Total Security Malware

I have two pc’s both XP home, that are running the latest version of CIS and the database is up to date.

Anti-virus = Stateful
Firewall = Safe Mode
Defence+ = Clean PC Mode

In the last two days both of these have been infected by the Total Security Malware.

This removed the Comodo anti-virus software. I tried to reload CIS but the malware still stopped the Anti-virus running.

I had to download MBAM.exe to remove it.

I have a couple of questions.

  1. Why did Comodo not pick this up, do I have CIS wrongly configured?
  2. Has anyone else had this problem? If so how was it stopped?

Regards

Unfortunately these rogue programs keep reinventing themselves, so it was probably not yet in the av database. It is surprising that Defense+ did not give you a warning about this installing itself, as it should do when in clean PC mode. Safe mode would be better I think, once d+ has learnt your programs.

MBAM seems to specialise in this type of removal and presumably you followed the process terminations needed for this to succeed.

what configuration do you have? Internet Security or Proactive security? the last is more secure because enables image execution control.