Free Prevx CSI

What file "information" does it send? Does it upload complete files that it flags as suspicious? Shouldn't it warn you when it's going to be sending information? It could theoretically flag an executable multimedia presentation of confidential research material as "suspicious" and upload it to your team of "researchers". I think the process should be a little more transparent and the software should warn you about all communications with external servers.

 

10 minutes!?

Not sure if the scanner works in the way you describe (I'll wait for someone from Prevx to confirm), but the scan of my entire machine only took a minute or so and I definitely didn't see any huge amount of data being uploaded?

 

I only have 15kB/s upstream bandwidth.

 

I have used Prevx versions since the original and, frankly, I find those comments a complete load of nonsense. I have had fewer FPs with Prevx than any other security software. I have experimented with Cyberhawk/Threatfire and found it totally inferior.

 

Ah ok then

Would still be interesting to know how much data on average the scanner uploads.

 

I know I certaily have questions about the product....especially when you cannot distinquish a popular antiviruses files

 

I don't think that the PrevX is a spy company, for if they were, other anti-malware software would certainly detect their products as malware, don't you agree?

Thanks for the explanation.

 

In my eyes this is a subvertion and violation of privacy, every user has to be able to decide whether he wants to send suspicious files or not, therefore it looks like a black sheep in security business that aggressively grabs anything it can get.

 

Hi,

The details of what the Prevx software does is included in the terms and conditions, I include the paragraph below.

Regards

 

The sort of data transmitted by Prevx CSI is related to the file itself and areas that refer to it in the registry. For example, take MSN Messenger:

Location: %programfiles%\MSN Messenger
Name: msnmsgr.exe
Vendor: Microsoft Corporation
Product: Messenger
Version: 8.1.0178
Registry: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr = "c:\program files\MSN Messenger\msnmsgr.exe" /background
Events: REGRUNKEY
MD5:c4281ad865739e71fd1e4dac19a68d60
SHA1:a1ff1546af2aa41b343852d04cc239537820936c
+ up to 7 prevx file identification signatures (if available)

The anonymous attack and file data captured by Prevx CSI is a subset of that gathered by Prevx 2.0. Both products have an extensive section in their license terms and conditions that cover this subject. We are grateful to all users that volunteer to help Prevx in its fight against malware and Internet crime.

When running Prevx CSI you have to agree to those terms and conditions each time the tool is run. If you do not wish to help Prevx in its fight against malware and Internet crime simply close Prevx CSI without accepting the terms and conditions and no data will be transmitted.

 

It´s always respectable to fight against real! Malware (and not slander Software as Exploit that is totally harmless), if there is only data transmitted and not the suspicious files then this would be not that critical.
In case of file submission you should definitely ask the user before transmission.

 

Hi, folks: Newly updated version has been just released. The TF F.P. has been addressed. A raid response team indeed. This is One of the many reasons that I stay comfortably with Prevx. Have a nice one.

 

I don't think Prevx is forcing people to use their products so just use something else or none at all.

 

Very true,as that would also pertain to any piece of software,but I do get your point.

This issue with Prevx CSI disussed here also

 

I don't know what to make of this

 

Odd.

I occasionally and almost often get those same equal returns with ThreatFire. It has to be a code identity problem or something within these respective programs design that needs sharpening.

 

What does Prevx CSI do that a good AV or AS does not do? Is it just another case of double checking?
Thanks,
Jerry

 

I examined explorer.exe and noticed that it was modified 10-3. Earlier yesterday evening I had applied some Vista updates Nick had posted in the software forum so one of them must have modifed the file. The new explorer.exe may resemble the trojan mentioned so all Prevx needs to do is update it's sigs.

 

In my case it was more of double-checking and just plain curiosity. I try some of these type scanners every now and then just to see if Norton is doing it's job (and it is I am pleased to report ).

If anything I just helped Prevx identify a FP.

 

nothing found here and the scan was very fast.
when i clicked on secuirty infomation it opened up a page in IE7 and correctly identifyed i have kis7.0 119 installed.
lodore

 

midway40, please can you send me log created by Prevx CSI at the e-mail address I sent you by pm?

Thanks

 

Siete benvenuti You should have it soon.

 

replied

 

Now this is service! Just a little more than an hour ago PrevxCSI still showed the Explorer FP when I rescanned to get the log Marco wanted. Then a while ago I saw where lodore mentioned a report I must have missed seeing so I ran it again (btw it correctly identified NIS Version 15.0.0.60) only to be surprised by a clean scan this time

A big for Marco and the folks at Prevx

 

ROFL