Prevx 2.0 Prevx CSI identified as malware.

Discussion in 'ESET Smart Security' started by Bunkhouse Buck, Jun 11, 2008.

Thread Status:
Not open for further replies.
  1. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    ESS incorrectly identifies two Prevx programs as malware. Prevx is a fairly common program and it hard to believe Eset makes a FP out of these.
     
  2. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hi!

    Send detected files in archive with password "infected" to ESET virus laboratory => samples[at]eset.sk with subject eg. "False positive of Prevx's files".

    Regards
     
  3. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    I sent a customer service form with the requested information. I took the .exe file in question out of quarantine and restored it since the file is not malware.

    Actually, I have done that twice and have been a long time Eset customer- but they have not replied other than to say they received the issue. It is not that complicated, but to me a FP is as bad as an infection- although I obviously know the difference.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,408
    Could you please tell me what email address you sent it to? I haven't seen anything like that at samples[at]eset.com
     
  5. ctrlaltdelete

    ctrlaltdelete Registered Member

    Joined:
    Oct 16, 2005
    Posts:
    318
    Location:
    NL
    Bunkhouse Buck check the ESS definitions.

    I've seen the false positive 3 times, (probably a variant of Win32/Genetik) and they were fixed very fast.

    Last FP i saw on CSI was on May 12 (def 3093).

    Only with a new install of ESS i see the FP again (old defs in setup), update ESS and the FP is gone.
     
  6. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    Whatever address ESS sends it to with the automatic GUI provided with the program.
     
  7. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    Check the definitions? If it weren't in the definitions provided, it would not have been detected. It was and it is a FP.
     
  8. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    Still no response from customer service. I think I might want to pursue a refund for the 2 year license I purchased for ESS. As a computer expert, I find the software still buggy and customer service less than responsive.:thumbd:
     
  9. ASpace

    ASpace Guest

    ESET ThreatLab very rarely responds to user submissions . You'll simply see the problem fixed with one of the following updates.
     
  10. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,408
    Perhaps it went to the distributor you purchased ESS from. Please compress the file with WinRAR/ZIP, protect it with the password "infected" and send it to samples[at]eset.com with this thread's url in the subject. If it's actually a false positive we'll fix it quickly.
     
  11. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    I purchased ESS on the Eset website as I have all of my Eset software. Of course it is a fp- it's the Prevx .exe file. Not impressed with customer service and I have been one of your biggest supporters until this issue. I am trying to help Eset resolve an issue that will be present for anyone that uses Prevx and an Eset AV engine.
     
    Last edited: Jun 14, 2008
  12. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    If that is the case good, if not, not so good.
     
  13. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,408
    As I said, false positives submitted to samples[at]eset.com can be fixed very quickly. If one submits a file from Quarantine, it will get among hundreds of files out of which 99% is junk (people usually submit us sounds, text files, pictures, etc.)
     
  14. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    Thank you Marcos, but I unistalled the program. If I ever reinstall it (I paid for a 2 year license), I will submit the file from quarantine as you have suggested. The other problem for me is 100% CPU usage which happens with both the AV and ESS. 2.7 does not cause this CPU issue, but I will not put software on my machine that is problematic.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.