Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Victim to Resource Compiler? - Many problems, can't remove "msiexec64.exe"


  • Please log in to reply
No replies to this topic

#1 AAnonymoose

AAnonymoose

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:01:18 AM

Posted 20 May 2018 - 01:10 PM

System Info:

(If needed I can attached the full DxDiag file)

------------------
System Information
------------------
      Time of this report: 5/20/2018, 12:42:41
             Machine name: ANDREW-PC-NEW
               Machine Id: {45ECDDBA-501E-4AE4-BF85-C81B7D208D13}
         Operating System: Windows 10 Home 64-bit (10.0, Build 17134) (17134.rs4_release.180410-1804)
                 Language: English (Regional Setting: English)
      System Manufacturer: To Be Filled By O.E.M.
             System Model: To Be Filled By O.E.M.
                     BIOS: P1.00A (type: UEFI)
                Processor: Intel® Core™ i7-7700 CPU @ 3.60GHz (8 CPUs), ~3.6GHz
                   Memory: 16384MB RAM
      Available OS Memory: 16346MB RAM
                Page File: 6053MB used, 13236MB available
              Windows Dir: C:\WINDOWS
          DirectX Version: DirectX 12
      DX Setup Parameters: Not found
         User DPI Setting: 96 DPI (100 percent)
       System DPI Setting: 192 DPI (200 percent)
          DWM DPI Scaling: Disabled
                 Miracast: Available, with HDCP
Microsoft Graphics Hybrid: Not Supported
           DxDiag Version: 10.00.17134.0001 64bit Unicode

 

Prologue 

I have a Trojan/virus/malware/etc...IDK... what I do know is I cannot remove it and it's causing increasingly numerous problems. I attempted to download some "free" dlc for a game I bought. I got a free load of problems instead. Here's my adventure so far...

About a week ago I first downloaded the "DLC". Chrome said "you dont wanna download that...i ignored" Windows defender said "hey, this is a bad idea, ima put this outa reach" ...i ignored... then i finally downloaded and opened and next thing i knew 15+ "games" were downloading onto my desktop. I ran a program I came across while ago called "RKill" and it stopped the downloading of these "games." I began looking on here for way to fix the numerous problems i started experiencing. 1st, all shortcuts when to some 'googlesearch' website, deleted all shortcuts and replaced on desktop with correct shortcut paths. Then removed the files that "RKill" found and terminated....wish i kept the logs because I attempted to "scrub" everything but now i still have viruses and no idea where they are located. 

 

Onto the current problem

 

What prompted me to look into possible maleware/virus is I cannot open task manager after about 3 seconds of logging into my windows 10 account. If i open right away it will open, but any delay and i get this error: "Taskmgr.exe - Entry Point Not Found
The procedure entry point ImageList_CoCreateInstance could not be located in the dynamic link library C:\Windows\system32\taskmgr.exe" - attached snippet of error message

- I checked and i do have the application Taskmgr in this file location: C:\Windows\System32

 

I have downloaded and used "HitmanPro 3.8.0 - Build 292 64 Bit (30day free trial) - attached the first log of running this: "HitmanPro_20170520_1156

- It identified the following program as maleware: msiexec64.exe 

- i have "deleted it" multiple times now using HitmanPro and each time when I reboot I get a black screen with the file name/location at the top of my screen (looks similar to cmd window but full screen)...then when I relog into windows it is still there. 

 

Steps I have taken: 

I have thought to myself if i block the program that Hitman is linking to the maleware than that may help...so i created in inbound rule in my firewall block this program...no luck.

 

I have ran cmd's sfc /scannow  nothing identified as wrong

 

Also, when I attempted to download and run Farbar Recovery Scan Tool (FRST) chrome closes instantly...any site i attempt to open that has FRST or Farbar Recover Scan Tool causes chrome to crash...which ive never seen that before.

 

When I run "RKill" now it BSOD with a "Critical_Proccess_"Died/Ended


I do not have any system restore points...unfortunately I've never used them...worse case scenario I fresh reinstall....i just hate the thought (slow download speed for redownloading games).... Whatever help you all can provide is MUCH appreciated! Thanks in advance!

Attached Files


Edited by hamluis, 20 May 2018 - 02:24 PM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users