Author Topic: XP users alert re BSODs  (Read 13269 times)

0 Members and 1 Guest are viewing this topic.

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8788
Re: XP users alert re BSODs
« Reply #15 on: February 13, 2010, 02:35:53 AM »
No problem on my XP Pro system.  8)

Just a short while for the 2010 Winter Games to start.
« Last Edit: February 13, 2010, 02:39:37 AM by YoKenny »
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS

Offline jeffj4873

  • Jr. Member
  • **
  • Posts: 80
Re: XP users alert re BSODs
« Reply #16 on: February 13, 2010, 02:58:50 AM »
Iget an occasional BSOD but nothing like described, Apparently do have that patch installed.

Offline MikeBCda

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2251
Re: XP users alert re BSODs
« Reply #17 on: February 13, 2010, 07:58:22 PM »
I updated last night, and 977165 was included.  But so far, no problems.

I think I saw somewhere that there's some evidence that the BSOD associated with this patch may only affect systems infected with a particular trojan, I forget which one.
Intel Atom D2700, 2 gig RAM, Win 7 x64 SP1 & IE-11, Firefox 51.0
(default). 320 gig HD, 15Mb DSL, Win firewall, Avast 12.3.2280 free, SpywareBlaster, MBAM Prem., Crypto-Prevent

Offline waking

  • Sr. Member
  • ****
  • Posts: 365
Re: XP users alert re BSODs
« Reply #18 on: February 13, 2010, 08:55:41 PM »

Offline waking

  • Sr. Member
  • ****
  • Posts: 365
Re: XP users alert re BSODs
« Reply #19 on: February 13, 2010, 09:14:32 PM »
I notice that the VirusTotal report:

http://www.virustotal.com/analisis/85aa49f587f69f30560f02151af2900f3dc71d39d1357727ab41b11ef828a7ff-1265925529

referenced in the last PC World article I posted indicates that avast! 4.8 (1351? - not the latest!)
with VPS 100211 does NOT detect the bad atapi.sys file. Does anyone know whether or not
avast! 5.0.418 will catch it?

Offline news

  • Full Member
  • ***
  • Posts: 173
Re: XP users alert re BSODs
« Reply #20 on: February 13, 2010, 09:26:27 PM »
Loving all of these *great* links you're posting waking. Thanks so very much. I would guess Vlk and his crew would have to answer the latest problem with the atapi system file issue. I haven't had a problem in that area..yet. 

I do know however, avast! alerted me to a sign of the aurora exploit on one of my test systems. I was VERY happy to see avast! let me know of that during my travels and testing on the internet.  :o ;)

Offline Rick F

  • Poster
  • *
  • Posts: 419
  • _______
Re: XP users alert re BSODs
« Reply #21 on: February 13, 2010, 10:17:43 PM »
I just checked my version of atapi.sys (dated 8/10/2004) at VirusTotal and it's clean. I wonder if it would be safe for me to run the 'workaround' M$ recommends to stop the vulnerability -- which the patch MS10-015 (KB977165) was designed to plug?  I mean to run the "Fix It" they talk about here:

Vulnerability in Windows Kernel could allow elevation of privilege
http://support.microsoft.com/kb/979682

Thanks.
Dell Dimension; Intel-core2 duo; WinXP Media Ctr; 2.8ghz - NTFS; 1-Gig Ram; NVIDIA GeForce 7300LE; Firefox 19.0.2; OE-6; ZA-7.0.302; avast 6.0.1367; / DropMyRights / MalwareBytes-Free / Symantec LiveState Recovery Desktop 6.0 / (using WOT), MVPS HOSTS file, SpywareBlaster, WinPatrol PLUS,

Offline DavidR

  • Avast √úberevangelist
  • Certainly Bot
  • *****
  • Posts: 83309
  • No support PMs thanks
Re: XP users alert re BSODs
« Reply #22 on: February 13, 2010, 10:30:55 PM »
Recently there was a whole slew of atapi.sys infection reports in the viruses and worms forum.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 1909 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 20.5.2415 (build 20.5.5410.561) UI-1.0.532/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro

Offline news

  • Full Member
  • ***
  • Posts: 173
Re: XP users alert re BSODs
« Reply #23 on: February 13, 2010, 10:55:01 PM »
I just checked my version of atapi.sys (dated 8/10/2004) at VirusTotal and it's clean. I wonder if it would be safe for me to run the 'workaround' M$ recommends to stop the vulnerability -- which the patch MS10-015 (KB977165) was designed to plug?  I mean to run the "Fix It" they talk about here:

Vulnerability in Windows Kernel could allow elevation of privilege
http://support.microsoft.com/kb/979682

Thanks.

Hi Rick..

I would say yes. Run the fix until Microsoft decides what they plan to do about the patch. It's better to have something in place, for now. You can always remove the fix when Microsoft decides to move on this issue. Be sure to bookmark the page where the fix comes from so that you will have the fix removal as well.  Hope this helps you.
« Last Edit: February 13, 2010, 11:06:13 PM by news »

Offline Rick F

  • Poster
  • *
  • Posts: 419
  • _______
Re: XP users alert re BSODs
« Reply #24 on: February 14, 2010, 08:24:10 PM »

Hi Rick..

I would say yes. Run the fix until Microsoft decides what they plan to do about the patch. It's better to have something in place, for now. You can always remove the fix when Microsoft decides to move on this issue. Be sure to bookmark the page where the fix comes from so that you will have the fix removal as well.  Hope this helps you.

Thanks news,

I went ahead and downloaded the 'fixit' and the 'unfixit' (just in case) so I won't have to go hunting for it later if I need it.  Ran the enable fix and it seems like it's fine.

Rick

Dell Dimension; Intel-core2 duo; WinXP Media Ctr; 2.8ghz - NTFS; 1-Gig Ram; NVIDIA GeForce 7300LE; Firefox 19.0.2; OE-6; ZA-7.0.302; avast 6.0.1367; / DropMyRights / MalwareBytes-Free / Symantec LiveState Recovery Desktop 6.0 / (using WOT), MVPS HOSTS file, SpywareBlaster, WinPatrol PLUS,

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8788
Re: XP users alert re BSODs
« Reply #25 on: February 15, 2010, 01:18:02 AM »
@ Rick F

Are you still running WinXP Media Ctr SP-2?

Windows XP Service Pack 3 has been available for over a year and a half that contains several Critical Security updates plus performance improvements.

You need to start Internet Explorer then go to Tools then Windows Update and download all of the available updates.

Go to Control Panel then Automatic Updates then select Automatic (recommended) or at least Notify me but don't automatically download or install them.

Go to Secunia Online Software Inspector then run it to see what other applications are vulnerable:
http://secunia.com/vulnerability_scanning/online
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS

Offline news

  • Full Member
  • ***
  • Posts: 173
Re: XP users alert re BSODs
« Reply #26 on: February 15, 2010, 01:34:31 AM »
You're welcome Rick. YoKenny..If memory serves me correctly, I believe Rick is pretty savy with computers, to some capacity.  He'll correct me if I'm wrong though.  ;)

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8788
Re: XP users alert re BSODs
« Reply #27 on: February 15, 2010, 01:55:34 AM »
@ news

Maybe Rick F hasn't updated his signature with SP3 installed?
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS

Offline waking

  • Sr. Member
  • ****
  • Posts: 365
Re: XP users alert re BSODs
« Reply #28 on: February 15, 2010, 04:35:10 AM »
All of the critical patches rolled up in SP3 were released individually as well.
Some of us chose (and choose) to apply patches selectively, as it facilitates
identifying problematic changes and simplifies the roll-back process if needed.
It provides micro-management opportunities which installing a large package
doesn't. The fact that someone is still running under SP2 does not mean that
they don't have all critical patches applied.

SP3 simplified the patching by giving one-stop shopping, but that comes with the
drawback of complicating recovery if something goes wrong with one or more of the
patches included - and that did in fact happen with SP3 on some systems.

That being said, it needs to be noted that MS has announced the discontinuation
of support for XP with SP2 in the near future. Presumably XP with SP3 applied
will continue to be supported for awhile longer. So if an XP user wants to
continue to get security patches from MS, they need to apply SP3 as of July 2010.

http://www.informationweek.com/news/windows/operatingsystems/showArticle.jhtml?articleID=222000858

http://arstechnica.com/microsoft/news/2009/12/support-for-windows-xp-sp2-windows-2000-ends-july-13-2010.ars

http://www.ubergizmo.com/15/archives/2009/12/microsoft_to_drop_windows_xp_sp2_support.html

Offline Rick F

  • Poster
  • *
  • Posts: 419
  • _______
Re: XP users alert re BSODs
« Reply #29 on: February 15, 2010, 04:45:59 AM »
I try to keep up-to-date on critical updates, but SP-3 scares me.  There was one update a couple of years ago (KB916595) that killed my computer within the first month I got it from Dell.  It took a week to get everything working again. Dell couldn't figure out why that patch killed my computer, so I have a post-it note below my monitor to NEVER install that patch.  I'm concerned that patch will be included in SP-3.

I do periodic backups using 'Symantec Live State Recovery' (not Symantac AV... will never have that) which creates a 'ghost' image of my 'C' drive.  Hopefully that will work when I eventually need it.

Thanks again.
« Last Edit: February 15, 2010, 04:50:14 PM by Rick F »
Dell Dimension; Intel-core2 duo; WinXP Media Ctr; 2.8ghz - NTFS; 1-Gig Ram; NVIDIA GeForce 7300LE; Firefox 19.0.2; OE-6; ZA-7.0.302; avast 6.0.1367; / DropMyRights / MalwareBytes-Free / Symantec LiveState Recovery Desktop 6.0 / (using WOT), MVPS HOSTS file, SpywareBlaster, WinPatrol PLUS,