Spread Detected Files

Discussion in 'Prevx Betas' started by vtol, May 5, 2010.

Thread Status:
Not open for further replies.
  1. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    Re: Prevx 3.0 with SafeOnline build 3.0.5.137

    FF 3.7 (Minefied) still not supported
     
  2. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    crashing FF Minefield updater - empty override / WIN 7 64bit

    05-05-2010 23-07-26.jpg

    Prevx then initiates a scan, not finding anything, but also showing nothing in detection override, i.e. I get no chance to put an override

    [D] d:\mozilla firefox\updates\0\updater.exe [PX5: FBA2B30B002D02E7D050035EB956310028A40230]
    [D] (ACTIVE) d:\mozilla firefox\firefox.exe [PX5: 8C1E09EE00717F538073012DDDE82A0029588D96]
    [D] d:\mozilla firefox\updater.exe [PX5: FBA2B30B002D02E7D050035EB956310028A40230]
    [D] d:\mozilla firefox\nssdbm3.dll [PX5: D7F2FB9900286400806101876E9CF3008F69C326]
    [D] d:\mozilla firefox\smime3.dll [PX5: 9C1B03CC00900DF680A3015EEF4EB600467DE291]
    [D] d:\mozilla firefox\xpcom.dll [PX5: 7C29D04E00764E9F3047001FDC523F006FABFA84]
    [D] d:\mozilla firefox\plugin-container.exe [PX5: E64BB41B00EED9CD245500A96D572C003CADBB3B]
    [D] d:\mozilla firefox\mozcrt19.dll [PX5: 2FE7CC7700E83E40E07B0AFD991EE100112CF851]
    [D] d:\mozilla firefox\crashreporter.exe [PX5: 67C5F6FB00261829C02B01490705C000E8388B68]
    [D] d:\mozilla firefox\ssl3.dll [PX5: A3B7587B0059EFA81038024E17925E00448FD4AC]
    [D] d:\mozilla firefox\softokn3.dll [PX5: FD1B79AC00FA15F160AF0277E9D26800A2A6F6BE]
    [D] d:\mozilla firefox\freebl3.dll [PX5: 93F96B180078EAE7D03503B3CC79A700FBE769B1]
    [D] d:\mozilla firefox\mozalloc.dll [PX5: FB2B730C00DFD94722E900CD7BFF960071AD1E5B]
    [D] d:\mozilla firefox\nspr4.dll [PX5: E2AB8D4300653C7A90E302596D6B2300DDD7D712]
    [D] d:\mozilla firefox\nssutil3.dll [PX5: 9E35560200E33437401B0161DD874100D8970A78]
    [D] d:\mozilla firefox\plc4.dll [PX5: 0A26A52B00F77EF43A74005AE3AF8A0029808E66]
    [D] d:\mozilla firefox\plds4.dll [PX5: 69745EA300663AF730F50016B9452C0019A17EA2]
    [D] d:\mozilla firefox\mozsqlite3.dll [PX5: 5D8F122600031E7230980BD70E318A00ADBAE16B]
    [D] d:\mozilla firefox\nss3.dll [PX5: 4F3CB40F006D9C68C0F3093AD0AE7700AEB5735C]
    [D] d:\mozilla firefox\nssckbi.dll [PX5: 1F90C4FE00489945003F053BF5BCE100F5D88E8E]
    [D] d:\mozilla firefox\accessiblemarshal.dll [PX5: 17D786EF0096364830B400FE4FC35600BC52F8D2]
    [D] d:\mozilla firefox\mozcpp19.dll [PX5: 6940D188000AC50FE04B0A0D55CC690078FA6602]
    [D] d:\mozilla firefox\components\browsercomps.dll [PX5: 0C991B5000CA2C2700A202088629A8009915E2EF]
    [D] d:\mozilla firefox\plugins\npnul32.dll [PX5: E1D7A3E000543CA710C301196A324B007B
     
    Last edited: May 5, 2010
  3. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,014
    Location:
    Ontario, Canada
    Re: crashing FF Minefield updater - empty override / WIN 7 64bit

    Save a scan log and look for the file that was blocked and post the line from the log!

    TH

    Thanks! You must have your Age/Spread Heuristics Settings set above Medium to High or Max so this is why it is not detected during a scan but on execution!

     
    Last edited: May 6, 2010
  4. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    some more D flagged stuff, which is legit

    [D] d:\ibm\lotus\notes\lsedtipc.dll [PX5: 09EB679800EDFE0F00F6019F89213600FA229030]
    [D] d:\ibm\lotus\notes\nwrdaemndll.dll [PX5: D6FE833C009ECEB57052018FCAD615008ED3031D]
    [DN] d:\ibm\lotus\notes\ntaskldr.exe [PX5: D0FD288D00879AD22A570034BCCDEB00F48FC9CA]
    [D] d:\ibm\lotus\notes\ndgts.dll [PX5: B043589700154D4218E800E073F27800858C5E7F]
    [D] d:\ibm\lotus\notes\nnoteswc.dll [PX5: 50AFBB5D00363EB2DA440004EE541000CAD9E6A7]
    [D] d:\ibm\lotus\notes\kvolefio.dll [PX5: 46AF835600E6A2A1C0110018995A7F0089534474]
    [DN] d:\ibm\lotus\notes\ndyncfg.exe [PX5: AA617E96009243E8C0AE00AB542FA500EAD58039]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.aforce.graphics.shared.dll [PX5: 8B69910500661E341E60002352A3A1001D7F8F42]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.multivpu2.graphics.shared.dll [PX5: 4FC4536600EDE302601D00911D1D90006869E921]
    [D] d:\ati technologies\ati.ace\core-static\aem.ui.shared.dll [PX5: 48C9590F00E481F81C8100830E454800931B84B8]
    [D] d:\ibm\lotus\notes\sut.dll [PX5: 469F40C200DA2E6598FA0006988236006362CC38]
    [D] d:\ati technologies\ati.ace\core-static\aem.plugin.source.eeu.shared.dll [PX5: F7BE0913009E114216C0000B99A5B6008571FB02]
    [D] d:\ati technologies\ati.ace\core-static\atiamaxx.dll [PX5: 9DEF5B1A0072C33EA079038DA4556B0030D22900]
    [D] d:\ibm\lotus\notes\nxtab.dll [PX5: 8495247800831535A038018BB038D6004919BA4D]
    [D] d:\ati technologies\ati.ace\core-static\aem.plugin.source.gd.shared.dll [PX5: C4AADD4100D509C916160070B9289600F9A4D043]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.alicrossfire.graphics.shared.dll [PX5: 1FC811240090BC6E3CAA007006D78200AF37C979]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.verylargedesktop.graphics.shared.dll [PX5: 2670CC9300E6581E60A7009D03A90B00E15AE0E2]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplay3.graphics.shared.dll [PX5: 7535C7C100DED3B0702900F7A99151005A12F871]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.vpurecover.graphics.shared.dll [PX5: 3167FA200064B2685007002DDDE82A000CEAFE66]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplay4.graphics.shared.dll [PX5: 2F522267004C82B970480073E5E0C200D74C78C8]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.smartgart.graphics.shared.dll [PX5: 6F4F8CF90020919260540029381EC6007285158C]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.overdrive3.graphics.shared.dll [PX5: 84C8BED300605D5F6057001637CE940087DB80BA]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerxpress.graphics.shared.dll [PX5: 509B9C0800C974BE32F700934934260079FF7422]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.multivpu3.graphics.shared.dll [PX5: 11809B89004661C7329B00D4068EB50070B59363]
    [D] d:\trillian\libungif.dll [PX5: 621B0B8800294354006501069DEDFE008BA0CF25]
    [DPN] d:\opera\ouniansi.dll [PX5: 3FAA5C7300ED38EB50CC0066C21DCC00B0D7F610]
     
  5. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,014
    Location:
    Ontario, Canada
    Re: some more D flagged stuff, which is legit

    I would suggest you send the scan log to Prevx to sort them out: https://www.wilderssecurity.com/showthread.php?t=270590

    If you just send the parts that you want is OK to, anything with D or U files!

    TH

    EDIT: Just for my case I have all these files because of recent updates! Even Prevx files LOL

    Prevx Scan Log - Version v3.0.5.137
    Log Generated: 5/5/2010 21:50, Type: 1,8192
    Windows 7 (Build 7600) 32bit|1033
    Hostname: xxxxxxxxxxx
    Some non-malicious files are not included in this log.
    Heuristics Settings: Age: 3, Pop: 3, Heu: 4 (Dir: 1)
    Last Scan: Wed 2010-05-05 21:27:48 Eastern Daylight Time. Number of Scans: 4. Last Scan Duration: 2 minutes 5 seconds.
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\dkservice.exe [PX5: 90AD21B0606CE063714A1A75AD80320079D209DD]
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\nsntfsfsconsolidate.dll [PX5: 42FACBF160FF9F3C1D3003C6254A16005570AF8A]
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\dktabprovider.dll [PX5: 10037220607D497EDB4901EBFBC4A500FB86B040]
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\nsntfstve.dll [PX5: CBB0BB8460E244346B4805E999620600BBEEFD5E]
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\nsifaastmeas.dll [PX5: 9E2AADFB606D96B2D7820279C2C1BA0037959829]
    (ACTIVE) c:\users\xxxxxxxxx\appdata\local\theweathernetwork\weathereye\weathereye.dll [PX5: 8B00CF116841E34469493E7B4FAC580021C50F27]
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\prfacade.dll [PX5: D8B5C87460087E6AEF3401D206D81C00ECA79DF6]
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\tab.dll [PX5: 2125AD6460441A7CDDA604E70373C60091F6F9FD]
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\dklib.dll [PX5: 764A30CF605214B1F53802019E5499002D44575A]
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\nsntfsautoanalyze.dll [PX5: 1680A6F36042A4951D340328D08ED500A2412A6B]
    (ACTIVE) c:\program files\diskeeper corporation\diskeeper\1033\dkres.dll [PX5: 51AB4BAC60D5AC81E1583B266E3BA600744C6B9F]
    (ACTIVE) c:\program files\malwarebytes' anti-malware\mbam.dll [PX5: 9CED20E8509395D759650586F34B2E002D3B507A]
    (ACTIVE) c:\program files\malwarebytes' anti-malware\mbamservice.exe [PX5: 0F6E6738504ADA38A5DA04ACCD21E6009319C549]
    (ACTIVE) c:\windows\system32\pxsecure.dll [PX5: 4F2D0EFE00253747EE8B0075BD4509002BEDE4CA]
    c:\diskeeper 2007 & 2009 & 2010 pro premier for all windows 32bit & 64bit folder\diskeeper premier edition 2010 folder\update #903 folder\setup.exe [PX5: 705A63B0386EA67E89A73098CEDF7C01FC70AFB8]
    c:\windows\system32\drivers\anydvd.sys [PX5: 6BCDA05FC01D982B9FC201B74D032F00E44AFAA2]
    c:\program files\slysoft\clonedvdmobile\regclonedvdmobile.exe [PX5: 41A5B49A00473F71508A0143ECFD83000FF9EE0E]
    c:\program files\diskeeper corporation\diskeeper\nsfatmanual.dll [PX5: F6FB016D6073ECE2A76004BDBF37B6005B8DC73D]
    c:\windows\system32\drivers\pxrts.sys [PX5: 89C235F5084A1B55D6BF0001A4D9070084D0E4F3]
    [U] c:\program files\diskeeper corporation\diskeeper\nsfatssdanalysis.dll [PX5: 438DEB2860563BC25D7303501B9F620091BBA942]
    [U] c:\program files\slysoft\anydvd\anydvd-uninst.exe [PX5: 619B51AA4959A434713100D8B246FA00DF1BD40D]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfsdirconsolidate.dll [PX5: B89792CE600433AE2BE204283F2CB4008418A954]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfslfsdfrg.dll [PX5: 80D9158C6093D4C173B60873C343B3009A8831A6]
    [U] c:\program files\diskeeper corporation\diskeeper\nsfatssddefrag.dll [PX5: 25BD22A260E850FAFF4C0304CF0ABC0061008EC0]
    [U] c:\program files\adobe\acrobat 9.0\pdfmaker\project\pdfmproject.dll [PX5: 28D6DF14D89A5FF7D5D101688B71FE00ADB7805A]
    [U] c:\program files\adobe\acrobat 9.0\pdfmaker\autocad\2007\pdfmacad.arx [PX5: 8A49048100963986807814460ECCAF00143EF7BC]
    [U] c:\program files\a-squared free\a2cmd.exe [PX5: 602492A0909E9BF9D1F80D42B88F8B00F1F23E7C]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfsanalyze.dll [PX5: 9C3168E46095AEFF632A031254701400D88717D8]
    [U] c:\users\xxxxxxxxxx\appdata\roaming\superantispyware.com\superantispyware\sddlls\sd10006.dll [PX5: 3C5A951400EE443CF8DE0099E7536A00EA918540]
    [U] c:\program files\malwarebytes' anti-malware\zlib.dll [PX5: 8F36527A5020809D372101DB0E9EC800383C0809]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfspartialdefrag.dll [PX5: BCFFFACA60011EE48B1203A259F691001182F473]
    [U] c:\program files\diskeeper corporation\diskeeper\nsfatautoanalyze.dll [PX5: 40DB56DA60EE03C5F9F302C405799C008706CDCF]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfsstd.dll [PX5: 040BF380606578FBF9AA03298B6F500002A20C47]
    [U] c:\program files\slysoft\clonedvdmobile\clonedvdmobile-uninst.exe [PX5: 47D3DABDAC3B448B70C9005E816B2C00A389B720]
    [U] c:\program files\ipod\bin\ipodservice.resources\nl.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B00668A716D]
    [U] c:\program files\diskeeper corporation\diskeeper\nsfatbootoptimization.dll [PX5: C528B5396011251F1D2A03318623D20030690503]
    [U] c:\program files\ipod\bin\ipodservice.resources\nb.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B004C0BC1FA]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfsssdanalysis.dll [PX5: B9AFDA8F6051FA1C6DF5038FE5B8AD004CA97418]
    [U] c:\program files\ipod\bin\ipodservice.resources\da.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B004DDFB428]
    [U] c:\program files\itunes\ituneshelper.resources\de.lproj\ituneshelperlocalized.dll [PX5: C8B6A142203A9B21C1860040DB528B00850CB88A]
    [U] c:\program files\diskeeper corporation\diskeeper\dfrgsnap.dll [PX5: 0A9554ED601133203FFE03E891EA3F00B52E21C3]
    [B][U] c:\windows\temp\pvxinst819.exe [PX5: 5082FE6F58B0674B2539616187918200F2B9F8B2][/U][/B][U]
    [U] c:\program files\diskeeper corporation\diskeeper\dktrialwarerollup.exe [PX5: AC6DD5AD60A1BFB4C3EA09492D682900F0C03E52]
    [U] c:\windows\system32\drivers\mbam.sys [PX5: FF4736BAD8A6BF4851480025D8492D0014AB66BC]
    [U] c:\program files\diskeeper corporation\diskeeper\dfrgui.dll [PX5: AA711C3F608EA6BDAF5E3103D2E46700E427AE23]
    [U] c:\program files\ipod\bin\ipodservice.resources\it.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B00D1696DFD]
    [U] c:\windows\system32\driverstore\filerepository\wiaca00d.inf_x86_neutral_18a2362487e9d14a\cnhl180.dll [PX5: EEFF428100BE9738FED90038E4AB530088D95A35]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfsssddefrag.dll [PX5: 365C23EE60BD0D0707F60480D9420A009A41FF2D]
    [U] c:\program files\diskeeper corporation\diskeeper\nsfatfsconsolidate.dll [PX5: 00DA7CC860A3BFFFF9E7028A54933E00B3221ABE]
    [U] c:\windows\system32\drivers\dkrtwrt.sys [PX5: F5F509A3B0F40EF5B46E00A9D07F3500243BF1DF]
    [U] c:\program files\diskeeper corporation\diskeeper\dkpromotionrollup.exe [PX5: 97375394605F2F1DFF6C09760947520087EB6257]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfsifaast.dll [PX5: 605F11BC6022698AE54C0488E4E88C006ED6525F]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfsmanual.dll [PX5: 59C6344160F986C3038A053EEB6F600005C45D18]
    [U] c:\program files\ipod\bin\ipodservice.resources\fr.lproj\ipodservicelocalized.dll [PX5: C8B6A142203A9B21BF860040DB528B0024645FCB]
    [U] c:\program files\diskeeper corporation\diskeeper\nsfatpartialdefrag.dll [PX5: 166245C16012FDBF5D570385EC190300ABC9FEB1]
    [U] c:\program files\diskeeper corporation\diskeeper\dkautoupdatealert.exe [PX5: 190A5138604E2F1175E0099CEC292F008BCAE8A8]
    [U] c:\program files\opera\opera.exe [PX5: 22E52BCE704B1257C1480C17FCCFCD0046EA51A7]
    [U] c:\program files\slysoft\clonedvdmobile\clonedvdmobile.exe [PX5: D2F496B8C01136480BEC49DF30B7210020EC2B11]
    [U] c:\program files\diskeeper corporation\diskeeper\applauncher.exe [PX5: 057FA4F260EE54ACA9F807381CB47D00E9BCA983]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfsbootoptimization.dll [PX5: 358677AE60F0C75D538A03016C1787006CD22BD4]
    [U] c:\program files\diskeeper corporation\diskeeper\nsfatanalyze.dll [PX5: 0156EA0260BFC05A5B830338BB991500A53C3FC1]
    [U] c:\program files\diskeeper corporation\diskeeper\nsntfstve-ex.dll [PX5: 6AA380676053C7FE8D1705AF8461C300C44BD591]
    [U] c:\program files\diskeeper corporation\diskeeper\nsfatstd.dll [PX5: 4C8D78C3605706FF71B7036290F6DE00D339C1EB]
    [B][U] c:\program files\prevx\prevx.exe [PX5: F58E083C582F1CE725EA6193DF612C008827840A][/U][/B][U]
    [U] c:\program files\malwarebytes' anti-malware\mbamgui.exe [PX5: D78CCACC503D139EAD3306E886AB0F00BE968532]
    [U] c:\program files\malwarebytes' anti-malware\vbalsgrid6.ocx [PX5: 928AD74850B32EA3952A072600C60C0062A6AED9]
    [U] c:\program files\malwarebytes' anti-malware\ssubtmr6.dll [PX5: 98897C80505A5F79B5280051E4E681006D38FAAF]
    [U] c:\program files\malwarebytes' anti-malware\unins000.exe [PX5: 2CF645365032B1C5EF400A28C2708800988FC1B4]
    [U] c:\program files\malwarebytes' anti-malware\mbam.exe [PX5: B2184B288888D065A59210C24CFFAA005B46C31F]
    [U] c:\program files\diskeeper corporation\diskeeper\dkmsg.dll [PX5: 11E29CE960D26F8E7D2601D17F003500F0529E48]
    [U] c:\program files\diskeeper corporation\diskeeper\connect.exe [PX5: 6558EB7E606F64DC6F3201E17129F80067761E48]
    [U] c:\program files\diskeeper corporation\diskeeper\dkperf.exe [PX5: CEF2D21D60028880A1F700449985130005410311]
    [U] c:\program files\diskeeper corporation\diskeeper\dkservicemsg.exe [PX5: A5D2FBDB60183C82B53A0E5A3E8EF60065F20AE7]
    [U] c:\program files\diskeeper corporation\diskeeper\dkactivationreminder.exe [PX5: 497ECA0860274E6AA99E09B189892E0069683C8E]
    [U] c:\program files\diskeeper corporation\diskeeper\diskeeper.exe [PX5: C680DA2C606E1010F5AD04E9C155260006144D76][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/u][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/u][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U]
     
    Last edited: May 6, 2010
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    As TH has said, lowering the Age/Popularity settings will prevent these warnings from showing :) They should already be fixed now, but feel free to send over a scan log if they do re-occur.
     
  7. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    what I do not understand to be told to lower the protection to get legit stuff to work - that seems to be trend these days amongst security software vendors. as a user I feel puzzeld, to say the least.

    also and unfortunately it has not been fixed. that from a scan just minutes ago:

    D] d:\ibm\lotus\notes\lsedtipc.dll [PX5: 09EB679800EDFE0F00F6019F89213600FA229030]
    [D] d:\ibm\lotus\notes\nwrdaemndll.dll [PX5: D6FE833C009ECEB57052018FCAD615008ED3031D]
    [DN] d:\ibm\lotus\notes\ntaskldr.exe [PX5: D0FD288D00879AD22A570034BCCDEB00F48FC9CA]
    [D] d:\ibm\lotus\notes\ndgts.dll [PX5: B043589700154D4218E800E073F27800858C5E7F]
    [D] d:\ibm\lotus\notes\nnoteswc.dll [PX5: 50AFBB5D00363EB2DA440004EE541000CAD9E6A7]
    [D] d:\ibm\lotus\notes\kvolefio.dll [PX5: 46AF835600E6A2A1C0110018995A7F0089534474]
    [DN] d:\ibm\lotus\notes\ndyncfg.exe [PX5: AA617E96009243E8C0AE00AB542FA500EAD58039]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.aforce.graphics.shared.dll [PX5: 8B69910500661E341E60002352A3A1001D7F8F42]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.multivpu2.graphics.shared.dll [PX5: 4FC4536600EDE302601D00911D1D90006869E921]
    [D] d:\ati technologies\ati.ace\core-static\aem.ui.shared.dll [PX5: 48C9590F00E481F81C8100830E454800931B84B8]
    [D] d:\ibm\lotus\notes\sut.dll [PX5: 469F40C200DA2E6598FA0006988236006362CC38]
    [D] d:\ati technologies\ati.ace\core-static\aem.plugin.source.eeu.shared.dll [PX5: F7BE0913009E114216C0000B99A5B6008571FB02]
    [D] d:\ati technologies\ati.ace\core-static\atiamaxx.dll [PX5: 9DEF5B1A0072C33EA079038DA4556B0030D22900]
    [D] d:\ibm\lotus\notes\nxtab.dll [PX5: 8495247800831535A038018BB038D6004919BA4D]
    [D] d:\ati technologies\ati.ace\core-static\aem.plugin.source.gd.shared.dll [PX5: C4AADD4100D509C916160070B9289600F9A4D043]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.alicrossfire.graphics.shared.dll [PX5: 1FC811240090BC6E3CAA007006D78200AF37C979]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.verylargedesktop.graphics.shared.dll [PX5: 2670CC9300E6581E60A7009D03A90B00E15AE0E2]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplay3.graphics.shared.dll [PX5: 7535C7C100DED3B0702900F7A99151005A12F871]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.vpurecover.graphics.shared.dll [PX5: 3167FA200064B2685007002DDDE82A000CEAFE66]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplay4.graphics.shared.dll [PX5: 2F522267004C82B970480073E5E0C200D74C78C8]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.smartgart.graphics.shared.dll [PX5: 6F4F8CF90020919260540029381EC6007285158C]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.overdrive3.graphics.shared.dll [PX5: 84C8BED300605D5F6057001637CE940087DB80BA]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.powerxpress.graphics.shared.dll [PX5: 509B9C0800C974BE32F700934934260079FF7422]
    [D] d:\ati technologies\ati.ace\core-static\cli.aspect.multivpu3.graphics.shared.dll [PX5: 11809B89004661C7329B00D4068EB50070B59363]
    [D] d:\trillian\libungif.dll [PX5: 621B0B8800294354006501069DEDFE008BA0CF25]
    [DPN] d:\opera\ouniansi.dll [PX5: 3FAA5C7300ED38EB50CC0066C21DCC00B0D7F610]
    [D] (ACTIVE) d:\mozilla firefox\firefox.exe [PX5: 8C1E09EE00717F538073012DDDE82A00425CF439]
    [D] e:\downloads\removeexcelpassword.exe [PX5: 14A6205A6BF07BE8E6DF08569C09D600418E6CA8]
    [D] d:\mozilla firefox\updater.exe [PX5: FBA2B30B002D02E7D050035EB9563100C5AC7897]
    [D] d:\mozilla firefox\nssdbm3.dll [PX5: D7F2FB9900286400806101876E9CF300445928C5]
    [D] d:\mozilla firefox\smime3.dll [PX5: 9C1B03CC00900DF680A3015EEF4EB6003CE68FB8]
    [D] d:\mozilla firefox\xpcom.dll [PX5: 7C29D04E00764E9F3047001FDC523F00C4F255EF]
    [D] d:\mozilla firefox\plugin-container.exe [PX5: E64BB41B00EED9CD245500A96D572C00B20B8135]
    [D] d:\mozilla firefox\mozcrt19.dll [PX5: 2FE7CC7700E83E40E07B0AFD991EE10049BB3F2E]
    [D] d:\mozilla firefox\crashreporter.exe [PX5: 67C5F6FB00261829C02B01490705C000D3896348]
    [D] d:\mozilla firefox\ssl3.dll [PX5: A3B7587B0059EFA81038024E17925E005DB5B318]
    [D] d:\mozilla firefox\softokn3.dll [PX5: FD1B79AC00FA15F160AF0277E9D2680023BF2172]
    [D] d:\mozilla firefox\freebl3.dll [PX5: 93F96B180078EAE7D03503B3CC79A7004191CE26]
    [D] d:\mozilla firefox\mozalloc.dll [PX5: FB2B730C00DFD94722E900CD7BFF96006F4836CA]
    [D] d:\mozilla firefox\nspr4.dll [PX5: E2AB8D4300653C7A90E302596D6B2300EB29BB94]
    [D] d:\mozilla firefox\nssutil3.dll [PX5: 9E35560200E33437401B0161DD874100D2333E47]
    [D] d:\mozilla firefox\plc4.dll [PX5: 0A26A52B00F77EF43A74005AE3AF8A001679FB9F]
    [D] d:\mozilla firefox\plds4.dll [PX5: 69745EA300663AF730F50016B9452C006321B6D0]
    [D] d:\mozilla firefox\mozsqlite3.dll [PX5: 5B354459008C43AB20310B0A9FD3FD00AC2CA329]
    [D] d:\mozilla firefox\nss3.dll [PX5: 4F3CB40F006D9C68C0F3093AD0AE770043ED45B9]
    [D] d:\mozilla firefox\nssckbi.dll [PX5: 1F90C4FE00489945003F053BF5BCE100F5C57FE1]
    [D] d:\mozilla firefox\accessiblemarshal.dll [PX5: 17D786EF0096364830B400FE4FC35600A29D33E3]
    [D] d:\mozilla firefox\mozcpp19.dll [PX5: 6940D188000AC50FE04B0A0D55CC6900BF9DCC26]
    [D] d:\mozilla firefox\components\browsercomps.dll [PX5: ACAEC47100EB26E6008402AF7B823700FA74E383]
    [D] d:\mozilla firefox\plugins\npnul32.dll [PX5: E1D7A3E000543CA710C301196A324B000449F30D]
    (ACTIVE) d:\ibm\lotus\notes\nsd.exe [PX5: D36BD761001CC389C09F3340331D7600C0DB4EA9]
    (ACTIVE) c:\windows\assembly\gac_msil\newaem.foundation\2.0.3748.36816__90ba9c70f846762e\newaem.foundation.dll [PX5: AFC7196A0000FAC63CFC0010C09CCF0008B5F168]
    (ACTIVE) c:\program files\widcomm\bluetooth software\bluetoothheadsetproxy.exe [PX5: 3A8BD9B520D934EC350E00472065AC00EF903177]
    (ACTIVE) c:\windows\assembly\gac_msil\cli.component.runtime.shared\2.0.3748.36820__90ba9c70f846762e\cli.component.runtime.shared.dll [PX5: C44A5F49005EA031169700CF12F50C0082C8D636]
    (ACTIVE) d:\ati technologies\ati.ace\core-static\adl.foundation.dll [PX5: 91AB0268000E8360306B01576009B9009691390E]
    (ACTIVE) c:\windows\assembly\gac_msil\aem.server.shared\2.0.3748.36822__90ba9c70f846762e\aem.server.shared.dll [PX5: 01EBFB810050FE9C185700A9263A0F0097AECA91]
    (ACTIVE) c:\windows\assembly\gac_msil\aem.plugin.dppe.shared\2.0.3748.36928__90ba9c70f846762e\aem.plugin.dppe.shared.dll [PX5: 763DEAA300D038FF1AED002E54F0EC00DD9DF613]
    (ACTIVE) c:\windows\assembly\gac_msil\aem.plugin.hotkeys.shared\2.0.3748.36817__90ba9c70f846762e\aem.plugin.hotkeys.shared.dll [PX5: 7DA6B2D600F978A61CB3003B3C2E070035FB0653]
    (ACTIVE) c:\windows\system32\atidemgx.dll [PX5: 04CF846500F31D33D034067A5273BC004E701693]
    (ACTIVE) c:\windows\assembly\gac_msil\aem.plugin.gd.shared\2.0.3748.36826__90ba9c70f846762e\aem.plugin.gd.shared.dll [PX5: 44F9769500274972163F008F65083300D24229A8]
    (ACTIVE) c:\windows\assembly\gac_msil\aem.actions.ccaa.shared\2.0.3748.36820__90ba9c70f846762e\aem.actions.ccaa.shared.dll [PX5: 8DFFFEA100BF7F8320AC001F4B9175004F1FCEF0]
    (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.workstationconfig2.graphics.runtime\2.0.3748.36947__90ba9c70f846762e\cli.aspect.workstationconfig2.graphics.runtime.dll [PX5: 0CFB091100B983EA90DE006EFAB17D00EA84F769]
    (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.powerplaydppe.graphics.runtime\2.0.3748.36928__90ba9c70f846762e\cli.aspect.powerplaydppe.graphics.runtime.dll [PX5: 932392EB00C091F6B0D500F8C039CF00720F05B9]
    (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.powerplaydppe.graphics.shared\2.0.3748.36901__90ba9c70f846762e\cli.aspect.powerplaydppe.graphics.shared.dll [PX5: 99B7B6050096B734705600274F223E00CEF23310]
    (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.workstationconfig2.graphics.shared\2.0.3748.36947__90ba9c70f846762e\cli.aspect.workstationconfig2.graphics.shared.dll [PX5: D7F62DAA006DA5EC60EE004B07B79E00A2BBB8BD]
    (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.framelockgenlock.graphics.shared\2.0.3748.36955__90ba9c70f846762e\cli.aspect.framelockgenlock.graphics.shared.dll [PX5: 9CC5A03000C655F7109501BE3C477B00ED12D0DB]
    (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.welcome.graphics.shared\2.0.3748.36929__90ba9c70f846762e\cli.aspect.welcome.graphics.shared.dll [PX5: DBBC2A3A002132A8263F00EBD2F86300838E9C93]
    (ACTIVE) c:\windows\assembly\gac_msil\aem.plugin.eeu.shared\2.0.3748.36821__90ba9c70f846762e\aem.plugin.eeu.shared.dll [PX5: 83C735DF00405AB01636002B211EF90000E1AA9F]
    (ACTIVE) c:\windows\assembly\gac_msil\cli.component.client.shared\2.0.3748.36817__90ba9c70f846762e\cli.component.client.shared.dll [PX5: E78DBADD006BFC3B1E6B00297A4FA500D26AF038]
    (ACTIVE) c:\windows\assembly\gac_msil\cli.caste.graphics.wizard.shared\2.0.3748.36843__90ba9c70f846762e\cli.caste.graphics.wizard.shared.dll [PX5: A7C1BA50002C65E7401E004DC5AA7A00BD385164]
    [U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.devicelcd.graphics.wizard\2.0.3748.36855__90ba9c70f846762e\cli.aspect.devicelcd.graphics.wizard.dll [PX5: 4D555E1A00700539B081041DF8EB700003AF1867]
    [U] (ACTIVE) c:\windows\assembly\gac_msil\cli.caste.graphics.dashboard.shared\2.0.3748.36836__90ba9c70f846762e\cli.caste.graphics.dashboard.shared.dll [PX5: F81E715B00060AFA40C800FE5E81B200919D41E2]
    [UP] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.devicecrt.graphics.dashboard\2.0.3748.36876__90ba9c70f846762e\cli.aspect.devicecrt.graphics.dashboard.dll [PX5: 32E9657B00D1001110ED0643261D4500EE116F31]
    [U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.devicelcd.graphics.dashboard\2.0.3748.36885__90ba9c70f846762e\cli.aspect.devicelcd.graphics.dashboard.dll [PX5: 8378C51100D42210F03E040B5E958800C5D97F62]
    [UP] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.transcode.graphics.dashboard\2.0.3748.36965__90ba9c70f846762e\cli.aspect.transcode.graphics.dashboard.dll [PX5: 09CE77A80087C171D03E0236397B760084C8DCE8]
    [U] (ACTIVE) c:\windows\assembly\gac_msil\cli.aspect.powerplaydppe.graphics.dashboard\2.0.3748.36928__90ba9c70f846762e\cli.aspect.powerplaydppe.graphics.dashboard.dll [PX5: 1656436500F0EBB8D065012C6EA27C0020352327]
    [U] (ACTIVE) d:\skype\plugin manager\skypepm.exe [PX5: 520234B1800C6C58393501EC45098C007D972724]
    [U] (ACTIVE) d:\trillian\trillian.exe [PX5: E6011CAD600CFD3F7B9E1FB62CA78100A410A5C9]
    [UP] (ACTIVE) d:\skype\phone\skype.exe [PX5: D9F4D163288468ACAB6D8F35AED45C01BC69A7A4]
    [U] (ACTIVE) d:\srware iron\iron.exe [PX5: 51AD9E82005A98EFA2A40FD4A238E60018AC827E]
    [UN] (ACTIVE) d:\opera\opera.exe [PX5: 22E52BCE704B1257C1480C17FCCFCD00998BB38E]
    [UP] (ACTIVE) d:\opera\opera.dll [PX5: 2758F08E702ADEBAF9AB50F55C141E0002AF33AF]
    [U] (ACTIVE) e:\downloads\oovoosetup.exe [PX5: FE282830B0FE7477A3171B73B2632E017DD4255C]
    [U] (ACTIVE) d:\oovoo\oovoo.exe [PX5: 289F4C80B8BC12D766E227D8560FBF01A27C9692]
    [U] (ACTIVE) e:\downloads\opera_1054_3383_in.exe [PX5: 9070540FC8AAD1BD3D4BBE4AE1EB000049AC5F78]
    [U] (ACTIVE) d:\adobe\adobe contribute cs5\plugins\firefoxplugin\{01a8ca0a-4c96-465b-a49b-65c46fad54f9}\components\contribute.dll [PX5: 490B4A51D8643FE7A5550240E62CB60067825BA9]
    [U] (ACTIVE) d:\mozilla firefox\mozjs.dll [PX5: D3D51850001CC23A70D512BA691B04001536BECE]
    [U] (ACTIVE) d:\mozilla firefox\xul.dll [PX5: 33C445FA00C56C7E409DBB63A24F8A00CD0240AE]
    [U] c:\program files (x86)\common files\steam\steamservice.exe [PX5: 061D00ABF829FC61D4E9041F694F090027219866]
    [U] c:\program files (x86)\common files\adobe\switchboard\switchboard.exe [PX5: 991611F8E816D2AFE37E077E59741600B9143365]
    [U] d:\srware iron\unins000.exe [PX5: 2CF645365E32B1C503400B28C2708800F2FAE489]
    [U] c:\windows\system32\atiapfxx.exe [PX5: ECB8A13100708AE5303902757FEF860095FEC8C8]
    [U] c:\windows\system32\atiglpxx.dll [PX5: BD00F75700335BEB3233004FD43F9C00FC1864C5]
    [U] d:\yamicsoft\windows 7 manager\ipswitcher.exe [PX5: 123AB692007A3C971A1A02D493292B0005A3CDFD]
    [U] d:\ati technologies\ati.ace\core-static\aem.plugin.dppe.shared.dll [PX5: 763DEAA300D038FF1AED002E54F0EC00DD9DF613]
    [UN] c:\program files\widcomm\bluetooth software\btwhtmlrenderer.dll [PX5: F6F286F220A87FB5D57400B817B4C700C31A5E1E]
    [U] d:\ati technologies\ati.ace\core-static\aem.actions.ccaa.shared.dll [PX5: 8DFFFEA100BF7F8320AC001F4B9175004F1FCEF0]
    [U] d:\ati technologies\ati.ace\core-static\cli.aspect.framelockgenlock.graphics.shared.dll [PX5: 9CC5A03000C655F7109501BE3C477B00ED12D0DB]
    [U] d:\ati technologies\ati.ace\core-static\aem.plugin.eeu.shared.dll [PX5: 83C735DF00405AB01636002B211EF90000E1AA9F]
    [U] d:\ati technologies\ati.ace\core-static\aem.plugin.hotkeys.shared.dll [PX5: 7DA6B2D600F978A61CB3003B3C2E070035FB0653]
    [U] d:\ati technologies\ati.ace\core-static\aem.plugin.gd.shared.dll [PX5: 44F9769500274972163F008F65083300D24229A8]
    [U] d:\ati technologies\ati.ace\core-static\aem.server.shared.dll [PX5: 01EBFB810050FE9C185700A9263A0F0097AECA91]
    [U] d:\ati technologies\ati.ace\core-static\cli.caste.graphics.dashboard.shared.dll [PX5: F81E715B00060AFA40C800FE5E81B200919D41E2]
    [U] d:\ati technologies\ati.ace\core-static\cli.aspect.welcome.graphics.shared.dll [PX5: DBBC2A3A002132A8263F00EBD2F86300838E9C93]
    [U] d:\ati technologies\ati.ace\core-static\cli.aspect.workstationconfig2.graphics.shared.dll [PX5: D7F62DAA006DA5EC60EE004B07B79E00A2BBB8BD]
    [U] d:\ati technologies\ati.ace\core-static\cli.caste.graphics.wizard.shared.dll [PX5: A7C1BA50002C65E7401E004DC5AA7A00BD385164]
    [U] d:\ati technologies\ati.ace\core-static\newaem.foundation.dll [PX5: AFC7196A0000FAC63CFC0010C09CCF0008B5F168]
    [U] d:\ati technologies\ati.ace\core-static\cli.component.runtime.shared.dll [PX5: C44A5F49005EA031169700CF12F50C0082C8D636]
    [U] d:\ati technologies\ati.ace\core-static\cli.component.client.shared.dll [PX5: E78DBADD006BFC3B1E6B00297A4FA500D26AF038]
    [U] d:\ati technologies\ati.ace\core-static\cli.aspect.powerplaydppe.graphics.shared.dll [PX5: 99B7B6050096B734705600274F223E00CEF23310]
    [U] d:\ibm\lotus\notes\adobepdfmtoolbarinst.dll [PX5: 0F9E6595A8A093C095B90E4077F93700D5795FB6]
    [U] d:\ibm\lotus\notes\ndbpdfml.dll [PX5: BB65CC00C8434FF315DD01EF754C1D002A11C320]
    [U] d:\ibm\lotus\notes\nnotes.dll [PX5: CEC6330800AE7B7D30560610BC8FD50123A04E9E]
    [U] d:\ibm\lotus\notes\nnotesws.dll [PX5: 49E117ED00D3FAA1907D3873D5DC08017CE0A511]
    [U] d:\ibm\lotus\notes\nstrings.dll [PX5: F0ED46B4000FE9C3E01F11CD67750C003ABDCD19]
    [U] d:\ibm\lotus\notes\sload.exe [PX5: C58AD14F0098AF47A08D18221C452300FC0CB77C]
    [U] d:\ati technologies\ati.ace\core-static\clistart.exe [PX5: 72750E78003C0FBA901C012F734A7900D07CBDB8]
    [U] d:\skype\plugin manager\ezpmutils.dll [PX5: 4EA14A4380803B5E05BF32D220E93700C1259439]
    [U] d:\trillian\buddy.dll [PX5: A087ADB878F6838357450A7992DA9700004F2DCB]
    [U] d:\trillian\core.dll [PX5: 50976A7078C63AA641A40C347BDB1000ADA37453]
    [U] d:\trillian\events.dll [PX5: DD3EF3D278E9495F8307040D04AB45005BF93986]
    [U] d:\trillian\expatxml.dll [PX5: 218C2ACC7875BFA6171B0502DD9F6D009297AB04]
    [UP] d:\trillian\images.dll [PX5: 9CEAC23B78F0DD147F711BC7BEA16B000CBFBFA8]
    [U] d:\trillian\list.dll [PX5: F61B4C7178B2B76F0F8E0911C4377300D4C21B90]
    [U] d:\trillian\talk.dll [PX5: 0AEC167F78DA7F7085841B58DCF56300A1F5B8F6]
    [U] d:\trillian\toolkit.dll [PX5: CB11F9C000EE6312C88213CABA766600FFA222CD]
    [U] d:\trillian\vistaelevate.dll [PX5: F8E301117862E85AD5DC007B2C400E00AB5DB574]
    [U] d:\srware iron\iron.dll [PX5: 4E39AD130007A844BEA8637137F8C9014D83DFCB][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U][/U]
     
  8. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Configuring protection at the highest levels will tend to cause more false positives by the nature of it. Having 'D' files in your scan log is not indicative of a problem, just noting that those files are relatively new to the Prevx community. If you could send a full scan log to report@prevxresearch.com, we will be able to whitelist them easier - there are some differences in this log posted here that will cause it to not be able to be manipulated properly: sending it directly to us will allow us to fix them much more accurately.

    Thank you :)
     
  9. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
    If you look in the help file/site where the different heuristics settings are explained it also says that you have a higher chance of false positives. With almost all other vendors raising heuristics to high there is a higher chance of falso positives. The level's are all on medium by default and that is also how the products are tested. But for the advanced users who know what they are doing they gave the option to decide for themselves, higher detection but more FP's. If you then want the highest settings you shouldn't complain about false positives ;)
     
  10. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    will be dropping Prevx anyways. since keeping my machines up-to-date makes my obviously a guinea pig in the cloud. despite the millions and millions of claimed Prevx users I am ending up with files from Skype, Lotus Notes, ATI and the like of wide spread software not being recognises by Prevx as harmless, unless eventually another millions of users in the cloud would have such files on their computers.

    as mentioned in the beginning of the thread Prevx does not get me the override option, that way I could deal with FP, but I cannot.

    In the end Prevx is scanning the same files all over again, still marking them D or U, although the files been there quite a while and been scanned with Prevx a hundred times before.

    Moreover SO is not supporting derivatives of mainstream browsers, causing even havoc with development snapshots of FF.

    Notwithstanding the poor implementation of the 64bit version.

    I do not like to be told - switch that off, send another log here, have a remote session there - that all sounds awfully beta stuff and it surprise that so many millions of users are happy about it - no wait, I forgot, they obviously use the relaxed noob mode and their software does not get updated in ages.

    I know it has been defended at great length not to test the product in comparison to others, still it should I reckon it should be, instead of hiding behind some well crafted argumentation of why not.


    There is no benefit of Prevx outweighing the disadvantages of work flow interruption. I made the mistake and was blended by the superior marketing of Prevx, paid up for three years, yet learned my lesson well.
     
  11. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    D/U detections are not false positives - they are merely saying that the programs are currently not completely trusted within the Prevx community. Some programs run for several years and are never changed from U to G just because we naturally have a very suspicious eye towards any new software. For instance, there were some problems late last year with some completely legitimate vendors having their development PCs infected with a Delphi trojan that subsequently infected all created software and spread to their clients. Despite the created files being digitally signed and coming from the legitimate vendor, many users were inadvertently getting infected.

    At Prevx, we don't automatically whitelist files just because they appear to come from a legitimate vendor. We assume that every new piece of software could be malicious or harbor malicious code so we apply the same level of scrutiny onto each new program or component.

    Our goal is to add support for every browser but we have to prioritize our resources accordingly and therefore cannot support every random browser. There are literally thousands of discrete web browsers in existence and we cannot feasibly add full support for every one of them - our approach in Prevx 4.0 will be to allow the user to add protection over custom processes so they'll be able to protect their word processor or browser, for instance, but the amount of labor required to add perfect support for every browser is not economical for the overall benefit of the bulk of the Prevx userbase.

    I hope this helps answer some questions - please let me know if you have any other questions!
     
  12. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    I removed Prevx meantime completely, the last instance after reading the self-uninstallation issue, something I do not forgive an application supposed to protect. Not going into the details as the other thread already does, but leaving a deep concern about the trustworthiness of the product.

    Back to the subject, you claimed earlier somewhat more than 5 million users or more of Prevx , yet within that base Skype, Lotus Notes, ATI and the like of wide spread software are considered unsafe? WOW!

    On the other matter of browser support - MS had recently to implement the browser choice for Europe, showing some lesser used browsers too, which Prevx is not able/willing to support properly with SO. Just my 2 cents - either do it right or do not do at all but not this half-baked thing.
     
  13. pling_man

    pling_man Registered Member

    Joined:
    Feb 11, 2010
    Posts:
    465
    Location:
    UK
    You can right-click and pick override if you have FPs. :)
     
  14. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    And we also have a dedicated "Detection Overrides" screen under Settings which is designed precisely for Detection Overrides :)

    We don't say that these components are unsafe - we're just saying they aren't completely trusted yet. There isn't any downside to leaving them as "unknown" besides a few additional CPU cycles on our servers. The benefits, however, are significant because we aren't trusting what any vendor says about their software at face value just because that software is from said vendor.

    As I've said - we are planning on adding support for all browsers but it does not make any economical sense to spend significant amounts of time adding support for far less than < 1% of browsers which are currently unsupported.
     
  15. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    Putting most of one company's resources in the benefice of most of their costumers is the right thing to do. Following that logic, stop feeding this pathetic troll that only manipulates data to get some attention.
     
  16. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    mentioned in the initial post that override did not show a thing, just blank
     
  17. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    That's because these are not false positives or malicious files :)
     
  18. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    aehm, def. not malicious but not FP? Then what is it called when Prevx is reporting an infection, when there is none?
     
  19. ace55

    ace55 Registered Member

    Joined:
    Mar 29, 2010
    Posts:
    91
    Cool feature. Looking forward to it. :)
     
  20. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Files listed as [D] or are not malicious - only files listed as will be reported as bad and are malicious.
     
  21. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    from the beginning of this thread

    [D] d:\mozilla firefox\updates\0\updater.exe [PX5: FBA2B30B002D02E7D050035EB956310028A40230]

    yet Prevx reported it as infection (screenshot), with a blank overrride. so, Prevx making fun of the user then, did not know it had such a feature build in.
     
  22. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,014
    Location:
    Ontario, Canada
    I already told you:
    and that
    So what else can be said to satisfy your obsession! :blink:

    TH
     
    Last edited: May 16, 2010
  23. jmc777

    jmc777 Registered Member

    Joined:
    Aug 6, 2004
    Posts:
    244
    I think vtol is right to push the issue. If [D] files aren't considered malicious, then why is updater.exe being identified as malware and blocked?
     
  24. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,014
    Location:
    Ontario, Canada
    Because Age/Popularity Heuristics Settings where set above the default low setting! In Prevx if you set these settings above default you could get a Blocked file as the community has not seen it enough to determine these files to be completely safe! It's the Behavior Blocker in Prevx IMO! But the D and U files in the log are for Prevx to help if you are having problems with certain issues on any particular computer like slow booting or slow browser response! They are not Malicious or False Positives! As I have mine set on High and if I run a new updated program it will get flagged as Age/Popularity Heuristics detection or Community Outeredge Detection!

    HTH,

    TH

    Edit: Community.OuterEdge is an identifier which says that based on your heuristics settings ( these files are on the "outer edge" of the community - meaning, they are either too new or too unpopular to be automatically trusted for your system, it doesn't necessarily mean they would be blocked or detected but its more of just an identifier!
     

    Attached Files:

    Last edited: May 17, 2010
  25. vtol

    vtol Registered Member

    Joined:
    Apr 8, 2010
    Posts:
    774
    Location:
    just around the next corner
    Does not make sense, as it clearly shows Prevx reporting the system as infected, albeit it is not, also prevents the execution. It is not just getting flagged as you try to imply. Now, you say this is not FP, neither it is malicious - then what is it? Also considering the override blank.

    Either Prevx should not report the system as infected, as it clearly is not, or if it is a FP (which you and Joe deny to classify as such) to have the option of override, which again is not there. It is not just irritating, it just defeats the purpose of this application.

    Back to nothing is 100 percent, the easy way for the vendors in case of the slightest trouble with their software is 'oh, switch off this option or relax this rule' just to get compliance. If the application offers advanced settings for advanced users it should be able to deal with it professionally, else just cut out the advanced stuff and concentrate on maturing the application's core.
     
    Last edited: May 16, 2010
Thread Status:
Not open for further replies.