0

malware.JPG

Good day,

I have been experiencing such problems. An error message keeps on reappearing on my PC saying that AVAST has blocked a harmful website(I have uploaded a picture of the error message). I ran all my antivirus software and are saying that no threat detected but the eeror is still there. I am thinking of deleting the file but when I searched about it, it sats that it shouldn't. Can anyone help and clear my thought about this....

4
Contributors
5
Replies
16
Views
2 Years
Discussion Span
Last Post by cathiedsquared
1

My guess is that a malicious file has been injected to the real msiexec.exe and now is trying to send information about your system to a domain in russia, which a real microsoft process would have no intention in doing so. To prove that, check the checksum of the file on your system and the one provided by microsoft(or on a clean system). If there is difference in that, it is indeed malicous. I would recommend you using SHA1 or better, don't use MD5 or any of the family for computing the checksum

0

How would I do that....i was lost with SHA1 and MD5..if i disabke the msiexec.exe will it help?

Edited by akasekaihime

0

I did an online scan of my computer and this is the result I got....

VirSCAN

File Name :msiexec.exe (File not down)
File Size :73216 byte
File Type :application/x-dosexec
MD5:eee470f2a771fc0b543bdeef74fceca0
SHA1:bd9bbb448dec04b1aaa8ae530e9814fdbce0a3d5

Scanner results

Scanner results:2%Scanner(s) (1/39)found malware! Behavior
Time: 2015-07-13 10:28:05 (CST)

Scanner Engine Ver Sig Ver Sig Date Scan result

fprot 4.6.2.117 6.5.1.5418 2015-07-11 W32/Felix:VC_program!Eldorado

how can i fix it...

Edited by akasekaihime

0
  • Type in msiexec.exe to your search bar in Start Menu.
  • COPY the file on your desktop.
  • Upload the copied file to Virus Total
  • Look for SHA256:, the strings after this. Is it anything close to:

82ef3b124362b701ac146fffe8c6d2f5a932417bd7011a887665df6f09797a60

?

If not, your file has been tampered with.

When I scanned my file, it said that it has been scanned recently. That means that many many people have the same file as I do.

After you upload your file, it should redirect you to website (in eventual cases, just relaunch the scanning on the website).

My clean file's report: Virus Total result, 0/55, compare it to yours.

On top of that, in setting of Avast!, there should be option where you tell "this website, don't notify me, just block it".

I did an online scan of my computer and this is the result I got....

Well this is what you shouldn't do. Don't download random programs on internet, or launch all Java applets you're told to. Internet is based on 99% malicious intent.

Edited by Aeonix

0

You can try scanning with Malwarebytes. They have a free version for home use. Then try Roguekiller and Eset Online scanner. Avast is a pretty good anti-virus but no antivirus can find and remove everything.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.