Camelia

Ok, cariño I will do it At MBAM Team you can close this thread if you want to OR If you do not care why I do not trust your latest version

oK, It seem we are not welcome at Malwarebytes Anti-Malware Forum, Just Remember MBAM Team you are closing doors with other security solutions, and with unhappy users. Before I leave this thread I want to report the following: Prevx 3.0 System Status: CLEAN Before Prevx Scan Log - Version v3.0.5.220 Log Generated: 28/12/2011 21:03, Type: 0,1 Windows XP Professional Service Pack 3 (Build 2600) 32bit|1033 Hostname: EXCLUDE FOR SECURITY REASONS Some non-malicious files are not included in this log. Heuristics Settings: Age: 1, Pop: 1, Heu: 2 (Dir: 1) Last Scan: Wed 2011-12-28 20:58:10 Mexico Standard Time. Number of Scans: 22. Last Scan Duration: 11 minutes 4 seconds c:\program files\malwarebytes' anti-malware\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] Malware Group: High Risk Cloaked Malware c:\del\prevx mbam\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] Malware Group: High Risk Cloaked Malware Key "Malwarebytes' Anti-Malware"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" infected After Prevx Scan Log - Version v3.0.5.220 Log Generated: 29/12/2011 09:32, Type: 0,1 Windows XP Professional Service Pack 3 (Build 2600) 32bit|1033 Hostname: EXCLUDE FOR SECURITY REASONS Some non-malicious files are not included in this log. Heuristics Settings: Age: 1, Pop: 1, Heu: 2 (Dir: 1) Last Scan: Thu 2011-12-29 09:31:13 Mexico Standard Time. Number of Scans: 24. Last Scan Duration: 8 minutes 50 seconds. [G] (ACTIVE) c:\del\prevx mbam\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] [G] c:\program files\malwarebytes' anti-malware\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] There is no problem with the key "Malwarebytes' Anti-Malware"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" I do not trust MBAM latest version. If you want to know my reasons.. please ask me

I am start to think we are not face with a FP, 24 hours and I still have 2 infections, so there is only 3 options: MABM latest version is infected Prevx is not a reliable application Prevx Team, can not declare as a FP and update their database, because the file mbamgui.exe is a High Risk Cloaked Malware and the key "Malwarebytes' Anti-Malware"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" is infected In other hand, I do not have problems running, updating, booting with the MABM latest version. under Windows XP Pro SP3 (All the hotfixes up-to-date) KIS SUPERAntiSpyware Free Edition Spybot - Search & Destroy Prevx 3.0 i Will scan with my antimalware software and I will post the result Meanwhile, my advice is urgent to run Microsoft Baseline Security Analyzer 2.2 (for IT Professionals) http://www.microsoft.com/download/en/details.aspx?id=7558

Thanks you cariño! Camelia

The the 3rd line is when I moved all the files in order to winrar and e-mail it at report@prevxresearch.com, but finally I submited it at http://info.prevx.com/service.asp Prevx Scan Log - Version v3.0.5.220 Log Generated: 28/12/2011 18:30, Type: 0,1 Windows XP Professional Service Pack 3 (Build 2600) 32bit|1033 Hostname: EXCLUDE FOR SECURITY REASONS Some non-malicious files are not included in this log. Heuristics Settings: Age: 1, Pop: 1, Heu: 2 (Dir: 1) Last Scan: Wed 2011-12-28 18:30:12 Mexico Standard Time. Number of Scans: 20. Last Scan Duration: 3 minutes 27 seconds. c:\program files\malwarebytes' anti-malware\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] Malware Group: High Risk Cloaked Malware c:\del\prevx mbam\mbamgui.exe [PX5: BA939ED248D58CE308F207C15E4915009657C514] Malware Group: High Risk Cloaked Malware Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsmqIntCert"="regsvr32 /s mqrt.dll" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit" "RTHDCPL"="RTHDCPL.EXE" "KBD"="C:\\HP\\KBD\\KBD.EXE" "AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 2012\\avp.exe\"" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "Malwarebytes' Anti-Malware"="\"C:\\Program Files\\Malwarebytes' Anti-Malware\\mbamgui.exe\" /starttray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS] "Installed"="1"

Ok, I will be back if i have any problem Thanks Came

S&D no immunization Prevx 3.0 Scheduler unchecked Prevx SafeOnline OFF

Yes i was reading the FAQ section, SAS Real time Protection uncheched Scheduled Scanning unchecked Automatic Updates unchecked General and Startup All check except Disable Bitman Backgrounds unchecked Do not scan with SAS starts checked Start a Quick Scan unchecked Start a Complete Systems Scan unchecked Start a Custom scan unchecked unchecked Check for updates before... unchecked Real time Protection Tab Enable real- time protection unchecked Enable First Chance Prevention unchecked Hi-Jack Protection Display notification when... checked Protect home page from being.. unchecked Application Protection Prevent any application from.. uncheced Updates All unchecked except Notify me when definition updates have been download checked Notify me if i have not checked definition .... checked

AND windows XP Pro SP3 with all the hotfixes up-to-date

Hi, I have AV: KIS 2012 SUPERAntiSpyware Free Edition Spybot - Search & Destroy Prevx 3.0 I had tried to uninstall Malwarebytes Anti-Malware latest versionn with the tool mbam-clean.exe, in windows normal mode and safe mode, but it is not working, I download a new fresh copy of MBMA perhaps the exclusion changed in this version for my suite?

it seems Prevx 3.0 has a lot of work, usually they update their database in a few hours, I still have 2 FP: c:\program files\malwarebytes' anti-malware\mbamgui.exe \REGISTRY\Machine\Software\Microsft\Windows\CurrentVersion\Run\..

Thank you, do you suggest me to uninstall MBAM V. 1.60.0.1800 using mbam-clean.exe and install again? Or I am ok?

The latest MBAM show infections in the following locations c:\program files\malwarebytes' anti-malware\mbamgui.exe c:\program files\malwarebytes' anti-malware\mbampt.exe And in the regisrty \REGISTRY\Machine\Software\Microsft\Windows\CurrentVersion\Run