Introducing, The New Prevx Edge.

Has anyone seen this review:

http://www.youtube.com/watch?v=8bNWR5xVyFA

Could someone from Prevx comment? Im not sure how valid this test is as I believe Edge works with live / real infections, but I would like some feedback from Prevx themselves on this for peace of mind (I use edge!)

 

Edge's on-demand scanner is about 2/3
If you execute new viruses, then EDGE's heuristics and stuff comes into live and will show it's performance!
Like if he execute all of these undetected ones and scan after that, result will be different.
PrevxHelp will explain with more details.

 

The tester used to post here, probably still does. From memory, used Drive Sentry (in his signature).

Back to the video, the remaining files should be launched/run for prevx edge to detect and clean.

Look at a more accurate way of testing, see:
http://www.pcsecuritylabs.net

Latest report:
http://www.pcsecuritylabs.net/document/PCSL200903report.zip
Wilders thread
https://www.wilderssecurity.com/showthread.php?t=237869

You'll notice some security programs will have a low right-click and scan detection rate - 'static testing', but pick-up the remaining files when launched - 'dynamic testing'.

Just look at twister AV, had the second lowest right-click and scan detection rate, but when the malware files were launched, twister picked-up hundreds more bringing it at almost top of the list.

Maybe Joe can send 'Jeff' from PC Security Labs a message and organise prevx edge to be tested in the future. At least PC Security Labs has the right idea, to not just 'right-click' a folder and scan, but run/launch the remaining files. And that's where prevx edge's strength is.

 

Thats not a test, thats just a pointless demonstration is all, anyone anywhere can/could/will do this and always get varying results.

Scanning a folder full of files is about the worst possible way to test any Antivirus/Antimalware application.

The test are out in the field in the realtime nastiness of the internet.

Edge is just a portion of a greater whole and that video is no way to test real time disc and behaviour monitoring it provides.

Dont get me wrong, Edge isnt perfect nor does it claim to be but the video just isnt an accurate reflective test of but one thing, some poor chaps misconception of how to make drive sentry look good.

 

Don't you just get fed up with these pointless tests? The person carrying this one out obviously did not bother to understand what Edge is AND how it works, hence the comment of 'just a glorifed CSI scanner' and a 'rehash' which as we know it definitively is NOT.

Best IMHO to ignore this sort of supposed test and leave the publication of tests to the professionals. Hmmmm!

 

Yes, Im sure Edge will pick up more if they try to execute, but, my worry is that it does not pick them up whilst they just sit there / are accessed or moved about the system. My concern is that I have Edge as my sole AM and therefore, there is a possibility that if I receive malware that is not run, say in an email or disk etc, that without knowing, I could then send this to someone else and infect them.

Do Prevx have any plans to introduce on access scanning - as this test shows it does not detect in this way as yet.

 

Retadpuss, you are fine having it as your sole AM.

Besides, scenarios aside, no one is going to give unknown 'programs' to someone else without running the files first.

eg. 'Here's a file I downloaded from somewhere, from some site, haven't run it, but here you have it'....or...'Here's an email, check the attachments, cause I haven't'.

That's not gonna happen in the real world.

But if you want prevx edge to have a large signature database, that defeats the purpose of its 'in the cloud' scanning, checking a file that's run on your system with the prevx server.

A standard anti-virus on the other hand, means you'll have updates each day, more files on your c: drive, and longer scans slowing down your system. And you won't have the benefits of this local file/server checking that prevx edge brings.

 

What if - for example, someone knowingly sends me malware via email - say, one of thise Edge did not pick up in the youtube test. I know edge will probably save me if I try to run it, but Its going to offer no protection unless i do run it and in that case, I can infect soeone else. its just a worry as I use my system for business and obviously, dont want to expose clients to any risk.

 

On the one hand you are very serious about your clients and then you send e-mails to them without even checking the content? The reasoning does not really fly...

Fax

 

I may be wrong, but until that malware piece hasn't been executed, you are not infected.
Also, if someone else who have PE and run that malware, then you will get almost immediately protection against this threat (via scanner too)

 

Agreed...and that is the basis that Edge works on as far as I am aware. Joe, would you be able to 'officially' lay this one to rest?

 

With respect, you miss the point. With Edge as your only protection, it is not possible to "check content" properly as scanning a file does not mean it is clean (shown in the video). The only way to know would be to run the file and HOPE edge picks it up if it IS malware. It is NOT practicle to run or install software just to check if it is safe.

Given the fact Edge only seems to be effective in protecting an actual INFECTION on my system, Iwould argue I need to reinstall my AV as well - which will scan on access / email etc as I cant afford to expose clients to risk.

I like the idea of edge, but until it has on access protection, I cant rely on it - or so I feel.

 

This is turning into a 'what if' soap opera.

What if your client sends you malware their AV misses, but prevx edge picks up?

Response: You'll tell them their 'files are infected'.

Now going back to your example, first, you're assuming people don't have an AV or scanner. But if you send files to a client and one is a piece of malware, if the malware didn't run on your machine, how on earth is it going to run on your client's machine? Are they going to click on every file for no reason?

For example, do you know if all your system folder's files are clean? Have you clicked and tried to run each one?

I haven't! Nor does it worry me.

 

Also, saying you can't rely on it, when nothing has ever happened shows a lot of doubt.

What if you go back to your AV, and many aren't so good with spyware or rootkits (prevx edge's strength), and what if you send them a possible rootkit your AV didn't pick up?

 

Also, he did a quick scan. It may no fully scan system32 folder.
He would try latest version with right click scanning.

 

The fact remains, Edge wont prevent malware being sent from your PC. This is a major failing of the product. End of.

 

Neither will an AV or suite that does not have that feature or has that feature turned off either by default or by the user.

This is turning into a pointless discussion IMHO given that Edge does what it says on the tin...it has never, ever been suggested by Prevx as far as I know that it is an AV replacement but rather a complementary app (hence why so much trouble has been taken by Prevx to make it probably the most compatible of apps when run with the mainstream AV/Suite, etc. out there...and they have been very, very successful in that endeavour, again IMHO).

Those who are not happy with the way it is are under no duress to use it. End of!

 

But that's a 'blanket' statement you're using - 'edge won't prevent malware' - all from one small test.

You checked where those 200 pieces of malware came from? 80 of them might be actually malicious, rest might be pieces of cr@pware that do nothing.

And ask yourself, what are the chances of coming into contact with those 200 files, out of several million or more problem files.

And those files might have been taken from crack gaming sites - hardly anyone visits.

Me, I'm more interested in the problem stuff that's circulating today. That you can download now. That's up right now on sites. Not some old cr@pware saved up on some guy's drive.

Anyway, each to their own, you've already made your mind up from one small test. One last note, no product is going to give you 100 per cent protection, so if you're disappointed by prevx, you'll be disappointed with your AV.

 

http://www.youtube.com/user/PrevxResearch
http://www.youtube.com/watch?v=AAx6Y2MW_uA
Look these videos. They will show Prevx EDGE's real power

 

I understand how good edge is -Im a registered user. My point is that unless it has realtime on access scanning, it cant replace an AV. I wish it could as I dont want to run a seperate AV as well. It is NOT enough to protect my system. I need to know Im not passing on junk to other people.

I will wait for a reply from Prevx to see if they are going to be adding this.

 

I don't think that they will as they are not trying to create an alternative to an AV. That has always been my understanding to me in my conversations with Joe.

I run KIS AND Edge. To me the combination is perfect and as light as a feather on my rig.

But, as you say, lets see what Joe comes back with on this one.

 

Retadpuss, I understand your concern, but wait till Joe responds before coming to a definite conclusion.

Just for general interest, many of us recently were installing problem programs that many AVs missed. These files were appearing on active sites. Prevx did quite well.

Problem 1:
https://www.wilderssecurity.com/showpost.php?p=1398592&postcount=1
https://www.wilderssecurity.com/showpost.php?p=1398726&postcount=34
https://www.wilderssecurity.com/showpost.php?p=1399640&postcount=52

And another:
https://www.wilderssecurity.com/showpost.php?p=1401349&postcount=85
https://www.wilderssecurity.com/showpost.php?p=1401395&postcount=111

And another:
https://www.wilderssecurity.com/showpost.php?p=1401351&postcount=86
https://www.wilderssecurity.com/showpost.php?p=1401373&postcount=99

 

I know how good edge can be. I recently tested several AMs against a set of 38 pieces of malware - all less than 24 hours old and Edge got every one of them. Avira got 32, F-Secure 34 & A2 got 36.

I usually run IE sandboxed with Sansboxie and I have Zemma and also run Returnil - so I believe my system and my data is safe. Just want to make suer i dont look like some arse and unknowingly send a cient something nasty - however unlikley that may be.

I would prefer not to stick F-Secure back on as I like a light system.

 

Retadpuss, without taking this off topic, if your main concern is scanning a folder, but don't need another program weighing down your pc, you could download standalone scanners with removal ability.

eg. DrWeb's CureIt can be downloaded each day/week, a stand-alone scanner/removal tool that doesn't need to install, using all their definitions. You can load it up and scan the folder.

a-squared free can be installed. Runs one small service (2mb) to prevent it from being terminated by malware. Can integrate into your right-click menu. Needs to be manually updated each day, but contains a-squared's full definitions. Can remove all detections.

 

Indeed this is foolish given whats available freely via the internet to do just such a thing.

VirusTotal
Virscan
Jottis
ThreatExpert
Anubis
VMware
VBox
JoesBox

Im sure there are so many other things which are freely available and useful for such a thing, I still to this day use ThreatExpert,Anibus and VirusTotal on a daily basis.

All can easily compile for someone a concensus of what the application or program does.