a few tips to make WinXP more secure
General information: The solutions written about in this tutorial might not be complete. There may still be security holes that have yet to be discovered and written about them here. If you are instructed to run something, click on the start button and choose run.
General information:
====================
The solutions written about in this tutorial might not be complete. There may
still be security holes that have yet to be discovered and written about them
here.
If you are instructed to "run" something, click on the start button and
choose "run".
Windows Messenger, removing:
----------------------------
Right-click on the Messenger-Symbol in the taskbar, then "Open". In the
"Tools" -> "Options" menu, choose "Preferences" and deselect everything.
As additional solution, go to "Connection", choose "I use a proxy ser-
ver" and reroute this to an unused local adress (like 192.168.0.2)
Another option to get rid of the Messenger is to edit the file
"sysoc.inf" in the "\Windows\Inf\" directory. Look for a line beginning
with "msmsgs" and remove the "hide," entry in that line. Now, it is
possible to remove the Messenger and also the MSN Explorer via "Add or
Remove Programs" -> "Add/Remove Windows Components"
Manual registration (DO NOT MISTAKE THIS FOR PRODUCT ACTIVATION!):
------------------------------------------------------------------
Run "regedit" and look for the key "HKEY_LOCAL_MACHINE\Software\
Microsoft\WindowsNT\CurrentVersion. Doubleclick on "RegDone" and
set it to "1"
Register DLL, disabling:
------------------------
Run "regsvr32.exe -u %windir%\system32\regwizc.dll"
Microsoft support accounts, removing:
-------------------------------------
In the Control Panel, select "Administrative Tools" -> "Computer
Management", choose "Local Users and Groups" -> "Users" and remove both
the "Support..." user and the "Help Assistant" user.
Backgrund: Íf your system malfunctions and you call tech support, it is
possible for them to log into your machine remotely and
fix things for you.
Mediaplayer:
------------
Choose "Tools" -> "Options", then "Player" and deselect "Allow Internet
Sites to uniquely identify your Player" and "Aquire licenses automati-
cally"
If you don´t like the new design of the mediaplayer, run "mplayer2" go
to "view" -> "Options" -> "Formats", choose "Select All" and hit
"Apply". Don´t forget to go to "Player" and make sure that "Allow
Internet Sites to uniquely identify your Player" is deselected.
Error Reporting, disabling:
---------------------------
Rightclick on "My Computer", choose "Properties" -> "Advanced" and click
on "Error Reporting". Mark "Disable error reporting". If you want to,
you can en- or disable "But notify me when critical errors occur".
Automatische actualization of system time, disabling:
-----------------------------------------------------
Doubleklick on the clock in the taskbar, choose "Internet Time" and de-
select "Automatically synchronize with an Internet time server"
Checking if WinXP has already been activated.
---------------------------------------------
Run "%systemroot%\system32\oobe\msoobe.exe /a" and read the message
screen. For security reasons, one might block port 2869 in the
Firewall of your choice.
Background: If Windows is not already activated, it immediately con-
nects to Microsoft. If you don´t want this, pull the plug
of your modem
Automatic Windows Update, disabling, part 1:
--------------------------------------------
Righclick on "my Computer", select "Properties" -> "Automatic Updates".
Select "Turn off automatic up[censored]".
Automatic Windows Update, disabling, part 2:
--------------------------------------------
"Control Panel" -> "Administrative Tools" -> "Services". Set
"Automatic Updates" to "Disabled".
Alexa Spyware, disabling:
-------------------------
Run "regedit" and look for the key "HKEY_LOCAL_MACHINE\SOFTWARE\
MICROSOFT\Internet Explorer\EXTENSIONS". Locate entry "{c95fe080-8f5d-
11d2-a20b-00aa003c157a}. Delete it including all sub-entries.
Background: This is Microsofts -SmartTags-
Internet line optimization
--------------------------
Run "gpedit.msc", select "Computer Configuration" -> "Administrative
Templates" -> "Network" -> "QoS Packet Scheduler". Klick on "Limit
reservable bandwidth", choose "Enabled" and set it to "0%"
Background: WinXP activates this limit as needed. However, if you
enable it manually and set the reserve to 0%, Windows
can´t limit the bandwidth anymore.
The Firewall of Windows XP:
---------------------------
Do not use this firewall, since it configures itself to allow Windows
unblocked access to the web, may it be for Media Streams, may it be
for a connection to Redmond...
====================
The solutions written about in this tutorial might not be complete. There may
still be security holes that have yet to be discovered and written about them
here.
If you are instructed to "run" something, click on the start button and
choose "run".
Windows Messenger, removing:
----------------------------
Right-click on the Messenger-Symbol in the taskbar, then "Open". In the
"Tools" -> "Options" menu, choose "Preferences" and deselect everything.
As additional solution, go to "Connection", choose "I use a proxy ser-
ver" and reroute this to an unused local adress (like 192.168.0.2)
Another option to get rid of the Messenger is to edit the file
"sysoc.inf" in the "\Windows\Inf\" directory. Look for a line beginning
with "msmsgs" and remove the "hide," entry in that line. Now, it is
possible to remove the Messenger and also the MSN Explorer via "Add or
Remove Programs" -> "Add/Remove Windows Components"
Manual registration (DO NOT MISTAKE THIS FOR PRODUCT ACTIVATION!):
------------------------------------------------------------------
Run "regedit" and look for the key "HKEY_LOCAL_MACHINE\Software\
Microsoft\WindowsNT\CurrentVersion. Doubleclick on "RegDone" and
set it to "1"
Register DLL, disabling:
------------------------
Run "regsvr32.exe -u %windir%\system32\regwizc.dll"
Microsoft support accounts, removing:
-------------------------------------
In the Control Panel, select "Administrative Tools" -> "Computer
Management", choose "Local Users and Groups" -> "Users" and remove both
the "Support..." user and the "Help Assistant" user.
Backgrund: Íf your system malfunctions and you call tech support, it is
possible for them to log into your machine remotely and
fix things for you.
Mediaplayer:
------------
Choose "Tools" -> "Options", then "Player" and deselect "Allow Internet
Sites to uniquely identify your Player" and "Aquire licenses automati-
cally"
If you don´t like the new design of the mediaplayer, run "mplayer2" go
to "view" -> "Options" -> "Formats", choose "Select All" and hit
"Apply". Don´t forget to go to "Player" and make sure that "Allow
Internet Sites to uniquely identify your Player" is deselected.
Error Reporting, disabling:
---------------------------
Rightclick on "My Computer", choose "Properties" -> "Advanced" and click
on "Error Reporting". Mark "Disable error reporting". If you want to,
you can en- or disable "But notify me when critical errors occur".
Automatische actualization of system time, disabling:
-----------------------------------------------------
Doubleklick on the clock in the taskbar, choose "Internet Time" and de-
select "Automatically synchronize with an Internet time server"
Checking if WinXP has already been activated.
---------------------------------------------
Run "%systemroot%\system32\oobe\msoobe.exe /a" and read the message
screen. For security reasons, one might block port 2869 in the
Firewall of your choice.
Background: If Windows is not already activated, it immediately con-
nects to Microsoft. If you don´t want this, pull the plug
of your modem
Automatic Windows Update, disabling, part 1:
--------------------------------------------
Righclick on "my Computer", select "Properties" -> "Automatic Updates".
Select "Turn off automatic up[censored]".
Automatic Windows Update, disabling, part 2:
--------------------------------------------
"Control Panel" -> "Administrative Tools" -> "Services". Set
"Automatic Updates" to "Disabled".
Alexa Spyware, disabling:
-------------------------
Run "regedit" and look for the key "HKEY_LOCAL_MACHINE\SOFTWARE\
MICROSOFT\Internet Explorer\EXTENSIONS". Locate entry "{c95fe080-8f5d-
11d2-a20b-00aa003c157a}. Delete it including all sub-entries.
Background: This is Microsofts -SmartTags-
Internet line optimization
--------------------------
Run "gpedit.msc", select "Computer Configuration" -> "Administrative
Templates" -> "Network" -> "QoS Packet Scheduler". Klick on "Limit
reservable bandwidth", choose "Enabled" and set it to "0%"
Background: WinXP activates this limit as needed. However, if you
enable it manually and set the reserve to 0%, Windows
can´t limit the bandwidth anymore.
The Firewall of Windows XP:
---------------------------
Do not use this firewall, since it configures itself to allow Windows
unblocked access to the web, may it be for Media Streams, may it be
for a connection to Redmond...
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
