[Q] Can Defender be Turned off in 8.1 - Windows RT General

Despite a number of sesrches/instructions for turning Windows Defender off on a Surface 2 (Windows RT 8.1) I cannot get permission to turn it off? I am the admin (and only user).
Can this actually be disabled on Win RT 8.1?

Have you tried using the services manager? Even if the UI is missing / locked out within Defender itself, you can simply disable the service. Slightly more extreme option would be to rename the binary and/or modify its permissions to deny Execute rights.
One way or another, I guarantee you it's possible.

GoodDayToDie said:
Have you tried using the services manager? Even if the UI is missing / locked out within Defender itself, you can simply disable the service. Slightly more extreme option would be to rename the binary and/or modify its permissions to deny Execute rights.
One way or another, I guarantee you it's possible.
Click to expand...
Click to collapse
When I go into Services Manager>Windows Defender and right click the only choice I have is to view properties. Choices such as "Start, Stop...." are greyed out. I have no options to change the behavior of the Windows Defender service

The command-line tools "sc" and "net" offer additional ways to control services. You can also just edit the service configuration in the registry (that's where all service config is stored, and it's not *that* hard to edit) if necessary.

GoodDayToDie said:
The command-line tools "sc" and "net" offer additional ways to control services. You can also just edit the service configuration in the registry (that's where all service config is stored, and it's not *that* hard to edit) if necessary.
Click to expand...
Click to collapse
Thanks. Am I correct to assume the key is HKLM>Microsoft>Windows Defender> and the DWORD is DisableAntiSpyware. The current value is 0 so I would set the value to 1.
I figure that would stop the service.

That may well do it, but I was talking about disabling the NT service itself (relevant registry key is HKLM\SYSTEM\CurrentControlSet\Services\WinDefend) by changing the Start value to 4 (see http://support.microsoft.com/kb/103000/en-us).

GoodDayToDie said:
That may well do it, but I was talking about disabling the NT service itself (relevant registry key is HKLM\SYSTEM\CurrentControlSet\Services\WinDefend) by changing the Start value to 4 (see http://support.microsoft.com/kb/103000/en-us).
Click to expand...
Click to collapse
Yes, I found that - good suggestion BUT no matter what I do regedit will not let me change the value!
I am running as administrator (the built-in one - not under my user name) but try as I might, I am unable to get control. So I can't seem to get any elevated privileges and thus cannot change services.
Are you aware of any change in Windows 8.1 RT on a Surface 2 that no longer allow these types changes? Somehow I'm not understanding how to take control of my Surface 2.

Yes you can
Sent from my Micromax A110Q using xda app-developers app
---------- Post added at 09:36 AM ---------- Previous post was at 09:28 AM ----------
If you are using 3 rd party security softwares like antivirus or spyware. Windows defender will be automatically turned off or its done by the third party app.
Or manually... Open start windows defender. Click tools then options. Click administrator. Then uncheck the use this program and click save... Done
Sent from my Micromax A110Q using xda app-developers app

prasobnair said:
Yes you can
Sent from my Micromax A110Q using xda app-developers app
---------- Post added at 09:36 AM ---------- Previous post was at 09:28 AM ----------
If you are using 3 rd party security softwares like antivirus or spyware. Windows defender will be automatically turned off or its done by the third party app.
Or manually... Open start windows defender. Click tools then options. Click administrator. Then uncheck the use this program and click save... Done
Sent from my Micromax A110Q using xda app-developers app
Click to expand...
Click to collapse
Pardon my ignorance but I don't understand your last sentence - what is "open start windows defender"?

docfreed said:
Pardon my ignorance but I don't understand your last sentence - what is "open start windows defender"?
Click to expand...
Click to collapse
ya...sorry for the mistake...what i mean is press start button and then type defender or windows defender, a picture is attached

Related

Undocumented Capabilities in WMAppManifest.xml WP7

Looking around the IMGFS, I found some undocumented capabilities that can be used in building an app (in addition to the standard ones mentioned in the WMAppManifest.xml file).
These are the extra ones I found, in case anyone is interested (from BasePolicy.xml):
ID_CAP_RINGTONE_ADD:Allows ringtone-marketplace applications to read/write into the Ringtones directory
ID_CAP_MEDIALIB:Access to the media library - read, play-back, etc.
ID_CAP_INTEROPSERVICES:Temporary Interop Service Capability.. To be removed by feature team
ID_CAP_SIMrovides access to SIM manager API
ID_CAP_SMSrovides access to SMS API
ID_CAP_WAProvides access to WAP API
ID_CAP_IDENTITY_USER:Allow an application to use a phone.info.dll to retrieve user properties
ID_CAP_TESTPUBLIC1:Small public test capability
ID_CAP_LOADUNSIGNEDMANAGEDDLL:Capability to load unsigned managed dll into chamber's process space
ID_CAP_LOADUNSIGNEDNATIVEDLL:Capability to load unsigned native dll into chamber's process space
ID_CAP_DEBUG:Allow an application to run in debugging enviorment.
---Edit---
I've tested each of these individually, and some work, and others don't.
ID_CAP_INTEROPSERVICES works
ID_CAP_RINGTONE_ADD works
ID_CAP_MEDIALIB works
ID_CAP_IDENTITY_USER works
ID_CAP_TESTPUBLIC1 works
ID_CAP_SIM ID doesn't work
CAP_SMS doesn't work
ID_CAP_WAP doesn't work
ID_CAP_LOADUNSIGNEDNATIVEDLL doesn't work
ID_CAP_LOADUNSIGNEDMANAGEDDLL doesn't work.
Note that even for the ones that work, Microsoft may still reject them in the app store.
I tested these by entering them in the WMAppManifest.xml in the XAP, and loading them on a windows phone device. This guy suggests that if it loads on the device, you have the permission: http://www.drdobbs.com/windows/227701092 and I think he's right. If you don't have permission, it doesn't actually load, and in every case, if it loaded it ran.
ID_CAP_RINGTONE_ADD - So i guess with next update we will get Custom ringtones that can b installed from an app
off topic can some one create utility that will do something about tuch sensetive buttons, when using camera if u tuch any of then by accident it exit camera, so u have to hold phone very carefully.
also, app to lock screen rotation would be nice.... any of thous features undocumented anywhere
P.S sorry for unrelated message
I think the ID_CAP_RINGTONE_ADD feature will only be enabled for the carriers (who knows what Microsoft really has in mind, though). The Windows Phone has done a good job (or lousy job, compared to what I desire) managing permissions so they can choose what capability to give whom.
Disabling other buttons shouldn't be hard if you can get to the native API. So once the phone is jailbroken......
Actually, Microsofts own Q&A on Windows Phone 7 states to look in the Marketplace for additional ringtones. Here is an excerpt and a link:
To find a ringtone in Marketplace
1
On Start, tap the arrow to go to the App list, then tap Marketplace .
2
Press the Search button.
3
Do one of the following:
•
To browse a variety of ringtones, type ringtones, then tap Enter .
•
To look for a more particular type of ringtone, type something more specific, like Halloween ringtones.
Tip
To hear what a ringtone or alert sounds like, tap Play .
Note
Marketplace may not be available in your country or region.
Click to expand...
Click to collapse
http://www.microsoft.com/windowsphone/en-us/howto/wp7/start/ringtones-and-sounds.aspx
All well and good having that, but why should we purchase a ring tone?
TheDisneyMagic said:
All well and good having that, but why should we purchase a ring tone?
Click to expand...
Click to collapse
Well, I don't see myself buying any, but this means an app could be made to create/add ringtones.
Long press on a song in Zune won't let you set it as the ringtone?
Iridox said:
Long press on a song in Zune won't let you set it as the ringtone?
Click to expand...
Click to collapse
Nope, I asumed this would be how it worked but no option in the list to do so.
Ah, that's a PITA >_>
naplesbill said:
Well, I don't see myself buying any, but this means an app could be made to create/add ringtones.
Click to expand...
Click to collapse
A whole app just to add a ringtone!?
naplesbill said:
Actually, Microsofts own Q&A on Windows Phone 7 states to look in the Marketplace for additional ringtones. Here is an excerpt and a link:
http://www.microsoft.com/windowsphone/en-us/howto/wp7/start/ringtones-and-sounds.aspx
Click to expand...
Click to collapse
To me that excerpt looks like you can download ringtones from the store, not that you can create an app to download ringtones. It would appear that Microsoft has an internal application that can add ringtones (which makes sense). These permissions are enforced by the OS, not the app store (maybe the app store does too). So if they want to be able to install ringtones, they need to give their own app permission to do so.
athompson said:
Looking around the IMGFS, I found some undocumented capabilities that can be used in building an app (in addition to the standard ones mentioned in the WMAppManifest.xml file).
These are the extra ones I found, in case anyone is interested (from BasePolicy.xml):
ID_CAP_RINGTONE_ADD:Allows ringtone-marketplace applications to read/write into the Ringtones directory
ID_CAP_MEDIALIB:Access to the media library - read, play-back, etc.
ID_CAP_INTEROPSERVICES:Temporary Interop Service Capability.. To be removed by feature team
ID_CAP_SIMrovides access to SIM manager API
ID_CAP_SMSrovides access to SMS API
ID_CAP_WAProvides access to WAP API
ID_CAP_IDENTITY_USER:Allow an application to use a phone.info.dll to retrieve user properties
ID_CAP_TESTPUBLIC1:Small public test capability
ID_CAP_LOADUNSIGNEDMANAGEDDLL:Capability to load unsigned managed dll into chamber's process space
ID_CAP_LOADUNSIGNEDNATIVEDLL:Capability to load unsigned native dll into chamber's process space
ID_CAP_DEBUG:Allow an application to run in debugging enviorment.
Visual Studio won't let you add all of them directly, but uncompress your .xap in the build directory, and add it manually.
If anyone is thinking of doing this, the phone rejected my attempts to do so. I tried to give myself ID_CAP_LOADUNSIGNEDNATIVEDLL, but it wouldn't even load on the phone. Oh well.
Click to expand...
Click to collapse
But if someone use these things in an application , I think microsoft doesn`t approve it in the market place!
amir_rafie said:
But if someone use these things in an application , I think microsoft doesn`t approve it in the market place!
Click to expand...
Click to collapse
Ya, not only that, they probably automatically check to make sure you don't try to use them. The phone automatically checks, too.
The main reason I put them here is because I couldn't find them documented anywhere on the web, and I thought it would be good to save someone the time if they started down the same path I did.
hopefully once there is a jailbreak that turns of security/cert checking we can add these capabilities to our apps. Im particularly interested in the p/invoke capability.
indiekiduk said:
Im particularly interested in the p/invoke capability.
Click to expand...
Click to collapse
YES! It would make the world beautiful and skies turn blue.
So I set up VS 2010 and tried debugging an app that had a simple DLLImport in it and ID_CAP_INTEROPSERVICES in the manifest, however it still crashed with a MethodAccessException. It was def a valid dll and method name because I took it from one of the DLLImports in the system.location .net dll decompiled with Reflector.
indiekiduk said:
So I set up VS 2010 and tried debugging an app that had a simple DLLImport in it and ID_CAP_INTEROPSERVICES in the manifest, however it still crashed with a MethodAccessException. It was def a valid dll and method name because I took it from one of the DLLImports in the system.location .net dll decompiled with Reflector.
Click to expand...
Click to collapse
Interesting. If your app installed, it means you were able to get the ID_CAP_INTEROPSERVICES permission, because if the phone rejects your permission, it rejects it at install time. Maybe the DLL path was wrong, like you need to do ..\DLLNAME.dll or something.
indiekiduk said:
So I set up VS 2010 and tried debugging an app that had a simple DLLImport in it and ID_CAP_INTEROPSERVICES in the manifest, however it still crashed with a MethodAccessException. It was def a valid dll and method name because I took it from one of the DLLImports in the system.location .net dll decompiled with Reflector.
Click to expand...
Click to collapse
Try a relative URI path. ./DLLName.dll
On the subject of Native Applications on Windows Phone 7:
A few days ago, an Application called "Network Profile" appeared in the Samsung Zone of my Omnia 7's Marketplace.
This app is the first external app that uses native code - The Marketplace says that it "Requires access to your interop services", and on opening the XAP on my PC, I found it to contain three native COM DLLs, alongside two .NET DLLs and a further native DLL with MUIs that appear to only serve to hold resources.
I'm not sure whether this can be linked to here, so I'm going to describe the interesting parts.
It has not one, but three XMLs - the typical WMAppManifest.xml (pastebin.com/uEJWdTuA), a WMAppPRHeader.xml (pastebin.com/AVcv7JUX) which seems to have something to do with PlayReady DRM, and most interestingly WMInteropManifest.xml (pastebin.com/NCVKP6kM).
There is also the AppManifest.xaml (pastebin.com/rRrB090h).
The NetworkProfile.dll has a number of COM Imports like so:
Code:
[ComImport, InterfaceType(ComInterfaceType.InterfaceIsIUnknown), Guid("F1113B13-AAB8-45E9-91A5-CBE568C29612")]
internal interface INwProfInterface
The Constructor for the class containing all the COM Interfaces:
Code:
ComBridge.RegisterComDll("NwProfDLL.dll", new Guid("4A2580BA-11A3-49AB-AC98-C30B5E72D381"));
this.NwInterface = (INwProfInterface) new CNwProfClass();
ComBridge.RegisterComDll("SecVersion.dll", new Guid("DFE52822-B526-4913-807A-D2AABC7BF911"));
this.SecVerInterface = (ISecVersionInterface) new SecVersionClass();
ComBridge.RegisterComDll("COMRilClient.dll", new Guid("A18F6B1A-924E-4787-AA82-19F98B49CF5D"));
this.SecRILControlInterface = (ISecRilControl) new COSecRilControl();
Happy to answer any questions, and if allowed, either guide people to getting it themselves, or providing a download link to the XAP.
Sweet, good find! I downloaded that app. How did you get it off your phone? If you have a download link to the XAP no one will complain, either.

idea how to hack zune to make install wp7 apps

Hi all,
I was wondering if it's possible to inject into zune app and make it install another app instead of the one you choose using zune.
Using fillder, I briefly tried to look what requests are made by zune but I could not see anything which looks like downloading the app.
Just sideload its a whole lot easier and I don't think something like that exists otherwise it would be on Android and iPhone.
Sent from my GT-I5800 using XDA App
andreiuc said:
I was wondering if it's possible to inject into zune app and make it install another app instead of the one you choose using zune.
Click to expand...
Click to collapse
Hmm, I can say - interesting idea! But I am afraid it's a very difficult to implement. You need to emulate whole MS store server...
I think all requests go via secure connection and checked by trusted certificates on device.
same with dev unlock.
Cotulla said:
I think all requests go via secure connection and checked by trusted certificates on device.
same with dev unlock.
Click to expand...
Click to collapse
Not at all, some requests are non-secure. I'm able (with WireShark) to catch xap requests, store/app info etc. Actually, we have a lot of marketplace replacements (even I have my own implementation ).
sensboston said:
Not at all, some requests are non-secure. I'm able (with WireShark) to catch xap requests, store/app info etc. Actually, we have a lot of marketplace replacements (even I have my own implementation ).
Click to expand...
Click to collapse
I tried with Fiddler to catch xap requests but I was not able to see any.
My idea is to to write an app which injects code in Zune to hijack calls to download a XAP from zune and download from my location instead(or get it from local disk).
it's good to hear this. but marketplace XAP files are signed and it also makes a problem. unsigned will not work. (it's not deploy, it's installation!)
Cotulla said:
it's good to hear this. but marketplace XAP files are signed and it also makes a problem. unsigned will not work. (it's not deploy, it's installation!)
Click to expand...
Click to collapse
Right. They are signed with developer key.
Not sure if WP7 OS checks this and how would it know if it's the real app?
I mean, I can sign my own XAP which I make Zune to get it and deliver it to WP7.
andreiuc said:
Right. They are signed with developer key.
Not sure if WP7 OS checks this and how would it know if it's the real app?
I mean, I can sign my own XAP which I make Zune to get it and deliver it to WP7.
Click to expand...
Click to collapse
Looking to the requests responses when you select to install an app, I was able to see this response XML:
Code:
<a:entry>
<a:updated>2011-09-08T18:03:25.3198784Z</a:updated>
<a:title type="text">3D Paperball 1.3.0.0</a:title>
<a:id>urn:uuid:1ea47c77-79c1-4c5a-b441-549b4e93dcea</a:id>
<version>1.3.0.0</version>
<url>http://apps.marketplace.windowsphone.com/E0C15284-972B-41D3-B245-8C16AAF73A66/CurrentBinary.xap</url>
<packageSize>9235456</packageSize>
<installSize>19616768</installSize>
<clientTypes>
<clientType>WinMobile 7.0</clientType>
<clientType>WinMobile 7.1</clientType>
</clientTypes>
<supportedLanguages>
<supportedLanguage>English</supportedLanguage>
</supportedLanguages>
<deviceCapabilities><capability><id>ID_CAP_NETWORKING</id><string>data services</string><disclosure>Disclose</disclosure></capability><capability><id>ID_CAP_SENSORS</id><string>movement and directional sensor</string><disclosure>Disclose</disclosure></capability><capability><id>ID_CAP_IDENTITY_USER</id><string>owner identity</string><disclosure>Disclose</disclosure></capability><capability><id>ID_CAP_IDENTITY_DEVICE</id><string>phone identity</string><disclosure>Disclose</disclosure></capability></deviceCapabilities>
<averageLastInstanceUserRating>0</averageLastInstanceUserRating>
<lastInstanceUserRatingCount>0</lastInstanceUserRatingCount>
</a:entry>
<a:author>
<a:name>Microsoft Corporation</a:name>
</a:author>
As you can see, the XAP URL is right there.
However, with Fiddler, I am not able to see any requests to this URL.
Maybe someone can share some info using more advanced tools like WireShark.
LOL, my hunch is it's actually the WP7 OS which is doing the download of the file
yeah. but it seems signed with own MS certificate ?
so developers push app to MS and they verify and sign it? (I don't know much about market space publishing)
andreiuc said:
LOL, my hunch is it's actually the WP7 OS which is doing the download of the file
Click to expand...
Click to collapse
I believe you are right as it's been discovered already that it's pacmaninstaller.exe (I think that's the spelling) on device that prevents the sideloading of homebrew apps with INTEROPSERVICES.
andreiuc said:
However, with Fiddler, I am not able to see any requests to this URL.
Maybe someone can share some info using more advanced tools like WireShark.
Click to expand...
Click to collapse
Did you "reverse tether" your phone to PC? I believe, handset is responsible to download and install xap...
BTW, all these talks is about "warez" I don't see any other reasons to do that kind of hack (or may be, for research purposes only).
To get a "prove of concept", we need:
- download MS signed xap;
- using some kind of filtering proxy, replace request to http://apps.marketplace.windowsphone.com/{GUID}/CurrentBinary.xap to the local server;
If phone will be able to download and install that xap (what is impossible by using MS or third-party deployers), we'll get a solution or at least prove of solution
Cotulla said:
yeah. but it seems signed with own MS certificate ?
so developers push app to MS and they verify and sign it? (I don't know much about market space publishing)
Click to expand...
Click to collapse
Yep, "Ed Zachary" (c) Dave Barry, "Big Trouble"

[Guide] Activate Windows 8 Permanently

UPDATE: Personalization does NOT work in METRO. Everything works flawlessly and I tend to stay in desktop mode so I didn't realize this. DESKTOP MODE CAN BE PERSONALIZED. This still gives you enables everything I wanted so I don't see the problem. My metro background doesn't matter to me. I can also just install a win7 start menu, but again I have no issues and this works flawlessly.
A tool called "Windows 8 Activator For Build 9200 (Sep 2012)" (Google it, LINK BELOW) will permanently activate Windows 8. Specifically the latest build. Just run it and follow the simple instructions.
MOD EDIT: WAREZ LINK REMOVED
atrix4g18 said:
Let me know if we can't post this guide even though it is just providing information and no links to anything.
A tool called "Windows 8 Activator For Build 9200 (Sep 2012)" (Google it, LINK BELOW) will permanently activate Windows 8. Specifically the latest build. Just run it and follow the simple instructions.
If this doesn't comply with forum rules let me know. There is another thread describing how to remove activation watermark and notification, this does the same thing but actually removes it instead of hiding it.
Click to expand...
Click to collapse
The comments seem to be all over the place, I don't see definite proof it will work.
Isn't this classed as warez and is completely banned by xda, why would you want to steal windows 8 anyway? The upgrades only like £20 & I've tried the rtm on a friends pc, its awesome!
Sent from my HTC Desire HD using xda app-developers app
eZaCx said:
The comments seem to be all over the place, I don't see definite proof it will work.
Click to expand...
Click to collapse
idk what to say. I'm no expert tell me a way to show you that my windows 8 copy is fully activated and I'll show you. It worked perfect you dont't need anything complicated. It opens command prompt and works.
scaryshark said:
Isn't this classed as warez and is completely banned by xda, why would you want to steal windows 8 anyway? The upgrades only like £20 & I've tried the rtm on a friends pc, its awesome!
Sent from my HTC Desire HD using xda app-developers app
Click to expand...
Click to collapse
Understood. However for people who want to use all the features so they download the newest build (9200) but they run into activation watermarks and notifications. When Windows 8 comes out (October 26th) aka a long time from know, I will most likely buy a licence if not a Surface.
For now however this works. This gives you Windows 8 as it will be on October 26th. working perfectly. I have it on my Acer Aspire One 722 netbook and it works flawlessly AMD has a consumer driver preview for Windows 8 and everything runs smooth.
Apparently this still won't let you personalize. OP pm me plz.
Sent from my HTC One XL using xda premium
ptesmoke said:
Apparently this still won't let you personalize. OP pm me plz.
Sent from my HTC One XL using xda premium
Click to expand...
Click to collapse
What do people mean "won't let your personalize."? Is there something I am missing?
Also OP, how do you know it was permanently installed, and not 90/180 days?
>Isn't this classed as warez
No, it's classified as malware, as in "let's infect all the dumb pirates desperate for keys". Kiddies need to learn about social engineering at some point, and this is a good time as any.
ptesmoke said:
Apparently this still won't let you personalize. OP pm me plz.
Click to expand...
Click to collapse
Same problem here, please contact me if you found a solution.
it doesn't let you personalize because Win8 isn't really activated, even though the messages tell you it is. The system files have been tempered with. Read more on MDL about this. It has been shown many times that it fakes activation.
http://forums.mydigitallife.info/th...if-any/page466?p=630762&viewfull=1#post630762
if you do a sfc /scannow and reboot you will see that your system is not activated. If you feel comfortable with it you can keep the files, however you need to realize that you are in fact not activated.
(to find out whether personalization works or not, got to the metro screen, move mouse bottom right corner to open settings in the charm bar, at the bottom you see Change PC settings, try to personalize Lock screen, start screen, account picture - if you are activated you have no problems here, if you are not it's likely greyed out)
best solution to get activated at the moment is to wait for a KMS server or wait until Oct26 to purchase it. You can try to register a PC you may purchase or already purchased here and hope that you only have to pay $15 when it comes out (for a PC you haven't actually purchased). It may or may not work. Many believe that MS won't be able to check that many registered PCs to see if these have actually been recently purchased. We will see.
good luck
eZaCx said:
What do people mean "won't let your personalize."? Is there something I am missing?
Also OP, how do you know it was permanently installed, and not 90/180 days?
Click to expand...
Click to collapse
Windows, not the program confirmed it was permanently activated. This is not kms... this is all done locally.
e.mote said:
>Isn't this classed as warez
No, it's classified as malware, as in "let's infect all the dumb pirates desperate for keys". Kiddies need to learn about social engineering at some point, and this is a good time as any.
Click to expand...
Click to collapse
484 thanks? And you are that ignorant? Please grow up. This requires build 9200. Not the consumer version and it works flawlessly.
9200 build, is it a final version ?
Sent from my GT-I9100 using Tapatalk 2
derausgewanderte said:
it doesn't let you personalize because Win8 isn't really activated, even though the messages tell you it is. The system files have been tempered with. Read more on MDL about this. It has been shown many times that it fakes activation.
http://forums.mydigitallife.info/th...if-any/page466?p=630762&viewfull=1#post630762
if you do a sfc /scannow and reboot you will see that your system is not activated. If you feel comfortable with it you can keep the files, however you need to realize that you are in fact not activated.
(to find out whether personalization works or not, got to the metro screen, move mouse bottom right corner to open settings in the charm bar, at the bottom you see Change PC settings, try to personalize Lock screen, start screen, account picture - if you are activated you have no problems here, if you are not it's likely greyed out)
best solution to get activated at the moment is to wait for a KMS server or wait until Oct26 to purchase it. You can try to register a PC you may purchase or already purchased here and hope that you only have to pay $15 when it comes out (for a PC you haven't actually purchased). It may or may not work. Many believe that MS won't be able to check that many registered PCs to see if these have actually been recently purchased. We will see.
good luck
Click to expand...
Click to collapse
Interesting. I am not losing any functionality however so can you explain more? I don't see that personalization menu but I can personalize themes and stuff exactly like windows 8. Games work, net framework is functioning so I don't see what I'm missing out on...
UPDATE: Personalization does NOT work in METRO. Everything works flawlessly and I tend to stay in desktop mode so I didn't realize this. DESKTOP MODE CAN BE PERSONALIZED. This still gives you enables everything I wanted so I don't see the problem. My metro background doesn't matter to me. I can also just install a win7 start menu, but again I have no issues and this works flawlessly.
atrix4g18 said:
UPDATE: Personalization does NOT work in METRO. Everything works flawlessly and I tend to stay in desktop mode so I didn't realize this. DESKTOP MODE CAN BE PERSONALIZED. This still gives you enables everything I wanted so I don't see the problem. My metro background doesn't matter to me. I can also just install a win7 start menu, but again I have no issues and this works flawlessly.
Click to expand...
Click to collapse
the more important point is that you are not activated. System files have been replaced and sooner than later with a Windows Update these files will be fixed. Just letting you know and that you are aware of it. The system "fakes" activation - period. It spoofs some strings and flips some "switches" to make things appear that you are activated when in fact you are not.
You can do everything else without Win8 activation as well and use the system forever. You have the watermark and a reminder to activate. You can remove the watermark and activation reminder with the remover somebody made . However, that patch will not report that you are activated, it will only remove watermark and bypass activation message. Your OP reports on a nasty (not only my opinion) patch that replaces some system files that actually fake activation. You should at least change the statement that it will permanently activate Windows8, this is not true and has been proven to be fake (see MDL posts).
I personally don't like patches that replace system files that I am not aware of and that claim to give you activation when in fact it replaces text within dll's that fool you. If you want to be informed on how to activate Win8 I suggest reading the MDL forum about Win8 activation.
atrix4g18 said:
484 thanks? And you are that ignorant? Please grow up. This requires build 9200. Not the consumer version and it works flawlessly.
Click to expand...
Click to collapse
as much as I don't like his attitude, he is correct that it is malware.
It is not ACTIVATED! I downloaded to try and downloaded Microsoft something. I forget what its called but it checks for stuff on your computer that is not activated and Windows 8 was on there and said Windows 8 is not genuine. SO there you go.
I did manage to activate it permanently though by getting a serial number off a youtube vid and activate via UK Microsoft number and worked WITH personalize working!!!!
THIS IS ILLEGAL. DO NOT POST CRACKS FOR ACTIVATING WINDOWS.

Blocking Unwanted Connections with a Hosts File/block ads, banners, 3rd party Cookies

MVPS HOSTS now includes entries for most major parasites, hijackers and unwanted Adware/Spyware programs!
What it does ...
You can use a HOSTS file to block ads, banners, 3rd party Cookies, 3rd party page counters, web bugs, and even most hijackers. This is accomplished by blocking the connection(s) that supplies these little gems. The Hosts file is loaded into memory (cache) at startup, so there is no need to turn on, adjust or change any settings with the exception of the DNS Client service (see below). Windows automatically looks for the existence of a HOSTS file and if found, checks the HOSTS file first for entries to the web page you just requested. The 127.0.0.1 is considered the location of your computer, so when an entry listed in the MVPS HOSTS file is requested on a page you are viewing, your computer thinks 127.0.0.1 is the location of the file. When this file is not located it skips onto the next file and thus the ad server is blocked from loading the banner, Cookie, or some unscrupulous ActiveX, or javascript file.
Example - the following entry 127.0.0.1 ad.doubleclick.net blocks all files supplied by that DoubleClick Server to the web page you are viewing. This also prevents the server from tracking your movements. Why? ... because in certain cases "Ad Servers" like Doubleclick (and many others) will try silently to open a separate connection on the webpage you are viewing, record your movements then yes ... follow you to additional sites you may visit.
Using a well designed HOSTS file can speed the loading of web pages by not having to wait for these ads, annoying banners, hit counters, etc. to load. This also helps to protect your Privacy and Security by blocking sites that may track your viewing habits, also known as "click-thru tracking" or Data Miners. Simply using a HOSTS file is not a cure-all against all the dangers on the Internet, but it does provide another very effective "Layer of Protection".
In case you're wondering ... this all happens in microseconds, which is much faster than trying to fetch a file from half way around the world. Another great feature of the HOSTS file is that it is a two-way file, meaning if some parasite does get into your system (usually bundled with other products) the culprit can not get out (call home) as long as the necessary entries exist. This is why it's important to keep your HOSTS file up to Date. How to get notified of MVPS HOSTS updates.
How to get notified of MVPS HOSTS updates.
This download includes a simple batch file (mvps.bat) that will rename the existing HOSTS file to HOSTS.MVP then copy the included updated HOSTS file to the proper location. For more information please see the Windows version that applies to you ...
Windows 8 requires special instructions - over there see here
Windows 7 requires special instructions - over there see here
Win Vista requires special instructions - over there see here
Manual Install Method - Unzip in a "temp" folder and place in the appropriate installed location:
If you are having trouble downloading or extracting the HOSTS file [click here]
Note: the below locations are for the typical default paths, edit as needed.
Windows 8/7/Vista/XP = C:\WINDOWS\SYSTEM32\DRIVERS\ETC
Windows DNS Client Service
In most cases the DNS Client Service is not needed, it is recommended to turn it off. These instructions are intended for a single (home-user) PC. If your machine is part of a "Domain", check with your IT Dept. before applying this work-around. This especially applies to Laptop users who travel or bring their work machines home. Make sure to reset the Service (if needed) prior to connecting (reboot required) to your work Domain ...
To resolve this issue (manually) open the "Services Editor"
Start | Run (type) "services.msc" (no quotes)
Win8 users - Control Panel > Administrative Tools > Services
Scroll down to "DNS Client", Right-click and select: Properties - click Stop
Click the drop-down arrow for "Startup type"
Select: Manual (recommended) or Disabled click Apply/Ok and restart.
My recommendation easy way to do it:
Hostsman includes an option to turn off the DNS Service [screenshot]
Workaround for using the MVPS HOSTS file and leaving the DNS Client service enabled (set to: Automatic)
If you find after a period of time that your browser seems sluggish with the DNS Client service enabled you can manually flush the DNS cache
Close all browser windows ... open a "Command Prompt" from the Start Menu > All Programs > Accessories > Command Prompt
Win8 users - Charms Bar > Search > (type) command prompt > Select: Command Promt (left pane) Ok the UAC prompt
(type) ipconfig /flushdns (press Enter) Then close the Command Prompt ...
A better Win8/7/Vista/XP workaround would be to add two Registry entries to control the amount of time the DNS cache is saved. (KB318803)
Flush the existing DNS cache (see above)
Start > Run (type) regedit
Win8 users - from the Charms Bar, select: Search (type) run and select Run (left pane) and (type) "regedit" (no quotes)
Navigate to the following location:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters
Click Edit > New > DWORD Value (type) MaxCacheTtl
Click Edit > New > DWORD Value (type) MaxNegativeCacheTtl
Next right-click on the MaxCacheTtl entry (right pane) and select: Modify and change the value to 1
The MaxNegativeCacheTtl entry should already have a value of 0 (leave it that way - see screenshot)
Close Regedit and reboot ...
As usual you should always backup your Registry before editing ... see Regedit Help under "Exporting Registry files"
P.S IT'S NOT MY WORK I JUST SHARE WHAT I FOUND SO PLZ SUPPORT DEVELOPER (MAIN WEB PAGE) IF YOU FOUND IT USEFULL
P.S 2 YOU AND ONLY YOU RESPONSIBLE FOR WHAT YOU DOING WITH YOUR PS
P.S 3 FEEDBACK AND TUBS UP IS REQUIRED
or use adblock for firefox and chrome and tracking lists in internet explorer (which also works on RT) rather than download dodgy 3rd party files with no source code which could just as easily be malware.
SixSixSevenSeven said:
or use adblock for firefox and chrome and tracking lists in internet explorer (which also works on RT) rather than download dodgy 3rd party files with no source code which could just as easily be malware.
Click to expand...
Click to collapse
Or you can just download it, check it and stop posting useless warnings. Although, not sure if you're able to decompile it.
Useless guy said:
Or you can just download it, check it and stop posting useless warnings. Although, not sure if you're able to decompile it.
Click to expand...
Click to collapse
Useless warnings? Come back to me when your computer is ridden in malware from carelessly downloaded files in a few months time.
Guys, calm down. @SixSixSevenSeven is right, though. I'd rather not download any weird files and copy them to my system32 directory, especially if there isn't any source available.
And anyways, isn't discussing this stuff against the rules?
You know, because we're all kinda developers and stuff, and that's how we make our money?
That host file is the exact same method used by android. There no compiling/decrypting/program or malware included. Is a text file ?
Thanks OP, it works as intended. Blocks all ads successfully.
D.O.C said:
That host file is the exact same method used by android. There no compiling/decrypting/program or malware included. Is a text file ?
Thanks OP, it works as intended. Blocks all ads successfully.
Click to expand...
Click to collapse
Yes, it may be the same method, but the hosts files are open source and you have open source apps which do the installation for you.
And I still think this thread is against the rules. ..
Sent from my GT-I9505 using XDA Premium HD app
http://someonewhocares.org/hosts/
Here's the host file I use. Works pretty good - no need for Android apps or anything.
Beatsleigher said:
Yes, it may be the same method, but the hosts files are open source and you have open source apps which do the installation for you.
And I still think this thread is against the rules. ..
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
Against what rules
vasiaeva said:
Against what rules
Click to expand...
Click to collapse
Against the XDA rules, which you read and accepted as you created your account
Sent from my GT-I9505 using XDA Premium HD app
Beatsleigher said:
Against the XDA rules, which you read and accepted as you created your account
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
Don't worry about XDA there is admins army who watch for that...
But i like you sense of humor :good:
Beatsleigher said:
You know, because we're all kinda developers and stuff, and that's how we make our money?
Click to expand...
Click to collapse
I don't see any developers here
Useless guy said:
I don't see any developers here
Click to expand...
Click to collapse
Thanks man. I guess you don't see me...
Sent from my GT-I9505 using XDA Premium HD app
Guys, there is nothing wrong with this - it's been going on for years in this exact format. Any ad-blocker that you use (apart from browser extensions/add-ons) will use this method.
The hosts file (yes, located in a sub-directory of System32 ) is what your PC looks at for address translation. It's a text file, so you can open it in a text editor (even notepad will do it) and check it there, but other than being used to translate domain names to IP addresses it is not in any way active.
If you're concerned about it I suggest you don't use it. If you're curious about it then open the hosts file and look at the contents. Other than that, it's nothing to worry about.
Beatsleigher said:
Yes, it may be the same method, but the hosts files are open source and you have open source apps which do the installation for you.
And I still think this thread is against the rules. ..
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
I really don't know what you are talking about, OP just shared a method to block ads, no application discussion whatsoever, never stated it was a "only method" or anything like it. You are definitively successful at changing topics though.
and BTW, it is not against forum rules.
The only thing that could possibly be against the rules is the fact that ads are getting blocked - but AFAIK XDA has nothing about that.
Perhaps you don't like how it uses a closed source utility (which is actually open source)? Well then you might not like 90% of ROMs on this site - for all we know they set all the text we type in to some Chinese servers.
SilverHedgehog said:
The only thing that could possibly be against the rules is the fact that ads are getting blocked - but AFAIK XDA has nothing about that.
Perhaps you don't like how it uses a closed source utility (which is actually open source)? Well then you might not like 90% of ROMs on this site - for all we know they set all the text we type in to some Chinese servers.
Click to expand...
Click to collapse
What? Dude. I'm a dev myself. I don't care if somethings closed source, as long as it has good enough documentation or unless I know exactly what the program's for...
And for all I know, from the IP address of the XDA servers, they're based in America. The only Chinese servers used in XDA are those of Chinese people wanting us to download their ROMs.
And I don't know what the OP uploaded, as far as U knkw it's a text file. But even text files can contain viruses, just like pictures can, which is why I'm not downloading it and think it could be against the rules. But never mind. If you want to download it, go ahead. I'm not and I'm using AdBlock Plus, which I built from source.
Sent from my GT-I9505 using XDA Premium HD app
Beatsleigher said:
What? Dude. I'm a dev myself. I don't care if somethings closed source, as long as it has good enough documentation or unless I know exactly what the program's for...
And for all I know, from the IP address of the XDA servers, they're based in America. The only Chinese servers used in XDA are those of Chinese people wanting us to download their ROMs.
And I don't know what the OP uploaded, as far as U knkw it's a text file. But even text files can contain viruses, just like pictures can, which is why I'm not downloading it and think it could be against the rules. But never mind. If you want to download it, go ahead. I'm not and I'm using AdBlock Plus, which I built from source.
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
You misunderstood me. I'm saying that closed source software could always have backdoors, even if it comes from XDA users.
Even if somebody did find an exploit that somehow executed code in a .txt file, they wouldn't be using it one some kids wanting to block ads, they'd make a lot of cash either by reporting that bug to Microsoft or by selling it on a black market.
Beatsleigher said:
What? Dude. I'm a dev myself. I don't care if somethings closed source, as long as it has good enough documentation or unless I know exactly what the program's for...
And for all I know, from the IP address of the XDA servers, they're based in America. The only Chinese servers used in XDA are those of Chinese people wanting us to download their ROMs.
And I don't know what the OP uploaded, as far as U knkw it's a text file. But even text files can contain viruses, just like pictures can, which is why I'm not downloading it and think it could be against the rules. But never mind. If you want to download it, go ahead. I'm not and I'm using AdBlock Plus, which I built from source.
Sent from my GT-I9505 using XDA Premium HD app
Click to expand...
Click to collapse
Mannn I didn't upload anything. If you check the link in OP its brings you to another XDA thread. Better double check before you say something that you don't now . ..
Sent from my SPH-L900 using Xparent Skyblue Tapatalk 2
vasiaeva said:
Mannn I didn't upload anything. If you check the link in OP its brings you to another XDA thread. Better double check before you say something that you don't now . ..
Sent from my SPH-L900 using Xparent Skyblue Tapatalk 2
Click to expand...
Click to collapse
There is a reason I donb't click on links like that. That is (mainly) because my laptop's dead and I'm using my mum's, which is a really cheapy-sh*tty thing which doesn't even support NX from sides of the CPU (Which means it can't run Windows 8 and/or 8.1).
And the other reason being: I don't trust any files which I, myself, downloaded from somewhere you can't always trust where someone wants me to copy it to my system path.
So, no. I won't check things out that 'I don't know'.
And what was the point of this thread, is if only leads to a different thread?

com.samsung.android.kgclient malware?

I can't disable this apk because it says it's an admin app but when I look at the list of admin apps it's not there. It shows it's Payment Services? Any advice on how to remove this would be greatly appreciated. If you need any info from me please let me know.
Pretty sure that is part of Samsung Pay.
Sent from my SM-N975U using Tapatalk
com.samsung.android.kgclient is not malware
It is an app from Samsung and it's called "Payment Services".
check data/system/enterprise.db
Hosehead said:
Pretty sure that is part of Samsung Pay.
Sent from my SM-N975U using Tapatalk
Click to expand...
Click to collapse
Yeah, Samsung crapware. I hate it.
No way to uninstall or disable as it's preset as system administrator. Can't clear it's cache, and useless if you don't want this feature!
Another worthless Samsung free martin.
Like to rabbit punch the rat at Samsung who forced this down our throats.
Feel the wuv...
I use it all the time. To each his own.
Sent from my SM-N975U using Tapatalk
Hosehead said:
Pretty sure that is part of Samsung Pay.
Sent from my SM-N975U using Tapatalk
Click to expand...
Click to collapse
Hosehead said:
I use it all the time. To each his own.
Sent from my SM-N975U using Tapatalk
Click to expand...
Click to collapse
Great if you do but otherwise it serves no purpose.
The worst piece of bloatware on the phone other than Knox. Both run in the background.
I don't need Samsung playing big sister...
Thread cleaned!!!!
To @Hosehead and @blackhawk
As you can see, I have cleaned this thread of the fighting that has ensued between the two of you for whatever reason. I suggest that you both check your PM's and please be respectful of all XDA rules, especially those pertaining to "Member Conduct". If you have a problem with each other, please keep it relegated to PM's. Continued posting such as this, can, and often does, result in disciplinary actions. So please let this be the end of it here and now! Thank you for your cooperation, and let's return to on topic, and respectful discussion.
Thank you.
Badger50
XDA Moderator Staff
com.samsung.android.kgclient is "samsung payment service" and part of "knoxguard.apk" - if you diable (freeze) or remove (uninstall) it, after boot into system you get a message "the phone is locked bcause you uninstalled payment service..." there is another XDA thread regarding unlocking this by editing a file in /data/systems...
What you can do is blocking its internet access in afwall+ ...
Anybody knows how to completed remove knox+payment service in android 10?
monicaONxda said:
com.samsung.android.kgclient is "samsung payment service" and part of "knoxguard.apk" - if you diable (freeze) or remove (uninstall) it, after boot into system you get a message "the phone is locked bcause you uninstalled payment service..." there is another XDA thread regarding unlocking this by editing a file in /data/systems...
What you can do is blocking its internet access in afwall+ ...
Anybody knows how to completed remove knox+payment service in android 10?
Click to expand...
Click to collapse
I wish
I hate that crap... it's set as a invisible administrator so you can't package block it or disable it.
No way to stop Samsung Payment from loading even if you don't use it.
KMLS Agent is another one...
monicaONxda said:
com.samsung.android.kgclient is "samsung payment service" and part of "knoxguard.apk" - if you diable (freeze) or remove (uninstall) it, after boot into system you get a message "the phone is locked bcause you uninstalled payment service..."
Click to expand...
Click to collapse
no issues whatsoever with. kgclient disabled
also .spay and .spayfw
raul6 said:
no issues whatsoever with. kgclient disabled
also .spay and .spayfw
Click to expand...
Click to collapse
Say me please, how you disable kgclient and don't have locking smartphone.
using an older version of Adhell with still active key
monicaONxda said:
com.samsung.android.kgclient is "samsung payment service" ...
What you can do is blocking its internet access in afwall+ ...
Click to expand...
Click to collapse
As for me I observed a service named "device services" in AFWall. Blocking this causes high battery drain. After some reseach I found that this is the kgclient.
Anybody with same experience?
can/has anyone try/tried these commands :
this takes away the ability to execute a wakelock,and it should/maybe prevent running (actively) in the background.
(@ shell+root)
appops set com.samsung.android.kgclient WAKE_LOCK ignore
appops set com.samsung.android.kgclient RUN_IN_BACKGROUND ignore
appops set com.samsung.android.kgclient RUN_ANY_IN_BACKGROUND ignore
permission manager X can do it as well (if your a GUIperson only )
starbright_ said:
As for me I observed a service named "device services" in AFWall. Blocking this causes high battery drain. After some reseach I found that this is the kgclient.
Anybody with same experience?
Click to expand...
Click to collapse
Yeah it's a little b*tch. (XDA has auto censor, how quaint)
These are always at it as well.
UID 1000 Android Services, can be firewall blocked almost all the time with zero impact.
UID 10044 Google Play Services*, can be Firewall blocked a lot of the time, needed for Gmail, Gmaps, Playstore.
Firewall blocking these pigs saves a lot battery for me.
*I keep Google Play Services package disabled except when needed. Even when PBed some of it's apks continue to run. Google Backup Transport Services and Framework use it a lot too if they're allowed to run.
device services ...do you mean com.sec.android.sdhms ?
thats the device health service (battery stats,..)
while it can be (fw)blocked,I havent found a way to remove it.
not even pm hide (which worked wonders for the game.gos service ) worked
even with pm uninstall,the package is back within seconds ...
one possibility would be to remove RUN_IN/ANY_BACKGROUND with appops/permissionmasterX.
justin22 said:
device services ...do you mean com.sec.android.sdhms ?
thats the device health service (battery stats,..)
while it can be (fw)blocked,I havent found a way to remove it.
not even pm hide (which worked wonders for the game.gos service ) worked
even with pm uninstall,the package is back within seconds ...
one possibility would be to remove RUN_IN/ANY_BACKGROUND with appops/permissionmasterX.
Click to expand...
Click to collapse
That's Samsung Device Health Management Service. I can, but don't package disable it.
It's not a menace on my device but each device is different. Not showing up on the firewall; probably grouped together in the UID1000 group which I do firewall block as it's a little b*tch.
It's currently running. I can package disable it to see what it's dependencies are...
Update, blocking it seems to do nothing that I can spot yet however it doesn't seem to be causing trouble either.
how did you disable it / or see whats it dependencies are ?
I block stuff only by appname,not UID within AFwall+
justin22 said:
how did you disable it / or see whats it dependencies are ?
I block stuff only by appname,not UID within AFwall+
Click to expand...
Click to collapse
I use package disabler. Sometimes Karma shows the UID number with a few of the system apks. As for dependencies mostly by observation, wysiwyg.

Categories

Resources