Hello!
I just made this computer a few days ago, and I don’t believe that I have gone to any sights I may have accidentally stumbled upon a rootkit. Nevertheless, during a routine scan by Avast!, I was told that one of my files is suspected of being a rootkit:
SVC: MSIWMI > C:\Program Files (X64)\MSI\Command Center\MSIWMIService.exe. Severity: High. Status: Threat: Win32:Evo-gen [Susp]. When I attempted to fix it, the action failed, and when I attempted to delete it, I was given the error: Error 0xA0000101. (-1610612479). However, when I tried using TDSSKiller, it didn’t discover anything. Suggestions?
I should add that I already ran Malwarebytes and searched for rootkits, and it failed to find anything. I’m half-hoping that I’ll be told that it’s just a false positive, (especially since I submitted it to two sites that I stumbled upon looking for help earlier that submitted the file to scans from a variety of different of virus scanners… But with my luck, I doubt that that’s the case).
Additionally, after looking at some of the other posts, I have added all of the scans that were requested of help-seekers. If any others are needed, please let me know and I’ll take care of them as soon as I can.
Lastly: Don’t know if it really effects anything, but I got the avast pop-up warning me about suspicious activity being detected again when I was performing the OTL scan.
Hi,
Detection is false, that ‘MSIWMI_CC’ service is not malware related.
C:\Program Files (x86)\MSI\Command Center\MSIWMIService.exe INFECTED Win32:Evo-gen [Susp]
You should use this form for reporting the FP:
http://www.avast.com/contact-form.php
Btw, please download Farbar Recovery Scan Tool (
http://www.mcshield.net/personal/magna86/Images/FRST_canned.png
) by Farbar and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
MSIWMI_CC is from MSI. I presume your computer is a custom build?
https://forum-en.msi.com/index.php?topic=170468.0
Yes, it’s the first custom computer I’ve made for myself.
Also, I ran the new program, and here are the results:
Hi, you have posted Extras.Txt log from OTL scan. I don’t need that. I’ll need Addition.txt log from FRST tool.
Posted FRST.txt log is malware free. There is no malware here. Post Addition so I can look at that and let you go. 
And now you are clean and free to go.
• The following will implement some post-cleanup procedures:
=> Please download DelFix by Xplode to your Desktop.
Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
Thanks! Hope your week goes well. 