Step 6 - Housecleaning for your Computer.
Step 6 - Housecleaning for your Computer.



   Before we begin, this Step does NOT apply to computers that are networked or on a LAN. That is, if your computer is hooked up to talk to or share files or printing with other computers located near you in your home or office, then you should read Appendix A instead. Since this site is geared mainly towards home or or stand-alone computer users, you probably are not on a LAN. Usually, you'd know it if you are.
   The reason you need to clean up your system is because Windows comes with a lot of extra baggage -- protocols and features that most people do not use. This poses a major hacking risk not to mention it can slow your system down. For example, Windows usually comes ready to be networked and to share files with other nearby computers. The problem with this is that people can also tap into your files over the Internet this way. Not only will getting rid of them make your computer much more secure, but it will probably make it a bit faster, too. As long as you have a copy of your Windows disk, you can reinstall what you are going to remove here should you ever need to network your computer with another.

Do this:

   First, go into your Network panel. Click on Start, then Settings, then Control Panel, then Networks, just like you did in Step 2. You may or may not get a message asking if you want to continue; if so, just say "OK". You will see an item called File & Print Sharing. If it is grayed out, leave it. If not, click it. Uncheck everything that comes up in the next window and click Ok when done. You've just disabled the direct ability to share files with others. You need to do a few more things to better protect yourself next.
   Back in the Network panel, look on the list in the top half of the window for something called Microsoft Client or something to that effect. (It's called slightly different things on different versions of Windows). If it's there, click it to highlight it and click Remove.
   You will probably see one, perhaps two or more things with a green icon. One will probably say "Dial-Up Adapter" if your computer has a regular, dial-up modem installed in it. Click on this so it is highlighted and then click "Properties" on the middle right. It should display a box with some tabs on the top. Click on the tab that says "Bindings". Uncheck everything except "TCP/IP" by clicking off the checks (if you have AOL, it may also say AOL TCP/IP -- leave this too). If TCP/IP is the only thing there (or there is nothing there) then you don't have to change anything and you can just click "Ok". Repeat this step for any other adapters (green-iconed things).
   You should be back in the Networks screen. Look for anything called a TCP/IP -> something Adapter (just like you did in Step 2.) They have an icon that looks like a "Y"-it's supposed to look like a power cord with a plug). With these, repeat the above steps that you did with the green iconed things. In addition, look for a tab that says NetBIOS. Click it. Look for a box that says "I want to enable NetBIOS over TCP/IP." If it is checked, uncheck it. Hit Ok when done. Do this for any other TCP/IP something Adapters you may have, if there are any more.
   Should you ever reinstall Windows, or should you add anything to it from the original CD, or install a new modem or network card, you will probably have to repeat the steps on this page. Windows has an annoying habit of reinstalling the junk you just took out whenever it can.

   Next, there are several patches to be applied. The first removes the extremely dangerous DSO exploit. Although these primarily affect Internet Explorer and Outlook users, it can manifest themselves in other ways, as all three can be used to spread viruses, spyware, and other malware. Simply download and run these three utilities in this order: First, download and run DSO Stop (courtesy of the makers of IEClean and NSClean), then HTA Stop. The next patch can interfere with macros running in Microsoft Office and JavaScript in Internet Explorer; if you can live without macros, or if you don't use Interner Explorer, download and run this utility to disable Windows Scripting Host (Courtesy of DiamondCS software). If you find yourself unable to use some needed functions in Office or Internet Explorer, this patch will undo the Windows Scripting Host patch. The first two patches have their own, built-in "undo" features, although you should never remove the HTA patch, since HTA applications have virtually no legitimate use. Again, bear in mind that if you install, reinstall, upgrade, or repair any Windows product, you may have to re-run these patches, and maybe have to redo this entire page -- Microsoft products tend to reinstall themselves, even if they're unwanted. So don't delete the patches when you are done.
   Next, download and run GRC's Unplug 'n' Pray. This utility disables an extraordinarily dangerous feature in Windows XP (and some versions of 2000, Me, or 98), called "Plug 'n' Play. This is not the same as the "Plug 'n' Play (PnP) feature of upgrade cards, but, rather, allows your home computer to serve as a virtual host. This feature is so dangerous and so badly thought-out that it resulted in an FBI warning to disable it shortly after the debut of Windows XP. Also get and run GRC's Shoot the Messenger, which will disable "Windows Messenger", which is used by spammers to send pop-up advertisements. Although technically this utility is unnecessary as long as you run a firewall, it's free, takes just a couple of seconds to download even on a very slow connection, and does the job. Finally -- and this applies to Windows XP users only -- also download GRC's XPdite, which removes a vulnerability that allows anyone who sends you a speciallt-crafted link to delete files off your hard drive.

   One last thing. This only applies to Windows 95, 98, and Me users. We need to remove a feature called RPCSS or Remote Procedure Call. This program is a real problem on Win9x systems. WINDOWS NT, 2000, AND XP USERS MUST SKIP THIS STEP! This Windows feature is responsible for allowing those annoying pop-up spams, but also does a lot of other things. Plus, it also tends to cause instability and is a major security risk by allowing outsiders access to services on your system. Although a firewall technically makes this step unnecessary, removing this feature will provide a great deal of protection should your firewall be shutdown for whatever reason. All you need to do is use Windows Explorer to find it. It is located in your \WINDOWS\SYSTEM folder and is called RPCSS.EXE. Just rename this file or move it to another folder, like your documents folder, and that's it. It never needed for anything on most Win9x systems. If, by chance, it is, you can simply move it or rename it back and reboot. Some older versions of PGP require RPCSS, but not much else.
   If you are a Windows 2000 or XP user, you can at least prevent yourself from receiving windows messenger spam (which is related to the above step which you skipped, and is one of the reasons for doing it.) For XP, simply click Start, then Control Panel/Performance and Maintenance/Administrative Tools, and then, finally, Services. Find the item called "Windoes Messenger" or simply "Messenger". Right click it and select Properties. Click the STOP button on the menu that appears, then in the "Startup Type" box, select "Disabled". Then Click Apply then Ok to get out of the menu. For Windows 2000, click the "Programs" menu instead of "Control Panel" and follow the steps for XP.

How these changes will affect your computer:

   Normally, nothing at all will change. The author, a number of beta testers, and many other security-conscious individuals take all these steps on their personal computers. The only noticeable changes will be the following.
   If, for whatever reason you decide you want to network your computer with others in your home or office, you can reinstall the features you disabled. You normally would follow whatever instructions received with whatever product you bought. First, if you're installing something like a new modem or network interface card, this will usually re-install these features anyway. (In fact, these can be a problem: if you ever install a new network card, modem, or reinstall networking, you will have to repeat this step if you want to disable these features again!) If you are not installing a new adapter, but want to re-enable the Microsoft Networking features, you can go back to your Network menu and click the Add button. You should normally be able to reinstall Microsoft Client, IPX/SPX, and anything else you may have removed right from your hard disk. If all else fails, find your Windows CD and run it, and select the option for Install Microsoft Networking (or whatever it's called, depending on your version of Windows.)

Click here to go back to Step 5.                                              Click here to go on to Step 7.
In case you get lost, this page is located at http://www.oocities.org/yosponge/cleanup.html