Avast WEBforum

Business Products => Avast Business => Topic started by: mcoleran on January 04, 2018, 09:59:17 AM

Title: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: mcoleran on January 04, 2018, 09:59:17 AM
Microsoft have released an update for the Intel chip bug - however the update is only available for machines with compatible antivirus.

Is AVAST compatible?

info from MS:
Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY.   Contact your Anti-Virus AV to confirm that their software is compatible and have set the following  REGKEY on the machine
Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD”
Data="0x00000000”
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 04, 2018, 10:22:24 AM
Yes we are compatible, a microupdate was issued yesterday
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: mcoleran on January 04, 2018, 10:33:22 AM
That's great  - thank you!

I don't seem to have the reg value though, what version of Avast Endpoint Protection includes the fix?
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 04, 2018, 10:43:19 AM
It should be present on all Avast 8 or later versions, what is your version?
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: mcoleran on January 04, 2018, 11:28:40 AM
Avast Endpoint Protection 8.0.1609
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: imt_jkt on January 04, 2018, 12:25:34 PM
Yes we are compatible, a microupdate was issued yesterday

Should I restart my PC or not? Because I still don't see the aforementioned registry key.

My spec: win 10 pro x64, avast free antivirus 17.9.2322 (vps: 180104-0)
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: mcoleran on January 04, 2018, 12:57:07 PM
Still not present after mine has been restarted.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 04, 2018, 01:05:00 PM
Microupdates are delivered once per 12 hrs period, and restart is not required for this microupdate. Can you please provide console output from AvastEmUpdate.exe /debug or AvEmUpdate.exe /debug? It must be executed elevated.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: mcoleran on January 04, 2018, 01:36:06 PM
Microupdates are delivered once per 12 hrs period, and restart is not required for this microupdate. Can you please provide console output from AvastEmUpdate.exe /debug or AvEmUpdate.exe /debug? It must be executed elevated.

LoadConfig START
  GetSourceType START
  GetSourceType END
LoadConfig END long=0
WaitForInternetConnection START
WaitForInternetConnection END long=0
PrepareRemotePatchDescriptor START
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast Business\Setup\95c8f59f-8a79-45fe-9937-90683b35d3e8.ini
  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    DownloadRemoteFile START
      CopyResourceToFile START
      CopyResourceToFile END long=0
    DownloadRemoteFile END long=0
  MakeFileLocal END long=0
PrepareRemotePatchDescriptor END long=0
No patches available
FreeSchedulerInterface START
FreeSchedulerInterface END long=0
_tWinMain final result: 0

Press any key to exit console...
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 04, 2018, 01:59:29 PM
The problem is that your updater don't support microupdates at all, we will solve this ASAP

Edit by Lukor: only early versions of Avast 8 don't support microupdates (they support emergency-updates though and we'll deliver the patch by this channel), if you are running any version from recent years you should get the fix automatically
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: mcoleran on January 04, 2018, 02:06:01 PM
The problem is that your updater don't support microupdates at all, we will solve this ASAP

Thank you!
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 04, 2018, 03:18:32 PM
mcorelan, can you please provide content of your "c:\ProgramData\AVAST Software\Avast\AvastEmUpdate.ini" file?
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: mcoleran on January 04, 2018, 03:23:03 PM
mcorelan, can you please provide content of your "c:\ProgramData\AVAST Software\Avast\AvastEmUpdate.ini" file?

[Config]
LastAppliedPatchId=325
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: JThan on January 04, 2018, 05:12:52 PM
forget what I wrote]

I had to run the Update from the console and then it worked.

Microupdates are delivered once per 12 hrs period, and restart is not required for this microupdate. Can you please provide console output from AvastEmUpdate.exe /debug or AvEmUpdate.exe /debug? It must be executed elevated.


Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 04, 2018, 05:18:35 PM
mcorelan, can you please provide content of your "c:\ProgramData\AVAST Software\Avast\AvastEmUpdate.ini" file?

I just looked it up too - because I also seem to not get the microupdate?

Current Version: 17.9.2322 (build: 17.9.3761.0)

Code: [Select]
[Config]
LastAppliedPatchId=371

Can you please provide console output from "AvEmUpdate.exe /debug" command? It must be executed elevated.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Jack201 on January 04, 2018, 06:26:39 PM
Hello!

So, in my AvEmUpdate.ini appears:

[Config]
LastAppliedPatchId=378

In the AvastEmUpdate appears:
[Config]
LastAppliedPatchId=373

And this ist the AvEmUpdate.exe /debug:

      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
        GetUpdatesInfoFromXmlRoot END long=1168
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateIniCondition START
        EvaluateIniCondition END long=0
        Condition result: FALSE
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        Condition result: TRUE
        ReadXmlNodeUpdateInfo START
        ReadXmlNodeUpdateInfo END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
    GetUpdatesInfoFromXmlRoot END long=0
    MicroUpdate available for product home: version:2322
  GetUpdatesInfo END long=0
PrepareRemoteUpdateDescriptor END long=0
ApplyUpdates START
  ApplyUpdate START
    MakeTemporaryFileName START
    MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\d1109f30-cb0c-4f2b-bbc0-f8c7c6a2f155.cab
    MakeFileLocal START
      GetSourceType START
      GetSourceType END
      PerformRemoteOp START
        PerformRemoteHttpOp START
          PerformRemoteHttpOp: Url: http://securebrowser.avast.tools.avcdn.net/tools/avast/securebrowser/diff/safer-update.cab
          CopyResourceToFileOrBuffer START
          CopyResourceToFileOrBuffer END long=0
        PerformRemoteHttpOp END long=0
      PerformRemoteOp END long=0
      File:C:\Program Files\AVAST Software\Avast\Setup\d1109f30-cb0c-4f2b-bbc0-f8c7c6a2f155.cab first 16 bytes of signature: 4B526BEAF909E5F2EC95A09282572EBB
    MakeFileLocal END long=0
    ApplyCabUpdate START
      MakeTemporaryFileName START
      MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\fd1e9a52-a9f7-4d39-926b-b326c1178095
      ApplyXmlUpdate START
        ApplyXmlUpdateFromXmlRoot START
          EvaluateRegistryCondition START
          EvaluateRegistryCondition END long=0
          Condition result: TRUE
          ApplyXmlUpdateFromXmlRoot START
            EvaluateRegistryCondition START
            EvaluateRegistryCondition END long=0
            Condition result: TRUE
            ApplyXmlUpdateFromXmlRoot START
              EvaluateIniCondition START
              EvaluateIniCondition END long=0
              Condition result: FALSE
            ApplyXmlUpdateFromXmlRoot END long=0
          ApplyXmlUpdateFromXmlRoot END long=0
        ApplyXmlUpdateFromXmlRoot END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleFiles START
        HandleFiles END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleRegistry START
        HandleRegistry END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleExecutes START
        HandleExecutes END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleVersions START
        HandleVersions END long=0
        HandleNotifications START
        HandleNotifications END long=0
      ApplyXmlUpdate END long=0
    ApplyCabUpdate END long=0
  ApplyUpdate END long=0
ApplyUpdates END long=0
GetSourceType START
GetSourceType END
PerformRemoteHttpOp START
  PerformRemoteHttpOp: Url: http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
  CopyFileOrBufferToResource START
  CopyFileOrBufferToResource END long=0
PerformRemoteHttpOp END long=0
FreeSchedulerInterface START
FreeSchedulerInterface END long=0
_tWinMain final result: 0

Press any key to exit console...


So did i get the microupdate?

Regards.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 04, 2018, 06:36:06 PM
Hi Jack201, yes, you've got it.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Jack201 on January 04, 2018, 06:49:58 PM
Thanks for the quick reply!  :)
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: lgreg on January 04, 2018, 08:30:59 PM
mcorelan, can you please provide content of your "c:\ProgramData\AVAST Software\Avast\AvastEmUpdate.ini" file?

The contents of my AvastEmUpdate.ini is
Code: [Select]
[Config]
LastAppliedPatchId=378

Is that okay?
EDIT: I only realized another forum section lead me here and didn't pay attention that this is the Business Endpoint section. Sorry. Was not paying attention.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: norinrad32 on January 05, 2018, 01:52:51 AM
Hello.  Need some assistance. I have not received the patch yet from Microsoft for the Spectre/Meltdown bug. I would love to check to make sure my Avast Free version has received the micro update. 

I am running Windows 10 on an Intel i7-6700 CPU @ 4.00 GHz

This is what I have:

Avast free version: 17.9.2322
Avast Virus180104-2

AvastEmUpdate.ini

[Config]
LastAppliedPatchId=371

AvEmUpdate.ini

[Config]
LastAppliedPatchId=378

Not sure how to run this command from console:

AvEmUpdate.exe /debug

Let me know how to run this and I will get you this information.

Thank you in advance for your assistance! 
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: f23948 on January 05, 2018, 04:18:18 AM
is that look ok?
(https://s17.postimg.org/77dzyzpdb/Untitled.png)
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: lemo.olivier on January 05, 2018, 07:59:49 AM

I had to run the Update from the console and then it worked.


I hadn't the registry key.
Just run AvEmUpdate.exe /debug in command line, with admin privileges.
The registry key appeared just after that.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Theo@IC on January 05, 2018, 08:52:12 AM
I'm also not seeing the registry key in my company yet.

Endpoint Protection Suite Plus with Small Office Administration
SOA: 1.3.3.112
Client: 8.0.1609
Engine: 180104-2

C:\ProgramData\AVAST Software\Avast\AvastEmUpdate.ini (last modified 13-4-2017):

[Config]
LastAppliedPatchId=372


AvastEmUpdate.exe /debug from admin console:

LoadConfig START
  GetSourceType START
  GetSourceType END
LoadConfig END long=0
WaitForInternetConnection START
WaitForInternetConnection END long=0
PrepareRemotePatchDescriptor START
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast Busine
ss\Setup\8ddaac2f-cf76-4cfd-8899-7766888305f2.ini
  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    DownloadRemoteFile START
      CopyResourceToFile START
      CopyResourceToFile END long=0
    DownloadRemoteFile END long=0
  MakeFileLocal END long=0
PrepareRemotePatchDescriptor END long=0
No patches available
FreeSchedulerInterface START
FreeSchedulerInterface END long=0
_tWinMain final result: 0

Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 08:59:55 AM
Hi Theo@IC, your updater is too old, we have to deliver new emergency updater to Avast 8 first. Probably today.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Giuseppe135 on January 05, 2018, 09:05:26 AM
Hi to all,

I've tried to do the update, but I can't reach it.

I launched AvEmUpdate.exe using console as admin, but I haven't the registry key yet.
I can't find AvEmUpdate.ini in Avast folder.

I'm on a laptop running Windows 10 x64, i7 6500-U.
I'm using Avast Free Antivirus 17.9.2322 (build 17.9.3761.0).

Code: [Select]
C:\Program Files\AVAST Software\Avast>AvEmUpdate.exe /debug

C:\Program Files\AVAST Software\Avast>LoadConfig START
  Current version: 2322
  Current update version: 324
  Guid: 8a4be7dd-d12f-4fd7-954a-100ff86e4d28
  Midex: CB937573876DB397A860C357E1FE3B8E1AE95282BB47FA95DCBED56228F5401B
  GetSourceType START
  GetSourceType END
  PerformRemoteOp START
    PerformRemoteHttpOp START
      PerformRemoteHttpOp: Url: http://ip-info.ff.avast.com/v2/info
      CopyResourceToFileOrBuffer START
      CopyResourceToFileOrBuffer END long=0
    PerformRemoteHttpOp END long=0
  PerformRemoteOp END long=0
LoadConfig END long=0
DeleteAlreadyExecutedRestartJobs_2 START
  DeleteAlreadyExecutedRestartJobs_2 START
    PrepareSchedulerInterface START
    PrepareSchedulerInterface END long=0
  DeleteAlreadyExecutedRestartJobs_2 END long=0
DeleteAlreadyExecutedRestartJobs_2 END long=0
WaitForInternetConnection START
  CheckInternetConnection START
    PerformRemoteHttpOp START
      PerformRemoteHttpOp: Url: http://emupdate.avcdn.net/files/emupdate/pong.txt
    PerformRemoteHttpOp END long=0
    Internet connection detected using 1
  CheckInternetConnection END long=0
WaitForInternetConnection END long=0
PrepareRemotePatchDescriptor START
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\da6d5c23-9156-4b7b-8f07-3ba937717b68.ini
  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    PerformRemoteOp START
      PerformRemoteHttpOp START
        PerformRemoteHttpOp: Url: http://emupdate.avcdn.net/files/emupdate/patches.ini
        CopyResourceToFileOrBuffer START
        CopyResourceToFileOrBuffer END long=0
      PerformRemoteHttpOp END long=0
    PerformRemoteOp END long=0
    File:C:\Program Files\AVAST Software\Avast\Setup\da6d5c23-9156-4b7b-8f07-3ba937717b68.ini first 16 bytes of signature: 4C6FD0C704F23CA5AB3C5F14A7187A53
  MakeFileLocal END long=0
PrepareRemotePatchDescriptor END long=0
No patches available
PrepareRemoteUpdateDescriptor START
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\b9acd51a-dadc-44c5-9c46-5b60334bb2f8.xml
  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    PerformRemoteOp START
      PerformRemoteHttpOp START
        PerformRemoteHttpOp: Url: http://emupdate.avcdn.net/files/emupdate/updates.xml
        CopyResourceToFileOrBuffer START
        CopyResourceToFileOrBuffer END long=0
      PerformRemoteHttpOp END long=0
    PerformRemoteOp END long=0
    File:C:\Program Files\AVAST Software\Avast\Setup\b9acd51a-dadc-44c5-9c46-5b60334bb2f8.xml first 16 bytes of signature: 0E175753EC9CD2E0A3D9E0E85510BA89
  MakeFileLocal END long=0
  GetUpdatesInfo START
    GetUpdatesInfoFromXmlRoot START
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=1168
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: FALSE
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        Condition result: TRUE
        ReadXmlNodeUpdateInfo START
        ReadXmlNodeUpdateInfo END long=0
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
        GetUpdatesInfoFromXmlRoot END long=1168
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateIniCondition START
        EvaluateIniCondition END long=0
        Condition result: FALSE
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        Condition result: TRUE
        ReadXmlNodeUpdateInfo START
        ReadXmlNodeUpdateInfo END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
    GetUpdatesInfoFromXmlRoot END long=0
    MicroUpdate available for product home: version:2322
  GetUpdatesInfo END long=0
PrepareRemoteUpdateDescriptor END long=0
ApplyUpdates START
  ApplyUpdate START
    MakeTemporaryFileName START
    MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\0328b0d4-7117-4e20-9f50-cde147389bf3.cab
    MakeFileLocal START
      GetSourceType START
      GetSourceType END
      PerformRemoteOp START
        PerformRemoteHttpOp START
          PerformRemoteHttpOp: Url: http://securebrowser.avast.tools.avcdn.net/tools/avast/securebrowser/diff/safer-update.cab
          CopyResourceToFileOrBuffer START
          CopyResourceToFileOrBuffer END long=0
        PerformRemoteHttpOp END long=0
      PerformRemoteOp END long=0
      File:C:\Program Files\AVAST Software\Avast\Setup\0328b0d4-7117-4e20-9f50-cde147389bf3.cab first 16 bytes of signature: 4B526BEAF909E5F2EC95A09282572EBB
    MakeFileLocal END long=0
    ApplyCabUpdate START
      MakeTemporaryFileName START
      MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\2162808d-0d86-4737-99ee-53d8c0752118
      ApplyXmlUpdate START
        ApplyXmlUpdateFromXmlRoot START
          EvaluateRegistryCondition START
          EvaluateRegistryCondition END long=0
          Condition result: TRUE
          ApplyXmlUpdateFromXmlRoot START
            EvaluateRegistryCondition START
            EvaluateRegistryCondition END long=0
            Condition result: TRUE
            ApplyXmlUpdateFromXmlRoot START
              EvaluateIniCondition START
              EvaluateIniCondition END long=0
              Condition result: FALSE
            ApplyXmlUpdateFromXmlRoot END long=0
          ApplyXmlUpdateFromXmlRoot END long=0
        ApplyXmlUpdateFromXmlRoot END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleFiles START
        HandleFiles END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleRegistry START
        HandleRegistry END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleExecutes START
        HandleExecutes END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleVersions START
        HandleVersions END long=0
        HandleNotifications START
        HandleNotifications END long=0
      ApplyXmlUpdate END long=0
    ApplyCabUpdate END long=0
  ApplyUpdate END long=0
ApplyUpdates END long=0
GetSourceType START
GetSourceType END
PerformRemoteHttpOp START
  PerformRemoteHttpOp: Url: http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
  CopyFileOrBufferToResource START
  CopyFileOrBufferToResource END long=0
PerformRemoteHttpOp END long=0
FreeSchedulerInterface START
FreeSchedulerInterface END long=0
_tWinMain final result: 0

What should I do to update Avast and get MS Meltdown patch?
Thanks!
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 09:11:07 AM
Hi  Giuseppe135, you already have required registry key, now you need to wait for MS to deliver it, it is also possible that MS patch is not required for your PC at all, which is good, because it can cause slowdown.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Giuseppe135 on January 05, 2018, 09:21:28 AM
Thank you! I did a Windows update check, but no update is available. Hopin' I don't need the fix!

Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: roope.kiviniemi on January 05, 2018, 11:47:46 AM
Hello!

is my Avast ready to this MS patch?

File:C:\Program Files\AVAST Software\Avast\Setup\63654baf-71c4-473f-af43-364d5ea32832.cab first 16 bytes of signature: 4B526BEAF909E5F2EC95A09282572EBB
    MakeFileLocal END long=0
    ApplyCabUpdate START
      MakeTemporaryFileName START
      MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\a5df850a-4a16-4cbc-b217-1792de73d567
      ApplyXmlUpdate START
        ApplyXmlUpdateFromXmlRoot START
          EvaluateRegistryCondition START
          EvaluateRegistryCondition END long=0
          Condition result: TRUE
          ApplyXmlUpdateFromXmlRoot START
            EvaluateRegistryCondition START
            EvaluateRegistryCondition END long=0
            Condition result: TRUE
            ApplyXmlUpdateFromXmlRoot START
              EvaluateIniCondition START
              EvaluateIniCondition END long=0
              Condition result: FALSE
            ApplyXmlUpdateFromXmlRoot END long=0
          ApplyXmlUpdateFromXmlRoot END long=0
        ApplyXmlUpdateFromXmlRoot END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleFiles START
        HandleFiles END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleRegistry START
        HandleRegistry END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleExecutes START
        HandleExecutes END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleVersions START
        HandleVersions END long=0
        HandleNotifications START
        HandleNotifications END long=0
      ApplyXmlUpdate END long=0
    ApplyCabUpdate END long=0
  ApplyUpdate END long=0
ApplyUpdates END long=0
GetSourceType START
GetSourceType END
PerformRemoteHttpOp START
  PerformRemoteHttpOp: Url: http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
  CopyFileOrBufferToResource START
  CopyFileOrBufferToResource END long=0
PerformRemoteHttpOp END long=0
FreeSchedulerInterface START
FreeSchedulerInterface END long=0
_tWinMain final result: 0
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Bowdon on January 05, 2018, 12:37:45 PM
Hi  Giuseppe135, you already have required registry key, now you need to wait for MS to deliver it, it is also possible that MS patch is not required for your PC at all, which is good, because it can cause slowdown.

How are you able to tell if someone has the registration key?

If you say how then they can debug it themselves and tell  ;)
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 12:43:52 PM
It depends on how much AvEmUpdate.exe log output I get

if "Current update version" >= 324, then it is delivered

If log output doesn't contain "Current update version", I have to check last delivered CAB signarure for update version. Please note that LastAppliedPatchId is different value from "Current update version", and is not relevant.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Bowdon on January 05, 2018, 02:16:17 PM
ok.. it seems my main computer that I update avast all the time has Current update version 318

So how do I fix this?
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 02:23:39 PM
Hi Bowdon, just wait, it will be delivered later
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: alancurtis2 on January 05, 2018, 03:17:12 PM
I have "current update version" as 324, but no Registry Key.

c:\Program Files\AVAST Software\Avast>LoadConfig START
  Current version: 2322
  Current update version: 324
  Guid: 88e4dc3d-3156-4355-92b7-5ec907c7670c
  Midex: 243685CB99C3F4F047A0D16E8D445477823ECBD4ADBB435B0698824F565369FE
  GetSourceType START
...

Yet no registry key, as my Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion has a PushNotifications and a Reliabilty, but no QualityCompat between the two (search also fails to find any QualityCompat anywhere).

What can I do?
Alan

Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 03:23:36 PM
Hi alancurtis2, which registry tool did you use to validate it? If you are using 64bit OS and access registry using 32bit process, your registry view is 32bit.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: alancurtis2 on January 05, 2018, 03:38:45 PM
regedit and regedit/v

from C:/Windows

I do have a 64bit OS.. is this the right regedit?

Alan
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: contl on January 05, 2018, 03:56:35 PM
I have Current Update Version 324.

The registry setting was not there until I ran c:\program files\avast software\avast business\avastemupdate.exe /debug from an elevated command prompt.

Do I need to manually run this command on all desktops, or can it be pushed out?

Thanks
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 04:02:09 PM
alancurtis2: Its tricky in case of regedit.exe. It depends on bitness of parent app, for example if you launch regedit.exe from 32bit Total Commander, you get 32bit regedit.exe. If you launch it from 64bit Total Commander or Explorer, you get native (64bit) regedit.exe. Just launch it from explorer (Win+R, type regedit.exe)
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: a.felger on January 05, 2018, 04:04:41 PM
C:\Users\[username]>LoadConfig START
  Current version: 1609
  Current update version: 0
  Guid: abaace43-b2d7-4d51-ab41-dff16ebf6571
  Midex: 2E74DA78FE1B97191C90C05630004EBB3A8A0C643C7C74E7FE67C658A02597FC
  GetSourceType START
  GetSourceType END
  PerformRemoteOp START
    PerformRemoteHttpOp START
      PerformRemoteHttpOp: Url: http://ip-info.ff.avast.com/v2/info
      CopyResourceToFileOrBuffer START
      CopyResourceToFileOrBuffer END long=0
    PerformRemoteHttpOp END long=0
  PerformRemoteOp END long=0
LoadConfig END long=0
DeleteAlreadyExecutedRestartJobs_2 START
  DeleteAlreadyExecutedRestartJobs_2 START
    PrepareSchedulerInterface START
    PrepareSchedulerInterface END long=0
  DeleteAlreadyExecutedRestartJobs_2 END long=0
DeleteAlreadyExecutedRestartJobs_2 END long=0
WaitForInternetConnection START
  CheckInternetConnection START
    PerformRemoteHttpOp START
      PerformRemoteHttpOp: Url: http://emupdate.avcdn.net/files/emupdate/pong.txt
    PerformRemoteHttpOp END long=0
    Internet connection detected using 1
  CheckInternetConnection END long=0
WaitForInternetConnection END long=0
PrepareRemotePatchDescriptor START
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast Business\Setup\81e20077-d96c-4886-8c12-c325c60392f2.ini
  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    PerformRemoteOp START
      PerformRemoteHttpOp START
        PerformRemoteHttpOp: Url: http://emupdate.avcdn.net/files/emupdate/patches.ini
        CopyResourceToFileOrBuffer START
        CopyResourceToFileOrBuffer END long=0
      PerformRemoteHttpOp END long=0
    PerformRemoteOp END long=0
    File:C:\Program Files\AVAST Software\Avast Business\Setup\81e20077-d96c-4886-8c12-c325c60392f2.ini first 16 bytes of signature: 450868A61389CB677B6105A1DA7E751E
  MakeFileLocal END long=0
PrepareRemotePatchDescriptor END long=0
ApplyPatches START
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast Business\Setup\811daea4-213f-44bd-b092-01d2d0a4d275.exe
  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    PerformRemoteOp START
      PerformRemoteHttpOp START
        PerformRemoteHttpOp: Url: http://emupdate.avast.com/files/emupdate/20150209.exe
        CopyResourceToFileOrBuffer START
        CopyResourceToFileOrBuffer END long=0
      PerformRemoteHttpOp END long=0
    PerformRemoteOp END long=0
    File:C:\Program Files\AVAST Software\Avast Business\Setup\811daea4-213f-44bd-b092-01d2d0a4d275.exe first 16 bytes of signature: 321C6754389E649B20A1C43C9FED641C
  MakeFileLocal END long=0
  Going to execute Patch Id:325 from file C:\Program Files\AVAST Software\Avast Business\Setup\811daea4-213f-44bd-b092-01d2d0a4d275.exe
  Patch Id:325 done, exitcode:995
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast Business\Setup\d37a5284-1a79-4836-ad75-2655b20174ab.dll
  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    PerformRemoteOp START
      PerformRemoteHttpOp START
        PerformRemoteHttpOp: Url: http://emupdate.avast.com/files/emupdate/20160919.dll
        CopyResourceToFileOrBuffer START
        CopyResourceToFileOrBuffer END long=0
      PerformRemoteHttpOp END long=0
    PerformRemoteOp END long=0
    File:C:\Program Files\AVAST Software\Avast Business\Setup\d37a5284-1a79-4836-ad75-2655b20174ab.dll first 16 bytes of signature: 35BF9F33AA0A8ABE2AD9C289A92CCCB0
  MakeFileLocal END long=0
  Going to execute Patch Id:364 from file C:\Program Files\AVAST Software\Avast Business\Setup\d37a5284-1a79-4836-ad75-2655b20174ab.dll
  Patch Id:364 done, exitcode:1114
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast Business\Setup\d1bb6ef9-b90e-4728-b0d6-4fd400112f95.dll
  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    PerformRemoteOp START
      PerformRemoteHttpOp START
        PerformRemoteHttpOp: Url: http://emupdate.avast.com/files/emupdate/20170922.dll
        CopyResourceToFileOrBuffer START
        CopyResourceToFileOrBuffer END long=0
      PerformRemoteHttpOp END long=0
    PerformRemoteOp END long=0
    File:C:\Program Files\AVAST Software\Avast Business\Setup\d1bb6ef9-b90e-4728-b0d6-4fd400112f95.dll first 16 bytes of signature: 373B2B7DA054710CBB806297C60BBE6D
  MakeFileLocal END long=0
  Going to execute Patch Id:378 from file C:\Program Files\AVAST Software\Avast Business\Setup\d1bb6ef9-b90e-4728-b0d6-4fd400112f95.dll
  Patch Id:378 done, exitcode:0
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast Business\Setup\97df4559-b587-42f0-8283-8149d53dcf66.exe
  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    PerformRemoteOp START
      PerformRemoteHttpOp START
        PerformRemoteHttpOp: Url: http://emupdate.avast.com/files/emupdate/20171205-3176-2.exe
        CopyResourceToFileOrBuffer START
        CopyResourceToFileOrBuffer END long=0
      PerformRemoteHttpOp END long=0
    PerformRemoteOp END long=0
    File:C:\Program Files\AVAST Software\Avast Business\Setup\97df4559-b587-42f0-8283-8149d53dcf66.exe first 16 bytes of signature: 104127D744A15FFA6F4702FF73323F19
  MakeFileLocal END long=0
  Going to execute Patch Id:381 from file C:\Program Files\AVAST Software\Avast Business\Setup\97df4559-b587-42f0-8283-8149d53dcf66.exe
  Patch Id:381 done, exitcode:0
ApplyPatches END long=0
PrepareRemoteUpdateDescriptor START
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast Business\Setup\50cf0941-2059-43f7-8c64-f0cc01773d6a.xml
  MakeFileLocal START

This is my Output from AvastEmUpdate.exe" /debug
Is the microupdate installed?
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: alancurtis2 on January 05, 2018, 04:05:09 PM
WIN+R and regedit.exe, and same registry... CurrentVersion has no Q's what so ever...

Alan
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 04:06:07 PM
contl: Don't worry, it will be delivered within 12 hrs in case you have old Avast business 8
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 04:09:34 PM
alancurtis2: It is very strange, updater would never increase update version without successfully modifying the registry key. Ar you absolutely sure, you are not looking under a Wow6432Node version of key: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Theo@IC on January 05, 2018, 04:16:09 PM
Hi Theo@IC, your updater is too old, we have to deliver new emergency updater to Avast 8 first. Probably today.

Thanks, systems are now receiving the update and the registry key is appearing.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 04:20:01 PM
a.felger: Yes you are OK
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: alancurtis2 on January 05, 2018, 04:20:14 PM
I've attached a screen shot of my regedit window... 
Looks to me like "never" has happened.
I've done several reboots, no change.

Any way to convince updater to re-run?  Do I need to un/re-install Avast?

Alan
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 04:34:39 PM
alancurtis2: It would be best to reinstall the product. There is a way to reinstall all updates, but it is manual process and error prone.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: contl on January 05, 2018, 04:35:59 PM
How do I know if I have an old Business 8?

I have Avast Small Office Administration
Program Version 1.3.3.112
Database Version 1450

Program Versions Delivered to Desktop
Program Version 8.0.1609
Version 180105-0

Thanks
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 04:37:44 PM
contl: Program Version 8.0.1609 is "old Business 8"
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: contl on January 05, 2018, 04:40:06 PM
How do I update the program? All automatic updates say "I'm up to date"?

Thanks
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 05:05:03 PM
contl: You have latest version of this business product line. New business product line is more targeted on small business.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: contl on January 05, 2018, 05:10:42 PM
Ok, so bottom line is I should start seeing this update (reg setting) being pushed out in the next 12 hours or so?

Thank you
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: alancurtis2 on January 05, 2018, 05:11:13 PM
Uninstalled, rebooted, and now windows defender has set the flag... so we'll never know if reinstalling Avast would have fixed the problem.
And frankly I'm a tad hesitant to re-install the product, for fear of incompatibility somehow, given Avast wasn't setting the flag and we don't seem to know why...

Alan
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Spec8472 on January 05, 2018, 05:18:53 PM
Ok, so bottom line is I should start seeing this update (reg setting) being pushed out in the next 12 hours or so?

Thank you

Correct
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Srfrdrew on January 05, 2018, 08:37:19 PM
This is what I'm showing right now... It is showing up to date on all the clients but not sure if this up to date with the micro fix, Using the Avast for Business online version

Please advise?

Program version
17.8 (2527)  Up to date
Virus definitions version
180105-2  Up to date
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: rlitchfield on January 05, 2018, 09:40:37 PM
My team has been on your help desk call for almost 2 hours trying to reach someone that can answer our questions regarding this issue.  From what your reps have told us, you have disbanded your direct business support so we are having trouble speaking with someone. 

Any suggestions on a number we can call to have some of these questions answered?
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Asyn on January 06, 2018, 09:25:40 AM
My team has been on your help desk call for almost 2 hours trying to reach someone that can answer our questions regarding this issue.  From what your reps have told us, you have disbanded your direct business support so we are having trouble speaking with someone. 

Any suggestions on a number we can call to have some of these questions answered?
Business Support: https://www.avast.com/en-us/business-support
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: f23948 on January 06, 2018, 09:41:15 AM
Spec8472, did i get microupdate?

[Config]
LastAppliedPatchId=378

Code: [Select]
  Current version: 2322
  Current update version: 324
  Guid: 04b441ce-8f08-4efc-985e-9503398ddb0f
  Midex: 2AD6D2168AABA23715334F4FABAA199A7845C6AE5FDDEAD80230575941C15115
  GetSourceType START
  GetSourceType END
  PerformRemoteOp START
    PerformRemoteHttpOp START
      PerformRemoteHttpOp: Url: http://ip-info.ff.avast.com/v2/info
      CopyResourceToFileOrBuffer START
      CopyResourceToFileOrBuffer END long=0
    PerformRemoteHttpOp END long=0
  PerformRemoteOp END long=0
LoadConfig END long=0
DeleteAlreadyExecutedRestartJobs_2 START
  DeleteAlreadyExecutedRestartJobs_2 START
    PrepareSchedulerInterface START
    PrepareSchedulerInterface END long=0
  DeleteAlreadyExecutedRestartJobs_2 END long=0
DeleteAlreadyExecutedRestartJobs_2 END long=0
WaitForInternetConnection START
  CheckInternetConnection START
    PerformRemoteHttpOp START
      PerformRemoteHttpOp: Url: http://emupdate.avcdn.net/files/emupdate/pong.txt
    PerformRemoteHttpOp END long=0
    Internet connection detected using 1
  CheckInternetConnection END long=0
WaitForInternetConnection END long=0
PrepareRemotePatchDescriptor START
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\40683257-86c5-4d8a-9417-5eb5d2c95abd.ini

  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    PerformRemoteOp START
      PerformRemoteHttpOp START
        PerformRemoteHttpOp: Url: http://emupdate.avcdn.net/files/emupdate/patches.ini
        CopyResourceToFileOrBuffer START
        CopyResourceToFileOrBuffer END long=0
      PerformRemoteHttpOp END long=0
    PerformRemoteOp END long=0
    File:C:\Program Files\AVAST Software\Avast\Setup\40683257-86c5-4d8a-9417-5eb5d2c95abd.ini first 16 bytes of signatur
e: 450868A61389CB677B6105A1DA7E751E
  MakeFileLocal END long=0
PrepareRemotePatchDescriptor END long=0
No patches available
PrepareRemoteUpdateDescriptor START
  MakeTemporaryFileName START
  MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\ea90512c-24ec-486d-a98e-8f3c284a4ed5.xml

  MakeFileLocal START
    GetSourceType START
    GetSourceType END
    PerformRemoteOp START
      PerformRemoteHttpOp START
        PerformRemoteHttpOp: Url: http://emupdate.avcdn.net/files/emupdate/updates.xml
        CopyResourceToFileOrBuffer START
        CopyResourceToFileOrBuffer END long=0
      PerformRemoteHttpOp END long=0
    PerformRemoteOp END long=0
    File:C:\Program Files\AVAST Software\Avast\Setup\ea90512c-24ec-486d-a98e-8f3c284a4ed5.xml first 16 bytes of signatur
e: 0E175753EC9CD2E0A3D9E0E85510BA89
  MakeFileLocal END long=0
  GetUpdatesInfo START
    GetUpdatesInfoFromXmlRoot START
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=1168
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: FALSE
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        Condition result: TRUE
        ReadXmlNodeUpdateInfo START
        ReadXmlNodeUpdateInfo END long=0
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          Condition result: FALSE
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
          EvaluateGuidCondition START
          EvaluateGuidCondition END long=0
          EvaluateTimeCondition START
          EvaluateTimeCondition END long=0
          Condition result: TRUE
          GetUpdatesInfoFromXmlRoot START
            Condition result: TRUE
            ReadXmlNodeUpdateInfo START
            ReadXmlNodeUpdateInfo END long=0
          GetUpdatesInfoFromXmlRoot END long=1168
        GetUpdatesInfoFromXmlRoot END long=1168
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateIniCondition START
        EvaluateIniCondition END long=0
        Condition result: FALSE
      GetUpdatesInfoFromXmlRoot END long=1168
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: FALSE
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        Condition result: TRUE
        ReadXmlNodeUpdateInfo START
        ReadXmlNodeUpdateInfo END long=0
      GetUpdatesInfoFromXmlRoot END long=0
      EvaluateVersionCondition START
      EvaluateVersionCondition END long=0
      Condition result: TRUE
      GetUpdatesInfoFromXmlRoot START
        EvaluateVersionCondition START
        EvaluateVersionCondition END long=0
        Condition result: TRUE
        GetUpdatesInfoFromXmlRoot START
          Condition result: TRUE
          ReadXmlNodeUpdateInfo START
          ReadXmlNodeUpdateInfo END long=0
        GetUpdatesInfoFromXmlRoot END long=0
      GetUpdatesInfoFromXmlRoot END long=0
    GetUpdatesInfoFromXmlRoot END long=0
    MicroUpdate available for product home: version:2322
  GetUpdatesInfo END long=0
PrepareRemoteUpdateDescriptor END long=0
ApplyUpdates START
  ApplyUpdate START
    MakeTemporaryFileName START
    MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\f9f9d17b-b804-4701-96b9-25082c08b3fd.c
ab
    MakeFileLocal START
      GetSourceType START
      GetSourceType END
      PerformRemoteOp START
        PerformRemoteHttpOp START
          PerformRemoteHttpOp: Url: http://securebrowser.avast.tools.avcdn.net/tools/avast/securebrowser/diff/safer-upda
te.cab
          CopyResourceToFileOrBuffer START
          CopyResourceToFileOrBuffer END long=0
        PerformRemoteHttpOp END long=0
      PerformRemoteOp END long=0
      File:C:\Program Files\AVAST Software\Avast\Setup\f9f9d17b-b804-4701-96b9-25082c08b3fd.cab first 16 bytes of signat
ure: 4B526BEAF909E5F2EC95A09282572EBB
    MakeFileLocal END long=0
    ApplyCabUpdate START
      MakeTemporaryFileName START
      MakeTemporaryFileName END CString=C:\Program Files\AVAST Software\Avast\Setup\d7221466-9b69-4caa-81ca-f9e3dd4f5d57

      ApplyXmlUpdate START
        ApplyXmlUpdateFromXmlRoot START
          EvaluateRegistryCondition START
          EvaluateRegistryCondition END long=0
          Condition result: TRUE
          ApplyXmlUpdateFromXmlRoot START
            EvaluateRegistryCondition START
            EvaluateRegistryCondition END long=0
            Condition result: TRUE
            ApplyXmlUpdateFromXmlRoot START
              EvaluateIniCondition START
              EvaluateIniCondition END long=0
              Condition result: FALSE
            ApplyXmlUpdateFromXmlRoot END long=0
          ApplyXmlUpdateFromXmlRoot END long=0
        ApplyXmlUpdateFromXmlRoot END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleFiles START
        HandleFiles END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleRegistry START
        HandleRegistry END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleExecutes START
        HandleExecutes END long=0
        HandleProductActions START
        HandleProductActions END long=0
        HandleVersions START
        HandleVersions END long=0
        HandleNotifications START
        HandleNotifications END long=0
      ApplyXmlUpdate END long=0
    ApplyCabUpdate END long=0
  ApplyUpdate END long=0
ApplyUpdates END long=0
GetSourceType START
GetSourceType END
PerformRemoteHttpOp START
  PerformRemoteHttpOp: Url: http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
  CopyFileOrBufferToResource START
  CopyFileOrBufferToResource END long=0
PerformRemoteHttpOp END long=0
FreeSchedulerInterface START
FreeSchedulerInterface END long=0
_tWinMain final result: 0

Press any key to exit console...
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: cameronanderson2000 on January 06, 2018, 10:52:48 AM
when i input AvEmUpdate.exe /debug i get "this app cannot run on your pc, to find a version for your pc, check with your software publisher" im already  on the new windows update, dunno if im screwed
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Asyn on January 06, 2018, 04:13:38 PM
Spec8472, did i get microupdate?
Yep.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: gjbarnard on January 06, 2018, 06:07:37 PM
I have the registry key and Win 10 but am not getting the update, so did some research and turns out my CPU is not affected.  The research took me to Intel's page: https://www.intel.com/content/www/us/en/support/articles/000025619/software.html where there is information and a tool you can download and run to tell you if you need to patch.  Also another page stated that Intel hoped to have fixes for 90% of processors by 12th January 2018.  I hope this info helps.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Asyn on January 06, 2018, 06:16:02 PM
I have the registry key and Win 10 but am not getting the update, so did some research and turns out my CPU is not affected.  The research took me to Intel's page: https://www.intel.com/content/www/us/en/support/articles/000025619/software.html where there is information and a tool you can download and run to tell you if you need to patch.  Also another page stated that Intel hoped to have fixes for 90% of processors by 12th January 2018.  I hope this info helps.
Not related to the bug discussed here.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Ttail on January 08, 2018, 01:23:05 AM
Went looking for the Windows update for Melt down and spectre. I dont see it. I am running AVAST 17.9.2322(Build 17.9.3761.0) How do I know if I have had the AVAST registry entry applied ?
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: hedgie on January 09, 2018, 02:16:12 AM
You can check the registry key as described here https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software (https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software)

Even if the registry key is present, you may not be offered the update. Don't know if that's caused by Avast or MS, but you can get it from the Microsoft Update Catalog here http://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892 (http://www.catalog.update.microsoft.com/Search.aspx?q=KB4056892)
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: ssauteur on January 09, 2018, 04:00:49 PM
Went looking for the Windows update for Melt down and spectre. I dont see it. I am running AVAST 17.9.2322(Build 17.9.3761.0) How do I know if I have had the AVAST registry entry applied ?

Same as Ttail above, also running AVAST 17.9.2322(Build 17.9.3761.0).
The registry key IS NOT present => what do we do ?

Tks in advance for you answer
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: Christian268 on January 11, 2018, 12:02:28 AM
how i known if my update of windows is compatible with the avast?

thanks
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: heikwith on January 11, 2018, 04:17:54 PM
Here in Windows 10 1709 the key in de register is there and Ok.
Avast 7.9.2322 Free just updated to 7.9.3761.278.
But I still do not get KB4056892.
Also running Windows update troubleshooter did not help.
IntelSA00086DetectTool1.0.0.152 tells me I am still vulnerable !!
Do I have to wait for the next avast update ?
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: prcmzrb on January 12, 2018, 11:38:30 AM
We can't see the registry key in my company.
We use Endpoint Protection Suite together with Small Office Administration.
Your computer with SOA uses a proxy to connect to the Internet. Updates are delivered to clients only from mirror (SOA). Updating from the Internet is prohibited.

SOA version: 1.3.3.112
Database version: 1450
Mirror or Client version: 8.0.1609
Virus Definitions Version: 180111-8

Version of file AvastEmUpdate.exe is still 10.2.1609.588 and does not change. Virus definitions have changed when I updated them over SOA, but not the program or its parts (such as AvastEmUpdate.exe).


We also use a computer where a standalone version of Avast Endpoint Protection Suite is installed. Registry changes are performed correctly after the update.
File AvastEmUpdate.exe was changed 5.1.2018 (current version 17.9.3761.0). Older version (10.2.1609.588) was backuped and saved as AvastEmUpdate.exe.bak.9913124109445268958.
This computer doesn't use a proxy to connect to the Internet.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: bizadi on January 13, 2018, 12:43:02 AM
Apologies for this newbie post but I'm a little lost as to which registry key to look for. I have Avast Free 17.9.2322 (build 17.9.3761.278). My system is Windows 10 (1709) and I have updated with the 2018-01 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4056892).                                                                                                                                           
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: DavidR on January 13, 2018, 01:26:12 AM
Apologies for this newbie post but I'm a little lost as to which registry key to look for. I have Avast Free 17.9.2322 (build 17.9.3761.278). My system is Windows 10 (1709) and I have updated with the 2018-01 Cumulative Update for Windows 10 Version 1709 for x64-based Systems (KB4056892).                                                                                                                                           

You have posted in the Avast for Business forum, it should be in the Avast Free Antivirus / Pro Antivirus / Internet Security/ Premier (https://forum.avast.com/index.php?board=2.0) forum.

For speed the key is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat however if you have been able to install KB4056892 you must have had the key.  Also see https://forum.avast.com/index.php?topic=212691.0 (https://forum.avast.com/index.php?topic=212691.0).

If you have any further questions please start your own new topic in the forum link that I gave.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: bizadi on January 13, 2018, 02:07:01 AM

You have posted in the Avast for Business forum, it should be in the Avast Free Antivirus / Pro Antivirus / Internet Security/ Premier (https://forum.avast.com/index.php?board=2.0) forum.

For speed the key is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat however if you have been able to install KB4056892 you must have had the key.  Also see https://forum.avast.com/index.php?topic=212691.0 (https://forum.avast.com/index.php?topic=212691.0).

If you have any further questions please start your own new topic in the forum link that I gave.

Thank you, DavidR! Sorry for getting the wrong forum. I will post in the correct forum if necessary.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: SeReB on January 15, 2018, 05:09:05 PM
SOA version: 1.3.3.112
Database version: 1450
Mirror or Client version: 8.0.1609
Virus Definitions Version: 180111-8

Thank you for reporting the issue, we are currently investigating why it has not been applied to your SOA mirrored environment.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: fordiegolg on January 18, 2018, 09:58:20 AM
Windows 10 ver 1703 build 15063.786
Avast Endpoin protection ver 8.0.1609  vir.db. 18016-4
Avast AEA ver 8.0.405

I have more than 100 computers. why there is no key in the registry? please reply
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: SeReB on January 25, 2018, 11:56:29 AM
Yesterday, we issued a patch for the machines behind a SOA mirror without the registry keys. It is downloaded together with virus definitions, and it is applied automatically. To download it immediately run Update server definitions job from the SOA web interface.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: fordiegolg on January 30, 2018, 01:05:35 PM
Windows 10 ver 1703 build 15063.786
Avast Endpoin protection ver 8.0.1609  vir.db. 180129-4
Avast AEA ver 8.0.405

The key in the registry is fixed
BUT! clients of the WSUS do not see the update KB4056891. When I deleted the avast on the test PC. He immediately update on the WSUS began to download and install KB4056891.
Explain the reason? You write that the product Avast Endpoin protection 8 is compatible
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: fordiegolg on January 31, 2018, 07:16:08 AM
I tested it issue on Windows 10 1709
got the same result
If the antivirus is installed, the update does not find. if the antivirus removes the update is find and installed
P.S. the key in the registry is present
P.P.S problem in the antivirus software! Please respond!
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: rainerF on February 02, 2018, 01:24:17 PM
Dear fordiegolg,
welcome to the club, you're absolutely right that there seems to be a severe bug in this version (8.x and AEA).
We've already had the same problem like you with the mirror which should be fixed now i believe.
And we still have the same problem that no system can be patched anymore due to Microsoft's Meltdown requirements and
its registry key AND Avast.
Beside WSUS Online we're using the offline wsusscn2.cab in 3rd party applications or direct api calls with WUA, the online WSUS version is working for some cases but the offline one for absolutely NO system.
And you're right it's definitely the Avast scanner, registry keys are ok, you can disable the services and disable feature of the realtime scanner, nothing is working. Only the old non-flagged patches were recognized and installed.
Because Avast's business support is sadly blazing with abstraction since the merge with AVG we've opened a case at Microsoft Premier to probably narrow it down more in detail. Nevertheless you're right, if uninstalling Avast all is working without any problems - also for testing with other av vendors. Btw. we're still using it on about 1500 servers. Still waiting on the final results of the L2/L3 engineers of Microsoft support. Will get them probably today or at monday... (btw. all server operating systems are affected, not only the client versions..)
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: fordiegolg on February 12, 2018, 01:37:50 PM
PC in my company does not have direct access to the Internet
The Internet receives through the proxy server squid
settings are taken from IE through wpad settings
antivirus is updated via mirror Avast Enterprise Administration 8.0.405

I give direct access to the Internet test PC
launched the file c:\Program Files\AVAST Software\Avast Business\AvastEmUpdate.exe

I noticed that there was a log in the folder c:\ProgramData\AVAST Software\Avast\AvastEmUpdate.ini
in him
[Config]
LastAppliedPatchId = 381

And in folder new two files c:\Program Files\AVAST Software\Avast Business\ 
AvastEmUpdate.exe.sum
AvastEmUpdate.exe.bak.10567838635595355225

In the folder new file  c:\Program Files\Common Files\avast software\overseer\overseer.exe

I rebooted the PC
and checked the updates via WSUS and…… yes! Update is view!

I noticed that in the task scheduling there is a task to start AvastEmUpdate.exe automatically when you turn on the PC
I registered in the gateway direct access to the update servers avast (I will not post a list of networks here because I do not know if this is allowed)
two - three reboots and my PC view update KB4056892, KB4056891 and released after
Later I'll try to update my PC via WSUS
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: fordiegolg on February 12, 2018, 05:44:36 PM
I was able to install patch KB4056892 via WSUS
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: SeReB on February 13, 2018, 07:37:26 PM
In case your computers are not directly connected to the internet and Windows Update channel is therefore unavailable, you have to use other supported channel to get the hotfix. Also, depending on your OS version, the hotfix might not be available via Windows Update.

Please refer to January 2018 Windows operating system update schedule (https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown) table for more information about available channels. Anyway the released hotfixes are always available via Catalog.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: rainerF on February 15, 2018, 11:46:17 AM
Hi,

strange thing, yesterday we've also found out the that proxies and the Avastemupdate.exe is one important problem.
It looks like that there were done some microcode updates or whatever else as add on to the registry entries and in our case
also the problem because we can't get any patches via wsus offline or wua api calls.
Today i've sent a high priority case to the emea support an our german sales manager to get further information about this process and/or a fix which we can deploy of our own because we can't open all connections for our 1500 servers only why Avast isn't able to work properly with proxies and so on.

@SeReB:
You're right that some special Microsoft updates are only available via the catalog server but that's not the general goal in this case. The problem is that we have or fordiegolg e.g. is that it worked without any problems with WSUS Online but NOT with WSUS offline or WUA api calls like many 3rd party vendors are using. For this case you need a fix to deploy the Avast's update manually, fix Avastemupdate.exe to use a proxy and the manin topic, inform at least business users about these hidden operations that costs a lot of time and money while contacting L2/L3 of other vendors like Microsoft Premier... >:(

Further on i've linked now your comments to the appropriate people of Avast which are responsible for us which sadly also didn't know these kind of information !
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: SeReB on February 15, 2018, 01:34:27 PM
It looks like that there were done some microcode updates or whatever else as add on to the registry entries and in our case

There are two ways to have the MS hotfix required registry keys installed.
1) registry keys are created by emergency updates (avastemupdate.exe), but this requires a direct connection to Avast's update servers. There could be a delay up to 24 hours (update window interval), unless avastemupdate.exe is run manually. (Can use /debug parameter to see more information about the process.)
2) registry keys are created by regular virus definition updates of Endpoint Protection business products (which is the suitable way for machines behind mirror).

These two options' results are equivalent. Once the keys are present, all prerequisites of the hotfix are done, and we do not cooperate further neither (intentionally) interfere with the Windows update mechanism. I have personally tested the scenario with machines connected only to a mirror machine, and the hotfix was delivered and installed properly. Therefore I think the problem is not in a way how AV delivers the registry keys. As manually creating the registry keys does not solve the situation, it strengthens my suspicion the problem is not in AV, but in WU.

Therefore our support is going to reach out to you to provide more detailed information from the affected systems in order to find any reference of a problem in Windows/WU that could be accidentally caused by Avast AV, plus the option to allow the upgrade IPs.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: fordiegolg on February 16, 2018, 06:35:19 AM
This is not related to the keys in the registry.
the key was set when the avast was installed and stayed with the avast remove.
in all tests the key was present in the registry
without a micro patch obtained through avastemupdata update via WSUS or WU does not work

Avastemupdata should have derect access to the Internet because he can not update through the mirror AEA or other

PS
I'm talking about this key
Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD”
Data="0x00000000”


>>>Avast isn't able to work properly with proxies
This is true. New bug in windows 1709 https://forum.avast.com/index.php?topic=215594.0
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: rainerF on February 16, 2018, 01:01:59 PM
Fordiegolg that's absolutely right. The main problem is that a lot of versions and/or components of Avast's software are not proxy capable.
As mentioned before and as the Avast guys already know the emergency updater is one part of it, but at least in our case the regular vps pattern updates didn't set ALL of these registry settings and therefore we've fighted against this problem up to yesterday afternoon. For me it looks like that the mirror fix automatically applied at end of january has a bug. The general MS/Meltdown key was set that's right, but NOT the QualitCompat key on the ASWVMM section.
>HKLM\SYSTEM\CurrentControlSet\services\aswVmm\Parameters\QualityCompat - Reg_Dword "1"<
And in our case this was the problem. We've fixed it now as a workaround while deploying a script on all 1500 machines. (but btw. it don't solve the problem for similar updates for the future). Therefore i've contacted the business support again for a real solution...
Sorry guys the main problem is definitely in AV and NOT in WU...

Only one strange side effect was existing before, yes we had sometime troubles with the old wsus offline cab, direct connection to the internet and those 2 keys and therefore investigation was also difficult for us because for a short time it was a combination of three factors. But with the newest WSUS offline cab these symptoms are gone for sure. (i'm still waiting on a feedback of the L2 MS Premier engineer due to this problem, probably he could gave me some information about that)
But 95% of the problem was forced due to the missing ASWVMM key...

Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: SeReB on February 16, 2018, 01:59:06 PM
This is not related to the keys in the registry.
Yes, that is exactly what I was trying to say in the previous comment. The problem is not related to the registry keys. The updates deliver just the keys, nothing else. It is true, that the update through avastemupdate does set the aswVmm\parameters\QualityCompat key, while the VPS update does not.

without a micro patch obtained through avastemupdata update via WSUS or WU does not work
There is no micro patch applied. The avastemupdate utility upgrades itself first, then the new one applies the registry keys. Nothing else is patched.
That is why more debug data from your WU/WSUS configuration was requested, so it would show us why the update is not offered.

>HKLM\SYSTEM\CurrentControlSet\services\aswVmm\Parameters\QualityCompat - Reg_Dword "1"<
And in our case this was the problem.
This is Avast's registry key. You should not set the value manually. If you have added it manually, check also, that you have OtherVMMs key present, otherwise you might get BSOD after restart!

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\aswVmm\parameters]
"OtherVMMs"=hex(7):61,00,76,00,67,00,76,00,6d,00,6d,00,00,00,61,00,73,00,77,00,\
  76,00,6d,00,6d,00,00,00,00,00
"QualityCompat"=dword:00000001

I will get back as soon as I know more what the key is meant for.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: rainerF on February 16, 2018, 05:20:47 PM
????
Yes you're right that it is Avast's key, but it is the key that was automatically set by your AVASTEMUPDATE.exe on a system that is working. So what ?
The "OtherVMMs" key you've mentioned is on ALL systems REG_MULTI_SZ with value data "avgvmm aswvmm" !!??

There's on NO system the key with your values. (also where avastemupdate worked and had direct internet access)
Btw. we are working with AVAST Enterprise Protection Suite AEA 8.0.405 and a managed client 8.0.1609 on 1500 SERVERS, i'm not sure whether we are talking about the same product.
At the moment i've set the same key as it was on the machines that are working. If you really still believe that your key is missing?, please explain why it is on none of the systems that were updated automatically ?...
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: rainerF on February 17, 2018, 12:58:47 PM
And again..
I've found the next bug or better reason why your emergency updates sometimes didn't work in real life.
In my case i'm also working with a 10 user EPS for my own beside our 1500 license in our company. Today i wasn't able to update at least one of my system anymore(in this case a windows 8.1). What a surprise, the aswvmm key was missing again. Tried to set it, didn't work.
Not while using UAC but while using "self defense" of Avast. Deactivated it and could set the key manually again, set self defense again. Restarted the machine and what a surprise. Updates are working again without any problems, rebooted my machine. Still no BSOD....
While doing the work that Avast should do....
Why isn't Avast able after 5 weeks to fix all of these Meltdown related bugs in EPS and whereever ?
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: SeReB on February 19, 2018, 11:35:56 AM
If you really still believe that your key is missing?, please explain why it is on none of the systems that were updated automatically ?...
Why isn't Avast able after 5 weeks to fix all of these Meltdown related bugs in EPS and whereever ?

I have requested the details about the extra registry key and because the SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat key can be written by any software and not by the possibly incompatible AV software, Microsoft has requested additional vendor-specific requirements for certain AV versions in order to consider AntiVirus software compatible. Unfortunately we were not aware of that requirement being applied also to SOA/EP.

We are going to release a VPS update that is going to add the required QualityCompat=1 key and will enable the machines behind a mirror to receive the MS hotfix. We are very sorry for the delay in the MS hotfix delivery.
Title: Re: Intel Bug Meltdown/Spectre Win 10 Update - Contact your Anti-Virus AV to confirm
Post by: fordiegolg on February 20, 2018, 06:22:13 AM
Perfect news!