Author Topic: Malware cleanup fun  (Read 13726 times)

0 Members and 1 Guest are viewing this topic.

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Malware cleanup fun
« on: May 21, 2012, 03:18:47 AM »
Hi,
I have been have been doing various cleanup operations from a Malware issue I had the other day and am down to (as fas as I can tell) the final problem. The issue is that I cannot get Windows network discovery (and thus media streaming etc.) to turn on at all. When I try to, it just turns itself off again straight away. Yesterday, I was unable to get ANY media streaming services to run (Nero MediaHome, XBMC etc.) although those appear to now be working again.

I have run your all-in-one repair tool (which successfully fixed Windows Firewall, but did appear to screw up DHCP on my LAN connection, which I sorted out). An excellnt tool, I must say, although it did get hung up for about 12 hours on resetting file permissions.

Thanks in advance for any help you can give.

FYI, I am running Win7 64bit.

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #1 on: May 21, 2012, 10:45:01 AM »
When you try to run media streaming services have you checked the event viewer for any errors?

Shane

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #2 on: May 21, 2012, 11:01:08 AM »
Thanks for the reply.

There is nothing that I can see in the system log.
The Network Discovery option in Advanced sharing settings is off, when I switch it to on, go back to network settings, then back to advanced and check it, it has turned itself off. Furthermore, in the Media Streaming section of advanced settings, it says that Media Streaming is on, but when I click it, it says it is off and pressing the button to turn it on does nothing.

If it is any help, I found another thread about this issue suggesting the problem was with the SharedAccess service. I could not find this service in my list, so I installed it using the file you provided. I now have the service, but it will not start (claims it started, then stopped).

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #3 on: May 21, 2012, 11:04:14 AM »
Odd that nothing for the services are showing up in the event viewer.

The repair firewall should have put the shared access reg keys back in as well. Shared access is need for the Windows firewall as well.

If no errors are being reported for the exes to be closing then I wonder if there might be a rootkit on the system that is killing the services still?

Have you tried tdsskiller.exe or combofix.exe yet?

Shane

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #4 on: May 21, 2012, 11:11:48 AM »
Nope, I will give them both a go now. I did run MalwareBytes, Avast and Microsoft's malware removal tool.

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #5 on: May 21, 2012, 11:13:35 AM »
tdsskiller.exe and combofix.exe have been the best for rootkits from what I have seen :wink:

Shane

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #6 on: May 21, 2012, 12:09:42 PM »
Well, I have run them both and as far as I can tell, nothing has changed. Same situations I have been describing so far with the addition of icons (Skype, AMD Centre) missing from the toolbar for some reason.

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #7 on: May 21, 2012, 12:15:07 PM »
The one thing my repair tool does very little of is changing registry keys. When it registers files those files update their reg keys.

But when it comes to services I don't (At least for now) have it touch much. Very dangerous.

So when the system gets really screwed it is almost always in the reg. When it gets to that point the best option is a repair install, which keeps all your programs and settings.
http://www.sevenforums.com/tutorials/3413-repair-install.html

I just made a new registry backup program that is in testing in beta. It is reasons like this that I made it :wink:

Shane

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #8 on: May 21, 2012, 12:19:08 PM »
Yeah, I figured it was probably gonna come down to that. Last time I did a repair install was back on XP and I had no end of trouble with the "repaired" version. So I will probably give it a week (I have exams!) then just wipe the thing and start again. Bit of a hassel, but oh well.

Thanks for the help anyway.

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #9 on: May 21, 2012, 12:20:02 PM »
The xp repair install never worked right.

MS did a good job getting it better in Windows 7 :wink:

Shane

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #10 on: May 21, 2012, 12:22:47 PM »
Maybe I will give it a try anyways then.

Just quickly: Do programs installed on a different HDD (or in this case, partition) stay installed as well as those in Program Files? and how about things such as desktop gadgets?

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #11 on: May 21, 2012, 12:24:09 PM »
It should keep everything.

The repair install is basically doing an upgrade to the same version. So it keeps all your settings so it should work.

Shane

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #12 on: May 21, 2012, 12:27:42 PM »
Excellent, thanks again.

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #13 on: May 21, 2012, 12:28:25 PM »
No problem.

Let me know how it goes :wink:

Shane

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #14 on: May 21, 2012, 03:00:46 PM »
Well, so far: Repair install = NO END OF TROUBLE.
Uninstalled SP1 to try with my non-SP1 disc, can't install 7 Pro because I already have 7 Pro. *sigh*.
Next up: Download SP1 Win7 from MyDigitalLife and try that from USB. I expect similar results.

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #15 on: May 21, 2012, 03:02:53 PM »
Make sure to read that link. A key step is to

Quote
Click on the Compatibility tab, check the Run this program in compatibility mode for: box, select Windows Vista (Service Pack 2) from the drop down menu, and click on OK. (See screenshot below)

You have to full the setup to think your on an eariler version :-)

Shane

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #16 on: May 21, 2012, 03:08:59 PM »
Yes, I did that. I honestly can't remember a time that changing the compatabilitity settings has worked for ANYTHING.


Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #17 on: May 21, 2012, 03:09:49 PM »
I think you will have more luck with sp1 disk :-)

Shane

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #18 on: May 21, 2012, 03:50:54 PM »
I'm pretty sure that it is just screwing with me now, lol. Gotta reinstall SP1 before it will do the upgrade. Paha...ha....ha.....
« Last Edit: May 22, 2012, 06:47:51 AM by megagold5 »

Offline megagold5

  • Newbie
  • *
  • Join Date: May 2012
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Malware cleanup fun
« Reply #19 on: May 22, 2012, 06:48:37 AM »
Right, finally finished the repair install. All seems to be working again.

Thanks once again for your support.

Offline Shane

  • Lead Developer - Coder
  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9279
  • Location: USA
  • Karma: 138
  • "Knowledge should be shared not hidden."
    • View Profile
    • Tweaking.com
Re: Malware cleanup fun
« Reply #20 on: May 22, 2012, 09:18:07 AM »
Glad I could point you in the right direction :-)

Since your all fixed I will lock this thread :wink:

And as always...
If your happy with my work. Then all I ask in return is you simply let others know about my site and programs. I help with anything computer or network related :-)
Also always feel free to make a post in the feedback forum.
And a facebook like at the top of the page of my site is nice as well. ;)

Shane