I am infected.


  1. Posts : 2
    Windows 7 Ultimate x64
       #1

    I am infected.


    I was looking for info on a new korean game called tree of saviour and i found a webpage siliconera.com which apparently had a good image of the game classes so i tried to go into the page and suddenly a windows want to execute cmd something came up and i went full retard and put yes my laptop suddenly restarted and know my windows defender is death an error pops up saying the following "The Specified sevice does not exists as an installed service (Error code: 0x80070424)" googled how to repair it download a regedit file tried it rebooted laptop and know my antivirus is off and cant be turned on. i woudl appreciate any help with this problem.
    PD: my default restore point doesnt exist any longer.. it must be because of this problem..
    Edit: just installed malwarebytes and removed 2 trojans any real time protection from anti avira or malware bytes cant be turned on.
    Last edited by marcelopsr; 30 Mar 2014 at 18:55.
      My Computer


  2. Posts : 3,724
    Windows 10x64 Build 1709
       #2

    Welcome to the forums marcelopsr! Wish it could be under better circumstances though. You can try running this free online scanner, its helped me before.

    Free Virus Scan | Online Virus Scanner from ESET
      My Computer


  3. Posts : 1,413
    Windows 7 Home Premium 64Bit
       #3

    Hey there and welcome to SevenForums.

    Id Recommend the following after running ESET.
    Download these 3 programs, Boot into safe mode and run in the order as follows,

    RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
    so that your normal security software can then run and clean your computer of infections.
    Please download Rkill by Grinler from one of the links below and save it to your desktop.

    Link 1
    Link 2



    • On Windows XP double-click on the Rkill desktop icon to run the tool.
    • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
    • Do not reboot the computer, you will need to run the application again.

    AdwCleaner: (Cleans Adware From the Computer)
    http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
    Save to the desktop.

    Close all open programs.
    To run the program, right-click AdwCleaner.exe and select: Run as Administrator

    Click on Search and confirm the prompt.
    After the program finishes, a text file report opens.

    To delete:
    Run AdwCleaner once again.
    This time click on: Delete




    download Malwarebytes Anti-Rootkit from here



    • Unzip the contents to a folder in a convenient location.
    • Open the folder where the contents were unzipped and run mbar.exe
    • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
    • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
    • Wait while the system shuts down and the cleanup process is performed.
    • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
    • When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt


      My Computer


  4. Posts : 2
    Windows 7 Ultimate x64
    Thread Starter
       #4

    thanks guys i am gonna try doing all these things you suggested.
    the malwarebytes have detected 2 trojans and 1 backdoor.bot and they are in quarantine but i still cant active the real time protection

    the rkil stopped working midway... and the problem had to close.
    2nd link also stopped working but it was way quicker than the first.
    Last edited by marcelopsr; 30 Mar 2014 at 21:12.
      My Computer


  5. Posts : 1,413
    Windows 7 Home Premium 64Bit
       #5

    Did you do it in safe mode?
      My Computer


  6. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #6

    This is an article about Backdoor.bots Backdoor.Bot - Virus Removal Guide
    Don't buy anything as it says at the bottom of the page. All the tools listed for disinfecting are free!
      My Computer


  7. Posts : 2,470
    Windows 7 Home Premium
       #7

    marcelopsr,

    There is not much point to doing cancer surgery without first pinpointing the malignancy!

    Please use the following diagnostic tool. It has a powerful detection mechanism, and may help us get to the cause of your issues.

    Please use the Farbar Recovery Scan Tool.
    Download: Farbar Recovery Scan Tool Download
    Select the version that applies to your system.
    Save it to your Desktop.
    Double-click the downloaded file to run it.

    When the tool opens click Yes to the disclaimer.
    At the program's console, press the Scan button.

    When done, the tool produces a log, FRST.txt, in the same directory from which the tool is run (Desktop).
    Please provide the FRST.txt in your reply.

    The first time the tool is run, it also makes another log: Addition.txt
    Also post the Addition.txt in your reply.


    Also, use the Farbar Service Scanner
    Download: Downloading Farbar Service Scanner

    Let's get a view of all services and dependencies scoped by the tool...

    Make sure the following options are checked:
    Internet Services
    Windows Firewall
    System Restore
    Security Center
    Windows Update
    Windows Defender

    Press: Scan

    When done, FSS creates a log, FSS.txt, on the Desktop.
    Please provide the FSS.txt in your reply.

    Thank you.
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 06:25.
Find Us