Author Topic: [SOLVED] A worm eliminated the Automatic Updates service, any way to restore it?  (Read 3686 times)

0 Members and 1 Guest are viewing this topic.

Offline martosurf

  • Full Member
  • ***
  • Posts: 182
  • www.supportkevin.com - Support Kevin Kjonnas SHAC7
Hi,

by choosing wrong at a firewall question I got infected with a worm that deleted the Automatic Updates service and inhabilitated the OS to update itself - I got errors when launching Microsoft Update.

Now the PC is clean again thanks to avast! but I still cannot update Windows. The little shYt that do this is named Win32:SdBot-5449 [trj].

Is there any way to restore Windows Update functionality? I'm just finishing setting up a clean fresh install when got infected...


 And I want to raise a loud voice here: how much efficient is a firewall if with a *single* mistake I throw everything to the trashbin? There's a big security hole in the current firewall build/use model.

I found a very useful page regarding this issue at CastleCops but there says nothing about restoring the service to to the Management Console...
link: http://www.castlecops.com/t106642-How_To_Fix_Windows_Update_BITS_Newly_Edited..html
« Last Edit: August 11, 2008, 11:11:28 AM by martosurf »
"Emancipate yourself from mental slavery / none but ourselves can free our mind" - Bob Marley

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8784
Re: A worm eliminated the Automatic Updates service, any way to restore it?
« Reply #1 on: August 11, 2008, 10:39:51 AM »
What firewall?

Download Dial-a-Fix then run all the tests:
http://wiki.lunarsoft.net/wiki/Dial-a-fix

Download MBAM then update it then run a Quick scan:
http://www.malwarebytes.org/mbam.php

Castlecops is horrendously slow for me.   It could be under a massive DDoS again.
« Last Edit: August 11, 2008, 10:44:26 AM by YoKenny »
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS

Offline martosurf

  • Full Member
  • ***
  • Posts: 182
  • www.supportkevin.com - Support Kevin Kjonnas SHAC7
Hi Yo,

Quote
What firewall?
COMODO. I don't say is a firewall itself malfunction, but an (at least) "obscure" description of what was happening. When I see this things I realize how acid+accurate is Scott Adams with his Dilbert...

Quote
Download Dial-a-Fix then run all the tests:
http://wiki.lunarsoft.net/wiki/Dial-a-fix

Download MBAM then update it then run a Quick scan:
http://www.malwarebytes.org/mbam.php
Thanks for these, I will check them now.

Quote
Castlecops is horrendously slow for me.   It could be under a massive DDoS again.
Same here =P


Anyways, PROBLEM SOLVED. After researching a *bit* more I found this support page from Microsoft where was perfectly described the issue I had and how to resolve it.
link: http://support.microsoft.com/kb/883614/es
"Emancipate yourself from mental slavery / none but ourselves can free our mind" - Bob Marley

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8784
Quote
Anyways, PROBLEM SOLVED. After researching a *bit* more I found this support page from Microsoft where was perfectly described the issue I had and how to resolve it.
link: http://support.microsoft.com/kb/883614/es
I'm glad you got it sorted out.

By the way, Dial-a-Fix would have fixed it as well plus it also has some other system cleanup features that are worth checking out.
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS