Tribal Cash
-
Posts
29 -
Joined
-
Last visited
Posts posted by Tribal Cash
-
-
That worked. Clicking on properties then 'change icon' it says 'can't find' etc but when that popup is closed there is the option to change the icon to anything.
The bottom icon is fixed now, but out of curiosity I will leave the two desktop icons as white squares to see if they ever fix themselves.
I'm still concerned about why Google has inordinate power over other programs like Kaspersky.
It is a trivial issue compared to the 'public key cryptography' scam which gives a government complete access to everything, but it is still uncomfortable.
I would 'mark as solution' your comment but that option is not anywhere on your comment, as it sometimes is on other comments.
Thanks
-
Was hoping the cache would refresh by itself eventually, but after a week Kaspersky is still the only program that does not have an icon.
Also the main 'Kaspersky Total Security' icon reappears when it is unpinned then disappears again when pinned.
-
TLDR Just going to leave Kaspersky without an icon and wait to see if it fixes itself but I am uncomfortable with the fact that only the Kaspersky icon disappeared after uninstalling Google Chrome and reinstalling it. I understand all antivirus companies are closely connected to Google, but Kaspersky should be less so, in my opinion.
"ie4uinit -show" did not do it, so went to step 2 and followed the instructions at https://answers.microsoft.com/en-us/windows/forum/all/deleting-the-iconcachedb-file/1f47e9ea-21d1-4c5a-9985-3d076bfd6606
The first suggestion "
-
Open File Explorer and navigate to the following folder:
C:\Users\%username%\AppData\Local\Microsoft\Windows\Explorer - In the Explorer folder, you will see a lot of files with the iconcache name. Delete all of them."
does not work, it says those files are in use and cannot be deleted, so went to second
"
- Open elevated Command Prompt. (Win+X > Command Prompt (Admin))
-
Type the following command, and then press Enter:
cd /d %userprofile%\AppData\Local\Microsoft\Windows\Explorer attrib –h iconcache_*.db del iconcache_*.db start explorer"
tried that exact command with the correct user profile and many variations of the command and it did not work.
So then found https://www.thewindowsclub.com/rebuild-icon-clear-thumbnail-cache-windows-10
"
If you find that you are unable to delete these files, do the following.
First, close all open programs. Next, open Task Manager, look for the process Windows Explorer, right-click on it and select End process. Next, from the File menu > select Run new task. Type cmd.exe, check the Create this task with administrative privileges box and press Enter."
"
Now type the following commands one after the other and hit Enter:
cd /d %userprofile%\AppData\Local\Microsoft\Windows\Explorer attrib –h iconcache_*.db del iconcache_*.db start explorerThis will rebuild your icon cache in Windows 11/10.
If you want to delete and clear the Thumbnail cache, you will have to follow the same procedure as mentioned above, but finally, use these commands:
cd /d %userprofile%\AppData\Local\Microsoft\Windows\Explorer attrib –h thumbcache_*.db del thumbcache_*.db start explorerwhich has a suggestion if no other options work, so it looks like that is necessary, but that's a little too complicated so I will leave Kaspersky without an icon.
TLDR Just going to leave Kaspersky without an icon and wait to see if it fixes itself but I am uncomfortable with the fact that only the Kaspersky icon disappeared after uninstalling Google Chrome and reinstalling it. I understand all antivirus companies are closely connected to Google, but Kaspersky should be less so, in my opinion.
-
Open File Explorer and navigate to the following folder:
-
Chrome works and Cloudflare has updated now which is great, but no matter what I do the Kaspersky Total Security icons everywhere are white squares still. Even in the Windows 'all apps' window, and the usual trick of unpinning then repinning the app at the bottom of the screen has no effect. Kaspersky is a white square when it is pinned, then unpinned it has the normal green pentagon image then pin it and it again becomes a blank white square.
The effect that Chrome has on Kaspersky has me concerned.
-
For the last week I've been trying to update Cloudflare WARP but get a message "xxx.tmp is not a valid Win32 something". Til this week it always updated fine.
This morning I saw a warning on Kaspersky and it said Resolve with some choices. "C:\Users\*username*\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_005f4c" was a legitimate program that could be used maliciously" or something.
I decided to delete it. Then Google started going haywire and I totally uninstalled Chrome, including user data, and reinstalled it.
When it was reinstalled all the Kaspersky Antivirus links were whited out but the Kaspersky VPN and Password manager had proper icons still.
Chrome even after reinstall does not work as before. It takes 100% cpu for a long time then after closing about 30 tabs in task manager and still 100% cpu after closing for a long time.
Another oddity, after a scan Kaspersky had searched the "windows.old" folder and said it couldn't search some common folders like documents, pictures etc because they were password protected. I've never password protected any of the folders.
It looks like another clean install unless I can figure out how to get Chrome back to normal, but I am concerned about why Chrome which I distinctly do not trust has some connection to the Kaspersky icons and causes them to disappear when Chrome is uninstalled.
-
One more point I'll add then I'll drop it finally.
A technical point.
The update sequence is a little different when a computer has the 'managed by your organization' flag.
~Normal sequence~
1) update, computer says it needs to restart
2) restart computer
3) everything finished
~'managed by...' sequence~
1) Update, computer says it needs to restart
2) restart computer
3) computer again says it needs to restart
4) restart computer a second time
5) everything finished
For example
1) Yesterday I got a notification that "Intel - SoftwareComponent - 7.9.1.3" was installed and the computer needed to restart
2) restarted
3) After restart, again immediately needs another restart
4) Today a notice that "Intel - Extension - 7.9.0.0" needs the computer to restart for installation
5) restarted a while ago
6) Immediately after restarting, again computer needs to restart immediately
Same thing happens with Windows updates.
7) After the last restart go to regedit and delete forcelist entry, see photo
8 everything finished
Now I drop the matter
Somebody will solve it at some point
Edit to repeat the point, It happens regardless what settings or software you have. Happens whether you are using Mcafee, Norton, Kaspersky, etc happens after all software including Chrome has been removed, etc etc
-
On 1/3/2023 at 12:46 PM, murat5038 said:
I'm sorry if I couldn't explain or understand because I don't know much English.
On the Chrome and MS side, there are deficiencies in the statement explanation sections based on what you said. I know that there are similar ambiguities in different places. Instead of "managed by your company", a statement like "managed by software" could have been made.
If the reg part comes back in the last part, the problem is not fixed, it indicates that the malware or software that changed this registry entry is still active. If this warning does not appear but reg records are coming, this is a normal situation.
You know English better than most people in English speaking countries, and if you speak another language than you know twice as many languages as almost everybody.
Agreed that there is a deficiency in the phrase "managed by your organization", but more serious is the fact that until I reinstalled Windows I was not able to remove the registry entry chrome 'forceinstallist'. It would reappear every time the computer was restarted. Now it only reappears after each Windows update.
Anyway, I'll drop this issue since it has existed for years and nobody on any site has a solution. Thanks for taking time to try and fix it.
-
2
-
-
Another much stranger example.
Starting from the same website, but offline, some text was copied from the blurb about the article
https://www.naturalnews.com/2023-01-01-aussie-physician-drops-dead-covid-vaccines-kids.html
This was a) offline, and b) right clicking in the text to create a context menu to do a Google search of some highlighted text. When the "search on Google" context menu option was selected the popunder opened with the following address
I don't know where that leads, not even curious, but the impact on the computer i.e., cpu is so obvious that it looks like the intent is to discredit the original site that is serving these popunders. Just a guess
-
22 hours ago, murat5038 said:
It's not a bug because some software wants to get more authorization, which takes advantage of MS and changes the settings. (Virus, System tweak software etc.)
The other side of this problem is that you can use it for small office or etc. IT consultants, IT managers etc. they want to protect the settings they do not want to change with the configuration in this way and can resort to such methods.Thanks, but I was referring to a different aspect of it.
I understand that
a) there are times when it is necessary or appropriate to control the parameters of software on a browser,
and
b) there are times when a browser in being managed by an employer or other organization, and that fact should be stated,
but, as many people have pointed out on many online forums for at least several years, those two scenarios do not overlap in the way Microsoft is trying to overlap them.
The specific example in this case, and in the case of many commenters online, involves a statement on Chrome that "Your browser is controlled by your organization" which is an explicit way of saying that there is a group of people who decide what is done with the browser etc rather than objective decisions made by software, like Kaspersky, and combined with the decisions of the owner of the computer.
My point is simply that there must be some reason that this deception is allowed and/or encouraged.
The net effect is mainly psychological, as far as I know, I have no idea about most technical stuff, but generally anything that can be accomplished by deception is better done another way.
The secondary possibility is that it is not deception by Microsoft, and that there is some malicious actor, referred to as an 'organization' in the browser flag.
Edit to add, reminder, the unusual thing I added to the conversation several posts ago is that there is no software that can be removed, and no setting that can be restored to default, to remove the issue. I had removed literally every piece of software from the computer including Windows updates, aside from 'service stacks' which could not be removed, and reset whatever I could, and still the registry entries would reappear when I restarted the computer.
-
1
-
-
Here is an example.
Go to the site
“https://www.whatreallyhappened.com/NEW/”
and click on an article.
A significant percentage of the time you will get a hidden pop under that you don't see until the main Chrome window is closed.
~Kaspersky forum will not let the pop under link be posted so it is not included in this post~
Also your computer will go up to 100% cpu until you close Chrome and re open it.
-
Here is an example.
Go to the site
“https://www.whatreallyhappened.com/NEW/”
and click on an article.
A significant percentage of the time you will get a hidden pop under that you don't see until the main Chrome window is closed.
“https://api.apptap.com/link/buy/android/tile.thinkapollo/e1?clinkID=xKX18oO-j-Rqc0uH8_87eP_7T6l7OiCMopcJj7BWeNi6x_PFxSflPTZFdfc_UyTz3tF2IAHb&pubID=hvCtqYD-3KZQdRyWz_0wQ_3wUg&siteID=l_G0tcL80qkbbEuH-eIwROo&placementID=21811&trackingID=20b6be7f-9193-434c-a1b8-3d8fb2cb3318&creativeID=125181&loc.country=US&pub.placement_id=104993&partnerCampaignID=0500256_thinkapollo_US_NABOO_United_States_Leave_Behind_1&partnerCampaignID=53145&pub.city=Fairbanks&pub.sub_source=Conservative+News&cost.cpm=5.737654”
Also your computer will go up to 100% cpu until you close Chrome and re open it.
-
In the last week or so suddenly neither Kaspersky nor Chrome are blocking pop unders.
After a while it becomes strange that the computer is using high resources.
On closing chrome main window a person sees a smaller sub window that had been hidden by the main window.
Usually it is for a travel site or some other similar thing.
Ten years ago this used to be common, but then those 'popunders' were blocked for a long time, now they are back.
Any explanation why Kaspersky and Chrome do not block them?
-
On 11/22/2022 at 1:37 AM, murat5038 said:
You can try a system restore if it first happened after using a tweak or unknown software.
If Kaspersky is up to date, run a full scan, if no malware is detected, do the following:Open regedit with the win+r key combination.
Check these ways:
HKEY_LOCAL_MACHINE\SOFTWARE\Policies
HKEY_CURRENT_USER\SOFTWARE\PoliciesIf you see a value called Google and Chromium just below these paths, delete it.
C:\Windows\System32\GroupPolicy
C:\Windows\System32\GroupPolicyUsers
Delete the contents of these folders.Restart the system and check.
Thanks, I usually delete the Chrome policy in regedit. The problem though is that Microsoft is a big company, and it seems odd that they would let such a hugely inaccurate piece of information on the computers of millions of people.
The computer is a personal computer not an organization's computer. Thousands of people have mentioned the problem so millions probably have it.
To leave such an inaccurate flag on so many computers Microsoft must have a motive?
-
It has been gone for several days, but just did a display driver update and after restarting the computer the registry again has the extension install forcelist entry.
It's odd that so many people have this issue and there is no solution that lasts more than a few weeks.
-
More to add.
1) Kaspersky, under "More tools" and "clean and optimize" and "browser configuration" lists only one browser, internet explorer, which is discontinued.
2) My Chrome browser had "managed by your organization" for a long time. Once I thought I found a way to remove it but it came back.
A few days ago I was not able to update my computer, nor reset it, nor upgrade to Windows 11. So I began removing programs, and also looking for the cause of "managed by your browser".
After removing all programs and all apps, including Kaspersky, the registry entry still reappeared after restarting. The only things I was not able to remove were those Windows updates labelled as 'servicing stacks', so it appears that may be where the problem is, something Microsoft hides in a 'service stack' update.
After finally doing a fresh install, incredibly, "managed by your organization" was still on Chrome once it was newly installed, after Microsoft updates were done.
Now, several days later, 'managed by your organization mysteriously is gone from Chrome.
A very strange mystery.
-
On 8/22/2022 at 9:16 AM, Berny said:
Please exit temporary Kaspersky , any better ?
Sorry to be a nuisance, but that raises another issue. When a commonly used program tells you to turn off your antivirus should that be cause for concern?
Open Video Downloader has a high confidence rating on Kaspersky but in order to work it asks a person to turn their antivirus off.
Kaspersky says this has been downloaded by thousands of its users. Do all users of this program turn off Kaspersky when they use the program?
-
23 hours ago, Berny said:
Did you visit the Microsoft Community, I don’t think Kaspersky is related to your issue.
The broader issue of quirks in a group of programs i.e., in types of programs would probably be a security issue rather than a technical issue, and Microsoft's focus is not on the security of its users.
-
Another audio program obscured a bit. After updating Audacity, the sound editing program, it has a white square instead of a quickstart icon. The white square works fine, it starts the program, but before updating it had the regular icon.
-
Some more info.
It looks like it is usually caused by an antivirus setting, and there are people who mention doing something with AVG and Comodo to remove that "managed by your organization" on a private computer.
One interesting thing, I had done the startup change to allow hardware virtualization as Kaspersky recommends, but suddenly today Kaspersky again says "To improve your protection, use a PC that supports hardware virtualization".
So it looks like the same program that brought up "managed by your organization" also disabled hardware virtualization.
Several days ago I used a registry cleaner and that may have done it, but it would be nice to get rid of the 'managed by your organization'.
-
-
11 hours ago, Berny said:
Did you consider SFC ?
Wow, you were right, possibly. I'll wait and see if the black boxes reappear.
-
1
-
-
10 hours ago, Berny said:
Did you consider SFC ?
There are other issues that lead me to believe the computer is hacked. For example one thing I have only seen two times in 20+ years of using computers is small rectangular black boxes in the lower left of a browser window. I saw that when I was hacked last time and this current time, no other time.
Here is something that might or might not be related. You can try it on your computer. The black boxes I cannot create at will but will screenshot the next one, but here are three pictures of Kaspersky which were taken June 29 shortly after installation. In this case I had restarted the DWM desktop windows manager because it used a lot of memory, and when it started up Kaspersky was a small black box. I could drag the box around but could not get Kaspersky to appear. The first two pictures are all that were visible of Kaspersky as a black box and the third picture is when I got a Kaspersky window to open and the window is now full size with a heading but still a black box.
These Kaspersky black boxes might have been caused by restarting DWM so I don't consider them a problem, unless that doesn't happen to you when you restart it.
-
One point to add. There are two pathways for a person without the 'Norton Removal tool' who is installing Kaspersky.
Pathway 1
a) Download Kaspersky and click install.
b) As it is installing, a popup says 'incompatible software' etc.
c) Click 'remove'.
d) Kaspersky dialog says "restart computer'.
e) After restart Kaspersky has not installed, so go back to b through d.
f) Go back to b through d.
g) Go back to b through d.
A lot of people will move on at this point because they do not want incompatible security software. The alternative is to not restart your computer, but by now you are warned that you have incompatible software so security is less than perfect.
Pathway 2
a) Go through Pathway 1
b) Don't restart your computer but install Kaspersky with the understanding that the Kaspersky program mistakenly believes that the Norton program has been removed.
c) Continue with Kaspersky warning daily about incompatible software until you find the Norton tool referenced above.
I was using Comodo but saw signs my computer was hacked. One previous time several years ago my computer was hacked and Kaspersky was the first company to find the malware, I learned much later.
So a few weeks ago, while observing odd behavior that leads me to believe my computer is hacked, I downloaded Kaspersky.
So far Kaspersky has not detected the malware, nor has Comodo, nor Windows Defender nor Microsoft Emergency Support tool.
At this point I'm just watching to see how it develops. My computer has a series of odd behaviors that pretty obviously are not intended by the manufacturer, and more odd things are popping up. A little while ago I tried to paste something from the main disk to another disk with plenty of space. After a bit Windows said 'you need x amount more space', so I made more than enough by deleting, then again the same thing at least two more times before the paste was finished.
It does not even look like a brilliant hacker, but I'm hoping it does not end up too expensive for me before some antivirus will detect it. Or I may just clean install if my curiousity runs out.
My best guess so far is that the malware originated in either the electrum litecoin wallet or in some images of a border patrol agent who was grazed by a bullet, images with odd extensions which do not behave in some cases as normal images.
-
I have sysinternals the new process explorer and have not looked at that while any program that is not visible is running. I will open that next time I run wavepad.
Yes NCH Wavepad. I think I uploaded it to virustotal right after I noticed, a few weeks ago, and the version I got was the same as the version tested there, and clean.
Sometimes the programs that do that are visible in task manager, sometimes not, but the only programs I've ever seen do that are cryptonote wallets and audio software, and the only time I've seen it recently i.e., last few weeks, was wavepad.
My computer always has a task manager window open, and I pay some attention to it, which may be why I notice it and others seem not to.
Google and Kaspersky seem associated
in Kaspersky: Basic, Standard, Plus, Premium
Posted
Okay sorry, but one more new oddity then I drop the matter.
Now there is an icon, but a different icon for when the program is pinned vs not pinned, but more interestingly when I right click on either icon the context menu still has the blank white square.