Introducing, The New Prevx Edge.

I see PrevX 2.0 HIPS is still available on the site. So is PrevX Edge 3.0 better than it ? Could some one tell me the exact differences ....
Thanks

 

Yes, i am.

The nick i choose will be hardly a one chosen by foreign people (i had an hard time trying them to guess how to say it, thanks god a youtube video cameto help me, lol).

Anyway:

i tried it on a fully updated Vista Business machine with Kasperky AV 2009, windows firewall.
It's a clean install ,so there are no problems related to previous installed / uninstalled software.

So far it's doing good with two exceptions:

- enabling self-protection and saving the changes brings, after a few moments, a threatening warning and red light on the eye, "monitoring is disabled". A reboot fixes it and keeps thesetting but still, if this behaviour is expected (having to reboot) i'd prefer a message stating that. If not expected then it's something you should look to.

- When booting, after first install and on every reboot, there is a short period after login, let's say 20 - 30 seconds, where everything seems loaded, Edge included, judging by the tray bar icons, but the system is unresponsive.......i tried right clicking on edge, on the start button, ctrl-alt-canc.......

After that everything, not that i tried many things, seems to work well.

Since task manager can't be started i can't see what going on........i only seethat there is no HD activity.

Hope it helps

Best Regards

 

I left enabling self protection unchecked and found it a tad more stable. Also my heuristics settings to high.

 

I'll steal this question from Marco Scanning happens primarily when the program/file is loaded rather than when it is copied. This provides substantially faster/lighter performance with no loss in real protection.

However, on Vista protection is slightly different and in some cases it will warn quicker, but, the primary intention is to scan the files when they're loading code.

 

64bit is significantly different from 32bit and is more difficult to develop.
Currently there is still such a low adoption rate of 64bit computers, it is hard to justify dedicating the time immediately for it.

However, as soon as we've finished the next round of upgrades to the actual protection, we will continue working on 64bit compatibility.

 

In order to be compatible with other AVs, we've taken the approach of blocking programs in a different way. Rather than locking the program from the kernel and possibly causing BSODs when it is trying to be read by another AV during the scan, we leave it open.

This does not allow the file to open for any kind of exploitation or possibility to infect, but, it immediately allows us to be compatible with other security solutions.

It is really a guessing game to see which AV will find the file first.

So, in summary, just because Edge doesn't show a block warning when your AV does, doesn't mean that it didn't find it.

Also, if Edge doesn't find a file on a right-click scan or another scan, that doesn't mean it wouldn't block it under realtime protection as well, as heuristics and behavior analysis work much more swiftly under realtime protection.

 

Yes, this is precisely the behavior. It is a bit of a guessing game on how the OS will load the files. We discovered that Vista has a somewhat un-optimal way of handling files when saved/browsed which causes some areas of them to be loaded into memory, so, Edge will grab them immediately.

However, regardless of the OS and regardless of where the file came from, Edge will block it from infecting or loading any bit of code into memory.

 

Prevx2 is still available on the site because some of our more advanced users still use some features of it which are not present in Edge.

For instance, if you use the advanced features found in the Expert mode of Prevx2, you may want to continue using it as it does give you more granularity over the protection aspects. However, Edge's protection "out of the box" far surpasses Prevx2's protection thanks to our new advanced heuristics and behavioral analysis techniques.

Edge is also lighter and more cross-compatible with other AVs. Note: if you want, Edge is also compatible with Prevx2, so, if you want to use Prevx2 for more of a behavior blocker and Edge as a realtime antimalware product, they won't interfere

Hope that helps!

 

Thank you for your information. While we didn't reproduce any incompatibilities with Kaspersky in our internal testing, we will take another look at it. What I suspect is happening is that the self protection is fundamentally interfering with Kaspersky's memory protection.

Our self protection runs at a very low level and is not enabled by default as it could cause incompatibilities with other AVs that also use self protection (Bit of an unfair point - two AVs can't run on the same system if they both want to protect themselves).

The "Monitoring Disabled" warning comes when Edge self-tests its protection once every few seconds. After enabling self protection, Edge's protection has to be "rebooted", so, somewhere along the line of having it reload it is being interfered with.

 

I would recommend using Prevx Edge.

Edge duplicates all of the functionality of CSI (you can actually use both interchangeably if you put an Edge license key into CSI v3.0.0.172 ) and does not have any known issues running alongside NOD32/OA.

Please let us know if you do run into any problems, but I suspect you won't

 

Ok, now I can go eating something

 

Of course you are!! And we are extremely thankful for all of the input you've given us

 

I am just more willing to spend my money on a product when I am I able to try the product without restrictions.

I hope Prevx considers this as I am very interested in Edge.

 

Well, considering 4GB of RAM is becoming a mainstream, usage of 64bit OS makes sense. Well, a need in fact, unles you want to waste available performance/resources for nothing.
Looking forward for 64bit version though.

 

Yes, I agree. Currently I don't have an ETA on the 64bit version, but, I think the priority will be moved up once we get a better feel of how many Edge users are requesting it.

 

Just another question, sorry if i'm so annoying:

i put all heuristic settings to maximum.

I didn't notice bad side effects but.........is this to be cosidered too much?

Thanks in advance

 

No, that should be fine. The heuristics should still generate a minimal number of false positives, even on maximum.

However, if you do experience false positives on max. please let us know and we can adjust the rules accordingly

 

will surely do......thanks again.

you're so quick to answer that this is more a chat that a forum

 

To all:
The jury is still out as to what our license model will be changed into. If any users want to test it out temporarily, I've been given authorization to hand out one-week full license keys for now. I know it isn't optimal, but it may help tide people over while we decide on what we'll be officially doing.

Drop me a PM if you're interested

 

Nice work fellows

 

I installed it alongside Online Armor Free (Vista) and, while it appeared to work fine at first, it slowed my sytem to a crawl once I opened a folder full of programs. I had to reset and remove it in safe mode.

 

While it was loading the folder, it has to scan every file. If you noticed, there should have been an 'Authenticating New Programs' popup in the bottom right corner near the clock - this will indicate the progress of the scan. Because Vista loads programs into memory when they're browsed to, many AVs need to scan them if they haven't encountered those files before.

Generally shortly after installation it will optimize away the need to do this on its own, but it may take a minute or two after first loading.

In normal use, this wouldn't happen, as the folder would be scanned and monitored for changes immediately after it is encountered the first time, so, if you do decide to go back to Edge for another test, could you try waiting a minute or two after opening the folder?

 

Decided to give this a try.FP after 1st scan with Babylon .exe 7.0.3(r24).Added the file to trust after i launched it.I What's the best way to deal with this.Should i send u the log or....?

1 other question.I don't know exactly what override means in my language.If i know that babylon.exe is safe what do i choose:remove or add override?

 

You can send the single line from the log which references the file, or the entire log, or you can send the file if you want. I'll get it sorted immediately

 

False positive fixed