Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

RE: windows updates download but won't install

0 views
Skip to first unread message

donna

unread,
Oct 30, 2009, 11:35:01 PM10/30/09
to
On a fluke, I read that one of the symptoms of having the downadup worm is
that it disables Windows Update. I downloaded the tool and ran it, and sure
enough, I was infected. I was shocked. Try downloading the tool...it's a
quick scan as opposed to a whole system scan. Mine wouldn't install either.
http://www.bitdefender.com/VIRUS-1000462-en--Win32.Worm.Downadup.Gen.html

"Alan279" wrote:

> I recently upgraded a workstation on a server 2003 domain to Win XP pro from
> Win 200 Pro. All seems fine except updates won't install. I have downloaded
> them manually but they will not install. I have also downloaded and installed
> other software (IE7 with no problem) Any ideas??
> --
> PC Doctor
> Canada

MowGreen

unread,
Oct 31, 2009, 2:53:58 PM10/31/09
to
Donna,

The monthly release of the Windows Malicious Software Removal Tool has
had that worm in it's definitions since Jan 08, 2009:
http://support.microsoft.com/kb/890830

Win32/Conficker -
https://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Win32%2fConficker

Aliases

*
* TA08-297A (other) CVE-2008-4250 (other)
* VU827267 (other)
* Win32/Conficker.A (CA)
* Mal/Conficker-A (Sophos)
* Trojan.Win32.Agent.bccs (Kaspersky)
* W32.Downadup.B (Symantec)
* Trojan-Downloader.Win32.Agent.aqfw (Kaspersky)
* W32/Conficker.worm (McAfee)
* Trojan:Win32/Conficker!corrupt (Microsoft)
* W32.Downadup (Symantec)
* WORM_DOWNAD (Trend Micro)
* Confickr (other)

IF you had allowed it's initial installation and the monthly updates to
it via Automatic|Windows Updates then your system would not have been
affected by this worm in the first place.

And, even more importantly, if the KB958644 Security update that
addressed the vulnerability had been installed in *OCTOBER of 2008*,
then the worm would *never* have infected your system:

Microsoft Security Bulletin MS08-067 – Critical
Vulnerability in Server Service Could Allow Remote Code Execution (958644)
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx


MowGreen
===============
*-343-* FDNY
Never Forgotten
===============

banthecheck.com
"Security updates should *never* have *non-security content* prechecked"

0 new messages