Introducing, The New Prevx Edge.

Yes, but this is a good "first line of defense" to block malware - ThreatFire isn't perfect, neither is Prevx so we want to have as much protection as possible without generating more FPs Note that this is the only analysis which is "time" dependent - all of the other heuristics behave independent of the age of the program.

The Community.OuterEdge detections have been toned back quite a bit for the default age/spread detection settings were reduced a few weeks ago (as Conficker is out of the spotlight) which should reduce the complaints with those detections, and the new engine redesigning we're working on will significantly reduce processing overhead and over the next two months we are going to be putting in massive new servers which are 5x more powerful than our current root datacenter so not only will the processing overhead be less, it will have much more headroom to work with

If you still have complaints with the current P3 release, you may want to wait until the next version which should clear up a majority of the complaints people have had

 

Thanks, Joe. I'm just thinking about the Age/Spread detections being the only ones I've had I think when installing new software. I dunno, but that seems to be it, which makes me hesitate less disabling it. I dunno what level it's at now, though, how many people that have to have run the same thing for it not to alert. Logically improving Prevx to not generate as much FPs won't affect this part except for the threshold.

 

Getting a bit American there Joe!

 

Hmmm... okay, BUT I hope this doesn't mean that you are sacrificing ANY aspect of Prevx's arsenal of protective algorithms in order to satisfy nit-pickers.

 

Or add it to Detection Overrides?

 

Don't worry, Bellgamin - not according to Joe. Only improving both aspects; FPs and protection, and massively for that matter according to the source.

 

Definitely not There were some issues with the first versions of this detection algorithm which caused more FPs than they should have so we've toned them back from that to reach where we are now but we aren't going to "dilute" it any more by default as we are seeing that the age/spread protection is massively effective, especially against threats like Conficker.

 

I live in the US and fly back and forth to the UK every month or so (and am there now ). Even though I'm submerged in the culture, my American English prevents me from inserting U's and changing S's

 

you Americans*...

*before every american user starts blaming me, I've to explain I've nothing against americans, it's just a joke born this week here at Prevx HQ between me and PrevxHelp

Edited: grammatical error

 

Heeeey, you'd better use a capital "A" there, mate.

 

It's saturday night here Tired Edited

 

Ah, I see.

Im planning to fly out of the UK and not come back!

Just waiting for the £ to get back up to > 1.3 €, then my family and I will be gone like the wind.....

 

Hehe, just teasing. Thanks anyways.

 

Does not make sense, because the people who use my software will not have it disabled and might get alerts.

I think the signature approach is a better solution, considered that future Windows versions might only run applications which are digitally signed... who knows...

 

just re installed cc cleaner and prev x came up with this infection on the attachment if ive done it right

 

I can't find a ccleaner220.exe install file which is bad in our database - I've sent you a PM if you could please send me a scan log so I can correct it

EDIT: Never mind - I think I found it. Are you using Online Armour as well as Prevx? When downloading programs, it seems like they sometimes do odd things which causes us a generate abnormal FPs (they seem to pause the download at 8kb and then load the file). Let me know if this is the case and if you can try running another scan if I've fixed it

 

How does PX react on USB trojans etc, which start via autorun.inf?

 

It will block them - Prevx works on blocking executing code so it will catch them as soon as they try and load.

 

Thanks for the quick answer. I have removed NOD32 (does not work with Vista SP2 properly), and will not extend its license next month anymore, and wanted just clarification that everything will be fine by just running PrevX.

 

Hi, I installed GData Internet Security 2010 and it removed, said it was necessary, my Prevx Pro. It was my understanding that Prevx played well with other software. Is there any way to remedy this so I can reinstall Prevx and they will coincide nicely? I am a BIG fan of Prevx and I want it back!!!

 

There is no incompatibility between Prevx and GData but they probably just have a blanket rule saying to remove any existing AV. Can you try installing GData and then installing Prevx after? It should work properly without warnings, but let me know if it still complains

 

Thanks, I will try that now.

 

Hello again Joe

Added RemoveFocusRect.dll to System 32 and Prevx is very unhappy - I've trusted it for now, but would like to know what the Prevx rundown here actually means. I don't really know what to make of the info. on the page - is the .dll confirmed malware?

Thanks in advance

philby

 

Yes, it is malware.

 

Thanks for replying - would you be able to expand a little on how you know it's malware and what nefarious acts the file is guilty of?

I'm just trying to understand how to interpret what this means, as I can't see what's so bad, given what the file is supposed to do - it was added to stop windows from leaving the last selected tree item with a dotted rectangle around it.



Thanks

philby