since when became USEC RADIX a medium risk malware

well let me see - downloaded it Oct 9 2010, Prevx scanning it every 24 hrs and now 4 days later it is considered malicious. nice joke, don't know where Prevx is heading, except for smooth marketing talks and promises for a future version to cure stuff, which is curiously getting delayed by the month, the actual product out is worsening by the release...



please spare the funny same old scan log routine, sure it will pop up just the same. perhaps getting the act together and the product actually working would help.

 

The "scan log routine" is how we fix false positives like this one. Antirootkit products modify the system precisely in the same way as rootkits so with Prevx being a behavior based product, it is logical that it would flag them.

However, I've found the file based on its filename and fixed the false positive.

v4 is due out Jan. 2011 and we see no reason to change this date. Every release of Prevx 3 so far has improved substantially and we have had a lower level of issues than ever. If you wish to continue this discussion, please either create/write in another thread or PM me - I'll close this thread now as we deal with false positives at report@prevxresearch.com or via our support inbox.

 

@PrevxHelp

thanks a lot for closing the thread, which was not about FP, it does not even get close to it, however I do acknowledge your verbal and rhetorical skills leading to closure of the initial thread.

Radix is out there since ages and this file in question is unaltered sitting dormant for 4 days, each 24 hrs cycle being scanned by Prevx and then after 4 days suddenly being classified as malicious. where is the logic in that? It is joke for an AV program!

and for the log, it would be necessary to have look at the reported file(s) but not the entire system, latter is kind a of privacy intrusion being thrown at the user as trouble shoot for every Prevx performance issue. and the privacy concerns are not fading considering the phoning server features to be implemented in Prevx 4

 

This is a thread about an FP and therefore against what we've set up this forum for. Detections change every day - if any AV adds a detection for another file, it could potentially affect any other file. The driver which we had the false positive on from Radix is a driver that modifies the SSDT in exactly the same way as malware. I would be surprised if Prevx didn't find it and indeed several other AVs find it as well.

Yes, you can send just the single checksum of the file but we've already fixed the FP so this discussion can be closed. There is nothing personally identifiable in the log - just the list of checksums of files.