If I remember correctly 3.5 was the last version before Mozilla went all pear shaped in regards to the cache. You used to be able to just go hook out files therefrom, name the file with the appropriate extension eg .flv (video) and you were good to go. There were cases where I wanted to save legitimate files this way off you tube and I'm sure in the end I couldn't access anything unless I updated the browser or it might have been flash version. Either way... but I hung on til the bitter end. Pretty sure I've seen a link like that but can't access any Mozilla sites right now, as Kerio has it blocked. Need to Load another Config file.
Nice to have you drop by Lockbox . Thanks for sharing. Regarding 7/ I'm in between a rock and a hard place with that. I can't stand (physical) clutter. On the one hand I buy a printer but on the other I'm forever trying to eliminate the paper war . There's plenty of things I need to do offline and so an air gapped computer sounds more reasonable I think.
Version 3.0 was the last before Developers started trying to prevent one from customizing the browser, either by obfuscation, removing choices entirely, or some other underhanded means. Version 3.5 is still acceptable though, and has more add-on/extension choices than Firefox 3.
I cannot find luciddream's services thread at all, but here is some stuff of possible interest: http://www.msfn.org/board/topic/66361-what-not-to-remove-for-some-programs/ http://www.theeldergeek.com/services_guide.htm http://www.theeldergeek.com/services_compiled.htm http://members.rushmore.com/~jsky/id01.html http://www.overclockersclub.com/guides/windows_xp_services/ http://www.wincert.net/forum/topic/1785-slimming-down-windows-xp-the-complete-guide/ http://www.wincert.net/forum/forum/122-slimming-down-windows-xp/ http://www.techspot.com/community/topics/cutting-the-fat-xp-installs-under-700mb.3521/ http://consciousvibes.com/computers/SecurityTips.html http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm http://www.windowsecurity.com/artic...indows_XP_Your_Definitive_Lockdown_Guide.html https://billmullins.wordpress.com/2009/04/18/turn-off-unnecessary-services-in-xp-speedup-your-pc/ https://billmullins.wordpress.com/2009/04/18/the-bare-minimum-processes-needed-to-run-windows-xp/ The best however seems to be gone from the web. It was titled "Better-Than-Nothing Security Practices for Securing Windows XP" and used to be at 'www.berghel.net'. Looks like my archived printout is all that remains of it.
OK, it was 4 pages back. https://www.wilderssecurity.com/thre...s-running-and-which-ones.378136/#post-2509345 Edited to add: is this the one you were,looking for? http://www.berghel.net/btnsp/XP/index.php#top
Yes, that's it! No longer at the URL on my printout, and Google refused to cough it up. Good find on your part.
Startpage finds this no trouble at all. In any case, the page I linked to doesn't have links to other pages within his site, or at least I can't see any, so here's his homepage. There is a wealth of info under that btnsp tab. http://www.berghel.net/home.php
Regarding " Windows will attempt to reinstall quite a few things when MS doesn't agree with what you removed", other than using 'Windows File Protection Switcher' to disable WFP (and leave it disabled thereafter), is there any other option to kill off a protected component and prevent XP Pro from resurrecting it?
@Uitlander @noone_particular Following components are listed in Windows Components Wizard, but are shown as unchecked: Internet Explorer Windows Media Player Windows Messenger Outlook Express Internet Gateway Device Discovery and Control Client Update Root Certificates Note: Everything in Add/Remove Windows Components list that has been uninstalled show as unchecked. Those components that are still installed show as checked. WFP is off when uninstalling components and re-enabled upon reboot. System32/dllcache folder is still intact. Some components were removed by the Windows Components Wizard and then by XPlite app. I used CCleaner registry cleaner to backup any reg keys that were found in scan and then removed after a component(s) uninstall. I'm not sure exactly what would cause Windows to try to reinstall the components that were removed. For some reason at least so far I'm not seeing this happen. Could it be a reg key that Windows searches for or maybe folder(s) that has been left on system or maybe deleted? I know dllcache folder is searched and probably catalogue files and registry as well.
Regarding "WFP is off when uninstalling components and re-enabled upon reboot", it was my understanding that once you re-enable WFP, it goes about resurrecting any protected files you killed off when it was disabled. Is this incorrect?
From what I've read Windows will replace the file from the system32/dllcache folder and if not found there it will search the Catalog files (.cat), then try's to replace the file using the I386 folder. If the I386 folder is not found it prompts for the Windows installation CD. When removing Windows protected components (WFP off) such as Outlook Express, Windows Media Player, etc. and then re-enable WFP on reboot of machine Windows will restore the folder for the component, but the folder should be empty. That's what I'm seeing so far using XPlite. Again, no actual component that was uninstalled is showing up as installed when WFP is re-enabled. I would also check the WINDOWS\inf folder to see if any changes were made there. Also since some of these protected Windows components are so integrated with one another you may have to uninstall more than just that one particular component in order to have a proper functioning OS. It's possible doing a manual removal (WFP off) of component(s) but will require lot's of time, work and knowing what folders/files and possible reg keys to remove. There is the possibility though that removing items manually may cause issues and lead to trying to fix the issue or may even result in having to restore from a full image backup. Some of this info is already posted in this thread, but welcome more info. Would like though to see from posters if they are having the same results and if not what exactly are they using and how they went about using WFP and removing protected components. NOTE: I was unsuccessful trying to prevent Windows from restoring the empty folders with WFP on. I used " Process Explorer " to remove the handle which is being held open by winlogon.exe process. Your able to delete - e.g. netmeeting folder with WFP on, but upon reboot Windows restores the empty netmeeting folder to Program Files location. Same result with trying other empty program folders. Not a big deal since folders show empty. Haven't tried Windows File Protection Switcher. Make sure you have a full system backup made beforehand when making these changes to the OS. I have WFP set to re-enabled after I'm done with removing components and rebooting. If someone has information that WFP should permanently remain disabled after removing components & rebooting then please post sources for that info.
When I researched this topic, it was aimed at nuking the 'index.dat' files so that I would not have to perpetually empty/erase the contents. I suspect this agrees with what you said "Windows restores the empty netmeeting folder to Program Files location. Same result with trying other empty program folders. Not a big deal since folders show empty." Since the empty index.dat folders would be restored (and begin to fill up again), it would negate the intent of permanently nuking them.
The index.dat files would have to be deleted & replaced with folders of the same name. Folder(s) should show 0 bytes. (empty) Read noone_particular post # 180 in this thread to see how to accomplish this.
Regret I was rushed last time, so I had to be brief. Been slowly going through my reference materials looking for what you asked about: If someone has information that WFP should permanently remain disabled after removing components & rebooting then please post sources for that info. Unfortunately my printouts are scattered through eight binders, only two are indexed, the remaining six I must go through page by page, so this will take some time. Here's what I found so far: https://support.microsoft.com/en-us/kb/222193 https://www.microsoft.com/resources...cs/en-us/system_file_protection.mspx?mfr=true http://www.pctools.com/guides/registry/detail/790/ https://bitsum.com/aboutwfp.asp http://www.overclockersclub.com/guides/disablesystemfilechecker/ http://tweaks.com/windows/37372/completely-remove-indexdat/ http://www.pcadvisor.co.uk/forum/helproom-1/clear-indexdat-xp-pro-104451/ http://www.5starsupport.com/tutorial/windows-data-security.htm http://windowssecrets.com/forums/showthread.php/132992-Index-dat-file http://www.compu-docs.com/indexdat.htm http://www.sudokuwiki.org/indexdat.htm http://computerprivacy101.com/indexdat-files-wiki/47-index-dat-files-basics.html http://www.pctools.com/guides/registry/detail/839/ None of the above says flat out that WFP should be left disabled, but many hint that so long as it is enabled, either it or its component (sfc.exe) will restore whatever protected file was previously eradicated. Of course this could mean just what you have said, that the restored file will be empty and therefore inert. I have found to my consternation that what such sources say and what they mean can vary greatly. For example, many such sites claim to show how to totally eradicate index.dat files permanently, yet when one looks into it, the site merely shows how to empty the contents. Anyway, I will continue sifting through my printouts for what you asked about.
Many thanks! I will study this post closely. I had asked about this on another forum: http://www.scienceforums.net/topic/87098-indexdat-files/ In post #3 fiveworlds says "Note windows will re-download the file from the internet if SFC fails to find it." Do you know if this is correct, and if so, just how to prevent it?
As for closing all ports (critical ports) on XP when no longer possible on further versions, I remember a nice little app I used when XP was my OS : Zeb Protect, really nice then.
If you remove and replace index.dat files with folders of the same name Windows may create additional index.dat files in Temp folders. Other locations? (e.g.) C:\Documents and Settings\<User Name>\Local Settings\Temp Folder name: Cookies > index.dat file added Folder name: History > index.dat file added Folder name: Temporary Internet Files > index.dat file added From my experience it depends on what index.dat files you delete and replace with folders of the same name. I have some locations showing just the index.dat folder (no file) empty. Other cleaned index.dat files are showing size of 16KB and 32KB depending upon the file. Anything over these sizes I would investigate. You can use a hex editor to open index.dat file to see what info is being stored. You could try using a cmd script and place it in your startup folder with locations of your index.dat files. Upon bootup or logoff it would automatically clean (not remove) the files. Another option would be to use a 'Ram Disk' which will delete what you place there upon shutdown. First time I've heard of this. Haven't noticed any re-download from internet.
Thanks for the above link. I've added it to my reference binder. Lots of useful info, but the reasons for WFP seems dubious to me. Given the ease with which XP Pro gets infected, and the extreme measures an enduser must employ to secure it against Trojans, viruses. etc., I would find the claim " If this happens windows file protection will kick it!" mighty hard to believe, but if true, then WFP has got to be the most shoddy piece of workmanship in operating system history. Whether or not it has any prophylactic benefit against malware I don't know, and prefer not to guess at. My opinion would be that WFP is much better at preventing users from customizing XP Pro than it is at preventing blackhatters from customizing it. Been studying post #180. One problem I will likely have to overcome is that I will not have dual boot. My build is set to have XP Pro & Linux on separate (dedicated) HDDs. Possibly use of a Linux LiveCD will solve this, as I have heard of many repair/diagnostic distros that can fix a damaged XP, but I've no idea if they can do everything 'Necromancer's DOS Navigator' can. I am aware of various apps that can enable viewing of index.dat contents, and some will also delete contents: index.dat analyzer 2 index.dat suite 2.11.0 index.dat viewer indexdat-ZAP 1.05 MilShield 7.5 PrivacyMantra 3.0 I'm not sure if any of these are able to replace/rename 'desktop.ini' system files. I have not yet given these files proper scrutiny. I am not clear on just what 'noone' means by "replace each one with a folder named index.dat.". Exactly what sort of alteration to the deleted (original) file name is being made to the new (dummy) file name to render it inert? On a sorta related topic, I have been trying to find a way to pick apart XP Pro Service Packs 2 & 3 in order to custom install only specific components, as I've heard there are nasties hiding within, and once SP 2 & 3 are installed, these critters are impossible to uninstall. No luck so far. I seems its an all or nothing scenario with service packs. Anyway I was wondering if you think the methods given in posts # 180 &181 might nuke any such impossible to uninstall nasties, or are such components truly bulletproof?
Been a while since I dual booted Linux and XP on separate HDDs. Last time that was done I had not removed any Windows XP core components. Don't know without testing the results it would produce. Haven't used Necromancer's DOS Navigator. Noone's idea if I understand correctly is that Windows won't create (e.g.) an index.dat file that has been deleted and replaced with a folder of the same name in that same location. You can try using a live CD/separate OS as mentioned and delete the index.dat files and replacing them with a folder named index.dat in the same location(s). Upon reboot of XP you should see an empty index.dat folder in that location, but no file. Could you explain further on the service packs nasties hiding within? What are you trying to custom install and/or uninstall?
I'm still wading through the contents of SP 2 & 3 and double-checking the suspicious items. This will take some time and effort. For example, the classic bugaboo CAPI keys in advapi.dll, I have still not been able to determine whether this is an actual threat, or an internet rumor on steroids. Guess I would probably want to ditch it either way, if the OS can survive without it. I'll try to compile a list of questionable content as time allows. Currently SP 2 & 3 look to be composed of 40% bloatware, 20% malware, 20% useful items, and 20% undetermined.
Wow, thanks for all the shout outs people. Keeping XP's surface to a bare minimum has been a labor of love for me over time. I'm still learning things all the time. I think it was Firefox 3.6 I loved, and stuck with for a long time, refusing to upgrade until I think v8, when some new feature came out I wanted... I believe it obfuscated your user agent string or something privacy related that helped. Plus by then it was stable, and lighter than v3. When 4 came out it was a nightmare. Some people won't even upgrade to SP3, but I've found it to be just fine. No noticeable added footprint and enhanced security. I also use the POSReady tweak to keep getting updates til 2019, and plan to keep it as my main OS until (at least) then. It starts with minimizing attack surface, not just for security but responsiveness. You can close every port with the OS alone without needing any firewall or router. I start there then go default deny and limit privileges with folder permissions & paranoid HIPS. Lock down FF via config & addons, restricted sandbox, HIPS. Any downloads go to an isolated place, also sandboxed and scanned before going anywhere else. Same goes for anything new introduced to the box via removable drives. That and boot to restore with something like a VM, Shadow Defender, and/or images. I recently put the Standard version of Macrium Reflect back on my box so I can boot-time image. But then again I've always found XP's built in option to choose the "Last known good configuration" to never fail, really. So it's kinda moot. Seriously, I don't think I've ever seen it not work. There's really not much to worry about if you follow this regimen. A good router is a must too. Or even a pair of them. And if you want anonymity follow mirmir's guides or flash the router(s) with dd-wrt and run the config. right from them like I do. Choose wisely, and there are good recommendations to be found in here. I like Mullvad as the 2'nd hop. I don't allow anything to connect out behind my back or without my say so. And like to know everything that's going on on my box. I'll let my entire connection drop first... I always put block rules under my app rules, for everything, not just OpenVPN. Best OS ever IMHO... the last mohican. And I have an anti-exploit now too that I didn't need to put .NET bloat-work on my box to enjoy, but my chances of being struck by lightning are probably better than it ever stopping anything.
I must have been tired when I first read your post, and I've just read it again. WOW, great post! Thanks. So much in there to pay attention to. It is so great to hear other XPers chime in. I heartily agree, this OS is great. In twelve odd years it taught me heaps, it crashed a few times early on (you have just recovered from a serious error) because I was learning, but after that it faithfully booted with no big issues for years and years. Very forgiving of all my poking around. Extremely stable. I sometimes wonder if M$ were a bit sorry they made such a great OS....for obvious reasons. If you're still watching this thread, have you got a link for that? Thought I might just give you all a basic update on where I'm up to and since I consider XP to be the most important OS because of the opportunity to lock things down, my latest adventures might help others who might take this course : - After my XP Pro Computer bit the dust I rescued the 80GBHDD and the 512MB RAM, and installed those on the spare computer lying around (XP Home on 40GB HDD) more or less same specs but different mobo. - I did a clean install of XP Pro on the same HDD. That was a first for me. I swapped the position of 2 HDDs on the IDE ribbon cable around to make sure XP Pro would be on C Drive ( Using Primary master position). - My XPPro CD was SP1. THAT caused some fun. Had a couple of failed installs, and basically it was outdated drivers and known issues with SP1 causing it stall the install at 34mins (or similar). - Another first...used nlite to slipstream SP3 and OS. All went well there. - Because I didn't reformat but just deleted the partial files, there were still some HIDDEN left over files from the first install attempt which I found out later, Windows apparently just happily carries on installing from where you left off. Once I deleted the hidden files the install went just fine. - Spent many hours installing the absolute necessaries such as Sandboxie, Kerio, a browser, setting up my Portables and just doing fine tweaks to how I had my system before. - Then I had a serious USB issue which brought the whole system down. BSODs on plugging in any device. Heaps of research finally had me deleting USB entries in Device manager and letting Windows rebuild them on boot. That worked. - Finally activated (by phone) my oem XP Pro a couple of days ago. No dramas there at all. Just installed but yet to activate my XP Small bus edition. - Everything seems pretty good and stable now. Just installed Aomei backupper and will do a System Image as soon as I've activated Small bus and installed my email client. - I've also downloaded VirtualBox but I'm TOTALLY green with VMs. Someone at Wilders posted in another thread about a legit link to an SP3 XPPro iso. DL'd that. None of that is installed yet. One things for sure, a reformat and clean install is great, but yeah it's a lot of work and what I didn't realize is how much Service Packs can be a potential nightmare. A question .... is it standard practice to defrag after an OS install and should I do it before Imaging?
Reality, Yes. Do defrag after all those OS installs and fixes you did. M$ temp files really fragment things during the installations. For imaging, likely not. It might depend on what product you use. For cloning, which some people like to use, yes, defrag.
