Prepping for Win 7 Apocalypse
- garyan2
- Posts: 7480
- Joined: Fri Nov 27, 2015 7:23 pm
- Location:
- HTPC Specs:
Uninstall, I don't think so. You could possibly remove the TV strip on the home screen, though, using something like MCT? Basically hide it.
- Gary
Keeping WMC alive beyond January 2020. https://garyan2.github.io
Keeping WMC alive beyond January 2020. https://garyan2.github.io
- d00zah
- Posts: 242
- Joined: Fri Nov 07, 2014 7:20 pm
- Location:
- HTPC Specs:
-
- Posts: 194
- Joined: Sun Jun 09, 2013 6:30 am
- Location: San Francisco Bay Area
- HTPC Specs:
no idea what a media center strip is. are they referring to four icons on the main menu for TV?
even if that is hidden wouldn't I still get the messages about the not being able to update the guide or guide out of date?
just checked uninstall and found that WMC isn't even listed. thought I would try uninstall, then reinstalling the program.
maybe I will just bite the bullet and do a fresh installation if I can find the disks.
even if that is hidden wouldn't I still get the messages about the not being able to update the guide or guide out of date?
just checked uninstall and found that WMC isn't even listed. thought I would try uninstall, then reinstalling the program.
maybe I will just bite the bullet and do a fresh installation if I can find the disks.
- d00zah
- Posts: 242
- Joined: Fri Nov 07, 2014 7:20 pm
- Location:
- HTPC Specs:
Yes. Each section is called a menu strip.
Have you tried unchecking 'Tasks > Settings > General > Automatic Download Options > Automatically download Windows Media Center data...'? This doesn't sound like the 'nag'.
WMC won't be in the installed Programs list. You need to select 'Turn Windows features on or off' from the left-hand column & uncheck 'Media Features > Windows Media Center' in the feature tree.
Unnecessary if you disable the feature.
-
- Posts: 194
- Joined: Sun Jun 09, 2013 6:30 am
- Location: San Francisco Bay Area
- HTPC Specs:
I didn't want to totally disable WMC. occasionally I use the Music Library function in combination with the Slide Show function.
I know there are work-a-rounds for that but I find it convenient to have it in one program.
I know there are work-a-rounds for that but I find it convenient to have it in one program.
- d00zah
- Posts: 242
- Joined: Fri Nov 07, 2014 7:20 pm
- Location:
- HTPC Specs:
That wasn't clear.
Have you tried unchecking the 'Automatically download Windows Media Center data...' to see if you still get the messages about the not being able to update the guide or guide out of date?
If not... it's been so long since I played around with this... if you remove the TV tuner card, does the TV strip go away (along with the guide msgs)? You could try disabling the device in Device Manager' & restart WMC to test.
-
- Posts: 194
- Joined: Sun Jun 09, 2013 6:30 am
- Location: San Francisco Bay Area
- HTPC Specs:
my original question probably got overlooked because it's at the end of the previous page of the thread.d00zah wrote: ↑Sat Dec 21, 2019 1:32 amThat wasn't clear.
Have you tried unchecking the 'Automatically download Windows Media Center data...' to see if you still get the messages about the not being able to update the guide or guide out of date?
If not... it's been so long since I played around with this... if you remove the TV tuner card, does the TV strip go away (along with the guide msgs)? You could try disabling the device in Device Manager' & restart WMC to test.
I will have to see what happens if I turn off the Silicondust cablecard tuners. I will have to wait and coordinate that with Channels TV usage. that is one of the reasons I was looking to uninstall the TV function of WMC. I wanted to eliminate any chance that WMC would try to grab a tuner and cause conflicts with Channels TV.
- d00zah
- Posts: 242
- Joined: Fri Nov 07, 2014 7:20 pm
- Location:
- HTPC Specs:
If another app is using the tuners, disabling them is probably ill-advised.
Again, does disabling 'Automatically download Windows Media Center data...' stop the messages about not being able to update the guide or guide out of date?
If that works, delete all scheduled recording requests, delete/clear recording history (in case there are any missed/partial recordings that could get retried) & hide the TV strip. That, I believe, should eliminate the possibility of WMC grabbing a tuner. To be absolutely certain, you could disable the 'StartRecording' scheduled task, but that might be overkill.
If later, you decide Channels TV isn't what you want, WMC is still configured. Add a guide source & setup tuners, ready to go.
Again, does disabling 'Automatically download Windows Media Center data...' stop the messages about not being able to update the guide or guide out of date?
If that works, delete all scheduled recording requests, delete/clear recording history (in case there are any missed/partial recordings that could get retried) & hide the TV strip. That, I believe, should eliminate the possibility of WMC grabbing a tuner. To be absolutely certain, you could disable the 'StartRecording' scheduled task, but that might be overkill.
If later, you decide Channels TV isn't what you want, WMC is still configured. Add a guide source & setup tuners, ready to go.
-
- Posts: 194
- Joined: Sun Jun 09, 2013 6:30 am
- Location: San Francisco Bay Area
- HTPC Specs:
I'm not suggesting disabling the tuners. I was just going to try running "Set Up TV Signal" while the Silicondust Cablecard Tuner is powered down. maybe not finding any tuners WMC will revert to no TV.
I don't think I will ever go back to WMC as a TV-DVR. once the guide is gone it's dead as far as I'm concerned. possibly Microsoft as well. for my needs the only reason I stuck with Windows was WMC.
if I don't just limp along with my Windows 7 desktops, I may look at a Chrome desktop or a Chrome box in the future.
-
- Posts: 11
- Joined: Sun Feb 25, 2018 1:53 am
- Location:
- HTPC Specs:
I'm doing the same, just because MS isn't supporting Win 7 any longer means nothing (you just can't pay for support any longer, who does that anyways?)... If you need to reinstall, all the updates to this point will still be there, but I do suggest you image your rig to save a bunch of time reinstalling...
-
- Posts: 12
- Joined: Wed Dec 18, 2019 8:53 pm
- Location:
- HTPC Specs:
Thank you for the advice Scallica, I really appreciate it. I do have two extenders connected to WMC, would blocking inbound disable these? In your opinion, would you be concerned about keeping Windows 7 connected constantly after support ends? Thanks again.Scallica wrote: ↑Thu Dec 19, 2019 1:23 amRetrieving guide data is an outbound connection. An inbound connection would be connecting to the WMC computer via Remote Desktop or an extender making a connection.FlukieStokes wrote: ↑Thu Dec 19, 2019 1:10 am Thanks for the advice. What is opinion on any infections if I just leave it connected? Not sure guide data would download If I block inbound connections? Thank you
- Scallica
- Posts: 2799
- Joined: Mon Jun 06, 2011 7:09 pm
- Location: USA!
- HTPC Specs:
Yes, blocking all inbound connections will break extenders. You need to make sure there is an inbound firewall allow rule for the Windows Media Center Extender service.FlukieStokes wrote: ↑Sat Dec 21, 2019 12:38 pmThank you for the advice Scallica, I really appreciate it. I do have two extenders connected to WMC, would blocking inbound disable these? In your opinion, would you be concerned about keeping Windows 7 connected constantly after support ends? Thanks again.Scallica wrote: ↑Thu Dec 19, 2019 1:23 amRetrieving guide data is an outbound connection. An inbound connection would be connecting to the WMC computer via Remote Desktop or an extender making a connection.FlukieStokes wrote: ↑Thu Dec 19, 2019 1:10 am Thanks for the advice. What is opinion on any infections if I just leave it connected? Not sure guide data would download If I block inbound connections? Thank you
My media server is running Windows 7 and I have no intention of upgrading it. If you are not using the system for everyday Internet use, the security risk is minimal. As I said in my previous post, if you are very concerned about security, you can create an isolated network (DMZ or VLAN) for the WMC PC and your extenders. For example, your main home network would be 192.168.1.X and your WMC network would be 192.168.2.X. You can block all inbound traffic from the isolated network into your main network.
HTPC Enthusiast / Forum Moderator - TGB.tv Code of Conduct
-
- Posts: 12
- Joined: Wed Dec 18, 2019 8:53 pm
- Location:
- HTPC Specs:
Thank you for your knowledgeable advice. Again, it is appreciated.Scallica wrote: ↑Sat Dec 21, 2019 2:04 pmYes, blocking all inbound connections will break extenders. You need to make sure there is an inbound firewall allow rule for the Windows Media Center Extender service.FlukieStokes wrote: ↑Sat Dec 21, 2019 12:38 pmThank you for the advice Scallica, I really appreciate it. I do have two extenders connected to WMC, would blocking inbound disable these? In your opinion, would you be concerned about keeping Windows 7 connected constantly after support ends? Thanks again.
My media server is running Windows 7 and I have no intention of upgrading it. If you are not using the system for everyday Internet use, the security risk is minimal. As I said in my previous post, if you are very concerned about security, you can create an isolated network (DMZ or VLAN) for the WMC PC and your extenders. For example, your main home network would be 192.168.1.X and your WMC network would be 192.168.2.X. You can block all inbound traffic from the isolated network into your main network.
-
- Posts: 40
- Joined: Fri Sep 11, 2015 11:08 pm
- Location:
- HTPC Specs:
Can you share how to set up Plex ?69385vette wrote: ↑Mon Dec 09, 2019 6:27 pm I tried out PLEX and found it superior to WMC. I am running a mix of 8 tuners (Hauppage and HDHomerun) with no issues. The PLEX guide works well and after a bit of learning I am ok with the DVR feature. I especially like the automatic commercial removal feature for recorded TV. I was comfortable with the unlimited one time license fee that includes the guide. So, I will be retiring WMC.
Thanks
-
- Posts: 50
- Joined: Mon Apr 10, 2017 4:34 am
- Location:
- HTPC Specs:
I posted another thread about my setup for Plex, there are several videos of using Plex, to setup, but happy to answer any questions if you want to make the switch. Good Luck!philipt95148 wrote: ↑Wed Dec 25, 2019 10:03 pmCan you share how to set up Plex ?69385vette wrote: ↑Mon Dec 09, 2019 6:27 pm I tried out PLEX and found it superior to WMC. I am running a mix of 8 tuners (Hauppage and HDHomerun) with no issues. The PLEX guide works well and after a bit of learning I am ok with the DVR feature. I especially like the automatic commercial removal feature for recorded TV. I was comfortable with the unlimited one time license fee that includes the guide. So, I will be retiring WMC.
Thanks
- davidhp
- Posts: 181
- Joined: Thu Mar 13, 2014 2:28 pm
- Location:
- HTPC Specs:
I have cut the cord with cable TV. Was still using WMC for OTA channels after I had a Rooftop antenna installed, but after a couple of days I lost 20 channels on WMC. I had to give up my Hauppauge dual Cable Card tuner when I cut the cable and hooked up my old Hauppauge single tuner (the HVR 1955 model) and get all 59 OTA channels available in my area (most are garbage channels but about 30 of them have watchable programing. I am using the WinTV software to record OTA shows (like using an old VCR - set the date, channel, start and end times) and that works fine for me for OTA channels. To make up for loosing the cable channels I subscribed to a streaming service which allows saving up to 50 hours of TV and upgraded my data usage to unlimited with my internet provider (cable). I also have software from Movavi that allows me to record anything on my computer screen in HD and save it to my hard drive. I use Titan free TV schedule to check listings to see what I want to record once a day and that works for me. I guess I will upgrade from Windows 7 to Windows 10 now.
- StinkyImp
- Posts: 675
- Joined: Thu May 11, 2017 7:53 pm
- Location:
- HTPC Specs:
You can also use the programming guide at TitanTV to (point and click) schedule recordings in Hauppauge WinTV. Here's an excerpt from the WinTV user guide:
-
- Posts: 2
- Joined: Mon Oct 28, 2019 2:38 am
- Location:
- HTPC Specs:
Same as many here.... Continue to use Win 7 WMC for the purpose for which that computer was built: to serve my HDTV as an OTA DVR.
I've been a long time user of epg123 and just subscribed to Schedules Direct due to M$ dropping the Rovi program schedules.
So far as security......
I turned off all Win 7 updates, and the updater process a long time ago and also gutted many unused services that Windows turns on by default that are the weaknesses that are exploited..
A number of attacks make use of unnecessary windows services & protocols that default to being active whether needed or not.
I've gutted out the OS of all remote services, unused network protocols and firewalled what can't be removed on my systems.
This practice is certainly not a new idea, reference this article written 12 years ago and still good advice.. .. re: »www.nist.org/news.php?extend.204
The lateral spread of ransomware on internal subnets was by SMB v1 protocol that's ancient going back to 1985 when first written, and still active by default.
I've been a long time user of epg123 and just subscribed to Schedules Direct due to M$ dropping the Rovi program schedules.
So far as security......
I turned off all Win 7 updates, and the updater process a long time ago and also gutted many unused services that Windows turns on by default that are the weaknesses that are exploited..
A number of attacks make use of unnecessary windows services & protocols that default to being active whether needed or not.
I've gutted out the OS of all remote services, unused network protocols and firewalled what can't be removed on my systems.
This practice is certainly not a new idea, reference this article written 12 years ago and still good advice.. .. re: »www.nist.org/news.php?extend.204
The lateral spread of ransomware on internal subnets was by SMB v1 protocol that's ancient going back to 1985 when first written, and still active by default.
-
- Posts: 2841
- Joined: Sun Jun 02, 2013 9:44 pm
- Location:
- HTPC Specs:
That link to the article just gives me a blank page.
I am aware of these things, but never bothered to deactivate any services, but I probably should. I've always thought that I would disable a bunch of services and then a month later I'll want to do something and it doesn't work, but I'll have no idea it was due to a service being disabled, or which service it is.
Do you have a list of the services you disabled, or a link to a good site for explaining what services to disable?
Having a "gateway" PC get infected and then that PC infecting the HTPC via the LAN is the one fear I have about continuing to run Win7 past 2019.
I would like to continue using shares on my LAN, so don't want to disable that, I'm not sure if disabling SMBv1 will cause an issue with that or if the newer protocols are the ones being used and SMBv1 is just legacy and not in normal use.
I am aware of these things, but never bothered to deactivate any services, but I probably should. I've always thought that I would disable a bunch of services and then a month later I'll want to do something and it doesn't work, but I'll have no idea it was due to a service being disabled, or which service it is.
Do you have a list of the services you disabled, or a link to a good site for explaining what services to disable?
Having a "gateway" PC get infected and then that PC infecting the HTPC via the LAN is the one fear I have about continuing to run Win7 past 2019.
I would like to continue using shares on my LAN, so don't want to disable that, I'm not sure if disabling SMBv1 will cause an issue with that or if the newer protocols are the ones being used and SMBv1 is just legacy and not in normal use.
-
- Posts: 2
- Joined: Mon Oct 28, 2019 2:38 am
- Location:
- HTPC Specs:
Looks like nist.org website has been replaced by nist.gov Tried finding the referenced paper on the new site, but looks I'm searching a virtual sea of papers on security..
Below is what I've disabled BUT there are also some major caveats to go along with this approach.
and on the second recent MS security incident involving Remote Desktop Services.. here is an actual quote I found from Microsoft...
--------------------------------
quote: Mitigations
The following mitigation may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Services disabled:
1. Disable Remote Desktop Services if they are not required. If you no longer need these services on your system, consider disabling them as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.
-------------------------------
It was quite a learning experience to look below the covers of the OS see what unused, historically vulnerable services could be found, and be turned off if not needed. After these changes I've found the systems run more reliably than before..You mileage may vary
The meaning of the A's, M's, D's below (example.... A>D means service initially found to be started automatically on boot was changed to Disabled) "A" stands for Automatic (on boot up activation), "M" manual start (a windows service can active (if really needed) or "D" for Disabled .... do not permit the service to run... and of course best of all "U" for Uninstalled (by me) if not needed... if it can't be uninstalled without cratering the system, then firewalling all ports the service uses is the alternative solution.
From the Change Logs:
Many of these changes were made as a result of scanning my intranet machines for open ports and tracing down what service opened the port. The machines can obviously still communicate using the only remaining protocol, TCP/IP (no windows networking, SMB, NetBeui, no file sharing allowed except by app using TCP/IP when needed, printers use TCP/IP). TCP/IP ports that can still be active by application software (have been given firewall permission) that I actually use.
Windows Firewall TCP Ports Blocked, Inbound & Outbound
135, 623, 3390, 5357, 16992, 59860 if open on specific machine.
See Windows Firewall Inbound & Outbound Rules
Uninstall SMB based Drivers
Control Panel>Network and Sharing Center>
Local Area Connection>Properties
Client for Microsoft Networks, Uninstall
File & Printer Sharing for Microsoft Networks, Uninstall
Link-Layer Topology Discovery Mapper I/O Driver, Uninstall
Link-Layer Topology Discovery Responder, Uninstall
QoS Packet Scheduler, ? Unchecked for now
Select Internet Protocol Version 4,Click Properties,
Click Advanced,Click WINS, NetBIOS Setting
Change "Default" to "Disable NetBIOS over TCP/IP
then OK
Go to Start | Control Panel, and double-click the System applet.
On the Hardware tab, click the Device Manager button.
Select Show Hidden Devices from the View menu.
Expand Non-Plug And Play Drivers.
Right-click NetBios Over Tcpip, and
select Disable.
Close all dialog boxes and applets
------------
The most dangerous and obsolete Windows Client/Server networking services (using Server Message Block-Common Internet File System (CIFS) that the ransomware is using for lateral infections
Service Name in Adminstrative Services
Server (SMB Protcol) A>D
Workstation (SMB Protocol) A>D
LanMan (Workstation) (SMB Protocol) A>D
HomeGroup Listener (receives data from "Server" A>D
HomeGroup Provider (sends data to "Server" M>D
Computer Browser M>D (local network browser..not any internet browser)
TCP/IP over NetBIOS Helper A>D
Remote Desktop Service M>D
Remote Desktop Services UserMode Port Redirector M>D
Remote Registry M>D
Routing & Remote Access M>D (local network, obsolete)
Below is what I've disabled BUT there are also some major caveats to go along with this approach.
- First, disabling some services can cause the Window OS to crater and not be able to boot.. So I don't recommend this to anyone who is not prepared with a back up OS image that they know will restore...
I use these removeable CRU Drive carriers https://www.cru-inc.com/products/rhinoj ... -jr-rj32t/ to make my "C" drives swapable, which as a normal back up practice, I rotate the C drive out at the end of each month and restore the backed up image to one of the next of 2 drives sitting on the shelf... So in the testing below (I think I did crater the ability to reboot on one of the changes) I simply swapped back in the good drive on the shelf..
I use only the TCP/IP stack for any intranet sharing e.g. network printers and a tcp/ip based file sharing app and NO Windows OS data file sharing tools; so all that was disabled as documented below.
and on the second recent MS security incident involving Remote Desktop Services.. here is an actual quote I found from Microsoft...
--------------------------------
quote: Mitigations
The following mitigation may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Services disabled:
1. Disable Remote Desktop Services if they are not required. If you no longer need these services on your system, consider disabling them as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.
-------------------------------
It was quite a learning experience to look below the covers of the OS see what unused, historically vulnerable services could be found, and be turned off if not needed. After these changes I've found the systems run more reliably than before..You mileage may vary
The meaning of the A's, M's, D's below (example.... A>D means service initially found to be started automatically on boot was changed to Disabled) "A" stands for Automatic (on boot up activation), "M" manual start (a windows service can active (if really needed) or "D" for Disabled .... do not permit the service to run... and of course best of all "U" for Uninstalled (by me) if not needed... if it can't be uninstalled without cratering the system, then firewalling all ports the service uses is the alternative solution.
From the Change Logs:
Many of these changes were made as a result of scanning my intranet machines for open ports and tracing down what service opened the port. The machines can obviously still communicate using the only remaining protocol, TCP/IP (no windows networking, SMB, NetBeui, no file sharing allowed except by app using TCP/IP when needed, printers use TCP/IP). TCP/IP ports that can still be active by application software (have been given firewall permission) that I actually use.
Windows Firewall TCP Ports Blocked, Inbound & Outbound
135, 623, 3390, 5357, 16992, 59860 if open on specific machine.
See Windows Firewall Inbound & Outbound Rules
Uninstall SMB based Drivers
Control Panel>Network and Sharing Center>
Local Area Connection>Properties
Client for Microsoft Networks, Uninstall
File & Printer Sharing for Microsoft Networks, Uninstall
Link-Layer Topology Discovery Mapper I/O Driver, Uninstall
Link-Layer Topology Discovery Responder, Uninstall
QoS Packet Scheduler, ? Unchecked for now
Select Internet Protocol Version 4,Click Properties,
Click Advanced,Click WINS, NetBIOS Setting
Change "Default" to "Disable NetBIOS over TCP/IP
then OK
Go to Start | Control Panel, and double-click the System applet.
On the Hardware tab, click the Device Manager button.
Select Show Hidden Devices from the View menu.
Expand Non-Plug And Play Drivers.
Right-click NetBios Over Tcpip, and
select Disable.
Close all dialog boxes and applets
------------
The most dangerous and obsolete Windows Client/Server networking services (using Server Message Block-Common Internet File System (CIFS) that the ransomware is using for lateral infections
Service Name in Adminstrative Services
Server (SMB Protcol) A>D
Workstation (SMB Protocol) A>D
LanMan (Workstation) (SMB Protocol) A>D
HomeGroup Listener (receives data from "Server" A>D
HomeGroup Provider (sends data to "Server" M>D
Computer Browser M>D (local network browser..not any internet browser)
TCP/IP over NetBIOS Helper A>D
Remote Desktop Service M>D
Remote Desktop Services UserMode Port Redirector M>D
Remote Registry M>D
Routing & Remote Access M>D (local network, obsolete)