Author Topic: [SOLVED] A worm eliminated the Automatic Updates service, any way to restore it?  (Read 3801 times)

0 Members and 1 Guest are viewing this topic.

martosurf

  • Guest
Hi,

by choosing wrong at a firewall question I got infected with a worm that deleted the Automatic Updates service and inhabilitated the OS to update itself - I got errors when launching Microsoft Update.

Now the PC is clean again thanks to avast! but I still cannot update Windows. The little shYt that do this is named Win32:SdBot-5449 [trj].

Is there any way to restore Windows Update functionality? I'm just finishing setting up a clean fresh install when got infected...


 And I want to raise a loud voice here: how much efficient is a firewall if with a *single* mistake I throw everything to the trashbin? There's a big security hole in the current firewall build/use model.

I found a very useful page regarding this issue at CastleCops but there says nothing about restoring the service to to the Management Console...
link: http://www.castlecops.com/t106642-How_To_Fix_Windows_Update_BITS_Newly_Edited..html
« Last Edit: August 11, 2008, 11:11:28 AM by martosurf »

YoKenny

  • Guest
Re: A worm eliminated the Automatic Updates service, any way to restore it?
« Reply #1 on: August 11, 2008, 10:39:51 AM »
What firewall?

Download Dial-a-Fix then run all the tests:
http://wiki.lunarsoft.net/wiki/Dial-a-fix

Download MBAM then update it then run a Quick scan:
http://www.malwarebytes.org/mbam.php

Castlecops is horrendously slow for me.   It could be under a massive DDoS again.
« Last Edit: August 11, 2008, 10:44:26 AM by YoKenny »

martosurf

  • Guest
Hi Yo,

Quote
What firewall?
COMODO. I don't say is a firewall itself malfunction, but an (at least) "obscure" description of what was happening. When I see this things I realize how acid+accurate is Scott Adams with his Dilbert...

Quote
Download Dial-a-Fix then run all the tests:
http://wiki.lunarsoft.net/wiki/Dial-a-fix

Download MBAM then update it then run a Quick scan:
http://www.malwarebytes.org/mbam.php
Thanks for these, I will check them now.

Quote
Castlecops is horrendously slow for me.   It could be under a massive DDoS again.
Same here =P


Anyways, PROBLEM SOLVED. After researching a *bit* more I found this support page from Microsoft where was perfectly described the issue I had and how to resolve it.
link: http://support.microsoft.com/kb/883614/es

YoKenny

  • Guest
Quote
Anyways, PROBLEM SOLVED. After researching a *bit* more I found this support page from Microsoft where was perfectly described the issue I had and how to resolve it.
link: http://support.microsoft.com/kb/883614/es
I'm glad you got it sorted out.

By the way, Dial-a-Fix would have fixed it as well plus it also has some other system cleanup features that are worth checking out.