Safe XP v1.5.1.25, Copyright (c) Theorica Software, 2003-2005 ============================================================== Safe XP is freeware. E-mail: theorica@gmail.com All details are available at http://www.theorica.net DISCLAIMER: =========== Modifying the registry can cause serious problems that may require you to reinstall your operating system. We cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk. ABOUT: ====== Safe XP is a *FREE* software enabling users to improves their system performance and makes Windows to run faster, more secure and more stable! It is suitable for beginners and experts! INSTALL: ======== Copy SafeXP.exe (and SafeXp.htm as a Help File optionally) to the folder that you want. HOW IT WORKS: ============= When SafeXP runs, you can - Disable unnecessary Windows services. - Prevent Internet attacks. - Remove Microsoft Windows Messenger (MSN) application completely. - Disable tracking of your document history. - Disable Messenger antispam, spyware-like data traffic of System, Internet Explorer, Media Player, Error Reporting and much more functions into a single easy to use software. ADVANTAGES: =========== - It allows you to take control of your PC. - Make Windows to run faster and more secure. - Protect your privacy and strength Internet protection. - Disable Spyware-like activities of Windows XP (also 2000&ME&98) Operating System, Media Player, Internet Explorer and Outlook. - Disable unnecessary Windows services like System updates, error reporting and much more... - Prevent Internet attacks, any RPC/DCOM related vulnerabilities and fix exploits like DSO. - Disable script-based attacks on Windows Media Player, Internet Explorer and Outlook. - Block Windows Messenger (spam) vulnerabilities. - Restrict the actions of potentially dangerous "HTA" (Hypertext Application) capabilities in any version of Windows. - It does not need any DLL or another file(s). It is just a single "EXE" file: SafeXP.exe - No installation necessary. SYSTEM REQUIREMENTS =================== Thanks to all for the suggestions and comments. COMPATIBILITY ============= Safe XP has been successfully tested and developed under Windows 98 and XP. It also works under all versions of Windows 98, ME, 2000, XP and 2003. COMMAND LINE ====================== Safe XP allows working with command line parameters now. It could be helpful if you use SafeXP in any network environment. Syntax for execution from the command line is as follows: SafeXP.exe where is the name of the previously saved file. Example: SafeXP c:\safexp\safexp.dat This will start Safe XP in minimized (invisible mode), load values from c:\safexp\safexp.dat. Then it will apply values into the running/calling workstation. After execution program will be closed automatically. In network (domain) environment, you can copy both SafeXP.exe and (for instance) SafeXP.dat files to the Netlogon share to load your predefined Safe XP settings silently to every workstation which is connected to the network. The command-line parameter is optional. If no parameter is specified, the program will start normally. TECHNICAL INFORMATION: ====================== * Services XP starts a number of background services automatically, many are unessential and can be disabled or set to start manually to improve performance and security. - Disable Error report service If a program crashes on your machine, Windows generates an error report, which it wants to send to Microsoft. - Disable Remote Desktop support Prevents your machine from having the ability to be remotely controlled by a system administrator or via the internet. - Disable Remote Registry service Disallows remote computers to access and modify the registry on the local computer. - Disable Windows Update service Changes Windows automatic updates to manual mode. Disable Windows Messenger Spam The Messenger service is normally used to transmit service messages between clients and servers over the Internet. (It should not be confused with the Windows Messenger instant messaging program). Advertisers are now increasingly abusing this service by sending messages to large blocks of random IP addresses via the Internet. - Disable UPNP/SSDP service UPnP is a set of communications protocol standards that allow networked TCP/IP devices to announce their presence to all other devices on the network and to then inter-operate in a flexible and pre-defined fashion. There are currently limited UnPnP devices available and due to a recent security flaw it's advisable to disable this service. This also allows you to disable Universal Plug and Play Network Address Translation discovery which uses the Simple Service Discovery Protocol (SSDP) to reduce bandwidth and increase security. - Disable DCOM Distributed Component Object Model, or DCOM, provides a method for distributed network applications to communicate with one another. This setting allow you to disable support for DCOM. - Disable Internet time synchronize The system automatically synchronizes it's time with a timeserver at Microsoft. - Disable POSIX subsystem Windows 2000 and XP still come with the POSIX subsystem which allows the use of Unix commands against your system. - Disable Help service Disables Help and Support service to gain much more system resource. * Miscellaneous - Clear Pagefile at Shutdown. Windows does not normally clear or recreate the page file. On a heavily used system this can be both a security threat and performance drop. Enabling this setting will cause Windows to clear the page file whenever the system is shutdown. - Secure Desktop. Prevent certain software from sniffing and recording I/O on the desktop; however, the patch can interfere with other software. - No File sharing. Disallows other users on a network from sharing your files. - No Printer sharing Disallows other users on the network from sharing your printer. * TCP/IP &NetBIOS - Restrict Anonymous Guest Access There is a security flaw in the kernels of Windows NT, 2000 and XP. They allow anonymous session access, which can reveal dangerous information about a computer and its SAM (Security Accounts Manager) accounts. Discovering a SAM with administrative privileges could allow an attacker to break into the user's account and jack up account privileges to admin level. - Protect Against SYN Flood Attacks. Windows includes protection that allows it to detect and adjust when the system is being targeted with a SYN flood attack (a type of denial of service attack). When enabled the connection responses time out more quickly in the event of an attack. - Prevent Denial of Service Attacks. Denial of service attacks are network attacks that are aimed at making a computer or a particular service unavailable to network users. These settings can be used to increase the ability for Windows to defend against these attacks when connected directly to the Internet. - Disable listening on TCP port 445 Disables the raw SMB transport to cause malicious NetBIOS attacks and protect users from inadvertently exposing files on their computers, and also to block worms which spread via open file shares. * Internet Explorer 6 - Disable Automatic Updates The Internet Explorer automatically connects to MS and checks for updates by default. - Disable Scheduled Updates The Internet Explorer periodically checks for updates (usually once a month). - Disable Windows Authentication Deactivates integrated Windows authentication so the current user can be identified over the internet. - Prevent Execution of Risky Commands Prevents download permission for unsigned ActiveX controls and disables the vulnerability of mhtml documents. This restriction also removes the file association for .HTA extension to prevent infection by worms-like-viruses. It is safe for you if you do not use any HTML applications (HTA-files) at your computer. - Disable internal Java JIT compiler Disables Internet Explorer's internal Java Just-In-Time (JIT) compiler. - Disable Script Debugger If you run a script in Internet Explorer that results in an error, Internet Explorer gives you the option to debug the script. - Disable Watson Debug Log When Internet Explorer crashes, it asks you if you would like to send an error report to Microsoft. Doing this may help the Internet Explorer development team improve stability in future releases, however you can disable this by checking the tick in the box. Internet Explorer 6.0 only! * Media Player Windows Media Player has some kind of Spyware features. But you still have some control over your personal computer. - Disable Auto Upgrade and User Tracking Windows Media Player (WMP) will check from time to time if a new version of WMP is available by connecting to the microsoft.com site. If you do not want this to happen, mark this option. - Disable Sending User Identifier Windows Media Player sends a "serial number" unique to your system (GUID: global unique identifier) to Microsoft & other content providers. For enhanced privacy, check (disable) this option. - Disable Automatic Codec Download Codecs are what Windows Media Player uses to decode encoded media files (such as MP3, AVI etc.). If you try to play a file that Windows Media Player does not have a codec for, enabling this option will allow it to download one from Microsoft's web site automatically. Disabling this will make it ask you first. - Disable Processing of Scripts in Files Disables Windows Media Player from running embedded HTML script commands which can contain malicious code and should be disabled. - Disable Recent files in Media Player This restriction will disable Windows Media Player from creating recently used lists. - Disable Acquire licenses automatically This restriction will disable Windows Media Player from connecting to Internet sites for acquiring licenses. You acquired your license when you bought the CD, you should be able to copy it to your hard disk. - Disable Auto-update Media Information This restriction will disable Windows Media Player from connecting to Internet sites for updating media information. - MS Office XP Block Linked Images in Documents As an added security measure you can configure Office XP to block linked Hypertext Transfer Protocol (HTTP) images that are placed in documents. This is useful to avoid to ability for documents to be tracked using hidden images. - Disable Error Reporting In the event of a program crash with Microsoft Internet Explorer version 5 and 6, Office XP and also Windows XP itself, the user has the option to send debugging information to Microsoft. In theory this sounds like a smart function which should help Microsoft create more stable software. However, users sending these reports should be aware that sensitive or personal information may be sent to Microsoft along with debugging information. * Remove from Start Menu - Recent Documents This setting can be used to remove the Recent Documents folder from the Start Menu. - Favorites This tweak allows you to remove the Favorites folder from the Start Menu. - My Documents This restriction removes My Documents which is shown under the Documents folder on the Start Menu. - My Pictures This restriction removes My Pictures from the Documents folder on the Start Menu. - My Music This restriction removes My Music from the Documents folder on the Start Menu. - Recent Documents History Normally when you open or access a document or file it is added to the list of recent documents on the Start Menu. This tweak will stop files from being added to the list. - Recent Shares This restriction stops remote shared folders from being added to Network Places whenever you open a document in the shared folder. - Help and Support This restriction removes the Help feature from the Start Menu. - Run Removes the ability to launch commands or processes from the Start menu by removing the Run option. * MSN Windows Messenger - Disable in Outlook and IE It is used to remove MSN Instant Messenger functionality and integration from Outlook Express. - Disable Autostart MSN Prevent certain software from sniffing and recording I/O on the desktop; however, the patch can interfere with other software. - Disable MSN completely It is used to disable the ability to run the Microsoft MSN Instant Messenger client. * Network - Disable Automatic Hidden Shares It is possible to control automatically created hidden shares (C$, D$, E$ and so on) by Windows networking. - Hide Computer from the Browser List If you have a secure server or workstation you wish to hide from the general browser list, then enable this setting. - Secure DNS cache against pollution DNS cache pollution can occur if Domain Naming Service (DNS) "spoofing" has been encountered. The term "spoofing" describes the sending of non-secure data in response to a DNS query. DNS spoofing can be used to redirect queries to a rogue DNS server and can be malicious in nature. THANKS: ======= Thanks to all for the suggestions and comments. BUG REPORT: =========== Before you e-mail me about possible bug, check my homepage and be sure you have the newest version of the file. CONTACT: ======== If you have any questions, suggestions, bug reports or anything else, feel free to contact me at theorica@gmail.com or visit the web site below: http://www.theorica.net Copyright (c) Theorica Software 2003-2005. All rights reserved.