Introducing, The New Prevx Edge.

If I disable heuristics, I lost all the power of prevx. So that is out of question.
And excluding the folder make no sense too, because all my client will have the same issue.

When prevx flag it at the first start, and at the second start not anymore ("but are trusted after they're analyzed after the first execution"), why does it happen again, when I compile the same exe, which is binary identical and start it again? The only thing what changed is the compilation time. When comparing with a hex editor, they are both identical, same CRC.
I don't know why all the delphi executables are always flagged...

 

From what you've sent me before, your exes are packed with PECompact2. Could you send me some of the test exes so I can see what's flagging them now?

 

I tried to install Prevx 3.0 and it froze my Windows.
After installing it attempts to perform a learning scan but there is no HDD activity. I can't even shut down or reboot the computer. I can only unplug it.
I have tried it in two other rollback snapshots and the results are the same.

 

It is working fine for me. Joe should be here soon.

 

I'm not sure what would cause this Do you have any HIPS products installed which could be interfering/showing a warning about direct disk access?

 

Just to fill an idle moment, an associate and I just tested Prevx, Avira and A2 against some new malware (39 samples) all less than 24 hours old.

I have run loads of tests like this and A2 has usually comes out top, with Avira a very close second. More recently, Prevx has sometimes beaten A2, but today, Prevx has excelled itself and got 36 out of 39! A2 got nearly half of them. a stonking result for Prevx!

I know this is only a small sample, but I run tests quite frequently and it looks like Prevx is getting better and better.

I will do a test of a few thousand zero day naties at some point in the next week or so, which should give a more meaningful result.

To date, I have run these on demand tests under Returnil. In future, I will run them under VMware - but Im assuming this could be problematic with the way the Prevx license works?

 

Hey Joe,
how can I send you some fp's for you to fix?

its the launcher.exe for the game perfectworld

located at Z:\Program Files (x86)\Perfect World UK\launcher\lancher.exe
OS vista home premium 64bit.
Kaspersky had an fp on the same file a few weeks ago and fixed it.

once the fp has been fixed do i simply run a new scan so it doesnt get detected again?

 

Outstanding!!!

Doesnt surprise me, but thank you for your testing and candid feedback.

 

Got a question about license. I know you don't allow one to be shared on multiple PC's and I understand that. But I have just installed win7 in a dual boot and I can't run it on both of them? I only have win7 RC and just testing it out mainly, but it's the same PC. Is there any way I can run it on both since in reality I won't be running either at the same time therefor getting more out of the app then I should be.

PS.. I did look and didn't find an answer, but I do overlook things at times. My apologies if that's the case here.

 

It's per OS hopefully there will be changes in the future! But you can try it and under My Prevx https://my.prevx.com you can make changes to your License by removing and adding but you can only do it so many times and you can contact support and they will be happy to help you out as I did many times!

TH

 

In the meantime until we change the system, we are willing to make exceptions - feel free to PM me your license key and I should be able to get it working on both partitions

 

Would be great if prevx would run on a per-pc basis, not per-os basis.
I too have that issue. My main OS is Vista, but run XP and 2000 under VirtualPC to test my software products, and have there of course no Prevx, because it wont install, even its the same PC.

 

You can still install and run it unlicensed - it functions precisely the same in the evaluation version as it does in the registered version, it just won't block an infection which it finds.

We're working on identifying computers by hardware but there are many caveats to this approach as well so either way is a tradeoff (and there are relatively very few users who actually use multi-OS installations).

 

PM Sent and thank you very much for your help. I do understand that most user will not have an issue with this. I was just caught off guard by this small problem. You really do go out of your way to help your users..that I won't forget.

 

...as you wrote, "it just won't block an infection", so it make no sense to me to install the unregistered version.
I hope there will be a solution before I ditch nod32 this coming June. I will run by then just prevx and defensewall, and an unprotected OS in the virtual pc means a lot of reinstalling the OS because of infections, I guess.
It really looks like I have to purchase for each OS (on the same PC) a new license...

 

I use Comodo with Defence+. I allowed/remembered on the first try.
Round 2 Disabled Defence+ completely. Same result. Frozen when it tries to scan. No HDD activity period. Windows locked up tighter than a ducks...
I also use Rollback software.

 

Hi,
I believe an FP...have no reason to believe it's real infection:
(ACTIVE) c:\program files\common files\tortoiseoverlays\tortoiseoverlays.dll [PX5: 64A785CF0003541A3A620100C08A490035A4B5A2] Malware Group: High Risk Worm

tortoiseoverlays.dll must be part of the tortoisesvn ( http://tortoisesvn.tigris.org/ )

 

Indeed it is. I've fixed it now... bit surprised this was caught as this should have been trapped and ignored automatically, I suspect we have a bug somewhere and I'll bring this up with the head of the research team shortly.

Thanks for the report Let me know if you see anything else similar to this!

 

were you able to reproduce my problem

 

I added another year to my License and it took 15 minutes to show up on my License!

Very easy transaction! Just wanted to share my experience.

TH

 

Trying to do a scan right now but I am unable to connect to the database. Anyone else noticing this problem...

 

I just did a scan and had no problems. You might try again.

 

Everything seems fine from what I can see (and my scans work fine here). Did you by any chance have a recent firewall/AV update? Kaspersky produced a FP against us yesterday which should be fixed now (not sure if you're using Kaspersky but its worth a guess if they're blocking us silently )

 

I'm trying now Sorry for the delay - its been an extremely busy week at Prevx this week

 

Joe: haven't cleaned these up yet but do you think this is FP or threats? One of 'em is Microsoft, please advise.