Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Many backdoors/various Trojans/rootkit. Shutdowner present

01 Aug 2012   #11

Microsoft Windows 7 Pro 64-bit SP1
 
 

Try a system restore to the point before you clicked on the spam and such.

Like what borg said, it may not be fixable.

-Justin

My System SpecsSystem Spec
.

01 Aug 2012   #12

Windows 7 64-Bit Home Premium Service Pack 1
 
 

Quote:
Click on Repair your computer. (See screenshot below)

5. Select which operating system you want to restore and the click on Next. (See screenshot below)
NOTE: If Windows 7 is not listed here, or it is blank, then it is ok. Click on Next anyway.
It wasn't listed, it was blank, and I clicked Next anyway. I went to System Restore and it said:

To use System Restore, you must specify which Windows installation to restore. Restart this computer, select an operating system, and then select System Restore.

I thought I could leave it blank?

I didn't click Load Drivers. Should I try that?
My System SpecsSystem Spec
01 Aug 2012   #13

Windows 7 Ultimate x64
 
 

Although you might be able to get a deeply infected machine back into a 'workable' state it will likely take more than one program to do it.

But even if you can get it back into that 'workable' state I wouldn't trust it. I'd wipe that disk clean and reinstall. Quicker that way, and you can then be confident that it's secure.

Back up all your data to reliable media first though.
My System SpecsSystem Spec
.


01 Aug 2012   #14

Windows 7 Ultimate x64
 
 

Quote   Quote: Originally Posted by MelancholyRose View Post
To use System Restore, you must specify which Windows installation to restore. Restart this computer, select an operating system, and then select System Restore.

I thought I could leave it blank?

I didn't click Load Drivers. Should I try that?
System Restore might work, but you should be aware that your restore points can contain the malware too. Definitely contains it if you've been infected for some time.
My System SpecsSystem Spec
01 Aug 2012   #15

Windows 7 64-Bit Home Premium Service Pack 1
 
 

I need to get that shutdown to stop happening before I can back anything up. I'm having a friend help me.
My System SpecsSystem Spec
01 Aug 2012   #16

Windows 7 Ultimate x64 SP1
 
 

The easiest thing to do is to remove the drive and slave it into another computer (with up to date virus definitions, of course). Copy your essential files to the other computer. Put the drive back into the original computer, and reinstall Windows.
My System SpecsSystem Spec
01 Aug 2012   #17

Windows 7 64-Bit Home Premium Service Pack 1
 
 

Apparently the Services.exe file is damaged, and that's what's causing the shut downs, not a virus. I thought to do an sfc scannow, but for some reason my computer just doesn't show my OS. It acts like I don't have one, even though I definitely do.

What I think is causing that is, I use a RAID 1 mirror. My other hard drive isn't being used right now, it hasn't been used for a while, so I'm using only the one drive. Do I need my RAID driver to get to my OS?

If so, do I need to use RAID drivers or Chipset drivers? http://support.amd.com/us/gpudownloa...d_windows.aspx [EDIT: I'm thinking it's the AHCI Controller Driver under chipsets.]

EDIT: Looks like this is probably it. SATA Drivers - Load in Windows Recovery Options
My System SpecsSystem Spec
01 Aug 2012   #18

Microsoft Windows 8.1 Professional
 
 

My mother in law's laptop got infected and I got tired of fighting this rootkit because of the afterall damage to core files which SFC couldnt fix, ended wiping the disk and reinstalling clean, one thing I'm clueless about is how is this infection spreaded?
My System SpecsSystem Spec
01 Aug 2012   #19

Windows 7 64-Bit Home Premium Service Pack 1
 
 

Judging on what I've read/been told about Sirefef is that if you try to remove it, it hides in system files and copies itself to Registry keys and such.
My System SpecsSystem Spec
01 Aug 2012   #20
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

This sounds like the Zero Access Rootkit. It has created a hidden partition to hide itself from being found and fixed. This is quite a nasty Rootkit!

Save what you can (pictures, important documents), then wipe your OS and do a "clean" install.
My System SpecsSystem Spec
Reply

 Many backdoors/various Trojans/rootkit. Shutdowner present




Thread Tools



Similar help and support threads for2: Many backdoors/various Trojans/rootkit. Shutdowner present
Thread Forum
Former Pentagon analyst: China has backdoors to 80% of telecoms Chillout Room
Require (Rootkit.TDSS.TDL4) Rootkit Removal & Cleanup walkthrough System Security
ESE Found Trojans System Security
Trojans System Security
Trojans in Updates??? Windows Updates & Activation
Trojans in Firefox Add-ons System Security
Trojans? System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:49 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33