On the 4/19 the virus software we use falsely detected the system file wmiprvse.exe as a virus/malware threat. The specific detection reported the file as Backdoor.Win32.Agent.afqs. This happened on at least three of our workstations. Some research on the web shows that more than one virus company had the same problem at around the same time which makes me wonder what happened.
While we were able to recover the file, some things just weren’t right. The biggest problem ended up being with Windows Update. When going to the site, it would simply hang on the part where it was checking your system for updates.
Investigation turned up mismatched versions of several of the wmi…. family of components. Presumabl this was due to an incorrect file being restored by the system after the false positive event. Trying to get it matched up correctly by had turned out to be problematic at best.
Finally I ran across an obscure post (sorry, I no longer have the link) where someone claimed that reinstalling a certain security patch from Microsoft fixed his problem. After going through the re-installation of this patch on the first affected machine, it indeed worked!
The post referred to the MS09-12 securyt bulletin from Microsoft. Most of the page refered to using Microsoft or Windows update to install the patch, which of course was not possible. I was able to track down the direct download link for the file and I thought I would post it here for posterity.