Potential Virus on C:/Windows/SysWOW64/msiexec.exe

Discussion in 'Malware Removal Assistance For Windows' started by Alt-L, Jul 8, 2017.

Need Malware Removal Help?

We offer free malware removal assistance to our members. Sign Up now, and get free malware removal support.

  1. Alt-L

    Alt-L New Member

    Jul 8, 2017
    4
    1
    Male
    Philippines
    Windows 7
    Avast
    Operating System:
    Windows 7
    Are you using a 32-bit or 64-bit operating system?:
    64-bit (x64)
    Infection date and initial symptoms:
    July 8, 2017.

    Malwarebytes sent a notice about a potential virus blocked under msiexec.exe.
    None, so far.
    Current issues and symptoms:
    None.
    Steps taken in order to remove the infection:
    None yet.
    Logs added to help request:
    • FRST.txt
    • Addition.txt
    • I've also uploaded logs from other scans that I've performed
    Hello there.

    My Malwarebytes application sent me a notice of a potential virus on C:/Windows/SysWOW64/msiexec.exe from the location:

    qibrasop . ru


    I'm worried about what can happen to my computer with the virus and such and if it's just a false positive.

    Below are the scans from FRST and Malwarebytes
     

    Attached Files:

    public enemy likes this.
  2. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    20,982
    2,590
    Male
    Malware Removal, Gaming
    Windows 7
    ESET
    Hello,


    [​IMG] Fix with Farbar Recovery Scan Tool

    [​IMG] This fix was created for this user for use on that particular machine. [​IMG]
    [​IMG] Running it on another one may cause damage and render the system unstable. [​IMG]

    Download attached fixlist.txt file and save it to the Desktop:

    Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
      (XP users click run after receipt of Windows Security Warning - Open File).
    • Press the Fix button just once and wait.
    • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    • When finishes FRST will generate a log on the Desktop, called Fixlog.txt.

    Please attach it to your reply.


    After the fix, please upload regexport.reg from your Desktop.
     

    Attached Files:

  3. Alt-L

    Alt-L New Member

    Jul 8, 2017
    4
    1
    Male
    Philippines
    Windows 7
    Avast
    I have done all the steps you have told me to do. Thank you. Also, how do I upload the regexport.reg file?
     

    Attached Files:

  4. Alt-L

    Alt-L New Member

    Jul 8, 2017
    4
    1
    Male
    Philippines
    Windows 7
    Avast
    I have uploaded the regexport.reg file via Google Drive.

    regexport.reg
     
  5. Alt-L

    Alt-L New Member

    Jul 8, 2017
    4
    1
    Male
    Philippines
    Windows 7
    Avast
    As of now, the virus has stopped appearing for a day or so.
     
  6. TwinHeadedEagle

    TwinHeadedEagle Removal Expert
    Staff Member

    Mar 8, 2013
    20,982
    2,590
    Male
    Malware Removal, Gaming
    Windows 7
    ESET
    [​IMG] Scan with Farbar Recovery Scan Tool

    Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
    • Right-click on [​IMG] icon and select [​IMG] Run as Administrator to start the tool.
      (XP users click run after receipt of Windows Security Warning - Open File).
    • Make sure that Addition.txt option is checked.

      [​IMG]
    • Press Scan button and wait.
    • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
    Please attach report into your next reply.
     
Loading...
Other threads that you may like Forum Date
Need Help Potential virus in HDD partition Hardware - Questions & Help Oct 15, 2014
Need Help Potential VRAM Problem Hardware - Questions & Help Monday at 11:37 AM
Microsoft releases additional updates to protect against potential nation-state activity Operating Systems Jun 13, 2017