Jump to content

Windows Update for ME?


saturndude
 Share

Recommended Posts

Hello,

Recently I removed a bunch of nasty stuff from a friend's computer (Presario 7470, 533 MHz AMD, 192 MB RAM). Adware.Hotbar, and I think she also had a LOP/Virtumundo infection. Her machine came with 98, but she has installed Windows ME on it.

I disconnected it from the Net in my basement, and ran anti-spyware tools. I used linux to delete the bad files (I was feeling creative). Then I put the drive back in her Windows box to remove the spyware's registry entries (along with specialty tools like Spybot S&D).

After I disinfected, I put in the last free version of Kerio, the HP Hosts file, IE-SPYad, the free version of AVG, and of course I removed Uncle Bill's Java and put in Sun Java. So far, it is a pretty standard cleanup for me.

After I delivered it to her house, I updated AVG and initiated another scan. It found a few things (AVG classified them as a rootkit IIRC) that were not found while scanning at my house a few days before. Four items were found in windows\system, I believe, and four were on D:, the un-hidden rescue partition (that had hardware drivers, Win 98 files, MS Works, and other files in ZIP or cabinet form).

One of the first things that happened after I restarted in her house was that Kerio gave a warning about what seemed to be a real Windows Update process trying to access a legit MS site, so I let it access the Net.

I don't have a lot of experience with ME (well, none basically). Did ME have WU turned on by default, or was this a piece of spyware that tricked me into letting it re-download the pieces that I had deleted?

Should I bring the PC back to the test bench and use another combination of tools (hardware firewall with NAT and logging, different brand of software firewall, process tools, etc.) to investigate further? BTW, I ran rootkit revealer during the cleanup, but I was not really sure how to interpret the results.

(If it is a rootkit, I will urge her to re-format and switch to a microATX with a close-out Sempron 3000 or something. I installed a new PSU, and her case is still good, so it could be done for little cost.....)

Who has experience with ME and WU? Thanks in advance for your help!

Edited by saturndude
Link to comment
Share on other sites


I don't have a lot of experience with ME (well, none basically). Did ME have WU turned on by default, or was this a piece of spyware that tricked me into letting it re-download the pieces that I had deleted?

Windows ME was one of the first Microsoft OSes to deal with Windows Update. Which means there probably is a legitimate automatic update process on the computer somewhere.

"WUAUBOOT" or "-AUMagic" will indicate Microsoft Automatic Update processes.

Link to comment
Share on other sites

I don't have a lot of experience with ME (well, none basically). Did ME have WU turned on by default, or was this a piece of spyware that tricked me into letting it re-download the pieces that I had deleted?

Windows ME was one of the first Microsoft OSes to deal with Windows Update. Which means there probably is a legitimate automatic update process on the computer somewhere.

"WUAUBOOT" or "-AUMagic" will indicate Microsoft Automatic Update processes.

Hi Guys!

For reference, I keep a running Windows ME computer handy. I just fired it up and.....

Yes ME had the Automatic Updates app in the Control Panel just like XP does.

And YES you can shut it OFF, just like in XP. See the photo:

A_Update.jpg

MS dumped both 98 and ME some (long) time back so just shutting it off ain't gonna hurt nuttin'. :whistle:

You don't have to delete any files.

I just upgraded a computer that I built back in 2000 with ME on it.

I installed a higher wattage PSU, added more ram (512 megs) and then installed Windows XP-Pro/SP2.

That 7 year old PC is now running XP as good as many new computers running Vista.

Cheers Mates and wishing you all a very Merry Christmas!

Andromeda43 B)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.


×
×
  • Create New...