disorderstatus.ru malware

Good day

Recently I just got my pc infected by a malware (disorderstatus.ru/order.php). I got this from a shortcut virus in a flash drive.

URL: http://disorderstatus.ru/order.php Infection: URL:Mal Process: C:\Windows\SysWOW64\msiexec.exe

Hope I can get help. Thank you

Hello,

Please download MCShield from one of the following links:

MCShield -Official download link

[*]Double click on MCShield-Setup to install the application.
Next => I Agree => Next => Install … per installation click on Run! button.
[]Wait a few seconds to MCShield finish initial HDD scan…
[
]Connect all your USB storage devices to the computer one at a time. Scanning will be done automatically.
[*]When all scanning is done, you need to post a logreport that MCShield has created.

Under Logs tab (in Control Center) for AllScans.txt log section click on Save button. AllScanst.txt report shall be located on your Desktop.

=> Post here AllScanst.txt

Explanation: USB storage devices are all the USB devices that get their own partition letter at connecting to the PC,
e.g. flash drives (thumb/pen drives, USB sticks), external HDDs, MP3/MP4 players, digital cameras,
memory cards (SD cards, Sony Memory Stick, MultiMedia Cards etc.), some mobile phones, some GPS navigation devices etc.

https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

I just noticed in other forums that there are attachments of scan logs that need to be submitted here for you to examine. Do I need to do taht too?

MCshield log. The shortcut is still there when I connected it to pc

Can you just copy/paste MCShield log?

mbamlog
frstlog
additionlog included

MCShield AllScans.txt <<<


MCShield ::Anti-Malware Tool:: http://www.mcshield.net/

v 3.0.5.28 / DB: 2015.7.25.1 / Windows 8.1 <<<

09-Aug-15 8:59:56 PM > Drive C: - scan started (no label ~79 GB, NTFS HDD )…

=> The drive is clean.

09-Aug-15 8:59:56 PM > Drive D: - scan started (New Volume ~830 GB, NTFS HDD )…

=> The drive is clean.

MCShield ::Anti-Malware Tool:: http://www.mcshield.net/

v 3.0.5.28 / DB: 2015.7.25.1 / Windows 8.1 <<<

09-Aug-15 9:06:29 PM > Drive G: - scan started (CLEMENTE ~3820 MB, FAT32 flash drive )…

=> The drive is clean.

MCShield ::Anti-Malware Tool:: http://www.mcshield.net/

v 3.0.5.28 / DB: 2015.7.25.1 / Windows 8.1 <<<

09-Aug-15 9:07:40 PM > Drive G: - scan started (CLEMENTE ~3820 MB, FAT32 flash drive )…

=> The drive is clean.

All is well now. It seemed like malware on pc was cleaned by malwarebytes when i first scanned it with the free trial enabled. I restarted the pc and replugged flash drive, malware finally detected and cleaned by mcshield. Thank you for the assistance :slight_smile: