liamZ Posted October 20, 2016 Share Posted October 20, 2016 On 18/10/2016 at 10:26 PM, heinoganda said: New timezone update KB3192321 has been released. Info: https://support.microsoft.com/en-us/kb/3192321 there's no info about superseded updates, it's not supose to supersede kb3182203 ???? Link to comment Share on other sites More sharing options...
heinoganda Posted October 20, 2016 Share Posted October 20, 2016 (edited) KB3192321 (Cumulative time zone update) replaces KB3182203! The following entry has been added: HKLM,"%TZROOT%\Turkey Standard Time\Dynamic DST", "2017", 0x1, 4C,FF,FF,FF,00,00,00,00,C4,FF,FF,FF,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 Edited October 20, 2016 by heinoganda Link to comment Share on other sites More sharing options...
5eraph Posted October 21, 2016 Share Posted October 21, 2016 (edited) Additionally, the following entries have changed between KB3182203 and KB3192321: HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones","TZVersion",0x00010001, 02,04,e0,07 --> 00,05,e0,07 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones","KBLast",0x00010001, 02,04,e0,07 --> 00,05,e0,07 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Turkey Standard Time","Display",0x00000000, "(GMT+02:00) Istanbul" --> "(GMT+03:00) Istanbul" HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Turkey Standard Time","TZI",0x00000001, 88,ff,ff,ff,00,00,00,00,c4,ff,ff,ff,00,00,0a,00,00,00,05,00,04,00,00,00,00,00,00,00,00,00,03,00,00,00,05,00,03,00,00,00,00,00,00,00 --> 4c,ff,ff,ff,00,00,00,00,3c,00,00,00,00,00,03,00,00,00,05,00,03,00,00,00,00,00,00,00,00,00,01,00,05,00,01,00,00,00,00,00,00,00,00,00 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Turkey Standard Time\Dynamic DST","2016",0x00000001, 88,ff,ff,ff,00,00,00,00,c4,ff,ff,ff,00,00,0a,00,00,00,05,00,04,00,00,00,00,00,00,00,00,00,03,00,00,00,05,00,03,00,00,00,00,00,00,00 --> 4c,ff,ff,ff,00,00,00,00,3c,00,00,00,00,00,03,00,00,00,05,00,03,00,00,00,00,00,00,00,00,00,01,00,05,00,01,00,00,00,00,00,00,00,00,00 HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Turkey Standard Time\Dynamic DST","LastEntry",0x00010001, e0,07,00,00 --> e1,07,00,00 Edited October 21, 2016 by 5eraph Link to comment Share on other sites More sharing options...
liamZ Posted October 21, 2016 Share Posted October 21, 2016 Hi, thanks for the info. Still strange no superseded info on microsoft catalog for Posready. But now I see that every other OS has the supersede info. Link to comment Share on other sites More sharing options...
dencorso Posted October 21, 2016 Share Posted October 21, 2016 Info on POSReady updates/hotfixes is scanty, anyway, to say the least... Link to comment Share on other sites More sharing options...
Mcinwwl Posted October 23, 2016 Share Posted October 23, 2016 I got'em all, however, .NET 4 update installed for about 20 minutes for some reason. Link to comment Share on other sites More sharing options...
dencorso Posted October 25, 2016 Share Posted October 25, 2016 Well, since nobody posted about it till now, it's up to me to do it, sh here it goes: Woody's warning (and his solution!) in this post on his blog also applies to XP !!! The latest (and last) MRT.EXE provided by MS on August 2016(at the WU/MU site) is actually v. 5.39.12900.0 (the very 1st to phone home) !!! So, be sure to add the registry fix described by Woody (or fall back to the previous version of MRT.EXE). 2 Link to comment Share on other sites More sharing options...
cc333 Posted October 25, 2016 Share Posted October 25, 2016 (edited) Gosh, now I've seen it all... Even XP is affected but MS' shenanigans. Sheesh! And all this time I thought XP would surely be immune, since it's been EOS since April 2014. Guess not! I'll have to apply this fix. I find it ironic that the Malicious Removal Tool is itself (potentially) malicious. I guess it should remove itself then! c EDIT: I've been thinking, and Win2k is starting to look pretty good now, since it has *absolutely* no possibility of becoming infected by the virus that is "New" MS (maybe?).... Edited October 25, 2016 by cc333 Mentioned Win2k 1 Link to comment Share on other sites More sharing options...
Dave-H Posted October 25, 2016 Share Posted October 25, 2016 Surely as MSRT 5.39.12900 is the last one issued for XP, this shouldn't be a concern unless you run it manually. It already ran once when it was first downloaded, so if it does do anything naughty, the damage is already done! It's not going to ever run by itself.........................is it? Link to comment Share on other sites More sharing options...
dencorso Posted October 25, 2016 Share Posted October 25, 2016 It may. Then again, you may want to run it further on. As for the damage... it just sent some telemetry to MS. It seems to be harmless, but one never knows. What is done is done (it happened to me, too...), but what can be prevented... why not? Hence, I consider it prudent to add the registry tweak described by Woody. BTW, I've just installed a new XP SP3 machine (it's not fully finished yet, to tell the truth), and MS got no telemetry from it that is preventable by that tweak. Link to comment Share on other sites More sharing options...
heinoganda Posted October 25, 2016 Share Posted October 25, 2016 MSRT I've never installed on my Windows XP, have Avast and Malwarebytes Anti-Malware in use. I also have an older firewall (Sygate Personal Firewall) installed, which is still better than that of Windows XP. (This at least asks me whether I want to allow a connection with appropriate information what calls and where the packets are sent) Link to comment Share on other sites More sharing options...
niko32 Posted October 25, 2016 Share Posted October 25, 2016 (edited) There are 2 confusing things about this registry hack: 1. At my machine there is no MRT key in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\. So do we have to create subkey HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT and then do the rest: Entry name: \DontReportInfectionInformation Type: REG_DWORD Value data: 1 ...or do we need to put it in some other MRT key in registry (I think there are two of them)? 2. Is dword entry DontReportInfectionInformation or really \DontReportInfectionInformation with backslash? Another thing is puzzling... there are articles on internet how to disable this, even from 9 years ago. Has MRT been phoning home all that time? Edited October 25, 2016 by niko32 Link to comment Share on other sites More sharing options...
heinoganda Posted October 25, 2016 Share Posted October 25, 2016 (edited) no backslash! DontReportInfectionInformation or Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT] "DontReportInfectionInformation"=dword:00000001 for Reg file. Edited October 25, 2016 by heinoganda 1 Link to comment Share on other sites More sharing options...
niko32 Posted October 25, 2016 Share Posted October 25, 2016 @heinoganda Thanks for clarifying that, it is logical, but one never knows. Link to comment Share on other sites More sharing options...
FranceBB Posted October 25, 2016 Share Posted October 25, 2016 (edited) Ok, so... Microsoft received a report at the very end of the scan with our system information and the fact that the Malware removal tool didn't encounter any threat... so... what? I mean, it's not a big deal, is it? It's Microsoft, they shouldn't be surprised that we are still running XP, as I'm sure they already know that we are getting POS updates. Edited October 25, 2016 by FranceBB Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now