Building Your Own Privacy Package

Discussion in 'privacy technology' started by Reality, Aug 5, 2014.

  1. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Yes thanks, I'm aware of that. Look also to include Windows Media Player as well which MS makes
    difficult to remove without a third-party app.

    Just one example that is similar to other examples I found on the web to supposedly uninstall OE.
    NOTE: Removed the link because it did not work in my case.
    Strange thing I tried a similar example and during a test trial run it seemed to work.
    If I open up 'Set Program Access and Defaults' Outlook Express is absent from all 3 categories.
    If I open up 'Taskbar and Start Menu Properties' > Start Menu > Customize > Show on Start Menu
    and click on E-mail box Outlook Express is not listed. It is now listed in both locations.

    Deleting the entire contents of the OE folder was possible. The folder on reboot is still there, but empty
    courtesy of WFP left on. Still though, doesn't seem to completely remove Outlook Express from OS.

    According to XPlite info an Outlook Express install requires these components:
    • Address Book
    • IE HTML Rendering Engine

    If you remove IE HTML Rendering Engine from your system you will also be required to uninstall the
    following components:

    • Internet Explorer
    • MSN Explorer
    • Outlook Express
    • Out of Box Experience
    • Help and Support Center
    • Performance Monitor
    • System Restore
    • Help and Support Center
    • Windows Media Player 9+
     
    Last edited: May 20, 2015
  2. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    untitled.JPG
    Trying to remove 'Search Assistant' using XPlite trial and encounter following popup message. (screenshot)
    The dll file is installed and located in C:\WINDOWS\srchasst folder and the dllcache folder.
    I disabled the new Search Assistant and use the Classic Search interface in Windows Explorer and IE.
    Running XPlite (uncheck Search Assistant box) looks as if it removes the srchasst folder
    and returns Search to Classic Search interface if originally it was set to new Search Assistant.
    Did remove 'Microsoft Agent' prior to trying to remove Search Assistant. Could that be the cause
    of the popup message? Why wasn't srchctls.dll file found?
     
  3. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    With the possible exception of the performance monitor, I don't see anything in that list worth keeping. Except for activation, OOBE is useless. IE, MSN explorer, and OE all create the same issues, integrating the OS with the attack surface. The system restore borders on useless. There's far better options. The biggest issue I've seen with removing the rendering engine is that there's no default handler for .chm files. I haven't looked to see what else can open them.
     
  4. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Looking over the list there is more I could remove and hopefully have a properly functioning OS.
    I take it when you removed System Restore you also removed the Windows restore service
    as well? Currently have it disabled, but know how to remove it. XPlite message popup reminds me everytime
    I remove a component that it can't save a restore point.

    Forgot to mention when removing System Restore did you do anything with System Volume Information?
    It's possible to open folder through the Security tab , add user, change permissions and look inside.

    Also in order to remove Indexing Service you have to remove all Indexing Service language resources.
     
    Last edited: May 23, 2015
  5. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Isn't .chm a fancy way of saying "compiled html help file"?
     
  6. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I had disabled the restore service shortly after I assembled the test unit. When I removed system restore using XPLite, the restore service was also uninstalled. Regarding the restore point messages, those can be shut off in the XPLite settings. I never used the restore service so I disabled those prompts. Regarding the indexing service, I removed all of the components, including language files.

    I assume that you're referring to the System Volume Information folders for each drive. I haven't tried to do anything with them yet. With the restore service removed, those folders are all empty. This test unit is a bit unconventional. It might not work the same on a physical unit. It's also the only Windows I have that uses the NTFS file system. The 98 install is equipped with Paragons NTFS for Win98, which they are making available for free. I don't know if this is what's allowing me to open those folders. I don't have a physical system with NTFS for comparison. It does give (for lack of a better word) a very unique view of NTFS drives, access to their contents, and the ability to transfer them out of the virtual system as files. Right now, real life isn't allowing me the time I need to explore this. I did erase the System Volume Information folders via Win98. When I rebooted to XP, Windows recreated them, empty. WFP was disabled at the time.
    NTFS view.png
     
    Last edited: May 23, 2015
  7. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Yes. I was trying out a new application on the virtual system and found that I wasn't able to access the help file. Without the rendering engine, Windows couldn't open it. Was surprised that SeaMonkey couldn't open it either.
     
  8. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    I thought when I removed 'System Restore' during testing the System Volume Information folder(s) on
    the drive(s) were not completely empty. (physical system)

    MountPointManagerRemoteDatabase (0KB)
    Tracking.log (20KB)

    On another drive I have same info, but there is an additional _restore folder with 1 file inside.
    I could re-test to make sure or maybe I did the test wrong.
     
  9. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    XP appears to recreate the System Volume Information folders and the 2 files you named every time it boots.Yours is the same size as the ones that XP recreated. I suspect that the tracking.log works much like an index.dat file, and 20KB is basically a default size. I wonder if creating a file with the same name will get rid of those like it does with Index.dat files and the Macromedia folder. Interesting that XP continues to report the folder as empty.
     
  10. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    If you use Windows Recovery Console you can disable/remove WFP and re-enable it by copying
    the dll files from the dllcache folder back to the system32 folder.
    Instructions are available if you need them. As always have reliable image backups in place.

    NOTE: Did testing on this using XPlite and the Recovery Console.
    WARNING: When disabling WFP using Recovery Console then running the XPlite executable and
    clicking only on Windows File Protection tab I received a
    BSOD and auto shut down!

    XPlite popup message came first (error) and then stopped followed by BSOD Message and shut down.

    Just clicking on XPlite WFP tab must activate something, because I never touched the actual
    settings.(on,off,disabled)
    If I copy the dll files from the dllcache folder back to system32 folder & then REBOOT
    the machine, start XPlite and click on WFP tab then everything seems OK. (WFP shows on)
    WARNING: Do not click on WFP in XPlite before rebooting or you'll see
    BSOD and shut down!

    For testing using only the Recovery Console (disable/remove WFP) I deleted the oobe folder and
    then re-enabled WFP and rebooted machine. Checked for oobe folder which is present, but empty.

    Conclusion: From my results I would not recommend using Recovery Console and XPlite together
    when implementing WFP.
     
  11. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Doing some experimenting I deleted the Tracking.log in SVI folder. I rebooted the machine and checked SVI
    folder (C drive) and no Tracking.log is listed. This test was done with System Restore installed and service disabled.
     
  12. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Windows Add/Remove Components (XPlite trial)

    Operating System Options:
    Microsoft Speech API?

    Multimedia:
    ATI SP1 Driver?
    Utopia Sound Scheme?

    Accessories:
    Desktop Wallpapers?
    Screen Savers - OpenGL?
    Screen Savers - Standard?

    Not sure about removing the above items. More info needed.

    Also had to go into Regional and Language options to prevent ctfmon.exe process from running.
     
  13. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    This is an amazing amount of digging you're doing. Keep digging :thumb:. There's no way I can follow this in depth tweaking atm .... I have my work cut out for me just getting my system organized. One of those is locking down this phone home stuff with Thunderbird. Will post on that shortly.

    This thread has a huge amount of great info and is an ongoing work in progress. It's been mentioned before about organizing it somehow, where the information might be more easily accessible. The first step in such an undertaking would be to get relevant subheading titles. Of late, I think we can add to that prospective list, "Windows add/Remove components". I like how KeyPers post is laid out above.

    Just a thought... as KeyPer has just done, do you think for the benefit of anyone just dropping by on this thread it would be useful to put a title within a post, when the content is being discussed quite a bit? Other things like the OS you're using, the tools you've used, the steps you've taken and the results whatever they may be, make for clearer reading and thus more useful. Also, by the nature of this thread, we know subjects covered are going to (sometimes) appear in a somewhat fruit salad fashion as peoples needs arise to question something, or work through something. I also see titles useful in this situation.
     
  14. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    The Speech API is only necessary if you use text to speech software or the Windows Narrator.
    The ATI SP1 driver is used by ATI video cards. According to their site, the Alerter, Computer browser, Messenger, Net Logon, RPC Locator services. If you have an ATI card or need any of those services, keep it.
    The Utopia sound scheme, desktop wallpapers and screen savers are all unnecessary unless you use one of them. IMO, the wallpapers look cheap. As for screen savers, I'd rather have the monitor power down.

    edit:
    I can't verify that the above services actually need the API drivers. The only one of those services remaining on the test unit is the RPC Locator. It appears to run with the ATI drivers removed. Those dependencies may depend on which service packs are installed.
     
    Last edited: May 26, 2015
  15. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    Guys, in regards to organizing this thread, I happened by accident on this thread just now ....
    https://www.wilderssecurity.com/thre...t-post-by-thread-starter.368679/#post-2412785
    LowWaterMark posted...
    The threads a bit old but Ive posted asking about the possibility of another feature, which if coupled with the ability for me to edit my first post, would prove quite useful. I see the upside to having the OP only appear at the start of the thread, is that it would be less encroaching if it became a bit lengthy, which it very well might if I was to set it up with links to all the topics covered and where they reside.

    Ideas and thoughts appreciated.
     
  16. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    That will be a big job. I think that the best way to organize and sort the info would be in the form of a website. A forum thread isn't going to be the best organizing format, especially when little if any of the material is complete. There's no way to assemble the individual topics together short of editing the entire thread. There's also several categories, policies, and applications that haven't been addressed at all yet.
     
  17. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    The digging has been going on for sometime now yet so much more to do. I'm taking a step-by-step
    approach where I do a full image backup before I start removing components and reg keys (backup) tied
    to those components. Also I do a search for any files associated with anything deleted/removed
    although I may have possibly missed some. Have to set WFP to off or disabled then continue to remove more
    folders/files to slim down OS.

    When using Recovery Console it writes to the boot.ini file which gives you the option on startup
    to use it or select the OS. It involves more work to disable WFP than XPlite. It leaves the
    PNF files intact whereas XPlite removes most of them.

    Did use Thunderbird years ago, but couldn't tell you what has changed since or if I made changes
    what they were. Would like to remove Outlook Express completely since I don't use it.

    Also found out Program Compatibility Wizard will launch Internet Explorer. (check Target location
    and Find Target)
     
    Last edited: May 26, 2015
  18. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    OK, thanks. In a sense, I think this will always be a work in progress and as such, whatever form it eventually takes, there's always going to need to be a "hammering out" section. In the meantime I think it will be beneficial to at least do an overview of topics so far, plus some links and page and post numbers as a quick go to. It would also suffice for others to see whats actually covered rather than trawl through all the posts or try and think of relevant search terms. For my own benefit I started doing this sometime ago, but haven't kept up with the later posts.

    @KeyPer4Life In my view slimming down the OS where that fat is unneeded excess baggage that phones home is a worthy procedure. Just a sweet reminder to all, the hammering out by trial and error is welcomed here. If that is good, and it is, then good instructions to accompany, are good too, but better. :)

    Now, Email (as always, with security/privacy in mind)
    So what are any of you using for your email client? I don't have a lot of use for email, especially computer based, and when I do I want it to be secure and private. After I uninstalled TB v17 and removed every semblance of anything that looked like a TB profile which it WILL look for on installation, no matter how old, how corrupt, how...anything else. I installed a fresh TB 2.0.0.24 to see if this would circumvent that stupid phoning home. I managed to get it to make an account. It didn't try making me go back to base before building the account and if it did it wouldn't succeed because I had Kerio block traffic. Now to see how I could lock it down with Kerio...

    As noone mentioned in here in post #12 and # 19 ......
    https://www.wilderssecurity.com/threads/email-clients-that-do-not-phone-home.375904/

    I had Kerio display notification to see if TB tried to phone home. It did. I got the ip address range and made a rule, but in all the playing around somewhere along the line I wasn't getting the notification which I'd set to come up even when mozilla was blocked. I still haven't got the account working because of password errors so still hammering this all out.

    A quick excursion online shows some serious concerns with email. TB is no exception.
     
  19. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    Gotta' love how add/remove techniques have evolved with some users on this thread/forum/planet...

    Before it was enough to just remove the program in question. As the user progresses up the experience ladder, they incorporate either a dedicated non-Windows uninstaller and/or a system cleaner with serious capabilities. Then said user matures; matures enough to remember "what if I mess things up?". So they introduce a backup/recovery application as a solid fallback feature, a just in case. Then the suspected final piece is introduced - remove the application, use the Windows Search or a 3rd party dedicated search application (Agent Ransack for example) to remove remnants left behind, and they scan the registry for left-over details before they activate the system cleaner/s.

    Wow.
     
  20. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    Not sure of your tone marza, but the point is, the end game here is privacy and security which both play into one anothers hands. Whatever it takes to achieve that is fair game. Some of us will not be able to achieve all there is in this thread for whatever reason, (including me) but for those who want to give it a try, it's there for the taking. It's not only an instruction thread, its a scratchpad as well. It's all good.
     
  21. marzametal

    marzametal Registered Member

    Joined:
    Mar 19, 2014
    Posts:
    766
    I was not being critical! :) Just an observation of how things have progressed over the years. Such detail and effort back in the day would've been unheard of.
     
  22. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    I hear. Yes sadly this is what it takes if one is to try and preserve privacy and security, although I will concede when push comes to shove, to get that 100% is a forlorn hope. Probably most people on Wilders are enthusiasts and IT people, and so this is the ideal fleshing out ground. I am neither of those but I strongly believe privacy is well worth preserving because it is a basic necessity for life. That said, I am compelled to do what I can.

    One only needs to look at facebook and the like to see "progress" is going backwards.
     
  23. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Back in the day, we were fighting adware and spyware, the Kazaa bundle, CWS, etc. There used to be a clear distinction between that junk and legitimate user software. I remember when I first started volunteering on adware/spyware removal sites. If we used the same criteria for identifying spyware that we used back then, modern browsers would be labelled as spyware programs and Windows itself would be a remote access trojan.
     
  24. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,241
    Checked into the Wallpapers and Screen Savers. Actually Screen Saver is set to [none]. The desktop wallpapers
    I could probably delete individually and keep the ones I want or use one of my own creation.
    The Screen Savers I could delete. I noticed the difference in Standard and OpenGL. OpenGL looks like it pertains
    to the 3D screen savers listed. Utopia sound scheme? Have no idea where that is located in the system.
     
    Last edited: May 26, 2015
  25. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    I never used the wallpapers. On my physical unit, I'd select a black background, then put a picture I like in the middle. On the virtual systems, a black background is all I use. For the most part, I shut off all of the eye candy. The exception would be my primary PC with 98. Revolutions Pack does make it look a lot better in addition to fixing the resources issue. My primary unit is also the only one that still has any screen savers. I don't remember where I got it, but one called Decay is pretty cool. When it engages, whatever is displayed on the desktop at the time slowly dissolves into a mass at the bottom of the screen.

    Regarding the Utopia sound scheme, you'll find those in Windows\ServicePackFiles\i386\ as individual .wav files. I usually set up my system to be silent. To me, all the sounds are distractions.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.