Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › What is User Account Control, and why the hell is it bugging me?!
New Posts  All Forums:Forum Nav:

What is User Account Control, and why the hell is it bugging me?!

post #1 of 4
Thread Starter 

What is User Account Control, and why the hell is it bugging me?!

This topic is one of the next articles of mine in a half baked "Going Deep" series (the other two are in the programming section). First of all - let me start with something: This topic is intended to describe the User Account Control (UAC) feature in Microsoft Windows, a bit more deeper than what many of you may know of it already. UAC can be a controversial topic - and I wish to leave that side out of this thread. It is purely informational only.

In this topic I will cover some details about the UAC component introduced in Windows Vista, including the goal of UAC, standard users, some implementation details and in Windows 7 and later, some additional features such as auto-elevation.

TIP: During development and internally the UAC feature was called LUA. LUA stands for Least Privilege User Access or Limited User Account. As such you will see references to LUA in various places, including in driver names (e.g. Luafv.sys), and registry keys such as EnableLUA.

So, what is User Account Control?

I am sure many of you aware that UAC is a component of Microsoft Windows that was introduced with Windows Vista to help enable users run with standard user rights. Unfortunately, due to various factors, including lack of developer awareness and effort, the usage model of Windows had assumed to be primarily administrative-rights only. This means that most people always ran with administrative privileges, because quite simply running with standard rights was a giant pain. This was not helped by Windows Setup itself - when Windows NT introduced the difference between standard and administrative rights, users were only presented with setup stages to create the first user account as an administrative user.

This was done partly for backwards compatibility with applications that were designed for pre-Windows NT, so that applications would surely run straight away for the user. To understand this choice by Microsoft, we must first understand that Windows is a user-centric operating system - if a user upgraded their machine from Windows 98 to Windows XP, they would expect their programs to run. If they didn't, many users would be frustrated with the operating system.

From this we can acknowledge two key problems:
  1. Windows needed a way to encourage users to run with standard rights for most of the time and to change the Windows usage model so that standard rights were the norm, rather than the exception.
  2. With standard rights then being the norm, users sometimes require administrative rights to do things such as installing new programs, configuring the firewall, etc.

TIP: It is important to note that UAC it not designed to be a security barrier. The goal of UAC is to solve the above two problems, from which security benefits can then be achieved. Thus, the goal of UAC is to make the environment for the standard user simpler and to bridge the gap between standard and administrative rights in an effective and easy to use manner. Under this new model, UAC allows users to run with standard rights most of the time, encourage software developers to create programs that can run with standard rights and even letting administrative users run as if they are standard users.

The wrath of the standard user

During the development of Windows Vista and subsequently the UAC component, Microsoft identified many operations that previously needed administrative rights that could be enabled for standard users, that would not reduce the overall security of the system.

EXAMPLE: One such case is changing the timezone in Windows. Prior to Windows Vista, changing the timezone was associated with changing the actual system time itself. This meant that those traveling abroad were unable to run as a standard user simply because of the annoyance of needing administrative rights to change the timezone. While the system time is used in various things such as Kerberos authentication (and thus the administrative requirement to change the time itself is warranted), the timezone only affects the way the system time is displayed to the user - so Windows Vista and later introduces a new user right called SeTimeZonePrivilege and allows standard users to thus change the timezone.

Many of the other operations that needlessly required administrative rights were solved in a similar way.

Those pesky legacy applications

While the idea of being able to run as a standard user for most of the time is a good idea, the implementation by itself does not solve a few critical problems. Unfortunately, there are many applications, especially those critical to many businesses that have followed the "assumption of the administrative user" and programmed against it. Indeed, some software really do require administrative rights, however other software simply do not (either as a result of lack of awareness, laziness, or other). The following are two locations that many applications assumed they were allowed to store data:
  • %ProgramFiles% (often C:\Program Files)
  • Modifying and creating registry keys under the HKEY_LOCAL_MACHINE hive.

Unfortunately (for incorrectly designed applications!) standard users do not have write permission to either %ProgramFiles% or HKEY_LOCAL_MACHINE (more specifically, HKEY_LOCAL_MACHINE\Software, however most of the hive is actually restricted). There is another problem when programs store data in %ProgramFiles% or write to registry keys in HKEY_LOCAL_MACHINE: When an application runs, it could be running as any user account. Programs that use these locations incorrectly assume that only one user will use the program, thus all users share the same application state, which may or may not be intended. These programs ran fine prior to Windows Vista because most users have been administrators and most Windows systems were single-user systems.

With standard user rights as the norm in Windows Vista and later however, this all comes to an abrupt end. Enter file system and registry virtualization. This means that for applications that are considered "legacy" to Windows Vista and later, any attempt to write to a global location that is restricted from standard user accounts is actually redirected automatically by the system to a per-user location.

Windows considers an application to be "legacy" (and thus enabled file system and registry virtualization for it), when:
  • The process that is running is a 32-bit process (either running on 32-bit Windows, or on 64-bit Windows as a WoW64 process). 64-bit processes are excluded because there would be zero 64-bit applications making any legacy mistakes, as prior versions of Windows were primarily 32-bit. Windows XP was the first to introduce 64-bit support, however it was not widespread and could not run 32-bit applications.
  • The process is not already running with administrative rights.
  • The process executable was not created with a manifest that indicates it is designed for Windows Vista and later.

TIP: Some Windows components or Microsoft components have virtualization enabled. One example of this is Internet Explorer because it can host third-party components such as ActiveX controls, which must be assumed to potentially make the same mistakes as described above with legacy applications.

The next two sub-sections explain the file system and registry virtualization techniques in more detail.

File System Virtualization

There are three main locations that are part of file system virtualization in Windows Vista and later (i.e. any legacy application attempting to write data here will be redirected to a writable, per-user location):
  1. %ProgramData% (this was the All Users profile in Windows XP and earlier)
  2. %ProgramFiles%
  3. %SystemRoot%

TIP: Some file extensions are excluded from being virtualized. These file extensions are those of files being written by an application, NOT the extension of the process that is running the application. File extensions that are considered "executable" that are excluded, include, but are not limited to, .exe, .scr, .bat. You may check the contents of the following registry key to determine the exact list of excluded file extensions, or add your own if you desire: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Luafv\Parameters\ExcludedExtensionsAdd. You must restart your computer for the changes to take effect.

The Location of Redirected Files
As it has already mentioned a few times that legacy applications attempting to write to one of the folders (or sub folders thereof) are redirected to a per-user location. You may then be wondering, where exactly is that per-user location? Each user has a folder called "VirtualStore" inside their local application data folder - i.e. %LocalAppData%\VirtualStore. Because these files are in the local application data section of the user profile, the VirtualStore does not roam when roaming profiles are configured.

EXAMPLE: A legacy application tries to write to C:\Windows\GreatAppSettings.ini. Where does the file get redirected to? The file will end up in the user's VirtualStore directoy, i.e. C:\Users\#UserName#\AppData\Local\VirtualStore\Windows\GreatAppSettings.ini.

When a legacy application attempts to read from one of the redirected locations, Windows first checks in the per-user location (i.e. for the VirtualStore). If the file does not exist there, Windows lets the read continue from the original path. This solves the potential problem where an application wishes to read a file from one of the redirected locations, but does not necessarily ever write to it (for example WIN.INI, or a file it does not own but uses for its own business).

Below is a diagram that shows what happens when the UAC file virtualization driver gets in the way of a write request from an application. In the diagram, the user is running as a standard user:
3aae81ca_IMG1.png
Luafv.sys is a file system filter driver, meaning all file system operations pass through it. It only deals with operations that come from legacy processes, however. When a legacy applications attempts to write to a protected directory, it is redirected as explained above - it then believes that the operation succeeded. If a non-legacy application attempts the same operation, it will fail right away.

Registry Virtualization

The second component to UAC virtualization is registry virtualization, which redirects writes to protected registry locations by legacy applications to a per-user location in the registry. Windows will virtualize most of the HKEY_LOCAL_MACHINE\Software tree. The following sub-keys that are excluded from virtualization, but not limited to are:
  • HKLM\Software\Microsoft\Windows
  • HKLM\Software\Microsoft\Windows NT
  • HKLM\Software\Classes

Microsoft have spent some time working out registry keys that are commonly used by legacy applications, but only ones that don't create more issues, that should be part of the registry virtualization process.

The Location of Redirected Registry Keys
Just like file system redirection, there is a place in the registry for each user that registry operations are redirect to for legacy applications. This place lives in the user's Classes registry hive - HKEY_CURRENT_USER\Software\Classes\VirtualStore. Whether or not a registry key is virtualized is defined by a set of new registry key flags introduced in Windows Vista. They consist of REG_KEY_DONT_VIRTUALIZE, REG_KEY_DONT_SILENT_FAIL and REG_KEY_RECURSE_FLAG. The main one is REG_KEY_DONT_VIRTUALIZE.

When REG_KEY_DONT_SILENT_FAIL is not set, and the key is not virtualized (REG_KEY_DONT_VIRTUALIZE is set), a legacy application is granted any access that the user has on the key, rather than the access that the application requested. The REG_KEY_RECURSE_FLAG indicates whether or not new subkeys inherit the virtualization flags of the parent key, rather than the default virtualization flags.

Checking Virtualization Flags
You can check the flags of a registry key (and thus its virtualization status) by using the REG command. For example:
Code:
C:\>REG flags HKLM\Software

HKEY_LOCAL_MACHINE\Software
        REG_KEY_DONT_VIRTUALIZE: CLEAR
        REG_KEY_DONT_SILENT_FAIL: CLEAR
        REG_KEY_RECURSE_FLAG: CLEAR

The operation completed successfully.

This shows that indeed the registry key HKEY_LOCAL_MACHINE\Software is eligible for virtualization (REG_KEY_DONT_VIRTUALIZE is not set), that silent failure is enabled (REG_KEY_DONT_SILENT_FAIL is not set, meaning that access requested must be access given), and that subkeys of HKEY_LOCAL_MACHINE\Software do not inherit it, but use the default flags (REG_KEY_RECURSE_FLAG is not set).

The following diagram shows how the registry virtualization part of UAC is implemented (note that the registry is implemented in the kernel itself, thus there is no simple filter driver capability - so by extension, the virtualization for the registry is also implemented in the registry component of the kernel):
1bcf84c0_IMG2.png
Here we can see the NT kernel (NTOSKRNL.EXE) is redirecting a registry write for a legacy application to ensure it still works, but disallowing the write to occur for a non-legacy application to encourage the developer to fix the problem.

More Application Compatibility

Sometimes the file system and registry virtualization still is not enough to permit legacy applications to run correctly under the new standard user model in Windows Vista and later. One example is a legacy application that tests to see if the user the application is running as is part of the builtin Administrators user group - when running as a standard this will of course fail, so Windows contains various fixes, called "compatibility shims" that automatically apply to various applications. The purpose of a shim is to virtualize previous behavior, or to fake a specific result of behavior so the application thinks that the operation has succeeded - enabling the applications to run anyway.

TIP: The shim that fakes the user Administrator group membership does not introduce a security risk. Windows simply tells the application "yes, this user is part of the Administrators builtin user group". It DOES NOT assign the security rights associated with that group, nor does it allow operations that the application can otherwise not perform. This means that even though the application will run, it will still fail if it tries to perform an administrative task. In this case, the application must be manually "Run as administrator" by the user. Windows figures that it is better to allow the application to run, there's a chance it will work fine and the developers were just being stupid by checking group membership.

Application compatibility shims are beyond the scope of this topic, so I there won't be any further detail on them, however it might be a topic I might be inclined to cover in the future.

Elevation of privilege

While the software base increases that is compatible with standard user rights, some of their operations will sometimes still require administrative rights to perform. Some examples are software installation packages - in fact, any application that requires to change global Windows settings such as system directories and registry keys, or installing device drivers will require administrative rights to succeed. For this reason, UAC provides a feature called elevation, which is essentially the older Windows "run as" feature, but beefed up on a few steroids. Without this feature, users would have to switch to a dedicated administrator account to perform these tasks - as they would have running as a standard user prior to Windows Vista. Of course, this would be annoying and cumbersome, meaning the user would be more likely to just stay in the administrator account all the time, which is exactly what UAC is set out to stop!

This feature of UAC, called "elevation" also allows user accounts that *are* administrators to run as a standard user most of the time, too. Elevation works a little bit differently whether or not the user is part of an administrative group, or is just a normal standard user. When a user part of an administrative group is logged on to the system, UAC functions in what is called "Administrator Approval Mode".

TIP: A user logged in as an administrative user runs as a standard user by default. The difference, however, is that Windows creates two identities for the administrative user when they log on - one with standard rights and another with their administrative rights. This means that developers must assume that all users are running with standard rights, meaning that more and more programs will work correctly without the aforementioned virtualization and compatibility workarounds.

Administrator Approval Mode

User Account Control functions in this mode when the user that is logged on is a member of one or more of the following administrative user groups:
  • Built-In Administrators
  • Certificate Administrators
  • Domain Administrators
  • Enterprise Administrators
  • Policy Administrators
  • Schema Administrators
  • Domain Controllers
  • Enterprise Read-Only Domain Controllers
  • Read-Only Domain Controllers
  • Account Operators
  • Backup Operators
  • Cryptographic Operators
  • Network Configuration Operators
  • Print Operators
  • System Operators
  • RAS Servers
  • Power Users
  • Pre-Windows 2000 Compatible Access

TIP: Many of the groups listed are used only on domain-joined systems and don’t directly give users local administrative rights, but only allow them to modify domain-wide settings. If a user is a member of any of those groups, but not the actual administrators group, then the user accesses his administrative rights via over-the-shoulder elevations instead of consent elevations.

When UAC is functioning in Administrator Approval Mode, the elevation mode is called "Consent elevation" - this does not require the user to type a user name or password (as opposed to what happens when running as non-administrative user [below]). It is called "Consent elevation" because the administrative user simply needs to select Yes or No to either allow or deny the administrative operation to go ahead. If the user chooses to allow the operation, Windows starts the process with the access rights of the user's administrative identity.

Standard User Mode

If the user logged on is not part of any of the administrative groups, then Windows only creates a single identity for the user (i.e. one with only standard access rights). When elevation is required by the system or an application, the elevation is called "over-the-shoulder" elevation (OTS) - this is because it requires the user name and password of an administrative user on the computer. Commonly this is performed by someone else who types their user name and password "over the shoulder" of the user requiring the administrative operation.

What this then does is creates a administrative identity based on the credentials that were used - the operation then runs as the administrative user, but inside the context of the logged on standard user.

The process of elevation

While the details on how an application is determined to require administrative rights, and thus elevation, is beyond the scope of this topic, a few ways are:
  • Using the Explorer shell to "Run as administrator"
  • The application provides a manifest specifying it must launch with administrative rights
  • The Windows application compatibility database has a list of applications that is knows require administrative rights
  • Various heuristics that are built into Windows itself (for example automatic detection and elevation of setup programs).

Once Windows has determined that the application requires administrative rights, the rest of the work is performed by two Windows components:
  1. Application Information Service - this service is what processes requests for elevation. It is implemented in %SystemRoot%\System32\Appinfo.dll and runs inside a service host process.
  2. Windows Consent application ("Consent UI for administrative applications") - this application is located at %SystemRoot%\System32\Consent.exe and is responsible for displaying the UAC elevation prompt (either the consent prompt, or the over-the-shoulder credential prompt).

The two above components work together to fulfill the entire elevation request for an operation requiring administrative rights. Here is a step-by-step of the elevation process:
  1. The Application Information Service receives a request to elevate a process.
  2. The Windows Consent application is launched by the Application Information Service.
    1. The Windows Consent application captures an image of the current screen and applies a dark effect to it.
    2. It then switches to a secure desktop which is accessible only by LOCAL SYSTEM and draws the image onto that desktop as the background. The secure desktop prevents any malware from modifying the the look of the consent prompt.
    3. An elevation dialog is then displayed, either in Admnistrator Approval Mode for consent elevation (asking the user to Continue or Cancel) - or - in Standard User Mode, prompts for over-the-shoulder credentials of an administrative user.
  3. Once the user completes the consent dialog (either by choosing Continue, or by providing valid administrative credentials), it communicates to the Application Information Service that it may continue.
  4. The Application Information Service then calls the Windows API CreateProcessAsUser. It is important to note that the Application Information Service re-parents the elevated process. This means that the new elevated process is NOT a child of the Application Information Service, but rather of the process that requested the elevation.
  5. CreateProcessAsUser then launches the process with the correct administrative identity and privileges, using the parameters supplied by the Application Information Service. The elevation operation is then complete.

TIP: If the user chooses Cancel on a consent elevation dialog, an access denied error is returned to the requesting application. However, if a user enters invalid credentials in an over-the-shoulder elevation dialog, the dialog continues to prompt until valid credentials are supplied, or Cancel is chosen. If cancel is chosen, the same access denied error is then returned.
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #2 of 4
Thread Starter 
Reserved
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #3 of 4
Thread Starter 
Reserved
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
post #4 of 4
Thread Starter 
Updated - next content will include information about security concerns, WIndows 7 specific changes and process integrity levels.
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
Ol' Sandy
(28 items)
 
"Zeus"
(12 items)
 
Elite Preview
(6 items)
 
CPUMotherboardGraphicsRAM
Intel Xeon E3-1230v3 Gigabyte GA-Z97X-UD5H-BK MSI Gaming GTX 980 Kingston 32GB (4x8) 
Hard DriveHard DriveHard DriveHard Drive
Plextor PX-256M5S 256GB Samsung EVO 1TB Hitachi HDS721010CLA332 Hitachi HDS723020BLA642 
Hard DriveHard DriveHard DriveOptical Drive
Hitachi HDS723020BLA642 Hitachi HUA722010CLA330 WDC WD10EARS-00Z5B1 TSSTcorp CDDVDW SH-S223B 
CoolingCoolingOSMonitor
Phanteks PH-TC14PE with TY-140's Lamptron FCv5 (x2) Windows 8 Pro 64-bit Dell U2412M 
MonitorMonitorMonitorKeyboard
Dell U2412M Dell U2212HM Dell U2713HM Topre Realforce 87UB | Ducky DK9087 G2 Pro 
PowerCaseMouseMouse Pad
Corsair AX-750 Corsair Obsidian 650D Logitech G700 XTRAC Ripper XXL 
AudioAudioAudioAudio
Beyerdynamic DT-770 Pro 250ohm Schiit Bifrost DAC Schiit Asgard 2 HiVi Swan M50W 2.1 
CPUMotherboardRAMHard Drive
Intel Xeon E5-2620 Super Micro X9SRL-F-B 128GB 1333MHz LSI 9271-8i 
OSPowerCase
VMware ESXi 5.5 SeaSonic SS-400FL2 Fractal Define R3 
CPUMotherboardGraphicsRAM
Intel Core i5-3437U HP EliteBook Folio 9470m  Intel HD Graphics 4000  16GB DDR3 SDRAM 
Hard DriveOS
256GB SSD Windows 10 Insider Preview 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Windows
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Windows › What is User Account Control, and why the hell is it bugging me?!