I suddenly got total security 2009 and personal guard 2009. When you start up you have like 5 seconds before the virus kicks in, quickly went to taskmanager and ended their process. But I know the virus isnt gone. Ran MBAM found 42 infections the first time and it told me to restart so I did, but the virus started up again.
First log: http://pastebin.com/m3668e1
So I ran it a second time and heres the second times logs.
Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 5.1.2600 Service Pack 3
9/19/2009 1:58:08 PM
mbam-log-2009-09-19 (13-58-08).txt
Scan type: Quick Scan
Objects scanned: 84065
Time elapsed: 6 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\wcenter.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
I already have avenger, combofix and MBAM. Tell me watcha need me to do so I can get rid of this crap. The virus just keeps coming back after MBAM deletes it.
First log: http://pastebin.com/m3668e1
So I ran it a second time and heres the second times logs.
Malwarebytes' Anti-Malware 1.36
Database version: 1945
Windows 5.1.2600 Service Pack 3
9/19/2009 1:58:08 PM
mbam-log-2009-09-19 (13-58-08).txt
Scan type: Quick Scan
Objects scanned: 84065
Time elapsed: 6 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\wcenter.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
I already have avenger, combofix and MBAM. Tell me watcha need me to do so I can get rid of this crap. The virus just keeps coming back after MBAM deletes it.