Recently, there have been a rash of "fake antivirus" viruses and trojans floating around the internet. Two of the more frustrating issues:
- Why are all my icons hidden?
- Where the heck did my Automatic Updates service go?
- Why am I getting Windows Update Error 0x80072EFE?
The icons hidden one is fairly benign and relatively easy to resolve:
1. Open Windows Explorer.
2. Select Tools > Folder Options.
3. Select the View tab.
4. Select the Show hidden files and folders radio button and click OK.
5. From Windows Explorer, navigate to C:\.
6. Right-click on the folder "Documents and Settings" and click Properties.
7. Clear the "Hidden" checkbox.
8. When prompted, choose to apply to all subfolders and files.
As far as the Automatic Updates issue goes, it's a little trickier. These particular strains of malware do everything from unregister DLLs to removing the Windows Update service altogether. Most of the time, the solution involves one or more of the following tasks:
- Re-registering the WUAU DLLs
- Re-registering Internet Explorer DLLs
- Deleting the cached update downloads
- Resetting the cryptographic service database
Copy/paste the following script into Notepad and save it as a .bat file:
net stop wuauserv /y
net stop bits /y
net stop cryptsvc /y
ren %systemroot%\system32\catroot2 catroot2_old
rd /s /q %systemroot%\SoftwareDistribution
regsvr32 /s actxprxy.dll
regsvr32 /s atl.dll
regsvr32 /s browseui.dll
regsvr32 /s cdm.dll
regsvr32 /s cryptdlg.dll
regsvr32 /s dssenh.dll
regsvr32 /s gpkcsp.dll
regsvr32 /s initpki.dll
regsvr32 /s iuengine.dll
regsvr32 /s mshtml.dll
regsvr32 /s msxml.dll
regsvr32 /s msxml2.dll
regsvr32 /s msxml2r.dll
regsvr32 /s msxml3.dll
regsvr32 /s msxml3r.dll
regsvr32 /s msxmlr.dll
regsvr32 /s oleaut32.dll
regsvr32 /s qmgr.dll
regsvr32 /s rsaenh.dll
regsvr32 /s sccbase.dll
regsvr32 /s shdocvw.dll
regsvr32 /s slbcsp.dll
regsvr32 /s softpub.dll
regsvr32 /s urlmon.dll
regsvr32 /s wintrust.dll
regsvr32 /s wuapi.dll
regsvr32 /s wuaueng.dll
regsvr32 /s wuaueng1.dll
regsvr32 /s wuauserv.dll
regsvr32 /s wucltui.dll
regsvr32 /s wups.dll
regsvr32 /s wups2.dll
regsvr32 /s wuweb.dll
net start cryptsvc
net start bits
net start wuauserv
Run. The "Automatic Updates" service should now be visible in the Services applet.
Showing posts with label windows xp. Show all posts
Showing posts with label windows xp. Show all posts
Wednesday, July 20, 2011
Thursday, December 9, 2010
How to Join Windows XP Media Center to a Domain
During an SBS deployment, I ran into a few machines at my customer's site that were running Windows XP Media Center Edition (MCE). As most of you know, the only machines that are technically eligible to join a Windows domain are "Business" class operating systems, such as Windows XP Professional, Windows Vista Business, Windows Vista Enterprise, Windows 7 Professional and Windows 7 Enterprise (although not technically "business" class, Windows Vista/7 Ultimate Editions are also able to join domains, since they're supposed to be everything-but-the-kitchen-sink editions).
And, as luck would have it, the customer has critical LOB applications installed on these machines and some other pieces of legacy software for which the media is no where to be found, so a fresh install with Windows XP Professional media is out of the question.
No problem, right? I've upgraded dozens of Windows XP Home PCs to Windows XP Professional for this exact reason. I pop some newly acquired Windows XP Professional with SP3 "Get Genuine" media (designed for those folks that have potentially illegitimate Windows versions); the upgrade is going well until ... the part where I enter the license key. It won't take it, even though I know it's valid (tested against an XP Home machine in the same office).
While trying to find a reason why I can't upgrade, I stumble upon another blog with some basic instructions on how to join XP MCE to a domain. The first step the author lists is to install the Windows XP Recovery Console; I run the command and restart ... and ... bluescreen.
I turn to my trusty recovery tools disc (which has gotten me out of more tight spots than you can imagine) and boot to a WinPE shell which has a bunch of great tools loaded, including RegEdit PE.
To perform this feat of amazement yourself:
1. From a WinPE installation, launch RegEdit PE, point it to the Windows installation director, and load up the registry hives.
2. Navigate to HKEY_LOCAL_MACHINE\_REMOTE_SYSTEM\WPA\MedCtrUpg.
3. Double-click the value IsLegacyMCE.
4. Change the '0' to a '1'.
5. Close RegEdit PE and restart the machine into Windows.
6. Join domain.
And, as luck would have it, the customer has critical LOB applications installed on these machines and some other pieces of legacy software for which the media is no where to be found, so a fresh install with Windows XP Professional media is out of the question.
No problem, right? I've upgraded dozens of Windows XP Home PCs to Windows XP Professional for this exact reason. I pop some newly acquired Windows XP Professional with SP3 "Get Genuine" media (designed for those folks that have potentially illegitimate Windows versions); the upgrade is going well until ... the part where I enter the license key. It won't take it, even though I know it's valid (tested against an XP Home machine in the same office).
While trying to find a reason why I can't upgrade, I stumble upon another blog with some basic instructions on how to join XP MCE to a domain. The first step the author lists is to install the Windows XP Recovery Console; I run the command and restart ... and ... bluescreen.
I turn to my trusty recovery tools disc (which has gotten me out of more tight spots than you can imagine) and boot to a WinPE shell which has a bunch of great tools loaded, including RegEdit PE.
To perform this feat of amazement yourself:
1. From a WinPE installation, launch RegEdit PE, point it to the Windows installation director, and load up the registry hives.
2. Navigate to HKEY_LOCAL_MACHINE\_REMOTE_SYSTEM\WPA\MedCtrUpg.
3. Double-click the value IsLegacyMCE.
4. Change the '0' to a '1'.
5. Close RegEdit PE and restart the machine into Windows.
6. Join domain.
Subscribe to:
Posts (Atom)