Is this due to a virus?

I'm running WinXP and, of late, my MS Security Essentials antimalware program often fails to start when I boot up. I've checked that the service in Windows actually runs at bootup and it does. The BITS service is also running, or at least that's what services.msc shows. I can fix it by stopping the msse service and then restarting it (running in automatic mode) but it's a fag to have to do that almost every time I boot the machine up.

Also, I always do my updates to Windows manually, and now at the WU website the latest updates have become unobtainable. WU shows them but when I try to look at the details of each one, I get:

Server Error 404 File or Directory Not Found.

Oddly, a few of last month's that I don't particularly want or need to have are available, as is also the latest Malicious Software checker.

I've done full scans of my machine with both MSSE and the monthly Malicious Software checker available via WU and it all seems okay.

Have I picked up a virus, or is this a case of MSSE and/or Windows having become corrupted? I did notice a 'funny' when I was downloading files from the WU website on the last occasion, that being that the Windows Firewall changed temporarily to Off halfway through one of the installs.

Googling for it has produced a whole mix of possible explanations. Luckily, I've a backup image of my system partition to revert to, if necessary.

Why patch Windows manually? Turn Auto Update on ASAP.

Could be a virus, it could just be other borked things with the system though.

Before going further is this the only security program you have installed?

Check the Windows event log and find out why Security Essentials is failing to start.

Also look in the event log for any other errors or strange events.

What I'd recommend doing

1) Download AVG free antivirus
2) Uninstall Security Essentials
3) Reboot
4) Install, update, and run AVG
5) If no Virus found, presume you don't have a virus.
6) Remove AVG
(run system temporarily without any antivirus)
7) Check DNS settings in case they have been changed
8) Check HOSTS file in c:\windows\system32\drivers\etc - open in notepad and make sure it's fairly empty
9) Delete temporary files
10) Update IE to IE8.
11) Uninstall any unnecessary/suspect programs
12) go into msconfig > startup tab > uncheck anything suspect
13) Restart computer
14) Try running Windows Update again, download the entire lot
15) If no joy, post here, post the results of a Hijack this! file here / If seems OK, reinstall security essentials

In reply to a post by Zadeks:

Why patch Windows manually? Turn Auto Update on ASAP.

Yes, even if temporarily, as the Windows Automatic Update engine in XP is different from how the web browser one behaves and if that is borked then Automatic Updates might continue to work fine.

Are you running CCleaner ??

There is a known conflict - CCleaner can "accidentally" delete an MSE file and so stop it starting at the next boot up.

From the CCleaner start up screen, select applications and down at the bottom of the screen is a windows section. Make sure MS Antimalware is unchecked.

Just a thought.

Download, burn and boot from the Kaspersky Rescue Disk. Update the definitions and run a full scan.

I suggest you run this latest free AV from Sophos :- http://nakedsecurity.sophos.com/2012/06/13/do-not-pu...

It's not quick but is considered very thorough.

You should not have to modify any of your existing programs.

Is MSE failing to start, or is it just the tray icon not appearing?

I seem to recall that the icon can sometimes not be displayed even when MSE is actually running.

Sophos would need to have improved vastly over the last couple of months before I could recommend it. High levels of FP's coupled with average retrospective results don't do it for me.
Besides which, installing an AV on a possibly already infected system is not advisable as many trojans and rootkits will immediately disable it but allow it to throw clean results. The Kaspersky disk that I pointed to scans entirely offline and so can't (As yet anyway) be affected by resident malware.

The Falcon4 UBCD contains amongst many other utilities, an offline and updateable version of SuperAntispyware. This is also well worth keeping in the toolbox.

I'm grateful for all the suggestions but I wish individuals would stick to the question I've actually posed - Is that particular error message an indication of a virus infection? Diving off into all sorts of criticisms of the way I operate and giving all sorts of suggestions for alternative antivirus apps isn't actually going to help me with the problem in hand. Believe me, I've been through many antivirus programs and firewalls in my time and I'm not going to change again.

Following system bootup, the MSSE icon in the systray now invariably shows as red (disabled). Indeed, if I then open MSSE, I can do nothing with it at all. The MSSE service is running - or at least apparently so, at that point - and I can correct the icon and re-enable MSSE by stopping the service then restarting it.

With the Windows Update service, I can get in to the service and the website lists to me its recommended updates based on a scan of my machine and normally I can click on the details of each and find out whether there are any potential issues with any of them before I download them (as indeed occasionally there are, if only some of you really knew), but now when I do that I get the aforementioned error message.

I strongly suspect that the malfunctioning of MSSE and the WU website are linked. Either I've picked up a virus or conceivably one or more control files common to both of them have become lost or damaged. Since posting this query I've in fact checked the respective dates of when I recall one of the MSSE downloads only half working and then me having to abort it, and the date when a crucial server in my ISP's network endured a sustained DoS attack and completely crashed. The attack caused strange up/down status of the Internet, seen from my and other users' end. The Internet was then completely unavailable to me for over 24 hrs. They're the same dates. The ISP has since apologised for the havoc and loss of service that was caused.

Although MSSE and WU have their own separate installers, it might well be that the aborting action I performed - the MSSE definition download started but never completed when the Internet connection (beyond the exchange) failed - caused a corruption of MSSE. I first began noticing the systray icon anomoly a day or so after. Normally, due to the way in which apps and utilities load at bootup, MSSE is momentarily disabled at bootup but then becomes enabled.

I'll give WU another quick try but I think my best recourse will be to restore from a partition backup that I keep. Thanks for your indulgences in this.