Prevx Edge - googleupdate.exe = malware?

Discussion in 'other anti-malware software' started by Victek, Nov 23, 2008.

Thread Status:
Not open for further replies.
  1. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,133
    Location:
    USA
    I just installed Prevx Edge and it identified googleupdate.exe as malware. This file is in the appropriate folder under "program files" and was installed as part of Picasa (Google's free photo organizer). I'm thinking this is an FP - what do you think?
     
    Last edited: Nov 23, 2008
  2. Threedog

    Threedog Registered Member

    Joined:
    Mar 20, 2005
    Posts:
    1,125
    Location:
    Nova Scotia, Canada
    Re: Prevx Edge - googleupdater.exe = malware?

    Probably a FP. Send Prevxhelp a pm and he will fix it up for you.
     
  3. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Yes, send me a PM and I'll get it sorted immediately :)

    Click Tools and Settings > Save Scan Results and then send me the log entry which contains that file in it.
     
  4. hammerman

    hammerman Registered Member

    Joined:
    Jul 14, 2007
    Posts:
    283
    Location:
    UK
    Do you think a way of automatically reporting FP's would be a good idea?
     
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Saving an override right now in Edge (right click on the file > report false positive or Detection Overrides > Ignore) will send the report to us, however, it gets sent into the queue which includes other files and a lot of attempts by hackers to abuse the system.

    So, it is generally fastest to send it through me or via our support inbox. We are going to be starting a system online which will let users send up false positives/negatives via the web which should make this process much easier.
     
  6. hammerman

    hammerman Registered Member

    Joined:
    Jul 14, 2007
    Posts:
    283
    Location:
    UK
    Hmm..that makes me a little nervous.
     
  7. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    No need to be nervous :) It is virus writers trying to get us to automatically change our opinion on a file (as some other "community" programs may do) by having dozens of computers mark a malicious file as a false positive. Our systems are very hardened against this type of attack, so, there isn't anything to worry about.

    However, as I am basically always on Wilders 7 days a week, it would generally be faster to go through me :)
     
  8. rolarocka

    rolarocka Guest

    Couldnt it be also the trial users choosing "Trust" to get rid of the popup?
     
  9. emperordarius

    emperordarius Registered Member

    Joined:
    Apr 27, 2008
    Posts:
    1,218
    Location:
    Who cares
    A PrevX forum here would be nice.:)
     
  10. Baldrick

    Baldrick Registered Member

    Joined:
    May 11, 2002
    Posts:
    2,301
    Location:
    South Wales, UK
    I second that. This would be a very good move and would allow some additional focus re. what is IMHO a very exciting new product.:thumb:
     
  11. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,133
    Location:
    USA
    Yes I did choose the "trust" option to eliminate red flag because I feel pretty confident it's a false positive, but it's still important to make sure and to update the user database.
     
  12. PrevxMalwareHelp

    PrevxMalwareHelp Registered Member

    Joined:
    Nov 16, 2008
    Posts:
    9
    Hey Victek,

    If you are still having this problem please can you send me the file to the address that ive PM'ed you with.

    Thanks
     
Loading...
Thread Status:
Not open for further replies.