Should I uninstall prevxcsifree.exe and install Hitman Pro 3.5?

Discussion in 'Prevx Releases' started by camelia, Dec 28, 2011.

Thread Status:
Not open for further replies.
  1. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    I am running Avira (the suite AV and firewall) version 10 and prevxcsifree.exe without conflicts, I try SecureAnywhere AntiVirus 2012:

    •Won't conflict with other security programs, providing an added layer of protection


    But I get on Windows XP SP3 Security center the message 'Windows found more than one antivirus on this computer. What is wrong?
     
  2. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    Nothing is wrong and yes you can continue to use Prevx Free or WSA with other AV's and or suites without issues! It just will show up in Windows Security Center as 2 AV's! This is a picture from my XP VM which I have WSA and VIPRE AV! And also you can have HMP also as it's an On-Demand scanner!

    TH

    Capture28-12-2011-11.18.02 AM.jpg
     
    Last edited: Dec 28, 2011
  3. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City

    Thank you cariño, but this is an issue for me 2 AV's:

    .....and at least one reports that is currently up to date and virus scanning on...

    Is not equal:

    Avira Premium Suite reports that it is up to date and virus scanning is on... blah... blah... blah…

    You know, with security always is a problem here or there. They are AV's that sometimes does not update (A good example of AV that has problem updating could be Outpost Antivirus PRO)

    I know WSA does not update in the same way as KAS or ESET...

    How I will now that the AV is updating and on?

    Remember there is not a perfect AV, a malware can disable my primary AV and I will not notice...

    Do you want other example? OK

    The latest version of MBAM V. 1.60.0.1800 is not working like previous version, lots of complains, also there is a problem with prevxcsifree.exe and MBAM latest version more info here:
    http://forums.malwarebytes.org/index.php?showtopic=103190

    In a few words: if I install WSA Windows Security Center should not report 2 AV's,
    WSC do not report 2 AV's when I install Avira and prevxcsifree.exe

    Last question: I notice you have Windows firewall on, if I install SecureAnywhere Complete 2012 or SecureAnywhere Essentials 2012 what about with suites (KIS Avira Internet Security 2012)? Will I have 2 firewalls and 2 AV's?
     
  4. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    WSA is always up to date as all the signatures are in the Cloud and just a tiny bit on the system for when your offline and you should always see WSA or Prevx in the System tray by the clock! And Prevx Free will not show in the Security Center as it can't remove most infections but if it was Licensed it would! And you don't need Windows Firewall on if you have KIS or AIS but if you have WSA alone you should have Windows Firewall on! Also a Licensed WSA will show in the Security Center and if you have KIS or AIS it will show 2! Just make sure WSA has full rights through the other suite as it needs to communicate to the net always! Here is a Picture from Win 7 x64 Action Center!

    HTH,

    TH

    Capture12-28-11-12.54.11 PM.jpg
     
    Last edited: Dec 28, 2011
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    The false positive should be fixed now :)
     
  6. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    The Security Center will actually not help in this case. An antivirus program has to tell the security center that it's disabled for it to mark it as such, and if malware was to disable an AV, it wouldn't give it a chance to tell the security center.
     
  7. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Thank you, but I am running Win XP SP3, I have Windows 7 but with other security modules, I will download once again WSA, if I have any question I will be back to ask

    Came
     
  8. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    Sounds good but you shouldn't have any problems but we will be here! ;)

    TH
     
  9. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
  10. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
  11. starfish_001

    starfish_001 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    1,041
    looks like a prevx FP - i'd report it and leave MBAM installed
     
  12. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    ... with WSA, but I have installed prevxcsifree.exe
    and still has not fixed the FP

    Does WSA and prevxcsifree.exe do not have or share the same database or Detection overrides?
     
  13. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    Do you have the same issue?
     
  14. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    Just right click on each file in the scan results window of Prevx Free "Report as False Positive" until Joe comes by!

    TH
     
    Last edited: Dec 28, 2011
  15. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    OK, :doubt:
     
  16. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    Can you save a scan log and post the [PX5] lines that have a in front? And it gets confusing as I'm trying to help you here and at the MBAM site!

    TH
     
  17. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City


    The MBAM site is down they have a big, big problem...
    In my computer under Windows XP SP3 MBAM latest version is running PERFECT TODAY, I do not if tomorrow will plays nice with my OS and application installed. I hope I do not have any problem.
    I found out that I need to fix some Administrative Vulnerabilities.
    I ran Microsoft Baseline Security Analyzer 2.2 (for IT Professionals)
    http://www.microsoft.com/download/en/details.aspx?id=7558

    OK here is my log


    Prevx Scan Log - Version v3.0.5.220
    Log Generated: 28/12/2011 21:03, Type: 0,1
    Windows XP Professional Service Pack 3 (Build 2600) 32bit|1033
    Hostname: 60xpp
    Some non-malicious files are not included in this log.
    Heuristics Settings: Age: 1, Pop: 1, Heu: 2 (Dir: 1)
    Last Scan: Wed 2011-12-28 20:58:10 Mexico Standard Time. Number of Scans: 22. Last Scan Duration: 11 minutes 4 seconds.
    c:\program files\malwarebytes' anti-malware\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] Malware Group: High Risk Cloaked Malware
    c:\del\prevx mbam\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] Malware Group: High Risk Cloaked Malware

    Here is the Registry

    indows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsmqIntCert"="regsvr32 /s mqrt.dll"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "RTHDCPL"="RTHDCPL.EXE"
    "KBD"="C:\\HP\\KBD\\KBD.EXE"
    "AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2012\\avp.exe\""
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
    "Malwarebytes' Anti-Malware"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
    "Installed"="1"

    I still have 3 infections!!!

    c:\program files\malwarebytes' anti-malware\mbamgui.exe

    "Malwarebytes' Anti-Malware"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray"

    C:\Del\Prevx MBAM\mbamgui.exe

    Thank you very much for your help

    Camelia
     
  18. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    OK I do not have FP

    Prevx 3.0
    System Status: CLEAN

    Before

    Prevx Scan Log - Version v3.0.5.220
    Log Generated: 28/12/2011 21:03, Type: 0,1
    Windows XP Professional Service Pack 3 (Build 2600) 32bit|1033
    Hostname: EXCLUDE FOR SECURITY REASONS
    Some non-malicious files are not included in this log.
    Heuristics Settings: Age: 1, Pop: 1, Heu: 2 (Dir: 1)
    Last Scan: Wed 2011-12-28 20:58:10 Mexico Standard Time. Number of Scans: 22. Last Scan Duration: 11 minutes 4 seconds

    c:\program files\malwarebytes' anti-malware\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] Malware Group: High Risk Cloaked Malware
    c:\del\prevx mbam\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] Malware Group: High Risk Cloaked Malware

    Key

    "Malwarebytes' Anti-Malware"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" infected


    After

    Prevx Scan Log - Version v3.0.5.220
    Log Generated: 29/12/2011 09:32, Type: 0,1
    Windows XP Professional Service Pack 3 (Build 2600) 32bit|1033
    Hostname: EXCLUDE FOR SECURITY REASONS
    Some non-malicious files are not included in this log.
    Heuristics Settings: Age: 1, Pop: 1, Heu: 2 (Dir: 1)
    Last Scan: Thu 2011-12-29 09:31:13 Mexico Standard Time. Number of Scans: 24. Last Scan Duration: 8 minutes 50 seconds.
    [G] (ACTIVE) c:\del\prevx mbam\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514]
    [G] c:\program files\malwarebytes' anti-malware\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514]

    There is no problem with the key

    "Malwarebytes' Anti-Malware"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray"

    like Elemjay
    http://forums.malwarebytes.org/index.php?showtopic=103190&st=0&p=510706&#entry510706

    I am a bit confused and and a bit nervous, Could you please son kind to explain me why took so long the Prevx database update?
     
  19. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    Sometimes they are busy and it's the Holidays!

    TH
     
  20. camelia

    camelia Registered Member

    Joined:
    Nov 4, 2011
    Posts:
    131
    Location:
    Mexico City
    I can understand this!, btw Happy Holidays Triple Helix!!!

    (Wilders Members and Prevx Team also of course) :D

    And thank you for your help

    Camelia
     
  21. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,012
    Location:
    Ontario, Canada
    You are very welcome and Happy Holidays to you and yours!

    TH
     
Thread Status:
Not open for further replies.