Jump to content

Problems with Asus AI Suite 3 after last database update (08/08/22)


Go to solution Solved by Danila T.,

Recommended Posts

On 8/12/2022 at 4:32 PM, Igor Kurzin said:

There are vulnerabilities in some previous versions of Asus applications (Ai Suite, Armoury Crate), more information by the links: 

https://www.opencve.io/cve/CVE-2018-18535 

https://www.opencve.io/cve/CVE-2018-18536 

https://github.com/hfiref0x/AsIo3Unlock 

https://codeinsecurity.wordpress.com/2016/06/12/asus-uefi-update-driver-physical-memory-readwrite/ 

https://packetstormsecurity.com/files/150893/ASUS-Driver-Privilege-Escalation.html 

https://seclists.org/fulldisclosure/2018/Dec/34 

Blocking these vulnerabilities by the Kaspersky product may cause malfunction(s) of Asus Ai Suite/ Armoury Crate. As a temporary solution the blocking rules will be disabled, a fix will be released on Monday 15.08.22 with bases.

We will post an additional notification on Monday 15.08.22. 

To apply the fix, you will need to update databases and restart PC. 

We are researching another way to block the vulnerabilities without impacting Asus applications.

The safety of Kaspersky users is still provided by the Kaspersky multi-layer protection. All types of threats, including viruses, worms, trojans, ransomware, rootkits and spyware are detected, isolated and deleted in real-time.

 

Do these vulnerabilities show up in the vulnerability scan at all? atkexComSvc.exe does not, but the scope of that scan is "installed applications" so it's possible it goes under the radar. I do hope that this promised fix will also apply to this exe, it must be even more widespread than AiSuite or other ASUS applications if it's installed from ASUS driver bundles. increased error logging at boot is not welcome, that would be the minimum impact of this executable's blocking.

Link to comment
Share on other sites

4 hours ago, andrew75 said:

In the Russian-language thread of the forum there is a link to the latest version AI Suite 3, which does not conflict with Kaspersky antivirus. The link was provided to the user by Asus tech support.

https://forum.kaspersky.com/topic/софт-от-asus-не-работает-при-установленном-kaspersky-25091/?do=findComment&comment=112206

 

Thanks for this. It worked for me and I am back up and running.

  • Like 1
Link to comment
Share on other sites

Hello, I have the same problem too.

Motherboard: ASUS Z170-A and AI Suite 3

If the fans didn't run at full speed I wouldn't mind, but this is irritating. I tried the "uninstall everything and reinstall them with infitite reboots in between" thing but I couldn't installed the ai.suite.3 while kaspersky was already there. Finally, I uninstalled kaspersky and installed the ai.suite.3, to have some quiet here...

Let's hope that they will fix it on Monday, as said above....

Link to comment
Share on other sites

15 hours ago, ChrisG said:

does it really work?
Thanks

Yes. Had several restarts and it's still working. KIS and AI suite 3 ASUS_AISuite3_DIP5_AC_W11_64_V30110_20211112R on a Asus Rog STRIX X470-F Gaming motherboard. Works perfectly for me.

  • Like 1
Link to comment
Share on other sites

ASUS is also guilty here. I don't like Armoury Crate and I'm forced to use Aura Sync to manage my rig. And latest Aura Sync is 2 years old. In Kaspersky's side, it's necessary to implement an exception for ASUS vulnerabilities. This behavior should be automatically configured but with user's possibility to create exceptions (for ex. atkexComSvc.exe  - ASUS Com service vulnerability trigger disabled by user option)
Other securities suites also trigger ASUS as a vulnerability, but the users has always the option: "ok, I know that. Shut up and let them work."  ( A special note to BitDefender and Norton: they don't even recognize ASUS Service as a vulnerability, so Kaspersky is better then them, but a definitive "USER (CUSTOMER) HAVE THE LAST WORD" should be Kaspersky policy. 
  • Like 1
Link to comment
Share on other sites

47 minutes ago, AragornPT said:
ASUS is also guilty here. I don't like Armoury Crate and I'm forced to use Aura Sync to manage my rig. And latest Aura Sync is 2 years old. In Kaspersky's side, it's necessary to implement an exception for ASUS vulnerabilities. This behavior should be automatically configured but with user's possibility to create exceptions (for ex. atkexComSvc.exe  - ASUS Com service vulnerability trigger disabled by user option)
Other securities suites also trigger ASUS as a vulnerability, but the users has always the option: "ok, I know that. Shut up and let them work."  ( A special note to BitDefender and Norton: they don't even recognize ASUS Service as a vulnerability, so Kaspersky is better then them, but a definitive "USER (CUSTOMER) HAVE THE LAST WORD" should be Kaspersky policy. 

 

HW manufacturer's bundled software is buggy as a general rule, odd because they're the vendors for both the harware and the software so they should know best how to design software for their hardware.

Someone at the Russian language forum noticed that this vital executable is classified as a trojan, after analyzing the traces he enabled. Normally that would count as a false positive, but the user is left completely ignorant of all this. There's not a single alert or anything unusual logged, the exe is still as trusted by KIS as ever. So since what we have is most likely just a program vulnerability, I 100% agree that Kaspersky shouldn't take an aggressive stance toward this file. They can notify the end user about its risky nature, but it should never be blocked without the users consent.

Even if installing a new version of AiSuite3 or Armory Crate fixes this issue, how does that help those who have atkexComSvc.exe normally running in their systems but without those two other programs? I've looked into it but it's still unclear what all the places this exe comes from are and what it does, I know for certain I've never had AiSuite or the others installed. Some of these ASUS drivers such as AsIO.sys (that's usually found on newer computers with ASUS mobos) might be installed from the board firmware, some may come from driver CDs. It's difficult to keep track of these files and what should be safe to disable should an AV flag them as risky. My version of this exe is old, and there's no way to get a newer version of it without installing ASUS programs that I don't want. The installers could be unpacked, but that's probably more trouble than it's worth.

Edited by Pica
Link to comment
Share on other sites

Hello.

A clarification that I have not seen around here and that I do not report before (sorry I forgoten it). In order to install Al Suite 3 again after installing KIS, you need to create an exception as a trusted application in the KIS, from the AsusSetup file.exe which the application installs. Once this is done, the installer starts without problems and the application is installed without further complications. Until today it  works without problem with the KIS database 21.3.10.391(j).
I hope this can help someone.

Link to comment
Share on other sites

On 8/9/2022 at 3:45 AM, Dingo said:

I know there was a similar problem few months ago and looks like it's solved. But I noticed the problem right now, after the 08/08/2022 database update. The problem is the same as before: Asus AI Suite 3 (and other asus services) can't load and only works again if Kaspersky Internet Security [version 21.3.10.391 (h)] is uninstalled or with an old database, when I reinstall KIS it have the 28/07/2022 database and the software works without problems, until I update KIS. I tried to reinstall AI Suite too, but it didn't work. I have the same error messages as other users. I'm running it on windows 10 x64. When other people had this problem, for me everything was working fine. 

I hope someone will notice this and can give me some help. Thanks

immagine_2022-08-09_043209662.png

I have exactly this problem too but only since 14 August 22. It first occurred on restart from Windows 10 Update on installation of KB5016616, KB5012170, KB5015730 and Servicing Stack 10.0.19041.1852.

I assumed one of the above caused AI Suite 3 not to run, so I uninstalled the 2 that could be removed, KB5016616 & KB5012170 but Ai Suite 3 continued not to run with the 2 above warning boxes appearing each time it tries to be run.

I had a look at "Services" from "Task Manager" where one could see AI Suite 3 appears to run for a few seconds then stop.

I tried to re-install AI Suite 3 and failed. I tried to remove AI Suite 3 from "control panel - programs and features" and although the uninstaller appeared to run, AI Suite 3 did not un-install.

This morning I found this thread, which leaves me wondering why I didn't get this problem earlier. I have automatic updates set "on" in Kaspersky so if a database update causes this problem I should have seen it at much the same time as other posters to this thread. So perhaps others had the Windows Update described above some time before me and that update is a factor in the problem arising after a Kaspersky update?

I too am upset at the loss of Fan-Xpert cooling control, having all fans running flat out without need is just a waste of energy.

Link to comment
Share on other sites

10 minutes ago, MikeT said:

I have exactly this problem too but only since 14 August 22. It first occurred on restart from Windows 10 Update on installation of KB5016616, KB5012170, KB5015730 and Servicing Stack 10.0.19041.1852.

Hello @MikeT

Welcome!

The staggered distribution of Kaspersky Patch J began rolling out July 18th, 2022, it may not have arrived on your machine immediately. When a patch arrives, it waits for the machine to be rebooted, or, 7 days, whichever is sooner, so when the restart was done for the Windows update, Patch J may have been applied at the same time. 

Thank you🙏

Flood🐳+🐋

Edited by Flood and Flood's wife
Link to comment
Share on other sites

Many thanks for that information, I see I do have Patch J but have no idea when it was applied as I had no reason to monitor such things - until now! I see Kaspersky say they have removed the problem change in today's update, so I'll see what happens with the next re-boot.

  • Like 1
Link to comment
Share on other sites

47 minutes ago, MikeT said:

Many thanks for that information, I see I do have Patch J but have no idea when it was applied as I had no reason to monitor such things - until now! I see Kaspersky say they have removed the problem change in today's update, so I'll see what happens with the next re-boot.

Hello @MikeT

You're most welcome!

Users may know a patch release date, either from support, checking the doco, example: KTS patch J: or chatter here in the Community, however, sadly, in terms of patch *arrival*, it's difficult to monitor patches, patches arrive *silently*, you don't know it's there -> the only way you'd know is, after the patch arrives, if the machine is not rebooted & the 7 days expired, then the front screen of the Kaspersky GUI will show a Recommendation, the Kaspersky Notification Centre would show the Recommendation details, the Kaspersky icon, in the Windows hidden icons or taskbar would turn red & the Windows Action centre would show a notification from the Kaspersky app 

image.thumb.jpeg.247189e985813763772394b719beade9.jpeg

Thank you🙏

Flood🐳+🐋

Edited by Flood and Flood's wife
Link to comment
Share on other sites

17 minutes ago, mhnproject said:

@Flood and Flood's wife hi

i dont see any database update or fixer (the issue still exist) . igur promised , kasper release fix on Monday 15.08.22 !! 😞

Hello @mhnproject

Welcome back!

  1. Has a manual Database update been run, followed by a shutdown of the machine, using Shutdown, not Restart? 

Please let us know?

Thank you🙏

Flood🐳+🐋

Link to comment
Share on other sites

I've been experiencing this issue since around 11 August 2022 (Windows 10 21H1 build19043.1889; KIS 21.3.10.391(j); Asus AI Suite 3 v 3.00.13).  I have tried the KIS manual database update at 1600 hrs today 15 August, and have done a full shutdown and fresh startup, but I still get the atkexCom.axdata error, unfortunately.  My KIS database release is 15/08/2022 13:17.  Not sure if that time is corrected for user location, but I'm in UK which is GMT+1 at the moment.  I'll try another manual update later today or first thing tomorrow and keep my fingers crossed....

Edited by PDofCC
typo
Link to comment
Share on other sites

I am having the same issue as other users.  However, with a slight difference.  There had been a problem with renewing my licence due to a Kaspersky issue. On Sat 13th Aug, following instructions from Kaspersky support, I had to purchase a new licence and download the latest version of KIS.  The next time I booted the machine, I saw the same Asus related error messages as other users, plus my keyboard didn't work, preventing me from logging in until I did a restart The latter was because the Asus AI Suite contains a facility which affects USB connections and USB-connected devices

Other users have suggested that the issue is with the KIS database which was affected from versions released after around Aug 8th.  In my case, those database versions were working unproblematically before I installed the latest version of the  KIS software.   So the issue in question may be related to a combination of the most recent version of the KIS software and recent versions of the database, not simply the recent database versions.

 

Win 10, AI Suite version 3

Edited by JohnGosling
added information
  • Like 1
Link to comment
Share on other sites

I just updated (third time today), restarted and the aktkexComSvc and AsusFanControlService are working back again along with AI Suite III as well. Kaspersky was not allowing those two services to start. Let's see how long it stays working.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.