I would love to have a memory dump from the BSOD emailed to me off list and I will analyze it for whoever needs it.
"From The Sunny Side Of The Street!" Cliff P. From: Marc Maiffret [mailto:[email protected]] Sent: Friday, February 12, 2010 3:17 PM To: NT System Admin Issues Subject: BSOD MS10-015 I know it was mentioned here before but it has now been confirmed through multiple sources that the blue screen issues that are happening as it relates to MS10-015 are because of rootkits be installed on machines. So for those of you whom posted, or whom have seen it in your environment, that your system is blue screening after this patch there is a high degree of certainty that your computers are in fact compromised and backdoored with a rootkit. I would not simply just wipe and reimage a machine but investigate a bit to know what may or may not have been stolen from your organization etc. I am still looking for a few live systems to play with so if you had a system with this issue or are having a system with this issue I'd be happy to take a look for you. -Marc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
