Introducing, The New Prevx Edge.

Discussion in 'Prevx Releases' started by trjam, Nov 13, 2008.

Thread Status:
Not open for further replies.
  1. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    yes.


    Mike
     
  2. simmikie

    simmikie Registered Member

    Joined:
    Nov 11, 2006
    Posts:
    321
    okay i am sure this has been explained already, but i'm just not getting it...so bear with me...please.

    how can one tell if Edge is blocking from the white/black list, or when it's blocking from intelligence?

    as from what i understand P3's big advantage over P2 is the advancement of it's hueristics and sandboxing technology. i would like to see Edges behavioral analysis at work. is there any way to singularly test it?

    for example when i decided not to renew my license for P2, i knew i still needed something to cover my often erroneous decision making at the HIPS pop-up. my first solution was Threatfire (for around the 8th time) but then after testing A2 Anti-malware on a different snapshot against Threatfire with identical samples of malware, A2 blocked on more single behaviors than did Threatfire (not bashing TF, just recalling my observations on that day with a relatively small sampling of malcode). the point is, i was able to see A2 in action so to speak and see what behaviors A2 considered dangerous. subsequently, in spite of my favorable impressions of it's malcode thwarting abilities i was/am glad to see it off of my system. welcome back Prevx.

    so, how can i raise the hood and peek in??


    Mike
     
  3. QBgreen

    QBgreen Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    627
    Location:
    Queens County, NY
    V. 3.0.0.188 is now available. I wasn't having issues with v. 3.0.0.180, but I updated and things are running smoothly.
     
  4. rendez2k

    rendez2k Registered Member

    Joined:
    Aug 3, 2007
    Posts:
    315
    Location:
    UK
    Where is 3.0.0.188 from? Just re-downloaded and its still 172
     
  5. denis

    denis Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    182
    yep, it is the new one:)
     
  6. doktornotor

    doktornotor Registered Member

    Joined:
    Jul 19, 2008
    Posts:
    2,047
    You need to clear your browser cache. This is exact same issue with tons of vendors who fail to include versions in filename. :(
     
  7. rolarocka

    rolarocka Guest

    Is it safe to install over the previous installation?
     
  8. hammerman

    hammerman Registered Member

    Joined:
    Jul 14, 2007
    Posts:
    283
    Location:
    UK
    I installed over previous version and everything seems OK.
    Don't know why Check for Updates didn't work though.
     
  9. hammerman

    hammerman Registered Member

    Joined:
    Jul 14, 2007
    Posts:
    283
    Location:
    UK
    Is there a log of Edge activity anywhere and can the 'authenticating file' pop-up's be disabled?
     
  10. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Under "Tools and Settings" there is an option to save scan results. That might be what you are looking for. Not sure on the other.
     
  11. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Hello everyone,
    We have released v3.0.0.188 which now corrects the issues with loading on bootup, various AV compatibilities, self protection, and a handful of other bugs. It currently is only available to new users but it will be out for update soon.

    You can download it from http://info.prevx.com/downloadedge.asp.

    Please let me know if you have any problems!
     
  12. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    We don't have a way of disabling the popup, but we will add it in as an update soon. We also don't log everything chronologically, however, as Threedog said, you can save a scan log which will contain a majority of the files we've looked at during the analysis process.

    Let me know if you have any questions :)
     
  13. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Hi All,

    Really so impressed with Edge. I found a new downloader which was not detected by Prevx Edge (Did a manual scan and showed file as clean)

    Was going to send in the file but decided to run the file in Sandboxie explorer. As soon as it was double clicked on the file was blocked. Afterwards i did a manual scan and guess what, its now detected as 'Comunity outeredge' however when I visit the webpage for more info it says the file is currently being reviewed.

    Says first seen in Uk and spain on the 23rd November so it much at triggered the heuristics.

    Nice work.

    Can I ask what a 'Comunity Outeredge' detection is?

    Many Thanks

    Jlo
     
  14. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK

    Great to hear :) Community.OuterEdge is one of our heuristics, primarily configured by the "Age / Popularity" measures on Edge Settings > Heuristics Settings. This finds programs which appear to be on the "outer edge" of the community - ones that are extremely unpopular and contain suspicious attributes. The file is still being "currently reviewed" because the website doesn't have all of the heuristics that the client has - the website is for mostly "cut and dry" determinations.

    Let me know if you have any questions :)
     
  15. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Interesting. Am running 172 but am able to uninstall with no ill effects (in fact KIS forces me to uninstall Prevx every time I want to update KIS). I have an Exclusion rule set up in KIS to handle PXARK.SYS. If you are using KIS do you have the same or could this be the casue of the issue...in some way.

    I will try it with 188 and see what happens.
     
  16. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    There is no singular way to test the heuristics - as jlo just discovered, it is generally easiest to test it against real malware in the wild. The problem is that the behaviors that occur on your computer are aggregated against every behavior in the community, so, the malware might not be blocked because of the "Registry bootup entry" behavior on your computer but it is blocked because of the "Start Global Thermonuclear War" behavior found on a computer somewhere in another country :D
     
  17. jlo

    jlo Registered Member

    Joined:
    Nov 29, 2004
    Posts:
    475
    Location:
    UK
    Brilliant. Got mine both set at 'medium heuristics' so has done the job. On the Prevx website where it shows the file I have flagged it as Bad.

    Cheers

    Jlo
     
  18. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Just installed 188 with no problems. It was an over the top install. Have run a scan and it appears to be faster than with 172. Boot up seems on the face of it to be the same. Just now need to monitor for those 'Prevx is unable to start and requires a reboot' events that I have sufferred from in the past.

    Well done the Prevx Team...seems to be a good'un!:thumb:
     
  19. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Great :) Thanks for the testing. We ran hundreds of boot cycles with 188 and have not experienced the problem again so it does appear to be fixed.

    If for some reason it does fail, wait a minute or two - the process will automatically start up soon after it should have if for some reason it doesn't :) (just as a failsafe in the event that something stops working)
     
  20. rendez2k

    rendez2k Registered Member

    Joined:
    Aug 3, 2007
    Posts:
    315
    Location:
    UK
    New version all good here so far too.

    It found an FP which I told it to trust, but now the icon is red saying a threat has been detected which obviously it hasn't! How do I clear the warning?
     
  21. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    I think that if you relauch a scan it should come up clean (if you have advised of the FP and can see it recorded in Detection Overrides) and the icon should go back to green.:D
     
  22. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK

    As Baldrick said, you can rescan and it will reset the status to green :) Also, could you PM me the incorrect entry from the scan log (Tools and Settings > Save Scan Results) so I can correct it in the database? :)
     
  23. Clive T

    Clive T Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    189
    Location:
    Kent, UK
    Not here it's not.
    V172 has run flawlesslessly on this system (with no other security software on it). However, v188 has exactly the same issue as v 182 in not starting up at all. I've rebooted the damned machine five times now and Edge still won't start up.
    I'm reluctant to reimage my system yet again to accommodate this one prog and I don't have a link to v172. Could you tell me where to download it please.
     
  24. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,674
    Location:
    South Wales, UK
    Hi Clive

    I still have a copy. If you want it then PM me and I will email it to you.:D
     
  25. Clive T

    Clive T Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    189
    Location:
    Kent, UK
    @ Baldrick.
    Thanks - I might take you up on that but see the following first!

    @ PrevxHelp
    Since my post above I've:
    - Uninstalled Edge
    - Rebooted to safe mode to install v188 unsuccessfully (the installation crashed with a MS error message)
    - Rebooted to normal mode and installed v188.
    - During its initial scan it found an 'infected' file at windows\system32\msscript.ocx - which I believe to be a legitimate file. I let it clean it and entered an endless loop of "infected file found" - clean - scan - clean - scan etc.
    - I got the hump and restarted the PC and Edge now seems to have settled down. This is hard work!

    Edited for typo
     
    Last edited: Nov 23, 2008
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.