Main Forum > General Computer Support
windows 7 ultimate - after malware, no icons, no right menu, no c-n-p, no profil
obieephyhm:
The details of how (stupidly) I got in this place aren't particularly relevant. What's important is that I can't get into my studio computer for the last five days after I (again, stupidly) clicked something without paying attention to it and (according to Malwarebytes) got myself 4 PUMs and PUPs which have neutered my desktop in my profile. Restoring the registry doesn't appear to help, I can't boot into anything without being forced into a default profile -- EXCEPT when I boot into my primary profile where I get a some sort of group policy error that flashes by; at least, it seems to be happening now where it wasn't at first.
The reason I stopped by here was my first tool of choice was to use Tweaking.com's Windows Repair Pro. I was able (at first) to start it in my main user profile and then have it reboot into safe mode. I tried to do a system restore (failed), a Permissions Restore (md4 fail) and a registry restore (didn't fail but didn't seem to do anything positive either. Now I can't get it to run at all in safe mode because it gives me 'invalid picture' error and terminates.
I can find all my programs and they mostly seem to run -- provided they aren't system tools. I've run multiple anti-malware tools and the system appear free of the original miscreant but I can't find the key to undo the damage.
At this point, I can's see any of my desktop icons, I can't right click into the menu, I can't search for programs I know I have (but I can get to them, if I know where they reside). My data appears intact. I've serially tried different recommended fix programs which either 1) don't run because some asset appears to be blocked from access or 2) run but don't identify a problem in their scan.
I am not a beginner (okay, I've been doing pc stuff for about 40 years) but I'm older and more than a little frustrated at how the world currently is. Crusty, some might call it. Crabby might be a better word. There's a lot of crap going on in my world that is doing a number on my PTSD and being denied access to my one solace left on this blinking planet has me at my wit's end. If someone can coach me through what I need to do to fix this and get back in the studio to block out all the noise of the idiocracy we've descended in -- I'll be very grateful.
I'll try to attach a couple of logs that came from tools I tried to run after I couldn't work with tweaking.com's windows repair
Boggin:
As you appear to have access to another machine, can you download and create a Kaspersky Rescue Disk to boot up with. -
https://support.kaspersky.com/viruses/krd18
While AdwCleaner is now part of MBAM and MBAM has found and removed PuPs and PuMs, running a scan with that may help to get your system back up.
https://www.malwarebytes.com/adwcleaner/
Can you boot into Safe Mode with Networking via tapping F8 as you switch on, as I would advise running the scan in that mode.
As you have Win 7 Ultimate, do you also have an Ultimate install disk that you can boot up with ?
If you have, boot up with that and navigate to the Install screen to select Repair your computer.
Select Command Prompt and enter these cmds -
bcdedit |find "osdevice"
For clarity that is a Pipe symbol before find and is the uppercase of \
Using your partition letter instead of the x I have exampled, enter -
dism /image:x: /cleanup-image /revertpendingactions
Enter exit to close the cmd window and reboot.
If that doesn't improve things then reboot with your install disk to select the Command Prompt again and again using your partition letter instead of the x I have exampled, enter -
sfc /scannow /offbootdir=X:\ /offwindir=X:\Windows
to see what that reports.
As a final solution, I don't know if you will be able to do this but with Windows booted up, go Start - click on Computer - insert the install disk and double click on its drive.
This will start the process of a repair install which doesn't affect personal files or installed programs but you will need a valid retail key.
If you are using an OEM machine where Ultimate came pre-installed, then you can use the key on the COA Sticker.
obieephyhm:
I have already run MBAW it identified and removed four instances of: PUM.OptionDisableRightClick; I have run it since, several times and also run MSE and Superantispyware and no additional infections have been found. Removing the infection, however, doesn't appear to have fixed it. I am downloading krd18 but it is a very slow download for me. I am also downloading adaware.
I can boot into safe mode with (or without) networking. I have already tried running a system repair and, after several hours, it failed with no particular message as to why. I tried some things in the Repair Windows portion of When the KSD and adaware get done, I'll put them into play and see what happens and, of course, let you know. My copy of tweaking.com Windows Repair has ceased running in safe mode on the studio computer (as of yesterday) at least when I ran it through under my primary windows profile but that one no longer lets me log on (generates a Group Policy error).
I'll post an update as soon as possible but it will probably be a couple of hours.
Boggin:
When you say system repair - was that a repair install ?
Does Event Viewer report anything specific ?
Had you downloaded anything else to cause these problems.
When you're done with KRD18 and AdwCleaner, can you go Start - type msconfig and press enter when it comes up.
Under the Startup tab Disable all - Apply - OK - Restart.
If that doesn't improve things then go back into msconfig and under the Services tab, check the box to Hide all Microsoft services.
You must do this before hitting Disable all - Apply - OK -Restart.
With all of those disabled, this is known as a clean boot. although most of those wouldn't be loaded in Safe Mode.
Don't forget to try the sfc/scannow cmd if you have an install disk to boot up with.
obieephyhm:
--- Quote from: Boggin on December 17, 2020, 02:44:39 pm ---When you say system repair - was that a repair install ?
Not an install -- after using windows repair to attempt a restore point and that restore point failed, it came up with an option to attempt to repair the system (I don't remember the precise wording but I believe it is also available with an F8 restart.
Does Event Viewer report anything specific ?
I didn't see anything that appeared significant but I can look again, if you think it will help.
Had you downloaded anything else to cause these problems.
Absolutely not.
I am preparing to go try to follow your earlier instructions now -- it took some time to find the install disk I made some years ago.
--- End quote ---
Navigation
[0] Message Index
[#] Next page
Go to full version