I am a bit confused...

Discussion in 'Prevx Releases' started by Rivalen, Jan 21, 2011.

Thread Status:
Not open for further replies.
  1. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    PACK[1].EXE Prevx3 found 2 of these and said my PC was infected.

    (-Hitman said I had 1 - is that odd.) (Full Antivir scan said I was clean.)

    - Does this mean P3 couldnt stop these from entering my C:? I had hoped they should be recognized and I should be able to choose - "Block" or similar.

    - After consulting P3 Support - quick - I cleanedup. No problem so far.

    - After P3 cleanup I - by mistake - ran scans without pluging in my internetconnection. Hitman warned me I wasmt connected. P3 scanned on and all looked the same as if I was connected!? P3 is cloud based?

    - How do I read old scans to see detailedresults and cleanup details?

    - How do I read the full info on the found infected file. Full description of where it is located etc?

    - If I want to send it to prevx for further examination. Is there a rightclick function so I can send it off easily?

    I still feel uncertain I was ever infected. Are we perfectly sure PACK[1].EXE is a baddy?

    - Are there any legit such files? A Google made me uncertain.

    - If there are legit PACK[1].EXE which programs use it?

    Sorry that I dont just take the word of support and leave it so, but Antvir seldom let anything through in last 5 years.

    Best Regards
     
  2. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It would be helpful if you could send us a scan log. Filenames are essentially meaningless as any file can be named anything (you can even install Prevx as PACK[1].exe if you want :D) A scan log will show the file checksum which will allow us to identify what rule has blocked the file.
     
  3. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    I am to nonsavvy. How do I do that?

    And as I said I got a mail and I have been in contact with support - very quick and decided to follow advice to cleanup.

    Best Regards
     
  4. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    When I try to look into realtime protection details it sends me to license info where my license key and expiry dates can be seen but also an option to enter my key and activate??
     
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    You can save a log by clicking Tools - Save scan results and send it to report@prevxresearch.com
     
    Last edited: Jan 21, 2011
  6. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
  7. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    :D Thanks - virtual keyboards on a phone are never helpful :D
     
  8. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    Done!
     
  9. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Thank you for the log - I can confirm that the file is malicious (a fake antivirus). Your scan log shows that your PC is now clean, however! :)
     
  10. Rivalen

    Rivalen Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    413
    I visited a site where I got popups that said I had trojans according to a windows defender or something and was asked if I wanted to download or run the AV. I didnt. Could this be it and if so I would have hoped P3 would block it. Its good that P3 detects its there on my C: when scanning, but why doesnt it recognize it in an earlier stage and block it? Safe on Line?

    You and your support are as quick as I hoped for.

    Best regards
     
  11. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It likely never actually executed and Prevx blocked it transparently or something else prevented it from running. If it was an exploit, it's possible that the file got downloaded and never ran, but either way, you're clean :)
     
Thread Status:
Not open for further replies.