Introducing, The New Prevx Edge.

The best diagnostic software would be a stopwatch If you could try ~5 reboots averaging the shutdown time without Edge and then install Edge and try ~5 more, that would give an accurate picture of the slowdown (and is exactly what we have done extensively internally to come up with a change of nearly 0s).

 

Will do. Was going to use a watch but just wondered if you wanted a more detailed picture.
Will try and get back to you tomorrow

 

Or here

 

Joe,
Have done a couple of shutdowns and restarts, no difference on the start up with or without Edge but the shutdown average with Edge is 38secs - without Edge (uninstalled) is 23secs, a difference of 15 secs
Will have another run tomorrow and report back

 

I have an issue.
I use the program molebox (molebox.com) to pack exe and datafiles etc. into one executable package, to protect them, and all this packages are immediately blocked by prevx edge.

 

It may be easiest to use the whitelisting/overrides features if you are frequently building programs locally but if you do release a version of software which is packed with molebox, send me a link and I will get it whitelisted for other users

 

This are about 250 applications I wrote and have to pack with molebox... there must be an easier solution than white listing all of them...

I figured out that when turning encryption of, and just compress the package with molebox, all is fine.
I guess, prevx does not like the encryption, what I can understand. I have to play around with encryption keys, maybe the key I used is similar to a malware encryption or whatever, I am no expert in this...

 

If you could send me a link to download these applications, we should be able to write a signature to whitelist them automatically

 

I just made a sample program here: http://www.delphifreeware.com/downloads/audioconv.zip

I cannot publish the url's of the software, because that are paid software for my clients..

 

Joe,
Have now done a series of reboots with and without Edge installed. Please note that the timings I quoted yesterday were for complete shutdown and restart - these are reboots:
With Edge installed, average of 5 reboots: close down - 29.10 secs
start up - 42.72 secs

With Edge uninstalled, average of 5 reboots: close down - 15.40 secs
start up - 42.75 secs

so, a difference of around 14 secs closing down, no difference re-starting.
Also removed Defense Wall and the results were the same.

 

i bet that if you clean you registry the problem will be solve
note:carefully when doing so,i clean my registry when i get this type of isue and problem solve like magic

 

i got almost the same delay time in shutdown and no delay in start up....when PE is installed and uninstalled

@jmonge, any advise how to clean registry? thanks

 

You could try "jv16 Power Tools 2009" from macecraft.

 

This is very interesting - thank you for the tests. Could you try turning the Edge self protection to "Minimum" and try rebooting to see if that improves the shutdown time? I'm guessing that the self protection would be the only thing that would cause an issue on shutdown, being that we have to allow Windows to close us to allow the system to shutdown.

 

Joe,
I have run the tests again with the self protection reduced from medium to minimum and get exactly the same timings within tenths of a second
What next

 

I think each case of "Slow shutdown" will unique to the individual computer.

For instance...

1) Gateway 32-Bit QuadCore Vista Home Prem full patched.

Slow down for shutdown = new .net updates

2) Acer 32-Bit QuadCore XP Pro fully patched

Slow down for shutdown = pair of acer services responsible for disc encryption.

3) Toshiba Satellite Laptop Duo Core XP Pro fully patched

Slow down for shutdown = Toshiba Power Controls

4) Gateway P4 2G PC bought in 2000...

Whats not frigin slow!!


I had to hand check each machine until I either disabled and killed off every single item I didnt need running or available for my daily operations and then did a full disc clean up and defragment.

As for the registry, I have seen it where printers leave behind some horrible stuff in the registry which call for space within remote procedure call but never use it and this can cause mucho system burps but a registry cleaner doesnt deal with DependOn registry values.

Best to investigate all possible causes before concluding one single culprit.

Just my 2 cents

 

the next question is it is worth it to keep PrevxEdge vs. that 15secs delay shutdown?

also is it safe to run CCleaner to clean the registry while Rollback Rx is around?....might try to improve the shutdown slowdown.

 

Could you let me know what OS you're using and what other AVs you have installed? I'm still completely at a loss as to trying to reproduce it, but we're investigating possible reasons and could use as much information as possible to correct the issue

 

OS - Windows XP Home SP3
Returnil - on demand
Sandboxie
SAS - on demand
MBAM - on demand

@ fce -
I myself am not worried about the extra 15 secs delay, doesn't bother me - its just that Joe would like to understand what is causing this delay on my machine and also of other users that first raised the subject. I wasn't the first to report this, I just assumed it was a quirk of my particular machine which I think is what Cretemonster is saying.

 

From VirusTotal: ~Snip. Not allowed unless requested.~

U might wanna change it or you'll have to contact each vendors all the time.

 

False Positive: Core Temp 0.99.4 [High Risk Fraudulent Security Program]

http://www.alcpu.com/CoreTemp/

edit: Triggered when Heuristics is set to High and Max. (other settings not tried).

If you need me to send the executable, please PM.

Thanks

 

Fixed Thank you for the report!

 

That was quick!

Thanks!

 

Some AV report just totally nonsense (eSafe and CAT-QuickHeal).
EVERY single delphi program I uploaded to Virustotal is flagged as "suspicious" by for example eSafe. Even the official ogg dll's are flagged.
I did not find any single file at the moment which is not flagged in any way.

EDIT: I did now a test. I created a new empty delphi project, compiled it, uploaded it to virustotal, and its flagged 15/40. Is that cool?
But using the same AV (F-Prot for example) on my PC and scan the file, its clean!

But this is about prevx. Prevx at virustotal flag my delphi program too, but the local prevx edge I have running does not find anything bad in the file...

 

Hi fce

I can't believe that question would be asked...+15 secs at shutdown vs. the protection that Edge provides...surely that is a no brainer?