What's causing this?

Discussion in 'Prevx Releases' started by Clive T, May 26, 2011.

Thread Status:
Not open for further replies.
  1. Clive T

    Clive T Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    189
    Location:
    Kent, UK
    Just had Prevx pop up with this list of suspicious files. As far as I can see they are all legitimate and not threats.

    Do I clean or leave them? The system is clean and I haven't browsed anywhere without Sandboxie enabled. I'm confused!

    Code:
    [ATTACH]227315.vB[/ATTACH]
    
     
  2. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    Report them as explained here. They will reply quickly, according to my experience.
     
  3. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    Yes please do as vojta has recommended!

    TIA,

    TH
     
  4. Clive T

    Clive T Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    189
    Location:
    Kent, UK
    OK, both. Done! Thanks.
     
  5. Esse

    Esse Registered Member

    Joined:
    May 26, 2011
    Posts:
    383
    This wave of false positive did hit us here at work today, many of Google Chromes and Emsisofts Antimalware files were falsely detected.

    This is not funny when you have a +50 installation.

    Did someone at PrevX flipped the paranoid switch?

    Is it not enough to right click on the detected file (s) and report them as false positive?

    People tend to NOT report back if you have to use mail to do so, to much of a hassle.

    /Esse
     
  6. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    To get them corrected please send a Prevx scan log to report@prevxresearch.com maybe PrevxHelp will pop-in to let us know!

    TH
     
  7. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    A new rule that we introduced today became far too sensitive. We're in the process of sorting it out now. Once it is fully corrected, you won't have to do anything to correct the detections locally. In the meantime if we've not fixed a particular file yet, you can right click and report as a false positive.

    Sorry for any inconvenience this has caused. On a positive note - once we're done with tuning this rule, Prevx will have fantastic new protection against a particularly difficult wave of exploits :)
     
  8. Clive T

    Clive T Registered Member

    Joined:
    Dec 24, 2002
    Posts:
    189
    Location:
    Kent, UK
    Thanks, Joe. Are you sure we're not testing v4 today :D
     
  9. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    I was about to post a rant about unacceptable levels of FPs before reading this explanation :D.

    I just hope there's not too much negative impact due to inexperienced users,who are very likely to treat all "detections" as genuine threats,subsequently finding programs broken.:doubt:
     
  10. Esse

    Esse Registered Member

    Joined:
    May 26, 2011
    Posts:
    383
    Thx PrevxHelp!
    This will make my life a whole lot easier.

    Regarding the:"Prevx will have fantastic new protection against a particularly difficult wave of exploits"

    Does this have anything to do with the latest flash test over @ MRG?

    /Esse
     
  11. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Prevx found infections in my pc

    Hi.
    Prevx(free) found infections in my pc.

    Part of the log file of the last scan by prevx(free) is given below.

    Edit by PrevxHelp - removed some potentially private details about the user's PC from the post
     
    Last edited by a moderator: May 26, 2011
  12. JuanP1000

    JuanP1000 Registered Member

    Joined:
    Aug 25, 2010
    Posts:
    43
    Re: Prevx found infections in my pc

    I guess something went wrong, today prevx warned me about opera and emsisoft...
     
  13. molhopicante

    molhopicante Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    112
    Warned me to.
     
  14. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    Please see PrevxHelp's reply in post #7!

    TH
     
  15. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    It would be informative if PrevxHelp could provide any details of the enhanced "fantastic new protection" if possible, please? :)
     
  16. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    HTH Dermot7,

    TH
     
  17. guest

    guest Guest

    Oh great! o_O - So I should immediately check if my neighbor suffered a heart-attack because of Prevx going all red!? :eek: o_O :D - I don't use Prevx on my systems anymore (because of way to much fp's, but I don't want to rub salt into the wound! :D) - Unfortunately I installed facebook version for my neighbor as an addition to Avira but that was now for to long the stupid reason to not install Firefox 4. - Next time I am at this Nvidia ION gfx powered (and atom slowed o_O ) netbook Prevx 3.x will be gone for good. Frequent FP's on systems of people who can't decide on their own if it is legit warning or fp are a very bad thing, especially if you are the one getting the support calls. :cool: - If you ask me .. it's not very far away of scary malware like fake-av. *puppy*
     
  18. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    Are you saying no other AV's have problems? If you think that is true Good Luck!

    TH
     
  19. guest

    guest Guest

    Dear Mr Deputy sheriff :D,

    NO, all I am saying was and is: I NEVER (!) had with other av-solutions as much fp's as with Prevx! - I had them ALL the time, week by week on totally legit applications, hundreds over the years! - And the culprit weren't my settings as I used the default ones. - But why should I tell you that *again*, you won't believe me anyway because your guru Joe, stubborn founder of Prevx religion on this board, tells his followers otherwise. :D

    Question: Guru Joe told us all many times that he and they exactly see how many programs are affected by a new rule. - How is it possible then that they had recently (due to this new rule) so many fp's?

    Right. He has no idea AT ALL about false positives! - Only if they are REPORTED of course! - The Prevx database is probably full of fp's just because many people never question Prevx' judgement and are just killing the red things.

    I never did that. I always questioned Prevx (using other AV-Solutions or sites like VT to verify) and so I discovered what you never will because you trust your beloved Prevx: a very, very high percentage of "detections" is just BS! - I even can't remember when Prevx did find the last legit malware, and I am not joking here! - But sure, believe as you wish. ;-)

    I hope the mysterious v4 has way less fp's but since Joe never even admitted the blatant fp problem with v3 I doubt that very much! - And yes, every av-solution has false positives, no doubt! But you can see in av-tests that there are big differences between the products and that detection rates are not everything. Only with low or very low fp rates high detection rates are useful if you are honest. - Sad thing is Prevx never entered (to my knowledge) any test that measured false positives like in what we saw just now in av-comparatives. Ask yourself why they are doing that, avoiding to get tested .. and you have your answer. ;)

    But I don't want to start another "fp-war" ;) here *yawn* .. I just answered because you asked, you know? :)
     
  20. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    It's funny my whole family uses Prevx and they never had a FP on there systems and they are average users! We here are of a different sort we like to try many unknown programs and try many Browsers and so on but as Joe said many times FP's are at an all-time low except for the issue here today but that will be fixed! So give it a break! And if you have that many FP's just send a scan log in and ask Prevx to fix them!

    TH
     
  21. guest

    guest Guest

    Yes, it is funny! :D - My whole family had Prevx installed (by me) and I always had the same experience on all those computers which I described above. - And they are also just normal users like you and me. All had default settings and were plagued by the same thing: Prevx getting often red for NO reason. Followed by a phone call. :rolleyes:

    And you are really funny if you think I would like to have reported hundreds (!) of fp's over the time. ;) - I did that a lot of course but at some point you simply decide that you are no employee of Prevx. :D - The other sad thing is that whitelisting fp's on your own system (which goes fast of course) isn't helping your relatives at all which will get the exact same red warnings until someone writes an email or Prevx wakes up and corrects this error.

    So my solution finally wasn't to send endless fp reports but just uninstalling that scareware from my (and in the meantime from all relatives) systems. ;) - Just this one neighbor ist left and I will ask her if something turned red lately. Just Before I uninstall the Firefox 4 preventer for good. ;)

    If criticism bothers you (no one loves to see the favorite product getting smashed ;)) you are free to delete my postings. - Because Prevx isn't my problem anymore as I got rid of it long ago. ;) - So please feel free to feel better again and just delete what you don't want to read! ;-)
     
  22. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    OK my family are below average users then and only use IE and email and never had a FP really! :D

    TH
     
  23. guest

    guest Guest

    Well, did someone test Immunet 3 free (cloud only) already? - I have to say the ammount of false positives after only a few seconds of full scan is AMAZING and maybe Prevx falls back on 2nd place and isn't anymore fp-king!? :D

    I saw here on wilders the so called Flash test of a certain group and oddly Immunet seemed to do a very good job according to them, especially in comparison to well known av-solutions. o_O :D - But now I get how this seems to work: Immunet just flags everything as bad and of course is always the winner then [always PASSED, no FAILS]! :argh: :D

    First of all it didn't work with Aviras Suite Firewall on "high", had to lower those settings to "middle" and then in a few seconds I'd witnessed already 6 false positives quarantined (HWInfo32 and .icd files from Hard Disk Sentinel) ... so I stopped that insanity immediately else I admit I probably would have broken Prevx' so far unmatched record of fp's very soon! :D - Luckily I got all 6 files back out of quarantine before I uninstalled this very sad joke called Immunet. :gack:

    At least uninstall routine seems to have worked. :thumb: :argh:

    So you see: Prevx is already kind of rehabilitated and not as worse as it seemed.
    At least not in comparison to the new mega-scareware Immunet. :D
     
  24. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    That's what bothers me is the terms that you use as in fake-av and mega-scareware in which Prevx and Immunet are not!

    TH
     
  25. guest

    guest Guest

    Please, by all means, test Immunet 3 free (cloud only) as I did. Do a full scan, see what it is putting away in quarantine and then tell me Immunet is not mega-scareware? What do you think happens if someone trusts those "findings" and cripples his whole system as it would have happened if I hadn't stopped it? - I am calling this malware (because it deletes things from your system as any virus would).

    It is becoming even more clear to me: better an av-solution that doesn't find ALL threats than one joke of software that finds ALL "dangerous" and is killing harmless files! - That I do say because I can't remember having a real danger here on my system. It's just paranoia. - But scareware as Immunet is real and I bet every day hundreds and thousands of people are deleting stuff that is totally harmless!

    No thank you, I need av-solution that has near 0 false positives, detection alone is way overrated in my opinion. - Some av-solutions really aren't better than malware itself. Immunet is clearly the worst I have ever seen (in the few seconds it needed to show me it's a bad joke! ;)) and Prevx not any longer center of my mockery. :D
     
Thread Status:
Not open for further replies.