Introducing, The New Prevx Edge.

Can you click Tools and Settings > Save Scan Results and then send EraserHW or myself the entry from the scan log which is referencing zlib1.dll?

 

I sended both you and EraserHW a private message with the download link.

 

Could you please try rescanning now - it should not be detected anymore

 

It's still detected as malicious.

 

Hmmm... not sure how - I scanned it here and it is not found anymore

Can you please try uninstalling and reinstalling?

 

Uninstalled and then reinstalled, started a new scan.

Final result: file is NOT detected as malicious anymore.

But I think this should not be the way to solve a false positive.

 

Yes, I agree... I'm really not sure why it was not picking up the new determination properly. We'll take a look at it shortly to see if there is something wrong in the communication. Thanks for the report

 

Your welcome.

Thank you and EraserHW for a very fast response and solution!

 

Seeing this thread progress its pretty clear what the M.O. is here. There is a team at PrevX that is constantly whitelisting exes. How is that different from constantly writing signatures.

 

We temporarily whitelist the program and then update our rules to fix it from happening in the future. We have many many rules running server side and the false positives seen here are the result of minor problems with different rules, so, fixing one rule leaves the rest and just because there are millions (billions?) of programs on the internet, it is hard to get a perfect result on every program

 

I'm still getting an alert from Kaspersky saying behavior similar to Trojan.Generic detected when Prevx is started for the first time. Can this FP be fixed?

 

Just a question regarding temporarily disabling Prevx protection. When I do this by right clicking on the sys tray icon and disabling protection for 15 minutes when installing an app it says protection disabled yet I still receive sys tray notifications saying "Authenticating files..." during the installation process. Is this normal behavior considering that Prevx has indicated that it is disabled?

 

"An alert from Kaspersky" sounds like an FP on Kaspersky's part -- NOT a Prevx FP. In which case, it is probable that Kaspersky can make the fix, but not Prevx.

Am I reading you incorrectly?

 

I mentioned it earlier and PrevxHelp said he might get in touch with Kaspersky about it, so I want to see what he says.

 

hi, im trying to ... well... try this software

but every executable i download from prevx.com end up opening a window called CSI 3.0

is there a way to try edge if i already have csi installed ?

so far i've downloaded those files:
PREVXEDGEFREE.EXE
50BAFB54BE6B4F34BE6E.EXE

 

Hello,
Please first uninstall CSI and then reinstall Edge.

The Edge installation will duplicate all of the functionality of CSI (and you can use your CSI license within it). We currently don't have the functionality enabled to switch from CSI > Edge, but this will be a feature in a release soon.

 

Hello,
This is not correct behavior - we will have this corrected in the next version. Thank you for your information

 

We are still working with them to resolve it, but it is a bit out of our hands. It seems as though they have chronically had this false positive against us and it appears to be non-trivial to prevent.

We are going to continue working with them to prevent it, and I'm hoping it will be resolved in a database update soon.

 

Thanks for your attention to this matter.

 

Thanks again for the quick response.

I also just noticed that Prevx Edge does not appear in Windows Security Center which is something that should be addressed although it could just be a localised problem with my system.

Prevx as a company appears to be listening to their users very well atm and as the product matures and the kinks are worked out I am sure that they will have a killer security product on their hands in the near future.

 

This alone could cause compatibility issues with other applications and certainly is not worth causing such problems, IMHO.

 

Hmmmmm. Didn't think of it from that perspective. I suppose if other security applications check Security Center during installation and find an already installed security app such as Prevx they may refuse to install which works against Prevx goal of complete compatibility. But on the other hand if the user only uses Prevx and nothing else they will receive warnings from Security Center which may confuse an average user (although you could tell security center not to monitor for that parameter). Its a win/lose situation

 

Yeah, that's what I meant...

You could have a checkbox in the product to do the job. ThreatFire has one, e.g. I personally tend to disable WSC altogether on my boxes so... not an issue for me.

 

I agree that this is the best solution, the difficulty lying in how it is implemented without confusing the average user. It may be best to include this option as part of the installation wizard as well as in the preferences.

Alternatively it could be automated by temporarily removing the Prevx entry in WSC when install mode is activated in Prevx by the user thus when a new security app tries to detect existing security apps during installation it will find nothing but when install mode finishes (15 minutes later) Prevx automatically re adds itself to security center. This automated approach if feasible to implement would provide the best of both worlds in IMHO.

 

A very impressive thread, this, so I may have missed something. The thing is, I was a user of Prevx 1 and, for a while, 2. I liked both the app per se and the idea of user based contributions to a central db. The reason I ditched it wasn't really dissatisfaction, just a wish to keep security setup at a minimum and, more importantly, the fact that Prevx servers got inaccessible now and then - extremely annoying when you're installing something, for instance. But that was a couple of years ago. Maybe things have changed? Or maybe the problem was at my end? In that case I'd be more than willing to try out Edge. And a propos the licensing discussion here, what happened to that very nice exotic usage policy with Prevx running fully functional and no questions asked until you got infected, at which occasion the 30 days trial period began (at least that's how I remember it, but I'm getting old...)?