I have a laptop with Vista Premium 32, antivirus NOD32, windows firewall.

What is the best choice?
PrevX Edge or Defensewall?
Both are HIPS? Sure?

??? ??? ???

prevx and defensewall have different concept

defensewall is sandbox style hips
prevx is intelligent hips and it has malware database

i choose defensewall

my vote goes to DW

one more for dw from me

And another for DefenseWall.

I'd go for Malware Defender :)

Comodo Leaktest 280/320 I might have some settings wrong but still nice result. =)

Defensewall was 120/320 just installed DW and tested.

One for PrevX Edge.

This Comodo leak test is not reliable.

On my system I got 220/340 with Defensewall v2.45 on Windows XP.
Used version: COMODO Leaktests v.1.1.0.3.

-{ Quote: "I'd go for Malware Defender :)

Comodo Leaktest 280/320 I might have some settings wrong but still nice result. =)

Defensewall was 120/320 just installed DW and tested." }-


When you tested Defensewall, did you run Leaktest as untrusted?

Last time I tried this with DefenseWall the score was 280/320. But as others have pointed out, the test gives inconsistent results.

Using Prevx here. :)

Since you already have NOD32 a good AM scanner, my vote would be for DW.

-{ Quote: "When you tested Defensewall, did you run Leaktest as untrusted?

Last time I tried this with DefenseWall the score was 280/320. But as others have pointed out, the test gives inconsistent results." }-

With Defensewall everything should start as Untrusted unless marked as trusted right? But it was started as trusted ... don't know why it did... any reason it would run as trusted?

and while testing the first time DW crashed on me O_o


What should I use to test my HIPS?

-{ Quote: "With Defensewall everything should start as Untrusted unless marked as trusted right? But it was started as trusted ... don't know why it did... any reason it would run as trusted?

and while testing the first time DW crashed on me O_o


What should I use to test my HIPS?" }-

Everything downloaded should be marked as untrusted. What did you use to unpack the zip file? Whatever the cause, it would be best to post over at the DefenseWall Forum (http://gladiator-antivirus.com/forum/index.php?showforum=193). Ilya is VERY quick to respond to issues!

-{ Quote: "Everything downloaded should be marked as untrusted. What did you use to unpack the zip file? Whatever the cause, it would be best to post over at the DefenseWall Forum (http://gladiator-antivirus.com/forum/index.php?showforum=193). Ilya is VERY quick to respond to issues!" }-

I use 7-zip

-{ Quote: "I use 7-zip" }-

DW supports 7 zip. Best to post all the details at the DW forum so Ilya can sort it out.

The crash you had was most likely due to the GUI crashing. This has been an issue for some. It looks like this will be fixed shortly.

-{ Quote: "DW supports 7 zip. Best to post all the details at the DW forum so Ilya can sort it out.

The crash you had was most likely due to the GUI crashing. This has been an issue for some. It looks like this will be fixed shortly." }-

Yes, the GUI crashed. The service remained but it doesn't make you feel safe if you can't see what it's doing :P

I vote for both :thumb:

Go with Defense Wall.
:thumb:

-{ Quote: "I'd go for Malware Defender :)

Comodo Leaktest 280/320 I might have some settings wrong but still nice result. =)

Defensewall was 120/320 just installed DW and tested." }-

might be something wrong with what ur doing, plus CLT isn't a reliable test it seems, but i got 300/340 when i tested it.

Between Prevx & DW, I would choose SandboxIE.

-{ Quote: "Between Prevx & DW, I would choose SandboxIE." }-
I'll go for all three.

-{ Quote: "I'll go for all three." }-

Haha. And how they do compliment each other :thumb:

Like a threesome

My ranking

1. DefenseWall

Reasons:
a) Because Ilya has implemented all my resource protection extra's as default. So out of the box you will get a sharp edged fine tuned near to zero pop-up HIPS.
b) A Policy HIPS uses rights management to protect you. Great thing with DW is that even harmfull files downloaded can not do anything as long as they are UNTRUSTED. FIles downloaded by internet facing programs are untrusted by default, so no worries. Malware will remaine paralised (can do NO WRONG) until your ANti Virus has it in its blacklist data base.

Bill and othe Sandboxie fans: THIS IS THE GREAT ADVANTAGE OVER SANDBOXIE. Suppose you take a harmfulll zero day malware OUT OF the sandbox. Because it is zerdo day yoru AV won't recognise it. BANG YOUR SCREWED. DefenseWall is monkey proof, meaning user erors are very unlikely.

2. EDGE
Reasons:
a) Their first implementation (PRevX 1 and to a lesser degree 2) of using all instruments was a bit of a mixed bag. The latestst EDGE already provides the same tracking mechanisme of ThreatFire (reason why TF not always reacts as soon as f.i. Mamuto) and also provides an automated roll back option (DefenseWall has a manual option).
b) EDGE will in future provide an UNDO (so old values will be restored like in SPyberus). Meaning a repair action can be initiated from the intelligence at central PrevX servers. I think their technology will provide a low user interaction solution. When they are able to implement their vision, it will be one of the best security products around.

3. Sandboxie
a) On par or stronger defense strength as DefenseWall (currently stronger than Edge). Pitty it is not user fool proof.
b) The easy flush the toilet option (delete Sandbox contents), as long as the (knowledgeable) user does not moves the **** out of the toilet, SBIE is a near 100% safe solution. Inmy opinion this is the Achilles weak spot of SBIE: moving **** out of the toilet. Becasue SBI is poistioned as a zero day protection, no AV will warn you when you move **** of the toilet. So that is a fundamental weakness of virtualisation applications like SBIE. SBIE should implement Spyberus like mechanismens to compensate these user initiated errors.

When you read Chrome's technical documentation, you will notice that the sandbox implementation is based on policy like DW (not on virtualisation, like SBIE). PS: I am not against virtualisation, as long as it is used in Endpoint solutions at the speer head/disambarkation points of corporate networks.


I never understood why people wanted to use DW and SBIE alongside. Lately I began to undertsand that the easy toilet flush option (of SBIE) and the untrusted safety net (of DW) when moving something out of the toilet is the argument of those double secured PC enthousiasts. Although being a firm opposer in the past, recent development directions of PrevX has made me see the benefits of such a combo, so I stand corrected on this topic.


Cheers

-{ Quote: "

I never understood why people wanted to use DW and SBIE alongside. Lately I began to undertsand that the easy toilet flush option (of SBIE) and the untrusted safety net (of DW) when moving something out of the toilet is the argument of those double secured PC enthousiasts. Although being a firm opposer in the past, recent development directions of PrevX has made me see the benefits of such a combo, so I stand corrected on this topic.

Cheers" }-
Nothing more satisfying than a good flush to get rid of all that internet crap. DW + SBIE combination works well for me with SBIE used for browsing and DW for everything else. Anything recovered from sandbox is automatically untrusted by DW as you say.

If I had to choose between DW and Edge, DW would get my vote. The protection is powerful yet remarkably quiet. If I get a DW pop-up, I know it's serious. Ilya's support is second to none. He has spent many hours helping me out with problems in a way that nobody else would. Edge offers something a little bit different that shows promise.

-{ Quote: "Yes, the GUI crashed." }-
I just uploaded pre-2.46 version. With it, GUI is not an issue anymore. At least, I can always fix it up. :)

So the new GUI is working?

Happy new year to you and your GUI subcontractor ;)

-{ Quote: "So the new GUI is working?" }-
No, it's skinless.

It's naked ;D

It is much better looking.:D

Agree :D

I will wait to install it at my Mom's PC (she is 75) I learned here to hit the red button before doing web based purchases. There is no red button anymore 8)

-{ Quote: "Nothing more satisfying than a good flush to get rid of all that internet crap. DW + SBIE combination works well for me with SBIE used for browsing and DW for everything else. Anything recovered from sandbox is automatically untrusted by DW as you say.

If I had to choose between DW and Edge, DW would get my vote. The protection is powerful yet remarkably quiet. If I get a DW pop-up, I know it's serious. Ilya's support is second to none. He has spent many hours helping me out with problems in a way that nobody else would. Edge offers something a little bit different that shows promise." }-


Agreed, I love the combo as well. On topic, I would vote for DW. :thumb:

I already thinking about the "big red button". I definitely will do something with it- tomorrow.

-{ Quote: "I already thinking about the "big red button". I definitely will do something with it- tomorrow." }-

I wonder if there's a way to put a button on the taskbar that we could just double click, and that would automatically stop attacks just that quickly.
Happy New Year.
Hugger

-{ Quote: "I wonder if there's a way to put a button on the taskbar that we could just double click, and that would automatically stop attacks just that quickly.
" }-
There is "hotkeys" right for it. Default one for "Close all untrusted" is Win-Alt-A.

-{ Quote: "No, it's skinless." }-cool;) good desicion ilya:thumb:

plus you can right click the dw tray icon and select it from there...could colour that one too i guess,but having to do 3 clicks instead of 1 or 2 is not a problem(for me at least).