<p><img src="http://images.thoughtsmedia.com/resizer/thumbs/size/600/dht/auto/1239327364.usr1.jpg" style="border: 1px solid #d2d2bb;" /></p><p>Running Windows Vista? Ever seen anything like this? Then you were probably as frustrated I am right now. For some odd reason, one of my computers one morning this week alerted me to the fact that it was lacking anti-spyware protection. I hadn't changed any settings, and Windows Defender was still installed. I don't run anti-virus software on this computer (well, any of my computers), so the "Not Monitored" setting is normal. What's strange about this problem is that clicking Update Now to update Windows Defender results in...nothing. I'll get a User Account Control prompt, but nothing else will happen. Windows Defender will still do a scan, but it has the yellow exclamation mark on the system tray icon telling me it's out of date. This seems like it's related to some sort of broken Windows Update functionality, but the manifestation of the black sidebar is the curious part.</p><p>When this problem happened I did a System Restore, going back as far as I could (which was seven days - anyone else noticed that Vista's System Restore doesn't go back as far as XP did?) and, bizarrely, it didn't fix the problem. That's unusual because the problem happened a few days ago, so the earlier System Restore points should have done the trick. I had this problem happen months ago, and System Restore fixed it - I'm not so fortunate this time. I've done a fair bit of Google searching and I can't find anyone else referencing it - though that could be a matter of syntax on my part. Every search I do that includes the word "black" gets me "black hat" security results.</p><p>I'm stumped. Any ideas for me to try?</p>

Conflicker? Have you run a virus scan? Can you hit symantec.com and the like? Some of the symptoms seem quite sinister.

No WHS backups?

Yeah, Curious, why no virus scan?

Jason,
I would bet that this is conficker or something similar. I am a sysadmin and had a similar incident on PC that I am responsible for. It was running AV and spyware but still had something because it would not update and was just doing strange things. It had to be reloaded. From what I have heard from my security department is that there are some strange worms out lately that are not being caught by any of the Scanners that they were using...

I would reload with a WHS backup image if you have one...

Thanks J...

Yeah, that sounds like Conficker - it deletes old system restore points and disables automatic updates and some other services.
I'll tell you, one good blog to keep on the blog/rss roll is the Microsoft Malware Protection Center (http://blogs.technet.com/mmpc/), which has been keeping track of the various branches of Conficker and such...

I'd bet money it is a data file that is messed up, which is why a SR didn't fix it. SR's rarely replace data. I had a situation a few years ago with XP where WMP wouldn't launch - just kept crashing. an SR didn't fix it. It was frustrating enough I called MS and they instantly knew what happended. It was WMP8 or WMP9 (don't remember which one) and it stored 100% of its settings, including playlists, in a huge database. It got corrupted and I lost all settings. I had to delete the database and WMP ran fine after that, just had to recreate dozens and dozens of playlists.

WMP still uses that database but for far less. Most things, like playlists, are now in user settings.

All of that to say, some database is probably hosed and an SR won't fix it. My gut says it isn't conficker. I am assuming your machine is up to date on patches. SHould be safe. AV not needed to protect from Conficker.

Conflicker? Have you run a virus scan? Can you hit symantec.com and the like? Some of the symptoms seem quite sinister.

Yeah, I can hit Symantec, and I also did a online-based AV scan (Housecall). As I suspected, no hits. I wasn't expecting any - it's a fully patched Vista SP1 system, and I rarely browse the Web with it. It's hooked up to my 26" LCD TV and records TV shows for me...

No WHS backups?

I could have done that, but it would have created a bit of a disaster with my media...I'd honestly rather limp along with a half-broken system than have to merge two different media libraries. It's a good reminder to me though to shift some media off the C: drive and make it more of a system drive rather than system + media.

Yeah, Curious, why no virus scan?

This is probably best explained by a front page post, but the short version is that I don't feel like I need AV protection. I haven't run into a virus on any of my systems in almost a decade now. Am I just lucky? Maybe...but just like real life, most viruses hit the user from a combination of risky behaviour and poor decision making. I don't download software, music or movies from P2P network. I don't visit...dubious Web sites. Most viruses/spyware hits users from socially-engineered angles - tricking users into running EXE files, etc. I'm experienced enough to avoid those types of things (thus far at least).

For me it basically boils down to not wanting to have system performance-sucking software installed on my machines. I want every Mhz of performance that I paid for. The new Norton 2009 package has made me re-consider this stance though - I've played with it on a netbook and it's quite light.

And it's not like I'm completely without protection: I use Firefox as my main browser, have Windows Defender on every PC, am behind a hardware Firewall, and Windows Firewall is active on every PC.

OK, maybe that wasn't so short. :D

Yeah, that sounds like Conficker - it deletes old system restore points and disables automatic updates and some other services.

I'm definitely no expert on Conficker, but the old system restore points weren't deleted - they worked, but didn't fix this particular problem. I had a file on my desktop before the system restore, and after the restore, it was gone - so it definitely changed my system. Though I could have sworn that System Restore wasn't supposed to delete files...

When I get home (I'm not there now) I'll start to poke around on the system services.

All of that to say, some database is probably hosed and an SR won't fix it. My gut says it isn't conficker. I am assuming your machine is up to date on patches. SHould be safe. AV not needed to protect from Conficker.

Yeah, that makes sense. Until this happened, it was 100% up to date on patches.

Have you tried running System File Checker using an elevated command prompt?
This is the command to run: sfc /scannow

Have you tried running System File Checker using an elevated command prompt?

Good idea - I hadn't thought of that...running it now.

UPDATE: "Windows Resource Protection did not find any integrity violations."

:(

So interestingly enough, this week was "patch Tuesday" and my troublesome machine got and applied all the updates. No problems noted...it looks like it's *just* Windows Defender that's screwed up. Makes me think that its database is corrupted somehow. I can't explain how/why the sidebar is all black though... :(

Well, I'm stumped as to why it went black. (Well, probably not because black is back :) )

The last solution is I could find is the solution that worked for me when the dial-up portion became corrupt in Vista. That solution is to reinstall Vista: http://www.vistax64.com/tutorials/88236-repair-install-vista.html

That solution is to reinstall Vista...

Ah yes, that ol' "fix". :rolleyes: I'm just going to limp along until Windows 7 comes out - then it would all get re-formated anyway. It's not like my system is doing anything strange other than this, so it's not a big deal...I just don't like having anything "broken" on my systems. :)