Prevx "Bug" Reports

False memory syndrome



No big deal, just a heads up for you really I did have this nasty i DL'd but i Permanently deleted it. Still showing up on boots though ?

No need to wake TH or PH up though for this When you get a spare minute, or three

 

You know what I'm going to say! Uninstall reboot and install again to clear it up! And also we will see what Joe has to say?

TH

 

@ Triple Helix

Oh you woke up, sorry

No don't say that

Why is it we have to keep going through the same hoops to fix things ? I would have thought a silent update could fix it ?

 

It's to clear the cache!

HTH,

TH

 

I demand for clear cache function.

 

You can right click on the entry and select Report as a false positive It is likely that the file data isn't flushed into the harddisk itself so Prevx is seeing it below the OS' current view of what is deleted/active.

 

Cache, what cache where ?

Yeah me too

Yes thanks i know that and have now, but wanted to know why it had FMS, and how to prevent it happening again. Plus i thought you'ld like to know about it.

In english please

 

When you delete a file, it isn't actually deleted - it is merely marked as deleted. However, if the operating system has not updated every part of the file system on the physical disk, it's possible that there would be a mismatch between what Prevx sees and what Windows sees (as Prevx scans the disk without using the file system directly at all).

It would probably be worthwhile trying a reboot and a rescan to see if that clears it down, but if all else fails, you can always just mark it as a FP and it will be removed from the scan

 

That i did know

Even after a reboot and a rescan it was still there, and even after marking it as a FP. Scanned today and it hasn't appeared, go figure No big deal as i said, but i was curious to know why, and thought you should be made aware of a "possible" bug.

 

Still happening today after a reboot

The others have gone as i said but 3 malware files i DL'd yesterday and deleted in a folder to the Recycle Bin, still show up as in the Deleted folder from on my desktop ? Impossible as it's, In the Bin

FMS or Phantom or ? Whatever is causing it, i believe it sure looks like a bug ? Not serious, and doesn't bother me, but non wilders etc people "could" be seriously spooked by these alerts.

 

It might just go away if you defrag the disc.

 

Can you do a Check Disk scan on reboot for me to see if the files come back? I had to do it once and it worked for me!

TH

 

@ Triple Helix

Thanks

Did a Check Disk scan on reboot still there ?

 

Time to ask for a remote session from Prevx Support: http://info.prevx.com/service.asp

TH

 

It might be worth trying to uninstall/reinstall Prevx and see if that clears it down - not sure why they would be hanging around but if that doesn't solve it, we can certainly try a remote support session to get to the bottom of it!

 

Thanks, might try that soon

Or not But thanks for the suggestion

This seems to be a standard answer these days I don't think we should have to keep doing that, not on final release versions anyway. And if i did, i guess the likelyhood of it happening again is more than 50/50, which would only incurr the same suggestion That's why i "believe" it might be a bug, and needs sorting.

Hey leave me bottom out of this I mentioned before that i have disabled the RS stuff, and have no intention of enabling it, but thanks for asking

Not a big problem, but it is one !

 

I found two major FP's , but I learned from previous report that FP's should be sent via email and I don't like that.
So, that's that, if Prevx is interested I can give their names.

But what is really interesting is that real-time scanner doesn't catch it nor report it, but default scan does find it.
And maybe this was said before but I can see Prevx in VirusTotal list but I'm sure they not use Prevx for analyze.
Those two samples proved that just now, Prevx scan finds them, HitmanPro finds them (just Prevx Vendor) but VT says Prevx is not detecting it.
I even executed A-Squared Emergency Kit and it didn't find them (which is definite proof for me that this is for sure FP !!) MBAM scan didn't find them as well.
Really weird

But fine, whatever, another one of never-ending Prevx mysteries

 

How about the lines from the scan log? Just post the FP lines here or PM them to PrevxHelp!!

HTH,

TH

 

Sure, no problem.

[NF] d:\program files\windows media player\wmpdmccore.dll [PX5: BE44BB00001DC5B0F2CC049DDE6A4D0057C759E2]
[NF] d:\windows\system32\slwc.exe [PX5: 7242C342E0786788D0750411D50F8300954EBE87]

First one : No comment.
Second : Link

I don't know what [NF] on those lines stands for but it's in Detection overrides now.

 

Those two infected entries doesn't appear in scan log so here's the picture.

 

OK, after removing those two overrides, slwc.exe is still found but windows media player is not anymore.
In fact, I can't remember that scanner even found / detected wmpdmccore.dll , it was just sitting there in overrides but not by my manual add (100% sure)
Would that even be possible ? (for Prevx to put something in overrides by itself without alerting user at all)

 

I can report that Prevx added this entry in override by itself :

[NF] (ACTIVE) d:\program files\windows media player\wmpdmccore.dll [PX5: BE44BB00001DC5B0F2CC049DDE6A4D0057C759E2]



Any comment ?

 

Never mind, all is good, I won't bother you again.
Admins can delete last few posts starting from #192

 

You can delete the posts your self if you want to

 

How ? I can only edit them and make them empty, anyhow, there is TH's reply.
I mean whatever, I asked legit questions, Prevx for some reason doesn't like reporting FP's at their forum (every other Vendor here doesn't mind that) , or maybe Prevx doesn't like me for some reason, which is fine, I can understand that
I just want to understand better the product, that's all.

I'll quote something from one very popular movie :

"I'm here to help - if my help's not appreciated then lotsa luck, gentlemen"