Main Forum > Tweaking.com Support & Help
[Request Add] Windows Repair - IP Helper SVC Repair
tbdawg:
I had a PC today (my sons actually) that was infected with the zeroaccess rootkit which disabled a bunch of services. It's all fixed now, but was kinda surprised that between using ComboFix and Tweaking.com's Windows Repair that this service appears untouched as it seems to often be removed with this rootkit and probably some others. So I put together a little package for you that you may want to add. (See Attachment) The Windows 7 key is from a Win 7 Ult PC and the Vista key is Home Premium (sorry no XP PC to pull from), though I don't think it makes much if any difference which version the key came from as long as its Vista/7. The keys have both been cleaned of PC specific data. It appears that the subkeys below:
\Parameters\6To4
\Parameters\IPHTTPS
\Parameters\Isatap
\Parameters\Teredo
\Teredo\PreviousState
are filled in on the fly as needed depending on device parameters etc. At least the Isatap subkey did on my sons PC. Of course a restart will be needed after the fix has been made. Hope this helps somebody!
BTW Thank you for your hard work!
Edit: Ugh, just realized I put this in the wrong spot. Sorry!
Shane:
Right now the Windows Repair tool doesn't do much with any of the reg keys for the services. Very dangerous.
But I am going to be starting on a new version where I will start adding these reg keys and for each os and such. Going to be a big job but it will be worth it as it will make the Windows repair fix more problem then ever. :-)
Right now the things that it cant fix are normally related to bad or missing reg keys. Since the program doesnt touch or replace them it doesnt fix those. So as new versions come out I will be adding more and more. So thanks for these, I have added it to my to do list and I will see what i can do :-)
Shane
tbdawg:
I forgot to mention that the Win 7 key is 64 bit and the Vista key was 32 bit, though I suspect it won't matter. I am planning on doing some clean os installs soon (maybe later tonight or tomorrow) so I will make some reg dumps and verify. I also happened to remember that when I do a clean install for most of my PC's, or the ones I am working on, that I usually make a complete reg dump before I get to far along with it. I pulled a clean dump off of one of my Vista 32 bit PC's to see what the keys for this service looked like and they were almost exactly the same as the one I attached for Vista above. The only difference was one of the empty keys I listed above as being created on the fly wasn't there. So it should be safe. I also happened to get my hands on a XP Pro clean dump and verified that this service doesn't exist for XP. Which is also what was shown for this service via blackviper.com. Obviously I don't have any info on it yet for Win 8, but will add if and/or when I get it.
I'm also looking into building this service via SC.exe, but I am a bit rusty using cmd. I will look into it after I verify some more clean dumps and post the batch file for you if I am successful. Or I could write an exe to check the service and then repair what is needed. (bit rusty here too, but it's like riding a bike right. lol) Of course I will test all first and only post code/attachments if I'm successful.
If you would like any of the complete clean install dumps just let me know and I'll send them your way. I'll try and provide info for each dump if I can.
tbdawg:
Shane here is a batch file that rebuilds the IP helper service from scratch using SC.exe for either Vista or Windows 7 all versions. It requires elevation to run successfully. I have tested it thoroughly. It will repair the service whether it is there or not. It also makes a back up of the services reg key before making any changes etc. Should be very easy for addition to your tool if you desire.
Basic work flow is as follows:
It is recommended that all networks (WiFi, Ethernet, Bluetooth) be disconnected prior to running, but not required (will most likely need to restart PC otherwise).
Checks to see if the Service Exists.
If Exists -> Check if Running
If not Exists-> OS Check
If Running -> Try to stop -> recheck.
If not Running-> Make a date/time stamped backup of services reg key in Documents.
Delete Service via SC
OS Check
Build the service according to OS.
Attempt to start the service -> Check if Running -> retry if not
Check the text output in the Console window and verify no errors occured.
If service cannot be Started PC must be restarted then Network connection(s) made.
Otherwise make Network Connections.
Shane:
Added it to my "To Do" list for the Windows repair :wink:
Shane
Navigation
[0] Message Index
[#] Next page
Go to full version