Windows Update: HUGE SECURITY THREAT

Discussion in 'Windows 8 Help and Support' started by IHateWindowsEight, Dec 11, 2013.

?

Who else would like this crap to be removed? I might be able to do it, and sare with you the soluti

Poll closed Mar 11, 2014.
  1. PURGE IT ALL

    75.0%
  2. I like viruses and giving away my passwords

    0 vote(s)
    0.0%
  3. I'll help you.

    0 vote(s)
    0.0%
  4. I don't understand what a computer is or how to work it, so I shouldn't answer.

    25.0%
  1. IHateWindowsEight

    Joined:
    Dec 6, 2013
    Messages:
    22
    Likes Received:
    1
    That's right: It keeps setting all these Microsoft programs to the "allowed" list. I don't use them, I don't need them, and I have half a mind to destroy their respective directories, because windows seems to want to hang on to them for some ungodly reason.

    Every time I update windows, a specific handfull of elements in the firewall ruleset pertaining to a select few programs is set to "allowed" without notice or warning. This appears to happen whenever I check for, or update windows. This is a HUGE security threat: I would have half a mind to write a virus just to prove this. If I know that these rulesets are allowed, you can be damn well sure a hacker does.

    I can see it now: the next big virus, exploiting this and spoofing it's identity as one of these programs' connections and infecting millions.

    Where is a windows rep when you need one?? I want these programs GONE. Non-existent, exterminated, purged, over-written, DELETED: permanently. I never use them, I never needed them, I never will need them. I don't use a laptop to browse "bing", or use the "food and drink" programs. It's wasted space, and it's irritating.
     
  2. Mike

    Mike Windows Forum Admin
    Staff Member Premium Supporter

    Joined:
    Jul 22, 2005
    Messages:
    8,488
    Likes Received:
    783
    If you are this concerned about security, firewall these ports using a third party program or at the router level. Microsoft likely considers these essential services for the operating system, so, yes, I could see how this could be considered annoying. This is not an official Microsoft website. Do what needs to be done.
     
  3. kemical

    kemical Windows Forum Admin
    Staff Member Premium Supporter Microsoft MVP

    Joined:
    Aug 28, 2007
    Messages:
    31,781
    Likes Received:
    1,563
  4. sirloyne

    sirloyne Banned

    Joined:
    Aug 31, 2010
    Messages:
    303
    Likes Received:
    8
    Clearly you don't understand that Big Brother M$ knows what you want more than you do. It's called progress, you Luddite! Ask any administrator here.
     
  5. kemical

    kemical Windows Forum Admin
    Staff Member Premium Supporter Microsoft MVP

    Joined:
    Aug 28, 2007
    Messages:
    31,781
    Likes Received:
    1,563
    It's true....... :D
     
  6. IHateWindowsEight

    Joined:
    Dec 6, 2013
    Messages:
    22
    Likes Received:
    1
    I'll give "Big Brother" the birdy then. ,l,,

    In the mean time, I will experiment...
     
  7. IHateWindowsEight

    Joined:
    Dec 6, 2013
    Messages:
    22
    Likes Received:
    1
    So gues what I found:
    Yep. I used a program I wrote to find it. When I opened it (through my program), it appeared to be encrypted, so it's contents are unknown.

    Interestingly enough, I attempted to locate it with Administrative Command prompt:

    Code:
    C:\System Volume Information>dir
    Volume in drive C is ACER
    Volume Serial Number is FEA0-5C6B
    
    Directory of C:\System Volume Information
    
    11/26/2013  01:07 AM                76 IndexerVolumeGuid
    02/05/2013  07:59 PM    <DIR>          WindowsImageBackup
                  1 File(s)            76 bytes
                  1 Dir(s)  395,284,774,912 bytes free
    
    C:\System Volume Information>dir *.log
    Volume in drive C is ACER
    Volume Serial Number is FEA0-5C6B
    
    Directory of C:\System Volume Information
    
    File Not Found
    The only way you would be able to access this file is if you knew that it was there, or you had a program that could find it (like me). Interesting huh?

    upload_2013-12-12_12-47-11.

    I wonder what will happen if I delete it's contents. Most likely nothing, mabey somthing... I'll backup and tell you! ;D
     
  8. sirloyne

    sirloyne Banned

    Joined:
    Aug 31, 2010
    Messages:
    303
    Likes Received:
    8
  9. davehc

    davehc Microsoft MVP
    Premium Supporter Microsoft MVP

    Joined:
    May 1, 2008
    Messages:
    5,116
    Likes Received:
    301
    The tracking log is mainly used by the "The Distributed Link Tracking Client service". It is present in the root of each and every volume. It is also used by the indexing service. It also logs info for a DFS , where requested, and keeps a track of domain links.
    In the same folder, in conjunction with the tracking log, the sytem restore point information is also kept
    The folder contains other items relevant to the operation, This is mine, for example:

    Track.PNG
     
    Mike likes this.
  10. Mike

    Mike Windows Forum Admin
    Staff Member Premium Supporter

    Joined:
    Jul 22, 2005
    Messages:
    8,488
    Likes Received:
    783
    This is a gross-distortion of our policies. Your computer is yours. Do with it what you please. Everyone is entitled to their own opinion but flame baiting is quite prohibited.
     
    davehc likes this.
  11. IHateWindowsEight

    Joined:
    Dec 6, 2013
    Messages:
    22
    Likes Received:
    1
    @Mike:

    I'm a cynic at heart, and I go by the phrase: "Power corrupts, and absolute power corrupts absolutely."

    Until any big corporation, like Microsoft, proves that they are on our side with a gesture torward us, at their own risk, I maintain that they probably do some things that even you don't know about, mike-y.

    That said, I have no begun experimentation to purge these programs because I am finishing a programming project (you saw the screenshot up there). Wieghing in at 7,000 lines, it is my most ambitous solo project yet, but it will give me a LOT of power ( hehehe).

    Once that program is finished, I will start tackling this issue. For now, a temporary solution will be offered:

    1. Hold down the windows key, and press the 'X' button.
    2. Click on "control Panel"
    3. Click on System and Security
    4. Firewall
    5. Advanced settings (left side of the screen)
    6. Delete ALL OF YOUR RULES. You don't need them.
    7. Go back to basic firewall settings, and click "Turn Windows Firewall on or off":
    upload_2013-12-16_23-18-21.

    8. Check "Turn on windows firewall" for both public and private
    9. Check both "Notify me when windows firewall blocks a new app" and "Block all incoming connections"
    10. Go back to advanced settings now
    11. Block these programs:

    upload_2013-12-16_23-21-37.

    12. You can delete everything else, you don't need them. Your computer will prompt you if they need access, otherwise, you will want to block them. Do this for both inbound and outbound connections. That picture shows outbound, not all of those programs may be in inbound.

    13. on the left hand side, there is a list:

    upload_2013-12-16_23-13-40.

    Right click on "Windows Firewall with Advanced..."

    14. Block all Connections:

    upload_2013-12-16_23-25-27.

    15. Now, right click again on that:

    upload_2013-12-16_23-13-40.

    16. Click "Export Policies"
    17. Save this file somwhere where you know where it is.

    18. When windows screws you over, you can import these "policies" and all of your rules should be restored! Hopefully, if I succeed at purging these programs (no garuntees) I can offer a more permanent solution.

    The changes made shouldn't affect your system in any way. A strict firewall is the first step to preventing infection of viruses, especially when accessing publicly available routers. In almost all cases, it is the first line of defense. Don't take it lightly!!
     
  12. IHateWindowsEight

    Joined:
    Dec 6, 2013
    Messages:
    22
    Likes Received:
    1
    Also, I'm surprised at microsoft, for making the firewall such a hurdle to make truely secure. At best, the default settings are error proof, but not virus proof.
     

Share This Page

Loading...