Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: I am infected.

30 Mar 2014   #1
marcelopsr

Windows 7 Ultimate x64
 
 
I am infected.

I was looking for info on a new korean game called tree of saviour and i found a webpage siliconera.com which apparently had a good image of the game classes so i tried to go into the page and suddenly a windows want to execute cmd something came up and i went full retard and put yes my laptop suddenly restarted and know my windows defender is death an error pops up saying the following "The Specified sevice does not exists as an installed service (Error code: 0x80070424)" googled how to repair it download a regedit file tried it rebooted laptop and know my antivirus is off and cant be turned on. i woudl appreciate any help with this problem.
PD: my default restore point doesnt exist any longer.. it must be because of this problem..
Edit: just installed malwarebytes and removed 2 trojans any real time protection from anti avira or malware bytes cant be turned on.


My System SpecsSystem Spec
.

30 Mar 2014   #2
indianacarnie

Windows 7 Home Premium x64
 
 

Welcome to the forums marcelopsr! Wish it could be under better circumstances though. You can try running this free online scanner, its helped me before.

Free Virus Scan | Online Virus Scanner from ESET
My System SpecsSystem Spec
30 Mar 2014   #3
Devlin1888

Windows 7 Home Premium 64Bit
 
 

Hey there and welcome to SevenForums.

Id Recommend the following after running ESET.
Download these 3 programs, Boot into safe mode and run in the order as follows,

RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
Please download Rkill by Grinler from one of the links below and save it to your desktop.

Link 1
Link 2


  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
AdwCleaner: (Cleans Adware From the Computer)
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Save to the desktop.

Close all open programs.
To run the program, right-click AdwCleaner.exe and select: Run as Administrator

Click on Search and confirm the prompt.
After the program finishes, a text file report opens.

To delete:
Run AdwCleaner once again.
This time click on: Delete




download Malwarebytes Anti-Rootkit from here


  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

My System SpecsSystem Spec
.


30 Mar 2014   #4
marcelopsr

Windows 7 Ultimate x64
 
 

thanks guys i am gonna try doing all these things you suggested.
the malwarebytes have detected 2 trojans and 1 backdoor.bot and they are in quarantine but i still cant active the real time protection

the rkil stopped working midway... and the problem had to close.
2nd link also stopped working but it was way quicker than the first.
My System SpecsSystem Spec
31 Mar 2014   #5
Devlin1888

Windows 7 Home Premium 64Bit
 
 

Did you do it in safe mode?
My System SpecsSystem Spec
31 Mar 2014   #6
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

This is an article about Backdoor.bots Backdoor.Bot - Virus Removal Guide
Don't buy anything as it says at the bottom of the page. All the tools listed for disinfecting are free!
My System SpecsSystem Spec
31 Mar 2014   #7
cottonball

Windows 7 Home Premium
 
 

marcelopsr,

There is not much point to doing cancer surgery without first pinpointing the malignancy!

Please use the following diagnostic tool. It has a powerful detection mechanism, and may help us get to the cause of your issues.

Please use the Farbar Recovery Scan Tool.
Download: Farbar Recovery Scan Tool Download
Select the version that applies to your system.
Save it to your Desktop.
Double-click the downloaded file to run it.

When the tool opens click Yes to the disclaimer.
At the program's console, press the Scan button.

When done, the tool produces a log, FRST.txt, in the same directory from which the tool is run (Desktop).
Please provide the FRST.txt in your reply.

The first time the tool is run, it also makes another log: Addition.txt
Also post the Addition.txt in your reply.


Also, use the Farbar Service Scanner
Download: Downloading Farbar Service Scanner

Let's get a view of all services and dependencies scoped by the tool...

Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender

Press: Scan

When done, FSS creates a log, FSS.txt, on the Desktop.
Please provide the FSS.txt in your reply.

Thank you.
My System SpecsSystem Spec
Reply

 I am infected.




Thread Tools





Similar help and support threads
Thread Forum
My PC is infected!
:(I've tried to find these things and delete them. But I have at least two I can't get rid of. One of them is a "PC CLeaner" Another is some problem in ITunes saying its not for my new W-7....but it always was good till this other thing came along. The PC is doing something else when I...
System Security
My Pc is Infected
Hi everyone. I believe I have a virus on my pc. I was on my pc and I had several windows open. when I tried to close them they continued to reopen. This action lasted for 1 minute until I shutdown my pc. When I restarted the pc, everything seems alright. The same action happened two days ago....
System Security
Infected?
I'm wondering if I got a virus. I got the death blue screen once, but only once. Things boot fine now. Anyway, later, when I try to run various applications, I get errors for some of them, like this: "The application was unable to start correctly (0x0000005). Click OK to close the application."...
System Security
Does it appear that I am infected?
Hello to all, Thank you for any response. Yesterday while running Malwarebytes Antimalware a scan on Windows 7 Ultimate 64 bit it seemed to freeze up, now to be honest on certain cab or manifest files it can take a long time. But the clock was over 5 minutes slow, cursor immovable, and Task ...
System Security
Am I infected?
Hello to all, Thank you for any response. Yesterday while running Malwarebytes Antimalware a scan on W7 Ultimate 64 bit it seemed to freeze up, now to be honest on certain cab or manifest files it can take a long time. But the clock was over 5 minutes slow, cursor immovable, and Task Manager...
General Discussion
Have you ever been infected?
Yes. During the years of IE6 we used Norton. It was regularly finding viruses/malware until we switched to Firefox. We switched to AVG. It found at least one threat my dad had downloaded. We tried ESET and I downloaded a program that 1000s had downloaded and a few said it was clean. It seemed to...
System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 00:00.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App