Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by GregLauver

  1. I just thought of something easier that is less dependent on the OS version:

    Click the Start button > Command Prompt > type VER and tap the Enter key

    1. Show previous comments  1 more
    2. GregLauver


      Sorry for the delayed response; the K Forum did not relay your PM, so I didn't notice it until someone updated the Meltdown/Spectre topic.

      Whether or not Kaspersky can protect us may depend upon how some jester might try to exploit the vulnerability; but I'm guessing K would not see it.  Here is why I think that.

      At the lowest level, you have hardware: the chassis, connectors, wires, gears, doors, capacitors, resistors, transistors (chips), drives - all the stuff you can physically handle and weigh.  But all this is just inert paperweights unless there is a way to make it respond to your Intent.

      That begins to happen in firmware, an electromechanical bridge which can pass simple instructions and responses between hardware and the operating system; but we're still not "there" yet.

      In order to avoid the need to create a specific OS for each hardware configuration (imagine infinite incompatibility), a more generic OS can learn enough about the hardware to create a hardware abstraction layer, a way of packaging specifics about similar devices so the OS can use whatever capabilities an optical drive may have without being hard-coded for those specifics.  Think of the HAL as virtual hardware:  it's usable in every way that hardware is used, and it makes the hardware echo what it's doing, but it's a ghost like everything above it (simply encoded ideas and instructions).

      The operating system is the interface, more or less, between the machine and you (and the world); although, recently, an OS is more often used as a smart platform for applications (apps , a.k.a. software) which in turn interface between the internals and you (and the world), because the internals (that retain market share) have generally become stable and reliable.

      So your computer is a stack of layers: hardware, firmware, OS and HAL, apps, (you,) network.  If each is properly designed:  Apps can sense the OS and control it to varying degrees.  The OS can sense and control firmware and apps.

      Kaspersky (and other vendors) provides security apps (software) designed to defend your OS and good apps from bad apps; i.e. they protect the system at the OS layer and outward (discounting human error).

      Meltdown is a flaw in the basic hardware; so instead of asking you to wait until a flaw-free hardware CPU is available, and then to either replace the flawed CPU or buy a new computer because the new CPU is incompatible with existing hardware (and firmware, OS, etc), the CPU makers are providing new firmware that "works around" the flaw so it cannot be exploited.  This in turn makes it necessary to adapt the ephemeral layers above firmware to accommodate it.

      So the reason you have not seen the answer, in the form that you were expecting, is that the answer is basic "Computer 101" stuff which would be considered "off-topic" in the K Forum for various reasons ...

      First, the Forum is mainly for helping people with K product issues under ordinary circumstances.  Meltdown/Spectre are extraordinary circumstances outside of Computer 101 (let alone the main purpose of the Forum), about which too little is generally known - resulting in wild speculation and nonsense (or at least off-topic) posts.

      Second (as you have probably observed), if someone begins sharing Computer 101 stuff in any forum, it becomes a magnet for a gaggle of neophytes wanting free help for anything from printer paper jams, to Twitter feeds, BSODs, car insurance, and origami.  When all of that is well-stirred, then come the posts claiming "My uncle's sister's boyfriend's mother's landlord's ugly dog made $20T last month working from home on his computer. Click here."

      Third, on most computer-related fora, there is usually a clique of members - tech gurus in their own minds - who would either be indignant about the asking or answering of "childish" questions, or would swagger into their own off-topic-land with a flurry of debate and "oneupmanship".

      Fourth, there is a very limited supply in this world of people who possess enough altruism, knowledge, levelheadedness, patience, stamina, and tolerance to be forum moderators.  With effort extensive and real, and reward bordering on imaginary, you can bet the forum guidelines will be straight and narrow.

    3. mikethebike


      Thanks Greg for your reply which was both amusing and a little harrowing at the same time. I can understand why richbuff stopped the thread for a while. It was getting away from K related items. I had quite quickly found my processor type and model thanks to one reply and that, as far as being unrelated to K instruction was concerned,  was that but the diversion took on a life of its own unfortunately.

      My continuing issue is: I have no idea despite extensive searches on the internet as to whether I have the correct patch from Microsoft that prevents Spectre. I have an AMD processor which apparently is not vulnerable to Meltdown.

      I certainly have one of the two Microsoft KB files mentioned by Gniblett for Windows 7( my OS) but I am unsure if I am waiting for Microsoft to supply another update for AMD processors. When this update arrives will it be obvious that it is aimed at Spectre by its title?

      In the photo-copied attachment supplied by Gniblett there was mention of having to go to the processor maker, presumably in my case AMD and also upload fresh drivers as well. In other words the Microsoft patch by itself when it arrives and assuming it has not arrived yet, will not be full protection and I have to do some work myself. 

      I have looked at the AMD site and found it impossible to work out what I needed to seek for. It may be that at this stage AMD is still working on the issue so there is nothing there yet but I could find no reference to its schedule on its range of AMD processor and Spectre cures.

      I don't surf the Net, don't go to strange sites, don't open unknown attachments etc so it may be that my chances of being hit are remote. It was difficult to work out quite how much I should worry. My only real vulnerability, like almost all the population today, is online banking and I use K Safe Money there but how much protection it gives against Spectre I have no idea.



    4. GregLauver


      I just read your last message.  Keeping in mind that most of my time is devoted to keeping my 99yo mom (with all expected ailments) on-planet, I will see what I can find.  It will help if you collect specs on your processor, OS version, AMD's website address, and whatever else you've got in one place to reduce "detective" work.  We can also skip delays-by-happenstance by going to email.  Mine is GregLauver(at)msn.com - please use it only for 1-1 coms (no group messaging) and share it with no one.  Make sure your first email begins with "mikethebike" in the greeting line.

      About your safe-browsing habits:

      Your chances of being hit are remote on most days on the sites on which you have not yet been bitten.  Not to induce panic, but ostensibly good sites may use ad rotators, which commonly serve ads from third-party sites (generally trusted by the second parties that you trust), which in turn may get them from (possibly trustworthy) fourth parties, etc, and you can see where this is going.

      It has already been news (I'm currently too lazy to look it up) that malware has bubbled up through the ad-chain into some of those little few-square-inches side-bar ads on otherwise trusted sites, and whacked people.  A beneficial result (the news was huge and ugly) is that the trusted sites have become far more careful in vetting the ads they serve from external sources; but "nobody is perfect" (and I am a nobody, therefore I am perfect).  And this is why we each still need our own personal fences and guard dogs.

      Can you get infected if you don't click stuff?  Yes, it's called a "drive-by download", and the web page code might look like this:

      	<html>     <!-- Web pages are made of HTML elements coded as "<tags>". -->
      	    <head> <!-- When you load a page, its contents run in your browser. -->
      	            // JavaScript code could open malware file "virus.php"
      	            // (but you're safe because .CON does not exist).
      	        The Body typically contains what you see on-page. If you were to copy this chunk of code from &lt;HTML&gt; to &lt;/HTML&gt; into file "test.html" on your desktop, and then double-click it, this paragraph would appear in your default browser, and there might also be an error message saying that evil.con failed to load (if your browser is set to display all errors). You can see the code behind most web pages by right-clicking an empty spot in the page and then selecting "View Source" from the context menu. Yes, it looks awful on the inside, unless you like code.
  2. @mikethebike - Microsoft has already determined that KIS is compatible. You've been awaiting an OS update that is compatible with your AMD processor. I notice the link in my previous post now redirects to the renamed article: https://support.microsoft.com/en-us/help/4073707/windows-operating-system-security-update-for-amd-based-devices that begins "Microsoft has now resumed updating all AMD-based devices ..." - and updated 2018/01/24 Did Microsoft update you on the sly? Settings > All Settings > System > About > look at Windows Specifications If the version is 1709 and the OS Build is 16299.192, then you're good. If not ... Have you tried manually running Windows Update? Settings > All Settings > Update & Security > Check For Updates If there's still no joy, we can look at your Windows Registry after you've had lots of rest and coffee, in that order. You could actually do this yourself based on notes earlier in this topic; but if you're unfamiliar with the registry and the dire warnings that go with it, then you should wait for guidance or a get trusted assistant.
  3. This article may be useful, and may even be kept current: "Windows operating system security update block for some AMD based devices" https://support.microsoft.com/en-us/help/4073707/windows-os-security-update-block-for-some-amd-based-devices
  4. @mikethebike Follow Action Center (normally at the right end of your taskbar) > All Settings > System > About > look at Processor Be aware: W7 is affected just because it runs on an affected processor.
  5. News: "Microsoft halts AMD Meltdown and Spectre patches after reports of unbootable PCs - blames AMD's documentation" https://www.theverge.com/2018/1/9/16867068/microsoft-meltdown-spectre-security-updates-amd-pcs-issues For now, Microsoft is preventing AMD PCs from receiving updates and becoming unbootable.
  6. This is not "the issue". When I looked at the machine I use constantly (which is therefore updated constantly), its registry HKLM subkey had both the correct value and its own cadca5fe... subKey by the same name. Then I became curious and fired up my notebook to look at the registry, and found what you described. Since it had not been updated for a few days, KIS2018(f) complained that it was out of date; so I ran its update, rechecked the registry, and found the correct value newly added.
  7. @JGAta2 - This issue was discovered at least a couple of months ago; it's now "breaking news" only to the public. Some lag may have been added to accommodate third-party security vendors, or Kaspersky's January 9 estimate may have been based on intel available on December 29. In any case ... (1) There is no evidence that this issue has yet been exploited in the wild. (2) Given the chaos and the scale of the rapid responses, it seems too soon to assume that applications and/or promises have been broken. Give it some time.
  8. To later posters who are worried about not getting a Windows Update yet: drgaz gave you a good answer in the second post at the top. Read https://support.kaspersky.com/14042 and expect your Windows Update no sooner than January 9.
  9. I've got KIS v18.0.0.405(d). You can wait for an official solution, if the messages don't bother you too much; else you can try the solutions posted in this topic.
  10. I did not try his method on my x64s because my earlier method (MS Disk Cleanup + System Files) worked for them; but not on my x86, where his method also did not work. That led me to carefully reconsider the evidence, and then to the Windows Notifications for the Settings app, and simply turning it off and back on. (No need to turn off KIS features, or reinstall KIS, or reinstall my OS. Did not even need to reboot.) By itself (without any other method), neither closing the message in the Action Center, nor rebooting - either separately or together - will stop the reappearance of the nagging prompt. This is basically why people are frustrated: these are the most obvious courses of action, and they don't help.
  11. The issue appeared in 3 PCs: after auto-update of KIS2017 v17.0.0.611(e) to KIS2017 v17.0.0.611(f) and after properly reinstalling KIS2017 v17.0.0.611(f); after auto-update of KIS2018 v18.0.0.405(c) to KIS2018 v18.0.0.405(d). Systems and Device Manager Events when updating to v18.0.0.405(d) ________________________________________________________________ 1 PC: Windows 10 Home v=1703 OSbuild=15063.674, 64-bit OS on x64 processor 2017/10/13 05:49:44 Device ROOT\SYSTEM\0002 was deleted. Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} 2017/10/13 05:49:45 Device ROOT\SYSTEM\0002 was configured. Driver Name: oem46.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Driver Date: 09/30/2017 Driver Version: Driver Provider: Kaspersky Lab Driver Section: klhkInstall Driver Rank: 0xFF0000 Matching Device Id: ROOT\KLHK Outranked Drivers: oem10.inf:ROOT\KLHK:00FF0000 Device Updated: true Parent Device: HTREE\ROOT\0 2017/10/13 05:49:45 Device ROOT\SYSTEM\0002 was started. Driver Name: oem46.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Service: klhk Lower Filters: Upper Filters: 2017/10/13 05:49:45 Driver Management concluded the process to install driver klhk.inf_amd64_e484f06fdc5d2f4f\klhk.inf for Device Instance ID ROOT\SYSTEM\0002 with the following status: 0x0. ________________________________________________________________ 1 PC: Windows 10 Home v=1703 OSbuild=15063.674, 64-bit OS on x64 processor 2017/10/14 03:39:44 Device ROOT\SYSTEM\0002 was deleted. Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} 2017/10/14 03:39:46 Device ROOT\SYSTEM\0002 was configured. Driver Name: oem14.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Driver Date: 09/30/2017 Driver Version: Driver Provider: Kaspersky Lab Driver Section: klhkInstall Driver Rank: 0xFF0000 Matching Device Id: ROOT\KLHK Outranked Drivers: oem4.inf:ROOT\KLHK:00FF0000 Device Updated: true Parent Device: HTREE\ROOT\0 2017/10/14 03:39:47 Device ROOT\SYSTEM\0002 was started. Driver Name: oem14.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Service: klhk Lower Filters: Upper Filters: 2017/10/14 03:49:47 Driver Management concluded the process to install driver klhk.inf_amd64_e484f06fdc5d2f4f\klhk.inf for Device Instance ID ROOT\SYSTEM\0002 with the following status: 0x0. ________________________________________________________________ 1 PC: Windows 10 Pro v=1703 OSbuild=15063.674, 32-bit OS on x64 processor 2017/07/26 23:15:00 Device ROOT\SYSTEM\0002 was deleted. Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} 2017/10/15 15:17:57 Device ROOT\SYSTEM\0002 was configured. Driver Name: oem25.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Driver Date: 09/30/2017 Driver Version: Driver Provider: Kaspersky Lab Driver Section: klhkInstall Driver Rank: 0xFF0000 Matching Device Id: ROOT\KLHK Outranked Drivers: oem5.inf:ROOT\KLHK:00FF0000 Device Updated: true Parent Device: HTREE\ROOT\0 2017/10/15 15:17:57 Device ROOT\SYSTEM\0002 was started. Driver Name: oem25.inf Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318} Service: klhk Lower Filters: Upper Filters: 2017/10/15 15:17:57 Driver Management concluded the process to install driver klhk.inf_x86_e5bd40572cc65047\klhk.inf for Device Instance ID ROOT\SYSTEM\0002 with the following status: 0x0. END
  12. Alternate solution: If we look at the screenshot in @NeatNit's post here: showing we see that the prompt is actually issued by Windows 10's Settings. If it were issued by Kaspersky, the prompt would instead be preceded by the K logo (unless you have disabled icons in notification settings). Briefly: My previous solution worked on my Windows 10 Home 64bit PCs, but none of the contributors' solutions in this topic worked on my Windows 10 Pro 32bit PC. I began to get the feeling that the driver for Power Events Provider had already installed correctly, but the prompt to restart had simply not been removed (cancelled) after successful installation. I checked Start > Device Manager > View > Show Hidden Devices > System Devices > Kaspersky Lab Power Events Provider > Properties > Events tab > and yes, the driver was successfully installed during my most recent installation of Kaspersky. So I opened Action Center > All Settings > System > Notifications & Actions > scroll below "Get notifications from these senders" to Settings > click to disable > click to enable > done. And the offending prompt is gone.
  13. This topic now spans 2 pages, wherein the mods have recommended that you provide a GSI report and other users have offered 4 different solutions, none of which involve the hassle and disruption of reinstalling your OS. Please study both pages of this topic and try what has been recommended.
  14. That is correct: for users who have this problem, the message persistently returns. It may go away for a few seconds or minutes, but then it returns.
  15. The converse is true: Fast Start substitutes Hybrid Sleep for a real Shutdown. Restarts, manual or not, go completely down. Reference: howtogeek.com/243901/the-pros-and-cons-of-windows-10s-fast-startup-mode/
  16. I wouldn't assume it's a bug in patch F. Each new version of Windows 10 appears to lay down a full 3GB OS. I am surprised that so few pieces of non-MS apps "fall through the cracks" - most of my existing installs seem to remain intact from version to version. A proper install includes an uninstaller, often tailored for your system, and a registry entry to bookmark its location. When an uninstall requires a system restart, it's usually to remove or swap objects while they are not in use. My guess is that this couldn't happen because some new version of Windows misplaced some of the details. Because vBDKv, Lightstylez, and I were able to solve it, it was probably a Windows bookkeeping error. Because it remains solved for six user account swaps, shutdowns, restarts, and full power-offs of my two local systems, it's probably not a bug in patch F.
  17. @Lightstylez - and there it is! I looked for it there, before I tried my solution, and saw nothing.
  18. OBSERVED: I was running KIS2017 v17.0.0.611(e) in Windows 10, then got WX Creators Edition, then got KIS2017 v17.0.0.611(f), then got the persistent notification to restart to install K Power Events Provider. TRIED: I downloaded the latest KIS2017, then saved my settings and removed my current installation, then installed the new version, then restarted, and still got the restart notice. I imported my old settings: no change. Checked system error logs: nothing obvious. TRIED: This thing seemed like a lost dog, because everything was working properly, so - remembering the old days of installations stuck in limbo - I did some housecleaning with Microsoft Disk Cleanup (cleanmgr.exe), twice. On the first run, I selected (among other choices) "Downloaded Program Files" and "Temporary Files". No joy - still got the restart notice. SOLVED: On the second Disk Cleanup run, I clicked the "Clean Up System Files" button, then selected (among other choices) "Device Driver Packages", which claims "This task will remove older versions of drivers that are no longer needed." The subject restart message is gone.
  19. Possible cause: you are sending in (e.g.) HTML format, but your recipient only accepts (e.g.) plain text. Found at: Mozilla Possible solution: TB offers a setting for outgoing format per recipient. HTH
  20. As I understand the word "critical", it means "real threats". The option to disable the reporting of non-critical events is there for good reasons: to record just the stuff that matters, to keep your log files to manageable sizes, and to avoid inundating you with unnecessary information. Search for "*.log" on your C-drive and start reading - you will see a huge amount of information you don't need to know. It's understandable that you might be concerned how this may seem to reflect on your web site and other sites you trust. Take Google for example. It's a very large service used by a very large population - some of them are nice people and some are not. Even the best tools can be used for bad purposes (don't get me started on Facebook). Maybe you have heard of Google's Safe Browsing Diagnostics? Just for fun, check out the report on Google itself: http://www.google.com/safebrowsing/diagnos...site=google.com So yes, it can be. Go to http://urlvoid.com/ to thoroughly test a domain or subdomain. As long as Kaspersky is in charge, and you have no active threats, and your web site's IP has no evil moochers, you've got no worries.
  21. Pick any two resource-intensive applications and run them concurrently and you will find that your OS tends to favor one. For example, make a copy of a large file such as a disk image, then start a copy command for each file to copy it from the same source location to another same destination. Same command, same file, same locations, but you will probably see unequal progress. From personal experience, I can tell you that KIS is not a "linear thinker". Since it runs my XP box harder during updates, I used to wonder if it would be too busy to handle trouble. I also volunteer on Web of Trust. One day I opened an evil web site while KIS was updating and something nasty dropped on my machine. KIS hit it like a rattlesnake without the least drop in update activity - using Glint CPU graph with top apps percents. Also after installation, modern security software tends to learn what's normal on your computer - something a temporary "house call" product can't understand. During one of my last interactions with TM support, they insisted I run their HijackThis tool and then delete all suspicious detections. My only issue was with the inability (a broken feature) to exclude a known good application from false detection. HijackThis did *not* detect the app, but it *did* detect components of TM's own software. And so, following their advice, I removed the offending software, bought Kaspersky, and never looked back. McAfee and Norton have experienced similar fates. One more thing. If you run two AVs together, it can be like two players trying to catch one ball. You can get collisions and the ball can be dropped entirely.
  22. All FYI: I installed a series of Windows/Microsoft Updates, including for .NET Framework, on my Windows XP SP3 system 3 days ago - 2011/08/12. Since then I have repeatedly had Internet connection errors when running Windows Live Mail, KIS2011 updates, and/or attempting to open multiple web pages in the same session. Numerous small tweaks, reinstalling devices, and restarting programs or the computer have had minimal and temporary effect. Three hours ago, I had the SysInternals TCPview window open just when KIS2011 attempted to update. Immediately, many connections were created by the "System" process with remote address "localhost:nnnn" - around 3-4 per second, up to about 100+ connections, at which point KIS2011 reported "Update task failed. Connection terminated." and the number of connections gradually fell to normal. I was able to repeat this a couple more times, and I noticed similar activity when running Live Mail. When I opened Windows/Microsoft Update, it presented 2 "optional updates", totalling over 38MB for .NET 4 "to address issues and stability, etc". After the updates were downloaded and the System Restore checkpoint was created, the installation took an inordinate amount of time and CPU power accompanied by copious fan noise. Twice I thought the installation had stalled, but it finally finished over a half hour later. I got the impression that .NET 4 was being completely replaced. After a restart, my Internet connections are behaving normally.
  23. It appears you have MalwareBytes running automatically. Try setting it to Manual (on-demand), then restart the computer. You have many installed programs, services, and drivers. Wait for further analysis from a forum moderator.
  24. Italianstallionxx, Along with the other recommendations, a failing CMOS battery can cause enigmatic hardware problems. Replacing it is an easy and cheap test.
  • Create New...

Important Information

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.