Solved Weird virus

[makuze]

Hello, i have a problem with a virus. I downloaded a patch for a video game and it was not from the manufacture some person just uploaded. I installed it but nothing happened. When i was installing it asked me premission with svchost and pressed ok. That was the bad move. Every time i start my pc and log in the cmd console comes out and ses acsess is denied. Then i read the comments and evrybody sed its a virus. And no antivirus with full scan does not detect it. But my father sed its a virus it is not good. What should i do? Cause i cant format my disk what do i do? sorry for my bad english. P.S the strange thing is that nothing happens.

 

[StalkeR]

Hello there. I think that it should be a malware. Almous all of the patches for the games/programs ... are trojans and some other malwares. I'll suggest you to run a full scan with Malwarebytes,and post here the log file after the full scan,to see if you're infected.

 

[makuze]

OK. Im running the full scan right now i will post the information about it after if i have a virus still there

 

[SmurofNeves]

Have you tried right-click run as administrator...If this works check your system Integrity using this command..

SFC /SCANNOW


What anti-virus are you using.?

 

[StalkeR]

^^
Here is tutorial
http://www.sevenforums.com/tutorials/1538-sfc-scannow-command-system-file-checker.html

 

[makuze]

Hey guys. i just scanned with malwarebytes heres the results
Files Infected:
c:\Windows\System32\drivers\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\nscf.dat (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\program files\relevantknowledge\rloci.bin (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\about relevantknowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\privacy policy and user license agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
c:\programdata\microsoft\Windows\start menu\Programs\relevantknowledge\uninstall instructions.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
I deleted the virus svc host the main one, but there is still 1 problem every time i log in the console opens for 2 seconds and ses acsses denied so i dont even know. Should i try SmurofNeves's tip? But i don't quite understand about it maybe when my father will come back form work he can help me with this. Any more options?

 

[makuze]

no need anymore! My dad came back and fixed it all though that virus was anoyng thanx guys.

 

[Orbital Shark]

Hi, glad it's resolved.

Do you know exactly "how" he fixed it? It could prove valuable to other members here

 

[StalkeR]

You're welcome! Glad to hear that.

 

[makuze]

First of all i used malwarebytes to delete the svchost virus that came with the file. Second of all i just disabled some apps that start when windows starts up but the accses denied disapeard when i restarted the time when i disabled the apps. But the apps didin't do anything, after removing the virus and restarting 2 times it went away my father sed that it was supossed to be like that and its ok now. Sorry for my english.

 

[UnderJonathan]

The svchost.exe virus is very very annoying. Its hard to get rid off it too. It doesn't sound like he got rid of the virus..but if it works ok, then I guess there is no virus anymore. God Bless Microsoft LOL..there are millions of ways to do one thing