everyone

Firstly let me say that I am very impressed with Prevx Edge so far. It is light on system resources, appears to be stable with no conflicts with AVG free, has a nice GUI, is easy to use and in my limited testing has detected the malware samples I have thrown at it which has lead me to buy a license.

This unique approach that Prevx takes which I like to call "community based behavioral intrusion prevention" is definitely the way of the future and although it has taken you guys multiple versions and many years to perfect a viable product it was well worth the wait and for that I would like to congratulate you on your success. Your support although lacking at best in the past is now top notch thanks mainly to PrevxHelp who seems very knowledgeable and prompt in his/hers approach to customer support, something that the major AV companies really need to address.

If Prevx continues to evolve their products with new features and technologies in a timely fashion and remains focused on customer satisfaction, I am sure they will continue to find great success well into the future. Well done! :thumb:

with edge and avira free edition installed security centre reports 2 anti virus programs should this be ok

-{ Quote: "with edge and avira free edition installed security centre reports 2 anti virus programs should this be ok" }-

This is fine :) As of version v3.0.0.180, Edge also integrates into the security center, but it does so in a way that multiple AVs can be in there without problems :)

-{ Quote: "Hey Everyone

Firstly let me say that I am very impressed with Prevx Edge so far. It is light on system resources, appears to be stable with no conflicts with AVG free, has a nice GUI, is easy to use and in my limited testing has detected the malware samples I have thrown at it which has lead me to buy a license.

This unique approach that Prevx takes which I like to call "community based behavioral intrusion prevention" is definitely the way of the future and although it has taken you guys multiple versions and many years to perfect a viable product it was well worth the wait and for that I would like to congratulate you on your success. Your support although lacking at best in the past is now top notch thanks mainly to PrevxHelp who seems very knowledgeable and prompt in his/hers approach to customer support, something that the major AV companies really need to address.

If Prevx continues to evolve their products with new features and technologies in a timely fashion and remains focused on customer satisfaction, I am sure they will continue to find great success well into the future. Well done! :thumb:" }-

Thank you for your kind words :) Please let me know if you do have any questions/problems! Always glad to help ;D

-{ Quote: "+1 for XP x64 version. I only run Windows x64 so unfortunately can't test it properly on my main machines, although I may try it in a VM as it sounds interesting.

If it would mean an x64 version could be released sooner, could you just release it with the detection capability, without the self-protection & cleaning technology ?

This would at least give us x64 outcasts something to salivate about. ;D" }-

We would rather not release an incomplete product, so, it looks like we're going to have to wait until every one of the components is translated/supports x64's architecture. We will begin working on it soon, but, as you may have seen from other antivirus products, it does require a significant amount of extra work, for a relatively small userbase still.

right this is my set up now, im going to run prevx edge and drive sentry, should be no conflicts and as of running for 1 hours all is good

what is the AlfaFF.dll file located in system32?

is it a part of Prevx EDGE?

if not, can someone be kind enough to tell me.

-{ Quote: "what is the AlfaFF.dll file located in system32?

is it a part of Prevx EDGE?

if not, can someone be kind enough to tell me." }-

Hello,
This is not a part of Edge - the only components of Edge are:

C:\windows\system32\drivers\pxark.sys
C:\program files\prevx\prevx.exe
and a handful of small files in the All Users\Application Data folder.

From a quick search, AlfaFF.dll might be malicious. If you want us to take a look at it, please forward it on to me and I'll analyze it for you.

-{ Quote: "what is the AlfaFF.dll file located in system32?

is it a part of Prevx EDGE?

if not, can someone be kind enough to tell me." }-

Upload it to virustotal.

-{ Quote: "Hello,
This is not a part of Edge - the only components of Edge are:

C:\windows\system32\drivers\pxark.sys
C:\program files\prevx\prevx.exe
and a handful of small files in the All Users\Application Data folder.

From a quick search, AlfaFF.dll might be malicious. If you want us to take a look at it, please forward it on to me and I'll analyze it for you." }-
yes, i would like you to check it out please.

if possible, id like to know what software i have installed that has placed it there.

-{ Quote: "yes, i would like you to check it out please.

if possible, id like to know what software i have installed that has placed it there." }-

That's generally a relatively difficult thing to do as there is no "papertrail" of installed files within the system.

Could you email the file in question to me (I believe you still have my email address :))

-{ Quote: "That's generally a relatively difficult thing to do as there is no "papertrail" of installed files within the system.

Could you email the file in question to me (I believe you still have my email address :))" }-
of course, the file is sent.

-{ Quote: "Upload it to virustotal." }-
0/36

malwarebytes detected nothing either, still need to know what it is though.

::)

-{ Quote: "of course, the file is sent." }-

I've finished my analysis and the file is not malicious (Virustotal agrees as well - 0/36). The file is a component which communicates with a minifilter driver made by the company "Alfa Corporation".

Minifilters are the new, Microsoft-recommended way for a file system developer to design their software and are being used quite frequently now. The architecture is designed so that multiple minifilters can be loaded simultaneously, however, if one of them has a bug, it is possible that there will be multiple program failures.

You may want to contact both Alfa Corporation and Dr. Web to see what is conflicting between the two.

Hope that helps :)

-{ Quote: "I've finished my analysis and the file is not malicious (Virustotal agrees as well - 0/36). The file is a component which communicates with a minifilter driver made by the company "Alfa Corporation".

Minifilters are the new, Microsoft-recommended way for a file system developer to design their software and are being used quite frequently now. The architecture is designed so that multiple minifilters can be loaded simultaneously, however, if one of them has a bug, it is possible that there will be multiple program failures.

You may want to contact both Alfa Corporation and Dr. Web to see what is conflicting between the two.

Hope that helps :)" }-
thanks, drweb are already analyzing it aswell :)


the file sucks-ass, it cant cope with drwebs new self protection and gives me a BSOD every 5-10 minutes.

Running both NIS2009 and PrevxEdge here without problems. Both are super light :thumb:

I think I found a couple issue. I found what I can only hope is a false positive. The new Drivesnap (DriveSnapshot frontend) that markymoo released today is flagged as infected. It hink this is in error. But ehen I click on the "Contact Support" button in Edge to try and submit the file but it crashed.

Uninstalled verything but Antivir - put Edge back on - smooth and fast. All Heuristics on highest.
Next move - add DW in a couple of days.
Think conflict was with ThreatFire - hope it wasnt with DW.

Best Regards

I thought I read the self protection was fixed? when I enable this option it shuts its self down.Minus this option No problems.

Same here.

-{ Quote: "I thought I read the self protection was fixed? when I enable this option it shuts its self down.Minus this option No problems." }-

What version are you using? Can you download the newest (v3.0.0.180) from the website to make sure that you're using the fixed version?

-{ Quote: "I think I found a couple issue. I found what I can only hope is a false positive. The new Drivesnap (DriveSnapshot frontend) that markymoo released today is flagged as infected. It hink this is in error. But ehen I click on the "Contact Support" button in Edge to try and submit the file but it crashed." }-

Hello,
Can you send me a scan log or the entry of the false positive? I'll get that sorted.

Also, we've seen the Contact Support issue intermittently and are looking for a way to fix it. We have another update scheduled for tomorrow which should address this and other issues.

-{ Quote: "What version are you using? Can you download the newest (v3.0.0.180) from the website to make sure that you're using the fixed version?" }-

This version I reinstalled it from scratch.Ok I enabled self protection again so far its holding its own.If if goes down again I will run with it disabled and see what happens.

-{ Quote: "What version are you using? Can you download the newest (v3.0.0.180) from the website to make sure that you're using the fixed version?" }-

How can we see what version are we using?

It's in the lower right-hand corner....

Best,
Mark.

-{ Quote: "This version I reinstalled it from scratch.Ok I enabled self protection again so far its holding its own.If if goes down again I will run with it disabled and see what happens." }-

Ok great, thank you for your information. We are still investigating a subtle issue with self protection but it should be overall fixed in v3.0.0.180.

-{ Quote: "Uninstalled verything but Antivir - put Edge back on - smooth and fast. All Heuristics on highest.
Next move - add DW in a couple of days.
Think conflict was with ThreatFire - hope it wasnt with DW.

Best Regards" }-

Have been running Edge and DefenseWall together since beta testing started - nooooo problems :thumb: :)
Very light, conflict free.

-{ Quote: "The 64bit version is on the horizon but honestly, there are a number of features ahead of it in priority. I would peg it at > 1 month as we just have so much we want to get added in to the 32bit version." }-

I really hope so maitey - 1 month is worth waiting upon

(Well, I wanted to like it)

Installed it and ran it for an hour or so, did scans etc. Found 2 files, one I know to be a FP and another I've used for years and never came up on any scans, but to be safe I let it clean that one.

Then Edge automatically rebooted (which I think should be addressed, it should tell you to reboot but then give you the option to do it then or defer it until you want to - I needed to close some programs and it didn't allow for the time to do that.)

When system rebooted it bluescreened with a "Unmountable_Boot_volume" error - thank the Lord I imaged my system right before installing Edge - after restoring from that image everything is back to normal.

Of course, no other software was installed and all the usual checks were done - and while you can never be 100% sure, I really, really believe it was Edge.

Dissapointed.
Mark.

-{ Quote: "(Well, I wanted to like it)

Installed it and ran it for an hour or so, did scans etc. Found 2 files, one I know to be a FP and another I've used for years and never came up on any scans, but to be safe I let it clean that one.

Then Edge automatically rebooted (which I think should be addressed, it should tell you to reboot but then give you the option to do it then or defer it until you want to - I needed to close some programs and it didn't allow for the time to do that.)

When system rebooted it bluescreened with a "Unmountable_Boot_volume" error - thank the Lord I imaged my system right before installing Edge - after restoring from that image everything is back to normal.

Of course, no other software was installed and all the usual checks were done - and while you can never be 100% sure, I really, really believe it was Edge.

Dissapointed.
Mark." }-
hi, if you dont mind, you should send the Prevx guys the minidump .dmp file for that particular BSOD.

located in C:/windows/minidump

-{ Quote: "(Well, I wanted to like it)

Installed it and ran it for an hour or so, did scans etc. Found 2 files, one I know to be a FP and another I've used for years and never came up on any scans, but to be safe I let it clean that one.

Then Edge automatically rebooted (which I think should be addressed, it should tell you to reboot but then give you the option to do it then or defer it until you want to - I needed to close some programs and it didn't allow for the time to do that.)

When system rebooted it bluescreened with a "Unmountable_Boot_volume" error - thank the Lord I imaged my system right before installing Edge - after restoring from that image everything is back to normal.

Of course, no other software was installed and all the usual checks were done - and while you can never be 100% sure, I really, really believe it was Edge.

Dissapointed.
Mark." }-

Hello,
Before cleanup, Edge prompts you to save programs/documents and then shows you one more message before reboot.

None of our other users have reported an Unmountable_Boot_volume issue, and that would have shown up across CSI users as well, being that CSI and Edge use the same engine for cleanup.

Really not sure where to start with it, but I'm sorry your experience was far less than optimal :-\

-{ Quote: "hi, if you dont mind, you should send the Prevx guys the minidump .dmp file for that particular BSOD.

located in C:/windows/minidump" }-

While the minidump would most definitely be useful, I'd imagine it is lost because of the reimaging. However, if you do still have the file intact, please send it to us and we will investigate the more granular details of the crash to see if it can be attributed to Edge.

CSJ - thank you - that's a good idea and I will do that -

Prevx - can you pm me an email or an upload site to send the mini dump to?

While nobody else may have reported it, it's a bit suspect to me in terms of timing...and prevx never gave me an option to defer rebooting - gave me a dialog popup telling me what it was going to do and only an OK button when clicked, initiated the reboot process.

Again, the timing is such that coincidence is unlikely at least in my book. I do though appreciate your response....Anything I can do to track it down please let me know.

Thanks,
Mark.

Whoops - correct, it is gone to to the reimaging. Forgot that.

Best,
Mark.

-{ Quote: "CSJ - thank you - that's a good idea and I will do that -

Prevx - can you pm me an email or an upload site to send the mini dump to?

While nobody else may have reported it, it's a bit suspect to me in terms of timing...and prevx never gave me an option to defer rebooting - gave me a dialog popup telling me what it was going to do and only an OK button when clicked, initiated the reboot process.

Again, the timing is such that coincidence is unlikely at least in my book. I do though appreciate your response....Anything I can do to track it down please let me know.

Thanks,
Mark." }-

I don't have a screenshot handy, but one step before the message which only has an OK is shown, it says:

"Prepare for cleanup by performing the following 3 actions, then click Next.

1) Save any documenst and close all programs.

2) Disconnect your PC from the internet until prompted.

3) Disable any other security products (Antivirus, Antispyware, etc.)"

Then, after clicking Next, it will show a progress bar and then get to the screen which you saw with only the OK button, and it will then reboot the system.

For information purposes, what other security software are you using and what operating system are you using? I will PM you my email address for the minidump momentarily.

Thanks again and sorry for the inconvenience.

-{ Quote: "Whoops - correct, it is gone to to the reimaging. Forgot that.

Best,
Mark." }-

Ah ok. We will definitely keep an eye out for this happening in the future. I would still be interested in finding more out about your setup to hopefully help us reproduce it here.

Thank you - appreciate the clarification - I honestly don't remember seeing any of it after that initial 3-step dialog but I believe you and I suppose I missed it.

OS - Vista Ultimate 32bit
Sec Apps - Avira Personal Premium, SuperAntispyware

I wish I could provide more info and had the dump. I guess I can always try it again after imaging, but.... :)

Thanks,
Mark.

-{ Quote: "Hello,
Can you send me a scan log or the entry of the false positive? I'll get that sorted.

Also, we've seen the Contact Support issue intermittently and are looking for a way to fix it. We have another update scheduled for tomorrow which should address this and other issues." }-

I would be happy to send you a scan log. But, happily I cannot do that as this false positive seems to have already been corrected. Thank you very much. I am also glad to hear that errors will soon be corrected in updated versions.

I spoke too soon. After doing a complete scan Edge found three infections, all false positives. The log is attached.

-{ Quote: "I spoke too soon. After doing a complete scan Edge found three infections, all false positives. The log is attached." }-

False positives corrected :) Thanks for the information!

Your latest is 172. Downloaded from your site - didnt get any better.

-{ Quote: "It's in the lower right-hand corner....

Best,
Mark." }-

Thanks, it's so tiny. Didn't notice

-{ Quote: "Your latest is 172. Downloaded from your site - didnt get any better." }-

Hello,
Can you please try uninstalling 172 and redownloading from the website, ensuring that the new version says 180? Sometimes the download may be cached, which could cause it to not get the new version.

Is it normal for there to be 2 prevx.exe processes?

-{ Quote: "Is it normal for there to be 2 prevx.exe processes?" }-

Yes, this is normal :)

I know I said Ill wait a couple of days to put DW back on together with Edge but I tried it now- and Edge doesnt like DW on my PC. It stops protecting live and doesnt remeber enabled eval monitoring + shuts down icon at least.

Edge + Antivir - fast and smooth.

DW + Edge + Antivir - Edge-chaos

DW + Antivir - fast and smooth

So since DW is my "main man" I am back to "my roots" and DW is on and Edge is out and thank you for tour efforts.

Can Prevx Edge scan more than one file at a time when using Right Click from Windows Explorer? I selected a few files in explorer, right clicked on these files and selected Scan with Prevx Edge. There was absolutely no response from Edge. Works fine with only one file selected.

-{ Quote: "Can Prevx Edge scan more than one file at a time when using Right Click from Windows Explorer? I selected a few files in explorer, right clicked on these files and selected Scan with Prevx Edge. There was absolutely no response from Edge. Works fine with only one file selected." }-

Hello,
I just tried it here and it worked fine selecting multiple files, but, I'm not using any other security software than just Edge so something else may be interfering in your setup. We'll take a look at it in the morning and let you know :)

-{ Quote: "I know I said Ill wait a couple of days to put DW back on together with Edge but I tried it now- and Edge doesnt like DW on my PC. It stops protecting live and doesnt remeber enabled eval monitoring + shuts down icon at least.

Edge + Antivir - fast and smooth.

DW + Edge + Antivir - Edge-chaos

DW + Antivir - fast and smooth

So since DW is my "main man" I am back to "my roots" and DW is on and Edge is out and thank you for tour efforts." }-

There are a number of our users using precisely the DW + Edge + Antivir setup, but we will take a look at it shortly. We are going to be releasing a new version for update in the next day or two which will correct other minor issues that could be affecting this as well.

-{ Quote: "I know I said Ill wait a couple of days to put DW back on together with Edge but I tried it now- and Edge doesnt like DW on my PC. It stops protecting live and doesnt remeber enabled eval monitoring + shuts down icon at least.

Edge + Antivir - fast and smooth.

DW + Edge + Antivir - Edge-chaos

DW + Antivir - fast and smooth

So since DW is my "main man" I am back to "my roots" and DW is on and Edge is out and thank you for tour efforts." }-

Oh dear - DW + Edge + Antivir + OA + EQS is my setup. Will look out for same problem but so far OK.

-{ Quote: "Oh dear - DW + Edge + Antivir + OA + EQS is my setup. Will look out for same problem but so far OK." }-

Um, yeah.....that's insanely repetitive.

-{ Quote: "I know I said Ill wait a couple of days to put DW back on together with Edge but I tried it now- and Edge doesnt like DW on my PC. It stops protecting live and doesnt remeber enabled eval monitoring + shuts down icon at least.

Edge + Antivir - fast and smooth.

DW + Edge + Antivir - Edge-chaos

DW + Antivir - fast and smooth

So since DW is my "main man" I am back to "my roots" and DW is on and Edge is out and thank you for tour efforts." }-
Edge + Sandboxie is the lightest I have found. Working like a charm.

-{ Quote: "Hello,
I just tried it here and it worked fine selecting multiple files, but, I'm not using any other security software than just Edge so something else may be interfering in your setup. We'll take a look at it in the morning and let you know :)" }-
I noticed this too. Sometimes right click scan doesnt work. Edge alongside NIS2009 and Sandboxie. I first thought it was a trial limitation.

-{ Quote: "I noticed this too. Sometimes right click doesnt work. Edge alongside NIS2009 and Sandboxie. I first thought it was a trial limitation." }-

Ok, thanks for the replication report :) We'll take a look at it tomorrow morning and hopefully get it fixed in the next update :)

-{ Quote: "Hello,
I just tried it here and it worked fine selecting multiple files, but, I'm not using any other security software than just Edge so something else may be interfering in your setup. We'll take a look at it in the morning and let you know :)" }-

Same behaviour with folders. Select one folder and Edge will scan all files within that folder. Select 2 or more folders, no reponse from Edge.

@joe

i can confirm this doesnt work.

right click one file, and the option "scan with edge" or whatever shows.

select a few and that option is not in the right click menu anymore.

Regarding the multiple selections scan via Explorer, no issues with KIS.

KIS 8.0.0.454 abc and Edge 3.0.0.180

-{ Quote: "Um, yeah.....that's insanely repetitive." }-
Agree there is some overlap between EQS and OA. Otherwise, each brings a different type of protection. Edge is also something different that I can't resist trying. Like EQS, Edge doesn't seem to produce a performance hit on my PC.

-{ Quote: "@joe

i can confirm this doesnt work.

right click one file, and the option "scan with edge" or whatever shows.

select a few and that option is not in the right click menu anymore." }-

Yes, selecting multiple files or a combination of files/folders can sometimes break it. The reason why this happens is that our implementation is less system-intensive than other AV's. Rather than having an extra DLL injected into Explorer to scan files via the right click menu, we have a very light-weight registry entry which duplicates a majority of the same functionality.

However, it does have some minor caveats in that it isn't 100% functional to that of some other right click menus. But, if you do want to use the more advanced scan features of multiple folders/files/etc. you can use the Advanced Scan feature found in Tools and Settings.

Your names Joe?:blink:

-{ Quote: "Your names Joe?:blink:" }-

Yes, and I hardly ever sleep as you may have noticed from emails ;D

update,here is something I found interesting,After a complete show down of my machine when I boot up again monitoring is disabled with self protection set enabled.If I disabled self protection and shut down and boot back up it loads and is running.This seems to be consistent on my machine.

-{ Quote: "update,here is something I found interesting,After a complete show down of my machine when I boot up again monitoring is disabled with self protection set enabled.If I disabled self protection and shut down and boot back up it loads and is running.This seems to be consistent on my machine." }-

Hello,
Could you make sure you are using v3.0.0.180? The primary fix in that version is to correct the self protection problems which disabled monitoring on bootup. If you are still using .172, please download Edge again from http://info.prevx.com/downloadedge.asp and update it from there.

Let me know what you find :)

-{ Quote: "Yes, and I hardly ever sleep as you may have noticed from emails ;D" }-

You must be using some heavy Java juice=coffee or something stronger.:-X

-{ Quote: "Hello,
Could you make sure you are using v3.0.0.180? The primary fix in that version is to correct the self protection problems which disabled monitoring on bootup. If you are still using .172, please download Edge again from http://info.prevx.com/downloadedge.asp and update it from there.

Let me know what you find :)" }-
I am have a look

-{ Quote: "I am have a look" }-

Thanks for that clarification :) We don't have the update out yet, so, I just have to check to make sure.

By any chance, do you have a single, password protected user account on your system? If so, this would coincide with an issue we discovered earlier today. If you want, I can PM you a link to the beta update to see if that corrects the problem for you.

I have a password for logon at boot up only.

That update as you know already, seems to have did the trick and much faster start up.thank you.

-{ Quote: "That update as you know already, seems to have did the trick and much faster start up.thank you." }-

Great! ;D We will be getting this out for all users ideally by tomorrow. Thanks for your quite testing :)

just a update on self protection its working great now and I just tested it I tryied to kill its process prevx.exe works as expected.

-{ Quote: "just a update on self protection its working great now and I just tested it I tryied to kill its process prevx.exe works as expected." }-

Great :) Thank you for the report!

Prevx folks,

Version 3.0.0.180
Clean install eval ver. on reboot this morning no Threarfire or PE icons sys. tray.
Only software was Antivir,Threatfire,Taskinfo. So appears to still have conflict TF.

Clean install Full version. Only Antivir, taskinfo, Firefox ver. 3.0.4 ,Adobe reader ver. 8.1.3, went to web site clicked on pdf. file PE crashed with "sorry have to close", no change to sys. tray icon, until closing tab, after restart all seems ok. Event viewer logged,
"Faulting application prevx.exe, version 3.0.0.180, faulting module , version 0.0.0.0, fault address 0x00000000."

XPpro sp3

HTH

your welcome.

-{ Quote: "Prevx folks,

Version 3.0.0.180
Clean install eval ver. on reboot this morning no Threarfire or PE icons sys. tray.
Only software was Antivir,Threatfire,Taskinfo. So appears to still have conflict TF.

Clean install Full version. Only Antivir, taskinfo, Firefox ver. 3.0.4 ,Adobe reader ver. 8.1.3, went to web site clicked on pdf. file PE crashed with "sorry have to close", no change to sys. tray icon, until closing tab, after restart all seems ok. Event viewer logged,
"Faulting application prevx.exe, version 3.0.0.180, faulting module , version 0.0.0.0, fault address 0x00000000."

XPpro sp3

HTH" }-

Hello,
Thank you for your information. We will be re-checking the test version with Threatfire to see what we can fix. We are planning a new version tomorrow/soon after which should correct many of the incompatibility issues.

We will let you know when the new version is out and if you have a free few minutes, we would greatly appreciate you giving the new version another test to see if everything is corrected on your system :)

I completed another system scan. This time I scanned z:, which as I mentioned earlier I store images on. Edge flagged several files related to Ultimate Boot Disc for Windows as infected. I believe they are all false positives. I have attached the log.

-{ Quote: "I completed another system scan. This time I scanned z:, which as I mentioned earlier I store images on. Edge flagged several files related to Ultimate Boot Disc for Windows as infected. I believe they are all false positives. I have attached the log." }-

Hello,
Thank you for your log - I will have the false positives fixed momentarily :)

-{ Quote: "I completed another system scan. This time I scanned z:, which as I mentioned earlier I store images on. Edge flagged several files related to Ultimate Boot Disc for Windows as infected. I believe they are all false positives. I have attached the log." }-

Fixed :) A handful of those are duplicate files, FWIW, but, if you rescan again they will be fixed and not detected anymore. Thanks for the log :)

-{ Quote: "Fixed :) A handful of those are duplicate files, FWIW, but, if you rescan again they will be fixed and not detected anymore. Thanks for the log :)" }-

They're still there. Maybe I need to wait longer. I'll rescan in the morning.

I am now having problems with Prevx Edge protection. Using the latest version (3.0.1.180) Prevx isn't loading at startup (no tray icon or process in task manager) and when opened via the start menu it says protection disabled. Rebooting as suggested doesn't fix the problem.

System setup is as follows:
Vista Business SP1
Single password protected admin account
UAC enabled
BIOS password
AVG AV free (8.0.175)
Comodo Internet Security (3.5.55810.432) installed with firewall only

It appears to be a compatibility problem with AVG because if I disable AVG resident shield and reboot, Prevx loads properly. FYI I wasn't experiencing this problem with the previous version. Any Ideas?

-{ Quote: "I am now having problems with Prevx Edge protection. Using the latest version (3.0.1.180) Prevx isn't loading at startup (no tray icon or process in task manager) and when opened via the start menu it says protection disabled. Rebooting as suggested doesn't fix the problem." }-

Same here. I don't think it's AGV as you suggested because I don't have any security on the PC where this is happening except Edge.

I got so fed up with reinstalling v180 and constantly restarting to kick protection into life (unsuccessfully)that I reverted my system with ISR to before the upgrade. No probs with v172 at all.

Threat identified in File

C:\Documents and Settings\*****\SpywareTerminatorSetup.exe

If i dont remember wrong, SpywareTerminator identified Prevx
CSI 2 be malicious.

Prevx Edge is now telling me that SpywareTerminator is malicious.

Just so u know !

TCSP

-{ Quote: " I got so fed up with reinstalling v180 and constantly restarting to kick protection into life (unsuccessfully)that I reverted my system with ISR to before the upgrade. No probs with v172 at all." }-

Just to clarify I also wasn't experiencing this problem with version 172 as it has only started to occur after manually updating Prevx Edge by downloading the latest version from the website and executing it (which updated the installed client from v172 to v180).

This problem is very frustrating and as a temporary solution I have disabled the AVG resident shield which appears to be working but as Clive has commented the problem is also replicated on a system where AVG is not installed meaning that it may be a more fundamental problem then a simple compatibility issue.

-{ Quote: "Threat identified in File

C:\Documents and Settings\*****\SpywareTerminatorSetup.exe

If i dont remember wrong, SpywareTerminator identified Prevx
CSI 2 be malicious.

Prevx Edge is now telling me that SpywareTerminator is malicious.

Just so u know !

TCSP" }-

Check again, it's now fixed :)

-{ Quote: "I am now having problems with Prevx Edge protection. Using the latest version (3.0.1.180) Prevx isn't loading at startup (no tray icon or process in task manager) and when opened via the start menu it says protection disabled. Rebooting as suggested doesn't fix the problem.

System setup is as follows:
Vista Business SP1
Single password protected admin account
UAC enabled
BIOS password
AVG AV free (8.0.175)
Comodo Internet Security (3.5.55810.432) installed with firewall only

It appears to be a compatibility problem with AVG because if I disable AVG resident shield and reboot, Prevx loads properly. FYI I wasn't experiencing this problem with the previous version. Any Ideas?" }-

Hello,
We are working on this issue and should have it solved shortly. Sorry for the inconvenience, and this is not directly an AVG problem (as it is seen from other security software as well).

We don't have a patch just yet, but we will soon. Thanks again for your patience!

-{ Quote: "Hello,
We are working on this issue and should have it solved shortly. Sorry for the inconvenience, and this is not directly an AVG problem (as it is seen from other security software as well).

We don't have a patch just yet, but we will soon. Thanks again for your patience!" }-

Thanks for the update. I am glad that it is not a compatibility problem with AVG.

My advice to Prevx would be not to rush the update out at the expense of potentially introducing other problems as I have a sneaking suspicion that v180 was rushed out without sufficient testing to fix the compatibility and self protection issues and unknowingly introduced this problem. (Saying that I could be totally wrong).

Once again thanks for the timely support and I eagerly await this fix. :)

Cheers
Ben

-{ Quote: "Thanks for the update. I am glad that it is not a compatibility problem with AVG.

My advice to Prevx would be not to rush the update out at the expense of potentially introducing other problems as I have a sneaking suspicion that v180 was rushed out without sufficient testing to fix the compatibility and self protection issues and unknowingly introduced this problem. (Saying that I could be totally wrong).

Once again thanks for the timely support and I eagerly await this fix. :)
" }-

It actually appears as though these problems have existed for longer but were obscured by the self protection issue. We're implementing a new piece of code now which will correct them, however, we are definitely going to be going through an extra round of testing against multi/many AV configurations (which aid in reproducing these issues) to double check that everything is working properly :)

Thanks again for your patience while we sort these out! :)

Still running perfect here:thumb:

Some (useless) thoughts about colours...

If a security application shows an alert message with a green and a red button, which one would you click? I would prefer the green one. Green stands for safety, red for danger.

Fortunately Prevx Edge shows only "one" button. I like this idea to "hide" the not recommended actions.

But anyway... Imagine: In the threatening, dangerous "red enviroment" of an infection-alert there would be a peaceful, confident GREEN button (block/cleanup), leading the way back to safety...

Got the idea? I think pressing a green button is more logical and feels more comfortable, while a red button could feel like doing a dangerous action. (?!?) Maybe - but I'm not sure about it.

...and I know that there are MUCH more important things.

BTW: At the top of the small window during the initial scan is a Prevx logo, but on the top of the main screen of Prevx Edge is just "plain" text - no logo. Is that wanted?

-{ Quote: "Some (useless) thoughts about colours...

If a security application shows an alert message with a green and a red button, which one would you click? I would prefer the green one. Green stands for safety, red for danger.

Fortunately Prevx Edge shows only "one" button. I like this idea to "hide" the not recommended actions.

But anyway... Imagine: In the threatening, dangerous "red enviroment" of an infection-alert there would be a peaceful, confident GREEN button (block/cleanup), leading the way back to safety...

Got the idea? I think pressing a green button is more logical and feels more comfortable, while a red button could feel like doing a dangerous action. (?!?) Maybe - but I'm not sure about it.

...and I know that there are MUCH more important things.

BTW: At the top of the small window during the initial scan is a Prevx logo, but on the top of the main screen of Prevx Edge is just "plain" text - no logo. Is that wanted?" }-

Not useless thoughts at all ;D

You should see how much discussion went into to deciding the colors.... and honestly, it can go either way. Technically speaking, the entire dialog should be green as the threat would have already intercepted at that stage. I will, however, bring it up with our graphic designer as I agree with your points, but he probably doesn't want to hear it again as we will just go in circles ;D

Also, regarding the Prevx logo on the pages - that is intentional but probably not the most consistent of designs. I'll see what we can do about getting everything the same :) Thank you for your suggestions!

-{ Quote: "Not useless thoughts at all ;D

You should see how much discussion went into to deciding the colors.... and honestly, it can go either way. Technically speaking, the entire dialog should be green as the threat would have already intercepted at that stage. I will, however, bring it up with our graphic designer as I agree with your points, but he probably doesn't want to hear it again as we will just go in circles ;D

Also, regarding the Prevx logo on the pages - that is intentional but probably not the most consistent of designs. I'll see what we can do about getting everything the same :) Thank you for your suggestions!" }-
i disagree,

the colour red, brings it to my attention.

green, certainly would not. ::)

-{ Quote: "Some thoughts about colours...

Imagine: In the threatening, dangerous "red enviroment" of an infection-alert there would be a peaceful, confident GREEN button (block/cleanup), leading the way back to safety...

Got the idea? I think pressing a green button is more logical and feels more comfortable, while a red button could feel like doing a dangerous action. (?!?) Maybe - but I'm not sure about it." }-
-{ Quote: "

You should see how much discussion went into to deciding the colors...." }-

Noooooooooooooooooooooooooo, not this conversation again :-X

*puts fingers in ears and sings to himself*

-{ Quote: "i disagree,

the colour red, brings it to my attention.

green, certainly would not. ::)" }-

And herein lies the discussion ;D We also have Cleanup Now red always even though it eventually gets you to a clean system. I don't think there is a straightforward answer to this. We "could" always make it brown, a combination of green + red, but I don't think PrevxWebDesigner would be too happy with that ;D

-{ Quote: "We "could" always make it brown, a combination of green + red, but I don't think PrevxWebDesigner would be too happy with that ;D" }-
Oh I'm not so sure - brown is very "in" at the moment ;)

-{ Quote: "And herein lies the discussion ;D We also have Cleanup Now red always even though it eventually gets you to a clean system. I don't think there is a straightforward answer to this. We "could" always make it brown, a combination of green + red, but I don't think PrevxWebDesigner would be too happy with that ;D" }-
again, your wrong.

anything that 'requires attention' by the user, is always red.

this is how it is, and how it always will be. :)

even with the full list of security products that are available today, they are all the same, anything that needs attention, is red.

...........redddddddddddd i tell ya!!!!

Red = alert!

:)

Why not red and the closer you get to the button with the mouse it turns to green ;D

-{ Quote: "Oh I'm not so sure - brown is very "in" at the moment ;)" }-

um, no! Brown is the color of poo! No brown.

Don't change a thing

-{ Quote: "Don't change a thing" }-

I agree :) I think we'll just leave it and hope that it's clear enough ;D I do think that red is generally the normal color for a warning prompt, even if the warning has already been taken care of behind the scenes.

-{ Quote: "Not useless thoughts at all ;D

You should see how much discussion went into to deciding the colors.... and honestly, it can go either way. Technically speaking, the entire dialog should be green as the threat would have already intercepted at that stage. I will, however, bring it up with our graphic designer as I agree with your points, but he probably doesn't want to hear it again as we will just go in circles ;D

Also, regarding the Prevx logo on the pages - that is intentional but probably not the most consistent of designs. I'll see what we can do about getting everything the same :) Thank you for your suggestions!" }-
I understand. Going in circles is no way to get forward at all. ;D And I have no problems with your inconsistent design if it is intentional. I just was wondering. Thank you for your reply!

BTW: Prevx Edge runs on 3 PCs without any issues. It is "Beautyful" and SOOO light - unbelieveable. :thumb: The whole Prevx Edge installs quicker than my other security product can update its signiture database. ;D

-{ Quote: "Noooooooooooooooooooooooooo, not this conversation again :-X

*puts fingers in ears and sings to himself*" }-

ROFLMAO;D

-{ Quote: "I agree :) I think we'll just leave it and hope that it's clear enough ;D I do think that red is generally the normal color for a warning prompt, even if the warning has already been taken care of behind the scenes." }-
The GUI looks great as it is very attractive and easy on the eyes.Whats at most important now is under the Hood so to speak.:thumb:

Wow....look what I missed the past couple days.

I can confirm the start up problem with SAS Pro on with realtime enabled also. If I disable it the boot problem goes away. I rarely use the realtime protection in SAS so its no biggie. Something to keep PH busy and out of trouble.

-{ Quote: "The GUI looks great as it is very attractive and easy on the eyes.Whats at most important now is under the Hood so to speak.:thumb:" }-

I think the GUI is A-OK also. Wouldn't change a thing.

-{ Quote: "Why not red and the closer you get to the button with the mouse it turns to green ;D" }-
Nice idea! ;D

-{ Quote: "Noooooooooooooooooooooooooo, not this conversation again :-X

*puts fingers in ears and sings to himself*" }-
I apologize for raising this topic. :) I appriciate that you discussed it. Any aspect of Prevx Edge seems to be well-considered. That's good.

As I read your name... The website looks sophisticated and convincing, too. Even the design of the fille-description-pages has benn updated. Well done! :)

And eventually I agree with the others: Edge looks fine as it is.

-{ Quote: "I apologize for raising this topic. :) I appriciate that you discussed it. Any aspect of Prevx Edge seems to be well-considered. That's good.

As I read your name... The website looks sophisticated and convincing, too. Even the design of the fille-description-pages has benn updated. Well done! :)

And eventually I agree with the others: Edge looks fine as it is." }-

No apology needed :) Thank you for your attention to detail! ;D

keep trying different combos but damn, the one staple is Edge. Almost reminds of the old Avira days.;)

This is what I call today's anti-malware. It really whips the llama's ass! ;D

-{ Quote: "The GUI looks great as it is very attractive and easy on the eyes.Whats at most important now is under the Hood so to speak.:thumb:" }-

-{ Quote: "I think the GUI is A-OK also. Wouldn't change a thing." }-

LoL - I go way for few hours, and when I come back I see a discussion about the GUI and colour.

It is moot for me as I have a red-green deficiency. I echo the words of djohn andThreedogi.e...leave well alone.;D

Ok while I was away I uninstalled prevx Edge to try prevx 2.0 but since the focus is edge I will stick with that.I reinstalled it and now I have version 172 what the hell happen.:wacko:

I think there were some problems with Version 180 so they probably reverted to version 172 until they are addressed.

thanks threedog

I have a question regarding the scheduled scan option. Will enabling that option schedule scans using the settings that are defined in the advanced scan page, or does that use different settings?

-{ Quote: "Oh I'm not so sure - brown is very "in" at the moment ;)" }-

don't even think about it! :gack: !!! :P


Mike

-{ Quote: "I have a question regarding the scheduled scan option. Will enabling that option schedule scans using the settings that are defined in the advanced scan page, or does that use different settings?" }-

Hello,
Those settings only apply to the advanced scan page on that one instance. Scheduled scans and the normal 'Scan Now' button both use the Deep Scan.

We currently don't have a way to configure this but it is on the todo list :)

-{ Quote: "Hello,
Those settings only apply to the advanced scan page on that one instance. Scheduled scans and the normal 'Scan Now' button both use the Deep Scan.

We currently don't have a way to configure this but it is on the todo list :)" }-

Thanks. That's what I wanted to know.

-{ Quote: "I think there were some problems with Version 180 so they probably reverted to version 172 until they are addressed." }-

This is correct - we are working on a new version currently, but have temporarily reverted to 172.

You can expect a new version most likely by Monday at the latest.

-{ Quote: "This is correct - we are working on a new version currently, but have temporarily reverted to 172.

You can expect a new version most likely by Monday at the latest." }-
Why, what's wrong with 180?

Cos I've just installed it and re-imaged my system.

Hmm....

- as long as prevx are better than their local 'professional' football team! :)

-{ Quote: "Why, what's wrong with 180?

Cos I've just installed it and re-imaged my system.

Hmm....

- as long as prevx are better than their local 'professional' football team! :)" }-

I'm in the same situation. I'm waiting for the new version.

We're in the process of a number of fixes related to system stability and loading protection on bootup. It's going to take a few more days, but once we finish all of these changes, things will be much more reliable moving forward :)

I've been reading this thread but I still don't understand how exactly Prevx Edge works. Does it still use behavioral blocking like in version 2? Or does it only use blacklisting with heuristics and whitelisting?

Thanks

-{ Quote: "I've been reading this thread but I still don't understand how exactly Prevx Edge works. Does it still use behavioral blocking like in version 2? Or does it only use blacklisting with heuristics and whitelisting?

Thanks" }-

-{ Quote: "Edge is a combination of a few different types of technology. At the heart of it lies our community database, where behaviors from our HIPS component are collected and analyzed. Along with these behaviors, we analyze incoming files against a whitelist and adaptive blacklist as well as a group of heuristics and various metrics to interpret its behavior and determine if it should be trusted or not.

It is not, however, a standard behavior blocker. For instance, while you can't configure it to explicitly block certain disk writes, it will analyze the overall behavior of applications to make its own determination, guided by your settings in the Edge Settings > Heuristics Settings screen." }-

I hope this helps :)

-{ Quote: "We're in the process of a number of fixes related to system stability and loading protection on bootup. It's going to take a few more days, but once we finish all of these changes, things will be much more reliable moving forward :)" }-
Am looking forward to the new release as I am experiencing a number of (random) occurrences when Prevx Edge indicates that real time monitoring is disabled. This can happen either on boot up of the PC or on occasion in the middle of a session...one minute the sys tray icon is green and the next it is red.

I use KIS 2009 (Build 506) as my primary security app so this may tie in with the other posts relating to issue with KAV 2009.

Nice product and I am definitively considering using it permanently, in conjunction with KIS.;)

-{ Quote: "I hope this helps :)" }-
When I start an application, I noticed pop-up's informing me that PrevxEdge is authenticating the various modules that are being loaded. I assume that these files are being checked against the community database and your white/blacklists. Exactly what information is being transmitted in order to check the files? If the file is completely unknown to you, do you take a copy of the whole file and analyse it?

Also, does Prevx offer any protection against keyloggers?

-{ Quote: "When I start an application, I noticed pop-up's informing me that PrevxEdge is authenticating the various modules that are being loaded. I assume that these files are being checked against the community database and your white/blacklists. Exactly what information is being transmitted in order to check the files? If the file is completely unknown to you, do you take a copy of the whole file and analyse it?

Also, does Prevx offer any protection against keyloggers?" }-
My understanding is that authentication takes place only once per file (unless it changes in the future) and there after Prevx Edge 'knows' whether to allow or block, etc.

I've been trying to read most of this thread so sorry if similar questions have been asked. I'm currently running KIS 2009 and SAS with real-time scanning. Which if any does this replace? I'm assuming I could at least dump SAS with this?

Also, I assume this is next to useless without a net connection as the definitions are on-line?

-{ Quote: "When I start an application, I noticed pop-up's informing me that PrevxEdge is authenticating the various modules that are being loaded. I assume that these files are being checked against the community database and your white/blacklists. Exactly what information is being transmitted in order to check the files? If the file is completely unknown to you, do you take a copy of the whole file and analyse it?

Also, does Prevx offer any protection against keyloggers?" }-

Yes, files are checked against the community database and black/white lists. All informations transmitted are only related to the executable itself, exe static infos and a signature we calculate over them.

If the file is unknown, then we also collect a number of behaviors the executable keep inside the system.

We need a copy of the whole file only if strictly necessary, that would mean if we don't understand anything about it by our automated collection informations.

Prevx is able to detect and remove keyloggers as well as rootkits,trojans and other kind of malware.

-{ Quote: "Yes, files are checked against the community database and black/white lists. All informations transmitted are only related to the executable itself, exe static infos and a signature we calculate over them.

If the file is unknown, then we also collect a number of behaviors the executable keep inside the system.

We need a copy of the whole file only if strictly necessary, that would mean if we don't understand anything about it by our automated collection informations.

Prevx is able to detect and remove keyloggers as well as rootkits,trojans and other kind of malware." }-

Thanks for your informative reply.

If the file is unknown then, you initially do not take a copy for analysis but you monitor it's behaviour on the system. Then I assume send the information gathered back to update your database. If you need the whole file because of insufficient information, do you just transmit it automatically? If I wrote an executable that you would never have come across before, would you take a copy of it?

I didn't relialise Prevx Edge would protect against keyloggers aswell. I couldn't find it mentioned on your web site. Probably missed it. Anyway, will have to see how it performs against AKLT.

-{ Quote: "I've been trying to read most of this thread so sorry if similar questions have been asked. I'm currently running KIS 2009 and SAS with real-time scanning. Which if any does this replace? I'm assuming I could at least dump SAS with this?

Also, I assume this is next to useless without a net connection as the definitions are on-line?" }-

In general I have only used KIS 2009 without any other real time scanning given that so far the potential for the real time scanning in KIS and the other application to conflict has been very real.

In response to you question I would say that Prevx Edge would replace SAS in terms of real time scanning but I would keep it for back up, on demand scanning (that is what I do).

Not sure about the online query but believe that not being online does not make Prevx Edge useless as it uses black & white lists, rather it may make it less effective as it cannot keep them updated. But perhaps the Man from Prevx can confirm/dispute that.;D