O.T. Avast pop-up

[]
I did loose some information but I would rather have that
and fix this problem and I can retrieve most of the information.
I updated my VLC player, Macrium and Avast and have run all
the scans and checked for Windows update of which there were
2 important updates and 2 optional updates and installed all of
them after checking what they were.

I'm still monitoring the computer to make sure everything is OK
so far things seem normal.

Thanks again,
Robert

It's worth keeping a log (just a text file, a diary/journal) of things
like the above - as well as any actual downloads, if you do them outside
the prog.s (I know VLC does the update inside itself, and Avast probably
does too) - somewhere that _isn't_ overwritten if you do a
restore-from-image, so if you have to do another one, you know what
updates you have to do again. That's one of the reasons I have most of
my drive as a D: (data) partition, with C: as just holding Windows and
installed software. (Another reason is it makes C: smaller so imaging is
quicker so I might do it more often. Though of course D: needs backing
up too, which I do - but just by copying, not imaging.)

Of course, as soon as you're reasonably sure all is well, make another
image: then if you subsequently have to do another restore-from-image,
you won't have as much updating to do.
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

If you want to make people angry, lie to them. If you want to make them
absolutely livid, then tell 'em the truth.


I don't know if I would create a separate partition
just for downloads/data after all the programs and
X programsx86 should hold all of that and seems too
advanced for my purposes but I see your point and its
not a bad idea.

I have tried to do so with my files and folders and
with my backups but point taken.

Thanks,
Robert

On Tuesday, June 25, 2019 at 11:47:39 PM UTC-7, Robert in CA wrote:
On Tuesday, June 25, 2019 at 11:57:14 AM UTC-7, Paul wrote:
Robert in CA wrote:
I finally found the Mrimgs they were on the C: partition,.
that's what threw me. I started the process but don't know
if I should proceed since I didn't resize the partition as
in your example and then got the pop-up of over writing.
Should I continue?

http://i68.tinypic.com/294kry0.jpg # Collection of MRIMG 6/2/2019

http://i67.tinypic.com/2aiigzs.jpg # Dell svc, Recovery 14GB, 119/907GB C:

http://i63.tinypic.com/eg3bev.jpg # Backup is 119GB, curr disk is 142GB !!!

http://i65.tinypic.com/qpjc3o.jpg # Ready to run...

http://i66.tinypic.com/154btb4.jpg # Restore started...

Thanks,
Robert

As long as you know that the June25 contents on the disk
today are not being lost by writing a June2 image over
top, you're ready to go.

I see a difference of 119GB on June2 in your pictures,
versus 142GB on June25.

If you're confident nothing is being lost, then click continue.

*******

Your Device Manager entries are weird, in that it
seems a USB controller and Network controller have
a yellow mark. You'd need to get the Code value
from those, by doing properties.

At this point though, since you're restoring, and
you're pretty confident of your lineup (putting
correct restore over current system), you'll need
to re-check Device Manager (devmgmt.msc) later
after the restore is finished. As the situation
will have changed at that point. With a yellow
mark on the main network controller, you wouldn't
really be able to use the machine for surfing
and such...

*******

You seem to be following the restore recipe OK.

Paul



I went back to check the device manager
and it still shows the same yellow triangle
with exclamation marks. I went into the
Administrator Account to try and automatically
update the drivers but it couldn't find anything
then tried it manually with the same result.

Apparently the drivers are from Realtek at least
that was what was highlighted when I tried to do it
manually but had no idea what to search for?

http://i64.tinypic.com/oab22e.jpg

http://i68.tinypic.com/1178w9t.jpg

So should I proceed with this?

Thanks,
Robert

I of course meant how should I proceed with this?

Robert in CA wrote:
On Tuesday, June 25, 2019 at 11:47:39 PM UTC-7, Robert in CA wrote:
On Tuesday, June 25, 2019 at 11:57:14 AM UTC-7, Paul wrote:
Robert in CA wrote:
I finally found the Mrimgs they were on the C: partition,.
that's what threw me. I started the process but don't know
if I should proceed since I didn't resize the partition as
in your example and then got the pop-up of over writing.
Should I continue?

http://i68.tinypic.com/294kry0.jpg # Collection of MRIMG 6/2/2019

http://i67.tinypic.com/2aiigzs.jpg # Dell svc, Recovery 14GB, 119/907GB C:

http://i63.tinypic.com/eg3bev.jpg # Backup is 119GB, curr disk is 142GB !!!

http://i65.tinypic.com/qpjc3o.jpg # Ready to run...

http://i66.tinypic.com/154btb4.jpg # Restore started...

Thanks,
Robert
As long as you know that the June25 contents on the disk
today are not being lost by writing a June2 image over
top, you're ready to go.

I see a difference of 119GB on June2 in your pictures,
versus 142GB on June25.

If you're confident nothing is being lost, then click continue.

*******

Your Device Manager entries are weird, in that it
seems a USB controller and Network controller have
a yellow mark. You'd need to get the Code value
from those, by doing properties.

At this point though, since you're restoring, and
you're pretty confident of your lineup (putting
correct restore over current system), you'll need
to re-check Device Manager (devmgmt.msc) later
after the restore is finished. As the situation
will have changed at that point. With a yellow
mark on the main network controller, you wouldn't
really be able to use the machine for surfing
and such...

*******

You seem to be following the restore recipe OK.

Paul


I went back to check the device manager
and it still shows the same yellow triangle
with exclamation marks. I went into the
Administrator Account to try and automatically
update the drivers but it couldn't find anything
then tried it manually with the same result.

Apparently the drivers are from Realtek at least
that was what was highlighted when I tried to do it
manually but had no idea what to search for?

http://i64.tinypic.com/oab22e.jpg Code 28 No driver
Code 28 No driver

http://i68.tinypic.com/1178w9t.jpg Attempted driver update

So should I proceed with this?

Thanks,
Robert

I of course meant how should I proceed with this?

Well, I don't know the details of your RealTek NIC.

For an "unknown" item, I do Properties and check the Hardware-ID.

https://i.postimg.cc/C1QKbzpy/hardware-id.gif

Then I look that one up in pci.ids.

http://pciids.sourceforge.net/pci.ids

8086 1503

8086 Intel Corporation
...
1503 82579V Gigabit Network Connection === the info I want
1043 849c P8P67 Deluxe Motherboard

So that's an example, using my NIC.

My USB example I'll select, is this one. For
USB peripherals, you would use the usb.ids file,
But this is likely a host controller, so again, we
can use the pci.ids.

https://i.postimg.cc/wBJvD6T3/usb-id.gif

1B21 1142

1b21 ASMedia Technology Inc.
...
1142 ASM1042A USB 3.0 Host Controller

On Windows 7, that tells us it is a USB3 controller and
Microsoft doesn't have USB3 drivers in the OS. They must
be added by the user.

If the answer came back that the host controller was
USB2, the Intel chipset driver might be a fit for that.

*******

Drop over to the Dell site, once you've satisfied yourself
as to the identity of the errant items, and get your drivers
there.

https://www.dell.com/support/home/ca...s-8500/drivers

Intel Chipset Driver Could cover USB2 driver.
Not likely necessary in this case,
subject to hardware-id verification

Intel USB 3.0 eXtensible ... Driver More likely you need this...

Realtek 8111E Network Driver Could cover your missing NIC

Running those might be easier than doing the
Update Driver dance from Device Manager :-)

Paul

On Wednesday, June 26, 2019 at 11:24:47 AM UTC-7, Paul wrote:
Robert in CA wrote:
On Tuesday, June 25, 2019 at 11:47:39 PM UTC-7, Robert in CA wrote:
On Tuesday, June 25, 2019 at 11:57:14 AM UTC-7, Paul wrote:
Robert in CA wrote:
I finally found the Mrimgs they were on the C: partition,.
that's what threw me. I started the process but don't know
if I should proceed since I didn't resize the partition as
in your example and then got the pop-up of over writing.
Should I continue?

http://i68.tinypic.com/294kry0.jpg # Collection of MRIMG 6/2/2019

http://i67.tinypic.com/2aiigzs.jpg # Dell svc, Recovery 14GB, 119/907GB C:

http://i63.tinypic.com/eg3bev.jpg # Backup is 119GB, curr disk is 142GB !!!

http://i65.tinypic.com/qpjc3o.jpg # Ready to run...

http://i66.tinypic.com/154btb4.jpg # Restore started...

Thanks,
Robert
As long as you know that the June25 contents on the disk
today are not being lost by writing a June2 image over
top, you're ready to go.

I see a difference of 119GB on June2 in your pictures,
versus 142GB on June25.

If you're confident nothing is being lost, then click continue.

*******

Your Device Manager entries are weird, in that it
seems a USB controller and Network controller have
a yellow mark. You'd need to get the Code value
from those, by doing properties.

At this point though, since you're restoring, and
you're pretty confident of your lineup (putting
correct restore over current system), you'll need
to re-check Device Manager (devmgmt.msc) later
after the restore is finished. As the situation
will have changed at that point. With a yellow
mark on the main network controller, you wouldn't
really be able to use the machine for surfing
and such...

*******

You seem to be following the restore recipe OK.

Paul


I went back to check the device manager
and it still shows the same yellow triangle
with exclamation marks. I went into the
Administrator Account to try and automatically
update the drivers but it couldn't find anything
then tried it manually with the same result.

Apparently the drivers are from Realtek at least
that was what was highlighted when I tried to do it
manually but had no idea what to search for?

http://i64.tinypic.com/oab22e.jpg Code 28 No driver
Code 28 No driver

http://i68.tinypic.com/1178w9t.jpg Attempted driver update

So should I proceed with this?

Thanks,
Robert

I of course meant how should I proceed with this?

Well, I don't know the details of your RealTek NIC.

For an "unknown" item, I do Properties and check the Hardware-ID.

https://i.postimg.cc/C1QKbzpy/hardware-id.gif

Then I look that one up in pci.ids.

http://pciids.sourceforge.net/pci.ids

8086 1503

8086 Intel Corporation
...
1503 82579V Gigabit Network Connection === the info I want
1043 849c P8P67 Deluxe Motherboard

So that's an example, using my NIC.

My USB example I'll select, is this one. For
USB peripherals, you would use the usb.ids file,
But this is likely a host controller, so again, we
can use the pci.ids.

https://i.postimg.cc/wBJvD6T3/usb-id.gif

1B21 1142

1b21 ASMedia Technology Inc.
...
1142 ASM1042A USB 3.0 Host Controller

On Windows 7, that tells us it is a USB3 controller and
Microsoft doesn't have USB3 drivers in the OS. They must
be added by the user.

If the answer came back that the host controller was
USB2, the Intel chipset driver might be a fit for that.

*******

Drop over to the Dell site, once you've satisfied yourself
as to the identity of the errant items, and get your drivers
there.

https://www.dell.com/support/home/ca...s-8500/drivers

Intel Chipset Driver Could cover USB2 driver.
Not likely necessary in this case,
subject to hardware-id verification

Intel USB 3.0 eXtensible ... Driver More likely you need this...

Realtek 8111E Network Driver Could cover your missing NIC

Running those might be easier than doing the
Update Driver dance from Device Manager :-)

Paul




If I'm following you for the USB this is what I
have on my 8500 and I select the top driver where
it says urgent?


http://i68.tinypic.com/2wd8ugi.jpg

http://i64.tinypic.com/vhfbcl.jpg

Robert

Robert in CA wrote:

If I'm following you for the USB this is what I
have on my 8500 and I select the top driver where
it says urgent?


http://i68.tinypic.com/2wd8ugi.jpg

http://i64.tinypic.com/vhfbcl.jpg Dell Driver Updater

Robert

This post only answers the part about the Urgent.
Not the rest of your driver needs.

*******

The one that says Urgent, is a BIOS update. That
could affect the ability to boot the XPS 8500, if
something goes wrong during the update.

Category: BIOS

Last Updated: 11 Jul 2018

Version: A14 ,A14 Older versions

File Name: A14.EXE

File size: 7.53 MB

Description: This package provides the BIOS Update on Dell XPS 8500

Fixes & Enhancements

Fixes:
- Updated CPU microcode to address security advisory
Intel Security Advisory INTEL-SA-00115 (CVE-2018-3639 & CVE-2018-3640)

https://cve.mitre.org/cgi-bin/cvenam...=CVE-2018-3639

CVE-2018-3639
Systems with microprocessors utilizing speculative execution and
speculative execution of memory reads before the addresses of all
prior memory writes are known may allow unauthorized disclosure of
information to an attacker with local user access === baloney sandwich!!!
via a side-channel analysis, aka
Speculative Store Bypass (SSB), Variant 4.

https://cve.mitre.org/cgi-bin/cvenam...=CVE-2018-3640

CVE-2018-3640
Systems with microprocessors utilizing speculative execution and
that perform speculative reads of system registers may allow
unauthorized disclosure of system parameters to an attacker
with local user access === More baloney sandwich!!!
via a side-channel analysis,
aka Rogue System Register Read (RSRE), Variant 3a.

There might be other reasons to install that BIOS, but those
two reasons aren't the ones. There is Spectre and Meltdown,
which might have been covered in a previous version of this
BIOS sequence.

Installing a Spectre/Meltdown BIOS, would slow the machine by
a few percent in average usage. When the OS detects the presence
of the correct BIOS, it may enable OS patches that align with
the information presented. And the above BIOS version 14 would
contain such Spectre/Meltdown CPU microcode patches.

Using the Intel Processor Identification Utility, the "version number"
of the processor, reflects the actual microcode patch installed.
You then check the available Intel information, to see what version
your CPU is running. If it's a "younger" version, you might consider
a BIOS update. If you already have a good version showing,
(because the OS microcode loader put it there),
then maybe you don't need to do anything.

Spectre/Meltdown can be patched by a BIOS microcode patch or
via an OS microcode patch. These give the same protection
against Spectre/Meltdown (at least as long as Microsoft is
using the latest microcode).

Before you do anything, run the Intel PIU. This is the
Intel PIU for my Test Machine.

Note - when you install or run it, you're likely to need
your Administrator account.

https://downloadcenter.intel.com/dow...indows-Version

Mine is currently 0x42D when measured under Windows 10.

https://i.postimg.cc/Pqnb7gQc/intel-PIU-example.gif

Using the model number i7-4930K, gives me this in ark.intel.com
I look up my processor, to get the product name I need for later.

https://ark.intel.com/content/www/us...-3-90-ghz.html

"Ivy Bridge E" (Ivy Bridge is IVB, Ivy Bridge E is IVT...)

The sequence I noted was, 0x428 was the BIOS level patch.
Mar.12,2018 (under Linux OS microcode loaded), got
bumped to 0x42A. And the latest info I can find from
Intel, says I should be at 0x42C, while the Microsoft
Windows 10 OS microcode loader has loaded 0x42D. This
means Microsoft is "committed" to syncing with the
Intel Spectre/Meltdown microcode, and under Windows 10
I don't have to worry. I'm patched. Windows 7 is in Extended Support,
but one of the updates should have updated your CPU as well.

This is an example of what an Intel release note looks like.
The tricky part, is mapping CPU part number to "Model",
which you could get from ark.intel.com using the info
in the PIU screen.

"RELEASENOTE from microcode-20180312.tgz"
== Updates upon 20171117 release ==
MODEL STEP f-mm-sf version
-- New Platforms --
BDX-DE EGW A0 6-56-5:10 e000009
SKX B1 6-55-3:97 1000140
-- Updates --
IVT C0 6-3e-4:ed 428-42c === my processor

Once we have a picture of your Intel PIU screen with
the version information, that will indicate whether
the patched and fully updated Windows 7 SP1 you're running
is protected by Microsoft (instead of protected by Dell).

The above CVE still exists. The Dell file might help.
But, it's flashing the BIOS... and is not without risks.
You are likely out of warranty on both XPS 8500 and 780,
so if the BIOS bricked the ability to boot, you wouldn't
be getting any "free repairs" for such. Just a guess.

Paul

Robert in CA wrote:

If I'm following you for the USB this is what I
have on my 8500 and I select the top driver where
it says urgent?


http://i68.tinypic.com/2wd8ugi.jpg

http://i64.tinypic.com/vhfbcl.jpg

Robert

If you get me the hardware-ids, using Device Manager
(devmgmt.msc), I might be able to tell you which
exact driver you need. Rather than you downloading
a 100 drivers and finding the right 2 for the job.

My best guess, is the two necessary are in this set.

Intel Chipset Driver Could cover USB2 driver.
Not likely necessary in this case,
subject to hardware-id verification

Intel USB 3.0 eXtensible ... Driver More likely you need this...

Realtek 8111E Network Driver Could cover your missing NIC

But with the hardware-id info, that would make the
determination a little easier.

Paul

On Wednesday, June 26, 2019 at 2:31:28 PM UTC-7, Paul wrote:
Robert in CA wrote:

If I'm following you for the USB this is what I
have on my 8500 and I select the top driver where
it says urgent?


http://i68.tinypic.com/2wd8ugi.jpg

http://i64.tinypic.com/vhfbcl.jpg

Robert

If you get me the hardware-ids, using Device Manager
(devmgmt.msc), I might be able to tell you which
exact driver you need. Rather than you downloading
a 100 drivers and finding the right 2 for the job.

My best guess, is the two necessary are in this set.

Intel Chipset Driver Could cover USB2 driver.
Not likely necessary in this case,
subject to hardware-id verification

Intel USB 3.0 eXtensible ... Driver More likely you need this...

Realtek 8111E Network Driver Could cover your missing NIC

But with the hardware-id info, that would make the
determination a little easier.

Paul




Here they a

http://i67.tinypic.com/2hi76v9.jpg

Robert

On Wednesday, June 26, 2019 at 2:27:43 PM UTC-7, Paul wrote:
Robert in CA wrote:

If I'm following you for the USB this is what I
have on my 8500 and I select the top driver where
it says urgent?


http://i68.tinypic.com/2wd8ugi.jpg

http://i64.tinypic.com/vhfbcl.jpg Dell Driver Updater

Robert

This post only answers the part about the Urgent.
Not the rest of your driver needs.

*******

The one that says Urgent, is a BIOS update. That
could affect the ability to boot the XPS 8500, if
something goes wrong during the update.

Category: BIOS

Last Updated: 11 Jul 2018

Version: A14 ,A14 Older versions

File Name: A14.EXE

File size: 7.53 MB

Description: This package provides the BIOS Update on Dell XPS 8500

Fixes & Enhancements

Fixes:
- Updated CPU microcode to address security advisory
Intel Security Advisory INTEL-SA-00115 (CVE-2018-3639 & CVE-2018-3640)

https://cve.mitre.org/cgi-bin/cvenam...=CVE-2018-3639

CVE-2018-3639
Systems with microprocessors utilizing speculative execution and
speculative execution of memory reads before the addresses of all
prior memory writes are known may allow unauthorized disclosure of
information to an attacker with local user access === baloney sandwich!!!
via a side-channel analysis, aka
Speculative Store Bypass (SSB), Variant 4.

https://cve.mitre.org/cgi-bin/cvenam...=CVE-2018-3640

CVE-2018-3640
Systems with microprocessors utilizing speculative execution and
that perform speculative reads of system registers may allow
unauthorized disclosure of system parameters to an attacker
with local user access === More baloney sandwich!!!
via a side-channel analysis,
aka Rogue System Register Read (RSRE), Variant 3a.

There might be other reasons to install that BIOS, but those
two reasons aren't the ones. There is Spectre and Meltdown,
which might have been covered in a previous version of this
BIOS sequence.

Installing a Spectre/Meltdown BIOS, would slow the machine by
a few percent in average usage. When the OS detects the presence
of the correct BIOS, it may enable OS patches that align with
the information presented. And the above BIOS version 14 would
contain such Spectre/Meltdown CPU microcode patches.

Using the Intel Processor Identification Utility, the "version number"
of the processor, reflects the actual microcode patch installed.
You then check the available Intel information, to see what version
your CPU is running. If it's a "younger" version, you might consider
a BIOS update. If you already have a good version showing,
(because the OS microcode loader put it there),
then maybe you don't need to do anything.

Spectre/Meltdown can be patched by a BIOS microcode patch or
via an OS microcode patch. These give the same protection
against Spectre/Meltdown (at least as long as Microsoft is
using the latest microcode).

Before you do anything, run the Intel PIU. This is the
Intel PIU for my Test Machine.

Note - when you install or run it, you're likely to need
your Administrator account.

https://downloadcenter.intel.com/dow...indows-Version

Mine is currently 0x42D when measured under Windows 10.

https://i.postimg.cc/Pqnb7gQc/intel-PIU-example.gif

Using the model number i7-4930K, gives me this in ark.intel.com
I look up my processor, to get the product name I need for later.

https://ark.intel.com/content/www/us...-3-90-ghz.html

"Ivy Bridge E" (Ivy Bridge is IVB, Ivy Bridge E is IVT...)

The sequence I noted was, 0x428 was the BIOS level patch.
Mar.12,2018 (under Linux OS microcode loaded), got
bumped to 0x42A. And the latest info I can find from
Intel, says I should be at 0x42C, while the Microsoft
Windows 10 OS microcode loader has loaded 0x42D. This
means Microsoft is "committed" to syncing with the
Intel Spectre/Meltdown microcode, and under Windows 10
I don't have to worry. I'm patched. Windows 7 is in Extended Support,
but one of the updates should have updated your CPU as well.

This is an example of what an Intel release note looks like.
The tricky part, is mapping CPU part number to "Model",
which you could get from ark.intel.com using the info
in the PIU screen.

"RELEASENOTE from microcode-20180312.tgz"
== Updates upon 20171117 release ==
MODEL STEP f-mm-sf version
-- New Platforms --
BDX-DE EGW A0 6-56-5:10 e000009
SKX B1 6-55-3:97 1000140
-- Updates --
IVT C0 6-3e-4:ed 428-42c === my processor

Once we have a picture of your Intel PIU screen with
the version information, that will indicate whether
the patched and fully updated Windows 7 SP1 you're running
is protected by Microsoft (instead of protected by Dell).

The above CVE still exists. The Dell file might help.
But, it's flashing the BIOS... and is not without risks.
You are likely out of warranty on both XPS 8500 and 780,
so if the BIOS bricked the ability to boot, you wouldn't
be getting any "free repairs" for such. Just a guess.

Paul



Here's the results from the Intel PIU:

http://i63.tinypic.com/6pb313.png

http://i65.tinypic.com/2h3bqsk.png

http://i67.tinypic.com/jaigb9.png

Robert

In message ,
Robert in CA writes:
[]
I don't know if I would create a separate partition
just for downloads/data after all the programs and
X programsx86 should hold all of that and seems too
advanced for my purposes but I see your point and its
not a bad idea.

I have tried to do so with my files and folders and
with my backups but point taken.

Thanks,
Robert

I think of it this way:

My D: partition is entirely under MY control. All files, folders, on it
are things I have put there - either downloaded (including updates or
installers which I can then run manually - not ones that software
[including the OS] download on their own), or created using programmes
(documents, genealogy data, images, ...). I can back it up by copying,
and do (using SyncToy to speed the process); if I need to access a file
in the copy, I can, without needing anything special.

My C: partition has Windows and all software on it, and is something of
a law unto itself - I couldn't make a copy of it with Windows Explorer
that would actually be of any use. (In fact I couldn't at all, as there
are parts of it that I wouldn't be able to even access with Explorer.)
So I image C: (and the hidden partition). I back it up by imaging (I use
Macrium). My C: at the moment (Windows 7 Home Premium, SP1, 32 bit, plus
all installed software, and a _few_ bits of data) has 36.8 GB used (out
of 99.9 allocated, but that's only because I have a 1T drive and have
been generous with it; I'd have left it at 50 GB allocated if the drive
was much smaller).

That's my view. Others have different views.
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Colorless green ideas sleep furiously.

On Wednesday, June 26, 2019 at 4:06:41 PM UTC-7, Robert in CA wrote:
On Wednesday, June 26, 2019 at 2:31:28 PM UTC-7, Paul wrote:
Robert in CA wrote:

If I'm following you for the USB this is what I
have on my 8500 and I select the top driver where
it says urgent?


http://i68.tinypic.com/2wd8ugi.jpg

http://i64.tinypic.com/vhfbcl.jpg

Robert

If you get me the hardware-ids, using Device Manager
(devmgmt.msc), I might be able to tell you which
exact driver you need. Rather than you downloading
a 100 drivers and finding the right 2 for the job.

My best guess, is the two necessary are in this set.

Intel Chipset Driver Could cover USB2 driver.
Not likely necessary in this case,
subject to hardware-id verification

Intel USB 3.0 eXtensible ... Driver More likely you need this...

Realtek 8111E Network Driver Could cover your missing NIC

But with the hardware-id info, that would make the
determination a little easier.

Paul




Here they a

http://i67.tinypic.com/2hi76v9.jpg

Robert



Can you tell from the hardware-ids and
Intel PIU which drivers I need?

Robert

Robert in CA wrote:
On Wednesday, June 26, 2019 at 4:06:41 PM UTC-7, Robert in CA wrote:
On Wednesday, June 26, 2019 at 2:31:28 PM UTC-7, Paul wrote:
Robert in CA wrote:

If I'm following you for the USB this is what I
have on my 8500 and I select the top driver where
it says urgent?


http://i68.tinypic.com/2wd8ugi.jpg

http://i64.tinypic.com/vhfbcl.jpg

Robert
If you get me the hardware-ids, using Device Manager
(devmgmt.msc), I might be able to tell you which
exact driver you need. Rather than you downloading
a 100 drivers and finding the right 2 for the job.

My best guess, is the two necessary are in this set.

Intel Chipset Driver Could cover USB2 driver.
Not likely necessary in this case,
subject to hardware-id verification

Intel USB 3.0 eXtensible ... Driver More likely you need this...

Realtek 8111E Network Driver Could cover your missing NIC

But with the hardware-id info, that would make the
determination a little easier.

Paul



Here they a

http://i67.tinypic.com/2hi76v9.jpg

Robert



Can you tell from the hardware-ids and
Intel PIU which drivers I need?

Robert

http://pciids.sourceforge.net/pci.ids

168c Qualcomm Atheros
...
0032 AR9485 Wireless Network Adapter
1028 0208 Wireless 1506 WLAN Half Mini-Card
103c 1838 AR9485/HB125 802.11bgn 1×1 Wi-Fi Adapter
105b e044 Unex DHXA-225
144d 410e AR9485WB-EG 802.11b/g/n mini-PCIe card on a series 3 laptop
1a3b 1186 AW-NE186H

So the one in that picture, is actually a Wifi adapter ?

Dell Wireless 1506 bgn

Hardware IDs:
PCI\VEN_168C&DEV_0032
PCI\VEN_168C&DEV_0032&SUBSYS_02081028
Vendor: Atheros AR9485

https://www.dell.com/support/home/ca...driverid=9wgyp

https://downloads.dell.com/FOLDER030....0.315_A03.EXE

Network_Driver_9WGYP_WN32_10.0.0.315_A03.EXE 104MB

That's not on the XPS 8500 page, and that's the best
match I could find.

*******

Get back to me with a picture of the USB3 one...

Paul

Robert in CA wrote:
On Wednesday, June 26, 2019 at 2:27:43 PM UTC-7, Paul wrote:
Robert in CA wrote:

If I'm following you for the USB this is what I
have on my 8500 and I select the top driver where
it says urgent?


http://i68.tinypic.com/2wd8ugi.jpg

http://i64.tinypic.com/vhfbcl.jpg Dell Driver Updater

Robert
This post only answers the part about the Urgent.
Not the rest of your driver needs.

*******

The one that says Urgent, is a BIOS update. That
could affect the ability to boot the XPS 8500, if
something goes wrong during the update.

Category: BIOS

Last Updated: 11 Jul 2018

Version: A14 ,A14 Older versions

File Name: A14.EXE

File size: 7.53 MB

Description: This package provides the BIOS Update on Dell XPS 8500

Fixes & Enhancements

Fixes:
- Updated CPU microcode to address security advisory
Intel Security Advisory INTEL-SA-00115 (CVE-2018-3639 & CVE-2018-3640)

https://cve.mitre.org/cgi-bin/cvenam...=CVE-2018-3639

CVE-2018-3639
Systems with microprocessors utilizing speculative execution and
speculative execution of memory reads before the addresses of all
prior memory writes are known may allow unauthorized disclosure of
information to an attacker with local user access === baloney sandwich!!!
via a side-channel analysis, aka
Speculative Store Bypass (SSB), Variant 4.

https://cve.mitre.org/cgi-bin/cvenam...=CVE-2018-3640

CVE-2018-3640
Systems with microprocessors utilizing speculative execution and
that perform speculative reads of system registers may allow
unauthorized disclosure of system parameters to an attacker
with local user access === More baloney sandwich!!!
via a side-channel analysis,
aka Rogue System Register Read (RSRE), Variant 3a.

There might be other reasons to install that BIOS, but those
two reasons aren't the ones. There is Spectre and Meltdown,
which might have been covered in a previous version of this
BIOS sequence.

Installing a Spectre/Meltdown BIOS, would slow the machine by
a few percent in average usage. When the OS detects the presence
of the correct BIOS, it may enable OS patches that align with
the information presented. And the above BIOS version 14 would
contain such Spectre/Meltdown CPU microcode patches.

Using the Intel Processor Identification Utility, the "version number"
of the processor, reflects the actual microcode patch installed.
You then check the available Intel information, to see what version
your CPU is running. If it's a "younger" version, you might consider
a BIOS update. If you already have a good version showing,
(because the OS microcode loader put it there),
then maybe you don't need to do anything.

Spectre/Meltdown can be patched by a BIOS microcode patch or
via an OS microcode patch. These give the same protection
against Spectre/Meltdown (at least as long as Microsoft is
using the latest microcode).

Before you do anything, run the Intel PIU. This is the
Intel PIU for my Test Machine.

Note - when you install or run it, you're likely to need
your Administrator account.

https://downloadcenter.intel.com/dow...indows-Version

Mine is currently 0x42D when measured under Windows 10.

https://i.postimg.cc/Pqnb7gQc/intel-PIU-example.gif

Using the model number i7-4930K, gives me this in ark.intel.com
I look up my processor, to get the product name I need for later.

https://ark.intel.com/content/www/us...-3-90-ghz.html

"Ivy Bridge E" (Ivy Bridge is IVB, Ivy Bridge E is IVT...)

The sequence I noted was, 0x428 was the BIOS level patch.
Mar.12,2018 (under Linux OS microcode loaded), got
bumped to 0x42A. And the latest info I can find from
Intel, says I should be at 0x42C, while the Microsoft
Windows 10 OS microcode loader has loaded 0x42D. This
means Microsoft is "committed" to syncing with the
Intel Spectre/Meltdown microcode, and under Windows 10
I don't have to worry. I'm patched. Windows 7 is in Extended Support,
but one of the updates should have updated your CPU as well.

This is an example of what an Intel release note looks like.
The tricky part, is mapping CPU part number to "Model",
which you could get from ark.intel.com using the info
in the PIU screen.

"RELEASENOTE from microcode-20180312.tgz"
== Updates upon 20171117 release ==
MODEL STEP f-mm-sf version
-- New Platforms --
BDX-DE EGW A0 6-56-5:10 e000009
SKX B1 6-55-3:97 1000140
-- Updates --
IVT C0 6-3e-4:ed 428-42c === my processor

Once we have a picture of your Intel PIU screen with
the version information, that will indicate whether
the patched and fully updated Windows 7 SP1 you're running
is protected by Microsoft (instead of protected by Dell).

The above CVE still exists. The Dell file might help.
But, it's flashing the BIOS... and is not without risks.
You are likely out of warranty on both XPS 8500 and 780,
so if the BIOS bricked the ability to boot, you wouldn't
be getting any "free repairs" for such. Just a guess.

Paul



Here's the results from the Intel PIU:

http://i63.tinypic.com/6pb313.png i7-3770 63a-9-15 4C 8T

http://i65.tinypic.com/2h3bqsk.png

http://i67.tinypic.com/jaigb9.png Revision 15

Robert

This is harder than I thought...

Not the hardware identification. But coming up with
advice as to what to do.

It's Ivy Bridge (IVB)

https://ark.intel.com/content/www/us...-3-90-ghz.html

You're at 0x15 and Windows 10 is at 0x1F or 0x20 or so.
(When Windows 10 loads microcode at boot time.)

The information is spread around and I'm not sure I've
got all the release notes.

On the Intel site, the 3770 is on "7/14" page.

https://www.intel.com/content/dam/ww...e_05132019.pdf

Ivy Bridge ... i7-3770 306A7 0x20 -- 0x21 # way past your 0x15

Using InSpectre, your situation would look like mine on the
next entry in that table.

This article mentions your processor (which means the microcode
update has an update for yours, and this would do part of the job
of a BIOS update). AFAIK, you can also uninstall this later,
so check there is an entry in Programs and Features.

What's the problem with this ? Is it for Windows 7 or not ?
If your machine is supposed to be patched by Windows Update,
why are you still at 0x15 ?

https://support.microsoft.com/en-ca/...rocode-updates

The download for the article is here. This really should be
in Windows Update, but you can get it here. Again, *not*
listed for Windows 7 SP1. Which means, if you *were* to install
this, double click the .msu, it would say "not for this machine".

https://www.catalog.update.microsoft...aspx?q=4494175

This one isn't up to date (not up to June at least)

https://www.grc.com/inspectre.htm

And the Microsoft guidance articles, obviously aren't meant
for us. Some other kinda customer must be reading these.
Apparently a survey of IT staff, indicates they are "unhappy"
with this approach to random carpet bombing.

https://support.microsoft.com/en-ca/...erabilities-in

And with the Dell BIOS, is it up to 0x21 or not ?
(Like, you could install that BIOS, but it might
already be one version behind. They would have to
spin a new BIOS for each version of microcode pushed
out by Intel.

*******

Summary: I hope someone else can help you.

I can't figure out what the disposition is for
a Windows 7 SP1 user.

I think this is a fair simulation of what others
will see on their machines. Using your vendor BIOS
update *might* change the Spectre flag, but my test
methods were unable to confirm (VirtualBox would not
pass the up-to-date Linux Microcode through to the
virtual machine, which I thought wasn't possible).

https://i.postimg.cc/MTPT7Dfp/Win7-e...th-no-BIOS.gif

On the one hand, it looks like Microsoft doesn't really
want to expose the controls too much, on client machines,
because many of us don't have an IT department to read
4073119 above. They can't have us editing the registry
and so on.

Conclusion: You can do the BIOS if you want
but I really can't promise your machine will be "armored".

The status of protection at this point is "unknown".
I don't know if the Powershell status checker that Microsoft
offers, would be a complete review at this time.

Paul

I tried going through the pici.ids ,.. it's hard to go through
especially with my eyes. It's like reading music again.

I'm trying to keep up but don't understand what you mean by
0x15?

Regarding who else might be reading these from GRC InSpectre ,.
just a guess but Google, Sprint and the like ? It's widely known
they've become political or possibly from China?

These are the results, I see that one of the yellow triangles has
been eliminated.


http://i65.tinypic.com/2m4dhc2.jpg

http://i63.tinypic.com/nmj1xj.jpg

http://i63.tinypic.com/nf07xy.jpg

http://i67.tinypic.com/2qkjczr.jpg

http://i63.tinypic.com/1so9om.jpg


Thoughts/Suggestions?

Thanks,
Robert

Robert in CA wrote:
I tried going through the pici.ids ,.. it's hard to go through
especially with my eyes. It's like reading music again.

I'm trying to keep up but don't understand what you mean by
0x15?

Regarding who else might be reading these from GRC InSpectre ,.
just a guess but Google, Sprint and the like ? It's widely known
they've become political or possibly from China?

These are the results, I see that one of the yellow triangles has
been eliminated.


http://i65.tinypic.com/2m4dhc2.jpg

http://i63.tinypic.com/nmj1xj.jpg

http://i63.tinypic.com/nf07xy.jpg Ven_8086 Dev 1E31

http://i67.tinypic.com/2qkjczr.jpg

http://i63.tinypic.com/1so9om.jpg InSpectre 406C4 ???


Thoughts/Suggestions?

Thanks,
Robert

Your USB device is Intel.

We need an Intel chipset driver for Windows 7,
as Microsoft doesn't do USB3 in Windows 7. Win8
and Win10 would have solved this on their own.

https://www.dell.com/support/home/ca...s-8500/drivers

Intel Chipset Driver

Chipset_Driver_H95F7_WN_9.3.0.1021_A00.EXE

Last Updated: 13 Jun 2014

File size: 9.08 MB

The file inside that that does the USB3 installing is "PantUSB3.inf",
not that this matters. The filename is changed by the OS
to the form of "OEM23.inf", which is used to prevent collision
of filenames.

*******

; ** Filename: PantUSB3.INF
; ** Abstract: Null driver for Intel(R) USB 3.0 devices
; ** Last Update: December 06, 2011 (Version 9.3.0 Build 1018)

Include=machine.inf

PCI\VEN_8086&DEV_1E31.DeviceDesc="Intel(R) 7 Series/C216 Chipset Family Universal Serial Bus (USB) Controller - 1E31"

*******

Even though it's in the Win7 folder of the Dell driver file,
it appears to be a null driver, and will just move the
unlabeled item into the labeled USB section. You still
have to do it though, to clean up Device Manager.

Chipset_Driver_H95F7_WN_9.3.0.1021_A00.EXE

HTH,
Paul

Robert in CA wrote:
I tried going through the pici.ids ,.. it's hard to go through
especially with my eyes. It's like reading music again.

I'm trying to keep up but don't understand what you mean by
0x15?

Regarding who else might be reading these from GRC InSpectre ,.
just a guess but Google, Sprint and the like ? It's widely known
they've become political or possibly from China?

These are the results, I see that one of the yellow triangles has
been eliminated.


http://i65.tinypic.com/2m4dhc2.jpg

http://i63.tinypic.com/nmj1xj.jpg

http://i63.tinypic.com/nf07xy.jpg

http://i67.tinypic.com/2qkjczr.jpg

http://i63.tinypic.com/1so9om.jpg


Thoughts/Suggestions?

Thanks,
Robert

The CPU has a basic part number.

The "microcode" is a patching system. Even when a CPU is
brand new, it has on average "100 bugs" in it. The microcode
subsystem was invented to allow "correcting" the behavior
of the CPU, after you've sold some (and you're still testing
the CPU in the lab!).

In a project at work, a test procedure was still being run
18 months after a product ships. These include "obscure" test
cases that customers will never run, but nevertheless,
must be corrected by software updates. That's the basic idea
of the invention of patching systems like this.

*******

When your CPU and computer left the factory, the BIOS had
version 0x15 of microcode stored in it. It has microcode
for about eight different processor models on average.
A microcode patch varies from 2KB to 16KB or so.

The microcode store is part of the multicycle instruction
interpreter. By changing what a CISC instruction does during
interpretation, you hope to prevent hackers (using web pages)
from doing stuff to the machine. Such as, stealing a credit
card number you just typed into one https web page.

When Spectre/Meltdown came out, this was the first time
that Intel suffered "architecture bugs", instead of
"instruction bugs" such as the FDIV fiasco. The patching
system had never been meant for architecture bugs. The
thing is, life was easy when "instruction bugs" existed,
as you *always* patch those. With confidence, Microsoft
could put new microcode in Windows Update, deliver it
via the microcode loader in the OS, and this would
fix everybody up. There were no "conditionals" involved.
If Intel issued microcode, you delivered it.

This changed with Spectre/Meltdown. Initially Intel delivered
microcode, but some platforms experienced performance problems
(boot problems perhaps). The microcode was withdrawn. If
you made the mistake of taking the Dell BIOS update on that
date, you might have to install an older BIOS to "re-fix"
your damn computer.

Here we are today, about nine exploits later, still patching
these damn things.

1) Yes, you can install that Dell BIOS. Dell has tested it.

There is the usual risk, with any BIOS update, of bricking
the machine.

My Test Machine motherboard is different. If that one is
bricked, there is a USB port and a white colored push button,
and I can "flash in" a new BIOS, even with no CPU in the socket.
There aren't a lot of machines with such a feature. The
alternative "unbricking" solution is a USB to 7 pin connector
device, which would be a similar thing to what the pushbutton
is doing on my computer.

If you've updated the BIOS on the XPS 8500 before and there
were no issues, then you could likely do it again with little
worry.

BIOS flashers fail when:

a) Power goes off during flashing.
Flashing might take five minute (don't know current number).

b) For the dumbest schemes, an Internet connection failure
in the middle of a flash, can cause brickage of the computer.
The file should always be fully on the machine when you flash!

c) Dumb ass developers mix versions of boot loaders and
flash main body, and "something bad happens" when mixing
certain versions. Asus used to have extensive "do this do that"
things on their web page, hinting at the complexity of mixing
and matching "from--to" BIOS combinations.

That's about it for risks.

2) All that this BIOS update will do for you, is take
the 0x15 number to 0x20 or so. It might change the Spectre
protection to "Yes". It may or may not affect the latest
exploit methods, which aren't even documented properly yet.

Windows 10 offers slightly better options.
Or so Microsoft would have us think.

Without extensive test tools, it's rather hard to tell how
exposed any machine is. The Gibson Research InSpectre is
about as useful as the Microsoft Powershell script, except
it's a bit more user friendly.

Actual exploit testers aren't to be seen. The thing is,
if a White Hat writes a tester that probes a machine locally,
Black Hats will analyze the code and "weaponize it". To prevent
aiding and assisting Black Hats, exploit testers are out
of the question (at the moment). If all these things
were "curable instantly", then exploit testers would have
been made available. And with these architectural class
bugs in CPUs, we're not in a position right now to be
"giving free weapons to bad guys".

Your AV cannot stop all these. Your credit card number being
stolen, is not something that an AV excels at.

As a result of these architecture bugs, the three platforms
(ARM, Intel, AMD) have different degrees of resistance
to attacks of this sort. I don't know the current status
of each, to be recommending "only use your credit card on X".

One of the recent problems discovered, would require you
to turn off Hyperthreading at BIOS level on the 8500.
Cutting the number of virtual cores in half. For many people,
this is "going too far" in terms of covering off bugs.

Paul