Does Prevx add files/objects to "Detection Overrides" ?

Discussion in 'Prevx Releases' started by m00nbl00d, Jan 5, 2011.

Thread Status:
Not open for further replies.
  1. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I've reported a false positive regarding Sandboxie. I added the "detections" to the "Detection Overrides".

    Moments ago I was going to removed them, and see if the false positives were no longer happening. To my surprise, I saw a couple entries there as well, namely for:

    C:\Windows\System32\rtutils.dll and C:\Windows\System32\portabledeviceapi.dll

    These were not added by me, in any way. (I'm also been running Prevx for awhile now, so that I can see if I get the same problems as my relatives do.)

    Does Prevx add entries there by itself?
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It's possible that files similar to the files you've marked as a false positive were added or files which match some of our familial signatures were added automatically.

    It might be helpful to send a scan log to report@prevxresearch.com so that I can take a look to verify what you're seeing :)
     
  3. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    It would be cool if it was now self-sufficient.:thumb:
     
  4. iNsuRRecTioN

    iNsuRRecTioN Registered Member

    Joined:
    Sep 5, 2003
    Posts:
    303
    Location:
    Germany
    Hi joe,

    this should be added to the Prevx application, too.

    So that for paying customers, there is no need to send email within a webmail client or so to you..

    Simply within the Prevx application.

    (Only working/available with a license..)

    regards,

    iNsuRRecTiON
     
  5. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    While I agree with the suggestion, I disagree that it should only be available to paid users. This way, all three parties wouldn't be benefiting from each other: Prevx, paid users and users of free/trial version.

    Prevx would only be getting false positives from the paid users; but, my guess is that many other people are using their facebook version or trial (kind of free) version as well. Prevx wouldn't be benefiting from such users. The more users reporting false positives from within Prevx UI (Let's face it, having to send an e-mail every time is kind of boring...:D) the merrier, right? :)
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    I seem to be responding to the same posts in different threads ;)

     
  7. iNsuRRecTioN

    iNsuRRecTioN Registered Member

    Joined:
    Sep 5, 2003
    Posts:
    303
    Location:
    Germany
    It already work for all users of Prevx, but without priority..

    With email you get priority support, but why have users with an license to use the extra work and time of writing an email, this is no good email support.

    For details see here: https://www.wilderssecurity.com/showthread.php?t=289460

    Yeah I know, hehe.

    Two are better than one! ;) :D
     
  8. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Yes, I know it works for every Prevx user. I actually asked about it sometime ago. I thought you wanted Prevx to give that option only to paid users.

    But, my opinion still stands. Whether false positives are related to Prevx via UI or e-mail, both options should be available to both users of free and paid versions. It benefits all sides.

    The same way paid users may feel bored having to send e-mail, so would users of free/trial version. In the end, if not possible for users of free/trial version to send false positives via UI, then Prevx wouldn't benefit from those who wouldn't send an e-mail, nor would paid users benefit from such.

    It's all a matter of keeping a balance between what Prevx offers and what users can give back, having usability in consideration.

    Just my opinion, though.
     
Thread Status:
Not open for further replies.