disorderstatus and differentia

[REDACTED]

i have same problem with https://forum.avast.com/index.php?topic=175340.0

Object: http://disorderstatus.ru/order.php
Infection: URL:Mal
Process: C:\WINDOWS\SysWOW64\msiexec.exe

and


Object: http://disorderstatus.ru/order.php
Infection: URL:Mal
Process: C:\WINDOWS\SysWOW64\msiexec.exe

and suggested to start a new topic
can somebody help me? please

[Pondus]

you have only attached one log ... the important one is frst.txt

there may be some hours wait before malware team is online

[REDACTED]

sorry, here

[essexboy]

MBAM appears to have killed the registry key .. This should get the rest

THEN

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicy-x32: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml [2014-07-08]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-10-28]
S3 obeoypvn; no ImagePath
2015-08-31 15:05 - 2015-08-31 15:05 - 00000000 _____ C:\autoexec.bat
2010-11-21 10:24 - 2010-11-21 10:24 - 73243520 ___SH () C:\ProgramData\msdluiob.exe
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that