Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

XP ANTI-MALWARE 2012


  • Please log in to reply
3 replies to this topic

#1 Serp

Serp

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 09 June 2011 - 03:03 AM

I got in touch with a buddy of mine who is a comp tech with a large corporation and explained to him what my computer was doing and all and he told me I needed to get onto another computer and dl rkill and malwarebytes and use a thumb to run on the infected computer (this one I am writing from). While I was searching for them, I found your walkthrough and followed it and was able to get my computer back.
After I got it back, Malwarebytes found 7 items and removed them, I ran it again after reboot, and it found 2 more... I was unable to get automatic updates to turn back on. So I went to windows update and tried to update manually... it errored out on me. So I contacted microsoft and they emailed me back with a list of solutions listed below. I did the first one and was able to turn auto update back on and go to windows update and update the computer.

But I still have issues... some sites will not open, and I downloaded Security Essentials and it errors out when I try to update its definitions. I emailed the tech at microsoft back about it, but I am not sure if they will help in this or not because all the tech suppost they provide is for windows update issues...

so if you have any tweaks or whatever to help me get my complete computer back, I would be most grateful. Thanks.

Here is the fixes the MS Tech sent me. the AU.INF fixed my Auto Update and Windows Update issues.

This error can be caused by one of the following factors:

 

1. The two registry branches of Automatic Updates are corrupted.

2. Some Windows Update engine files have not been registered.

3. The Automatic Updates service is not working properly.

 

We will address some of the more common causes of this issue. It is important that we attempt to connect to the Windows Update web site after each step to confirm whether the resolution has worked. This will prevent us from having to proceed with additional troubleshooting steps and provide us with valuable feedback to further develop our support resolutions for you and our future customers. Your assistance is greatly appreciated.

 

Suggestion 1: Restore two registry branches.

=================================

Let's repair the following two registry keys:

 

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\wuauserv

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WUAUSERV

 

1. Click "Start", click "Run", type: "Inf" (without quotations) and press "Enter". A folder will open.

2. Locate the file "au.inf", (you can type au to locate the file), right click it and choose "Install".

 

Note: The file extension ".inf" may be hidden; we may only see the file named "au".

 

3. The setup process will try to restore the registry branches automatically.  However, you may not receive any notification. If some files cannot be located automatically, we will be prompted to select the installation source. Please click "browse", and go to this location:

 

C:\Windows\ServicePackFiles\i386

 

If this folder is unavailable, please choose the folder "C:\Windows\System32".

 

4. Please restart the computer.

 

Now try Update to see if the issue has been resolved. Please let us know if this step has resolved it. If not, please proceed to the next step.

 

Suggestion 2: Re-register the Windows Update engine files.

============================================

By trying this step, we can check the update engines.

 

1. Close all instances of Internet Explorer.

2. Click "Start" and "Run", type "REGSVR32 ATL.DLL" (without quotations) in the open box and click "OK".

 

Note: There is a space between REGSVR32 and ATL.DLL

 

3. Register the files listed below:

 

REGSVR32 MSXML3.DLL

REGSVR32 WUAPI.DLL

REGSVR32 WUAUENG.DLL

REGSVR32 WUAUENG1.DLL

REGSVR32 WUPS2.DLL

REGSVR32 WUCLTUI.DLL

REGSVR32 WUPS.DLL

REGSVR32 WUWEB.DLL

REGSVR32 QMGR.DLL

REGSVR32 QMGRPRXY.DLL

REGSVR32 JSCRIPT.DLL

 

If you are using the Microsoft Update Site, please register the following files as well

 

REGSVR32 MUCLTUI.DLL

REGSVR32 MUWEB.DLL

 

Note: Please register all the files. While registering each .DLL file you should get a "succeeded" message. If any error message is encountered , please let me know the exact wording. Some .DLL files are not necessary in some specific operating system, therefore please let me know if some files cannot be found. I will help you to double check it.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 56,551 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:07:32 AM

Posted 09 June 2011 - 07:17 AM

System manufacturer and model?

I guess that I have to wonder...how you can assert that the system is no longer infected.

I would suggest posting in the Am I Infected forum...once cleared there, I would do either a repair install of XP (my preference) or try running the sfc /scannow command.

That approach eliminates malware first, then Windows as possible culprits.

Louis

#3 Serp

Serp
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:32 AM

Posted 09 June 2011 - 12:33 PM

I have already ran SFC /scannow. gave no issue.
reason i assume I am clean is because both malwarebytes and MS security essentials find nothing when completing a full scan. And I did run MWB flash scan too. I am assuming I now have files that need replaced/repaired that the infection damaged or whatever at this point.

#4 spc3rd

spc3rd

  • Members
  • 292 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Mid-Atlantic region (USA)
  • Local time:09:32 AM

Posted 10 June 2011 - 02:43 PM

Hi Serp,

Have you tried doing a System Restore to a point prior to the infection occurring? (If you already have, then please pardon my suggestion).

spc3rd

Dell Optiplex 755 Desktop | Win 7 Pro, SP 1, 64-bit | Intel Core 2 Duo, 3.00 gHz CPU | 8 GB RAM | 400 GB Seagate SATA HDD | Outpost Security Suite Pro | MBAM Premium 2.0 | Spywareblaster | SAS (on-demand) | Blocklist Pro | IE 11 & FF w/ NoScript | Disconnect | Adblock Plus | Flagfox





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users