Solved

Windows 7 malware and update problems

Posted on 2015-02-05
28
265 Views
Last Modified: 2015-02-28
Hi
I have a Windows 7 Pro 32-bit laptop that had the istart123.com virus or malware or whatever they're categorizing it as these days among other problems, I presume.  After running all the usual stuff (Malwarebytes, Spybot, adwcleaner, hitman, combofix, tweaking windows, ccleaner), I noticed that Windows updates are failing.  Their are currently 4 updates failing and during my quest for resolution, I've come across other problems that might be related.  
Currently I'm getting .net framework update errors Code 8007371B, and Code 8024200D.  I'm kind of embarrassed I've  spent so much time on this but it's become personal now as I've tried just about everything.  I've attached a couple logs after running sfc /scannow and DISM.exe /Online /Cleanup-image /scanhealth and discovered some corruption starting at "Cannot repair member file [l:30{15}]"setupcompat.dll" or at about 14% on SFC.  Please take a look and see what you think.  The one thing I haven't done is a repair from disc as I don't have the Windows 7 disc here with me at the moment and won't be able to get them from the lab for a couple days.  Hoping to be done with this before I go back in.

Thanks!
sfcdetails.txt
ComboFix.txt
CheckSUR.log
0
Comment
Question by:Jason
  • 14
  • 9
  • 3
  • +1
28 Comments
 
LVL 91

Accepted Solution

by:
nobus earned 166 total points
ID: 40593084
with that much problems and scans run, i would backup and do a fresh install  - delete the os partition during install) - it will save time in the end, and insuresyou a clean system !
0
 
LVL 24

Expert Comment

by:VB ITS
ID: 40593293
You can try resetting the Windows Updates components using the steps in this article: http://support.microsoft.com/kb/971058

I'd tend to agree with nobus though, I'd personally back up all my data then do a complete reinstall of Windows. This will give you a clean system to work with and you won't have to worry about any lingering malicious files on your machine.
0
 

Author Comment

by:Jason
ID: 40593709
Is there a free download for a Windows 7 Pro iso or something I can run a repair on the corrupted system files?
0
 
LVL 91

Expert Comment

by:nobus
ID: 40593827
0
 

Author Comment

by:Jason
ID: 40593896
Page not found on any of the iso download links.
0
 
LVL 91

Expert Comment

by:nobus
ID: 40594101
aah old article and links..sorry
softonic says it has it - but i did not test it out  : http://windows-7-home-premium.en.softonic.com/
0
 

Author Comment

by:Jason
ID: 40594142
That's for home premium, dude.
I got it from here
Gonna try this
0
 

Author Comment

by:Jason
ID: 40594151
Anybody know where the missing files listed in the SFCdetails log attached are supposed to be?
0
 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 334 total points
ID: 40594184
jhill777att--
Rather than try to install individual corrupt files run a Repair Install with the .iso disk you will have made from the digitalriver download.
http://www.sevenforums.com/tutorials/3413-repair-install.html

This should not affect installed programs or personal data.
0
 

Author Comment

by:Jason
ID: 40594271
Ugh running setup tells me that d:\sources\wdscore.dll is either not designed to run on Windows or it contains an error.  
Idk what the deal is but I found another link to get the download in case the digitalriver one is corrupt but, of course, the product key code sticker has been removed from the bottom of the laptop. smh
Also, when I try to extract the iso with 7-zip there is only a "Boot" folder and a Readme that states "This disc contains a "UDF" file system and requires an operating system
that supports the ISO-13346 "UDF" file system specification."
0
 

Author Comment

by:Jason
ID: 40594287
Trying this
0
 

Author Comment

by:Jason
ID: 40594319
After reboot, same issue...even when mounting the iso virtually.
0
 
LVL 91

Expert Comment

by:nobus
ID: 40595291
remeber what i said in my first post
"with that much problems and scans run, i would backup and do a fresh install  - delete the os partition during install) - it will save time in the end, and insuresyou a clean system ! "
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:Jason
ID: 40609130
The problem with the disc not reading had something to do with it being a Dell laptop and Win7 being OEM.  Couldn't dl the win7 iso from m$.  The product key I entered their site  generated an error and told me I had to call.  They said I needed to talk to Dell for a new product key because the key was locked and wouldn't activate.   Dell told me I needed to talk to M$.  Lol
After some persuasive maneuvers, Dell sent me a thumb drive with the model specific repair and recovery media on it.  After booting from it, it analyzed the OS and found no problems.  Lol
My one and only option was to click next to backup and reload it, only to find that it didn't even load all the drivers for me and had to spend another 15 mins finding stupid drivers.  One being unknown that I had to figure out on my own. it was some free fall driver or something. I assume it's some crap that parks the heads if it feels like it's being dropped but I bet it doesn't work right anyway.  
So anyway, reloaded from scratch and did m$ updates and driver update only from their respective official websites.  Never navigated anywhere else and didn't restore any old files from backup.  Installed the enterprise McAfee AV, updated definitions and ran a quick scan.  It finds a trojan called Serb.exe in c:windows\options.   Lol
Prolly just gonna chuck this thing in the trash.  Not even going to recycle it.  Eff this thing.
0
 
LVL 91

Expert Comment

by:nobus
ID: 40609462
why not do a fresh install?  from recovery partition?
0
 

Author Comment

by:Jason
ID: 40609784
I already did a fresh install.  Why would I do it again?
0
 
LVL 91

Expert Comment

by:nobus
ID: 40609896
from a recovery partition is different - could help
0
 

Author Comment

by:Jason
ID: 40610093
I don't see how it'd be different from what I got from dell.  It's basically just the recovery partition for people who may have lost their hard drive completely.
0
 

Author Comment

by:Jason
ID: 40610105
Anyway, McAfee deleted the trojan and although it was not the method I was looking for, of course, the complete OS reload took care of reloading the missing system files.  I definitely didn't need to pay $/month for "experts"-exchange to tell me to reinstall the operating system.  Really disappointing that Sfc error messages can't be resolved without just starting over.
0
 
LVL 50

Assisted Solution

by:jcimarron
jcimarron earned 334 total points
ID: 40610111
jhill777att--
Your sfcdetails.txt files indicates corrupt files.
Have you run the System Update Readiness tool?
https://support.microsoft.com/kb/947821?wa=wsignin1.0

This reference may also be of interest
http://answers.microsoft.com/en-us/windows/forum/windows8_1-system/sfc-scan-now-detecting-some-kind-of-issue-with/0d0d3669-2efe-45e0-a2ad-25fa6a14c950
0
 

Author Comment

by:Jason
ID: 40610198
I ran DSIM.   The log file is attached in my initial post.  The restorehealth switch is for Windows 8 so I was hoping somebody here knew what to do after /scanhealth.  Didn't know about the system readiness tool.  Not sure if that would have fixed it or not but it's too late as I've already reloaded.
0
 
LVL 50

Expert Comment

by:jcimarron
ID: 40610221
jhill777att----
Too bad.
I knew you had run DISM.  I was directing you to the system readiness tool, the download reference for which  I gave you is applicable to Win 7 as well as Win 8.
0
 
LVL 91

Expert Comment

by:nobus
ID: 40635812
not sure why you ratyed the C grade?
giving the vest possible way out is worth an A
0
 

Author Comment

by:Jason
ID: 40636613
It wasn't what I was looking for.  I could go post "do a fresh install" on every problem in here and that's probably the "best" way out.  I didn't have any of the media with me to reinstall the countless programs the lab uses so reloading wasn't the "best" option.  Icimmaron posted what I was looking for as I  had simply overlooked the system readiness section  of the article that was below the windows 8 instructions, but it was too late.  I don't need anybody to tell me to reinstall.  That's my last resort or I wouldn't be asking.  Combine that lackluster recommendation with your outdated or just plain inapplicable links; a grade of C is pretty generous, I think.
0
 
LVL 91

Expert Comment

by:nobus
ID: 40636867
you can always reopen the question if you feel that way - i don't need your points if you think  my posy is nothing worth
0
 

Author Comment

by:Jason
ID: 40637068
Why you cryin to the teacher about your grade then?  That IS how I feel and that's why I said it.  All you really did was pop in and say "reload", copy and paste a broken link from some other thread, copy and paste a link to home edition, reiterate the fresh reinstall over and over, and then cry about the grade C.  I'd like to give an F for wasting my time with the links but C is the lowest they allow.  I'm sure some might argue "Hey he was just trying to help blah blahblah" but if you don't know what you're doing, then it's probably best to just remain silent.  It'd be in EE'S best interest too, as I'll probably just close my account and stop paying them, given the "quality of service" I received here.  Icimmaron posted the most helpful advice but was like 9 days late.  It's kind of insulting that the question reads "Solved by Noobus" at the top now.  You really cracked that code.
0
 
LVL 91

Expert Comment

by:nobus
ID: 40637197
i'm not crying to anyone - not even you
i simply say that you can do what ever you like - that's all and i indicated how to d o it
i also refrain from using denigrating sentences
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Storage devices are generally used to save the data or sometime transfer the data from one computer system to another system. However, sometimes user accidentally erased their important data from the Storage devices. Users have to know how data reco…
If you get continual lockouts after changing your Active Directory password, there are several possible reasons.  Two of the most common are using other devices to access your email and stored passwords in the credential manager of windows.
This Micro Tutorial will go in depth within Systems and Security in Windows 7 and will go into detail regarding Action Center, Windows Firewall, System, etc. This will be demonstrated using Windows 7 operating system.
This Micro Tutorial will give you a introduction in two parts how to utilize Windows Live Movie Maker to its maximum editing capability. This will be demonstrated using Windows Live Movie Maker on Windows 7 operating system.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now