Prevx Edge Installer confusion.

Discussion in 'other anti-malware software' started by RedDawn, Apr 20, 2009.

Thread Status:
Not open for further replies.
  1. RedDawn

    RedDawn Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    125
    Location:
    Ireland
    Hey Guys,

    I am interested in trying Prevx Edge, so tonight I downloaded the installer from their site - http://info.prevx.com/downloadcsi.asp.
    Before I install it, I've uploaded the installer to VirusTotal which returned one hit from eSafe. I gathered this was a FP, so I then uploaded the installer to Comodo Instant Malware Analysis and it reported:

    Suspicious Actions Detected
    Creates files in windows system directory

    See HERE.


    I know this is a legit program but am confused by the test results, can anybody explain please?


    Thanks :) .
     
  2. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    It is the newest version and some AV's still will see it as a False Positive!

    So it is very safe to download from there website an install, just disable your AV before you install.

    TH
     
    Last edited: Apr 20, 2009
  3. crofttk

    crofttk Registered Member

    Joined:
    May 15, 2004
    Posts:
    1,976
    Location:
    Eastern PA, USA
    As Joe (PrevxHelp) pointed out in the "mother" Prevx Edge thread, AV and AM programs themselves are particularly prone to being FPed by other security softwares just by virtue of the kind of things they do and the depth to which they penetrate the system files and hooks. So, this FPing of Prevx software is not really surprising at all. It's ironic nonetheless and it's not surprising that it can cause some confusion or concern.
     
  4. RedDawn

    RedDawn Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    125
    Location:
    Ireland
    Thanks, Triple Helix and crofttk,


    That would explain VirusTotal's result. Any ideas on the report by Comodo Instant Malware Analysis?

    Suspicious Actions Detected
    Creates files in windows system directory
     
  5. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    I wouldn't concern yourself with that as it says
    • Verdict

    Auto Analysis VerdictRated as Suspicious�

    No big deal
     
  6. crofttk

    crofttk Registered Member

    Joined:
    May 15, 2004
    Posts:
    1,976
    Location:
    Eastern PA, USA
    Well, I am equally unsurprised on both counts, VT's AND CIMA's. I can't comment authoritatively on either one's weakness or FP rate. I just think you're in an area where "all bets are off" and you could expect anything from nothing to a severe ultra bad designation as an FP.

    Ultimately, you have to decide who you trust and there are plenty of folks here to vouch for Prevx's website and the cleanliness of their downloads.

    For VT in particular, only one hit in 40 scans (or however many different scans they do now) is not all that damning.

    Hopefully, someone here can comment specifically on CIMA for you.
     
  7. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Just shows how VT and CIMA are prone tp picking up FPs.
     
Loading...
Thread Status:
Not open for further replies.