Introducing, The New Prevx Edge.

Hmm... are you still receiving the warnings? It looks like the file was automatically trusted in our database some hours ago.

 

Here is a screenshot of the alert:
http://img15.imageshack.us/my.php?image=pedgeschannelscrshot.jpg

Please note that doing a regular manual scan shows that I'm clean...then the alert returns. Maybe this explains why in the scan results log I don't see something strange or a report about schannel.dll

 

Yes the alert still appears. About once every 30 minutes. Even after a scan with edge that has shown that I'm clean.

 

That is indeed strange Could you click Settings > Detection Overrides > Add Override, then browse to the file and click the down arrow in the drop box and select Ignore this file, then click save.

This should prevent the warning from showing.

 

For now I'll leave the warning on. I want to monitor this more. Thank you for your replies.

 

Well, the file is legitimate - it was just installed new because of an update within the last day or so which is what caused the initial warning. However, I'm not sure why the warning would be persisting when the file is scanned as clean. Let me know if you find anything else

 

Just some additional informations.

I've checked the md5 of the file schannel.dll on another pc running same OS and prevx edge and the md5 of the same file on the pc that shows the alert.
The two md5 hashes match. Note that on the other pc I have no alerts.

I know you've already told me ( and I actually knew it) that the file is legitimate. But checking if the two files are identical I believe was a necessary step.

For me this is absolutely a bug of prevx or ...best case... some kind of incompatibility that triggers the alert ( although I can't imagine how ).

I will keep this for a few more hours to see if something changes from your part, then I'll try to uninstall edge and reinstall.

 

Please let me know what you uncover - uninstalling/reinstalling will definitely fix it, but I don't think there's anything else we can do at this point as every record about the file blatantly says 'Good'

 

New installation seems that has fixed the issue. No alerts till now ( 30 first minutes running the new installation ).

 

I had exactly the same alert, but I restored the file (after blocking it initially), or actually overwrote it (maybe windows had replaced the blocked one automatically), and no alert since then.

 

Hello all,
Just wanted to let you all know that we just completed a complex new module on the database which will dramatically reduce the number of false positives. This change is, by far, the widest reaching false positive reduction improvement we've ever implemented. It comes after a great deal of analysis over the data from the first 3 months of Edge being "in the wild". We've engineered this improvement so that it will not affect protection but only false positives - especially the ones reported here frequently with the age/spread warnings.

I do enjoy fixing false positives quickly, but I'm sorry to say I won't have to do it as often now I'm still here, of course, if you need any other assistance or if you do experience a FP which escapes our new "trap" for them

Please let me know if you have any questions or comments!

 

Hi Joe

Just got what I believe is an FP re. Drivermax.exe, which I have just downloaded but as far as I can tell is legitemate Driver scanning & updating software (from innovative-sol.com).

Do you need me to PM you a scan log?

Cheers


Balders

 

Yes please

 

As Easter would say,"This is outstanding."
This is the next step for a product to strive for and Prevx has done it. Some AV vendors are still trying, after many years. Why is this so important? Because of the short time frame that Prevx has accomplished this in. I can now say with all my heart, Prevx Edge has proved that it is the one most valuable product on the market. It has set a new bench mark for all other Malware products to shoot for.

Joe, you will still be needed, but I am totally impressed with what Prevx has now accomplished. The corks should be popping.

 

Thanks The final impact of the changes should be affecting all users within the next couple hours so we have some fun times ahead

 

tell PWD he still owes me a slight improvement in the tray icon. He knows what to do.

 

It's already in, just waiting for the next version currently

 

Is it in beta so that I can test it?

 

Not for a while still We have a lot of features in development at the moment

 

new features?

 

Keeping quiet on them for a little while still, but they will be revealed soon

 

ok

 

Does Threatfire complement Prevx Edge? Or are they redundant?

 

They do have overlap but it does complement Edge if you are interested in more granular reporting of detections

 

cool