XPCrasher
2017-11-05, 00:22
Over time I have accumulated many utilities from around the net. I recently started scanning the executable and dll's of each utility with SB-S&D. On some files, Windows gives up the ghost with a BSOD. The executables/dll's that crash Windows, always crash Windows. The ones that don't crash Windows never do. So the issue is quite repeatable. In either case, the files seem to run well. If possible I will upload the BSOD.
So my question is this: Why would SB-S&D crash, or XP, while SB-S&D is scanning a file? Any thoughts on this?
So why don't I just shut up and delete the files and have a few beers or something... I have thought about this a little bit. Primarily, most of these files are useful from time to time, and if possible I would like to keep them. But danger is lurking.
First, Danger Will Robinson, DANGER!!! Some time last year I download what I thought might be a useful utility call SysInternals from somewhere on the net. Likely CNET. I did not use SysInternals til early summer of this year around May. Unfortunately it brought along an uninvited guest that was unknown to SB-S&D or N360, (they both burped up a message saying so) and was able to rewrite Teatimer as well as destroying N360. Very mean.
I was only able to figure out where the problem was after I discovered the single file scan feature on Spybot. I scanned SysInternals executable and XP crashed with a BSOD. After reboot I scanned again, and twice more. I was convinced. I did a mil grade erase ( I had already discovered that the only way to get rid of the bug after its activation was this way) reloaded the ghost copy, booted to logon, shutdown and then into safe mode, and deleted that folder. On reboot I scanned a couple of other utilities and four failed with a BSOD. Unfortunately, I deleted them as well. Because of that, I can't say that the SysInternals program was contaminated 100%. Only 99.9%. My system as been solid as a rock since early September. You know I am happy after 3 months or so of tinkering, scan after scan, mil grade erase after...
Some interesting things though. None of these files were captured by SB-S&D or N360 on standard scans. One of the files , 2xExplorer, I had been using for many years and has been seen by SB-S&D many times, yet failed exhaustively with the single scan feature. One cad program, Inkscape, did not fail while compressed, but failed when extracted. Also, recently Piriform announced the freeware CClean install executable had been hijacked and rewritten and was data mining. I researched System Internals and found out it is suite of utilities owned by Microsoft. I went to Microsoft and downloaded directly the particular program I was using Process Explorer (procexp.exe) from them and it passed the Spybot scan. I have used it for six weeks or so with no problems.
So I am inclined to think that all may not be infected, but I have to live with the fact that they are, at the least, data mining, and yet may cause instability in certain cases.
Thanks.
PS. Backups rule.
So my question is this: Why would SB-S&D crash, or XP, while SB-S&D is scanning a file? Any thoughts on this?
So why don't I just shut up and delete the files and have a few beers or something... I have thought about this a little bit. Primarily, most of these files are useful from time to time, and if possible I would like to keep them. But danger is lurking.
First, Danger Will Robinson, DANGER!!! Some time last year I download what I thought might be a useful utility call SysInternals from somewhere on the net. Likely CNET. I did not use SysInternals til early summer of this year around May. Unfortunately it brought along an uninvited guest that was unknown to SB-S&D or N360, (they both burped up a message saying so) and was able to rewrite Teatimer as well as destroying N360. Very mean.
I was only able to figure out where the problem was after I discovered the single file scan feature on Spybot. I scanned SysInternals executable and XP crashed with a BSOD. After reboot I scanned again, and twice more. I was convinced. I did a mil grade erase ( I had already discovered that the only way to get rid of the bug after its activation was this way) reloaded the ghost copy, booted to logon, shutdown and then into safe mode, and deleted that folder. On reboot I scanned a couple of other utilities and four failed with a BSOD. Unfortunately, I deleted them as well. Because of that, I can't say that the SysInternals program was contaminated 100%. Only 99.9%. My system as been solid as a rock since early September. You know I am happy after 3 months or so of tinkering, scan after scan, mil grade erase after...
Some interesting things though. None of these files were captured by SB-S&D or N360 on standard scans. One of the files , 2xExplorer, I had been using for many years and has been seen by SB-S&D many times, yet failed exhaustively with the single scan feature. One cad program, Inkscape, did not fail while compressed, but failed when extracted. Also, recently Piriform announced the freeware CClean install executable had been hijacked and rewritten and was data mining. I researched System Internals and found out it is suite of utilities owned by Microsoft. I went to Microsoft and downloaded directly the particular program I was using Process Explorer (procexp.exe) from them and it passed the Spybot scan. I have used it for six weeks or so with no problems.
So I am inclined to think that all may not be infected, but I have to live with the fact that they are, at the least, data mining, and yet may cause instability in certain cases.
Thanks.
PS. Backups rule.