Introducing, The New Prevx Edge.

Just sent you a private message with e-mail address

 

This will be sorted in the next 2-3 weeks hopefully, with a file submission site and support forum as well.

 

Thanks!

Unfortunately I couldn't contribute in beta-testing, as Prevx Edge ran flawlessly for me!

 

Do you work for prevx? If so you should request an orange name because its confusing now .

 

I only had a few minor blips and PH was all over them like slime on a pond in no time. Edge was one of the most stable betas I ever tested.

 

i have some from i recieved today if you want them, to be honest... i'll probably just pass them onto you anyway, aswell as my drweb, which i usually do for samples i find.

 

We're always interested in new samples Marco would probably be more interested than myself, but if he is sleeping, send them to me and I'll take care of them ASAP.

 

ok, i shall try and send them through email, just let me know if you get them.

email is always dodgy, sometimes the file is to big to send and those dreaded mailer daemon messages arrive. lol

 

Great

Also, I rescanned your files and everything that was actually malicious is found now.

(FWIW - Some of the remaining samples are garbage, so, you might want to remove them: malware 103, 107, 108, 166, 169, 248.)

 

Yes he does, and another one of us should be coming here shortly as well

 

yep, i will remove those 6 garbage files.

just sent you another 30 or so from today (i forget the figure)

edit: and 5 from the bifrost set that i sent you were just detected now also.

awesome!

also, about the recent PM, it works fantastically, thanks.

 

Prevx folks,

Bug report:
1:Crashed last night when Threatfire network rule triggered. Event viewer logged,
"Faulting application prevx.exe, version 3.0.0.172, faulting module prevx.exe, version 3.0.0.172, fault address 0x00094e6b."

2:Crashed during boot this morning, no Threatfire sys. tray icon, yes, TF services still running. Event viewer logged,
"Faulting application prevx.exe, version 3.0.0.172, faulting module kernel32.dll, version 5.1.2600.5512, fault address 0x00009826."

Appears to have a conflict with TF.

Sys. Specs:
Intel P3600, 768mb ram
XPpro sp3, fully patched
Threatfire 4.0.0.8
Avira personal
PCtools FW+ 5.0.0.19
Iarsn Taskinfo
HTH
P
Edit: OK, seems to be the custom rules in TF,either the hosts, or network, trying to pin it down.

 

Hello,
We are investigating this now and will report back shortly. Thank you for your information!

EDIT: I'm reproducing your setup as we speak to try and see if I can reproduce the crashes over here.

 

Hi All,

If you have any new samples that are undetected, or any FP's that you find, message them to me via PM and i'll get them sorted asap.

 

so, who's the one who now wants the samples?

all of you?

would be nice if there was an email.

 

Hello,

thank you for samples you sent me. I've had a look and I've added detections.

File you sent me inside unknown3.zip package is a clean one. It's the Windows 2000-KB823980-x86-ENU.exe, the Microsoft patch that addresses MS03-026 vulnerability (the one used by MSBlast)

Thank you

 

You can send them to jacques [_at_] prevx.com for now, we are working on a proper submission system in the next week or two.

These will come straight to me and I can add them straight away.

I'll send them to Joe/Marco if they want them.

 

We will soon have the whole Prevx family here!!!! Thats good.

 

You see, some time ago someone was claiming we at Prevx didn't care about our users

 

Hello EraserHW,

I retested PE against the 15 missed samples with advanced heuristics set to "high" and "maximum". Unfortunately, all 15 were not detected. On the other hand, when I set advanced heuristics back to "medium" and set age/popularity heuristics both to "medium", PE was able to detect 10 out of the 15 samples. Looking back at post #391, I am not sure if the 10 of 15 detection improvement was due to your signatures or the change in age/popularity heuristic settings .


Peace & Gratitude,

CogitoErgoSum

 

so now we have prevx edge and which intergrates csi, and we also have prevx 2, so if you put both on your computer you would have awesome protection!!?? Am i correct

 

Well, you can use Edge and Prevx2 on the same computer, but there is a lot of overlap between the two. However, if you do use the more advanced features of Prevx2, they are an excellent compliment to Edge's user-friendly protection

 

Advanced Heuristics are best applied during a real infection on an infected user's computer. Age/Popularity will work at any time and I'd believe they are what accounted for the increase in detection

 

ok, just sent in some more.

been a boring day,

 

i have them both running on xp at the moment ,although only on csi licence for edge and they seem to be running ok, what sort of overlap do they have and could they conflict with each other