Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

Quasar

Members
  • Content count

    7790
  • Joined

  • Last visited

About Quasar

  • Rank
    Moderator

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Single Status Update

See all updates by Quasar

  1. Check your Windows 7 system to see if you have a persistent rundll32.exe listed in taskmgr. If so, install SysInternals' Process Explorer, if you don't already have it on your system, and elevate it to administrator. Find the rundll32.exe and you will see that it was started by a service and that it is hosting not a DLL, but an executable called wicainventory.exe, which claims by name to be "Windows Installer Compatibility Assistant," a relatively benign sounding component.

    Watch the open file and registry handles of the process and you will see that it is, at the cost of significant CPU cycles and hard drive access time, gradually scanning every file on your system, particularly anything that is executable, and is logging it into Microsoft "telemetry" files.

    This update, originally pushed out in April, is yet another cog in the Windows 10 "upgrade" process and can have a serious impact on system performance. It is also highly questionable what kinds of "telemetry" it is collecting and where that data is being sent, but it definitely has nothing to do with assisting compatibility for installs as it claims.

    Also, you'll find that if you try to uninstall this update, you cannot. Trying will lead to a failure and rollback, though the service and the rundll process that it spawns seem to disappear in the process. I am currently watching my system to ensure that these processes do not respawn.

    If they do, a full fresh install from the Windows 7 retail disc will be the only option. The belligerently adversarial nature of recent Windows updates is leading me toward disabling the functionality altogether.

    1. Show previous comments  23 more
    2. RestlessRodent

      RestlessRodent

      Maes said:

      If someone(apart from legitimate government security agencies who are able to do it subtly and with our best interests in mind, of course) ever figured a way to hack into the update system of any major OS (including Ubuntu Linux and OSX), rest assured that it would either result in mass panic, if done clumsily and obviously, and ever result in a worldwide economic or geopolitical crisis.


      Ubuntu is easy, just get a new PGP key into the repository maintainers key-chain and then use software which intercepts FTP/HTTP access for repositories in your country to download the modified packages.

      OS X is even easier, just put levies on Apple. If they do not like it then purge their software and make it illegal.

    3. GreyGhost

      GreyGhost

      Avoozl said:

      How is it known if this is Microsoft's doing and not just same sort of fake malware update?

      The stuff's documented (after a fashion) in Microsoft's knowledge base, so unless that's also been hacked it's not unreasonable to assume these are official malware updates.

    4. Maes

      Maes

      GreyGhost said:

      official malware enhanced user experience updates as a result of our NEW and IMPROVED corporate policy.


      FTFY <3

×