Prevx Did Not Detect This Until Now? (low risk adware)

Discussion in 'Prevx Releases' started by andyaycw, Mar 6, 2010.

Thread Status:
Not open for further replies.
  1. andyaycw

    andyaycw Registered Member

    Joined:
    Mar 3, 2010
    Posts:
    9
    For Prevx version 3.0.5.85:

    This is a trivial case, as the item detected was just a "low risk adware" object. I do however have to question why it took Prevx so long to detect this "threat" on my computer. Here's the rundown of my situation:

    *I have a folder on my Desktop called "Folder A"
    *In "Folder A", I have one ISO image and one folder. "ISO 1" and "Folder 1"
    *Files in "Folder 1" were used to create the "ISO 1" image
    *Both "Folder 1" and "ISO 1" therefore have the exact same files - specifically ATAINF.EXE (this was the file flagged as the low risk adware)

    I have had Folder A on my desktop for a week. I have run multiple scans with Prevx and it never detected anything. Just a few moments ago, I went ahead and used "Folder 1" to create "ISO 1". I decided to scan ISO 1 just for the heck of it, and it found ATAINF.EXE as a threat. Prevx then prompted me to reboot the computer to complete the removal process.

    Upon reboot, Prevx performed another full system scan. It also found the ATAINF.EXE file in my ""Folder 1" and flagged it as the same low risk adware.

    So my question is: why did Prevx not flag that file as a threat until after I scanned the ISO image with it?

    As a sidenote, it seems it would be a false positive. Prevx was the only scanner out of 42 to flag it as malware when it was analyzed through Virus Total.

    Also, I should add that I am running Prevx alongside with Threatfire 4.7.0.17 and ESET Smart Security 4. Reason I mention this is because I have heard that some programs may conflict with one another, and may actually result in a reduced level of protection - thus, could Prevx be conflicting with either Threatfire and/or ESET Smart Security?
     
    Last edited: Mar 6, 2010
  2. PC__Gamer

    PC__Gamer Registered Member

    Joined:
    Dec 26, 2009
    Posts:
    526
    1. prevx has only now just recieved detection for the file
    2. it is a false alarm, and prevx need to fix the detection
    3. there was no signature for the file, and its behaviour on your pc has led to a new detection being created. (doubt this, as you did a scan of the file)

    however, if you have been using the file/folder recently, its behaviour (if any) would become more noticable to Prevx.

    we would need to see the scan log, and certainly prevx would for further analysis of the file.
     
  3. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
Thread Status:
Not open for further replies.