prevx malware submission fail

So, if we have the Facebook PSO and install the latest Prevx beta over it, what happens? Does the program still function like PSO as you've described, or is it changed to function as Prevx does?

 

It still works as PSO. Let's say that the functionality is in the license; you got a PSO license and that's what defines how the program is going to work. The only difference between installers is the GUI.

Also note that, if you install a beta, PSO will automatically update with every beta that is launched. So, you'll always have a beta version running.

 

Yes This is exactly correct - increasing the heuristic settings manually in the PSO version, however, will mark you as a more technical user and will revert the warnings to their normal status in Prevx 3.0 mode, although there are still some user experience differences even when in this mode (namely malware notifications aren't shown).

The SafeOnline version is made for protecting users' credentials - you'll want to download the full Prevx 3.0 version to have more granular control over individual malware detections.

 

But can they install Prevx 3 full over top of the Facebook verion to keep there license or can they just install Prevx 3 full and add the license from Facebook version and have the added detection without removal? Maybe you can explain just alittle bit more? Because I have not use that version and for future reference!

TIA,

TH

 

I'm not sure if that will carry the license over - it very well might though, but I'll do some additional testing to try to determine exactly what occurs server-side

 

Thanks that will be helpful!

TH

 

@PrevxHelp

Using as an example the malware ro.exe that you didn't detect when i mentioned it before. What was it that your auto malware analysis had difficulty in including it asap ? Or did it require manual analysis which i know takes longer ?

Don't know if you have included it yet ? as checking on here http://www.prevx.com/malwarecenter.asp could be a lot easier if you had a next button to go to the following pages instead of having to keep going up to the top and clicking numbers repeatedly.



So i gave up looking

You're not wrong there

 

I honestly couldn't say I don't have the sample and am not in the malware research team. I did a quick database search and we have more than 6,000 unqiue ro.exe's in the Prevx database, most of them being bad, so if you could please send me the sample, that should let me narrow it down rather than trying to go through each

 

@PrevxHelp

We like honesty

Wow, that's a few more than a few

I don't have it anymore i binned it after uploading to VT

 

How about the scan log entries on that file is it listed in there?

TH