Introducing, The New Prevx Edge.

Isn't a trial license possible if contacting you or anyone else of the support team?

 

Hi Romagnolo

I can definitively see a Prevx Edge entry in Add/Remove programs on my rig. Perhaps if you go to the folder where Edge is installed and try double clicking the .exe you find there it may attempt to reinstall itself and recreate the Add/Remove link for you to then use to uninstall/reboot/re-install it?

 

Click back.
Head to Tools - Save scan results.
Send it to user PrevxHelp and he will correct it

Try
http://info.prevx.com/download.asp?grab=csiuninstalltool
Use, reboot, install
http://www.prevx.com/prevxedge.asp

 

Most likely an FP, especialy if you are running v3.0.1.40. There seems to be a small window, just after a new build is release, when there is a spate (but getting smaller with each build IMHO) of what apppears to be FPs. I tend to hit Back, then Settings\Detection Overrides where I mark the offending item as an FP and then notify Joe (PrevxHelp) with a Scan Log taken ASAP after the detection occurs.

Of course, before I mark the offending item as an FP I do check up on the web as to the abckground of the item concerned and only proceed as such if I am reasonably happy that it looks like an FP. If worried about that then just leave as is and notify Joe (PrevxHelp) with the Scan Log.

 

is PrevxEdge prone to FP?....

 

Hi fce

Any such application is not immune from FPs...it is the nature of the beast...but as far as I am aware whilst Edge does have some this is a really, really small proportion of the total number of files they analyse and have recorded in their databases...and IMHO that very, very small proportion has been getting smaller as time goes by and use of Edge increases...which is all to the good.

No need to worry. Just follow what I have suggested in terms of getting any such 'sightings' to Joe as soon as possible...they tend to be dealt with speedily.

 

Hello,
Edge actually doesn't do anything during shutdown so I'd be surprised if it actually is increasing the time or if it is a case of the Heisenberg Uncertainty Principle If you would like, send me a PM and I'll see if there is anything in your scan log which would indicate a possible bad interaction

 

I've PM'd you with my email address if you could send me a scan log I'll fix the FP

 

Exactly Edge periodically may produce a FP but so does every other AV - there's simply no way around it because there is such a large volume of software in the world and such a large volume of malware, there will always be a bit of overlap

 

Yes, send me a PM or write in a support email and we'll give you a full trial license (for 7 days or so )

 

You can learn more about the configurable heuristics at http://info.prevx.com/edgehelp.asp (they're under Edge Settings > Heuristics Settings).

Let me know if you need any clarification on them

Also FWIW - the Edge heuristics for Age/Popularity apply primarily to real infections so just modifying an exe would make it new so it would appear to fall under the "young" age/"low" popularity, but there may be other factors which made it pass through heuristics (like location on the system, behaviors seen from the file, etc.)

 

Hi Joe

Glad to have you back. Hope that you are rested and recovered from your jet lag. I would not like to have to do the travelling that you seem to have to.

 

More or less recovered! (zzzzzzz )

(And FWIW - we're still on schedule to release .40 to existing users as an update today )

 

you're fast men!
thanks!

i got 3 more infection aside from the FP that i posted.
it says i need to turn OFF my internet and AV. I turned off the internet but not my AV, it says its already cleaned. i hope the infection is done now.

i scan my system using KIS (without Prevx installed) it never detected the 3 infection. I installed Prevx it give me 1 FP and when i activated my Prevx it do automatic scan and FP is solved and detected 3 new infection.

 

Edge recommends that you turn off your AV when cleaning to prevent interactions which would block cleanup. If you would like me to check that the files are really malicious, send another email over to my address and I'll analyze them

 

check your email and please let me know what is that 3 infection that Prevx cleaned. i remember its Powerdvd .dll

i'm running my powerdvd right now without problem after the clean-up

 

Got it - and found the reason behind the false positives and its now fixed for all of them Those powerdvd files are using an encryption technique used almost always only by malware but they are indeed legitimate.

I'm not sure what they actually do in context to the rest of the program, but if you do need to, you can restore them with the "Undo Cleanup" feature under Tools.

Sorry for the FP, but they definitely won't happen again (and this signature actually explains a handful of the more recent FPs reported here so this should cut down the complaints quite a bit )

 

thanks!

 

thanks. so the 3 infection that reported by Prevx is also FP?

 

Joe I'm sending you a file I just want to know if it is a PDF Exploit malware? And if it is can you tell me what it does?

TIA,

TH

 

Yes - they are all related to the previous FP you had (all detected by the same signature) so they should all be corrected now

 

Finally got the infection working We block it heuristically - it just looks like a downloader/dropper so nothing too fancy Let me know if you have anything else in need of investigating!

 

Thank You!! As always Great Support!

TH

 

V40 sticks on 50% CPU usage

Tried changing various paramaters; no impact. Ran a scan and CPU down to normal during scan, then back to 50%. Will try a reboot and see if that helps.

 

Re: V40 sticks on 50% CPU usage

It may also be worth uninstalling and reinstalling - I'm surprised that the CPU usage would go down during the scan as normally that would be the time that it would go up

Let me know what you find after rebooting or uninstalling