MS Update incorrectly warns of virus

Discussion in 'NZ Computing' started by Jonski, Nov 6, 2004.

  1. Jonski

    Jonski Guest

    My MS Update subscription is incorrectly (and insultingly, I must say)
    telling me I probably have or have had a virus, offering me the
    Mydoom, Zindos, and Doomjuice Worm Removal Tool (KB836528)

    The only reason it might flag the "virus" is that I have MS
    Taskmon.exe in the windows folder. NOT the one in the %system% folder
    that is a symptom of Mydoom.

    I don't have and have never had a virus. I currenlty run 98se,
    Zonealarm and Nod32, practise safe sex, wear sunglasses and manually
    check for viruses in all the common locations peridically. How can I
    stop M$ offering me this update that I don't need? And since when did
    M$ become an av vendor?

    Thanks in advance
    Jon
     
    Jonski, Nov 6, 2004
    #1
    1. Advertising

  2. In article <> in nz.comp on
    Sat, 06 Nov 2004 21:49:52 +1300, Jonski <!>
    says...
    > My MS Update subscription is incorrectly (and insultingly, I must say)
    > telling me I probably have or have had a virus, offering me the
    > Mydoom, Zindos, and Doomjuice Worm Removal Tool (KB836528)
    >
    > The only reason it might flag the "virus" is that I have MS
    > Taskmon.exe in the windows folder. NOT the one in the %system% folder
    > that is a symptom of Mydoom.
    >
    > I don't have and have never had a virus. I currenlty run 98se,
    > Zonealarm and Nod32, practise safe sex, wear sunglasses and manually
    > check for viruses in all the common locations peridically. How can I
    > stop M$ offering me this update that I don't need? And since when did
    > M$ become an av vendor?


    Since they bought RAV.
     
    Patrick Dunford, Nov 6, 2004
    #2
    1. Advertising

  3. Jonski

    Enkidu Guest

    On Sat, 06 Nov 2004 21:49:52 +1300, Jonski
    <!> wrote:

    >My MS Update subscription is incorrectly (and insultingly, I must say)
    >telling me I probably have or have had a virus, offering me the
    >Mydoom, Zindos, and Doomjuice Worm Removal Tool (KB836528)
    >
    >The only reason it might flag the "virus" is that I have MS
    >Taskmon.exe in the windows folder. NOT the one in the %system% folder
    >that is a symptom of Mydoom.
    >
    >I don't have and have never had a virus. I currenlty run 98se,
    >Zonealarm and Nod32, practise safe sex, wear sunglasses and manually
    >check for viruses in all the common locations peridically. How can I
    >stop M$ offering me this update that I don't need? And since when did
    >M$ become an av vendor?
    >

    Run an online check. If you are affected with a virus that disables
    your AV this will tell you that you are infected. You should not just
    rely on installed products to check for viruses, torjans and so on.

    Cheers,

    Cliff
     
    Enkidu, Nov 7, 2004
    #3
  4. Jonski

    joe_90 Guest

    Jonski wrote:
    > My MS Update subscription is incorrectly (and insultingly, I must say)
    > telling me I probably have or have had a virus, offering me the
    > Mydoom, Zindos, and Doomjuice Worm Removal Tool (KB836528)


    Same here.

    http://vil.nai.com/vil/content/v_100988.htm

    "The worm overwrites the local hosts file to prevent infected computers
    from accessing specific sites."

    My suspicion is that MS are simply looking for a modified hosts file.

    If you are sure you are not infected, just hide the suggested update.

    Not very elegant, and I agree that it is somewhat insulting.
     
    joe_90, Nov 7, 2004
    #4
  5. Jonski

    Jonski Guest

    On Sun, 07 Nov 2004 13:21:00 +1300, Enkidu <> wrote:

    >Run an online check. If you are affected with a virus that disables
    >your AV this will tell you that you are infected. You should not just
    >rely on installed products to check for viruses, torjans and so on.


    Don't worry Cliff, I'm not affected with a virus. As I said, I've got
    Nod32, which is pretty damn good, and I manually check the registry,
    ini files, autoexec.bat, startup etc. I used the Syphos description of
    the infection and went through all the things the virus could have
    done, and none of them were on the PC. I'm not promiscuous with the PC
    so there's no real chance I've caught a virus recently.

    I won't run an online check for the same reason I don't want to
    download M$'s tool- I don't need it.

    Cheers
    Jon
     
    Jonski, Nov 7, 2004
    #5
  6. Jonski

    Jonski Guest

    On Sun, 07 Nov 2004 14:40:40 +1300, joe_90
    <joe_90@invalid_address.com> wrote:

    >Same here.
    >
    >http://vil.nai.com/vil/content/v_100988.htm
    >
    >"The worm overwrites the local hosts file to prevent infected computers
    >from accessing specific sites."
    >
    >My suspicion is that MS are simply looking for a modified hosts file.
    >
    >If you are sure you are not infected, just hide the suggested update.
    >
    >Not very elegant, and I agree that it is somewhat insulting.


    Hmmm. My hosts file is non-existant, and hosts.sam hasn't been
    modified from the default. I don't have any of the registry entries or
    files listed as signs of infection. I'm stumped.

    And, unfortunately, M$ doesn't let you switch off critical updates.

    Think I'll take this up in a M$ newsgroup. Sigh.

    Cheers
    Jon
     
    Jonski, Nov 7, 2004
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Disk Space being incorrectly reported

    , Dec 16, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    1,874
  2. Rud

    IE handling file extensions incorrectly.

    Rud, Feb 1, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    482
    °Mike°
    Feb 1, 2004
  3. numberonepipboy

    usb flash pen incorrectly recognise

    numberonepipboy, Jul 15, 2004, in forum: Computer Support
    Replies:
    1
    Views:
    457
    Paul - xxx
    Jul 15, 2004
  4. Chris
    Replies:
    22
    Views:
    1,675
    Barry Margolin
    Jun 17, 2006
  5. =?Utf-8?B?YWxwaGFtYWxlMzAz?=

    Hard drive properties displayed incorrectly

    =?Utf-8?B?YWxwaGFtYWxlMzAz?=, Aug 2, 2006, in forum: Windows 64bit
    Replies:
    4
    Views:
    399
    Tony Sperling
    Aug 2, 2006
Loading...

Share This Page