FD sent to Prevx "jail"

Discussion in 'FirstDefense-ISR Forum' started by ashwin, Aug 25, 2006.

Thread Status:
Not open for further replies.
  1. ashwin

    ashwin Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    66
    Greetings everyone

    I've been running Prevx for months with FD, mainly to protect my registry.
    All has been running smoothly until today. Today it placed this in a "holding cell" (their version of Quarantine): Sorry to show my ignorance- I think it is a file.

    URLMON.DLL 595 KB Malware inactive LOCATION:
    C:\$ISR\1\WINDOWS\$NTUNINSTALLKB912812$\URLMON.DLL

    When I followed their advice and placed it in "jail", I lost the snapshot I was using when I rebooted...Nothing left but a wallpaper.

    The FD performed smoothly. I rebooted and went back to the primary snapshot, and then deleted the corrupted snap, and made another. I'm back in business after only the time to make another snapshot- THANK YOU FDISR!!

    Is terminating the item above the likely cause of the snapshot corruption??

    When I placed the item in "jail", I didn't look closely enough and missed the
    $ sign of FD.

    I saw the "uninstall" and thought it was a remnant of an uninstall I did earlier (taking off an AV and trying another).

    I had also run three online scans, trying to iron some other issues, so there may be other causes for the loss of the snapshot...

    NOW >>> after making the secondary snapshot, Prevx is again telling me to put
    C:\$ISR\1\WINDOWS\$NTUNINSTALLKB912812$\URLMON.DLL
    back in jail...

    I think I'll uninstall Prevx until I know what the consequences are of doing that.

    Thanks in advance for any answers.

    Ashwin
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    when u put a file in jail, Prevx1 will move that file and deny u access to it.

    if u think its a false positive, drag the file from Jail to On Probation (this will tell Prevx1 not move the file and to allow normal usage of it). then write to support regarding the file.
     
  3. ashwin

    ashwin Registered Member

    Joined:
    Feb 17, 2005
    Posts:
    66
    Hey thanks WSUser

    I just did it. Slick.

    Take Care...

    Ashwin
     
  4. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    urlmon.dll is normally a component of Windows.
    I searched on my system partition and urlmon.dll (600KB) exists in system32 folder of winXPproSP2.
     
    Last edited: Aug 25, 2006
Thread Status:
Not open for further replies.