Introducing, The New Prevx Edge.

Eh, already uninstalled. I'll check later.

 

Hello,

I just purchased a 2 PC license for EDGE (for a cheap ba%$#rd like me that's something but I digress) previously only purchasing SAS Pro. While I should've asked the questions before purchase I jumped in on faith based on what I've read.

I am trying to understand how EDGE works by using a 'community threat database', does that mean once some unlucky person or persons gets nailed is that malware then added to the EDGE database for other users? If not, then wouldn't simply using heuristics be enough?

I had been using Threat Fire free which also used a community database for the free version but once a license was purchased you no longer had to rely on the database (from what I understood anyways).

Am I correct that both programs are both attempting to do the same thing and if so why is EDGE better?

I'm also currently trying Dr. Web Security Space and would like to know which program (Dr. Web or EDGE) would intercept the various malware first regardless of how it's delivered as they both advertise protecting against basically the same things.

 

Hello,
Edge is different from other security products because it uses heuristics, blacklisting, whitelisting, and server-side analysis all within the server centrally. It's able to aggregate data from every user and analyze it centrally and then return a response which takes into account all of this information rather than just the data known to the local computer. I'm not sure what Threatfire does with their community database but I know some programs say they have a community database when they are just taking the answers from users (allow/block) and tallying them and then returning a response based on that. This is the complete opposite of how Edge works. Edge analyzes the characteristics/behaviors/etc. of a file from across the community and then returns a response irrespective of what users have said in the past (granted, user input is sent to us but it is entered into a manual queue and our researchers take care of them on a case-by-case basis )

With our new centralized analysis in Edge, even the first user to ever see an infection is almost always protected. It isn't 100% perfect (if anyone says their product is 100% perfect they're lying ) and detection does get better as more users encounter a file/encounter behaviors of a file but the first sight detection is quite good in its own right.

With Dr. Web and Edge on the same computer, Dr. Web "may" see the infection first or Edge may see it first - it really depends how the file is accessed and where it loads. Edge focuses primarily on loading code which dramatically reduces its footprint and system impact and I believe Dr. Web scans every file on open regardless of its intent so Dr. Web may catch it earlier but only by a fraction of a second and either way, Edge would gain control of the file before the OS ever had a chance to give it control so you would always be protected

Let me know if that helps or if you need any further clarification!

 

Wow that was fast! I appreciate your explaination which was very helpful (not only to me but to prospective purchasers as well), along with your honesty in that NOTHING is 100%.

One thing I've noticed with the http scanning of Dr. Web is while not terrible I do notice a slight slowdown of page loads, not a deal breaker but noticeable. Sans an http scanning AV will EDGE protect against those type of 'drive by' threats, if so does it detect the threat the instant it starts to go into action so to speak?

 

Yes, that is correct If an http driveby attack would try and touch the system at all, we would block it immediately

 

I just downloaded Edge to try it out briefly. Prevx Edge is detecting the program System Information for Windows (latest version) as a rootkit. MBAM, SAS, and VirusTotal all say the file is clean.

 

Hello,

please can you send me prevx log at falsipositivi [A-T] pcalsicuro [DOT] com?

Thank you for your help

 

Excellent, thanks!

 

Joe can you say when you will have a File upload system setup on the Prevx Website?

TH

 

I'm not sure at this point. However, I will check in tomorrow with the web team to see what progress has been made

 

Log sent. I hope I sent the right log as I am unfamiliar with Edge.

 

Are you using the latest version of this software?

Anyway, the problem should be fixed. Please check again and let me know

Thank you

 

Or even build it in my Prevx for licenced users. Or what is best!

TH

 

Speaking of MyPrevx, I was trying to manage my license (delete a host and reinstate another), but it won't let me. I constantly change from Vista to XP (and vice versa) on the same PC. Does that require me to have two separate licenses?

Thanks!

 

Hello,
Yes, this would require two separate licenses - we limit license movements between PCs/OSs and we consider each OS install as a separate PC.

 

Joe I'm having trouble Right Clicking and scanning a single file it does a full system scan instead.

TH

 

I have the latest version of both System Information for Windows and Prevx Edge.

Yes, Prevx Edge now shows the file to be clean. What caused the FP? Heuristics?

Anyway, thanks for the fast response.

 

I reinstalled and it's working fine now

TH

 

Hmm, I just tried it here and it worked fine. Could you try rebooting and see if it still happens?

 

not sure if it is a false one. Can you take a look, thanks.
Heuristics Settings: Age: 1, Pop: 1, Heu: 2 (Dir: 1)
Last Scan: Thu 2009-03-05 13:12:01 Romance (standaardtijd). Number of Scans: 156. Last Scan Duration: 2 minutes 26 seconds.
[D] c:\windows\system32\drivers\epfw.sys [PX5: 9286F525887A9E78FFE20190A0E7E1004CE241DA] Malware Group: Community.OuterEdge
[D] c:\program files\eset\eset smart security\drivers\epfw\epfw.sys [PX5: 9286F525887A9E78FFE20190A0E7E1004CE241DA] Malware Group: Community.OuterEdge

 

Fixed (well, it was fixed automatically )

 

Please dont use my current setup, i have a patent on it however combining SAS,PxE n DrW would be a helluva setup About the surfing slowdowns id report it with their support as your not alone while supposedly it is claimed that it isnt possible.

 

Hi Joe,

I try to scan MY Computer and it does not do a full scan any suggestions? Or even when I try to scan C drive or D drive it does not do a full Drive scan.

TH

 

Hmm It should, I'll look into it