Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: martosurf on August 11, 2008, 10:31:15 AM

Title: [SOLVED] A worm eliminated the Automatic Updates service, any way to restore it?
Post by: martosurf on August 11, 2008, 10:31:15 AM

Hi,

by choosing wrong at a firewall question I got infected with a worm that deleted the Automatic Updates service and inhabilitated the OS to update itself - I got errors when launching Microsoft Update.

Now the PC is clean again thanks to avast! but I still cannot update Windows. The little shYt that do this is named Win32:SdBot-5449 [trj].

Is there any way to restore Windows Update functionality? I'm just finishing setting up a clean fresh install when got infected...

 And I want to raise a loud voice here: how much efficient is a firewall if with a *single* mistake I throw everything to the trashbin? There's a big security hole in the current firewall build/use model.

I found a very useful page regarding this issue at CastleCops but there says nothing about restoring the service to to the Management Console...
link: http://www.castlecops.com/t106642-How_To_Fix_Windows_Update_BITS_Newly_Edited..html (http://www.castlecops.com/t106642-How_To_Fix_Windows_Update_BITS_Newly_Edited..html)

Title: Re: A worm eliminated the Automatic Updates service, any way to restore it?
Post by: YoKenny on August 11, 2008, 10:39:51 AM

What firewall?

Download Dial-a-Fix then run all the tests:
http://wiki.lunarsoft.net/wiki/Dial-a-fix

Download MBAM then update it then run a Quick scan:
http://www.malwarebytes.org/mbam.php

Castlecops is horrendously slow for me.   It could be under a massive DDoS again.

Title: Re: [SOLVED] A worm eliminated the Automatic Updates service, any way to restore it?
Post by: martosurf on August 11, 2008, 11:20:34 AM

Hi Yo,

Quote

What firewall?

COMODO. I don't say is a firewall itself malfunction, but an (at least) "obscure" description of what was happening. When I see this things I realize how acid+accurate is Scott Adams with his Dilbert...

Quote

Download Dial-a-Fix then run all the tests:
http://wiki.lunarsoft.net/wiki/Dial-a-fix

Download MBAM then update it then run a Quick scan:
http://www.malwarebytes.org/mbam.php

Thanks for these, I will check them now.

Quote

Castlecops is horrendously slow for me.   It could be under a massive DDoS again.

Same here =P


Anyways, PROBLEM SOLVED. After researching a *bit* more I found this support page from Microsoft where was perfectly described the issue I had and how to resolve it.
link: http://support.microsoft.com/kb/883614/es (http://support.microsoft.com/kb/883614/es)

Title: Re: [SOLVED] A worm eliminated the Automatic Updates service, any way to restore it?
Post by: YoKenny on August 11, 2008, 03:42:31 PM

Quote

Anyways, PROBLEM SOLVED. After researching a *bit* more I found this support page from Microsoft where was perfectly described the issue I had and how to resolve it.
link: http://support.microsoft.com/kb/883614/es

I'm glad you got it sorted out.

By the way, Dial-a-Fix would have fixed it as well plus it also has some other system cleanup features that are worth checking out.