Introducing, The New Prevx Edge.

that actually sounds like a very good idea, 30 days trial WITH real-time then after the 30 days or however many days u chose, it goes to the on-demand version which is unlimited. that would be extremely helpful for testing.

 

I've sent an email to the license/database developers saying almost exactly this and we should have an answer by the afternoon, UK time.

 

It makes sense to make the product fully functional during the trial. Although average users may not encounter malware during the trial period there are more advanced users who will intentionally throw malware at Prevx Edge to test it's performance. That will make it easy to review and should produce a lot of good PR for the product.

 

If I understand you correctly, the Behavior Blocker is not activated in the trial that I have on my pc.
If that's the case, then I'm suspending TF's protection and will not have active blocking protection?
Also, from what I read above, I'm not able to make 'adjustments' for any single program. Rather, I would need to adjust the slider to make an adjustment that will affect all programs one way or another?
It's nice and light and very fast. It's also easy enough for me to use. But even for my skill level I'm not sure of the benefits.
All in all a very nice job.
Hugger

 

Malware blocking is not active in the trial, however, malware reporting is. So, if you were to get an infection, it would report it but it could still infect you.

You can, however, leave TF enabled - we have not experienced any incompatibilities between Edge and TF, so, I don't think there would be any problems.

To make program-level adjustments, you can use the Detection Overrides feature (found under Tools and Settings) which will allow you to mark certain programs as "Detect" and certain programs as "Ignore".

The benefits are much more apparent with the full version as it will actually prevent the threats which it detects, unlike the trial which passively reports them (but, to give users an accurate measure of the performance, both the free and paid have exactly the same system impact).

 

Hi,

I hardly dare to ask this because I have never used PrevX...

Am I understanding it right that it depends on input from users (like is a file OK or not)?

Is it possible to configure it in a way that I have my own private database of files without sharing it to others (like I do with my file-integrity-checkers)? I'm only interested whether a file has been changed (changed, deleted, new added).

 

Yes, I think this is the logical oversight we have. While normal users will be content with the trial as-is, testing is where the trial licensing model breaks down as it is currently not possible to test Edge's realtime protection without a license (unless you really enjoy getting infected ).

 

This is a good point to bring up. Although we do coin our protection as Community based, it is not based on a community of users, rather, it is based on the user's computers. We do take consideration into when a user clicks Allow or Deny, however, that sends the file into a deeper level of analysis server-side and may require a manual decision in the end.

However, all malware detection is automated. Every user's computer gathers behaviors from suspicious programs (anonymously and the behaviors are mere binary strings, nothing private ) and then the centralized database analyzes the behavior of all programs as a whole, rather than relying on static analysis or more reactive forms of malware analysis.

Therefore, rather than saying that our products are based on the opinion of a community (like other products do currently), we use the community to improve our view on what a program does as many pieces of malware behave significantly differently depending on their environment.

We do not have a full system whitelisting approach like you are describing, but, every file is tested extensively against our database of white/black files and then signatures from programs are sent up along with behaviors to get an in-depth view at what the file is truly up to. This provides more granular insight into what a program actually does and produces far fewer false positives than a plain whitelisting solution.

 

Hi,

Nice to hear that Prevx has once again risen from hibernation. During these sans-prevx period. some amazing products have gained some strong ground, to name few; manutu (a squared AM),threatfire etc.

With this Edge, what actually does it bring about ? Is it actually better than any others ? Can some sum up few ? I think , on this section, we are allowed to make comments such as A vs B. Any one ?

 

After seeing many threads burn to the ground, I'll recommend staying away from A vs B, however, I'll give a conceptual comparison between certain product classes.

Edge's primary detection/prevention benefit is its ability to block new and fast spreading malware unlike other products. With our newly enhanced community view, we are able to track infections as they propagate and as behaviors are gathered, allowing us to block an infection heuristically even if it has only been seen by one user, unlike other antivirus products which require a certain threshold to make an economically beneficial signature.

Other products do have their benefits - behavior blockers, for instance, block behaviors. Edge, however, does not block behaviors and does not intend to. To illustrate an example: if a program adds a run key to HKLM\...\run, Edge would see the change and log it, however, that act in itself is NOT malicious. Behavior blockers may quickly jump on an action like that and report it as malicious, thereby stopping the "infection". However, if a legitimate program comes along and makes the same entry, most behavior blockers will identify the same behavior (as that is their purpose).

Therefore, Edge bridges the gap to try and make behavioral protection available to the masses. Rather than prompting on every behavior, Edge will analyze behaviors in the background, processing and interpreting them and spitting out an easily digestible, easy to understand answer of "No you should not run this" or "Yes, you can run this".

We needed to retool our product set because an extreme vast majority of users outside of Wilders/other security forums have no idea whatsoever of how to configure an antivirus product to work properly and when to answer Allow or Block to a prompt. Behavior blockers in the conventional sense for the conventional user are not a good match - as famously depicted by Vista's UAC.

Rather than relying on the user who unfortunately makes the incorrect decision more often than not, we have automated the entire process from behavioral gathering to program determination and are now providing HIPS/behavior monitoring/blacklist/whitelist protection to all users regardless of their computer savvy.

And, for the techies in all of us, we don't force you to stop using your existing programs. If you want to use Mamutu alongside Edge, feel free to do so. A number of our testers used Edge alongside popular behavior blocking programs without any problems.

I hope that answers your questions. If not, please let me know and I'll clarify

 

Does PrevX Edge sort out issues with Vista UAC ??
Or do I still need to install it with UAC disabled ?

 

Edge does work completely with UAC and on limited user accounts.

Also, before it gets asked: Edge does not work on x64 yet - it is only 32bit for now.

 

That's Great I had a slight grudge against Prevx 2.0 due to the UAC thing.

I think you replied earlier in the thread, itself that 64-bit is not supported. But a new version for x64 will arrive soon
I'll try it out on my Vista 32-bit PC, but would really like the slim protection also on my x64 servers

----EDIT----
Can you also tell me how PrevX Edge 3.0 compares with PrevX 2.0 HIPS ??

 

Hi there,
I'm using Nod32 v3 with OA free (with HIPS enabled) for a while now and also have Prevx CSI installed.
Would Prevx Edge be a "necessary" layer with this resident security setup? Or would it be too much?
Would you recommand Prevx Edge or CSI when already using Nod with OA free + HIPS?

 

Congrats on the release!!!!!!!! Good work by everyone on the Prevx team!!!! After doing plenty of testing over the last little while with it....hope I am allowed to admit to the world I was one of the beta testers .... I feel safe running just Edge on its own.

 

I have to agree that a active trial period is really needed, otherwise you shoot yourself in the foot.

 

me to threedog, after all the testing it was apparent it does the work of all other apps I was using. Well,,,, all but FD-ISR.

 

Uses low resources, seems to be very stable and there are no slowdowns. So far so good.

Tried it on a few recent 'known' malicious files/programs and they have been KO'd.

 

Scanners aren't really my type of security but decided to give it a run against 30 different malwares of which are mainly installers for rogue apps.

 

Great work putting this out.

I know i'll show dumb but i prefer to ask anyway two questions:

1) Edge free version (or trial if you prefer): you don't have realtime cleanup, but you have unlimited REALTIME detection (no block, i understood, but realtime and not on demand for detection). Is this correct?

2) Any known incompatibilities between Edge and PrevX2 and Edge and Online Armor 3(licensed version) ?

Thanks in advance

 

Not bad Franklin. I'd expect a very good AV to get a similar result.

Most users could use it as the resident application. I'd have confidence in installing this on mine, or say my parent/friend's system as the only application. While those who download a lot of unknown content could benefit from using it alongside their AV.

But as it's so light, using a layered approach with say firewall, HIPS and so on, Prevx should do nicely.

 

Sorry for being a bit late on the scene this morning, a bit late getting to bed here in the UK last night after waiting for the release
My thanks to Prevx Help for the privilege of being included in the beta testing, it didn't last long but the fact that the final release came so soon shows how stable it is. The real work had already been done before we got our hands on it.
I tried it alongside GeSWall, DefenseWall, and several others including HIPS with no sign of any conflict at all.
As trjam has already said, you really do not need anything else. I now have just PrevxEdge, RollBack Rx ,Windows XP firewall and a router, thats it

 

If you want, just send me the 6 samples undetected along with the Edge log and I'll take care of adding them immediately

 

1) Yes, correct

2) We aren't aware of any kind of incompatibily between such sofwares

 

Ok, i don't quite understand it but is it like this:

Prevx Edge does not detect malware in real-time
Prevx Edge detects malware during on-demand scans but does not rmeove it
Prevx Edge never expires