Introducing, The New Prevx Edge.

Interesting that the only option is to allow. Could you send a screenshot of KIS's detection? This might help us narrow down the problem with them

 

Oops.. forgot to take one and it hasn't come up again. Will be sure to take one if I see it again.

 

Well I have changed changed my security set up.
Avast Free edition and as of tonight Prevx Edge paid.

Ran it though first bit of malware and detected it as a worm. Really seems super software.

Cheers

Jlo

 

Totally agree. That is why I now feel using a product like Edge in conjunction with a sandboxing product is about as good as it gets, or as simple. Sandboxie keeps it contained, while Edge alerts me to any detections. Along with protecting other ways on entry besides my web browser. The 2 applications are about as light as you can get without the massive signature database of a AV stored on my PC. My version is working very good together, PH.

 

No problem We'll check if we can reproduce it here as well to see if there is something easy to fix with them.

 

Great! Let me (or one of the other Prevx representatives know if you run into any trouble )

 

Hmmmmm trjam is copying my setup.

 

Great AV databases are definitely not turning around in size any time soon either. It really is much faster and smaller (once the technicalities are solved) for the AV company to hold all of the definitions/whitelist/heuristics/etc. instead of trying to download the whooole database to the user's computer.

 

Hmm, with a few extras.

 

also, id like to know the difference between the scans.

the scan from the main GUI 'scan now' scans my machine in just 33 seconds, 15,000 files, is this the deep scan?

full scan did 111,000 files in 11 minutes.

is the deep scan only detecting active running processes, i doubt this though, as malware i simply place on my desktop that shouldn't be active gets detected in the main GUI scan.

 

And to add to C.S.J.s comment, just what happens when you tic the box to use Smart Scanning.

 

I'm sorry but with the number of posts I may have missed the answer, so I ask the question which is: How much protection do I have if I'm not connected to the internet? I'm on dial-up and so I download new programs, disconnect, and while not connected I switch to a test snapshot (First Defense - ISR) and install the new program and then run it. If I like it I copy to the primary snapshot if not, I copy primary to test and the programs gone. So, in theory, I should be OK even if not connected, but does Edge provide some protection while I'm doing this?
Jim C.

 

(If you missed my post, I responded )

To respond to this question: The Deep Scan is identical to the scan in the front screen which is labeled Scan Now. We highly recommend this scan as it will thoroughly check for rootkits living in the disk/registry/memory, active malware, malware that can load on bootup, and inactive malware living in common places on disk.

However, it does not go through your entire system, looking at every file as this is mostly unnecessary. This is where the full scan comes in.

The full scan will go through every individual file on disk. This may lead to finding slightly more pieces of malware but all of those samples would be inactive and the malware would not actually be infecting the computer (rather, it is just left-behind pieces that were missed but are now dormant). We generally don't recommend running a full scan as it takes quite a while to complete (just because of how much data it has to sift through) and it has marginal benefits over the default scan.

Answering trjam's question: Smart Scanning looks at file characteristic metrics to scan quicker by eliminating the need to scan for certain types of threats on certain systems/setups. If you are actually looking to test the effectiveness of Edge against a broad range of malware on a system which may or may not be affected by that malware, we recommend against checking that box (which is why it is off by default to prevent confusion), but, if you are actually using the full system scanner on a normal computer in a normal environment, it would be rare that something would slip past it that would be actually able to infect the system.

Also, just in case anyone has missed part of the thread, the best way to check Edge's detection is to run the malware (under a virtual machine of course ) as this will catch pieces of malware that wouldn't normally be found in a simple on-demand scan.

 

Apologies for any redundancy, but on the Prevx site it says that Vista is one of the OS that PE requires, but you also state in this thread here that:

---Edge does not currently support Vista or XP x64 and it won't work correctly under WOW64. We are adding this, but it is a slow and grueling process. ---

Can you please clarify suitability for Vista again?


Thanks in advance,
Mark.

 

Ah, that is not clear at all. Edge does not support Vista x64 or XP x64.

It works fine on the 32bit versions. Thanks for pointing that out I'll try and find that post to clarify it via editing

 

well, in my little test.

prevx detected 50% by the scanner alone, and a further 40+ percent with the behaviour-based technologys.

so, you think a 90+ percent would be a good target to start with for EDGE?

as for your other post (yeah, i did miss it ), i still think you should allow it to be tested against the traditional AV products, people will understand its a different kind of product and that the detection is based on the scanner-alone, i just think it would be very curious to see those kind of results.

and something totally off topic, you a brit? or working in brit?

 

Thanks very much for the amazingly quick reply and for the info...

Best,
Mark.

 

works great here on Vista x86

 

Some of Edge's engines will work offline, however, to maintain maximum effectiveness, most of them do require a consistent internet stream (broadband/dsl/etc.) Prevx is not a very dialup-friendly technology and when it was first pioneered, there were far fewer broadband users so it was initially discredited as a viable solution.

So, for you, I would recommend scanning+starting to install the program before disconnecting from the internet, then, after you see the "Authenticating New Files" popup disappear, you should be fine to disconnect and stay safe.

 

Great thanks - looking forward to checking it out.

Mark.

 

I just purchased Edge as a replacement for MBAM. But, I am having issues with it. As I described before everything is slower to initialize. I am even noticing dramatic differences in the amount of time it takes to image my active partition with Drive Snapshot; it used to take just under three minutes and now it takes nearly fourteen. Verifying the images is also very slow. Has anyone else experienced this?

 

I'll have QA take a look at it in the morning, but I'm surprised there is that significant of a difference as Edge does not scan files as they're created, only as they're loaded.

Drive Snapshot could be doing some strange when copying files of course, but I somewhat doubt it. I'll let you know what we find by doing side by side comparisons of having only Edge installed versus not having Edge installed at all and see if we can get a fix out if there is some incorrect behavior going on.

 

One more thing, if you wouldn't mind. I have a partition that I store DS images on (Z). That partition is setup to be hidden under My Computer (so that only I can access it). But with Edge that partition keeps being 'unhidden' when I scan.

 

Is the partition "unhidden" when you click "Add File/Folder" or during the actual scan itself? We scan drives regardless of if they are hidden or not just because malware has recently been hiding drives frequently, so, we don't want to run into the case where malware hides the C drive and then none of the system files are scanned

 

That was my mistake. This seems to be happening upon cleanup, not scanning. As far as my scanning settings are concerned, I use the default 'deep' settings.