From: MowGreen on
Correction on the previously posted variant of Alureon -

Win32/Alureon.A
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Virus%3AWin32%2FAlureon.A

" When the infecting trojan is run, it infects a system driver, usually
'atapi.sys'. It has also been observed to infect 'iastor.sys' but other
system drivers may also be targeted.

Hides files and disk sectors

The system driver detected as Virus:Win32/Alureon.A is infected by the
addition of code, whose function is to load a part of the Alureon
rootkit. The Alureon rootkit is a component that gives Alureon the
ability to avoid detection; it is created by the same Alureon trojan
that infects the system driver.

The rootkit loaded by Virus:Win32/Alureon.A has the ability to avoid
behavior blockers, which allows it to perform its malicious routines
uninterrupted. It can also hide files and disk sectors. "


MowGreen
================
* -343-* FDNY
Never Forgotten
================

banthecheck.com
"Security updates should *never* have *non-security content* prechecked



MowGreen wrote:
> I know for a *fact* that MS Support engineers are actually driving to
> some folks homes and picking up their computers in order to get to the
> bottom of this issue
> http://blogs.technet.com/msrc/archive/2010/02/12/update-restart-issues-after-installing-ms10-015.aspx
>
>
> " In order to get the information we need to fully analyze the issue,
> some of our support engineers have actually driven to customer locations
> and picked up affected systems so we can get the needed crash data
> directly and help inform our investigation. "
>
> The issue is NOT affecting the *vast majority* of XP Users but IS
> affecting those whose systems already *have malware present*.
>
> Specifically, it's a variant of this malware that contains a rootkit:
>
> Win32/Alureon
> http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?name=Win32%2fAlureon
>
>
> http://www.prevx.com/blog/139/Tdss-rootkit-silently-owns-the-net.html
>
> Read the Comments here:
> http://isc.sans.org/diary.html?storyid=8209#comment
>
>
> You're wasting your time posting warnings about the update,
> "angelkisses420". You should contact MS again and request on site
> assistance.
>
>
>
> MowGreen
> ================
> *- 343 -* FDNY
> Never Forgotten
> ================
>
> banthecheck.com
> "Security updates should *never* have *non-security content* prechecked
>
>
>
> ANGELKISSES420 wrote:
>> will you please stop posting that Massive amount? im trying to find
>> out help.
>> since im not getting it from microsoft maybe ill get it from other
>> users, so
>> please stop posting that i need to stop?
>>
From: Daave on
If that is the case, you need to use a different keyboard.


ANGELKISSES420 wrote:
> i have a Emachine W3502 Desktop Pc. Running Windows Xp Professional.
> Like i said, ive done all that, and i still cant boot from disk. when
> i try, it gives me BLUE SCREEN
>
> "Daave" wrote:
>
>> You are making this very difficult; you *still* haven't answered
>> about the make and model of the PC!
>>
>> Assuming you did configure the BIOS correctly, when you see this
>> screen:
>>
>> http://www.pcxmedics.com/blog/images/clean-install-xp-1.jpg
>>
>> .... you need to press one of the keys on your keyboard in order to
>> boot off the CD!
>>
>> If you did press any key and you wind up getting the BSOD, this means
>> you are *still* booting off the hard drive. Perhaps you need to use a
>> different keyboard.
>>
>>
>> ANGELKISSES420 wrote:
>>> i have configured my bios... same problem.. just like a couple other
>>> people i know. i did exactly what microsoft said to on the phone.
>>> and still the same problem!!!
>>>
>>> "Daave" wrote:
>>>
>>>> You are doing it incorrectly. From your description, you are still
>>>> booting off the hard drive!
>>>>
>>>> You need to configure your BIOS so that you boot off the CD:
>>>>
>>>> http://michaelstevenstech.com/bios_manufacturer.htm
>>>>
>>>> What is the make and model of your PC? Certain PCs allow you to
>>>> enter a boot menu without needing to enter the BIOS. (For instance,
>>>> Dell PCs allow you to press F12 to accomplish this.)
>>>>
>>>>
>>>> ANGELKISSES420 wrote:
>>>>> i have a cd.. and it works when i install it on peoples pcs.. but
>>>>> when i try to boot from disc.. it wont work.. and ive tried to
>>>>> boot using both cd/dvd players in my computer.. it just wont let
>>>>> me. when i do try to boot up using the disk. i get the bsod. and
>>>>> that is my problem, microsoft said they could fix it for me since
>>>>> it was the update that caused it. but they cant fix it bc for
>>>>> some reason just like alot of other people i know, it wont allow
>>>>> them to boot from disc.. and my harddrive is inaccessible.. i can
>>>>> take my hd out.. put it in another pc.. and it wont work... and
>>>>> yet it worked perfectly fine until that update. im sorry but i
>>>>> dont believe it was coincedence, how could it be when 20+ people
>>>>> i know or have talked to are going through the same thing.. not
>>>>> to mention practically everyone who has xp is having the
>>>>> problem.. hence why its all over the news on the internet. heres
>>>>> another new NEWS link.
>>>>> http://itmanagement.earthweb.com/secu/article.php/3864611/Patch-Tuesday-Update-Crashes-XP-Users-Parade.htm?comment=27390-0
>>>>>
>>>>> "Jose" wrote:
>>>>>
>>>>>> On Feb 11, 5:24 pm, ANGELKISSES420
>>>>>> <ANGELKISSES...(a)discussions.microsoft.com> wrote:
>>>>>>> okay.. i found out.. the UPDATE ... fried my hard drive.. thats
>>>>>>> why i cant boot from disk.. that sucks.. and microsoft wont pay
>>>>>>> for it... i tested a different harddrive.. and it works..
>>>>>>> because it doesnt have that update on it.and that update isnt
>>>>>>> on it.. so it works.. im pissed..
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> If the update breaks your computer and if the link to the fix is
>>>>>> the solution (has anyone verified the fix on a broken system or
>>>>>> is it just a "given"), boot Recovery Console, uninstall the
>>>>>> update and be on your way. I have the update and no problems
>>>>>> but maybe we here are not a member of the non-trival group
>>>>>> afflicted.
>>>>>>
>>>>>> If you do not have a bootable Windows CD to get into Recovery
>>>>>> Console, that that is not the fault of MS. If you didn't get an
>>>>>> XP CD with your system, you should get one when this is all over.
>>>>>>
>>>>>> If you need to boot Recovery Console, make a bootable CD, or if
>>>>>> your system has no CD drive, make a bootable USB device that has
>>>>>> RC on it.
>>>>>>
>>>>>> If you have no XP media and need to make a bootable Recovery
>>>>>> Console CD to uninstall the update, here are instructions to make
>>>>>> one.
>>>>>>
>>>>>> http://www.bleepingcomputer.com/forums/topic276527.html
>>>>>>
>>>>>> Making a bootable USB device varies, but your hardware vendor
>>>>>> probably has instructions. This is not a new idea.
>>>>>>
>>>>>> I would not implement KB307545 just for this piddly update -
>>>>>> unless uninstalling the single update (a few seconds or time)
>>>>>> doesn't work. That is just my opinion.
>>>>>>
>>>>>> If you have no way to boot your system from other than the HDD to
>>>>>> deal with such things, it would be a good idea to learn how or
>>>>>> find somebody that knows how to help/teach about the problem.
>>>>>>
>>>>>>
>>>>>> .
>>>>
>>>>
>>>> .
>>
>>
>> .


From: Russ SBITS.Biz [SBS-MVP] on
MowGreen,

Well, when someone claims an update Killed the HD
it's hard to convince of anything....

And it's not a conspiracy from Microsoft.

And this is not global, other wise I'd have a TON of people calling me.
(Everyone single of my clients.)
And I wouldn't have any sleep for the last 3 days...
(And I'd be calling MS also.)

As of now I'm still sleeping at nights....
(So it doesn't affect all PC's)

That being said.....
We still need to go back to the fix.
(Of trying to boot off a CD)
Which doesn't seem to be possible?
????
Which is why I suggest a Local IT Professional to help get the boot to CD...
Then we can move on...
Russ

--
Russell Grover - SBITS.Biz [SBS-MVP]
MCP, MCPS, MCNPS, SBSC
Microsoft Certified Small Business Specialist
24hr SBS Remote Support - www.SBITS.Biz
Question or Second Opinion - www.PersonalITConsultant.com
Free Trial Microsoft Online Services - www.Microsoft-Online-Services.com


"MowGreen" <mowgreen(a)nowandzen.com> wrote in message
news:e8jXz9CrKHA.6064(a)TK2MSFTNGP02.phx.gbl...
> Will you explain to her that rootkits can not be detected by routine
> antivirus scans, Russ ?
>
> The affected HD will not allow the CD player to load Windows.
> A new HD does because it does NOT have the rootkit present whose
> "functionality" was crippled by KB977165, thus making booting from CD
> *inoperative*.
>
> That's a pretty clear indication that a rootkit is present on the dead HD
> and explains why the CD player would not load Windows after the update was
> applied.
>
> I'm done trying to convince her.
>
> https://consumersecuritysupport.microsoft.com/default.aspx?productKey=pcsafetymalware&ct=phonets&supportLinkphonets=Phone
>
>
> MowGreen
> ================
> * -343-* FDNY
> Never Forgotten
> ================
>
> banthecheck.com
> "Security updates should *never* have *non-security content* prechecked
>
>
>
> Russ SBITS.Biz [SBS-MVP] wrote:
>> You are a Programs Manager?
>> Have you talked to your IT person on how to set up your PC
>> to Boot from a CD?
>> Maybe he can help?
>> Russ
>>
From: shawn on
Even your name is in all caps which makes you even more that annoying.

"ANGELKISSES420" <ANGELKISSES420(a)discussions.microsoft.com> wrote in message
news:5F09FCCC-567E-4C98-9FBA-BEE00B80D0C5(a)microsoft.com...
> will you please stop posting that Massive amount? im trying to find out
> help.
> since im not getting it from microsoft maybe ill get it from other users,
> so
> please stop posting that i need to stop?
>
> "Peter Foldes" wrote:
>
>> From Mow Green
>>
>> <snip>
>> New Patches Cause BSoD for Some Windows XP Users
>> http://www.krebsonsecurity.com/2010/02/new-patches-cause-bsod-for-some-windows-xp-users/
>>
>> BLUE SCREEN, UNABLE TO BOOT AFTER WINDOWS XP UPDATE TODAY
>> http://social.answers.microsoft.com/Forums/en-US/vistawu/thread/73cea559-ebbd-4274-96bc-e292b69f2fd1/
>> ============================================================================================
>>
>> A workaround to remove KB977165 and a method to mitigate the
>> vulnerability this update addresses has been posted in the above Windows
>> Update forum by Kevin Hau of Microsoft:
>>
>> <end snip>
>> --
>> Peter
>>
>> Please Reply to Newsgroup for the benefit of others
>> Requests for assistance by email can not and will not be acknowledged.
>>
>> "ANGELKISSES420" <ANGELKISSES420(a)discussions.microsoft.com> wrote in
>> message
>> news:0435994E-3BE6-4BAC-B2D9-F6DD7AF18142(a)microsoft.com...
>> > okay.. i found out.. the UPDATE ... fried my hard drive.. thats why i
>> > cant
>> > boot from disk.. that sucks.. and microsoft wont pay for it... i tested
>> > a
>> > different harddrive.. and it works.. because it doesnt have that update
>> > on
>> > it.and that update isnt on it.. so it works.. im pissed..
>> >
>> > "ANGELKISSES420" wrote:
>> >
>> >> I WANTED TO TELL EVERYONE & ASK THEM PLEASE DO NOT DO THE NEW WINDOWS
>> >> XP
>> >> UPDATES!!! THEY ARE MORE HARM THAN GOOD.. THEY SAY ITS NEW SECURITY
>> >> UPDATES..
>> >> IM SORRY BUT NO. THEY DON'T FIX YOUR COMPUTER, THEY MESS IT UP.. AFTER
>> >> DOWNLOADING, AND INSTALLING( I HAD TO SHUT DOWN, TO COMPLETE THE
>> >> UPDATE) I
>> >> DID... AND NOW MY COMPUTER WONT OPEN WINDOWS.. IT TAKES ME TO THE
>> >> BLACK
>> >> SCREEN, THAT SAYS "START IN SAFE MODE, lAST KNOWN GOOD CONFIG.. OR
>> >> START
>> >> NORMALLY" IVE TRIED EVERY OPTION, WINDOWS WONT OPEN.. THE LAST UPDATES
>> >> MESS
>> >> UP YOUR COMPUTER, IF YOU TRY TO OPEN WINDOWS, YOU CANT. AND EVEN IF
>> >> YOU DO
>> >> SET A RESTORE POINT.. IT WONT DO ANY GOOD.. BECAUSE YOU WONT EVEN GET
>> >> TO GO
>> >> BACK TO THAT RESTORE POINT. ALL YOU'LL SEE IS THAT LITTLE BLACKSCREEN.
>> >> NO
>> >> MATTER WHAT YOU DO.. THEN YOULL BE SITTING HERE ON THE PHONE WITH
>> >> MICROSOFT
>> >> FOR 5 HRS:) AND NOTHING WILL COME FROM THAT, YOU WILL HAVE LOST ALL
>> >> YOUR
>> >> INFORMATION, AND POSSIBLY FRYED YOUR HARDDRIVE.. SO FOR THOSE PEOPLE
>> >> WHINING
>> >> THAT THEIR UPDATES WONT INSTALL.. DONT WHINE. YOURE ONE OF THE LUCKY
>> >> ONES..
>> >> EVERYONE IN MY TOWN THAT HAD WINDOWS XP.. THEIR COMPUTER HAS CRASHED
>> >> AFTER
>> >> THE UPDATE.. SO FEEL LUCKY!!!! AND PLEASE.. DO NOT DOWNLOAD OR INSTALL
>> >> THE
>> >> UPDATES.. IF YOU DO.. AND IT MESSES UP YOUR COMPUTER. SORRY BUT I
>> >> WARNED YOU.
>>
>> .
>>


From: shawn on
I wish there was a way it could fry my hard drive.. these PC's are so old at
work and need replacing.

"Russ SBITS.Biz [SBS-MVP]" <russ(a)REMOVETHIS.sbits.biz> wrote in message
news:E50E2C72-169E-4FC1-BF3B-9807B6EBC52E(a)microsoft.com...
> an update won't FRY your hard drive
> If you put that Hard drive on another PC
> you will be able to see the data on there
> If you can not READ data off of that hard drive
> This was not an Update that caused it
> It was a hard drive failure
> Sorry
> Russ
>
> --
> Russell Grover - SBITS.Biz [SBS-MVP]
> MCP, MCPS, MCNPS, SBSC
> Microsoft Certified Small Business Specialist
> 24hr SBS Remote Support - www.SBITS.Biz
> Question or Second Opinion - www.PersonalITConsultant.com
> Free Trial Microsoft Online Services - www.Microsoft-Online-Services.com
>
>
> "ANGELKISSES420" <ANGELKISSES420(a)discussions.microsoft.com> wrote in
> message news:0435994E-3BE6-4BAC-B2D9-F6DD7AF18142(a)microsoft.com...
>> okay.. i found out.. the UPDATE ... fried my hard drive.. thats why i
>> cant
>> boot from disk.. that sucks.. and microsoft wont pay for it... i tested a
>> different harddrive.. and it works.. because it doesnt have that update
>> on
>> it.and that update isnt on it.. so it works.. im pissed..
>>
>> "ANGELKISSES420" wrote:
>>
>>> I WANTED TO TELL EVERYONE & ASK THEM PLEASE DO NOT DO THE NEW WINDOWS XP
>>> UPDATES!!! THEY ARE MORE HARM THAN GOOD.. THEY SAY ITS NEW SECURITY
>>> UPDATES..
>>> IM SORRY BUT NO. THEY DON'T FIX YOUR COMPUTER, THEY MESS IT UP.. AFTER
>>> DOWNLOADING, AND INSTALLING( I HAD TO SHUT DOWN, TO COMPLETE THE UPDATE)
>>> I
>>> DID... AND NOW MY COMPUTER WONT OPEN WINDOWS.. IT TAKES ME TO THE BLACK
>>> SCREEN, THAT SAYS "START IN SAFE MODE, lAST KNOWN GOOD CONFIG.. OR START
>>> NORMALLY" IVE TRIED EVERY OPTION, WINDOWS WONT OPEN.. THE LAST UPDATES
>>> MESS
>>> UP YOUR COMPUTER, IF YOU TRY TO OPEN WINDOWS, YOU CANT. AND EVEN IF YOU
>>> DO
>>> SET A RESTORE POINT.. IT WONT DO ANY GOOD.. BECAUSE YOU WONT EVEN GET TO
>>> GO
>>> BACK TO THAT RESTORE POINT. ALL YOU'LL SEE IS THAT LITTLE BLACKSCREEN.
>>> NO
>>> MATTER WHAT YOU DO.. THEN YOULL BE SITTING HERE ON THE PHONE WITH
>>> MICROSOFT
>>> FOR 5 HRS:) AND NOTHING WILL COME FROM THAT, YOU WILL HAVE LOST ALL YOUR
>>> INFORMATION, AND POSSIBLY FRYED YOUR HARDDRIVE.. SO FOR THOSE PEOPLE
>>> WHINING
>>> THAT THEIR UPDATES WONT INSTALL.. DONT WHINE. YOURE ONE OF THE LUCKY
>>> ONES..
>>> EVERYONE IN MY TOWN THAT HAD WINDOWS XP.. THEIR COMPUTER HAS CRASHED
>>> AFTER
>>> THE UPDATE.. SO FEEL LUCKY!!!! AND PLEASE.. DO NOT DOWNLOAD OR INSTALL
>>> THE
>>> UPDATES.. IF YOU DO.. AND IT MESSES UP YOUR COMPUTER. SORRY BUT I WARNED
>>> YOU.
>


First  |  Prev  |  Next  |  Last
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13
Prev: LAN not working
Next: COM+ Re-install