WARNING about hotfix for KB925902 patch

[Guest]

Well, I tried the hotfix that is supposed to fix the RealTek audio bug
associated with the KB925902 security patch.

The result was dramatic. My computer wouldn't reboot, but just hung forever
with a black screen, presumably trying to load Windows and failing. I used
the reset button and fortunately managed to reboot in SAFE mode and use
System Restore to get back to the moment just before I installed the hotfix.
Thank goodness for System Restore!

It was a most unpleasant, scarifying experience. My advice to anyone
affected by this is: DON'T use the hotfix unless you think you absolutely
need it. Instead, use msconfig to disable rthdcpl.exe at startup. That will
kill the error message. And just ignore the fact that you can't open the
RealTek audio control panel. You probably don't need to. I never have.

And my request to Microsoft is: can we have a hotifx that actually works,
please, and that doesn't render our machines unbootable?

One other thing. Since that last notorious Windows update, my scanner has
been behaving strangely. During scanning, it stops several times, and for
several minutes each time, while AVG scans with 100% CPU usage. I can't help
but think that the Windows update has somehow interfered with one of the
scanner's drivers too, and that AVG is closely monitoring its behaviour as a
consequence. (Is that likely? Anyone?) Looks like all my future scanning will
have to be done with my computer disconnected from the internet, with AVG
switched off. Which is a pain.

 

[Guest]

One other thing. Since that last notorious Windows update, my scanner has
been behaving strangely. During scanning, it stops several times, and for
several minutes each time, while AVG scans with 100% CPU usage.

I've been doing a bit of Googling - it seems that a trickle of reports are
starting to emerge about issues with AVG after installing this new patch. So
I don't think this odd behaviour with my scanner is a coincidence. Makes me
wonder about uninstalling the patch before I find something irrevocably
messed up. Anyone else noticing any odd behaviour with AVG?

 

[robinb]

not here and i have avg installed on 25 computers and see no problems. Also
non of these computers have the realtek drivers. I am wondering if you have
these drivers and installed the patch that is the issue that is making avg
go nuts
robin

 

[Guest]

Anyone else noticing any odd behaviour with AVG?

According to Outlook Express, there's a post by Robin in this thread, though
I can't see it in IE for some reason. Oh well, I'll carry on regardless.

I think you may be right Robin. IF you have the RealTek driver AND you have
AVG AND you've applied the patch, then that may be what's upsetting AVG. When
I look at Event Viewer at around the time I applied the hotfix and everything
crashed, it's full of dozens of AVG7 errors (among a heap of other stuff).

Damned if I know what to do about all this. I think I'll write to AVG about
it.

 

[Guest]

Hello Alan D,

I'm using IE, and only see your last 3 post. nothing about Robin.
--

 

[Guest]

Hello Alan D,

I'm using IE, and only see your last 3 post. nothing about Robin.

Well Engel, at least I do see you - and that cheers me up.

I just found this thread:

http://www.dslreports.com/forum/remark,18112686~days=9999

It seems there are a lot of problems associated with this last update - some
emerging only gradually as people find broken things.

Question: if I try to uninstall this last KB925902 update (as I would very
much like to do before the system restore point that predates it doesn't get
lost in history), will I get myself into even more difficulties?

 

[Guest]

Alan,

This is NOT an answer to you direct question.
But, FWIW, in its default configuration the System Restore Utility will keep
System Restore Points for up to 90 days or 12% of your hard dive space unless
you have changed either of these settings. It is unlikely you have changed
the former.

If you want to double check open the SRU and see how far back you can scroll
in the calender. This is a good indication on how long it will be before the
"pre-patch" SRP expunged.

The odds are that if it is "needed" in the eyes of MS that at "patch to the
patch" would come out long before you have lost the SRP in question.

You really don't want to go back more than 3 weeks anyway. It is likely to
cause more problems than it's worth. I now only keep mine for 35 days [Patch
Tuesday to Patch Tuesday ]

?
Tim
Geek w/o Portfolio

:

 

[ANONYMOUS]

I thought there a fix for it here:

http://www.microsoft.com/downloads/...88-3131-429C-8FCB-F7B3B0FD3D86&displaylang=en

Hope this proves useful.

 

[Guest]

You really don't want to go back more than 3 weeks anyway. It is likely to
cause more problems than it's worth. I now only keep mine for 35 days [Patch
Tuesday to Patch Tuesday ]

Thanks Tim - yes I'm aware that the further back in time I try to go, the
more unreliable the restoration is likely to be. I don't think I'd want to
risk going back 3 weeks, to tell the truth - the fewer days the better, as
far as I'm concerned. If I'm going to uninstall the patch and do a system
restore, I want to do it sooner rather than later. But I want to wait and see
what AVG advise.

Here is a sobering thought. I've been online for 5 years now, and in all
that time I have NEVER picked up anything more threatening than a tracking
cookie. (I now know that the two registry traces I thought I had a few years
back were false positives, though at the time I thought they were real.)

Now here, at a stroke, a single bad Microsoft security update has damaged my
audio control panel and thereby messed up my antivirus program, which in turn
now prevents my scanner from working properly (and who knows what other
hidden surprises lie in wait for me?). The so-called fix for this bad piece
of code has crashed my computer, prevented it from rebooting, forced me to do
a system restore, and provided me with quite as much dismay and trauma as any
piece of detected malware would do. I'm left with a machine that is still
unfixed - perhaps now unfixable - and I'm at a loss as to the best way to
proceed from here.

My point is that I have always felt uneasy about installing Windows updates
immediately as an automatic response, and this experience proves to me
conclusively that I was right to be so suspicious. In future I'll be
installing no updates without waiting at least a week first, because I now
know the trust is misplaced.

Consider how many millions of people out there have RealTek audio devices.
They now have damaged systems, displaying a variety of symptoms. Most of them
will have no idea that it has anything to do with the latest Windows update
(particularly if they have automatic updates switched on). A very few of
them will find their way to message boards and newsgroups and report their
problems. But they will be the tip of a largely invisible iceberg.

And finally - why were we not warned loudly and in bold capitals that if we
had RealTek audio devices we should not install this update? It's no use
saying it was mentioned in a KB. You might as well say (as far as most people
are concerned) that it was printed in invisible ink and locked away in a
cellar.

This is a big, BIG lesson for me.

 

[Guest]

I thought there a fix for it here:

http://www.microsoft.com/downloads/...88-3131-429C-8FCB-F7B3B0FD3D86&displaylang=en

NO NO NO! It's this so-called 'fix' that crashed my system and stopped it
from rebooting! That's what this thread is all about!

 

[ANONYMOUS]

This is yet another kb from MS:

http://support.microsoft.com/kb/935448

hth

 

[Robinb]

I am using outlook express and see my original post and alan's and engels
what is up with the website for this newsgroup?
robin

 

[Guest]

This is yet another kb from MS:

http://support.microsoft.com/kb/935448

Thanks for this. Still the same download that's on offer though. I suppose
we watch this space!

 

[Guest]

I am using outlook express and see my original post and alan's and engels
what is up with the website for this newsgroup?

This new post is showing Robin, but the previous one still missing. You're
not stuck in some kind of multidimensional shifting space-time continuum, are
you?

 

[Robinb]

seems they keep updated at that site what else it is effecting
This problem occurs when the following third-party applications are
installed:. Realtek HD Audio Control Panel
. ElsterFormular 2006/2007
. TUGZip
. CD-Tag

I checked all 4 computers here and none (thank goodness) have any
issues. no port issues, no accessories folder disapearing, no problems with
mega programs or games or grpahic programs I have on all 4 computers and
none- so far are any of my clients complaining either. I checked before i
put the patch on to see if they have the Realtek panel and none of them did.
After reading dsl reports site it seems other antiviruses like avast
are showing same issues that avg is.
I still think the whole thing is related to this realtek audio control
panel though

You would think ms would do more testing before they put out a major
patch like this.
robin

 

[Anonymous Bob]

Well, I tried the hotfix that is supposed to fix the RealTek audio bug
associated with the KB925902 security patch.

Alan,

While I hesitate to tell you what to do, I will share with you what I would
do.<g>
1. I would first uninstall the hotfix.
2. I would then uninstall the update.
Both of these can be removed using add/remove programs in the control panel.

3. I would update the Realtec driver.
http://www.realtek.com.tw/downloads...=3&GetDown=false#High Definition Audio Codecs

4. Now I would run Windows Update again.

At least one reboot should be done between each step.

I'm not clear concerning you use of AVG, but the problems I've seen with it
seem to be related to CrystalXP and their Brico packs (graphical
"enhancements").
http://forum.grisoft.cz/freeforum/read.php?1,96341,backpage=,sv=
Please disregard all that announcement except this line:
"If the problem persists, please try to uninstall Brico pack Vista inspirat
1.1, or another used graphic user interface upgrade."

Good luck,
Bob Vanderveen

 

[Guest]

While I hesitate to tell you what to do, I will share with you what I would
do.<g>

Thanks for this Bob - replying in sequence.

1. I would first uninstall the hotfix.

I can't do that, because in order to be able to reboot my computer after the
hotfix smashed it up, I used System Restore to get back to the point just
before the hotfix was installed. But I presume that the hotfix is now
effectively eliminated by the restore operation? It certainly isn't there in
Add/Remove programs now.

2. I would then uninstall the update.

I think I will probably do this - I'm just waiting, first, to get AVG's
reply to my email to see what they suggest.

3. I would update the Realtec driver.
http://www.realtek.com.tw/downloads...=3&GetDown=false#High Definition Audio Codecs
4. Now I would run Windows Update again.
At least one reboot should be done between each step.

I think I probably won't do any of this. Instead, I shall rely on the fact
that AVG seem to have the .ani exploit covered (judging from their comments
on their website), leave this particular patch off my system, and rely on AVG
to protect me. As I said elsewhere, this patch is the most damaging piece of
(effective) malware I've ever encountered, and no way do I trust it.

I'm not clear concerning you use of AVG, but the problems I've seen with it
seem to be related to CrystalXP and their Brico packs (graphical
"enhancements").

I don't think any of that applies to me actually. I don't have any of those
things as far as I know. But still AVG gobbles up 100% CPU usage when I use
my image scanner, and I have an event viewer log full of AVG errors
corresponding to the time I did all this stuff. I wouldn't be surprised if
there's more bad stuff related to this patch that hasn't surfaced yet just
because it isn't obviously visible.

 

[Dave M]

Alan D;

I used this link to test my successful install of the Ms patch, and was actually surprised that Norton intercepted it before anything else happened. You might run a test for AVG once your back to semi-normal to make sure your covered by AVG in the event you don't go the patch re-install route. An unpatched/exposed system will simply crash with this test with no further harm to your system.

Warning: don't run this test unless you're prepared for a system crash:
http://zert.isotf.org/tests/testani.htm

 

[Guest]

Well, I tried the hotfix that is supposed to fix the RealTek audio bug
associated with the KB925902 security patch ... etc. etc.

To the two uncharitable people who marked this post of mine as unhelpful -
bless you both. I hope all your future Windows updates are trouble-free; and
if they are not, then I hope you receive more sympathy than you appear to
offer to others in similar difficulties.

 

[Guest]

Alan D;

I used this link to test my successful install of the Ms patch, and was actually surprised that Norton intercepted it before anything else happened. You might run a test for AVG once your back to semi-normal to make sure your covered by AVG in the event you don't go the patch re-install route. An unpatched/exposed system will simply crash with this test with no further harm to your system.

Warning: don't run this test unless you're prepared for a system crash:
http://zert.isotf.org/tests/testani.htm

That's really useful - thanks Dave.

When you say 'system crash' ... how scary would that be?