Windows XP SP2 TCP/IP "Patch"

[Heather]

Yep that is all I have running.

I wonder what is causing it? :cry:

Is it only ever caused by a virus or spyware? I only ever get 2-3 of these messages a day.

BTW, I am on a router if that matters?

Edited March 22, 2005 by Heather

[Gowcra]

I feel that some modding ( by the mods) is done in here!

[Frank]

Yep that is all I have running.

I wonder what is causing it?  :cry:

Is it only ever caused by a virus or spyware? I only ever get 2-3 of these messages a day.

BTW, I am on a router if that matters?

585653620[/snapback]

It can also be caused by certain programs EX: Port Scanners, People Claim Bittorrent clients, etc.

[Heather]

Should I be worried?

Could it be mailwasher? It checks my mail while I am on the internet.

[hurting101]

This patch appears to no longer work after the latest (13 Apr) updates.

[krshna]

tcpip version was 2180 and now is 2631. I can?t patch again. Doesn?t work.

[Mastertech]

Which patch exactly does not run?

See if this works:

http://www.lvllord.de/

[krshna]

Sorry for this new post, but i have patched with LvLLord, and works fine with this new version of tcpip.

[Gowcra]

new tcpip? wtf? whats this? :huh: me confused

[Mastertech]

new tcpip? wtf? whats this?? me confused.

Microsoft's Latest Security Update April 12, 2005 changed the TCPIP stack again undoing the speedup tweak. You have to reapply it.

tcpip version was 2180 and now is 2631. I can?t patch again. Doesn?t work.

Which patch was not working though?

[uniacidz]

EvID4226Patch212 works fine.

Try it. Just done it myself.

[hurting101]

EvID4226Patch212 works fine.

Try it. Just done it myself.

585771726[/snapback]

I tried that one as well as the (ancient) sp2tcpfix.rar, but neither of them fix the 4226 error on my end. The patching process appears to work, though.

[fuBar.]

Do not patch things, by hearing other people saying that it is good, show information and explaination to the reasons of its results or popularity.

Edited May 11, 2005 by RCJS

[greg098]

should i 'patch'? or will it wreck my system?

[Mastertech]

It is 100% perfectly safe to patch your system. You can follow the instructions here. All this patch does it revert the TCP/IP setting back to its original value pre-SP2.

[manduck]

EvID4226Patch212 works fine.

Try it. Just done it myself.

585771726[/snapback]

did u apply the patch before the Security Update April 12, 2005 or after it installing the Security Update??? :unsure:

[uniacidz]

http://www.lvllord.de/

That will answer your question

[Mastertech]

The latest patch works fine after installing the update.

[manduck]

im just formatting my comp...lets see if it works before the update or after the update....otherwise i will format it again....!!!

[Mastertech]

This setting is reversible and you do not need to reformat to restore it. It works before the update and after. If you do it before the update and then apply the update you will have to run it again because the update sets it back to 10. Here are Instructions on how to set it back to "unlimited". It is very safe to do.

[pingu7931]

Whatever you guys say it definitely speeds up Bit Torrent client downloads. I agree it shouldn't but it does.

There is a security risk if you don't have if you have decent firewall (Zone Alarm, Norton etc.) and Anti-virus software. If you don't DON'T PATCH IT! If you do MAKE SURE YOU KEEP THEM UP TO DATE - AUTOMATICALLY IF POSSIBLE.

ALSO IMPORTANT: Make sure automatic updates is enabled! Even if this breaks the patch! If an update does break the patch check back with LvlLord for an updated patch. Be patient and keep the Microsoft version until there is an update patch.

I've read this forum and can see both sides - end result is it's up to you. I'm a network programmer (C/C++) with 15+ yrs experience. Yes I can see why Microsoft put this in but I haven't disassembled it myself to see what it's really doing. However unpatched it definitely slows Bit Torrent client downloads by at least 30-50% for 3+ concurrent downloads. I know it shouldn't theoretically but the fact is it does.

Decent firewalls and anti-virus protect you against worms spreading anyway - PROVIDED THEY ARE KEPT UP-TO-DATE!

I hope this post finds the middle ground in the argument I have seen raging in this thread.

[Mastertech]

The Security Myth.

I'll try explaining this again. This limit ONLY "theoretically" affects how fast you spread a virus to other people. It does nothing to protect you, since you already have to be infected for the limit to take affect. Now if a virus has infected you, how much effort is it for the virus writter to change this limit itself? Thus why I think it is useless.

Changing this limit does nothing to protect you from anything. Now by all means if you want to promote some sort of Internet good will, then leave the limit in place. You are betting on not only getting infected but by an older virus as well.

A much better use of your time would be to keep you system up to date with all known security patches, an updated AntiVirus Program and either the XP or third party firewall turned on. This limit was added IMO for completely clueless users who never patch or use AV.

So please do not think that by not changing this limit you are somehow protecting your PC more.

Edited May 22, 2005 by Mastertech

[MtnDewCodeRedFreak]

Tsk.

[John Veteran]

Now if a virus has infected you, how much effort is it for the virus writter to change this limit itself?

585956594[/snapback]

It would be a lot of work. First, the file would have to be edited. Meaning the virus would have to plan for every version of the file, since they have different hex locations. Second, WFP would have to be disabled. Third, the machine would have to be rebooted for the file to be reloaded by the system. That's a lot of work for a virus to get around the limit, and a reboot would be quite noticable by the end user...

[Mastertech]

Or it could simply replace the file outright and lock the system up, forcing a reboot. Once a virus has full system control there is not much it cannot do.

BTW if Microsoft can get around the system file warning during updates so could a virus.