Posted 24 October 2008 - 12:40 AM
You all were a tremendous help to me in getting rid of a particularly nasty piece of spyware a few years ago. I hope you'll be able to help me again.
I've searched the forums to see if my problem has already been addressed, but I've been unable to find anything. I hope I'm posting this in the right place.
I run WinXP Home SP2. I keep Windows Update set to notify me when updates are available, but not to install them.
Well, the other night, my firewall sprang to life and told me Windows Update was trying to access the Internet. I denied it permission.
The next thing I knew, a box popped up that said SP3 had been downloaded and that a reboot was necessary to complete installation. It asked if I wanted to reboot then or later. I clicked later, because I'm definitely not interested in SP3. I've heard too many bad things about it.
When I checked my Windows Update setting, I found that it had been changed to download updates automatically. I hadn't touched it, and I'm the only one who uses this computer.
I then went scrambling around looking for help. I found a Microsoft Knowledge Base article that said to disable reboot via the registry: HKEY_LOCAL_MACHINE-->Software-->Microsoft-->Windows-->CurrentVersion-->WindowsUpdate-->AutoUpdate, delete Reboot key. (It might have been the AutoReboot key -- I don't exactly remember -- if was after 3am when all of this started and I was very tired.) Anyway, that's what I did.
Now, every time I shut down my computer I get an option to either install SP3 or shut down without installing it. Obviously, I choose the second one.
So SP3 is still lurking on my HDD, ready to pounce. I believe I've found the folder that houses it: C:\Windows\SoftwareDistribution\download\1185bc01976431096846a9c917b224df. The date/time of this folder are identical to those of the incident I've described.
Here are my questions:
(1) Is there a way for me to safely remove all parts of the SP3 download from my HDD?
(2) If so, is there a way to restore the reboot key to the registry? (All Microsoft said to do before deleting the key was to back up the registry by creating a Restore Point, so that's what I did. But using it won't solve my SP3 problem.)
(3) If neither 1 nor 2 is possible, will I still be able to download security patches that require a reboot without risking installing SP3 along with them? In fact, will I ever be able to reboot again, period?
If I ever get this taken care of, I'll be turning automatic updates completely off (with any luck, they'll stay off) and checking for updates manually. That's much preferable to having this kind of thing foisted on me. I find it more than a little unnerving that my Windows Update setting was not only changed without my knowledge, it was able to override my firewall permissions.
Thanks in advance for any help you may be able to give me.