 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Forum / Windows Me / Internet / January 2005Critical Updates and Decreasing System Stability
I've been faithfully installing Windows'ME Critical Updates for some time now and my system seems to be getting more and more unstable. I now get a blue screen crash almost every day and sometimes more than one a day. They are randomly erratic having no particular pattern or cause. Critical Updates appear to consist of an endless number of security updates to protect against hackers or deviant web sites accessing your computer. I'm not aware of there ever being an attempt to hack into my computer nor am I aware of anyone I know having had that experience. With the millions of web sites and hundreds of millions of users online everyday, the probability of getting hacked must be pretty low (especially for an on and off dial-up connection). The endless succession of Critical Updates never seem to offer fixes for known system bugs, which I would appreciate. I'm wondering if there isn't a connection between the endless procession of Critical Update patches and the increasing instability of the operating system. Might I be and have been better off ignoring the Critical Updates? -randau Oregon, USA I read and post from the Google Groups web site using a Spam collecting email address that I don't use for anything else. So if someone wants to contact me, please cleanup and use the Spam resistant Email address below. randau2...(at)...proaxis.com Probability of being hacked: Unless you use a firewall - High, even when using dial-up access Probability of visiting a deviant web-site Extremely high, all the more so if you use visit free game playing, gambling or porno web sites or if you download any form of "free" software or music/video files. As to the updates from Microsoft causing you your problems, unlikely and I feel you need to look elsewhere for any problems you are having with your system. For example have you recently checked for unwanted malware, be it a traditional virus or maybe a trojan or keylogger or two or more likely unwanted adware by the score.  SignatureMike Maltby MS-MVP mike.maltby@gmail.com > I've been faithfully installing Windows'ME Critical Updates > for some time now and my system seems to be getting more and [quoted text clipped - 18 lines] > increasing instability of the operating system. Might I be > and have been better off ignoring the Critical Updates? You may have a virus/spyware hijack download the Stinger from here and run it to make sure that A-V-disabling viruses are not present on your PC http://download.nai.com/products/mcafee-avert/stinger.exe - update your virus scanner and run a full system scan of all files. download AdAware SE Personal Edition from www.lavasoftusa.com, install, update, and run it to remove spyware, adware, and other such nasties from your system. See what that lot reports - and then say that the risk of malware is low!! Getting 'hacked' isn't the problem - the problem is getting hit with malware either from a drive-by installation from a website, or from 'accidentally' installing the wrong program. SignatureNoel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's > I've been faithfully installing Windows'ME Critical Updates > for some time now and my system seems to be getting more and [quoted text clipped - 29 lines] > > randau2...(at)...proaxis.com Noel I notice that you frequently recommend downloading and running STINGER for potential virus and/or spyware problems. Is STINGER any different from other AV programs ? > You may have a virus/spyware hijack > [quoted text clipped - 46 lines] > > > > randau2...(at)...proaxis.com Yes - Stinger is a targeted utility for the removal of a number of worms - many of which have the subsidiary function of switching off traditional anti-virus programs. You can have the most efficient, and up-to-date virus scanner in the world, and it's of no use at all if it's switched off by a worm! Stinger of itself is no use - it's purely effective against variants of about 40 worms - without also running a traditional AV immediately afterwards, but what it does, it does well, and is the type of tool that worms have little defence against - for the simple reason that it can be almost totally redesigned every issue, if necessary, while a traditional AV is locked into an upgrade/update cycle. SignatureNoel Paton (MS-MVP 2002-2005, Windows) Nil Carborundum Illegitemi http://www.btinternet.com/~winnoel/millsrpch.htm http://tinyurl.com/6oztj Please read http://dts-l.org/goodpost.htm on how to post messages to NG's > Noel > I notice that you frequently recommend downloading and running STINGER [quoted text clipped - 59 lines] >> > >> > randau2...(at)...proaxis.com Thanks for the response Noel. > Yes - Stinger is a targeted utility for the removal of a number of worms - > many of which have the subsidiary function of switching off traditional [quoted text clipped - 73 lines] > >> > > >> > randau2...(at)...proaxis.com On Sun, 19 Dec 2004 09:11:19 -0000, "Noel Paton" >Yes - Stinger is a targeted utility for the removal of a number of worms - >many of which have the subsidiary function of switching off traditional >anti-virus programs. It's like spending 2 days swotting "spots" at the end of a 3-year course. It doesn't cover all (or even most) of the material :-) Slightly better is Trend's SysClean. Like Stinger, this is a free fixer that you can run without having to install it. But it detects a lot more malware than Stinger does, so I've taken to using it instead; it fits on a USB stick, but not on a diskette. Then again, you aren't cursed with NTFS, so there's no reason you can't use a *real* av that detects "everything". You'd do a diskette boot, ideally using an EBD that creates a RAM disk, then copy the relevant files and run the DOS-based av from there. www.f-prot.com offers F-Prot for DOS as free for personal use, and it's what I use. You can get updates from the site as well, and you'd need to, as the data built into the download will likely be stale. www.sophos.com and www.nod32.com also offer free DOS-based av for download, but they are evaluation copies only. That means you have to sign in, and I presume you can't download updates on an ongoing basis. >You can have the most efficient, and up-to-date virus scanner in the world, >and it's of no use at all if it's switched off by a worm! Absolutely. Chasing active malware from the OS that it's already running in is doomed, because the malware is positioned to resist, hide, take punitive action against you, etc. It's merciful that the last is rare, but it's been done; I wouldn't count on such mercy. >Stinger of itself is no use - it's purely effective against variants of >about 40 worms - without also running a traditional AV immediately >afterwards, but what it does, it does well, and is the type of tool that >worms have little defence against - for the simple reason that it can be >almost totally redesigned every issue, if necessary, while a traditional AV >is locked into an upgrade/update cycle. Yes - it's a useful lifeline for those cursed with NTFS. Also, once you've identified a malware, Symantec has several dedicated cleaners that each kill one particular baddie. Actually, most av sites have free cleaners for one malware each; I've used these from Symantec, F-Secure and Sophos (Sophos's fix for Jeefo was da bomb!) >--------------- ----- ---- --- -- - - - Tech Support: The guys who follow the 'Parade of New Products' with a shovel. >--------------- ----- ---- --- -- - - - Thanks for your input also, cquirk. I use Avast, AdAware and Spybot S&D religiously. Just wasn't sure of why STINGER. Now I know !! Thanks again. Dan > On Sun, 19 Dec 2004 09:11:19 -0000, "Noel Paton" > [quoted text clipped - 48 lines] > 'Parade of New Products' with a shovel. > >--------------- ----- ---- --- -- - - - I have Norton AntiVirus protection which I update and then scan the disk every week besides getting the Virus Definitions updated automatically during the week. I also have Lavasoft Adaware software that I run periodically to root out Spyware. I don't think it's the canned/preprogrammed malware (viruses/spyware) that's being addressed with Windows Critical Updates. I think it's the threat of real-time hackers that's being addressed to prevent them from establishing live malicious access to your computer. Isn't it? > I have Norton AntiVirus protection which I update and then > scan the disk every week besides getting the Virus [quoted text clipped - 9 lines] > establishing live malicious access to your computer. > Isn't it? No. Not at all. That you use NAV is perhaps more of a factor in your loss of performance than anything else. No Symantec product targeted at the domestic market performs well regardless of the operating system in use with NAV especially causing more problems with Win Me than any it might claim to prevent. SignatureMike Maltby MS-MVP mike.maltby@gmail.com > I've been faithfully installing Windows'ME Critical Updates > for some time now and my system seems to be getting more and > more unstable. I now get a blue screen crash almost every > day and sometimes more than one a day. They are randomly > erratic having no particular pattern or cause. > Critical Updates appear to consist of an endless number of > security updates to protect against hackers or deviant web [quoted text clipped - 4 lines] > everyday, the probability of getting hacked must be pretty > low (especially for an on and off dial-up connection). Hmmm. Watching my router logs, normally a useless exercise, I see numerous attempts at infecting my computer; even when I use a dial-up connection instead of my DSL connection. It only takes a few seconds before the probes start coming in for assorted nasties that attack vulnerable system ports. Consider these entries from a Level3 dial-up session for an SBC customer (me): 2004-12-22 10:38:22 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.48.209:1388]->localhost:445, Owner: no owner 2004-12-22 10:38:22 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.201.50:2165]->localhost:135, Owner: no owner 2004-12-22 10:38:28 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.108.174:3233]-> localhost:445, Owner: no owner 2004-12-22 10:38:28 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.108.174:3233]-> localhost:445, Owner: no owner 2004-12-22 10:38:39 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.126.85:1054]->localhost:445, Owner: no owner 2004-12-22 10:38:43 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.126.85:1054]->localhost:445, Owner: no owner 2004-12-22 10:39:03 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.237.75:3350]->localhost:135, Owner: no owner 2004-12-22 10:39:06 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.237.75:3350]->localhost:135, Owner: no owner 2004-12-22 10:44:14 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.105.214:3531]-> localhost:135, Owner: no owner 2004-12-22 10:44:17 Local7.Debug 192.168.102.100 Rule 'Block Common Ports (Logged)': Blocked: In TCP, (null) [4.246.105.214:3531]-> localhost:135, Owner: no owner The "localhost:<port#>" lines are the destination; my computer. The IP address is the source of the probe. Port 135 probes are likely messenger spam. The Sasser worm is one of the common Windows infectors which attacks port 445. > The endless succession of Critical Updates never seem to > offer fixes for known system bugs, which I would appreciate. Most Critical Upadates patch security problems. If you have never had a site attempt a drive-by download, you haven't been around the Internet block. I've seen numerous attempts at sleazy, underhanded system takeover. I don't normally use MSIE, but I have tested it against such a site, on occasion, when I find it; so far, with the latest Critical Updates, and proper security settings for the "Internet zone" of MSIE, nothing bad has happened. But who knows, if I hadn't kept MSIE current. > I'm wondering if there isn't a connection between the > endless procession of Critical Update patches and the > increasing instability of the operating system. Might I be > and have been better off ignoring the Critical Updates? Definitely not! I have no stability problems with Windows Me, except for some random flakiness that seems to be a result of overheating the RAM when a P.S. fan died. I figure the hardware was seriously cooked and I am running on borrowed time. Symantec products are notorious for causing problems. I have learned which ones don't affect Windows Me, and avoid the ones which do. When I had paid for a year of NAV, I never let it scan my email. Much flakiness seems to attend to either Norton Anti Virus, or McAfee Anti Virus, scanning email. Another Norton utility created problems, and never really did anything. I find a handful which are useful, though. > -randau > Oregon, USA You need to use a proper signature separator; dash-dash-endline. Doesn't Google Groups provide one in the compose window? > I read and post from the Google Groups web site... My condolences. A proper news client is much superior. Even MS Outlook Express is better than any web access to news groups. The only web-to-news interface worse than Google Groups is "Microsoft CDO for Windows 2000", commonly used by posters in these groups because they stumble on the groups while searching the MSFT web site for assistance. SignatureNorman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint Thanks for your informative and insightful response Norman. I read it with great interest and thought. Norman wrote: >The "localhost:<port#>" lines are the destination; my computer. The IP >address is the source of the probe. Port 135 probes are likely messenger >spam. The Sasser worm is one of the common Windows infectors which attacks >port 445. >Most Critical Upadates patch security problems. If you have never had a site >attempt a drive-by download, you haven't been around the Internet block. [quoted text clipped - 3 lines] >security settings for the "Internet zone" of MSIE, nothing bad has happened. >But who knows, if I hadn't kept MSIE current. Are we talking about attempts to access your computer for the purpose of "Live Hacker" mischief as apposed to preprogrammed Viruses and Email Worms, which can be protected against with Anti-Virus programs? randau wrote: >> I'm wondering if there isn't a connection between the >> endless procession of Critical Update patches and the [quoted text clipped - 12 lines] >Another Norton utility created problems, and never really did anything. I >find a handful which are useful, though. These random crashes occur when I'm not even running an email program. There appears to be no correlation with running any particular program or performing any particular operation. What Anti-Virus program would you recommend? >> I read and post from the Google Groups web site... > [quoted text clipped - 3 lines] >commonly used by posters in these groups because they stumble on the groups >while searching the MSFT web site for assistance. I've used several news clients before, but I found Google Groups more useful for a number of reasons. 1) The terrific search capabilities of their extensive Archive of past postings, especially computer related groups. 2) All my stuff is archived at their site instead of my having to store it. 3) Direct random access to any thread rather than the chronological serial access that was used by news client programs. If I posted to a highly active group and missed a day or so of checking it, I had to download and wade through enormous numbers of headers in order to get to what I was looking for, using a news client program. -- Regards, randau (is that better) :-) > Thanks for your informative and insightful response Norman. > I read it with great interest and thought. You're welcome. Hopefully it provided some kind of starting point in isolating your problem. SignatureNorman ~Win dain a lotica, En vai tu ri, Si lo ta ~Fin dein a loluca, En dragu a sei lain ~Vi fa-ru les shutai am, En riga-lint randau wrote: >> Thanks for your informative and insightful response Norman. >> I read it with great interest and thought. [quoted text clipped - 4 lines] >-- >Norman Sorry for the prior redundant posting, it was unintentional. But, I did have some comments and questions laced into your text in the initial transmission that I think you may not have noticed. Would you mind taking another look at it. -- Thanks, randau Thanks for your informative and insightful response Norman. I read it with great interest and thought. Norman wrote: >The "localhost:<port#>" lines are the destination; my computer. The IP >address is the source of the probe. Port 135 probes are likely messenger >spam. The Sasser worm is one of the common Windows infectors which attacks >port 445. >Most Critical Upadates patch security problems. If you have never had a site >attempt a drive-by download, you haven't been around the Internet block. [quoted text clipped - 3 lines] >security settings for the "Internet zone" of MSIE, nothing bad has happened. >But who knows, if I hadn't kept MSIE current. Are we talking about attempts to access your computer for the purpose of "Live Hacker" mischief as apposed to preprogrammed Viruses and Email Worms, which can be protected against with Anti-Virus programs? randau wrote: >> I'm wondering if there isn't a connection between the >> endless procession of Critical Update patches and the [quoted text clipped - 12 lines] >Another Norton utility created problems, and never really did anything. I >find a handful which are useful, though. These random crashes occur when I'm not even running an email program. There appears to be no correlation with running any particular program or performing any particular operation. What Anti-Virus program would you recommend? >> I read and post from the Google Groups web site... > [quoted text clipped - 3 lines] >commonly used by posters in these groups because they stumble on the groups >while searching the MSFT web site for assistance. I've used several news clients before, but I found Google Groups more useful for a number of reasons. 1) The terrific search capabilities of their extensive Archive of past postings, especially computer related groups. 2) All my stuff is archived at their site instead of my having to store it. 3) Direct random access to any thread rather than the chronological serial access that was used by news client programs. If I posted to a highly active group and missed a day or so of checking it, I had to download and wade through enormous numbers of headers in order to get to what I was looking for, using a news client program. -- Regards, randau (is that better) :-) I'll no longer be watching this thread for replies. So, if someone wants me to see their reply or wants to contact me, please cleanup and use the Spam resistant Email address below. randau2...(at)...proaxis.com -randau Oregon, USA |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.