Help with http://disorderstatus.ru/order.php

Hi,

Hoping to get help with this new detection repeatedly popping up on Avast:

Avast Web Shield has blocked a harmful webpage or file

URL: http://disorderstatus.ru/order.php
Infection: URL:Mal
Process: C:\Windows\SysWOW64\msiexec.exe

I suspect I was infected through a thumb drive, although Avast didn’t detect anything when I initially scanned the drive, which seems strange to me.

MBAM, FRST and aswMBR logs attached.

Thanks in advance!

Hello,

https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[
]In the main box please paste in the following script:

createsrpoint;
autoclean;
emptyalltemp;
bitsadmin /reset /allusers;b
ipconfig /flushdns;b

[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Hi TwinHeadedEagle,

As requested, Zoek-results attached here. Thanks for the help!

The detection seems to have stopped so far after the ZOEK reboot

Very good. Anything else I can help?

Thank you very much TwinHeadedEagle!

Hi TwinHeadedEagle i have the same problem of : gcbaluyut
Avast is always detecting a virus
URL: http://disorderstatus.ru/order.php
Infection: URL:Mal
Process: C:\Windows\SysWOW64\msiexec.exe
I’m following the instructions that you gave in the topic.
What should i do after using Zoek???

Please open your own topic.

Hi TwinHeadedEagle i have the same problem with
URL: http://disorderstatus.ru/order.php
Infection: URL:Mal
Process: C:\Windows\SysWOW64\msiexec.exe
I’m following the instructions that you gave in the topic.

Hi TwinHeadedEagle,

I have the same problem with
URL: http://disorderstatus.ru/order.php
Infection: URL:Mal
Process: C:\Windows\SysWOW64\msiexec.exe

I followed the instustions u have mentioned above, and i have attached my Zoek-results here. But my problem is not solved :-[

Hi TwinHeadedEagle,
I just do what you told and the ZOEK is work for me…
Thanks a lot!

sorry for my bad english

Greatings !

I had the same problem and followed the instructions .
The problem was solved but my laptop has no sound after the procedure …
What can I do about it ? I’ve checked all of the drivers and the speakers… And the system didn’t detect any problems …