Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
6241 Views 5 Replies Latest reply: Jul 23, 2009 8:55 AM by Ex_Brit RSS
Newcomer 2 posts since
Jul 21, 2009
Currently Being Moderated

Jul 21, 2009 4:04 PM

prevx.exe

Hi,

I am looking to buy some welding equipment and have been browsing the local Cragslist ads. Yesterday I found what appeared to be a pretty good deal and I mailed the poster. I got back a response which gave me a link for directions. I followed the link and downloaded a zipped file. Unzipping this file and clicking on the file didn't seem to do anything so I searched the internet looking for information about the zip program and the file.

What I found was that the file imagereader1x.exe was a virus which spawned unwanted processes. Searches brought up other users who, similarly on craigslist, had downloaded the file and were rewarded with a virus.

I also found an anti-malware software download, Prevx which claimed to help clear this virus so I downloaded and installed it. Since them I have deleted the file imagereaderx.exe and hope that I caught it quick enough that it did not infect my computer. It doesn't seem like my computer is infected.

Except ...

The program imagereader1x.exe spawned programs which I managed to kill. However the anti-malware program Prevx spawns programs called prevx.exe This program loads at start-up and spawns two processes, both called prevx.exe Searching on "prevx.exe" leads to results which say the process is a dangerous virus and that it should be removed immediately. Searching for "prevx" brings up Prevx anti-malware software. There are reviews and it seems that Prevx is legit; even though it spawns the process "prevx.exe"

I've used McAfee and scanned the files and it's looked through my computer and says that I am virus free.

Is the process "prevx.exe" spawned by Prevx (www.prevx.com) a virus or a virus checker?

Other than running a virus checker is there some way to tell if my computer is infected? I'm still a bit concerned about the "imagereader1x.exe" that I downloaded, unzipped and ran.

Any help in clearing this up would be greatly appreciated!

Thanks,
Dan
  • Ex_Brit Volunteer Moderator 59,530 posts since
    May 6, 2004
    Currently Being Moderated
    1. Jul 21, 2009 4:12 PM (in response to danbyrum)
    RE: prevx.exe
    Prevx bills itself as the answer to just about everything which it isn't.

    Prevx.exe is I believe malware according to a very reliable source, but to be sure you should run the free version of both of these tools and let them clean everything they find.

    http://www.superantispyware.com/superantispywarefreevspro.html

    http://www.malwarebytes.org/mbam.php

    Meanwhile, what is your operating system and service pack and are you totally up to date?

    Meanwhile it is only Prevx that finds Imagereader1x as malware as far as I can gather.

    https://community.mcafee.com/servlet/JiveServlet/downloadImage/2-143933-5189/78-49/Peter.gif
    Toronto • Canada
    Volunteer Moderator
    I can't help you privately - please post in the Forums
    Use Advanced Forum Search To Find Answers
    Beta Test McAfee Products For PC & MAC
    How To Fix File Associations in Windows
    XP & Office 2003 End-Of-Life - 08 April, 2014
    Anti-Spyware/Malware & Hijacker Tools
  • Newcomer 1 posts since
    Jul 23, 2009
    Currently Being Moderated
    2. Jul 23, 2009 2:03 AM (in response to Ex_Brit)
    Ockham's razor
    "Prevx.exe is I believe malware according to a very reliable source"

    That statement alone is unfortunately very very misleading and in this case most likely going to cause more worry than anything - prevx.exe could be malware IF it i located in c:\windows\system32 . You might as well just say mcshield.exe is malicious as well as it has been known to be seen in system32 as well. You can not simply identify a file by it's filename, you must look at much more than this - at least by looking at the location in which the file is located in.

    As for Prevx.exe , Prevx is indeed a legit antimalware product, and does install itself by default into c:\program files\prevx\prevx.exe . It will show up as two separate processes in your process list as it runs in both user and system account.

    Searching for google will lead you to some sites which talk about a malicous file called prevx.exe, however living in c:\windows\system32.

    Ockham's razor is often true, however may I suggest you include in your future filename searches a better approach - find out where the file is located, and use the services provided by a site such as virus total (www.virustotal.com) where it will scan a file you upload against all the leading antimalware products on the market. And yes, Prevx is in that list as well.
  • Ex_Brit Volunteer Moderator 59,530 posts since
    May 6, 2004
    Currently Being Moderated
    3. Jul 23, 2009 4:59 AM (in response to slxplovs)
    RE: Ockham's razor
    Whatever. I'm afraid often we don't always have time to go into intricate details. just point to things we (or anyone) could find by doing a search.

    I have had VirusTotal linked in my signature for some time.

    https://community.mcafee.com/servlet/JiveServlet/downloadImage/2-143933-5189/78-49/Peter.gif
    Toronto • Canada
    Volunteer Moderator
    I can't help you privately - please post in the Forums
    Use Advanced Forum Search To Find Answers
    Beta Test McAfee Products For PC & MAC
    How To Fix File Associations in Windows
    XP & Office 2003 End-Of-Life - 08 April, 2014
    Anti-Spyware/Malware & Hijacker Tools
  • Ex_Brit Volunteer Moderator 59,530 posts since
    May 6, 2004
    Currently Being Moderated
    5. Jul 23, 2009 8:55 AM (in response to danbyrum)
    RE: Thanks!
    If you ever have something you aren't sure about just submit it to either McAfee Threat Center or to VirusTotal, as linked in my signature. VirusTotal is great in that it will then be scanned by a whole bunch of the major scanners out there. It is often surprising to view the widely different findings though.

    https://community.mcafee.com/servlet/JiveServlet/downloadImage/2-143933-5189/78-49/Peter.gif
    Toronto • Canada
    Volunteer Moderator
    I can't help you privately - please post in the Forums
    Use Advanced Forum Search To Find Answers
    Beta Test McAfee Products For PC & MAC
    How To Fix File Associations in Windows
    XP & Office 2003 End-Of-Life - 08 April, 2014
    Anti-Spyware/Malware & Hijacker Tools

More Like This

  • Retrieving data ...

Bookmarked By (0)