Thursday, January 29, 2015

DW Update...

Or rather a downdate :-(...

So we thought if you wanted to play along this time, we are going to keep you updated on what we are doing and if you want to test as well you are welcome to.

#25 failed eventually and we decided to start from the driver and check them one at a time over a one week period.

Even if it fails before the 1 week is up won't matter, we're trying to determine consistency and frequency.

sidenote: For each one...7 files...7 weeks ;-)

Now, some of these files won't fail at all and is expected. It's the file that fails first is the one you are looking for.

They won't be in any order like 1234 etc., sometimes 1 and 2 will fail and 3 and 4 won't, 5 and 6 will fail, but 7 won't and not even in that order.

You'll need to mark the numbers that don't fail because each file is unique. So if 1 and 2 don't fail, mention 1 and 2, but 3 and 4 do. We'll need to know which passed and which failed.

As you know we won't be loading Chrome and we would never load FireYuck, so for those of you that use these programs feel welcome to check against them.

The error as you know is a dllhost 50% CPU increase.

Normal users just keep using what you have.

As for the Techies out there if you have any input that you would like to add to this research or ideas that you think could be causing the dllhost issue please post.

This is a volunteer service no one is getting paid, it's strictly for Ilya and his devotion to security.

Yes, we're a volunteer also and are happy to do it :-)

So, let us begin...
www.softsphere.com/files/temp/1/dwalls.zip

sidenote: The two files Ilya would need are the Exported Log Files from DW (name them Logs) and a Screenshot of dllhost error in procexp.ex_ Send files to support@softsphere.com and put in the subject line dllhost error. Also reference Chrome or Fire...fox, just Fire w/out the ... we just have trouble saying it. We'll do IE. Thanks and Have Fun :-)

As usual, UPDATE AT YOUR OWN RISK!
 How to install:
  1. Download the patch and save to a folder named DW Patch #1
  2. Unzip File to same folder.
  3. Disable HIPS until restart.
  3. Copy and Paste unzipped dwall.sys file to C:\Windows\System32\drivers folder "copy and replace"
  4. Restart

No comments:

Post a Comment