Suspicious alerts, behavior shield warnings, OH MY!

Hey guys,
I think my computer is infected. Today, I was scanning with avast and it found two infected files. I stopped the scan and took a screenshot of the log for you guys. I’m currently scanning with MBAM (quick scan) to see furthermore if they’re infected. (I already uploaded the 2 files to the avast virus lab.)

Are there any advanced steps I should take?
Pcclean (or should it be pcdirty :wink: :slight_smile: ;D

Ok here’s the MBAM and avast log

Hi Pcclean,

According to your MBAM log :

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

It seems that you also run Windows defender on your system, it is could be your windows defender cache or quarantine the malware and then avas or MBAM detected it.

You could clean your windows defender with remove the quarantined malware, and then retry to scan it again.

cheers,

@Yanto.Chiang
I don’t even run Windows Defender on my XP system, so those aren’t the right files. Although if you noticed In the registry keys have “Security Center” in them and I have also been having problems with the “Security Center” so it seems that this may be part of the problem.

Hi Pcclean,

Pardon me for my mistaken and not understanding to analysis the log,

Pondus just noticed me about those logs, it was means that some registry changed especially with Windows Security Center which’s usually used to warn each users for firewall enable/disable, AV update, and Windows update status.

Usually MalwareBytes can solved this problem, and will fixes your registry after your scan and take an action with the malware.

You may retry to update your MalwareBytes engine and database, and try to scanned it again.

As referenced : hxxp://forums.malwarebytes.org/index.php?showtopic=34645

cheers,