Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: I am infected.


30 Mar 2014   #1

Windows 7 Ultimate x64
 
 
I am infected.

I was looking for info on a new korean game called tree of saviour and i found a webpage siliconera.com which apparently had a good image of the game classes so i tried to go into the page and suddenly a windows want to execute cmd something came up and i went full retard and put yes my laptop suddenly restarted and know my windows defender is death an error pops up saying the following "The Specified sevice does not exists as an installed service (Error code: 0x80070424)" googled how to repair it download a regedit file tried it rebooted laptop and know my antivirus is off and cant be turned on. i woudl appreciate any help with this problem.
PD: my default restore point doesnt exist any longer.. it must be because of this problem..
Edit: just installed malwarebytes and removed 2 trojans any real time protection from anti avira or malware bytes cant be turned on.


My System SpecsSystem Spec
.

30 Mar 2014   #2

Windows 7 Home Premium x64
 
 

Welcome to the forums marcelopsr! Wish it could be under better circumstances though. You can try running this free online scanner, its helped me before.

Free Virus Scan | Online Virus Scanner from ESET
My System SpecsSystem Spec
30 Mar 2014   #3

Windows 7 Home Premium 64Bit
 
 

Hey there and welcome to SevenForums.

Id Recommend the following after running ESET.
Download these 3 programs, Boot into safe mode and run in the order as follows,

RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
Please download Rkill by Grinler from one of the links below and save it to your desktop.

Link 1
Link 2


  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
AdwCleaner: (Cleans Adware From the Computer)
http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
Save to the desktop.

Close all open programs.
To run the program, right-click AdwCleaner.exe and select: Run as Administrator

Click on Search and confirm the prompt.
After the program finishes, a text file report opens.

To delete:
Run AdwCleaner once again.
This time click on: Delete




download Malwarebytes Anti-Rootkit from here


  • Unzip the contents to a folder in a convenient location.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

My System SpecsSystem Spec
.


30 Mar 2014   #4

Windows 7 Ultimate x64
 
 

thanks guys i am gonna try doing all these things you suggested.
the malwarebytes have detected 2 trojans and 1 backdoor.bot and they are in quarantine but i still cant active the real time protection

the rkil stopped working midway... and the problem had to close.
2nd link also stopped working but it was way quicker than the first.
My System SpecsSystem Spec
31 Mar 2014   #5

Windows 7 Home Premium 64Bit
 
 

Did you do it in safe mode?
My System SpecsSystem Spec
31 Mar 2014   #6
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

This is an article about Backdoor.bots Backdoor.Bot - Virus Removal Guide
Don't buy anything as it says at the bottom of the page. All the tools listed for disinfecting are free!
My System SpecsSystem Spec
31 Mar 2014   #7

Windows 7 Home Premium
 
 

marcelopsr,

There is not much point to doing cancer surgery without first pinpointing the malignancy!

Please use the following diagnostic tool. It has a powerful detection mechanism, and may help us get to the cause of your issues.

Please use the Farbar Recovery Scan Tool.
Download: Farbar Recovery Scan Tool Download
Select the version that applies to your system.
Save it to your Desktop.
Double-click the downloaded file to run it.

When the tool opens click Yes to the disclaimer.
At the program's console, press the Scan button.

When done, the tool produces a log, FRST.txt, in the same directory from which the tool is run (Desktop).
Please provide the FRST.txt in your reply.

The first time the tool is run, it also makes another log: Addition.txt
Also post the Addition.txt in your reply.


Also, use the Farbar Service Scanner
Download: Downloading Farbar Service Scanner

Let's get a view of all services and dependencies scoped by the tool...

Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender

Press: Scan

When done, FSS creates a log, FSS.txt, on the Desktop.
Please provide the FSS.txt in your reply.

Thank you.
My System SpecsSystem Spec
Reply

 I am infected.




Thread Tools



Similar help and support threads for2: I am infected.
Thread Forum
Solved My PC is infected! System Security
My Pc is Infected System Security
How often does your PC get infected? General Discussion
Infected? System Security
Have you ever been infected? System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:06 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33