Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › Stealthy Windows Update KB970158
New Posts  All Forums:Forum Nav:

Stealthy Windows Update KB970158

post #1 of 7
Thread Starter 
In March of 2011 Windows Update KB970158 installed on my Vista 32 bit Home Premium laptop without my permission. When I restored the computer to 3 days before the installation it was still not removed.

In the "details" tag that comes along with the update there is an invalid microsoft link and the link is structured unlike other KB updates I have viewed.
Normally a KB info link is
http://support.microsoft.com/kb/2505189 which works
The link for KB970158 is this
http://support.microsoft.com/?kbid=970158 which doesn't work
Plugging the stealthy KB number into the good link structure
http://support.microsoft.com/kb/970158 also doesn't work

There is no record of this update on the MS website and googling doesn't give any good info, just a lot of folks with the same problem. It reinstalled 04 April 2011 (according to my Contol Panel Remove Installed Updates Window), but the record of installed updates shows an additional installation date of 22 March 2011

Here are the details from the 2 installs I have on my computer now

Update for Windows (KB970158)
Installation date: ‎3/‎22/‎2011 9:00 AM
Installation status: Successful
Update type: Important
Kernel-Mode Driver Framework
More information:
http://support.microsoft.com/?kbid=970158
Help and Support:
http://support.microsoft.com


Update for Windows (KB970158)
Installation date: ‎4/‎4/‎2011 1:23 AM
Installation status: Successful
Update type: Important
Kernel-Mode Driver Framework
More information:
http://support.microsoft.com/?kbid=970158
Help and Support:
http://support.microsoft.com


This time the install of KB970158 occurred with a batch of other updates, but it was not listed when it gave me a choice of updates to install.

Is this a valid update or some type of virus/spyware?

Why is the install of this particular update stealthy?

If this is a valid update why is there not a KB article on it?

On the internet there are many scattered reports of the unauthorized installation, no KB article and no one with any reasonable explanation for what is happening with this update.

Three replies from microsoft support were broken english instructions on how to view or remove updates, never addressing my concerns. In my last email to them I requested an escalation of the matter to someone who spoke english as a first language or that worked in America.

After talking to a tech for 2 days (overseas call center) the best they could do was refer me to answers.microsoft.com to a thread that I had put the last post on. They finally agreed to escalate the problem after admitting they did not know what it was and couldn't explain how it got past my Update permissions.

I went a second route with Microsoft, this time to a different overseas call center. I have a bit more hope these folks will follow through. It was paid microsoft support, but I informed them I was reporting a problem with a microsoft update or a possible malware masquerading as an update. After getting a few details from me the young woman transferred me to a different office. This woman asked a couple of pertinent questions, understood the problem, assigned me a control number, and said someone would call within a couple of days.

This update has now installed twice on my computer. March 22 2011 and April 4th 2011. both times it installed without my permission.

If anyone knows something about this update I would appreciate a heads-up

Mike
post #2 of 7
So you want to uninstall it?

try this site= http://www.sevenforums.com/tutorials/24373-windows-update-uninstall-update.html
post #3 of 7
It is probably the update they use to catch people using boot loaders to bypass windows Auth servers.
 
Problem Solver
(15 items)
 
 
CPUMotherboardGraphicsRAM
intel Core i5 3570k 4.5ghz 1.200v - 0.000 offset  Gigabyte z77X-UP4 TH Beta Bios F11C with lastes... Sapphire 7950 3GB GSkill 2x8gb 2400mhz 11-13-13-31 T2 @ 10-13-13-... 
Hard DriveCoolingOSMonitor
Crucial M4 128GB SSD SATA 3.0 M4-CT128M4SSD1 Corsair H80 v2i AIO liquid cooling Windows 10 Professional x64 47 inch Samsung LCD HD TV 
PowerAudio
Corsair 850w modular stock 
CPUMotherboardGraphicsRAM
C2Q Q6600 GO @ 3.2ghz 1.28 Gigabyte P35 DS3-L Pencil modded Nvidia 9800 GT 512mb 2x1gb Gskill 1066 5-5-5-15 & 2x1gb Gskill Pi 80... 
Hard DriveHard DriveOptical DriveCooling
Crucial m4 CT128M4SSD1 128GB SSD - OS Drive Samsung HD103UJ & SJ 1 Terabyte HDD LG 22x DVD burner Arctic Freezer Pro 2  
OSMonitorPowerCase
Windows 7 Pro SP1 x64 HannsG 27.5" Widescreen Red thingy 750w Single rail old raidmax from 1st build beat to death 
  hide details  
Reply
 
Problem Solver
(15 items)
 
 
CPUMotherboardGraphicsRAM
intel Core i5 3570k 4.5ghz 1.200v - 0.000 offset  Gigabyte z77X-UP4 TH Beta Bios F11C with lastes... Sapphire 7950 3GB GSkill 2x8gb 2400mhz 11-13-13-31 T2 @ 10-13-13-... 
Hard DriveCoolingOSMonitor
Crucial M4 128GB SSD SATA 3.0 M4-CT128M4SSD1 Corsair H80 v2i AIO liquid cooling Windows 10 Professional x64 47 inch Samsung LCD HD TV 
PowerAudio
Corsair 850w modular stock 
CPUMotherboardGraphicsRAM
C2Q Q6600 GO @ 3.2ghz 1.28 Gigabyte P35 DS3-L Pencil modded Nvidia 9800 GT 512mb 2x1gb Gskill 1066 5-5-5-15 & 2x1gb Gskill Pi 80... 
Hard DriveHard DriveOptical DriveCooling
Crucial m4 CT128M4SSD1 128GB SSD - OS Drive Samsung HD103UJ & SJ 1 Terabyte HDD LG 22x DVD burner Arctic Freezer Pro 2  
OSMonitorPowerCase
Windows 7 Pro SP1 x64 HannsG 27.5" Widescreen Red thingy 750w Single rail old raidmax from 1st build beat to death 
  hide details  
Reply
post #4 of 7
Thread Starter 
Quote:
Originally Posted by thetechfreak;13145342 
So you want to uninstall it?

try this site= http://www.sevenforums.com/tutorials/24373-windows-update-uninstall-update.html

Hi,
I'm not looking to uninstall it just yet. I want to understand what it is and why it gets around my permissions settings to let me choose.

Is it a valid update?
Why doesn't Microsoft have any info on it?
Why isn't their outsourced tech support able to explain what it is?
How does it get around my settings to let me choose what updates to install?

I have read a couple of places where Norton may be involved but I don't have Norton
post #5 of 7
Interesting. My pc had 16 updates just the other night I thought was odd but I really never looked into it. I'm also surprised not more forum members are discussing this. Says something.
    
CPUMotherboardGraphicsRAM
Pentium III @ 533MHz QDI Advance 10F lol 255MB 
Hard DriveOSPower
IDE TC Hamster wheel 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Pentium III @ 533MHz QDI Advance 10F lol 255MB 
Hard DriveOSPower
IDE TC Hamster wheel 
  hide details  
Reply
post #6 of 7
Quote:
Originally Posted by Damarious25;13152745 
Interesting. My pc had 16 updates just the other night I thought was odd but I really never looked into it. I'm also surprised not more forum members are discussing this. Says something.
Most Vista users on here may either have Windows Update completely disabled, or they might be using its default settings for Windows Update.
It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
It's a computer!
(19 items)
 
  
CPUMotherboardGraphicsRAM
i5-2500K @ 4.5GHz (1.368-1.384V fixed voltage) ASUS P8P67 EVO B3 (UEFI ver. 1850) GTX 780 ASUS DirectCU II (1228 / 6300, 1.180V) G.SKILL Ripjaws X 8GB (2 x 4GB) 1866MHz, CL9 
Hard DriveHard DriveHard DriveOptical Drive
250 GB Samsung 840 EVO (C:\) 250 GB Samsung 840 EVO (D:\) 150 GB WD VelociRaptor Samsung SH-S243N 24x DVD Burner 
Optical DriveCoolingOSMonitor
Samsung SH-S203N 20X DVD Burner Thermaltake Frio Win 7 Home Premium x64 SP1 Retail AOC G2460PG (24" 1920 x 1080 144Hz G-SYNC) 
KeyboardPowerCaseMouse
Filco Majestouch 104-key Cherry MX Blues w/NKRO Corsair HX650 (Bronze, ordered on 12-12-2009) CM 690 Intellimouse Optical (1.1A) 1000Hz polling rate 
Mouse PadAudioAudio
Basic, but premium round X-Fi Titanium HD Klipsch ProMedia 2.1 (with 16 AWG Monster Cable... 
  hide details  
Reply
post #7 of 7
Quote:
Originally Posted by micheal0156 
Is it a valid update?
Why doesn't Microsoft have any info
on it?
Why isn't their outsourced tech
support able to explain what it is?
I think it is legitimate.
They might have released this update to catch people trying to pirate Vista or something similar.

I think the customer service are just there to guide you on proceedings for your problems to be adressed.
They speak whatever comes on their screen when they search your query.
Probably got a blank screen.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › Stealthy Windows Update KB970158