Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.



  • Please log in to reply
3 replies to this topic

#1 Serp


  • Members
  • 11 posts
  • Local time:09:32 AM

Posted 09 June 2011 - 03:03 AM

I got in touch with a buddy of mine who is a comp tech with a large corporation and explained to him what my computer was doing and all and he told me I needed to get onto another computer and dl rkill and malwarebytes and use a thumb to run on the infected computer (this one I am writing from). While I was searching for them, I found your walkthrough and followed it and was able to get my computer back.
After I got it back, Malwarebytes found 7 items and removed them, I ran it again after reboot, and it found 2 more... I was unable to get automatic updates to turn back on. So I went to windows update and tried to update manually... it errored out on me. So I contacted microsoft and they emailed me back with a list of solutions listed below. I did the first one and was able to turn auto update back on and go to windows update and update the computer.

But I still have issues... some sites will not open, and I downloaded Security Essentials and it errors out when I try to update its definitions. I emailed the tech at microsoft back about it, but I am not sure if they will help in this or not because all the tech suppost they provide is for windows update issues...

so if you have any tweaks or whatever to help me get my complete computer back, I would be most grateful. Thanks.

Here is the fixes the MS Tech sent me. the AU.INF fixed my Auto Update and Windows Update issues.

This error can be caused by one of the following factors:


1. The two registry branches of Automatic Updates are corrupted.

2. Some Windows Update engine files have not been registered.

3. The Automatic Updates service is not working properly.


We will address some of the more common causes of this issue. It is important that we attempt to connect to the Windows Update web site after each step to confirm whether the resolution has worked. This will prevent us from having to proceed with additional troubleshooting steps and provide us with valuable feedback to further develop our support resolutions for you and our future customers. Your assistance is greatly appreciated.


Suggestion 1: Restore two registry branches.


Let's repair the following two registry keys:





1. Click "Start", click "Run", type: "Inf" (without quotations) and press "Enter". A folder will open.

2. Locate the file "au.inf", (you can type au to locate the file), right click it and choose "Install".


Note: The file extension ".inf" may be hidden; we may only see the file named "au".


3. The setup process will try to restore the registry branches automatically.  However, you may not receive any notification. If some files cannot be located automatically, we will be prompted to select the installation source. Please click "browse", and go to this location:




If this folder is unavailable, please choose the folder "C:\Windows\System32".


4. Please restart the computer.


Now try Update to see if the issue has been resolved. Please let us know if this step has resolved it. If not, please proceed to the next step.


Suggestion 2: Re-register the Windows Update engine files.


By trying this step, we can check the update engines.


1. Close all instances of Internet Explorer.

2. Click "Start" and "Run", type "REGSVR32 ATL.DLL" (without quotations) in the open box and click "OK".


Note: There is a space between REGSVR32 and ATL.DLL


3. Register the files listed below:














If you are using the Microsoft Update Site, please register the following files as well





Note: Please register all the files. While registering each .DLL file you should get a "succeeded" message. If any error message is encountered , please let me know the exact wording. Some .DLL files are not necessary in some specific operating system, therefore please let me know if some files cannot be found. I will help you to double check it.

BC AdBot (Login to Remove)


#2 hamluis



  • Moderator
  • 56,551 posts
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:32 AM

Posted 09 June 2011 - 07:17 AM

System manufacturer and model?

I guess that I have to wonder...how you can assert that the system is no longer infected.

I would suggest posting in the Am I Infected forum...once cleared there, I would do either a repair install of XP (my preference) or try running the sfc /scannow command.

That approach eliminates malware first, then Windows as possible culprits.


#3 Serp

  • Topic Starter

  • Members
  • 11 posts
  • Local time:09:32 AM

Posted 09 June 2011 - 12:33 PM

I have already ran SFC /scannow. gave no issue.
reason i assume I am clean is because both malwarebytes and MS security essentials find nothing when completing a full scan. And I did run MWB flash scan too. I am assuming I now have files that need replaced/repaired that the infection damaged or whatever at this point.

#4 spc3rd


  • Members
  • 292 posts
  • Gender:Not Telling
  • Location:Mid-Atlantic region (USA)
  • Local time:09:32 AM

Posted 10 June 2011 - 02:43 PM

Hi Serp,

Have you tried doing a System Restore to a point prior to the infection occurring? (If you already have, then please pardon my suggestion).


Dell Optiplex 755 Desktop | Win 7 Pro, SP 1, 64-bit | Intel Core 2 Duo, 3.00 gHz CPU | 8 GB RAM | 400 GB Seagate SATA HDD | Outpost Security Suite Pro | MBAM Premium 2.0 | Spywareblaster | SAS (on-demand) | Blocklist Pro | IE 11 & FF w/ NoScript | Disconnect | Adblock Plus | Flagfox

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users