Results 1 to 3 of 3
  1. #1
    2 Star Lounger
    Join Date
    Jul 2011
    Location
    Colorado
    Posts
    129
    Thanks
    30
    Thanked 10 Times in 10 Posts

    KB2679255 may cause issues

    In Susan's last story, she had mentioned to install KB2679255, but there may be a problem. I cannot speak for everyone, but just in case. KB2679255 is creating Hidden threads in Windows 7 systems. These threads are now showing up in Avira Anti Virus as a threat (I use Avira). When I uninstall KB2679255, then the Avira scan finds nothing. Here is what I am talking about; this is the part of the log when it finds the Hidden objects as a virus when KB2679255 is installed

    Starting search for hidden objects.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Media Player NSS\3.0\Events\{36A76769-9A75-4987-8E8C-AAD0733CC97C}
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Cl ass\{4D36E972-E325-11CE-BFC1-08002BE10318}\0013\Linkage\UpperBind
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Ne twork\{4D36E972-E325-11CE-BFC1-08002BE10318}\{F6AC6B09-B167-4126-88EF-673455FF8B41}\Connection\Name
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Ne twork\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage\Bind
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Ne twork\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage\Route
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Ne twork\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage\Export
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\services\T cpip\Parameters\Interfaces\{D3AE9D8C-A2AE-4707-BB6D-FEE7502EC35C}\DhcpInterfaceOptions
    [NOTE] The registry entry is invisible.
    HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Health\{4DF4A9AA-A28D-4A15-9C30-D941ED22F4A6}
    [NOTE] The registry entry is invisible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    Hidden thread
    [NOTE] A system thread is not visible.
    72 Hidden objects were found

    Notice all the entries of "Hidden thread". Now, I uninstalled KB2679255, rebooted, did a reg clean and cleaned other items, rebooted and this is what the Avira log looks like now;

    Starting search for hidden objects.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Media Player NSS\3.0\Events\{3656FDFB-2D6A-4685-A149-1EC4A4E71D6A}
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Search\Gather\Windows\SystemIndex\Crawls\13
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Cl ass\{4D36E972-E325-11CE-BFC1-08002BE10318}\0013\Linkage\UpperBind
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Ne twork\{4D36E972-E325-11CE-BFC1-08002BE10318}\{F6AC6B09-B167-4126-88EF-673455FF8B41}\Connection\Name
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Ne twork\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage\Bind
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Ne twork\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage\Route
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Ne twork\{4d36e975-e325-11ce-bfc1-08002be10318}\{2B07FAA1-8217-4E30-B5EC-FD4501E773BB}\Linkage\Export
    [NOTE] The registry entry is invisible.
    HKEY_LOCAL_MACHINE\System\ControlSet001\services\T cpip\Parameters\Interfaces\{D3AE9D8C-A2AE-4707-BB6D-FEE7502EC35C}\DhcpInterfaceOptions
    [NOTE] The registry entry is invisible.
    HKEY_USERS\S-1-5-20\Software\Microsoft\MediaPlayer\Health\{23CA25CE-7EC3-42C7-BE18-DFFA9665F336}
    [NOTE] The registry entry is invisible.
    9 Hidden objects were found

    All those entries are now gone and Avira Anti-Virus does not detect any sort of virus or malicious software during the scan.

    This may not affect other systems using other anti-virus software, but just in case; I wanted to advise everyone if they are seeing this as well or if their scans are showing up some malicious entry. It could be related to this update from Microsoft.

    FYI everyone
    "Every Thing Changes but Change Itself"

    [Core I7 6700][Asus Maximus VIII Hero][8GB G.Skill memory][Asus GTX 980Ti Strix][1 x 512GB Samsung 950 Pro][850W Seasonic PSU][Antec 900][Windows 10 Professional, 64-bit][2 x Asus PG278Q]

    [Core I5 2500k][Asus P8P67 Pro (ver 3.1)][8GB Corsair memory][Asus ENGT430][1 x 90GB Corsair GT SSD][650W Corsair PSU][Thermaltake DH-202][Windows 7 Home, 64-bit][65" Panasonic Plasma T.V.]

  2. #2
    Administrator
    Join Date
    Jun 2010
    Location
    Portugal
    Posts
    12,519
    Thanks
    152
    Thanked 1,398 Times in 1,221 Posts
    Maybe the problem is Avira and not the patch? Did you report that to Avira's tech support?

  3. #3
    2 Star Lounger
    Join Date
    Jul 2011
    Location
    Colorado
    Posts
    129
    Thanks
    30
    Thanked 10 Times in 10 Posts
    Finally getting back to this. I did contact Avira and it is all over their forums. I wanted to make sure that if people had Avira (or another A/V doing the same thing) just to be aware. And uninstalling the KB2679255 patch was okay to do since reading the Microsoft website; it is classified as "Recommended" so it is not a critical security issue and listed here it was put on the back burner for a while so another reason doing this was okay.

    Avira released an update yesterday and I installed KB2679255, now those entries are marked as "The registry entry is invisible". So just letting people be aware, your hidden objects will be increased, but it will not show up as a virus in Avira's case. Other A/V having the same issue? Not sure, but case closed for Avira/Microsoft
    "Every Thing Changes but Change Itself"

    [Core I7 6700][Asus Maximus VIII Hero][8GB G.Skill memory][Asus GTX 980Ti Strix][1 x 512GB Samsung 950 Pro][850W Seasonic PSU][Antec 900][Windows 10 Professional, 64-bit][2 x Asus PG278Q]

    [Core I5 2500k][Asus P8P67 Pro (ver 3.1)][8GB Corsair memory][Asus ENGT430][1 x 90GB Corsair GT SSD][650W Corsair PSU][Thermaltake DH-202][Windows 7 Home, 64-bit][65" Panasonic Plasma T.V.]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •