Author Topic: Malware Found, services set to disabled  (Read 1954 times)

0 Members and 1 Guest are viewing this topic.

Offline 05potlaw

  • Newbie
  • *
  • Join Date: Mar 2015
  • Posts: 1
  • Karma: 0
    • View Profile
Malware Found, services set to disabled
« on: March 20, 2015, 10:24:54 AM »
Hi,

I'm new to this but I think my parents computer running XP SP3 has got/had some kind of virus.
I ran Malwarebytes and found 262 problems which have now been quarantined. It now starts up fully in safe mode and normally, however most of the services are set to disabled. I didn't want to go through manually turning them on again and when looking at how to fix it I came across the Tweaking.com windows repair tool. The PC doesn't have access to the Internet due to the services not running and I haven't tried turning anything back on. After running the pre Repairs Scan I've found problems, how can I upload the log without access to the Internet? (Posting from an iPhone). If you need any more info let me know. Thanks in anticipation.

Offline Shane

  • Top Geek, err uh Dog.
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9274
  • Location: USA
  • Karma: 135
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware Found, services set to disabled
« Reply #1 on: March 20, 2015, 11:06:38 AM »
For now you can skip the pre repair scans and just have the program run all the repairs, you should also consider using combofix.exe and adwcleaner on the system as well before the repairs. ADW cleaner will need the internet to download the updates, I dont think combofix needs internet access.

Shane
PLEASE EDIT YOUR TOPIC AND PUT (SOLVED) IF YOU ARE ALL FIXED.

(My weekends belong to my wife and kids, I will try my best to answer all posts daily during the work week)

(About Shane)
Site Owner, Top Admin, Lead Programmer, Wife & 5 kids, Needs a lot more coffee.

When people ask "Why fix what isn't broken?" I reply "To make it better."
"Only a life lived for others is a life worthwhile"
Honor & Respect is all that matters.

Owner & Programmer of: www.pcwintech.com & www.tweaking.com

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 6598
  • Location: UK
  • Karma: 100
    • View Profile
Re: Malware Found, services set to disabled
« Reply #2 on: March 20, 2015, 04:54:17 PM »
After ensuring the computer is malware free, you can also try this ESET tool which restores commonly infected disabled services. http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe but these are the services required for Internet connectivity set to either Auto or Manual.

For any that can't be started, right click on them, select Properties and check their Dependencies.

Some of the Dependencies can be found in Device Manager/View/Show hidden devices/Non-Plug and Play Drivers.

You should also check that Windows Firewall is also started.

COM+ Event System
Computer Browser
DHCP Client
DNS Client
Network Connections
Network Location Awareness
Remote Procedure Call (RPC)
Server
TCP/IP Netbios helper
Wired Autoconfig is set to manual.
Wireless Zero Configuration (XP wireless configurations only)
Workstation
« Last Edit: March 20, 2015, 04:59:24 PM by Boggin »

Offline Rick

  • Hero Member
  • *****
  • Join Date: May 2013
  • Posts: 780
  • Karma: 2
    • View Profile
Re: Malware Found, services set to disabled
« Reply #3 on: March 22, 2015, 04:37:02 PM »
After ensuring the computer is malware free, you can also try this ESET tool which restores commonly infected disabled services. http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe but these are the services required for Internet connectivity set to either Auto or Manual.

For any that can't be started, right click on them, select Properties and check their Dependencies.

Some of the Dependencies can be found in Device Manager/View/Show hidden devices/Non-Plug and Play Drivers.

You should also check that Windows Firewall is also started.

COM+ Event System
Computer Browser
DHCP Client
DNS Client
Network Connections
Network Location Awareness
Remote Procedure Call (RPC)
Server
TCP/IP Netbios helper
Wired Autoconfig is set to manual.
Wireless Zero Configuration (XP wireless configurations only)
Workstation

Eset has given me trouble with Outlook Mail, I don't use it any longer till they fix the uninstall method... and uninstall it from outlook mail add ins

Offline Boggin

  • Global Moderator
  • Hero Member
  • *****
  • Join Date: Jul 2014
  • Posts: 6598
  • Location: UK
  • Karma: 100
    • View Profile
Re: Malware Found, services set to disabled
« Reply #4 on: March 22, 2015, 05:30:54 PM »
That isn't the ESET Scanner - it's a tool to reinstate services normally disabled by an infection and there's nothing to uninstall.