FF 3.7 (Minefied) still not supported

217699

Prevx then initiates a scan, not finding anything, but also showing nothing in detection override, i.e. I get no chance to put an override

[D] d:\mozilla firefox\updates\0\updater.exe [PX5: FBA2B30B002D02E7D050035EB956310028A40230]
[D] (ACTIVE) d:\mozilla firefox\firefox.exe [PX5: 8C1E09EE00717F538073012DDDE82A0029588D96]
[D] d:\mozilla firefox\updater.exe [PX5: FBA2B30B002D02E7D050035EB956310028A40230]
[D] d:\mozilla firefox\nssdbm3.dll [PX5: D7F2FB9900286400806101876E9CF3008F69C326]
[D] d:\mozilla firefox\smime3.dll [PX5: 9C1B03CC00900DF680A3015EEF4EB600467DE291]
[D] d:\mozilla firefox\xpcom.dll [PX5: 7C29D04E00764E9F3047001FDC523F006FABFA84]
[D] d:\mozilla firefox\plugin-container.exe [PX5: E64BB41B00EED9CD245500A96D572C003CADBB3B]
[D] d:\mozilla firefox\mozcrt19.dll [PX5: 2FE7CC7700E83E40E07B0AFD991EE100112CF851]
[D] d:\mozilla firefox\crashreporter.exe [PX5: 67C5F6FB00261829C02B01490705C000E8388B68]
[D] d:\mozilla firefox\ssl3.dll [PX5: A3B7587B0059EFA81038024E17925E00448FD4AC]
[D] d:\mozilla firefox\softokn3.dll [PX5: FD1B79AC00FA15F160AF0277E9D26800A2A6F6BE]
[D] d:\mozilla firefox\freebl3.dll [PX5: 93F96B180078EAE7D03503B3CC79A700FBE769B1]
[D] d:\mozilla firefox\mozalloc.dll [PX5: FB2B730C00DFD94722E900CD7BFF960071AD1E5B]
[D] d:\mozilla firefox\nspr4.dll [PX5: E2AB8D4300653C7A90E302596D6B2300DDD7D712]
[D] d:\mozilla firefox\nssutil3.dll [PX5: 9E35560200E33437401B0161DD874100D8970A78]
[D] d:\mozilla firefox\plc4.dll [PX5: 0A26A52B00F77EF43A74005AE3AF8A0029808E66]
[D] d:\mozilla firefox\plds4.dll [PX5: 69745EA300663AF730F50016B9452C0019A17EA2]
[D] d:\mozilla firefox\mozsqlite3.dll [PX5: 5D8F122600031E7230980BD70E318A00ADBAE16B]
[D] d:\mozilla firefox\nss3.dll [PX5: 4F3CB40F006D9C68C0F3093AD0AE7700AEB5735C]
[D] d:\mozilla firefox\nssckbi.dll [PX5: 1F90C4FE00489945003F053BF5BCE100F5D88E8E]
[D] d:\mozilla firefox\accessiblemarshal.dll [PX5: 17D786EF0096364830B400FE4FC35600BC52F8D2]
[D] d:\mozilla firefox\mozcpp19.dll [PX5: 6940D188000AC50FE04B0A0D55CC690078FA6602]
[D] d:\mozilla firefox\components\browsercomps.dll [PX5: 0C991B5000CA2C2700A202088629A8009915E2EF]
[D] d:\mozilla firefox\plugins\npnul32.dll [PX5: E1D7A3E000543CA710C301196A324B007B

-{ Quote: "217699

Prevx then initiates a scan, not finding anything, but also showing nothing in detection override, i.e. I get no chance to put an override" }-

Save a scan log and look for the file that was blocked and post the line from the log!

TH

Thanks! You must have your Age/Spread Heuristics Settings set above Medium to High or Max so this is why it is not detected during a scan but on execution!

-{ Quote: "D, DN, DP, DPN are Age/Spread detections which are triggered from the
Settings > Heuristics Settings Page (the P and N are flags which we use
to track down the correct file when a user sends us the log) " }-

[D] d:\ibm\lotus\notes\lsedtipc.dll [PX5: 09EB679800EDFE0F00F6019F89213600FA229030]
[D] d:\ibm\lotus\notes\nwrdaemndll.dll [PX5: D6FE833C009ECEB57052018FCAD615008ED3031D]
[DN] d:\ibm\lotus\notes\ntaskldr.exe [PX5: D0FD288D00879AD22A570034BCCDEB00F48FC9CA]
[D] d:\ibm\lotus\notes\ndgts.dll [PX5: B043589700154D4218E800E073F27800858C5E7F]
[D] d:\ibm\lotus\notes\nnoteswc.dll [PX5: 50AFBB5D00363EB2DA440004EE541000CAD9E6A7]
[D] d:\ibm\lotus\notes\kvolefio.dll [PX5: 46AF835600E6A2A1C0110018995A7F0089534474]
[DN] d:\ibm\lotus\notes\ndyncfg.exe [PX5: AA617E96009243E8C0AE00AB542FA500EAD58039]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.aforce.graphics.shared.dll [PX5: 8B69910500661E341E60002352A3A1001D7F8F42]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.multivpu2.graphics.shared.dll [PX5: 4FC4536600EDE302601D00911D1D90006869E921]
[D] d:\ati technologies\ati.ace\core-static\aem.ui.shared.dll [PX5: 48C9590F00E481F81C8100830E454800931B84B8]
[D] d:\ibm\lotus\notes\sut.dll [PX5: 469F40C200DA2E6598FA0006988236006362CC38]
[D] d:\ati technologies\ati.ace\core-static\aem.plugin.source.eeu.shared.dll [PX5: F7BE0913009E114216C0000B99A5B6008571FB02]
[D] d:\ati technologies\ati.ace\core-static\atiamaxx.dll [PX5: 9DEF5B1A0072C33EA079038DA4556B0030D22900]
[D] d:\ibm\lotus\notes\nxtab.dll [PX5: 8495247800831535A038018BB038D6004919BA4D]
[D] d:\ati technologies\ati.ace\core-static\aem.plugin.source.gd.shared.dll [PX5: C4AADD4100D509C916160070B9289600F9A4D043]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.alicrossfire.graphics.shared.dll [PX5: 1FC811240090BC6E3CAA007006D78200AF37C979]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.verylargedesktop.graphics.shared.dll [PX5: 2670CC9300E6581E60A7009D03A90B00E15AE0E2]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplay3.graphics.shared.dll [PX5: 7535C7C100DED3B0702900F7A99151005A12F871]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.vpurecover.graphics.shared.dll [PX5: 3167FA200064B2685007002DDDE82A000CEAFE66]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplay4.graphics.shared.dll [PX5: 2F522267004C82B970480073E5E0C200D74C78C8]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.smartgart.graphics.shared.dll [PX5: 6F4F8CF90020919260540029381EC6007285158C]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.overdrive3.graphics.shared.dll [PX5: 84C8BED300605D5F6057001637CE940087DB80BA]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerxpress.graphics.shared.dll [PX5: 509B9C0800C974BE32F700934934260079FF7422]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.multivpu3.graphics.shared.dll [PX5: 11809B89004661C7329B00D4068EB50070B59363]
[D] d:\trillian\libungif.dll [PX5: 621B0B8800294354006501069DEDFE008BA0CF25]
[DPN] d:\opera\ouniansi.dll [PX5: 3FAA5C7300ED38EB50CC0066C21DCC00B0D7F610]

I would suggest you send the scan log to Prevx to sort them out: http://www.wilderssecurity.com/showthread.php?t=270590

If you just send the parts that you want is OK to, anything with D or U files!

-{ Quote: "U, UP - Untrusted - we aren't blocking this file but we don't fully
trust it just yet (although it is most likely safe)
" }-
TH

EDIT: Just for my case I have all these [U] files because of recent updates! Even Prevx files LOL

Prevx Scan Log - Version v3.0.5.137
Log Generated: 5/5/2010 21:50, Type: 1,8192
Windows 7 (Build 7600) 32bit|1033
Hostname: xxxxxxxxxxx
Some non-malicious files are not included in this log.
Heuristics Settings: Age: 3, Pop: 3, Heu: 4 (Dir: 1)
Last Scan: Wed 2010-05-05 21:27:48 Eastern Daylight Time. Number of Scans: 4. Last Scan Duration: 2 minutes 5 seconds.
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\dkservice.exe [PX5: 90AD21B0606CE063714A1A75AD80320079D209DD]
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\nsntfsfsconsolidate.dll [PX5: 42FACBF160FF9F3C1D3003C6254A16005570AF8A]
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\dktabprovider.dll [PX5: 10037220607D497EDB4901EBFBC4A500FB86B040]
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\nsntfstve.dll [PX5: CBB0BB8460E244346B4805E999620600BBEEFD5E]
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\nsifaastmeas.dll [PX5: 9E2AADFB606D96B2D7820279C2C1BA0037959829]
[U] (ACTIVE) c:\users\xxxxxxxxx\appdata\local\theweathernetwork\weathereye\weathereye.dll [PX5: 8B00CF116841E34469493E7B4FAC580021C50F27]
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\prfacade.dll [PX5: D8B5C87460087E6AEF3401D206D81C00ECA79DF6]
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\tab.dll [PX5: 2125AD6460441A7CDDA604E70373C60091F6F9FD]
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\dklib.dll [PX5: 764A30CF605214B1F53802019E5499002D44575A]
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\nsntfsautoanalyze.dll [PX5: 1680A6F36042A4951D340328D08ED500A2412A6B]
[U] (ACTIVE) c:\program files\diskeeper corporation\diskeeper\1033\dkres.dll [PX5: 51AB4BAC60D5AC81E1583B266E3BA600744C6B9F]
[U] (ACTIVE) c:\program files\malwarebytes' anti-malware\mbam.dll [PX5: 9CED20E8509395D759650586F34B2E002D3B507A]
[U] (ACTIVE) c:\program files\malwarebytes' anti-malware\mbamservice.exe [PX5: 0F6E6738504ADA38A5DA04ACCD21E6009319C549]
[U] (ACTIVE) c:\windows\system32\pxsecure.dll [PX5: 4F2D0EFE00253747EE8B0075BD4509002BEDE4CA]
[U] c:\diskeeper 2007 & 2009 & 2010 pro premier for all windows 32bit & 64bit folder\diskeeper premier edition 2010 folder\update #903 folder\setup.exe [PX5: 705A63B0386EA67E89A73098CEDF7C01FC70AFB8]
[U] c:\windows\system32\drivers\anydvd.sys [PX5: 6BCDA05FC01D982B9FC201B74D032F00E44AFAA2]
[U] c:\program files\slysoft\clonedvdmobile\regclonedvdmobile.exe [PX5: 41A5B49A00473F71508A0143ECFD83000FF9EE0E]
[U] c:\program files\diskeeper corporation\diskeeper\nsfatmanual.dll [PX5: F6FB016D6073ECE2A76004BDBF37B6005B8DC73D]
[U] c:\windows\system32\drivers\pxrts.sys [PX5: 89C235F5084A1B55D6BF0001A4D9070084D0E4F3]
[U] c:\program files\diskeeper corporation\diskeeper\nsfatssdanalysis.dll [PX5: 438DEB2860563BC25D7303501B9F620091BBA942]
[U] c:\program files\slysoft\anydvd\anydvd-uninst.exe [PX5: 619B51AA4959A434713100D8B246FA00DF1BD40D]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfsdirconsolidate.dll [PX5: B89792CE600433AE2BE204283F2CB4008418A954]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfslfsdfrg.dll [PX5: 80D9158C6093D4C173B60873C343B3009A8831A6]
[U] c:\program files\diskeeper corporation\diskeeper\nsfatssddefrag.dll [PX5: 25BD22A260E850FAFF4C0304CF0ABC0061008EC0]
[U] c:\program files\adobe\acrobat 9.0\pdfmaker\project\pdfmproject.dll [PX5: 28D6DF14D89A5FF7D5D101688B71FE00ADB7805A]
[U] c:\program files\adobe\acrobat 9.0\pdfmaker\autocad\2007\pdfmacad.arx [PX5: 8A49048100963986807814460ECCAF00143EF7BC]
[U] c:\program files\a-squared free\a2cmd.exe [PX5: 602492A0909E9BF9D1F80D42B88F8B00F1F23E7C]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfsanalyze.dll [PX5: 9C3168E46095AEFF632A031254701400D88717D8]
[U] c:\users\xxxxxxxxxx\appdata\roaming\superantispyware.com\superantispyware\sddlls\sd10006.dll [PX5: 3C5A951400EE443CF8DE0099E7536A00EA918540]
[U] c:\program files\malwarebytes' anti-malware\zlib.dll [PX5: 8F36527A5020809D372101DB0E9EC800383C0809]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfspartialdefrag.dll [PX5: BCFFFACA60011EE48B1203A259F691001182F473]
[U] c:\program files\diskeeper corporation\diskeeper\nsfatautoanalyze.dll [PX5: 40DB56DA60EE03C5F9F302C405799C008706CDCF]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfsstd.dll [PX5: 040BF380606578FBF9AA03298B6F500002A20C47]
[U] c:\program files\slysoft\clonedvdmobile\clonedvdmobile-uninst.exe [PX5: 47D3DABDAC3B448B70C9005E816B2C00A389B720]
[U] c:\program files\ipod\bin\ipodservice.resources\nl.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B00668A716D]
[U] c:\program files\diskeeper corporation\diskeeper\nsfatbootoptimization.dll [PX5: C528B5396011251F1D2A03318623D20030690503]
[U] c:\program files\ipod\bin\ipodservice.resources\nb.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B004C0BC1FA]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfsssdanalysis.dll [PX5: B9AFDA8F6051FA1C6DF5038FE5B8AD004CA97418]
[U] c:\program files\ipod\bin\ipodservice.resources\da.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B004DDFB428]
[U] c:\program files\itunes\ituneshelper.resources\de.lproj\ituneshelperlocalized.dll [PX5: C8B6A142203A9B21C1860040DB528B00850CB88A]
[U] c:\program files\diskeeper corporation\diskeeper\dfrgsnap.dll [PX5: 0A9554ED601133203FFE03E891EA3F00B52E21C3]
[U] c:\windows\temp\pvxinst819.exe [PX5: 5082FE6F58B0674B2539616187918200F2B9F8B2]
[U] c:\program files\diskeeper corporation\diskeeper\dktrialwarerollup.exe [PX5: AC6DD5AD60A1BFB4C3EA09492D682900F0C03E52]
[U] c:\windows\system32\drivers\mbam.sys [PX5: FF4736BAD8A6BF4851480025D8492D0014AB66BC]
[U] c:\program files\diskeeper corporation\diskeeper\dfrgui.dll [PX5: AA711C3F608EA6BDAF5E3103D2E46700E427AE23]
[U] c:\program files\ipod\bin\ipodservice.resources\it.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B00D1696DFD]
[U] c:\windows\system32\driverstore\filerepository\wiaca00d.inf_x86_neutral_18a2362487e9d14a\cnhl180.dll [PX5: EEFF428100BE9738FED90038E4AB530088D95A35]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfsssddefrag.dll [PX5: 365C23EE60BD0D0707F60480D9420A009A41FF2D]
[U] c:\program files\diskeeper corporation\diskeeper\nsfatfsconsolidate.dll [PX5: 00DA7CC860A3BFFFF9E7028A54933E00B3221ABE]
[U] c:\windows\system32\drivers\dkrtwrt.sys [PX5: F5F509A3B0F40EF5B46E00A9D07F3500243BF1DF]
[U] c:\program files\diskeeper corporation\diskeeper\dkpromotionrollup.exe [PX5: 97375394605F2F1DFF6C09760947520087EB6257]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfsifaast.dll [PX5: 605F11BC6022698AE54C0488E4E88C006ED6525F]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfsmanual.dll [PX5: 59C6344160F986C3038A053EEB6F600005C45D18]
[U] c:\program files\ipod\bin\ipodservice.resources\fr.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B0024645FCB]
[U] c:\program files\diskeeper corporation\diskeeper\nsfatpartialdefrag.dll [PX5: 166245C16012FDBF5D570385EC190300ABC9FEB1]
[U] c:\program files\diskeeper corporation\diskeeper\dkautoupdatealert.exe [PX5: 190A5138604E2F1175E0099CEC292F008BCAE8A8]
[U] c:\program files\opera\opera.exe [PX5: 22E52BCE704B1257C1480C17FCCFCD0046EA51A7]
[U] c:\program files\slysoft\clonedvdmobile\clonedvdmobile.exe [PX5: D2F496B8C01136480BEC49DF30B7210020EC2B11]
[U] c:\program files\diskeeper corporation\diskeeper\applauncher.exe [PX5: 057FA4F260EE54ACA9F807381CB47D00E9BCA983]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfsbootoptimization.dll [PX5: 358677AE60F0C75D538A03016C1787006CD22BD4]
[U] c:\program files\diskeeper corporation\diskeeper\nsfatanalyze.dll [PX5: 0156EA0260BFC05A5B830338BB991500A53C3FC1]
[U] c:\program files\diskeeper corporation\diskeeper\nsntfstve-ex.dll [PX5: 6AA380676053C7FE8D1705AF8461C300C44BD591]
[U] c:\program files\diskeeper corporation\diskeeper\nsfatstd.dll [PX5: 4C8D78C3605706FF71B7036290F6DE00D339C1EB]
[U] c:\program files\prevx\prevx.exe [PX5: F58E083C582F1CE725EA6193DF612C008827840A]
[U] c:\program files\malwarebytes' anti-malware\mbamgui.exe [PX5: D78CCACC503D139EAD3306E886AB0F00BE968532]
[U] c:\program files\malwarebytes' anti-malware\vbalsgrid6.ocx [PX5: 928AD74850B32EA3952A072600C60C0062A6AED9]
[U] c:\program files\malwarebytes' anti-malware\ssubtmr6.dll [PX5: 98897C80505A5F79B5280051E4E681006D38FAAF]
[U] c:\program files\malwarebytes' anti-malware\unins000.exe [PX5: 2CF645365032B1C5EF400A28C2708800988FC1B4]
[U] c:\program files\malwarebytes' anti-malware\mbam.exe [PX5: B2184B288888D065A59210C24CFFAA005B46C31F]
[U] c:\program files\diskeeper corporation\diskeeper\dkmsg.dll [PX5: 11E29CE960D26F8E7D2601D17F003500F0529E48]
[U] c:\program files\diskeeper corporation\diskeeper\connect.exe [PX5: 6558EB7E606F64DC6F3201E17129F80067761E48]
[U] c:\program files\diskeeper corporation\diskeeper\dkperf.exe [PX5: CEF2D21D60028880A1F700449985130005410311]
[U] c:\program files\diskeeper corporation\diskeeper\dkservicemsg.exe [PX5: A5D2FBDB60183C82B53A0E5A3E8EF60065F20AE7]
[U] c:\program files\diskeeper corporation\diskeeper\dkactivationreminder.exe [PX5: 497ECA0860274E6AA99E09B189892E0069683C8E]
[U] c:\program files\diskeeper corporation\diskeeper\diskeeper.exe [PX5: C680DA2C606E1010F5AD04E9C155260006144D76]

As TH has said, lowering the Age/Popularity settings will prevent these warnings from showing :) They should already be fixed now, but feel free to send over a scan log if they do re-occur.

-{ Quote: "As TH has said, lowering the Age/Popularity settings will prevent these warnings from showing :) They should already be fixed now, but feel free to send over a scan log if they do re-occur." }-what I do not understand to be told to lower the protection to get legit stuff to work - that seems to be trend these days amongst security software vendors. as a user I feel puzzeld, to say the least.

also and unfortunately it has not been fixed. that from a scan just minutes ago:

D] d:\ibm\lotus\notes\lsedtipc.dll [PX5: 09EB679800EDFE0F00F6019F89213600FA229030]
[D] d:\ibm\lotus\notes\nwrdaemndll.dll [PX5: D6FE833C009ECEB57052018FCAD615008ED3031D]
[DN] d:\ibm\lotus\notes\ntaskldr.exe [PX5: D0FD288D00879AD22A570034BCCDEB00F48FC9CA]
[D] d:\ibm\lotus\notes\ndgts.dll [PX5: B043589700154D4218E800E073F27800858C5E7F]
[D] d:\ibm\lotus\notes\nnoteswc.dll [PX5: 50AFBB5D00363EB2DA440004EE541000CAD9E6A7]
[D] d:\ibm\lotus\notes\kvolefio.dll [PX5: 46AF835600E6A2A1C0110018995A7F0089534474]
[DN] d:\ibm\lotus\notes\ndyncfg.exe [PX5: AA617E96009243E8C0AE00AB542FA500EAD58039]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.aforce.graphics.shared.dll [PX5: 8B69910500661E341E60002352A3A1001D7F8F42]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.multivpu2.graphics.shared.dll [PX5: 4FC4536600EDE302601D00911D1D90006869E921]
[D] d:\ati technologies\ati.ace\core-static\aem.ui.shared.dll [PX5: 48C9590F00E481F81C8100830E454800931B84B8]
[D] d:\ibm\lotus\notes\sut.dll [PX5: 469F40C200DA2E6598FA0006988236006362CC38]
[D] d:\ati technologies\ati.ace\core-static\aem.plugin.source.eeu.shared.dll [PX5: F7BE0913009E114216C0000B99A5B6008571FB02]
[D] d:\ati technologies\ati.ace\core-static\atiamaxx.dll [PX5: 9DEF5B1A0072C33EA079038DA4556B0030D22900]
[D] d:\ibm\lotus\notes\nxtab.dll [PX5: 8495247800831535A038018BB038D6004919BA4D]
[D] d:\ati technologies\ati.ace\core-static\aem.plugin.source.gd.shared.dll [PX5: C4AADD4100D509C916160070B9289600F9A4D043]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.alicrossfire.graphics.shared.dll [PX5: 1FC811240090BC6E3CAA007006D78200AF37C979]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.verylargedesktop.graphics.shared.dll [PX5: 2670CC9300E6581E60A7009D03A90B00E15AE0E2]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplay3.graphics.shared.dll [PX5: 7535C7C100DED3B0702900F7A99151005A12F871]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.vpurecover.graphics.shared.dll [PX5: 3167FA200064B2685007002DDDE82A000CEAFE66]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplay4.graphics.shared.dll [PX5: 2F522267004C82B970480073E5E0C200D74C78C8]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.smartgart.graphics.shared.dll [PX5: 6F4F8CF90020919260540029381EC6007285158C]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.overdrive3.graphics.shared.dll [PX5: 84C8BED300605D5F6057001637CE940087DB80BA]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerxpress.graphics.shared.dll [PX5: 509B9C0800C974BE32F700934934260079FF7422]
[D] d:\ati technologies\ati.ace\core-static\cli.aspect.multivpu3.graphics.shared.dll [PX5: 11809B89004661C7329B00D4068EB50070B59363]
[D] d:\trillian\libungif.dll [PX5: 621B0B8800294354006501069DEDFE008BA0CF25]
[DPN] d:\opera\ouniansi.dll [PX5: 3FAA5C7300ED38EB50CC0066C21DCC00B0D7F610]
[D] (ACTIVE) d:\mozilla firefox\firefox.exe [PX5: 8C1E09EE00717F538073012DDDE82A00425CF439]
[D] e:\downloads\removeexcelpassword.exe [PX5: 14A6205A6BF07BE8E6DF08569C09D600418E6CA8]
[D] d:\mozilla firefox\updater.exe [PX5: FBA2B30B002D02E7D050035EB9563100C5AC7897]
[D] d:\mozilla firefox\nssdbm3.dll [PX5: D7F2FB9900286400806101876E9CF300445928C5]
[D] d:\mozilla firefox\smime3.dll [PX5: 9C1B03CC00900DF680A3015EEF4EB6003CE68FB8]
[D] d:\mozilla firefox\xpcom.dll [PX5: 7C29D04E00764E9F3047001FDC523F00C4F255EF]
[D] d:\mozilla firefox\plugin-container.exe [PX5: E64BB41B00EED9CD245500A96D572C00B20B8135]
[D] d:\mozilla firefox\mozcrt19.dll [PX5: 2FE7CC7700E83E40E07B0AFD991EE10049BB3F2E]
[D] d:\mozilla firefox\crashreporter.exe [PX5: 67C5F6FB00261829C02B01490705C000D3896348]
[D] d:\mozilla firefox\ssl3.dll [PX5: A3B7587B0059EFA81038024E17925E005DB5B318]
[D] d:\mozilla firefox\softokn3.dll [PX5: FD1B79AC00FA15F160AF0277E9D2680023BF2172]
[D] d:\mozilla firefox\freebl3.dll [PX5: 93F96B180078EAE7D03503B3CC79A7004191CE26]
[D] d:\mozilla firefox\mozalloc.dll [PX5: FB2B730C00DFD94722E900CD7BFF96006F4836CA]
[D] d:\mozilla firefox\nspr4.dll [PX5: E2AB8D4300653C7A90E302596D6B2300EB29BB94]
[D] d:\mozilla firefox\nssutil3.dll [PX5: 9E35560200E33437401B0161DD874100D2333E47]
[D] d:\mozilla firefox\plc4.dll [PX5: 0A26A52B00F77EF43A74005AE3AF8A001679FB9F]
[D] d:\mozilla firefox\plds4.dll [PX5: 69745EA300663AF730F50016B9452C006321B6D0]
[D] d:\mozilla firefox\mozsqlite3.dll [PX5: 5B354459008C43AB20310B0A9FD3FD00AC2CA329]
[D] d:\mozilla firefox\nss3.dll [PX5: 4F3CB40F006D9C68C0F3093AD0AE770043ED45B9]
[D] d:\mozilla firefox\nssckbi.dll [PX5: 1F90C4FE00489945003F053BF5BCE100F5C57FE1]
[D] d:\mozilla firefox\accessiblemarshal.dll [PX5: 17D786EF0096364830B400FE4FC35600A29D33E3]
[D] d:\mozilla firefox\mozcpp19.dll [PX5: 6940D188000AC50FE04B0A0D55CC6900BF9DCC26]
[D] d:\mozilla firefox\components\browsercomps.dll [PX5: ACAEC47100EB26E6008402AF7B823700FA74E383]
[D] d:\mozilla firefox\plugins\npnul32.dll [PX5: E1D7A3E000543CA710C301196A324B000449F30D]
[U] (ACTIVE) d:\ibm\lotus\notes\nsd.exe [PX5: D36BD761001CC389C09F3340331D7600C0DB4EA9]
[U] (ACTIVE) c:\windows\assembly\gac_msil\newaem.foundation\2.0.3748.36816__90ba9c70f846762e\newaem.foundation.dll [PX5: AFC7196A0000FAC63CFC0010C09CCF0008B5F168]
[U] (ACTIVE) c:\program files\widcomm\bluetooth software\bluetoothheadsetproxy.exe [PX5: 3A8BD9B520D934EC350E00472065AC00EF903177]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.component.runtime.shared\2.0.3748.36820__90ba9c70f846762e\cli.component.runtime.shared.dll [PX5: C44A5F49005EA031169700CF12F50C0082C8D636]
[U] (ACTIVE) d:\ati technologies\ati.ace\core-static\adl.foundation.dll [PX5: 91AB0268000E8360306B01576009B9009691390E]
[U] (ACTIVE) c:\windows\assembly\gac_msil\aem.server.shared\2.0.3748.36822__90ba9c70f846762e\aem.server.shared.dll [PX5: 01EBFB810050FE9C185700A9263A0F0097AECA91]
[U] (ACTIVE) c:\windows\assembly\gac_msil\aem.plugin.dppe.shared\2.0.3748.36928__90ba9c70f846762e\aem.plugin.dppe.shared.dll [PX5: 763DEAA300D038FF1AED002E54F0EC00DD9DF613]
[U] (ACTIVE) c:\windows\assembly\gac_msil\aem.plugin.hotkeys.shared\2.0.3748.36817__90ba9c70f846762e\aem.plugin.hotkeys.shared.dll [PX5: 7DA6B2D600F978A61CB3003B3C2E070035FB0653]
[U] (ACTIVE) c:\windows\system32\atidemgx.dll [PX5: 04CF846500F31D33D034067A5273BC004E701693]
[U] (ACTIVE) c:\windows\assembly\gac_msil\aem.plugin.gd.shared\2.0.3748.36826__90ba9c70f846762e\aem.plugin.gd.shared.dll [PX5: 44F9769500274972163F008F65083300D24229A8]
[U] (ACTIVE) c:\windows\assembly\gac_msil\aem.actions.ccaa.shared\2.0.3748.36820__90ba9c70f846762e\aem.actions.ccaa.shared.dll [PX5: 8DFFFEA100BF7F8320AC001F4B9175004F1FCEF0]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.workstationconfig2.graphics.runtime\2.0.3748.36947__90ba9c70f846762e\cli.aspect.workstationconfig2.graphics.runtime.dll [PX5: 0CFB091100B983EA90DE006EFAB17D00EA84F769]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.powerplaydppe.graphics.runtime\2.0.3748.36928__90ba9c70f846762e\cli.aspect.powerplaydppe.graphics.runtime.dll [PX5: 932392EB00C091F6B0D500F8C039CF00720F05B9]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.powerplaydppe.graphics.shared\2.0.3748.36901__90ba9c70f846762e\cli.aspect.powerplaydppe.graphics.shared.dll [PX5: 99B7B6050096B734705600274F223E00CEF23310]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.workstationconfig2.graphics.shared\2.0.3748.36947__90ba9c70f846762e\cli.aspect.workstationconfig2.graphics.shared.dll [PX5: D7F62DAA006DA5EC60EE004B07B79E00A2BBB8BD]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.framelockgenlock.graphics.shared\2.0.3748.36955__90ba9c70f846762e\cli.aspect.framelockgenlock.graphics.shared.dll [PX5: 9CC5A03000C655F7109501BE3C477B00ED12D0DB]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.welcome.graphics.shared\2.0.3748.36929__90ba9c70f846762e\cli.aspect.welcome.graphics.shared.dll [PX5: DBBC2A3A002132A8263F00EBD2F86300838E9C93]
[U] (ACTIVE) c:\windows\assembly\gac_msil\aem.plugin.eeu.shared\2.0.3748.36821__90ba9c70f846762e\aem.plugin.eeu.shared.dll [PX5: 83C735DF00405AB01636002B211EF90000E1AA9F]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.component.client.shared\2.0.3748.36817__90ba9c70f846762e\cli.component.client.shared.dll [PX5: E78DBADD006BFC3B1E6B00297A4FA500D26AF038]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.caste.graphics.wizard.shared\2.0.3748.36843__90ba9c70f846762e\cli.caste.graphics.wizard.shared.dll [PX5: A7C1BA50002C65E7401E004DC5AA7A00BD385164]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.devicelcd.graphics.wizard\2.0.3748.36855__90ba9c70f846762e\cli.aspect.devicelcd.graphics.wizard.dll [PX5: 4D555E1A00700539B081041DF8EB700003AF1867]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.caste.graphics.dashboard.shared\2.0.3748.36836__90ba9c70f846762e\cli.caste.graphics.dashboard.shared.dll [PX5: F81E715B00060AFA40C800FE5E81B200919D41E2]
[UP] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.devicecrt.graphics.dashboard\2.0.3748.36876__90ba9c70f846762e\cli.aspect.devicecrt.graphics.dashboard.dll [PX5: 32E9657B00D1001110ED0643261D4500EE116F31]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.devicelcd.graphics.dashboard\2.0.3748.36885__90ba9c70f846762e\cli.aspect.devicelcd.graphics.dashboard.dll [PX5: 8378C51100D42210F03E040B5E958800C5D97F62]
[UP] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.transcode.graphics.dashboard\2.0.3748.36965__90ba9c70f846762e\cli.aspect.transcode.graphics.dashboard.dll [PX5: 09CE77A80087C171D03E0236397B760084C8DCE8]
[U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.powerplaydppe.graphics.dashboard\2.0.3748.36928__90ba9c70f846762e\cli.aspect.powerplaydppe.graphics.dashboard.dll [PX5: 1656436500F0EBB8D065012C6EA27C0020352327]
[U] (ACTIVE) d:\skype\plugin manager\skypepm.exe [PX5: 520234B1800C6C58393501EC45098C007D972724]
[U] (ACTIVE) d:\trillian\trillian.exe [PX5: E6011CAD600CFD3F7B9E1FB62CA78100A410A5C9]
[UP] (ACTIVE) d:\skype\phone\skype.exe [PX5: D9F4D163288468ACAB6D8F35AED45C01BC69A7A4]
[U] (ACTIVE) d:\srware iron\iron.exe [PX5: 51AD9E82005A98EFA2A40FD4A238E60018AC827E]
[UN] (ACTIVE) d:\opera\opera.exe [PX5: 22E52BCE704B1257C1480C17FCCFCD00998BB38E]
[UP] (ACTIVE) d:\opera\opera.dll [PX5: 2758F08E702ADEBAF9AB50F55C141E0002AF33AF]
[U] (ACTIVE) e:\downloads\oovoosetup.exe [PX5: FE282830B0FE7477A3171B73B2632E017DD4255C]
[U] (ACTIVE) d:\oovoo\oovoo.exe [PX5: 289F4C80B8BC12D766E227D8560FBF01A27C9692]
[U] (ACTIVE) e:\downloads\opera_1054_3383_in.exe [PX5: 9070540FC8AAD1BD3D4BBE4AE1EB000049AC5F78]
[U] (ACTIVE) d:\adobe\adobe contribute cs5\plugins\firefoxplugin\{01a8ca0a-4c96-465b-a49b-65c46fad54f9}\components\contribute.dll [PX5: 490B4A51D8643FE7A5550240E62CB60067825BA9]
[U] (ACTIVE) d:\mozilla firefox\mozjs.dll [PX5: D3D51850001CC23A70D512BA691B04001536BECE]
[U] (ACTIVE) d:\mozilla firefox\xul.dll [PX5: 33C445FA00C56C7E409DBB63A24F8A00CD0240AE]
[U] c:\program files (x86)\common files\steam\steamservice.exe [PX5: 061D00ABF829FC61D4E9041F694F090027219866]
[U] c:\program files (x86)\common files\adobe\switchboard\switchboard.exe [PX5: 991611F8E816D2AFE37E077E59741600B9143365]
[U] d:\srware iron\unins000.exe [PX5: 2CF645365E32B1C503400B28C2708800F2FAE489]
[U] c:\windows\system32\atiapfxx.exe [PX5: ECB8A13100708AE5303902757FEF860095FEC8C8]
[U] c:\windows\system32\atiglpxx.dll [PX5: BD00F75700335BEB3233004FD43F9C00FC1864C5]
[U] d:\yamicsoft\windows 7 manager\ipswitcher.exe [PX5: 123AB692007A3C971A1A02D493292B0005A3CDFD]
[U] d:\ati technologies\ati.ace\core-static\aem.plugin.dppe.shared.dll [PX5: 763DEAA300D038FF1AED002E54F0EC00DD9DF613]
[UN] c:\program files\widcomm\bluetooth software\btwhtmlrenderer.dll [PX5: F6F286F220A87FB5D57400B817B4C700C31A5E1E]
[U] d:\ati technologies\ati.ace\core-static\aem.actions.ccaa.shared.dll [PX5: 8DFFFEA100BF7F8320AC001F4B9175004F1FCEF0]
[U] d:\ati technologies\ati.ace\core-static\cli.aspect.framelockgenlock.graphics.shared.dll [PX5: 9CC5A03000C655F7109501BE3C477B00ED12D0DB]
[U] d:\ati technologies\ati.ace\core-static\aem.plugin.eeu.shared.dll [PX5: 83C735DF00405AB01636002B211EF90000E1AA9F]
[U] d:\ati technologies\ati.ace\core-static\aem.plugin.hotkeys.shared.dll [PX5: 7DA6B2D600F978A61CB3003B3C2E070035FB0653]
[U] d:\ati technologies\ati.ace\core-static\aem.plugin.gd.shared.dll [PX5: 44F9769500274972163F008F65083300D24229A8]
[U] d:\ati technologies\ati.ace\core-static\aem.server.shared.dll [PX5: 01EBFB810050FE9C185700A9263A0F0097AECA91]
[U] d:\ati technologies\ati.ace\core-static\cli.caste.graphics.dashboard.shared.dll [PX5: F81E715B00060AFA40C800FE5E81B200919D41E2]
[U] d:\ati technologies\ati.ace\core-static\cli.aspect.welcome.graphics.shared.dll [PX5: DBBC2A3A002132A8263F00EBD2F86300838E9C93]
[U] d:\ati technologies\ati.ace\core-static\cli.aspect.workstationconfig2.graphics.shared.dll [PX5: D7F62DAA006DA5EC60EE004B07B79E00A2BBB8BD]
[U] d:\ati technologies\ati.ace\core-static\cli.caste.graphics.wizard.shared.dll [PX5: A7C1BA50002C65E7401E004DC5AA7A00BD385164]
[U] d:\ati technologies\ati.ace\core-static\newaem.foundation.dll [PX5: AFC7196A0000FAC63CFC0010C09CCF0008B5F168]
[U] d:\ati technologies\ati.ace\core-static\cli.component.runtime.shared.dll [PX5: C44A5F49005EA031169700CF12F50C0082C8D636]
[U] d:\ati technologies\ati.ace\core-static\cli.component.client.shared.dll [PX5: E78DBADD006BFC3B1E6B00297A4FA500D26AF038]
[U] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplaydppe.graphics.shared.dll [PX5: 99B7B6050096B734705600274F223E00CEF23310]
[U] d:\ibm\lotus\notes\adobepdfmtoolbarinst.dll [PX5: 0F9E6595A8A093C095B90E4077F93700D5795FB6]
[U] d:\ibm\lotus\notes\ndbpdfml.dll [PX5: BB65CC00C8434FF315DD01EF754C1D002A11C320]
[U] d:\ibm\lotus\notes\nnotes.dll [PX5: CEC6330800AE7B7D30560610BC8FD50123A04E9E]
[U] d:\ibm\lotus\notes\nnotesws.dll [PX5: 49E117ED00D3FAA1907D3873D5DC08017CE0A511]
[U] d:\ibm\lotus\notes\nstrings.dll [PX5: F0ED46B4000FE9C3E01F11CD67750C003ABDCD19]
[U] d:\ibm\lotus\notes\sload.exe [PX5: C58AD14F0098AF47A08D18221C452300FC0CB77C]
[U] d:\ati technologies\ati.ace\core-static\clistart.exe [PX5: 72750E78003C0FBA901C012F734A7900D07CBDB8]
[U] d:\skype\plugin manager\ezpmutils.dll [PX5: 4EA14A4380803B5E05BF32D220E93700C1259439]
[U] d:\trillian\buddy.dll [PX5: A087ADB878F6838357450A7992DA9700004F2DCB]
[U] d:\trillian\core.dll [PX5: 50976A7078C63AA641A40C347BDB1000ADA37453]
[U] d:\trillian\events.dll [PX5: DD3EF3D278E9495F8307040D04AB45005BF93986]
[U] d:\trillian\expatxml.dll [PX5: 218C2ACC7875BFA6171B0502DD9F6D009297AB04]
[UP] d:\trillian\images.dll [PX5: 9CEAC23B78F0DD147F711BC7BEA16B000CBFBFA8]
[U] d:\trillian\list.dll [PX5: F61B4C7178B2B76F0F8E0911C4377300D4C21B90]
[U] d:\trillian\talk.dll [PX5: 0AEC167F78DA7F7085841B58DCF56300A1F5B8F6]
[U] d:\trillian\toolkit.dll [PX5: CB11F9C000EE6312C88213CABA766600FFA222CD]
[U] d:\trillian\vistaelevate.dll [PX5: F8E301117862E85AD5DC007B2C400E00AB5DB574]
[U] d:\srware iron\iron.dll [PX5: 4E39AD130007A844BEA8637137F8C9014D83DFCB]

-{ Quote: "what I do not understand to be told to lower the protection to get legit stuff to work - that seems to be trend these days amongst security software vendors. as a user I feel puzzeld, to say the least." }-

Configuring protection at the highest levels will tend to cause more false positives by the nature of it. Having 'D' files in your scan log is not indicative of a problem, just noting that those files are relatively new to the Prevx community. If you could send a full scan log to report@prevxresearch.com, we will be able to whitelist them easier - there are some differences in this log posted here that will cause it to not be able to be manipulated properly: sending it directly to us will allow us to fix them much more accurately.

Thank you :)

-{ Quote: "what I do not understand to be told to lower the protection to get legit stuff to work - that seems to be trend these days amongst security software vendors. as a user I feel puzzeld, to say the least.
" }-
If you look in the help file/site where the different heuristics settings are explained it also says that you have a higher chance of false positives. With almost all other vendors raising heuristics to high there is a higher chance of falso positives. The level's are all on medium by default and that is also how the products are tested. But for the advanced users who know what they are doing they gave the option to decide for themselves, higher detection but more FP's. If you then want the highest settings you shouldn't complain about false positives ;)

will be dropping Prevx anyways. since keeping my machines up-to-date makes my obviously a guinea pig in the cloud. despite the millions and millions of claimed Prevx users I am ending up with files from Skype, Lotus Notes, ATI and the like of wide spread software not being recognises by Prevx as harmless, unless eventually another millions of users in the cloud would have such files on their computers.

as mentioned in the beginning of the thread Prevx does not get me the override option, that way I could deal with FP, but I cannot.

In the end Prevx is scanning the same files all over again, still marking them D or U, although the files been there quite a while and been scanned with Prevx a hundred times before.

Moreover SO is not supporting derivatives of mainstream browsers, causing even havoc with development snapshots of FF.

Notwithstanding the poor implementation of the 64bit version.

I do not like to be told - switch that off, send another log here, have a remote session there - that all sounds awfully beta stuff and it surprise that so many millions of users are happy about it - no wait, I forgot, they obviously use the relaxed noob mode and their software does not get updated in ages.

I know it has been defended at great length not to test the product in comparison to others, still it should I reckon it should be, instead of hiding behind some well crafted argumentation of why not.


There is no benefit of Prevx outweighing the disadvantages of work flow interruption. I made the mistake and was blended by the superior marketing of Prevx, paid up for three years, yet learned my lesson well.

-{ Quote: "will be dropping Prevx anyways. since keeping my machines up-to-date makes my obviously a guinea pig in the cloud. despite the millions and millions of claimed Prevx users I am ending up with files from Skype, Lotus Notes, ATI and the like of wide spread software not being recognises by Prevx as harmless, unless eventually another millions of users in the cloud would have such files on their computers.

as mentioned in the beginning of the thread Prevx does not get me the override option, that way I could deal with FP, but I cannot.

In the end Prevx is scanning the same files all over again, still marking them D or U, although the files been there quite a while and been scanned with Prevx a hundred times before." }-

D/U detections are not false positives - they are merely saying that the programs are currently not completely trusted within the Prevx community. Some programs run for several years and are never changed from U to G just because we naturally have a very suspicious eye towards any new software. For instance, there were some problems late last year with some completely legitimate vendors having their development PCs infected with a Delphi trojan that subsequently infected all created software and spread to their clients. Despite the created files being digitally signed and coming from the legitimate vendor, many users were inadvertently getting infected.

At Prevx, we don't automatically whitelist files just because they appear to come from a legitimate vendor. We assume that every new piece of software could be malicious or harbor malicious code so we apply the same level of scrutiny onto each new program or component.

-{ Quote: "Moreover SO is not supporting derivatives of mainstream browsers, causing even havoc with development snapshots of FF." }-

Our goal is to add support for every browser but we have to prioritize our resources accordingly and therefore cannot support every random browser. There are literally thousands of discrete web browsers in existence and we cannot feasibly add full support for every one of them - our approach in Prevx 4.0 will be to allow the user to add protection over custom processes so they'll be able to protect their word processor or browser, for instance, but the amount of labor required to add perfect support for every browser is not economical for the overall benefit of the bulk of the Prevx userbase.

I hope this helps answer some questions - please let me know if you have any other questions!

I removed Prevx meantime completely, the last instance after reading the self-uninstallation issue, something I do not forgive an application supposed to protect. Not going into the details as the other thread already does, but leaving a deep concern about the trustworthiness of the product.

Back to the subject, you claimed earlier somewhat more than 5 million users or more of Prevx , yet within that base Skype, Lotus Notes, ATI and the like of wide spread software are considered unsafe? WOW!

On the other matter of browser support - MS had recently to implement the browser choice for Europe, showing some lesser used browsers too, which Prevx is not able/willing to support properly with SO. Just my 2 cents - either do it right or do not do at all but not this half-baked thing.

-{ Quote: "
as mentioned in the beginning of the thread Prevx does not get me the override option, that way I could deal with FP, but I cannot.
" }-

You can right-click and pick override if you have FPs. :)

-{ Quote: "You can right-click and pick override if you have FPs. :)" }-

And we also have a dedicated "Detection Overrides" screen under Settings which is designed precisely for Detection Overrides :)

-{ Quote: "Back to the subject, you claimed earlier somewhat more than 5 million users or more of Prevx , yet within that base Skype, Lotus Notes, ATI and the like of wide spread software are considered unsafe? WOW!" }-

We don't say that these components are unsafe - we're just saying they aren't completely trusted yet. There isn't any downside to leaving them as "unknown" besides a few additional CPU cycles on our servers. The benefits, however, are significant because we aren't trusting what any vendor says about their software at face value just because that software is from said vendor.

-{ Quote: "On the other matter of browser support - MS had recently to implement the browser choice for Europe, showing some lesser used browsers too, which Prevx is not able/willing to support properly with SO. Just my 2 cents - either do it right or do not do at all but not this half-baked thing." }-

As I've said - we are planning on adding support for all browsers but it does not make any economical sense to spend significant amounts of time adding support for far less than < 1% of browsers which are currently unsupported.

Putting most of one company's resources in the benefice of most of their costumers is the right thing to do. Following that logic, stop feeding this pathetic troll that only manipulates data to get some attention.

-{ Quote: "You can right-click and pick override if you have FPs. :)" }-mentioned in the initial post that override did not show a thing, just blank

-{ Quote: "mentioned in the initial post that override did not show a thing, just blank" }-

That's because these are not false positives or malicious files :)

-{ Quote: "That's because these are not false positives or malicious files :)" }-
aehm, def. not malicious but not FP? Then what is it called when Prevx is reporting an infection, when there is none?

-{ Quote: "...our approach in Prevx 4.0 will be to allow the user to add protection over custom processes so they'll be able to protect their word processor or browser..." }-

Cool feature. Looking forward to it. :)

-{ Quote: "aehm, def. not malicious but not FP? Then what is it called when Prevx is reporting an infection, when there is none?" }-

Files listed as [D] or [U] are not malicious - only files listed as [B] will be reported as bad and are malicious.

-{ Quote: "Files listed as [D] or [U] are not malicious - only files listed as [B] will be reported as bad and are malicious." }-from the beginning of this thread

[D] d:\mozilla firefox\updates\0\updater.exe [PX5: FBA2B30B002D02E7D050035EB956310028A40230]

yet Prevx reported it as infection (screenshot), with a blank overrride. so, Prevx making fun of the user then, did not know it had such a feature build in.

-{ Quote: "from the beginning of this thread

[D] d:\mozilla firefox\updates\0\updater.exe [PX5: FBA2B30B002D02E7D050035EB956310028A40230]

yet Prevx reported it as infection (screenshot), with a blank overrride. so, Prevx making fun of the user then, did not know it had such a feature build in." }-

I already told you: -{ Quote: " You must have your Age/Popularity Heuristics Settings set above Medium to High or Max so this is why it is not detected during a scan but on execution!" }- and that -{ Quote: "D, DN, DP, DPN are Age/Popularity detections which are triggered from the Settings > Heuristics Settings Page (the P and N are flags which we use
to track down the correct file when a user sends us the log)
" }-

So what else can be said to satisfy your obsession! :blink:

TH

I think vtol is right to push the issue. If [D] files aren't considered malicious, then why is updater.exe being identified as malware and blocked?

-{ Quote: "I think vtol is right to push the issue. If [D] files aren't considered malicious, then why is updater.exe being identified as malware and blocked?" }-

Because Age/Popularity Heuristics Settings where set above the default low setting! In Prevx if you set these settings above default you could get a Blocked file as the community has not seen it enough to determine these files to be completely safe! It's the Behavior Blocker in Prevx IMO! But the D and U files in the log are for Prevx to help if you are having problems with certain issues on any particular computer like slow booting or slow browser response! They are not Malicious or False Positives! As I have mine set on High and if I run a new updated program it will get flagged as Age/Popularity Heuristics detection or Community Outeredge Detection!

HTH,

TH

Edit: Community.OuterEdge is an identifier which says that based on your heuristics settings ( these files are on the "outer edge" of the community - meaning, they are either too new or too unpopular to be automatically trusted for your system, it doesn't necessarily mean they would be blocked or detected but its more of just an identifier!

-{ Quote: "They are not Malicious or False Positives! As I have mine set on High and if I run a new updated program it will get flagged as Age/Popularity Heuristics detection or Community Outeredge Detection!" }-
Does not make sense, as it clearly shows Prevx reporting the system as infected, albeit it is not, also prevents the execution. It is not just getting flagged as you try to imply. Now, you say this is not FP, neither it is malicious - then what is it? Also considering the override blank.

Either Prevx should not report the system as infected, as it clearly is not, or if it is a FP (which you and Joe deny to classify as such) to have the option of override, which again is not there. It is not just irritating, it just defeats the purpose of this application.

Back to nothing is 100 percent, the easy way for the vendors in case of the slightest trouble with their software is 'oh, switch off this option or relax this rule' just to get compliance. If the application offers advanced settings for advanced users it should be able to deal with it professionally, else just cut out the advanced stuff and concentrate on maturing the application's core.

-{ Quote: "from the beginning of this thread

[D] d:\mozilla firefox\updates\0\updater.exe [PX5: FBA2B30B002D02E7D050035EB956310028A40230]

yet Prevx reported it as infection (screenshot), with a blank overrride. so, Prevx making fun of the user then, did not know it had such a feature build in." }-

Hi there,

Joe, I must agree and support vtol here, sorry :)

But he is right.

It is misleading for novices and new users.

I thought PrevX should be as simple as possible, especially for beginners..

But the warning is incorrect for [d] files detection..

PrevX has to distinguish between real threats aka malicious files and something strange/too new/etc. and NOT ONLY internally.

PrevX has to show it on the GUI as well in plain english, but it always say Malware blocked or such, even it is based on age/popularity heuristrics or it simple is an crack or keygen.. (I don't say that I use these stuff, but I'm scanning many friends computers with PrevX in order to check them..)

Joe your team have to change the behavior and GUI warnings in order to reflect the differences in findings. (Real malicious files, heuristic detection, etc. and name it different, not all is malware..)

regards,

iNsuRRecTiON

-{ Quote: "Hi there,

Joe, I must agree and support vtol here, sorry :)

But he is right.

It is misleading for novices and new users.

I thought PrevX should be as simple as possible, especially for beginners..

But the warning is incorrect for [d] files detection..

PrevX has to distinguish between real threats aka malicious files and something strange/too new/etc. and NOT ONLY internally.

PrevX has to show it on the GUI as well in plain english, but it always say Malware blocked or such, even it is based on age/popularity heuristrics or it simple is an crack or keygen.. (I don't say that I use these stuff, but I'm scanning many friends computers with PrevX in order to check them..)

Joe your team have to change the behavior and GUI warnings in order to reflect the differences in findings. (Real malicious files, heuristic detection, etc. and name it different, not all is malware..)

regards,

iNsuRRecTiON" }-

If you really want to know the Logs are for Prevx support to help us with problems if we have them and not for us so the novice user would not even look at the log files IMO. And the [d] and [u] files don't do anything to slow down Prevx so again it is of no consequence that they are there.

TH

-{ Quote: "
Joe your team have to change the behavior and GUI warnings in order to reflect the differences in findings. (Real malicious files, heuristic detection, etc. and name it different, not all is malware..)
" }-

We do have the name clearly differentiated - Age/Spread detected files vs. "Medium Risk Malware" for example.

Changing heuristic settings will logically create more warnings but the warning dialogs differentiate between these detections. You'll see that in the dialog in the original post, the green circle is overwriting the detection name which is:

"Community.OuterEdge"

which is an Age/Spread detection. The dialog posted initially will only show if the user has already seen a standard "Block" dialog with Age/Spread Detection in the title and then clicked Block to that (if they have the default setting of automatically block files).

Let me know if you have any other questions :)

-{ Quote: "....
Let me know if you have any other questions :)" }-
Admirable patience as you're obviously "trying to repair bridges", but didn't Euclid have similar difficulties with his 5th postulate and some of his students......?