Introducing, The New Prevx Edge.

This got buried - any advice?

 

http://netsecurity.about.com/od/readproductreviews/gr/prevxedge.htm?nl=1


Here is a review i found on prevx 3 and it is good reading.

 

I had this for a short while as well.

In my case is was due to Vista and not Prevx.

This fix worked for me.

 

Well said! Fully agree!

 

Its worth noting that this review is about one of the first releases of Edge and since then we have made significant amounts of changes, correcting the GUI issues they mention and the self protection complaints

 

This fix does tend to work, but if it doesn't, could you let me know what other security programs you're using? There may be some negative interaction going on preventing all of the components of Prevx 3.0 from loading.

 

How about my proposal:

There is not much point of these notifications now for me at least.

 

Yes, this is true - I'll ensure that we add a feature to remember the last position of the scan dialog so that the user can change where it goes

Thanks for the suggestion!

 

I guess PrevX use the screen resolution to determine to bottom/right instead of using the desktop rectangle for that (desktop client rect)... but anyway, its fine for me where it is now.

 

btw: greetings from San Francisco http://www.prevx.com/blog/127/RSA-Conference-.html

 

So, you like making any money out there.

 

i am running kaspersky internet security 2009 and have a licence for prevx 3 without realtime, which i think should be enough protection.

If i bought real time upgrade will they run toegther ok

i dont really want to give up on kaspersky as i am not convinced about windows firewall, unless anyone can reccomend a firewall to run with prevx 3 with realtime

 

Marco, looks good.

I know how much planning is usually involved with getting all the promo material, equipment, and presentations ready. Good luck with the rest of the conference.

 

I'll give it a try next time it happens.
Any advice on getting Windows security centre to recognise prevx3? It was fine with edge.
Thanks

 

I sent to support yesterday - yet to receive an answer to my query. Joe, could you please take a look at how it goes? I don't want this process to take a long time...

 

Personally I don't understand the previous comments about high number of f/p's presented earlier in this thread. I have seen no such thing, even though I run with increased heuristics here.

I quess I'm more of a regular user then in my case, I've had quite pleasant user experience. In fact even the whole upgrade from from Edge to 3.0 went by w/o me even noticing it. That is good I am running Kaspersky IS here.

 

Probable FP see screenshot:

Prevx Scan Log - Version v3.0.1.62
Log Generated: 24/4/2009 02:23, Type: 1,8192
Windows XP Professional Service Pack 2 (Build 2600) 32bit|1033
Some non-malicious files are not included in this log.
Heuristics Settings: Age: 2, Pop: 2, Heu: 2 (Dir: 1)
Last Scan: Fri 2009-04-24 01:47:39 E. Australia Standard Time. Number of Scans: 211. Last Scan Duration: 21 minutes 42 seconds.
[BP] h:\downloads copy\downloads\siw2009-03-17.exe [PX5: 33B82D1200534C22F6D81756284E25001E600AE0] Malware Group: High Risk Worm
(ACTIVE) c:\program files\opera 10.0 alpha\opera.exe [PX5: 4EFAD42D007EF469B829017B73836900EE370BD3]
(ACTIVE) c:\windows\system32\drivers\dwall.sys [PX5: 7812006400885EC1E2430ACD8FCA0C009E0AEA12]
[UP] (ACTIVE) c:\program files\opera 10.0 alpha\opera.dll [PX5: E3467D9D00CF925F4E3B3BC7B5C3F9001AE5677B]
(ACTIVE) c:\program files\grisoft\avg7\avgabout.dll [PX5: 34BDCFA400D8E358241B1002A638FB01A5642E6B]
(ACTIVE) c:\program files\sunbelt software\vipre\vipre.dll [PX5: E6350F1D28487D4345330480B5718C00A20CE2D7]..................................

 

Personally I've experienced it's not heuristics like Joe says - it's how new something is most of the time, like new software versions, or even new software.

Instead of looking at what the thing actually does, even before looking in its databases over what's good and bad, it'll check how new something is. I don't think that's the best approach to find yet unknown malware - I think BB is.

 

Each approach has its own advantages and disadvantages. This includes living in the bleedin' edge even (ie. using very new software)

From the POV of regular user, I'd imagine PrevX 3.0 works perfectly (according to my own experiences). In the end it's the regular users that count, not power users who deal with who knows what on a daily basis. We always learn, and adapt. That is something one can not expect from normal user.

 

Okay I am going to backup with Acnrons Enterprise first. Then install software with know malware do the test along with the other items listed but this will be only PC Tools INS 2009 with TF set to the max, PC Doctor 6, PrevX 3.0. And see which software can block the cloak malware that know to be embeded in this software app I am going to install.

Start time: 1.19PM I'll post images if I can with the results..

 

Hello MarkW,

I was looking for answers for compatibility between NOD32 V4 & Prevx Edge and I saw that you have some experience already with this two applications. Right now I am using NOD32 v4.0.424 (default settings) & Prevx Edge (trial version).
I'm not convinced that trial version can do much for me along with NOD32, but I'm thinking a real time protection for Prevx Edge will be different.
Some questions that I have:
1. Prevx Edge with real time protection it's much heavy on resources than trial version?
2. I would like to keep NOD32 as my primary security program. Are these two programs complementary, or it's an overlap and isn't really necessary to have them both. (I'm not that paranoid to have multiple security programs, fighting each other on my PC).
3. Is Prevx Edge (full version) 100% compatible with NOD32?
4. What is your experience of using these 2 programs after 3-4 months?

Other users opinion will be much appreciated.

Thanks,
Jedi_m

 

I have reported this FP several times, but it is still there:

[NF] (ACTIVE) c:\programmer\bang & olufsen\beoplayer\mmhook.dll [PX5: 9708D1D400A1052FBC9304914286E5002D1CAB66]

PrevxHelp pleeease

 

Prevx has been nobbled!

I have been testing Prevx against a selection of malware (500 samples - all a few months old) in a simple on demand scan (scanning the folder containing the malware)

Prevx got almost half of them on the first scan. Strangly, Prevx insisted on rebooting to remove them (they were not running - so why reboot? - A2, Avira and F-Secure got 100% of them without rebooting)

On reboot, Prevx performed another scan and found about 250 of the malwares in another location - and so went on and on through the process of rebooting and scanning.

Eventually, Prevx got about 450 of the 500 (why didnt it detect them all on the first scan?) I checked the remaining files with Prevx and it did not detect any of them with a on demand scan.

I ran each of the remaining malware samples inside sandboxie - and Prevx missed them all.

I deleted the remaining malware, refreshed the system image and tried again - with exactly the same results. at the end of the test, I did not install a new image, but deleted the remaining malware and rebooted. I then copied the folder of 500 malware samples to the desktop again and ran a new scan. This time, Prevx ran VERY slowly - about 25 mins to do under 30K files (should take 40-60 seconds) Eventually, Prevx crashed. I rebooted and tried again. Again Prevx crashed. I restarted Prevx without rebooting. Prevx realtime protection was disabled and would not enable. I set self protection to maximum and rebooted. Prevx seemed okay - until I ran a scan, when it froze and closed. It does this all the time now abour 8K files in to a scan. When I restart Prevx, realtime protection is disabled and cant be enabled again.

Clearly, one of the malwares has done something to Prevx. This is all old malware and has beeen scanned by Prevx several months ago - so should be known. Cant see how old malware can cripple Prevx when set to max self protection. Also cant see why Prevx misses 50% on fist scan when all the other AVs I have tested get 100%.

 

Hi PrevxHelp, think i find a FP today about the new version of utorrent released in April 22, 2009. Downloaded the exe from utorrent site and is flagged High Risk Worm. Can you take a look at this? THX

 

Joe,

Whenever I launch my browser sandboxed, I am seeing Prevx consistently scan 2 of the files related to SBIE - sandboxierpcss.exe and sandboxiedcomlaunch.exe

Also, when shutting down my sandboxed browser it always visibly scans start.exe, which is another sbie related file.


Shouldn't I expect to only see this happen once?

Thanks,
Mark.