Leaderboard

New build of Serpent/UXP for XP! Test binary: Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20230107-3219d2d-uxp-7ecc55be2-xpmod.7z Win64 https://o.rthost.win/basilisk/basilisk52-g4.8.win64-git-20230107-3219d2d-uxp-7ecc55be2-xpmod.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/custom IA32 Win32 https://o.rthost.win/basilisk/basilisk52-g4.8.win32-git-20230107-3219d2d-uxp-7ecc55be2-xpmod-ia32.7z source code that is comparable to my current working tree is available here: https://github.com/roytam1/UXP/commits/ia32 NM28XP build: Win32 https://o.rthost.win/palemoon/palemoon-28.10.6a1.win32-git-20230107-d849524bd-uxp-7ecc55be2-xpmod.7z Win32 IA32 https://o.rthost.win/palemoon/palemoon-28.10.6a1.win32-git-20230107-d849524bd-uxp-7ecc55be2-xpmod-ia32.7z Win32 SSE https://o.rthost.win/palemoon/palemoon-28.10.6a1.win32-git-20230107-d849524bd-uxp-7ecc55be2-xpmod-sse.7z Win64 https://o.rthost.win/palemoon/palemoon-28.10.6a1.win64-git-20230107-d849524bd-uxp-7ecc55be2-xpmod.7z Official UXP changes picked since my last build: - Issue #2075 - Part 1: Rename offset-* logical properties to inset-* (0c37c0db8) - Issue #2075 - Part 2: Update devtools for inset-* (07af4123d) - Issue #2075 - Part 3: Regenerate devtools CSS database (48087df57) - Issue #2075 - Part 4: Update tests (1b22ef40f) - Issue #2075 - Part 5: Allow logical aliases in the property database. (e38f362d4) - Issue #1382 - RegExpShared::groupsTemplate_ cannot be a GCPtr since RegExpShared is managed by C++ (86782b8f3) - Issue #2079 - Fix linking libxul on *nix when using a linker other than bfd. (5b438179a) No official Pale-Moon changes picked since my last build. No official Basilisk changes picked since my last build. Update Notice: - You may delete file named icudt58l.dat inside program folder when updating from old releases. * Notice: From now on, UXP rev will point to `custom` branch of my UXP repo instead of MCP UXP repo, while "official UXP changes" shows only `tracking` branch changes.

Do good and feel well - feel good and do well. Hmmm that feels right to me today and I am left-handed thus I'm in my right mind

Thus far, the new updated DCBrowser works like a charm and much thanks to @mina7601 for the command swithces for invalid certs I find this browser to suit my needs very well and I don't use the loader just "as is" and the reg keys don't concern / bother me.

Thank you, guys. I thought it was more of a ramble, but glad it resonated with you all. Things seem good here and I pick up good vibes today, so all seems well with our spirit today - good job as it takes work to keep up afloat ... I shall carry it with me today and check in later. No plans today but to stay dressed and not let triggers drag me down; alll of us carry the energy and roll off any negativity and enjoy thisi lovely day. Do good (hehe) and be grateful and mindful of this pace and the bubble of peace.

Yep... I totally agree with this one.

New build of post-deprecated Serpent/moebius for XP! * Notice: This repo will not be built on regular schedule, and changes are experimental as usual. ** Current moebius patch level should be on par with 52.9, but some security patches can not be applied/ported due to source milestone differences between versions. Test binary: Win32 http://o.rthost.win/basilisk/basilisk55-win32-git-20230107-2737c3da2-xpmod.7z Win64 http://o.rthost.win/basilisk/basilisk55-win64-git-20230107-2737c3da2-xpmod.7z repo: https://github.com/roytam1/basilisk55 Repo changes: - import from UXP: Issue #2075 - Part 1: Rename offset-* logical properties to inset-* (0c37c0db) (368d0fe73) - import from UXP: Issue #2075 - Part 2: Update devtools for inset-* (07af4123) (e07b05845) - import from UXP: Issue #2075 - Part 3: Regenerate devtools CSS database (48087df5) (6512c5914) - import from UXP: Issue #2075 - Part 4: Update tests (1b22ef40) (d79d861f3) - import from UXP: Issue #2075 - Part 5: Allow logical aliases in the property database. (e38f362d) (a24e1f4ac) - import from UXP: Issue #1382 - RegExpShared::groupsTemplate_ cannot be a GCPtr since RegExpShared is managed by C++ (86782b8f) (4b95c90fb) - ported from UXP: Issue #2079 - Fix linking libxul on *nix when using a linker other than bfd. (5b438179) (2737c3da2)

This will sound very weird, but can you try the one tagged for XP x64 bits? I renamed that same function in that release to be able to make it open on XP x64 bits (if it doesn't do the trick maybe there needs to be more function renaming). Check the last line of my "changelog" of the browser: https://ia802303.us.archive.org/28/items/360EE_Modified_Version/MiniBrowser_1.0.0.121_XPx64_Modified_Notes.txt Cheers.

@XPerceniol You know, it was really refreshing to me, discovering anti-natalist community on Reddit. Though I never engaged with them (not yet), being the reserved fella that I am...but it's like all brothers and sisters are there. Besides that it always seemed messed up playing God, that was lurking at the back of my mind for a long time, and the news you hear...I don't really feel good hearing somebody else has it worse than me, don't feel like YEAH, I HAVE IT BETTER THAN THAT PERSON... There was another influencing factor which touched me a lot personally...the fact they're chopping parts of babies'/children's genitals off and make million excuses for it. I'm not in position to be a parent either, but suppose working with children was my thing, had loads of money and a partner, adopting a child without a home would be a decent thing to do.

Thank being said ... when you get the opportunity to (even if tiny spurts) grab them and run with it and take it because only YOU create your destiny. When you wallow in pity, you become pitiful and society will leave you on the streets. I have my DD Father to saving me.

Yeah, not just because I examine too hard, but, also, when one finds themselves at the mercy of others and services being supposedly offered to people struggling, that realization that we are a mere 'blip' in the air and not even a ripple in the waters unless the continuation (of) breading to where/which it ends with me. I am the only male left and I planned to make sure its ends with me. My father accepted me in the end and my mother is in full dementia now and I'm just existing and (sorry to be depressing) but I feel people with grandiosity with self absorbed delusions of self-worth are just that - deluded. Sorry guys, going to write in pieces to better explain so need to reply and I'm sitting here alone (just the way I prefer it) and I'm fine. Well not fine, but if you were to ask me for dinner of coffee right now, I'd have to take a "rain check" and I need it this way. I was not meant to be a parent and I'm SO VERY glad I didn't make the awful mistake to continue with what I consider to be damaged goods from my side. Ugh, again, nothing is wrong other than I'm thinking about what society tells me I'm supposed to be according to others. No thanks ... not for me.

New regular/weekly KM-Goanna release: https://o.rthost.win/kmeleon/KM76.4.7-Goanna-20230107.7z Changelog: Out-of-tree changes: * update Goanna3 to git 9af8eeaf15..61a988a8ac: - import changes from `dev' branch of rmottola/Arctic-Fox: - Bug 1212279 - Fix uninitialized boolean in Fprinter. r=h4writer (105d3c6507) - Bug 1223007 - Fix eval redeclaration check for Debugger.Frame.eval. (r=efaust) (a3fddcc2b8) - cleanup, rearrange (88d8fc8ced) - Bug 1211956: Check result of EmptyShape::getInitialShape; r=h4writer (41aee681c0) - Bug 1193102 - Deal with OOM in NewObjectCache::invalidateEntriesForShape. r=bhackett (4c2b2a3bb9) - Bug 1208747 - Fix self-comparison compiler warnings. r=Yoric over IRC (d64cc9500c) - Bug 1208747 - Fix include files for the stopwatch. r=jandem (a146b10267) - Bug 1207843 - Part 1/3 - Clean up ma_b(void* target). r=h4writer (238615768e) - Bug 1207843 - Part 2/3 - Clean up MacroAssemblerARM spacing. r=h4writer (a316b5bdac) - Bug 1207843 - Part 3/3 - Clean up ARM Imm8::EncodeImm(). r=h4writer (c24cda23ef) - Bug 939157 - RotateLeft with shift of zero gives undefined behavior. r=Waldo (36e1324c16) - Bug 1224041 - Use stable hashing for CloneMemory r=terrence (9c2f5db9e3) - Bug 1177122 - handle OOM in JSStructuredCloneWriter destructor. r=evilpie (d4fd3d8fd9) - Bug 1225298 - Use GC policy mechanism for sweeping hashtable-based collections. r=terrence (5369de6951) - Bug 1200642 - Add OOM simulation to Vector r=Waldo (325c17a5c4) - Bug 1221680 - Avoid hard errors when testing convertibility using the IsConvertible type trait. r=froydnj (c4220f1a1c) - Bug 1108017: Loosen third-party restrictions for tracking protection checks (r=sworkman) (2997474d59) - Bug 1205138 - Cleanup tracking protection warnings and logs. r=gcp (fb61d17b01) - Bug 1197000 - Better debugging output for Safe Browsing list updates. r=gcp (727005eb8f) - Bug 1208285 - Improve TP debug logging. r=gcp (72d7561c76) - Bug 1214122 - Check if addon ProtocolHandler actually provide nsHttpChannel. r=sicking r=mayhemer (07bf8afb12) - Bug 1214786 - Channelwrapper: Fix up maybeWrapChannel to wrap if not gecko internal channel (r=mayhemer,sicking) (8adb832a11) - Bug 1158404 - part 1 - DataChannelShutdown should instead observe xpcom-will-shutdown. r=jesup (ad4be087ea) - Bug 1158404 - Part 2 - Don't hold alive DataChannelShutdown with a global. r=jesup (4b9a0e9b5c) - bug 1219466 - convert netwerk to LazyLogModule r=valentin.gosu (2a85aa4068) - Bug 1125947 - Fix clang warnings in netwerk/sctp/datachannel. r=jesup (247ab6dc09) (9938fac30a) - import changes from `dev' branch of rmottola/Arctic-Fox: - Bug 1212148 - Outline DialogValueHolder::Get() and create the variant directly. r=bz (1f3eb24a70) - Bug 1210591, part 1 - Use nsVariantCC in various places. r=smaug (960ec7f9d3) - Bug 1210591, part 2 - Cycle collect DataTransfer::mItems. r=smaug (3bc922fd42) - Bug 931283, part 1 - Rename nsVariant to nsVariantBase. r=froydnj (1ba409004e) - Bug 931283, part 2 - Split out nsVariant into a subclass. r=froydnj (6fc4012db0) - Bug 931283, part 3 - Implement a cycle collected version of nsVariant. r=froydnj (9dd0e97d28) - Bug 1208815 - Use the legacy opt-out in GetMozSourceNode to avoid crashes. r=bholley (b8aaa945fd) - Bug 1217614 - Remove nsIDOMDataTransfer::mozGetDataAt and refactor associated code. r=bz (6a5a403776) - Bug 1197002 - Use channel->Open2() in editor/libeditor/nsHTMLDataTransfer.cpp (r=sicking) (4995576e25) - Bug 1169268 - Don't crash when pasting files. r=ndeakin (b52b5e9971) - Bug 1156062 part 1b - Convert some callers of nsEditor::SplitNodeDeep; r=ehsan (c0ecbdf8ec) - Bug 1156062 part 1c - Convert remaining callers of nsEditor::SplitNodeDeep; r=ehsan (e9cb446bef) - Bug 1156062 part 1d - Clean up nsEditor::SplitNodeDeep; r=ehsan (d8513a605c) - Bug 1156062 part 2 - Make GetBlockNodeParent and GetEnclosingTable return regular pointers; r=ehsan (8e80c4c53c) - Bug 1156062 part 3 - New helper nsHTMLEditor::GetBlock; r=ehsan (9466c926f3) - Bug 1145395 - Call nsINode::Length directly in nsHTMLEditor::CreateDOMFragmentFromPaste; r=ehsan (5b9d9b208c) - Bug 1152229 Define FnLock as a KeyboardEvent.code value r=smaug (0f0ba16ba2) - Bug 1192774 - Rename nsOuterWindowProxy::GetWindow to GetOuterWindow and add an assertion; r=khuey (5bbad7f98a) - Bug 920734 - Part 1: Implement window.orientation and window.onorientationchange. r=baku (3f350de924) - Bug 920734 - Part 2: Update tests to avoid using orientation as variable name. r=seth (a5c98bcc6f) - Bug 1216072 - Pass aCallerIsChrome in more places. r=bz Bug 1215398 - Hoist the IsCallerChrome call in CanMoveResizeWindows to the script-only entry points. r=bz (3ff7d3d1a2) - Bug 1107443. Make WindowProxy throw if you attempt to explicitly define a non-configurable property. r=peterv (d4659731fe) - Bug 1196317 - Optimize CallbackObject::mCreationStack out from cycle collection graph when possible, r=mccr8 (6221298ec7) - Bug 1184058 - AudioChannelAgent should be muted when used without a proper window object. r=alwu (3bc66c7727) - Bug 1196361 - Remove the media.useAudioChannelService pref; r=baku (ba976d4402) - Bug 1190040 - Part 2: Teach the audio channel service how to not notify audio-playback, and do that when a media element has no audio track; r=padenot (b163cbd6e2) - Bug 1180940 - Changed return type of AudioDestinationNode::CreateAudioChannelAgent method to return errors, if any methods that it calls fail. Added code to handle the return value in AudioContext::Init(), and its callers. r=baku (03671277dc) - Bug 1183304 - Unregister the actor when unlinked by CC. r=ehsan (ad0a3a7050) - Bug 1191814 - WebSpeech synthesis API and AudioChannelService, r=eeejay (2140326485) - Bug 1043165 - Part 1: Add TelephonyCall.disconnectedReason (webidl). r=hsinyi (a08a2e3b19) - Bug 1043165 - Part 2: Add TelephonyCall.disconnectedReason (dom). r=hsinyi (1403f942fd) - Bug 1043165 - Part 3: Add TelephonyCall.disconnectedReason (ril). r=hsinyi (cdb3991ed0) - Bug 1043165 - Part 4: Update test cases. r=hsinyi (aa3f784b07) - Bug 1131047 - Part 1: Obsolete some events (WebIDL). r=hsinyi (64e098a773) - Bug 1131047 - Part 2: Obsolete some events (DOM). r=aknow (75caf5fa03) - Bug 1161403 - Part 1: Deprecate internal states. r=aknow (dfd955bf8b) - Bug 1161403 - Part 2: A new testcase. r=aknow (4798f3ec44) - Bug 1129882 - create agent in telephony object. r=baku, r=hsinyi (1d7e7e44a4) - Bug 1129882 - add mozInterrupt in telephony object. r=baku (f52465229b) - Bug 1211511 - AudioChannelAgent::NotifyStartedPlaying and NotifyStoppedPlaying should use the same level of playback notification, r=roc (a73b0fda70) - Bug 1187204 - AudioChannelService must exist before calling IsAudioChannelMutedByDefault(), r=alwu (665d082d4f) - Bug 1089526 - Correct function name. r=baku (0706ced01f) - Bug 1183925 - Part 1: Clean up the SpeakerManagerService shutdown; r=baku (7aefa655d5) - Bug 1223734 - AudioChannelService should not be re-initialized after the XPCOM shutdown, r=smaug (1e35895d8d) - Bug 1223734 - Add crashtest. r=baku (cfb753dcf2) - Bug 1151992 - Use call state to decide the usages of output device. r=baku (37ea21895f) - Bug 1215684 - Shut down AudioChannelService in the child process. r=mccr8 (389b137630) - Bug 1183033 - Don't mute the system channel type. r=baku (da88f69119) - Bug 1218396 - By default window-less AudioChannelAgents should be muted, r=alwu (3a74b6e8e0) - Bug 1222902 - Create log system for the AudioChannel. r=baku. (4734efd27b) - var-let (9849b3f3a9) - Bug 1138354 - Add proxy authencation info for 'mozbrowserusernameandpasswordrequired' event. r=mayhemer (e1717f0113) - Bug 1195801 - part 2: Tests for getStructuredData. r=kanru (221d9b4fa8) - Bug 1169633 - [Browser API] getWebManifest(). r=kanru, r=bholley (904c043d16) - Bug 1206581 - Implement notifyChannel() on AudioChannel API. r=kanru, r=baku. (42554161e7) - Bug 1196654 - navigator.mozBrowserElementProxy for access Browser API methods from the embedded, r=kanru, sr=sicking (878b701d4b) - Bug 1214133 - Preload ExtensionContent.jsm to get rid of the overhead. r=fabrice (50f6584735) - Bug 1212321 - Stop painting on app launch. r=fabrice (a4cadc9577) - Bug 1203068 - Add system type into kMozAudioChannelAttributeTable. r=baku (c908fef580) - Bug 1208353 - Fix -Wshadow warnings in dom/audiochannel. r=padenot (85193d75a2) - Bug 1184970 - Remove unused struct in AudioChannelService, r=ehsan (f0511a942b) - Bug 1214491 - Rejigger entry points for nsGlobalWindow::Close. r=bz (6eccbffe1f) - Bug 1212360. Split up the MozStorageChanged event into separate events for sessionstorage and localstorage. r=khuey (ff0047fe22) - Bug 1162013. Process the Promise queue between adjacent setTimeout callback invocations when we're going through the callback list without returning to the event loop. r=smaug (f4966fa41e) - Bug 1214491 - Remove CanCallerAccess check for XPIDL version of nsGlobalWindow::AddEventListener. r=bz (5bb993e1ea) - Bug 1181176 - Pass along x and y position for context menus on Graphene. r=fabrice (652b528a92) - Bug 1211481 - Expose screenX and screenY to context menu events. r=fabrice (e9679e9d6c) - Bug 952456 - Part 2: Support copy image in BrowserElement. r=kchen (f91eb8ae95) - Bug 952456 - Part 3: Enable test_copyimage.html on gonk/cocoa r=fabrice (be0d20fd99) - Bug 1121463 - Support copy link on context menu. r=kanru (a981b7e05c) - Backout c7c68c4389d6 (bug 1125713) for gaia app startup regression r=me (ed1d13993f) - Bug 1178484 - Part 2: Regenerate gecko's in-tree parser. r=hsivone (42d5b50cf1) - Bug 1164123 - Add support for a theme-group meta to make theme-color"themable". r=fabrice (40757cf461) - Bug 1178484 - Part 4: Fire metachange event when a <meta> tag has Open Graph data. r=kanru (111cf1c43f) - Bug 1178484 - Part 5: Test for metachange event when Open Graph property is loaded. r=kanru (0b464de5de) - Bug 1156615 - (Browser API) ctrl/cmd/middle-click doesn't work if <a> element has children. r=kchen (673a7031f9) - Bug 1210265 - Add a pref toggle for copying/pasting only plain text on B2G. r=timdream (4fbbad858e) - Bug 1198522 - Add a flag to make sure customized menu is added. r=timdream, r=kanru (81e611997d) - Bug 1168658 - Enable tracking protection in b2g r=francois (fc04c160ae) - Bug 1189494 - Pass tracking information to BrowserElement's mozbrowsersecuritychange event. r=fabrice (bb24e94178) - Bug 1170644 - Fix forced reflow in BrowserElementChildPreload. r=bz (73078e79fa) - Bug 1178069 - Check devices capability before enable use of vp8 hardware acceleration using android.media.MediaCodecList and android.media.MediaCodecInfo r=jrmuizel (883351b87c) - Bug 1164036 - Add an xpcshell test for graphics blocklist versioning. r=kats (c846c5b142) - Bug 1183725 - Windows 10 not recognized in downloadable blocklist. r=bas (6a07f03ea3) - Bug 1191404 - Update the comments to avoid confusion about what happens with blocklisting when the OS is unknown. No code change. r=milan (40bec16ce6) - Bug 1215892 - Fix clang's -Wimplicit-fallthrough warnings in gfx. r=BenWa (83d160740c) - var/const crashreporter (c9e5ccbb70) - Bug 1225233 - Make MovableCellHasher a public interface, usable by embedders; r=jonco (603b00a836) - Bug 1214508: SharedStubs - Part 1: Move the getprop stubs in to shared stub files, r=jandem (7cddae3b9e) - Bug 1214508: SharedStubs - Part 2: Adjust the getprop stubs to report which engine they use, r=jandem (03ae066cad) - Bug 1214508: SharedStubs - Part 3: Enable the getprop stubs in ionmonkey, r=jandem (e002db87c2) - Bug 1214508: SharedStubs - Part 4: Make sure the frame pushed are set correctly for ion vmcalls, r=jandem (6238ed03c4) - Bug 1214508: SharedStubs - Part 5: Fix ion vmcalls in shared stub, r=jandem (5a914ccfe6) - Bug 1214508: SharedStubs - Part 6: Move the monitor stubs in to shared stub files, r=jandem (6f03cfaa1f) - Bug 1214508: SharedStubs - Part 7: Adjust the getprop stubs to report which engine they use, r=jandem (e3849fde89) - Bug 1214508: SharedStubs - Part 8: Dont sync for the decompiler in ion, r=jandem (7fe1a01bca) - Bug 1214508: SharedStubs - Fix bustage in arm64, r=bustage on CLOSED TREE (0b60ba5974) - Bug 1214508: SharedStubs - fix bustage, r=bustage (968a63544d) - Bug 1212624 - Make WeakMapBase be a LinkedListElement, r=Waldo (744bb6eb8d) - Bug 1223519 - Remove unused rekeying logic from WeakMap; r=sfink (3a4fe3b5df) - Bug 1219288 - Ensure module environment object is not extensible and contains only non-configurable properties r=shu (0b9ac212b9) (136569692c) - import changes from `dev' branch of rmottola/Arctic-Fox: - Bug 1225237 - Use stable hashing for DOMExpandoSet; r=jonco (4254b32429) - Bug 1219288 - Store target shapes in module environment object rather than names r=shu (5cb08ce170) - Bug 1219288 - Add GETIMPORT instruction for accessing module imports that are not namespace imports r=shu (487ccb37d4) - Bug 1219288 - Optimize GETIMPORT instructions in baseline r=shu (938079be7f) - Bug 1219288 - Optimize GETIMPORT instructions in Ion r=shu (cfa7b927a4) - Bug 1224404 - Use stable hashing for WeakMapPtr; r=jonco (59df9ae61c) - Bug 1223639. Use ForceInside to constrain the displayport rect to the scrollable rect instead of intersect. r=botond (12a978a2fd) - Bug 1223639. Rename ForceInside to MoveInsideAndClamp so it's clearer what it does. r=botond (562f0a8f53) - Bug 1212136 - Remove noisy warning that we don't have time to investigate properly. r=tnikkel (4d752f8b1a) - Bug 1215356. When setting a display port, schedule paint on that frame, not the root frame of the document. r=mattwoodrow (bad289fbb7) - Bug 1213711 - Initialize Preserves3DContext::mAccumulatedRectLevels. r=thinker. (99dbae372a) - Bug 1175492 followup: remove extra dashes left over from removing -moz- prefixes. r=longsonr (060368e850) - Bug 1207143 - Improve GetBounds() to avoid recomputing every time. r=roc (995b9e9d4f) - Bug 1216386 - Improve AnimatedGeometryRootLookup::Hash. r=roc. (7c84489583) - Bug 1201327 - Rename mDestRect to mImageLayerDestRect. r=mattwoodrow (fa32340de9) - Bug 1201327 - Let DLBI detect background-position changes. r=mattwoodrow (de59480f0d) - Bug 1201327 - Don't repaint the whole frame subtree when background-position changes. r=dbaron (26a085e548) - Fix wheel events not working on scrollbars of inactive subframes. (bug 1216488, r=tn) (650d70eaf5) - Bug 1206468 - Remove unused internal appearance value -moz-mac-unified-toolbar. r=mstange (0c56b0fd65) - Bug 1214212 - Remove clips from separator transform items. r=roc (6f06f60ec9) - Bug 947062 - Refactor nsDisplayBackgroundImage::GetLayerState. r=mattwoodrow (23d5496afc) - Bug 1220020. When we turn something into an animated geometry root, clear the cache of animated geometry roots so it's not stale. r=tnikkel (90470c67ae) - Bug 1156238. Always stop at the root reference frame when looking for an animated geometry root. r=roc,mattwoodrow (b7a41ac2fb) - Bug 1156238. Fix the computation of animated geometry roots for transform items. r=mattwoodrow (523f062309) - Bug 1156238. Skip setting async scroll clips if we aren't painting to the window because they are useless then. r=mstange (1d98f27c40) - Bug 1205087 - Cache the AnimatedGeometryRoot on DisplayItem. r=roc (4f3f5b7e5e) - Bug 1224209. The animated geometry root of a fixed pos and transformed frame needs to be that frame itself so FrameLayerBuilder can determine it is fixed pos. r=mattwoodrow (974a3ab1e0) - Bug 1141884 - Handle wheel events on the main thread if the frame has snapping. r=dvander,mstange (3347cdd831) - Bug 1176775 part 1 - [css-grid] Implement "Implied Minimum Size of Grid Items" (special min-width/height:auto behavior). r=dholbert (c28098d660) - Bug 1176775 part 2 - [css-grid] Testcases for 'auto' min-sizing and intrinsic 'min-width|height'. (ec70253cc9) - Bug 1215974. In GetNearestScrollableFrame don't skip the root scroll frame if we are asked to always match the root scroll frame even if it doesn't WantAsyncScroll(). r=botond (97094eb3b1) - Bug 1215977. Only match the root scroll frame in GetNearestScrollableFrame if we encounter it. r=botond (69569c757c) - Bug 1215977. Add a flag for GetNearestScrollable that makes fixed pos frames return the root scroll frame of their document. And make APZCCallbackHelper use it to restore previous behaviour. r=botond (c15650e2ba) - Bug 1190936 - Attempt some graceful handling for an unexpected situation that otherwise crashes the browser. r=botond (61e5fc4b2c) - Bug 1208780. Set a zero-margin displayport on all scrollable ancestors of frames with displayports if they don't already have a displayport. r=botond (1cb395354a) - Bug 1221870. Make fixed pos items always find the root scroll frame when looking for the nearest scrollable. r=botond (739da0c2af) - Bug 1122918 - Part 3 - Use the resolved physical values of 'float' and 'clear' properties during layout. r=heycam (46e77f1e0a) - Bug 1223479 - Fix displayport size calculation on fennec. r=kats (bd54d7a6c9) - Bug 1210560 - Part 3: Convert more complex SVG usecases to PushGroupForBlendBack. r=jwatt r=jrmuizel (1a72ef23ba) - Bug 1210560 - Part 4: Remove code to support non operator-over in nsRenderDocument and move to CanvasRenderingContext2D::DrawWindow. r=roc (a475f22cd2) - Bug 1210560 - Part 5: Convert BasicLayers usecases to PushGroupForBlendBack and temporary surfaces. r=jrmuizel (5706386aa9) - Bug 1210560 - Part 6: Convert code to support non-operator OVER in nsCSSRendering to moz2d. r=roc (ba280199c0) - Bug 1210560 - Part 7: Convert GTK widget code to use Moz2D instead of PushGroup/PopGroup. r=jwatt (d06408ec0a) - Bug 1210560 - Part 8: Remove unused PushGroup/PopGroup/PopGroupToSource functions. r=jrmuizel (a39ad555c4) - Bug 1210560 - Followup: Fix function definition prototype. r=bustage on a CLOSED TREE (daa75a342b) - Bug 1210560 - Followup 2: Fix UniquePtr usage issue. r=bustage on a CLOSED TREE (68ee7667fe) - Bug 1210560 - Followup 3: Fix an assertion that can occur on mochitest bc4. r=jrmuizel on a CLOSED TREE (6b68389154) (61a988a8ac) * Notice: the changelog above may not always applicable to XULRunner code which K-Meleon uses. A goanna3 source tree that has kmeleon adaption patch applied is available here: https://github.com/roytam1/palemoon27/tree/kmeleon76

New NewMoon 27 Build! 32bit https://o.rthost.win/palemoon/palemoon-27.10.0.win32-git-20230107-61a988a8ac-xpmod.7z 32bit SSE https://o.rthost.win/palemoon/palemoon-27.10.0.win32-git-20230107-61a988a8ac-xpmod-sse.7z 32bit noSSE https://o.rthost.win/palemoon/palemoon-27.10.0.win32-git-20230107-61a988a8ac-xpmod-ia32.7z 64bit https://o.rthost.win/palemoon/palemoon-27.10.0.win64-git-20230107-61a988a8ac-xpmod.7z source repo: https://github.com/roytam1/palemoon27 repo changes since my last build: - import changes from `dev' branch of rmottola/Arctic-Fox: - Bug 1212279 - Fix uninitialized boolean in Fprinter. r=h4writer (105d3c6507) - Bug 1223007 - Fix eval redeclaration check for Debugger.Frame.eval. (r=efaust) (a3fddcc2b8) - cleanup, rearrange (88d8fc8ced) - Bug 1211956: Check result of EmptyShape::getInitialShape; r=h4writer (41aee681c0) - Bug 1193102 - Deal with OOM in NewObjectCache::invalidateEntriesForShape. r=bhackett (4c2b2a3bb9) - Bug 1208747 - Fix self-comparison compiler warnings. r=Yoric over IRC (d64cc9500c) - Bug 1208747 - Fix include files for the stopwatch. r=jandem (a146b10267) - Bug 1207843 - Part 1/3 - Clean up ma_b(void* target). r=h4writer (238615768e) - Bug 1207843 - Part 2/3 - Clean up MacroAssemblerARM spacing. r=h4writer (a316b5bdac) - Bug 1207843 - Part 3/3 - Clean up ARM Imm8::EncodeImm(). r=h4writer (c24cda23ef) - Bug 939157 - RotateLeft with shift of zero gives undefined behavior. r=Waldo (36e1324c16) - Bug 1224041 - Use stable hashing for CloneMemory r=terrence (9c2f5db9e3) - Bug 1177122 - handle OOM in JSStructuredCloneWriter destructor. r=evilpie (d4fd3d8fd9) - Bug 1225298 - Use GC policy mechanism for sweeping hashtable-based collections. r=terrence (5369de6951) - Bug 1200642 - Add OOM simulation to Vector r=Waldo (325c17a5c4) - Bug 1221680 - Avoid hard errors when testing convertibility using the IsConvertible type trait. r=froydnj (c4220f1a1c) - Bug 1108017: Loosen third-party restrictions for tracking protection checks (r=sworkman) (2997474d59) - Bug 1205138 - Cleanup tracking protection warnings and logs. r=gcp (fb61d17b01) - Bug 1197000 - Better debugging output for Safe Browsing list updates. r=gcp (727005eb8f) - Bug 1208285 - Improve TP debug logging. r=gcp (72d7561c76) - Bug 1214122 - Check if addon ProtocolHandler actually provide nsHttpChannel. r=sicking r=mayhemer (07bf8afb12) - Bug 1214786 - Channelwrapper: Fix up maybeWrapChannel to wrap if not gecko internal channel (r=mayhemer,sicking) (8adb832a11) - Bug 1158404 - part 1 - DataChannelShutdown should instead observe xpcom-will-shutdown. r=jesup (ad4be087ea) - Bug 1158404 - Part 2 - Don't hold alive DataChannelShutdown with a global. r=jesup (4b9a0e9b5c) - bug 1219466 - convert netwerk to LazyLogModule r=valentin.gosu (2a85aa4068) - Bug 1125947 - Fix clang warnings in netwerk/sctp/datachannel. r=jesup (247ab6dc09) (9938fac30a) - import changes from `dev' branch of rmottola/Arctic-Fox: - Bug 1212148 - Outline DialogValueHolder::Get() and create the variant directly. r=bz (1f3eb24a70) - Bug 1210591, part 1 - Use nsVariantCC in various places. r=smaug (960ec7f9d3) - Bug 1210591, part 2 - Cycle collect DataTransfer::mItems. r=smaug (3bc922fd42) - Bug 931283, part 1 - Rename nsVariant to nsVariantBase. r=froydnj (1ba409004e) - Bug 931283, part 2 - Split out nsVariant into a subclass. r=froydnj (6fc4012db0) - Bug 931283, part 3 - Implement a cycle collected version of nsVariant. r=froydnj (9dd0e97d28) - Bug 1208815 - Use the legacy opt-out in GetMozSourceNode to avoid crashes. r=bholley (b8aaa945fd) - Bug 1217614 - Remove nsIDOMDataTransfer::mozGetDataAt and refactor associated code. r=bz (6a5a403776) - Bug 1197002 - Use channel->Open2() in editor/libeditor/nsHTMLDataTransfer.cpp (r=sicking) (4995576e25) - Bug 1169268 - Don't crash when pasting files. r=ndeakin (b52b5e9971) - Bug 1156062 part 1b - Convert some callers of nsEditor::SplitNodeDeep; r=ehsan (c0ecbdf8ec) - Bug 1156062 part 1c - Convert remaining callers of nsEditor::SplitNodeDeep; r=ehsan (e9cb446bef) - Bug 1156062 part 1d - Clean up nsEditor::SplitNodeDeep; r=ehsan (d8513a605c) - Bug 1156062 part 2 - Make GetBlockNodeParent and GetEnclosingTable return regular pointers; r=ehsan (8e80c4c53c) - Bug 1156062 part 3 - New helper nsHTMLEditor::GetBlock; r=ehsan (9466c926f3) - Bug 1145395 - Call nsINode::Length directly in nsHTMLEditor::CreateDOMFragmentFromPaste; r=ehsan (5b9d9b208c) - Bug 1152229 Define FnLock as a KeyboardEvent.code value r=smaug (0f0ba16ba2) - Bug 1192774 - Rename nsOuterWindowProxy::GetWindow to GetOuterWindow and add an assertion; r=khuey (5bbad7f98a) - Bug 920734 - Part 1: Implement window.orientation and window.onorientationchange. r=baku (3f350de924) - Bug 920734 - Part 2: Update tests to avoid using orientation as variable name. r=seth (a5c98bcc6f) - Bug 1216072 - Pass aCallerIsChrome in more places. r=bz Bug 1215398 - Hoist the IsCallerChrome call in CanMoveResizeWindows to the script-only entry points. r=bz (3ff7d3d1a2) - Bug 1107443. Make WindowProxy throw if you attempt to explicitly define a non-configurable property. r=peterv (d4659731fe) - Bug 1196317 - Optimize CallbackObject::mCreationStack out from cycle collection graph when possible, r=mccr8 (6221298ec7) - Bug 1184058 - AudioChannelAgent should be muted when used without a proper window object. r=alwu (3bc66c7727) - Bug 1196361 - Remove the media.useAudioChannelService pref; r=baku (ba976d4402) - Bug 1190040 - Part 2: Teach the audio channel service how to not notify audio-playback, and do that when a media element has no audio track; r=padenot (b163cbd6e2) - Bug 1180940 - Changed return type of AudioDestinationNode::CreateAudioChannelAgent method to return errors, if any methods that it calls fail. Added code to handle the return value in AudioContext::Init(), and its callers. r=baku (03671277dc) - Bug 1183304 - Unregister the actor when unlinked by CC. r=ehsan (ad0a3a7050) - Bug 1191814 - WebSpeech synthesis API and AudioChannelService, r=eeejay (2140326485) - Bug 1043165 - Part 1: Add TelephonyCall.disconnectedReason (webidl). r=hsinyi (a08a2e3b19) - Bug 1043165 - Part 2: Add TelephonyCall.disconnectedReason (dom). r=hsinyi (1403f942fd) - Bug 1043165 - Part 3: Add TelephonyCall.disconnectedReason (ril). r=hsinyi (cdb3991ed0) - Bug 1043165 - Part 4: Update test cases. r=hsinyi (aa3f784b07) - Bug 1131047 - Part 1: Obsolete some events (WebIDL). r=hsinyi (64e098a773) - Bug 1131047 - Part 2: Obsolete some events (DOM). r=aknow (75caf5fa03) - Bug 1161403 - Part 1: Deprecate internal states. r=aknow (dfd955bf8b) - Bug 1161403 - Part 2: A new testcase. r=aknow (4798f3ec44) - Bug 1129882 - create agent in telephony object. r=baku, r=hsinyi (1d7e7e44a4) - Bug 1129882 - add mozInterrupt in telephony object. r=baku (f52465229b) - Bug 1211511 - AudioChannelAgent::NotifyStartedPlaying and NotifyStoppedPlaying should use the same level of playback notification, r=roc (a73b0fda70) - Bug 1187204 - AudioChannelService must exist before calling IsAudioChannelMutedByDefault(), r=alwu (665d082d4f) - Bug 1089526 - Correct function name. r=baku (0706ced01f) - Bug 1183925 - Part 1: Clean up the SpeakerManagerService shutdown; r=baku (7aefa655d5) - Bug 1223734 - AudioChannelService should not be re-initialized after the XPCOM shutdown, r=smaug (1e35895d8d) - Bug 1223734 - Add crashtest. r=baku (cfb753dcf2) - Bug 1151992 - Use call state to decide the usages of output device. r=baku (37ea21895f) - Bug 1215684 - Shut down AudioChannelService in the child process. r=mccr8 (389b137630) - Bug 1183033 - Don't mute the system channel type. r=baku (da88f69119) - Bug 1218396 - By default window-less AudioChannelAgents should be muted, r=alwu (3a74b6e8e0) - Bug 1222902 - Create log system for the AudioChannel. r=baku. (4734efd27b) - var-let (9849b3f3a9) - Bug 1138354 - Add proxy authencation info for 'mozbrowserusernameandpasswordrequired' event. r=mayhemer (e1717f0113) - Bug 1195801 - part 2: Tests for getStructuredData. r=kanru (221d9b4fa8) - Bug 1169633 - [Browser API] getWebManifest(). r=kanru, r=bholley (904c043d16) - Bug 1206581 - Implement notifyChannel() on AudioChannel API. r=kanru, r=baku. (42554161e7) - Bug 1196654 - navigator.mozBrowserElementProxy for access Browser API methods from the embedded, r=kanru, sr=sicking (878b701d4b) - Bug 1214133 - Preload ExtensionContent.jsm to get rid of the overhead. r=fabrice (50f6584735) - Bug 1212321 - Stop painting on app launch. r=fabrice (a4cadc9577) - Bug 1203068 - Add system type into kMozAudioChannelAttributeTable. r=baku (c908fef580) - Bug 1208353 - Fix -Wshadow warnings in dom/audiochannel. r=padenot (85193d75a2) - Bug 1184970 - Remove unused struct in AudioChannelService, r=ehsan (f0511a942b) - Bug 1214491 - Rejigger entry points for nsGlobalWindow::Close. r=bz (6eccbffe1f) - Bug 1212360. Split up the MozStorageChanged event into separate events for sessionstorage and localstorage. r=khuey (ff0047fe22) - Bug 1162013. Process the Promise queue between adjacent setTimeout callback invocations when we're going through the callback list without returning to the event loop. r=smaug (f4966fa41e) - Bug 1214491 - Remove CanCallerAccess check for XPIDL version of nsGlobalWindow::AddEventListener. r=bz (5bb993e1ea) - Bug 1181176 - Pass along x and y position for context menus on Graphene. r=fabrice (652b528a92) - Bug 1211481 - Expose screenX and screenY to context menu events. r=fabrice (e9679e9d6c) - Bug 952456 - Part 2: Support copy image in BrowserElement. r=kchen (f91eb8ae95) - Bug 952456 - Part 3: Enable test_copyimage.html on gonk/cocoa r=fabrice (be0d20fd99) - Bug 1121463 - Support copy link on context menu. r=kanru (a981b7e05c) - Backout c7c68c4389d6 (bug 1125713) for gaia app startup regression r=me (ed1d13993f) - Bug 1178484 - Part 2: Regenerate gecko's in-tree parser. r=hsivone (42d5b50cf1) - Bug 1164123 - Add support for a theme-group meta to make theme-color"themable". r=fabrice (40757cf461) - Bug 1178484 - Part 4: Fire metachange event when a <meta> tag has Open Graph data. r=kanru (111cf1c43f) - Bug 1178484 - Part 5: Test for metachange event when Open Graph property is loaded. r=kanru (0b464de5de) - Bug 1156615 - (Browser API) ctrl/cmd/middle-click doesn't work if <a> element has children. r=kchen (673a7031f9) - Bug 1210265 - Add a pref toggle for copying/pasting only plain text on B2G. r=timdream (4fbbad858e) - Bug 1198522 - Add a flag to make sure customized menu is added. r=timdream, r=kanru (81e611997d) - Bug 1168658 - Enable tracking protection in b2g r=francois (fc04c160ae) - Bug 1189494 - Pass tracking information to BrowserElement's mozbrowsersecuritychange event. r=fabrice (bb24e94178) - Bug 1170644 - Fix forced reflow in BrowserElementChildPreload. r=bz (73078e79fa) - Bug 1178069 - Check devices capability before enable use of vp8 hardware acceleration using android.media.MediaCodecList and android.media.MediaCodecInfo r=jrmuizel (883351b87c) - Bug 1164036 - Add an xpcshell test for graphics blocklist versioning. r=kats (c846c5b142) - Bug 1183725 - Windows 10 not recognized in downloadable blocklist. r=bas (6a07f03ea3) - Bug 1191404 - Update the comments to avoid confusion about what happens with blocklisting when the OS is unknown. No code change. r=milan (40bec16ce6) - Bug 1215892 - Fix clang's -Wimplicit-fallthrough warnings in gfx. r=BenWa (83d160740c) - var/const crashreporter (c9e5ccbb70) - Bug 1225233 - Make MovableCellHasher a public interface, usable by embedders; r=jonco (603b00a836) - Bug 1214508: SharedStubs - Part 1: Move the getprop stubs in to shared stub files, r=jandem (7cddae3b9e) - Bug 1214508: SharedStubs - Part 2: Adjust the getprop stubs to report which engine they use, r=jandem (03ae066cad) - Bug 1214508: SharedStubs - Part 3: Enable the getprop stubs in ionmonkey, r=jandem (e002db87c2) - Bug 1214508: SharedStubs - Part 4: Make sure the frame pushed are set correctly for ion vmcalls, r=jandem (6238ed03c4) - Bug 1214508: SharedStubs - Part 5: Fix ion vmcalls in shared stub, r=jandem (5a914ccfe6) - Bug 1214508: SharedStubs - Part 6: Move the monitor stubs in to shared stub files, r=jandem (6f03cfaa1f) - Bug 1214508: SharedStubs - Part 7: Adjust the getprop stubs to report which engine they use, r=jandem (e3849fde89) - Bug 1214508: SharedStubs - Part 8: Dont sync for the decompiler in ion, r=jandem (7fe1a01bca) - Bug 1214508: SharedStubs - Fix bustage in arm64, r=bustage on CLOSED TREE (0b60ba5974) - Bug 1214508: SharedStubs - fix bustage, r=bustage (968a63544d) - Bug 1212624 - Make WeakMapBase be a LinkedListElement, r=Waldo (744bb6eb8d) - Bug 1223519 - Remove unused rekeying logic from WeakMap; r=sfink (3a4fe3b5df) - Bug 1219288 - Ensure module environment object is not extensible and contains only non-configurable properties r=shu (0b9ac212b9) (136569692c) - import changes from `dev' branch of rmottola/Arctic-Fox: - Bug 1225237 - Use stable hashing for DOMExpandoSet; r=jonco (4254b32429) - Bug 1219288 - Store target shapes in module environment object rather than names r=shu (5cb08ce170) - Bug 1219288 - Add GETIMPORT instruction for accessing module imports that are not namespace imports r=shu (487ccb37d4) - Bug 1219288 - Optimize GETIMPORT instructions in baseline r=shu (938079be7f) - Bug 1219288 - Optimize GETIMPORT instructions in Ion r=shu (cfa7b927a4) - Bug 1224404 - Use stable hashing for WeakMapPtr; r=jonco (59df9ae61c) - Bug 1223639. Use ForceInside to constrain the displayport rect to the scrollable rect instead of intersect. r=botond (12a978a2fd) - Bug 1223639. Rename ForceInside to MoveInsideAndClamp so it's clearer what it does. r=botond (562f0a8f53) - Bug 1212136 - Remove noisy warning that we don't have time to investigate properly. r=tnikkel (4d752f8b1a) - Bug 1215356. When setting a display port, schedule paint on that frame, not the root frame of the document. r=mattwoodrow (bad289fbb7) - Bug 1213711 - Initialize Preserves3DContext::mAccumulatedRectLevels. r=thinker. (99dbae372a) - Bug 1175492 followup: remove extra dashes left over from removing -moz- prefixes. r=longsonr (060368e850) - Bug 1207143 - Improve GetBounds() to avoid recomputing every time. r=roc (995b9e9d4f) - Bug 1216386 - Improve AnimatedGeometryRootLookup::Hash. r=roc. (7c84489583) - Bug 1201327 - Rename mDestRect to mImageLayerDestRect. r=mattwoodrow (fa32340de9) - Bug 1201327 - Let DLBI detect background-position changes. r=mattwoodrow (de59480f0d) - Bug 1201327 - Don't repaint the whole frame subtree when background-position changes. r=dbaron (26a085e548) - Fix wheel events not working on scrollbars of inactive subframes. (bug 1216488, r=tn) (650d70eaf5) - Bug 1206468 - Remove unused internal appearance value -moz-mac-unified-toolbar. r=mstange (0c56b0fd65) - Bug 1214212 - Remove clips from separator transform items. r=roc (6f06f60ec9) - Bug 947062 - Refactor nsDisplayBackgroundImage::GetLayerState. r=mattwoodrow (23d5496afc) - Bug 1220020. When we turn something into an animated geometry root, clear the cache of animated geometry roots so it's not stale. r=tnikkel (90470c67ae) - Bug 1156238. Always stop at the root reference frame when looking for an animated geometry root. r=roc,mattwoodrow (b7a41ac2fb) - Bug 1156238. Fix the computation of animated geometry roots for transform items. r=mattwoodrow (523f062309) - Bug 1156238. Skip setting async scroll clips if we aren't painting to the window because they are useless then. r=mstange (1d98f27c40) - Bug 1205087 - Cache the AnimatedGeometryRoot on DisplayItem. r=roc (4f3f5b7e5e) - Bug 1224209. The animated geometry root of a fixed pos and transformed frame needs to be that frame itself so FrameLayerBuilder can determine it is fixed pos. r=mattwoodrow (974a3ab1e0) - Bug 1141884 - Handle wheel events on the main thread if the frame has snapping. r=dvander,mstange (3347cdd831) - Bug 1176775 part 1 - [css-grid] Implement "Implied Minimum Size of Grid Items" (special min-width/height:auto behavior). r=dholbert (c28098d660) - Bug 1176775 part 2 - [css-grid] Testcases for 'auto' min-sizing and intrinsic 'min-width|height'. (ec70253cc9) - Bug 1215974. In GetNearestScrollableFrame don't skip the root scroll frame if we are asked to always match the root scroll frame even if it doesn't WantAsyncScroll(). r=botond (97094eb3b1) - Bug 1215977. Only match the root scroll frame in GetNearestScrollableFrame if we encounter it. r=botond (69569c757c) - Bug 1215977. Add a flag for GetNearestScrollable that makes fixed pos frames return the root scroll frame of their document. And make APZCCallbackHelper use it to restore previous behaviour. r=botond (c15650e2ba) - Bug 1190936 - Attempt some graceful handling for an unexpected situation that otherwise crashes the browser. r=botond (61e5fc4b2c) - Bug 1208780. Set a zero-margin displayport on all scrollable ancestors of frames with displayports if they don't already have a displayport. r=botond (1cb395354a) - Bug 1221870. Make fixed pos items always find the root scroll frame when looking for the nearest scrollable. r=botond (739da0c2af) - Bug 1122918 - Part 3 - Use the resolved physical values of 'float' and 'clear' properties during layout. r=heycam (46e77f1e0a) - Bug 1223479 - Fix displayport size calculation on fennec. r=kats (bd54d7a6c9) - Bug 1210560 - Part 3: Convert more complex SVG usecases to PushGroupForBlendBack. r=jwatt r=jrmuizel (1a72ef23ba) - Bug 1210560 - Part 4: Remove code to support non operator-over in nsRenderDocument and move to CanvasRenderingContext2D::DrawWindow. r=roc (a475f22cd2) - Bug 1210560 - Part 5: Convert BasicLayers usecases to PushGroupForBlendBack and temporary surfaces. r=jrmuizel (5706386aa9) - Bug 1210560 - Part 6: Convert code to support non-operator OVER in nsCSSRendering to moz2d. r=roc (ba280199c0) - Bug 1210560 - Part 7: Convert GTK widget code to use Moz2D instead of PushGroup/PopGroup. r=jwatt (d06408ec0a) - Bug 1210560 - Part 8: Remove unused PushGroup/PopGroup/PopGroupToSource functions. r=jrmuizel (a39ad555c4) - Bug 1210560 - Followup: Fix function definition prototype. r=bustage on a CLOSED TREE (daa75a342b) - Bug 1210560 - Followup 2: Fix UniquePtr usage issue. r=bustage on a CLOSED TREE (68ee7667fe) - Bug 1210560 - Followup 3: Fix an assertion that can occur on mochitest bc4. r=jrmuizel on a CLOSED TREE (6b68389154) (61a988a8ac)

ProxHTTPSProxy and HTTPSProxy in Windows XP for future use 0. Table of Contents 0. Table of Contents 1. Introduction 2. Purpose of ProxHTTPSProxy and HTTPSProxy 3. Area of application 4. The TLS protocols and their cipher suites 5. Certificates - CA and Root Certificates 5.1. The CA certficate of ProxHTTPSProxy 5.2. The Root Certificates of Windows XP 6. The TLS 1.2 proxies ProxHTTPSProxy and HTTPSProxy 6.1. Prerequisites 6.1.1. Detailed information 6.2. Installation 6.3. Configuration 6.3.1. Configuration of ProxHTTPSProxy 6.3.2. Configuration of HTTPSProxy 6.3.3. Configuration of these proxies to access the MU website successfully nowadays 6.4. Usage 6.4.1. Usage of ProxHTTPSProxy 6.4.2. Usage of HTTPSProxy 6.5. Maintenance of ProxHTTPSProxy and HTTPSProxy for future use 7. The TLS 1.2 proxy ProxHTTPSProxy's PopMenu 3V1 7.1. Prerequisites 7.2. Purpose and components of ProxHTTPSProxy's PopMenu 3V1 7.3. Features of ProxHTTPSProxy's PopMenu 3V1 7.4. Changelog of ProxHTTPSProxy's PopMenu 3V1: 7.5. Installation and configuration of ProxHTTPSProxy's PopMenu 3V1 7.6. Tranferring all settings of an existing ProxHTTPSProxy's installation 7.7. Usage of ProxHTTPSProxy's PopMenu 3V1 8. The TLS 1.3 proxy ProxyMII 8.1. Prerequisites 8.2. General information about ProxyMII 8.3. Specific information about the different ProxyMII releases 8.3.1 ProxyMII (20220717) 8.3.2 ProxyMII (20230813) 8.4. How to set up and use the TLS 1.3 proxy ProxyMII 9. The TLS 1.3 proxy ProxHTTPSProxy's PopMenu TLS 1.3 9.1. Prerequisites 9.2. General information about ProxHTTPSProxy's PopMenu TLS 1.3 9.3. ProxHTTPSProxy's PopMenu TLS 1.3 3V3 9.3.1. Features of ProxHTTPSProxy's PopMenu TLS 1.3 3V3 9.3.2. Changelog of ProxHTTPSProxy's PopMenu TLS 1.3 3V3 9.3.3. Installation and start of ProxHTTPSProxy's PopMenu TLS 1.3 3V3 10. Versions 10.1. Versions of the TLS 1.2 proxies ProxHTTPSProxy, HTTPSProxy, and ProxHTTPSProxy's PopMenu 10.2. Versions of the TLS 1.3 proxies ProxyMII and ProxHTTPSProxy's PopMenu TLS 1.3 11. Downloads 11.1. Archived Downloads {obsolete}: 11.2. Latest Downloads 11.2.1. Downloads related to the TLS 1.2 proxies 11.2.1.1. Downloads related to ProxHTTPSProxy 11.2.1.2. Downloads related to HTTPSProxy 11.2.2. Downloads related to the TLS 1.3 proxies 11.2.3. Downloads related to cacert.pem Certificate Update 11.2.4. Downloads related to Root Certificate Updates 12. Update notifications 13. Conclusion 14. Disclaimer 1. Introduction: The idea of this thread is to provide information and recent findings I've made relating to the TSL proxies ProxHTTPSProxy and HTTPSProxy. Due to the fact that I don't use other older NT based Operation Systems (OSs) except Windows XP Professional all my observations and explanations are referring to both proxies in Windows XP only. So, please do not comment off-topic in this thread! I am AstroSkipper, a member of MSFN since 2010, and was involved in restoring of access to the Microsoft Update (MU) website in Windows XP (and some other OSs). This is the thread: https://msfn.org/board/topic/178377-on-decommissioning-of-update-servers-for-2000-xp-and-vista-as-of-july-2019/ While restoring MU in my own Windows XP Professional system, I had to solve a lot of problems and had among other things some significant findings relating to ProxHTTPSProxy and HTTPSProxy, too. The above mentioned thread is now over 140 pages long and unfortunately very bloated. In most cases visitors or members of MSFN don't want to read that much of pages for getting information they have looked for. A lot of comments are part of conversations which no longer can be retraced or understood easily by people who weren't participated. Therefore, I wanted to make my own findings accessible to all interested people in a clear, short way. That's why I decided to make my own thread to provide some facts, tips and especially news referring to these proxies. It is an unfortunate circumstance that the creators of ProxHTTPSProxy and HTTPSProxy, @heinoganda and @Thomas S., haven't been here for a long time and no further development of these proxies has been made the last years. Of course, we thank both creators explicitly for these outstanding proxies, we are very glad to have them, but they have to be used as they are. For this reason, we have to ask ourselves whether they'll continue doing their job in the future or not. But maybe some of you don't really know what actually their job is. 2. Purpose of ProxHTTPSProxy and HTTPSProxy: Originally, ProxHTTPSProxy was created for Proxomitron as an SSL Helper Program. Proximotron is a local HTTP web-filtering proxy. Here are two links about Proxomitron: http://www.buerschgens.de/Prox/index.html (German website, use Google Translator if necessary) and https://msfn.org/board/topic/183295-web-browser-proxomitron-reborn-ptrongui-a-how-to-guide/. This is a quotation from a post of the developer called "whenever" who had made ProxHTTPSProxy originally: Source link: https://prxbx.com/forums/showthread.php?tid=1618. Here is an image to show how ProxHTTPSProxy works: ProxHTTPSProxy and HTTPSProxy were created by our members mentioned above to provide modern nag-free HTTPS connections for an HTTP proxy. The main purpose in Windows XP is in adding modern ciphers to HTTPS connections of the Internet Explorer (IE) to improve either its missing TLS 1.2 functionality or its rudimentary TLS 1.2 functionality last added by Microsoft after installing some relevant POSReady updates (KB4230450, KB4316682 and KB4019276). Here is a link with further information how TLS 1.1 and TLS 1.2 can be enabled in Windows XP: https://msfn.org/board/topic/178092-enable-tls-11-and-12-in-windows-xp-correctly/?do=findComment&comment=1158544. The original ciphers of IE are outdated and therefore a lot of websites can't be accessed or they don't work properly due to SSL issues. More information about these proxies you can find in the original thread: https://msfn.org/board/topic/176344-problems-accessing-certain-sites-https-aka-tls/. 3. Area of application: As already said, the main purpose of these proxies is in adding modern ciphers to HTTPS connections of IE to improve either its missing TLS 1.2 functionality or its rudimentary TLS 1.2 functionality last added by Microsoft after installing some relevant POSReady updates. Therefore, ProxHTTPSProxy or HTTPSProxy is often used in combination with IE to access websites which couldn't be called up by IE without it. Some programs use Internet Explorer's browser engine called Trident to get data from Internet, to search something or to check for updates. For example my favourite movie database program All My Movies™ checks for updates using IE engine. Without one of these proxies it will fail. Some e-mail clients like eM Client or Eudora are using IE engine too. Some browsers like 360 Extreme Explorer are able to use IE engine for surfing. Another new purpose is to access Microsoft Update to look for updates. As I mentioned above I was involved in restoring of access to the Microsoft Update (MU) website in Windows XP (and some other OSs), and we were successful by now. If you're interested in restoring MU functionality, I've written a little guide with the title "Complete guide for restoring IE's access to WU/MU website using ProxHTTPSProxy or HTTPSProxy in Windows XP" which can be found here: https://msfn.org/board/topic/183498-general-and-specific-solutions-for-problems-regarding-auwumu-in-windows-xp/?do=findComment&comment=1216509 This thread is about different proxies to establish secure connections to servers or, more generally, to the internet. You often read about TLS, cipher suites, and certificates here. Therefore, I disseminate here some information about these "termini technici" for those who do not know exactly what is meant by them. 4. The TLS protocols and their cipher suites If you research the term TLS on the internet, you will get a lot of information, sometimes very simply presented, sometimes very technical, more for IT experts. With this small article, which can be seen more as a summary, I try to provide a little more transparency in this stuff. Transport Layer Security, abbreviated TLS, is a protocol for the authentication and encryption of Internet connections. For this purpose, TLS is inserted as its own layer between TCP and the protocols of the application layer. Here is a linked graphic to make it more clear: The individual tasks include authentication, certification, key exchange, integrity assurance and encryption. The main tasks are to guarantee the authenticity of the contacted remote stations, in most cases a server, by means of a certificate and to encrypt the connection between the remote stations. Here is a second linked graphic to demonstrate the actions and reactions in the communication between a client and a server: The used protocol defines the basic communication for the connection and is as crucial for a secure connection as the encryption protocol itself. Due to a series of vulnerabilities, the SSL2 and SSL3 protocols must be considered a security vulnerability and should be avoided at all costs. The successor to SSL3, TLS 1.0 should also be avoided, as the protocol offers a method to downgrade an established TLS 1.0 connection to SSL3. Thus, the connection is again vulnerable to the vulnerabilities that affect SSL3. Unfortunately, its successor TLS 1.1 is also no longer up to date and should be rather avoided nowadays. For a long time, the TLS 1.2 protocol was considered secure and therefore recommended. It offers a number of improvements that should ensure the security of connections again. In general, each new SSL or TLS version has brought additional features and options, making configuration a little more confusing, implementation more error-prone and handling more tedious. Overall, the use of TLS has become more insecure. With TLS 1.3, this should change, at best. Or, this was and is the actual goal, at least. For this reason, every single function of TLS has been tested for its security benefits and risks. In the process of development and in regard to the present knowledge, some parts were removed that no longer offer security and some of which are now also considered insecure. At the same time, security was improved with new procedures. Furthermore, measures for performance optimisation and preventive hardening measures for future attacks were taken into account. TLS 1.3 breaks backwards compatibility for the first time, which unfortunately causes some problems in practice. Connections with TLS 1.3 can be interrupted either because the connection is not accepted en route or due to a defective web server. Anyway, the protocols TLS 1.2 and, above all, TLS 1.3 are recommended as secure protocols nowadays. Here is a list of typical protocols and their cipher suites used by the TLS 1.3 proxy of my current program package ProxHTTPSProxy's PopMenu TLS 1.3 3V3 as an example. It's a screenshot taken from the website https://browserleaks.com/ssl: In the screenshot above, you can see many so called cipher suites belonging to specific TLS protocols. A cipher suite is a standardised collection of cryptographic procedures (algorithms) for encryption. In the Transport Layer Security (TLS) protocol, the cipher suite specifies which algorithms are to be used to establish a secure data connection. A cipher suite is generally displayed as a long string of seemingly random information but each segment of that string contains essential information. Generally, this data string is made up of several key components: The used protocol, in most cases TLS. The key exchange algorithm dictates the manner by which symmetric keys will be exchanged such as RSA, DH, DHE, ECDH, ECDHE. The authentication algorithm dictates how server authentication and (if needed) client authentication will be carried out such as RSA, DSA, ECDSA. The bulk encryption algorithm dictates which symmetric key algorithm will be used to encrypt the actual data such as AES, 3DES, CAMELLIA. The Message Authentication Code (MAC) algorithm dictates the method the connection will use to carry out data integrity checks such as SHA, SHA256, MD5. In some cases, there is an Elliptic Curve Cryptography (ECC) which is an encryption technique that provides public-key encryption similar to RSA. While the security strength of RSA is based on very large prime numbers, ECC uses the mathematical theory of elliptic curves and achieves the same security level with much smaller keys. Here are three linked graphics to illustrate these strings with examples: 5. Certificates - CA and Root Certificates Although Windows XP was abandoned and updates of root certificates were not provided anymore by Microsoft for this OS, we still found ways to update them. And, if we want to install one of our TLS proxies, we have to install a CA certificate to get them working. In both cases, certificates are needed, and this short article is intended to shed some light on this certificate jungle with regards to our TLS proxies. 5.1. The CA certficate of ProxHTTPSProxy A certificate authority (CA) is a trusted entity that issues digital certificates. These are files that cryptographically link an entity to a public key. Certificate authorities are an important part of the Internet's Public Key Infrastructure (PKI) because they issue the Secure Sockets Layer (SSL) certificates that browsers use to authenticate content sent from web servers. All popular web browsers use web servers' SSL certificates to keep content delivered online secure. They all need to trust certificate authorities to issue certificates reliably. SSL certificates are used in conjunction with the Transport Layer Security (TLS) protocol to encrypt and authenticate data streams for the HTTPS protocol, and are therefore sometimes referred to as SSL/TLS certificates or simply TLS certificates. The first time ProxHTTPSProxy is started, it creates the keys for a certificate authority in its program directory if there is none. This file CA.crt is used for on-the-fly generation of dummy certificates for each visited website which are stored in the subfolder Certs. And, there is a second file called cacert.pem located in ProxHTTPSProxy's program directory. This file cacert.pem contains the currently valid root certificates (will be considered in more detail below) used by the proxy to verify the server connections. Since your browser won’t trust the ProxHTTPSProxy's CA certificate out of the box, you will either need to click through a TLS certificate warning on every domain, or install the CA certificate once so that it is trusted. It has to be installed in the Trusted Root Certification Authority of Windows XP and in some cases additionally in the Certificate Manager of a browser as in the cases of New Moon, Pale Moon, Firefox, and others. The Internet Explorer doesn't possess an own certificates store and uses the Trusted Root Certification Authority of Windows XP. Typically, digital certificates contain data about the entity that issued the certificate and cryptographic data to verify the identity of the entity, including the entity's public key and expiration date for the certificate, as well as the entity's name, contact information, and other information associated with the certified entity. Web servers transmit this information when a browser establishes a secure connection over HTTPS. In doing so, they send to it the certificate and the browser authenticates it using its own root certificate store. The following graphic illustrates the structure of a Certificate Authority as for example GlobalSign: SSL/TLS certificates are based on PKI as mentioned above, and there are a few key parts that need to be in place for the SSL certificate to work: A digital certificate (for example, an SSL/TLS certificate) that proves the website’s identity. A certificate authority that verifies the website and issues the digital certificate. A digital signature that proves the SSL certificate was issued by the trusted certificate authority. A public key that your browser uses to encrypt the data sent to the website. A private key that the website uses to decrypt the data sent to it. Here is another graphic to illustrate the role that a certificate authority (CA) plays in the Public Key Infrastructure (PKI): When installing such CA certificates in Windows XP manually, then there is something else to note. It can be of crucial importance whether one installs a root certificate under the account of the Current User or Local Computer. In this article a little further down, you can find more information on that. Furthermore, exiting ProxHTTPSProxy completely, deleting the old CA.cert file in ProxHTTPSProxy's program directory, and restarting ProxHTTPSProxy will result in the generation of a new CA.crt that will be valid for another ten years. In addition, the certificate bundle cacert.pem should be updated, at best regularly. You can do that with the tool cacert Updater Fixed which can be found in the download section 11.2.3. Downloads related to cacert.pem Certificate Update. This tool is also included in my program package ProxHTTPSProxy's PopMenu. And, that is the moment to note something very important. Any change to a ProxHTTPSProxy installation regarding the CA certificate or a severe system crash while one of the proxies is running in the background always requires a reset of all dummy certificates in the Certs subfolder. The word "reset" at this point means deleting all certificates that have been created in the Certs folder, manually by the user. The next time the proxy is started correctly, all necessary certificates will be created again when the corresponding websites are accessed. Here are a few screenshots of ProxHTTPSProxy's CA certificate (German edition of Windows XP, sorry!): 5.2. The Root Certificates of Windows XP In cryptography and computer security, a root certificate is a public key certificate that identifies a root certificate authority (CA). Root certificates are self-signed and form the basis of an X.509-based PKI. Either it has matched Authority Key Identifier with Subject Key Identifier, in some cases there is no Authority Key identifier, then Issuer string should match with Subject string (RFC 5280). For instance, the PKIs supporting HTTPS for secure web browsing and electronic signature schemes depend on a set of root certificates. A certificate authority can issue multiple certificates in the form of a tree structure. A root certificate is the top-most certificate of the tree, the private key which is used to "sign" other certificates. All certificates signed by the root certificate, with the "CA" field set to true, inherit the trustworthiness of the root certificate. A signature by a root certificate is somewhat analogous to "notarizing" identity in the physical world. Such a certificate is called an intermediate certificate or subordinate CA certificate. Certificates further down the tree also depend on the trustworthiness of the intermediates. The following graphic illustrates the role of a root certificate in the chain of trust: The root certificate is usually made trustworthy by some mechanism other than a certificate, such as by secure physical distribution. Root certificates are distributed in Windows XP by Microsoft and located in special certificate stores. These certificate stores may be viewed through the Certificates snap-in Certmgr.msc in the Microsoft Management Console (MMC). You can open the Certificates console focused on the Current User on a Windows XP computer by executing Certmgr.msc in the Run dialog box. Here is a screenshot of what you see running this command (German edition of Windows XP, sorry!): The root certificates of Windows XP can be updated by @heinoganda's Certificate Updater, @Thomas S.'s CAupdater, or by my self-created Root Certificate and Revoked Certificate Updaters, in all cases to the most recent ones provided by Microsoft. These updaters can be found in the download section under 11.2.4. Downloads related to Root Certificate Updates. There is no automatism for this updating. It must be done manually by the user and, if possible, regularly. @heinoganda's Certificate Updater is also included in my program package ProxHTTPSProxy's PopMenu. And now, back to our proxies. 6. The TLS 1.2 proxies ProxHTTPSProxy and HTTPSProxy 6.1. Prerequisites: A CPU with SSE2 instruction set is required to run the more recent versions of these TLS 1.2 proxies under Windows XP. 6.1.1. Detailed information: Testing system: Windows XP Professional SP3 POSReady with an AMD Athlon XP 3200+ (Thoroughbred), an old CPU providing SSE, but lacking of SSE2 instruction set. After testing of all proxies mentioned in this article, I can confirm that all @heinoganda's releases ProxHTTPSProxy REV3b, ProxHTTPSProxy REV3d, ProxHTTPSProxy REV3e and @Thomas S.'s release HTTPSPoxy in version HTTPSProxy_Launcher_v2_2018-11-06 require a CPU with SSE2 instruction set. All these proxies crashed when starting 'ProxHTTPSProxy.exe' or 'HTTPSProxy.exe'. But @whenever's release ProxHTTPSProxyMII 1.3a could be started without crashing, and after testing I can confirm this proxy is fully compatible with a CPU possessing SSE instruction set only. Therefore, this proxy can be used in such old systems, but only if absolutely necessary. For safety reasons. More detailed information below in the section 10.1. Versions of the TLS 1.2 proxies ProxHTTPSProxy, HTTPSProxy, and ProxHTTPSProxy's PopMenu. 6.2. Installation: The program packages provide documents and instructions, actually sufficient. Both proxies do not need any installation. There is no setup installer. They are fully portable with a few exceptions. The user has to edit the config file according to his needs, he should update a special certificate called 'cacert.pem' and he has to install the proxy's root certificate properly in any case. But to avoid unnecessary repetitions, I'll come back to that later in the section 6.3. Configuration. The location of their program folder can be chosen freely. For this purpose, I've created a folder "Portable" in my system partition. I have created this folder to remind me that programs inside folder Portable do not have to be uninstalled. 6.3. Configuration: The configurations of these proxies are a bit different. 6.3.1. Configuration of ProxHTTPSProxy: - Install ProxHTTPSProxy's root certificate 'CA.crt' under the Trusted Root Certification Authority manually or apply 'ProxHTTPS Cert Install.exe'. Alternatively you can use the more recent ProxHTTPSProxy Cert Installer which has been modified and updated by me. You can find it in the section 11.2.1.1. Downloads related to ProxHTTPSProxy. - Edit the config file 'config.ini' according to your needs. More detailed explanations at the end of this section. - Update the certificate 'cacert.pem' by downloading and inserting it manually (see cacert Update.txt) or automatically by applying 'cacert_Updater.exe'. Due to the circumstance that @heinoganda's original cacert Updater doesn't work anymore, I have fixed it. This "cacert Updater Fixed" can be downloaded in the section 11.2.3. Downloads related to cacert.pem Certificate Update. 6.3.2. Configuration of HTTPSProxy: - Generate a new HTTPSProxy's root certificate 'HTTPSProxyCA.crt' by opening 'HTTPSProxy.exe' and closing its window when the process is over. - Install HTTPSProxy's root certificate 'HTTPSProxyCA.crt' under the Trusted Root Certification Authority manually. Alternatively you can use the brand new HTTPSProxy Cert Installer which has been created by me. You can find it in the section 11.2.1.2. Downloads related to HTTPSProxy. - Edit the config files 'config.ini' and 'Launcher.ini' according to your needs. More detailed explanations at the end of this section. - Update the certificate 'cacert.pem' by downloading from url https://curl.se/ca/cacert.pem and inserting it manually (see Installation-Update_EN.txt) or automatically by clicking cacert.pem update in Launcher's menu. - Execute the reg file 'Inet_CurUser_ProxySettings.reg'. Both proxies have got a config file called 'config.ini'. The following parameters of the proxy can be specified there:: ProxAddr, FrontPort, BackPort, LogPort and LogLevel. Look into this file and you'll get short descriptions of these parameters. Furthermore there are special sections titled [SSL No-Verify], [BLACKLIST], [SSL Pass-Thru] and [BYPASS URL]. In these sections url addresses can be inserted letting the proxy know how to perform them. HTTPSProxy has a second config file called 'Launcher.ini'. Here you can set up the Launcher of HTTPSProxy. A short description can be read at the beginning of each file section. Here you can see HTTPSProxy's config file similar to the one of ProxHTTPSProxy: More detailed information about the parameters and sections can be found in their doc files. Both proxies can be set as system-wide proxies using the executable proxycfg.exe. Here are proxycfg's command line parameters: The command proxycfg displays the current WinHTTP proxy settings. The command proxycfg -d specifies that all HTTP and HTTPS servers should be accessed directly. Use this command if there is no proxy server. The command proxycfg -p proxy-server-list optional-bypass-list specifies one or more proxy servers, and an optional list of hosts that should be accessed directly. If a proxy server is not specified for a given protocol and that server is not in the bypass list, the -p option specifies that the server cannot be accessed at all. The command proxycfg -d -p proxy-server-list optional-bypass-list specifies one or more proxy servers, and an optional list of hosts that should be accessed directly. If a proxy server is not specified for the given protocol, the -d option specifies that the server should be accessed directly instead. The command proxycfg -u imports the Internet Explorer proxy settings of the current user. WinHTTP does not support auto-discovery and configuration script-based proxy settings. So far so good, but unfortunately that's not the whole truth. 6.3.3. Configuration of these proxies to access the MU website successfully nowadays: The MU website can be accessed only by IE, but nowadays it needs the more recent cryptographic protocol TLS 1.2. That's the reason why MU wasn't available in the past. Therefore we have to use one of these proxies to gain access. If all steps of my Complete guide for restoring IE's access to WU/MU website using ProxHTTPSProxy or HTTPSProxy in Windows XP have been performed properly, you would like to call up MU website. But in some cases problems could occur. One of them is to get a MU website with output of error code 0x80072f8f (hexadecimal notation). I had examined this error deeply and could solve it. But what does that have to do with our proxies? Of course a lot, otherwise I wouldn't have mentioned it. Here you can read my short post "Final fix of error code 0x80072f8f while accessing WU or MU website": https://msfn.org/board/topic/178377-on-decommissioning-of-update-servers-for-2000-xp-and-vista-as-of-july-2019/?do=findComment&comment=1213188 The steps in order: Delete the old CA.cert file in ProxHTTPSProxy's program folder. Delete all certificates in ProxHTTPSProxy's certs subfolder. Update the certificate cacert.pem. Run the executable ProxHTTPSProxy.exe. A new ProxHTTPSProxy CA certificate CA.crt valid for another ten years has been generated. Import this new ProxHTTPSProxy CA certificate to Trusted Root Certification Authority but under the account local computer. And exactly here lies the problem. You have to import this certificate in a special way to ensure it is really installed in Trusted Root Certification Authority under the account local computer. Otherwise, it can happen that this certificate is installed in Trusted Root Certification Authority under the account current user. And that is definitely the cause of error code 0x80072f8f. No one had told us where this certificate has to be installed to. No hints in the doc files of both proxies. And, how can we do that? Here are the detailed steps using the Microsoft Management Console: Open console by typing mmc. Add a snap-in for certificates. Choose for local computer. Import your recently generated ProxHTTPSProxy CA certificate to Trusted Root Certification Authority. Finished. Now, we have to modify the config file. Alternatively you can use my pre-configured config files in the section 11.2.1. Downloads related to the TLS 1.2 proxies. Open the file config.ini in an editor of your choice. Add these urls under the section [SSL No-Verify]: urs.microsoft.com c.microsoft.com* *one.microsoft.com* download.windowsupdate.com cc.dcsec.uni-hannover.de fe2.ws.microsoft.com *update.microsoft.com ds.download.windowsupdate.com - Save your changes. - Finished. Of course, same procedure for HTTPSProxy with one exception: HTTPSProxy's root certificate is named HTTPSProxyCA.crt. Fixing error code 0x80072f8f leads to fixing another problem and that is the validity of Proxy's root certificate. From now on a freshly generated root certificate of ProxHTTPSProxy or HTTPSProxy valid for another ten years will be fully functional because we finally know where it exactly has to be imported to. Maybe, you understand now how important it is to configure these proxies properly. Otherwise, they wouldn't work flawlessly. In the section 11.2.1. Downloads related to the TLS 1.2 proxies, I provide separate CA Certificate Installer and Uninstaller for both proxies. They have been created by me for the people who do not dare to generate and install certificates themselves. Due to a modification made by me, these installers and uninstallers do now their job properly, i.e. the certificate installation will be definitely performed in the Trusted Root Certification Authority under the account local computer. If you asked me which kind of certificate installation you should choose, I would recommend the manual method. For security reasons only. The installers contain a pre-generated root certificate of its proxy which will be installed properly. But as a result all users of these installers will have got the same certificate unfortunately. Normally, no good. But, do we really want to spy each other? I don't think so. On the other hand, using the manual method we all will have an unique certificate without any risks. So it's up to you! 6.4. Usage: The usage of these proxies is very simple but a bit different. 6.4.1. Usage of ProxHTTPSProxy: The best way to start ProxHTTPSProxy is to execute the file ProxHTTPSProxy_PSwitch.exe. In this case, ProxHTTPSProxy will set up itself automatically and delete its settings when closing. You can check the settings of ProxHTTPSProxy in Internet Options of IE. Here is a screeshot of ProxHTTPSProxy's program window: 6.4.2. Usage of HTTPSProxy: The way to start HTTPSProxy is a bit different. For starting it, you have to simply drag the executable HTTPSProxy.exe onto a second executable Launcher.exe by drag & drop and a new system tray icon appears. Via this icon, all available options of HTTPSProxy's Launcher are accessible. There are a lot of options: HTTPSProxy exit, HTTPSProxy restart, HTTPSProxy show, HTTPSProxy hide, HTTPSProxy launch with Windows, config.ini edit, cacert.pem update, HTTPSProxy enabled - settings - log, Update Windows root CAs, Launcher.ini edit and so on. Here are some screenshots of HTTPSProxy: Launcher's menu: HTTPSProxy - switched on and switched off: HTTPSProxy's program window: HTTPSProxy while accessing MU: If connection errors occur, you can check the settings of HTTPSProxy in Internet Options of IE and set them manually or automatically by applying reg file 'Inet_CurUser_ProxySettings.reg'. And now one important hint. If you want to use both proxies in your system, you mustn't run them in RAM at same time! Otherwise the selected proxy won't work at all. You have to close the unused proxy to use the other. Keep that in mind! 6.5. Maintenance of ProxHTTPSProxy and HTTPSProxy for future use: We have to carry out a bit of maintenance to ensure that these proxies are working properly. First of all, the system's root certificates should be updated every three months. If you have not done that yet, you can use one of the root certificate updater in the section 11.2.4. Downloads related to Root Certificate Updates where different online and offline versions can be downloaded from. Then you should check following list: Regular update of the file 'cacert.pem'. Maintenance and check of the file config.ini according to your needs. Checking the validity of the proxy's root certificate. Deleting of all certificates in the folder 'Certs' if the proxy isn't working properly. Checking the state of the Proxy in IE or in your system. 7. The TLS 1.2 proxy ProxHTTPSProxy's PopMenu 3V1 7.1 Prerequisites: A CPU with SSE2 instruction set is required to run this TLS 1.2 proxies under Windows XP. 7.2. Purpose and components of ProxHTTPSProxy's PopMenu 3V1: This is the first release of ProxHTTPSProxy's PopMenu 3.0 in version 1.0.0.0 shortened 3V1. ProxHTTPSProxy's PopMenu 3V1 is a one-click menu in systray to access and control @heinoganda's ProxHTTPSProxy REV3e. ProxHTTPSProxy's PopMenu 3V1 is a synthesis of self-programmed executables, a very few commands, credits to @AstroSkipper at MSFN, and the freeware PopMenu 3.0, credits to Jochanan Agam at freeware.persoft.ch. All the information I spread about ProxHTTPSProxy in the sections above is of course also valid for ProxHTTPSProxy's PopMenu. 7.3. Features of ProxHTTPSProxy's PopMenu 3V1: ProxHTTPSProxy's PopMenu is not a classical launcher, it is rather a systray popup menu. It can be totally customized and continuously extended according to user's needs due to its modular structure, therefore much more flexible than a classical, compiled launcher. More features can be added easily without touching existent code. Due to ProxHTTPSProxy's PopMenu's modular structure the user can change, add, delete and reorder features. Even the icons in menu can be changed easily by the user. Here is the complete list of features implemented in ProxHTTPSPoxy's PopMenu 3v1: Start ProxHTTPSPoxy Stop ProxHTTPSPoxy Hide ProxHTTPSPoxy Show ProxHTTPSPoxy Check if ProxHTTPSPoxy is running (in RAM) cacert.pem Update Root Certificates Update Open IE Proxy settings Close IE Proxy settings Check system proxy status Enable ProxHTTPSProxy system-wide Disable ProxHTTPSProxy system-wide Edit config.ini Read documentation And here is a screenshot of ProxHTTPSProxy's PopMenu 3V1: ProxHTTPSPoxy's PopMenu is provided together with ProxHTTPSProxy REV3e. This new archive called "ProxHTTPSProxy_REV3e_PopMenu_3V1" has been additionally updated by me. These are the changes to original package of @heinoganda: 7.4. Changelog of ProxHTTPSProxy's PopMenu 3V1: @heinoganda's Certificate Updater 1.6 added. Old CA Root Certificate CA.crt replaced by new one valid until 02/19/2032. ProxHTTPSProxy CA Certificate Installer and Uninstaller replaced by more recent ones corresponding to pre-generated CA Root Certificate valid until 02/19/2032. Old cacert Updater removed, recreated cacert Updater Fixed added. cacert.pem updated to most recent one. Alternative latest cacert.pem dated of 2022-04-26 from Mozilla added with download url. All self-programmed executables of ProxHTTPSPoxy's PopMenu 3v1 created in two different versions, UPX and noUPX, following the spirit of ProxHTTPSPoxy's creator. 7.5. Installation and configuration of ProxHTTPSProxy's PopMenu 3V1: 1. Unpack archive and copy the complete folder ProxHTTPSProxy_REV3e_PopMenu_3V1_noUPX or ProxHTTPSProxy_REV3e_PopMenu_3V1_UPX (or its complete content) to desired location. 2. Although both, ProxHTTPSProxy REV3e and ProxHTTPSPoxy's PopMenu 3V1, are fully portable, the config file of program PopMenu has to be adjusted to new location. This can be done manually or much more comfortable automatically by a tool I created for this purpose only. Go to subfolder PopMenu and execute "Configure PopMenu.exe". This procedure will always set the menu back to default settings. If you modified the menu in the past to your needs, you have to adjust the config file "PopMenu.ini" manually, otherwise you'll lose your modifications. In any case the paths in config file "PopMenu.ini" have to be adjusted when the complete program folder (or its complete content) was copied to a new location. 7.6. Tranferring all settings of an existing ProxHTTPSProxy's installation: Copy the files "CA.crt" and "config.ini" from old installation folder to new one. Same with complete subfolder "Certs". Doing it in that way you won't lose any old settings. 7.7. Usage of ProxHTTPSProxy's PopMenu 3V1: To start ProxHTTPSPoxy's PopMenu, just apply "ProxyPopMenu.exe" in main program folder ProxHTTPSProxy_REV3e_PopMenu_3V1_noUPX or ProxHTTPSProxy_REV3e_PopMenu_3V1_UPX. ProxHTTPSPoxy's PopMenu can be set to "Start automatically at Windows startup" in context menu item "Settings" which is called up by right-clicking systray icon. Here the PopMenu can be configured generally. ProxHTTPSPoxy's PopMenu has been pre-configured by me. The provided functions (items) corresponding to their labels are in most cases self-programmed executables and in a very few inserted commands. All items of ProxHTTPSPoxy's PopMenu are generally self-explanatory. Feel free to click on them and test them! If you click on item "Enable ProxHTTPSProxy system-wide", my program checks whether ProxHTTPSProxy is running or not. If not, it will be started immediately. This is necessary to set ProxHTTPSProxy to mode system-wide or setting process would fail. And one recommendation: Do not change or modify files in subfolder PopMenu and keep the file or folder structure inside main folder, otherwise the ProxHTTPSProxy's PopMenu won't work properly! If you want to modify the menu, do it in PopMenu's "Settings". But you have to know what you do otherwise ProxHTTPSPoxy's PopMenu won't work as expected. ProxHTTPSProxy's PopMenu itself has a very low usage of RAM. It's only about 2 MB. The download link of ProxHTTPSProxy's PopMenu 3V1 can be found in the section 11.2.1.1. Downloads related to ProxHTTPSProxy. 8. The TLS 1.3 proxy ProxyMII 8.1. Prerequisites: ProxyMII was created by Python 3.7.1 which requires Microsoft Visual C++ 2015 Redistributable or Microsoft Visual C++ 2015-2019 Redistributable (latest version 14.28.29213.0). Check if it is installed in your system! 8.2. General information about ProxyMII: ProxyMII is a proxy based on ProxHTTPSProxy which was originally created by whenever. It was enhanced in terms of the TLS 1.3 protocol and its cipher suites by @cmalex who recently created it using Python 3.7.1. Again, a big thanks for that to @cmalex! ProxyMII provides all TLS protocols from TLS 1.0 up to TLS 1.3 and its corresponding cipher suites. It differs from @heinoganda's ProxHTTPSProxy in its file structure and does not provide a comparable program like ProxHTTPSProxy_PSwitch.exe to activate or deactivate the proxy settings automatically, when the proxy is started or closed. This has to be done manually by the user. If you want to use ProxyMII as it is without any additional comfort, then read the following instructions to get it running. 8.3. Specific information about the different ProxyMII releases: 8.3.1 ProxyMII (20220717): Hardware requirements: A CPU with SSE2 instruction set is not required anymore, SSE only is sufficient. ProxyMII (20220717) is now based on OpenSSL 3.0.5, dated from 2022-07-05, and Cryptography 3.4.8, dated from 2021-08-24. 8.3.2. ProxyMII (20230813): Hardware requirements: A CPU with SSE2 instruction set is now required., SSE only is not sufficient anymore. ProxyMII (20230813) is now based on OpenSSL 3.1.2, dated from 2023-08-01, and Cryptography 40.0.2, dated from 2023-04-14. Here are the changelogs: Changes from OpenSSL 3.0.5 to OpenSSL 3.1.2: Changes from Cryptography 3.4.8 to Cryptography 40.0.2: 8.4. How to set up and use the TLS 1.3 proxy ProxyMII: Unpack the archive and copy the folder ProxyMII to a location of your choice. Install the file CA.crt to Trusted Root Certification Authority under the account local computer manually. I use the certificate generated by ProxHTTPSProxy REV3e, provided in my release of ProxHTTPSProxy's PopMenu 3V1. Or use my contained ProxHTTPSProxy CA Certificate Installer and Uninstaller to do that automatically. If so, you have to overwrite the already existing CA.crt in ProxyMII's program folder by the one of my release. Enable the proxy settings of IE in the Internet Options -> LAN settings, i.e., check mark "Use a proxy server for your LAN", and click on Advanced. Go to the entry Secure and enter the Proxy address 127.0.0.1 and the port 8079. Update the file cacert.pem to have the most recent one by using my cacert Updater Fixed (Recreated). Start the proxy by executing the file ProxHTTPSProxy.exe. Ensure that your firewall doesn't block this proxy. Add it to your exclusions list or allow its connection. Do not forget to disable the proxy settings of IE when ProxyMII has been closed. The download links of ProxyMII and cacert Updater Fixed can be found respectively in the sections 11.2.2. Downloads related to the TLS 1.3 proxies and 11.2.3. Downloads related to cacert.pem Certificate Update. ProxyMII is the TLS 1.3 proxy on which my program package ProxHTTPSProxy's PopMenu TLS 1.3 is based from now on. 9. The TLS 1.3 proxy ProxHTTPSProxy's PopMenu TLS 1.3 9.1. Prerequisites: ProxHTTPSProxy's PopMenu TLS 1.3 is based on ProxyMII, which was created by Python 3.7.1, and requires Microsoft Visual C++ 2015 Redistributable or Microsoft Visual C++ 2015-2019 Redistributable (latest version 14.28.29213.0). Furthermore, Microsoft .NET Framework 4.0 is now additionally required to run the program package ProxHTTPSProxy's PopMenu TLS 1.3 under Windows XP. Check if both are installed in your system! A CPU with SSE2 instruction set is not required anymore, SSE only is sufficient. 9.2. General information about ProxHTTPSProxy's PopMenu TLS 1.3 The main feature of my program package ProxHTTPSProxy's PopMenu TLS 1.3 is @cmalex's ProxyMII, a TLS 1.3 proxy. I replaced @heinoganda's TLS 1.2 proxy from my last release of ProxHTTPSProxy's PopMenu REV3e 3V1 by @cmalex's TLS 1.3 proxy. This sounds simple, but, unfortunately, it wasn't. A lot of problems had to be solved to implement this proxy completely, enhance functionality, and get control of it as convenient as the old one. ProxHTTPSProxy's PopMenu TLS 1.3 is a one-click menu in systray to access and control the brand new TLS 1.3 proxy ProxyMII, better known as ProxHTTPSProxy, credits to @cmalex and its original creator whenever. @cmalex's ProxyMII, dated from 2022-07-17, is now based on OpenSSL 3.0.5 and Cryptography 3.4.8. It provides all TLS protocols from TLS 1.0 up to TLS 1.3 and its corresponding ciphers. 9.3. ProxHTTPSProxy's PopMenu TLS 1.3 3V3 ProxHTTPSProxy's PopMenu TLS 1.3 3V3 is the third release of ProxHTTPSProxy's PopMenu 3.0, now in version 3.0.0.0, shortened 3V3. It is a synthesis of the excellent, brand new TLS 1.3 proxy ProxyMII, dated from 2022-07-17, credits to @cmalex at MSFN, several self-programmed executables and a very few commands, credits to @AstroSkipper at MSFN, the freeware PopMenu 3.0, credits to Jochanan Agam at freeware.persoft.ch, the open source utility Min2Tray v1.7.9, credits to Junyx at junyx.breadfan.de, and the program Certificate Updater 1.6, credits to @heinoganda at MSFN. If you wonder when the second version was released, the answer is very simple: never. This version was unofficial. ProxHTTPSProxy's PopMenu is not a classical launcher, it is rather a systray pop-up menu. It can be totally customized and continuously extended according to the user's needs due to its modular structure, therefore, much more flexible than a classical, compiled launcher. More features can be added easily without touching the existent code. Due to ProxHTTPSProxy's PopMenu's modular structure, the user can change, add, delete and reorder features. Even the icons in the menu can be changed easily by the user. Here is a screenshot: 9.3.1 Features of ProxHTTPSProxy's PopMenu TLS 1.3 3V3: Here is the complete list of features implemented in ProxHTTPSProxy's PopMenu TLS 1.3 3V3 and a short explanation of them: Start ProxHTTPSPoxy – Activates the proxy's settings in IE LAN Settings, starts the proxy, and deactivates and cleans its settings after closing, all automatically. Stop ProxHTTPSPoxy – Stops the proxy and closes its status window. Minimize ProxHTTPSProxy to systray – Minimizes ProxHTTPSProxy's status window to systray and shows its icon there. Restore ProxHTTPSProxy from systray – Restores ProxHTTPSProxy's minimized status window from systray. Hide ProxHTTPSPoxy – Hides ProxHTTPSProxy's status window completely. Show ProxHTTPSPoxy – Shows ProxHTTPSProxy's hidden status window again. Check if ProxHTTPSPoxy is running (in RAM) – Checks if ProxHTTPSPoxy is running in the background. cacert.pem Update – Performs an update of the file cacert.pem. Root Certificates Update – Performs an update of the system's Root Certificates. Open IE Proxy settings – Opens the tab LAN Settings in IE's Internet Options. Close IE Proxy settings – Closes the tab LAN Settings and IE's Internet Options completely. Check system proxy status – Checks whether the proxy is used system-wide or the system has direct access. Enable ProxHTTPSProxy system-wide – Permits the whole system to use this proxy. In this mode, services can route their traffic through the proxy, too. Disable ProxHTTPSProxy system-wide – The proxy can be used only locally if it is running, generally all have direct access to their servers or the internet. Edit config.ini – Opens the file config.ini with the editor Notepad to check or modify the proxy's configuration. Read documentation – Opens the documentation with the editor Notepad to get quickly information. In the screenshot above, you can see a red arrow which points to the icon of ProxHTTPSPoxy, minimized to systray. It's a new feature, and the green marked items have been added to the pop-up menu since last release. ProxHTTPSPoxy's PopMenu is provided together with ProxyMII from 2022-07-17, created by @cmalex and branded by me as ProxHTTPSProxy 1.5.220717. This new archive called ProxHTTPSProxy TLS 1.3 1.5.220717 PopMenu 3V3 has been additionally updated by me. These are the changes to the previous version of ProxHTTPSPoxy's PopMenu: 9.3.2 Changelog of ProxHTTPSProxy's PopMenu TLS 1.3 3V3: @heinoganda's ProxHTTPSProxy REV3e replaced by @cmalex's ProxHTTPSProxy 1.5.220717 with a brand new TLS 1.3 support. New starter program StartProxy.exe created to activate the proxy settings, start the proxy, and deactivate its settings after closing, all automatically. cacert.pem updated to the most recent one. Alternative cacert.pem from Mozilla, updated to the most recent version dated 2022-07-19. The open source utility Min2Tray has been fully implemented by the new configuration tools Configure PopMenu.exe and Setup Min2Tray.exe, all automatically. After the setup procedure, the programs PopMenu and Min2Tray are started automatically. All self-created files are not UPX-compressed. Therefore, the version is a noUPX only. Two new items added to the pop-up menu: Minimize ProxHTTPSProxy to systray and Restore ProxHTTPSProxy from systray. All unnecessarily embedded files have been removed from my self-created executables. Changes in calling up other programs. In all my affected programs, protection against code injection has been improved. This leads to preventing of future "space bugs", too! Different issues, which could have been noticed only in very rare cases, have been fixed. All unnecessary code has been removed. New bugs I additionally found have been fixed. Autostart entries of PopMenu and the new Min2Tray, automatically added to the registry by my configuration program, have been fixed in regard to the "space bug". All message windows of my programs have been resized and adjusted for a better visibility. All my self-created program files have been recompiled by using a different compiler. @cmalex's original ProxyMII wasn't modified by me, except a replacement of ProxHTTPSProxy.EXE's program icon, back to the old one and an update of the file config.ini to get access to the Microsoft Updates (MU) website with this proxy. 9.3.2 Installation and start of ProxHTTPSProxy's PopMenu TLS 1.3 3V3: Check if Microsoft Visual C++ 2015 Redistributable or Microsoft Visual C++ 2015-2019 Redistributable (latest version 14.28.29213.0) is installed in your system. Check if Microsoft .NET Framework 4.0 is installed in your system. Unpack the archive and copy either the complete folder ProxHTTPSProxy_TLS_1_3_1_5_220717_PopMenu_3V3 or its complete content to your desired location. Install the file CA.crt, located in the main program folder, to Trusted Root Certification Authority under the account local computer, or use the program ProxHTTPSProxy Cert Installer, provided in the archive. Go to the subfolder PopMenu and execute the program Configure PopMenu.exe. PopMenu and Min2Tray will be started automatically. A more detailed documentation, titled Documentation of ProxHTTPSProxy's PopMenu 3V3, can be found in the subfolder Docs of my program package and should be read before using ProxHTTPSProxy's PopMenu in any case. All features and more are described there. The programs PopMenu and Min2Tray have a very low usage of RAM. It's only about 2 MB and 4 MB respectively. The download link of ProxHTTPSProxy's PopMenu TLS 1.3 3V3 can be found in the section 11.2.2. Downloads related to the TLS 1.3 proxies. 10. Versions: 10.1. Versions of the TLS 1.2 proxies ProxHTTPSProxy, HTTPSProxy, and ProxHTTPSProxy's PopMenu: Last known version of ProxHTTPSProxyMII, created by @whenever and released in June of 2018: ProxHTTPSProxyMII 1.5 (20180616) ProxHTTPSProxyMII 1.3a (20150527) was released in May of 2015. Here are two links: https://prxbx.com/forums/showthread.php?tid=2172&pid=17686#pid17686 and https://prxbx.com/forums/showthread.php?tid=2172&pid=18454#pid18454 Due to support of SHA1 for signing certificates ProxHTTPSProxyMII 1.3a can be used in a Windows XP Professional x64 system to access MU successfully. More recent versions use SHA256 to sign certificates and fail while accessing MU. But that also means ProxHTTPSProxyMII 1.3a is not secure and should only be used if there is no other option. Here is a link to the post with necessary instructions and a screenshot of successful access to MU using ProxHTTPSProxyMII 1.3a in Windows XP Professional x64, credits to @maile3241: https://msfn.org/board/topic/178377-on-decommissioning-of-update-servers-for-2000-xp-and-vista-as-of-july-2019/?do=findComment&comment=1214098 Last known version of ProxHTTPSProxy released in November of 2019: ProxHTTPSProxy REV3e. Here is a link: https://msfn.org/board/topic/176344-problems-accessing-certain-sites-https-aka-tls/?do=findComment&comment=1173585 Last known version of HTTPSProxy released in November of 2018: HTTPSProxy_Launcher_v2_2018-11-06 Here are two links: https://msfn.org/board/topic/176344-problems-accessing-certain-sites-https-aka-tls/?do=findComment&comment=1155858 and https://msfn.org/board/topic/176344-problems-accessing-certain-sites-https-aka-tls/?do=findComment&comment=1156032 Last version of ProxHTTPSProxy's PopMenu released in May of 2022: ProxHTTPSProxy's PopMenu 3V1 (20220510) Here is the link to my post of this initial release: https://msfn.org/board/topic/183352-proxhttpsproxy-and-httpsproxy-in-windows-xp-for-future-use/?do=findComment&comment=1218622 10.2. Versions of the TLS 1.3 proxies ProxyMII and ProxHTTPSProxy's PopMenu TLS 1.3: ProxyMII released in July of 2022: ProxyMII (20220717). It was rebranded by me to ProxHTTPSProxy 1.5.220717. Here is the link to @cmalex's original post: https://msfn.org/board/topic/183684-looking-for-a-person-with-python-programming-skills-to-implement-tls-13-functionality-in-proxhttpsproxy-rev3e/?do=findComment&comment=1222235 Latest version of ProxyMII released in August of 2023: ProxyMII (20230813). Here is the link to @cmalex's original post: https://msfn.org/board/topic/183352-proxhttpsproxy-and-httpsproxy-in-windows-xp-for-future-use/?do=findComment&comment=1250552 Latest version of ProxHTTPSProxy's PopMenu TLS 1.3 3V3 released in August of 2022: ProxHTTPSProxy's PopMenu TLS 1.3 3V3 (20220817). Here is the link to the post of its official release: https://msfn.org/board/topic/183352-proxhttpsproxy-and-httpsproxy-in-windows-xp-for-future-use/?do=findComment&comment=1224184 11. Downloads: 11.1. Archived Downloads {obsolete}: ProxHTTPSProxyMII 1.3a can be downloaded here: http://www.proxfilter.net/proxhttpsproxy/ProxHTTPSProxyMII 1.3a.zip. Credits to @whenever. ProxHTTPSProxyMII 1.5 can be downloaded here: http://jjoe.proxfilter.net/ProxHTTPSProxyMII/files/ProxHTTPSProxyMII 1.5 advanced 34cx_freeze5.0.1urllib3v1.22Win32OpenSSL_Light-1_0_2o-1_1_0h.zip. Credits to @whenever. ProxHTTPSProxy REV3d can be downloaded here: https://www.mediafire.com/file/r23ct8jd2ypfjx5/ProxHTTPSProxyMII_REV3d_PY344.7z/file. Credits to @heinoganda. Root Certificate and Revoked Certificate Updater of 02/24/2022 created by @AstroSkipper: https://www.mediafire.com/file/n4ea8nbijox88o3/Roots_Certificate_Updater_24.02.22.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 02/24/2022 created by @AstroSkipper: https://www.mediafire.com/file/8ler7d9z8aesz08/rootsupd.exe/file Root Certificate and Revoked Certificate Updater of 04/28/2022 created by @AstroSkipper: https://www.mediafire.com/file/7e6jw2mdp6bi3u0/Roots_Certificate_Updater_28.04.22.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 04/28/2022 created by @AstroSkipper: https://www.mediafire.com/file/m6n7481wdq546ad/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 05/24/2022 created by @AstroSkipper: https://www.mediafire.com/file/aob1fkpf6f3vyhd/Roots_Certificate_Updater_24.05.22.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 05/24/2022 created by @AstroSkipper: https://www.mediafire.com/file/vkopcjfymnei5cn/rootsupd.exe/file Root Certificate and Revoked Certificate Updater of 06/28/2022 created by @AstroSkipper: https://www.mediafire.com/file/2eowvtl8r56q8tx/Roots_Certificate_Updater_28.06.22.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 06/28/2022 created by @AstroSkipper: https://www.mediafire.com/file/h1460guuxqklkk5/rootsupd.exe/file Root Certificate and Revoked Certificate Updater of 08/23/2022 created by @AstroSkipper: https://www.mediafire.com/file/nxt11m8m39fnc1k/Roots_Certificate_Updater_23.08.22.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 08/23/2022 created by @AstroSkipper: https://www.mediafire.com/file/0o2h3y16ekmtv2o/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 09/27/2022 created by @AstroSkipper: https://www.mediafire.com/file/d4mtrexun8ao81l/Roots_Certificate_Updater_27.09.22.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 09/27/2022 created by @AstroSkipper: https://www.mediafire.com/file/44suzv2x2fbrret/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 10/25/2022 created by @AstroSkipper: https://www.mediafire.com/file/naxyauof6fs0p88/Roots_Certificate_Updater_25.10.22.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 10/25/2022 created by @AstroSkipper: https://www.mediafire.com/file/nmzw6l4lzmxn8wx/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 11/29/2022 created by @AstroSkipper: https://www.mediafire.com/file/cnlbxdffjq9beva/Roots_Certificate_Updater_29.11.22.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 11/29/2022 created by @AstroSkipper: https://www.mediafire.com/file/pctxthjlcb6croc/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 02/28/2023 created by @AstroSkipper: https://www.mediafire.com/file/6chiibdsdoh4i22/Roots_Certificate_Updater_28.02.23.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 02/28/2023 created by @AstroSkipper: https://www.mediafire.com/file/rmjyq3pak60jayz/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 04/25/2023 created by @AstroSkipper: https://www.mediafire.com/file/xgmi98u15ikerrn/Roots_Certificate_Updater_25.04.23.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 04/25/2023 created by @AstroSkipper: https://www.mediafire.com/file/dxtxkgqdk6xlfb9/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 08/22/2023 created by @AstroSkipper: https://www.mediafire.com/file/53fv86ouqgonm7f/Roots_Certificate_Updater_22.08.23.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 08/22/2023 created by @AstroSkipper: https://www.mediafire.com/file/9xhsy3i2bphtf0i/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 11/28/2023 created by @AstroSkipper: https://www.mediafire.com/file/361ux1ogvmokuhf/Roots_Certificate_Updater_28.11.23.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 11/28/2023 created by @AstroSkipper: https://www.mediafire.com/file/6o1rfz4oqnh0din/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 02/27/2024 created by @AstroSkipper: https://www.mediafire.com/file/7awvvb37in89op1/Roots_Certificate_Updater_27.02.24.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 02/27/2024 created by @AstroSkipper: https://www.mediafire.com/file/55c7c574pyem2vg/rootsupd.EXE/file Root Certificate and Revoked Certificate Updater of 03/26/2024 created by @AstroSkipper: https://www.mediafire.com/file/a1oil6g5cane3bu/Roots_Certificate_Updater_26.03.24.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 03/26/2024 created by @AstroSkipper: https://www.mediafire.com/file/6hcuv2r715l8nnm/rootsupd.EXE/file 11.2. Latest Downloads: 11.2.1. Downloads related to the TLS 1.2 proxies: 11.2.1.1. Downloads related to ProxHTTPSProxy: ProxHTTPSProxy REV3e can be downloaded here: https://www.mediafire.com/file/me5l9dydomgwa0h/2005536469_ProxHTTPSProxyMIIv1.5Rev3ePython3.44OriginalFiles.7z/file. Credits to @heinoganda. ProxHTTPSProxy's PopMenu 3V1 can be downloaded here: https://www.mediafire.com/file/djg5n0n9osqco7m/ProxHTTPSProxy_REV3e_PopMenu_3V1_CheckedByAstroSkipper.7z/file. Password: CheckedByAstroSkipper. Credits to @AstroSkipper. ProxHTTPSProxy CA Certificate Installer and Uninstaller with a freshly pre-generated root certificate valid until 02/19/2032 modified and built by @AstroSkipper: https://www.mediafire.com/file/9tnonnlymrp98f8/ProxHTTPSProxy_Cert_Installer_%2B_Uninstaller_%2B_CA_valid_until_02-19-2032.7z/file ProxHTTPSProxy's config file to access MU website successfully, modified by @AstroSkipper: https://www.mediafire.com/file/vr1klatuzjh6v5c/ProxHTTPSProxy_-_config.ini/file 11.2.1.2. Downloads related to HTTPSProxy: HTTPSProxy in the version of HTTPSProxy_Launcher_v2_2018-11-06 can be downloaded here: https://www.mediafire.com/file/ku859ikt2t79cgl/HTTPSProxy_Launcher_v2_2018-11-06.7z/file. Credits to @Thomas S.. HTTPSProxy CA Certificate Installer and Uninstaller with a freshly pre-generated root certificate valid until 02/19/2032 created by @AstroSkipper: https://www.mediafire.com/file/sx1i6w2c6f1hvwm/HTTPSProxy_Cert_Installer_%2B_Uninstaller_%2B_CA_valid_until_02-19-2032.7z/file HTTPSProxy's config file to access MU website successfully, modified by @AstroSkipper: https://www.mediafire.com/file/6emtdvx2vmw4iz8/HTTPSProxy_-_config.ini/file 11.2.2. Downloads related to the TLS 1.3 proxies: ProxyMII (20220717) = ProxHTTPSProxy 1.5.220717 can be downloaded here: https://www.mediafire.com/file/zbkz37dh0wjgnml/ProxyMII_220717_CheckedByAstroSkipper.7z/file. Password: CheckedByAstroSkipper. Credits to @cmalex. ProxyMII (20230813) can be downloaded here: https://www.mediafire.com/file/8oir8zsg0ffjs6u/ProxyMII_230813_CheckedByAstroSkipper.7z/file. Password: CheckedByAstroSkipper. Credits to @cmalex. ProxHTTPSProxy's PopMenu TLS 1.3 3V3 can be downloaded here: https://www.mediafire.com/file/4sqkixfd2waaypt/ProxHTTPSProxy_TLS_1_3_1_5_220717_PopMenu_3V3_CheckedByAstroSkipper.7z/file. Password: CheckedByAstroSkipper. Credits to @AstroSkipper. ProxHTTPSProxy CA Certificate Installer and Uninstaller with a freshly pre-generated root certificate valid until 02/19/2032 modified and built by @AstroSkipper: https://www.mediafire.com/file/9tnonnlymrp98f8/ProxHTTPSProxy_Cert_Installer_%2B_Uninstaller_%2B_CA_valid_until_02-19-2032.7z/file ProxHTTPSProxy's config file to access MU website successfully, modified by @AstroSkipper: https://www.mediafire.com/file/vr1klatuzjh6v5c/ProxHTTPSProxy_-_config.ini/file 11.2.3. Downloads related to cacert.pem Certificate Update: cacert Updater Fixed, fixed and recreated by @AstroSkipper: https://www.mediafire.com/file/y98gtqf8ewr6zz4/cacert_Updater_Fixed_Recreated.7z/file. Credits to @heinoganda. 11.2.4. Downloads related to Root Certificate Updates: Root Certificate and Revoked Certificate Updater of 05/28/2024 created by @AstroSkipper: https://www.mediafire.com/file/qo3w3h9n2zumb2o/Roots_Certificate_Updater_28.05.24.7z/file Root Certificate and Revoked Certificate Updater (AIO version!) of 05/28/2024 created by @AstroSkipper: https://www.mediafire.com/file/v3bokp223uen5ta/rootsupd.EXE/file Certificate Updater 1.6: https://www.mediafire.com/file/nmoqrx8vwc8jr6l/jveWB2Qg1Lt9yT5m3CYpZ8b8N4rH.rar/file. Credits to @heinoganda. Archive password: S4QH5TIefi7m9n1XLyTIZ3V5hSv4se1XB6jJZpH5TfB6vkJ8hfRxU7DWB2p CAupdater 1.0.0.1: https://www.mediafire.com/file/z34fifg2a09fzxo/CAupdater.7z/file. Credits to @Thomas S.. The installers created by myself or built by me will be updated from time to time if necessary. All files in my offered archives are definitely virus-free and clean, although some AV scanners produce false positives. I recommend adding the complete folder to the exclusion list of your security program(s), only if you trust me, of course. Apart from that, you can also check positive reported files on VirusTotal, though. 12. Update notifications: 02/26/2022: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 02/24/2022. 03/16/2022: The functionality of @heinoganda's cacert Updater has been restored. cacert Updater Fixed can be downloaded in the section 11.2.3. Downloads related to cacert.pem Certificate Update. 04/23/2022: cacert Updater Fixed has been completely recreated due to false alarms of some virus scanners and can be downloaded in the section 11.2.3. Downloads related to cacert.pem Certificate Update. 05/10/2022: ProxHTTPSProxy's PopMenu 3V1 has been released. Here is the link to my post of the initial release with the download link: https://msfn.org/board/topic/183352-proxhttpsproxy-and-httpsproxy-in-windows-xp-for-future-use/?do=findComment&comment=1218622 05/16/2022: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 04/28/2022. 06/05/2022: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 05/24/2022. 06/30/2022: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 06/28/2022. 07/17/2022: ProxyMII has been released. Here is the link to the post of its official release: https://msfn.org/board/topic/183684-looking-for-a-person-with-python-programming-skills-to-implement-tls-13-functionality-in-proxhttpsproxy-rev3e/?do=findComment&comment=1222235. 08/17/2022: ProxHTTPSProxy's PopMenu TLS 1.3 3V3 has been released. Here is the link to the post of its official release: https://msfn.org/board/topic/183352-proxhttpsproxy-and-httpsproxy-in-windows-xp-for-future-use/?do=findComment&comment=1224184 09/05/2022: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 08/23/2022. 10/06/2022: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 09/27/2022. 11/06/2022: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 10/25/2022. 12/09/2022: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 11/29/2022. 03/04/2023: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 02/28/2023. 05/09/2023: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 04/25/2023. 08/13/2023: ProxyMII has been updated. Here is the link to the post of its official release: https://msfn.org/board/topic/183352-proxhttpsproxy-and-httpsproxy-in-windows-xp-for-future-use/?do=findComment&comment=1250552. 09/01/2023: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 08/22/2023. 12/11/2023: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 11/28/2023. 04/05/2024: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 02/27/2024. 04/05/2024: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 03/26/2024. 08/20/2024: Both versions of Root Certificate and Revoked Certificate Updater have been updated and are now of 05/28/2024. 14/01/2025: Four download links renewed due to false positives by MediaFire. These four files are now password-protected to stop MediaFire from spreading even more nonsense. 13. Conclusion: At the beginning of this post, I said we had to ask ourselves whether these proxies would continue doing their job in the future or not. After all these observations and explanations, the answer to this question is quite clear: Yes, of course. And especially since we have our new TLS 1.3 proxies. But we have to avoid misconfiguration of these proxies, and in addition, we know they won't work properly without updating and carrying out maintenance. Doing all these things leads to a general, positive side effect for those loving their Windows XP. If all is done correctly, we are now able to use a freshly generated 10 years valid root certificate of ProxHTTPSProxy or HTTPSProxy at any time as long as Windows XP, Internet Explorer access to WWW, TLS 1.2 or TLS 1.3 functionality, Microsoft Update for Windows XP, or the user himself still exist. 14. Disclaimer: All information that I spread here corresponds to my level of knowledge. Most of it has been carefully researched by me. I tested all programs of the section 11. Downloads extensively, and they worked properly in my system. Nevertheless, I do not assume any guarantee either for the correctness and completeness or for the implementation of my tips. The same applies to the application of my tools in the section 11. Downloads. Therefore, all at your own risk! You can use the commenting zone below to tell us about your experiences, problems and questions or to provide further tips and recommendations. Any discussions about these proxies are explicitly welcome. If this article has not been able to resolve any issues related to these proxies, and you need further assistance with configuring or running them, I will try to help you as much as I can. But one thing must be clear, everything should relate to the topic of this thread. That means please stay on-topic! If you enjoyed this article or maybe, you found it interesting and helpful, I would be pleased about any reaction by liking, upvoting, and of course, commenting. Kind regards, AstroSkipper

Sorry, forgot it in my first post in 2023: I wish all of you a happy and healthy new year! The mirror of latest ArcticFox 40, BNavigator 0.9, Firefox 45ESR, IceApe 52, IceDove 52, K-Meleon 1.5.x/74/76, MailNews 52, New Moon 26.5/27/28, RetroZilla, RZ browser and Serpent 52/55 builds by @roytam1 has been updated -> soggi.org - tools. changelog: - added latest BNavigator 0.9 20230107 build - added latest IceApe 52 20230107 build - added latest IceDove 52 20230107 build - added latest K-Meleon 76 20230107 build - added latest MailNews 52 20230107 build - added latest New Moon 27 20230107 builds - added latest New Moon 28 20230107 builds - added latest Serpent 52 20230107 builds - added latest Serpent 55 20230107 builds To don't lose track of things I want to update too someday... todo: - add various flash player versions - add FlashFix for WinXP - add VLC 2.2.8 (WinXP non-SSE2) - add polyfill addons kind regards soggi

Success! MiniBrowser_1.0.0.121_XPx64_M works good without any changes on my XP x86 32 bits.. Thank you very much! - I still have to download v127 x64...tomorrow...and I'll get you my impressions...tomorrow.

By "you", you mean me or @XPerceniol? Because I am not registered on xpforums.com!

I wonder how many websites in general use certificates with unsupported (on XP) ciphers. I rarely see certificate errors on XP with 360Chrome (don't use the command line switch to ignore cert errors), though I do visit very small handful of web sites. Last time I ran root cert updater was in 2020 (the one by heinoganda). I know it doesn't check and installs some certificates that XP can't stomach.

I'm glad you're feeling very positive today @XPerceniol!

I know I couldn't do it, seems incredibly stressful, every week, for years.

But Avast 8 or older reportedly haven’t been getting definition updates since April 2020 (however 18.8 is the only version I ever used personally): https://forum.avast.com/index.php?topic=233272.0

@AstroSkipper Please bear in mind that the universal key given is ineffectual. Renewal environment is kaput. Of course it has been confirmed that the expired avast software will continue to work. If you are a bit fussy about it you'll have to do a clean install. It is the only solution that really works. Cheers

... And that's the root cause of your predicament... https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-setprocessdeppolicy

I have 923 updates installed on my system and I have the latest extended kernel everything works perfectly, I have made available the updated isos and updates on my youtube channel.

I have 923 updates installed on my system and I have the latest extended kernel everything works perfectly, I have made available the updated isos and updates on my youtube channel.

I already have it blocked via firewall. I still prefer software versions that don't contain such telemetry to begin with.

I'm not worried about ending support. My computer is behind a NAT, there is a firewall in front of it, and there is a firewall on the computer itself. I have already solved the problem with the end of support for browsers, too. My computer is powerful enough to run in the background in a Win 10/11 virtual machine, and the browser can be displayed on the desktop host in Unity mode, it supports VBox and VmWare.

@djole123 So, I'd already started investigating how I could remove the integrity check so you could try out further compatibility with OneCore API, when it suddenly occurred to me that this would be a waste of time, at least for me. The thing is, the only reason I'm using a Chinese derivative of Chromium is because it's deliberately compatible with XP as-is, and one of a handful of (also Chinese) still useful versions remaining. AFAIK 360 SE v14 has no provisions for XP x64, so I have no reason to pick it over other brands, because adding Chinese "goodies" to Google's is not something I'm interested in when I have more choice. Since this is really a case of having to use OneCore to run "a" Chromium clone on XP x64, 360 SE v14 has no advantages for me. The extra layers the Chinese have added to it would also probably make it less stable on OneCore. One more consideration: OneCore API binaries Github page says it's currently compatible with Chrome 102, but this v14 is based on 108, judging by its user agent string, so the chances of it working right now don't seem very high. I'm not at all opposed to you or anyone else using these Chinese browsers as a choice even if you have other options, but with all things being equal, I myself would choose something else. I'd probably start my trials with plain Chromium - to minimize the number of potentially troublesome features. In any case, best of luck, and don't let what I just said stop you if you want to proceed with getting 360 SE v14 working on XP x64 using OneCore API. And apologies for being so "I-my-me" above , I just wanted to make clear that I'm not claiming to represent the general sentiment around here.

good job @XPerceniol! very well said! 👏 abortions are bad and we need to find a way to stop them!

New build of BOC/UXP for XP! Test binary: MailNews Win32 https://o.rthost.win/boc-uxp/mailnews.win32-20230107-485bba73-uxp-7ecc55be2-xpmod.7z BNavigator Win32 https://o.rthost.win/boc-uxp/bnavigator.win32-20230107-485bba73-uxp-7ecc55be2-xpmod.7z source repo (excluding UXP): https://github.com/roytam1/boc-uxp/tree/custom * Notice: the profile prefix (i.e. parent folder names) are also changed since 2020-08-15 build, you may rename their names before using new binaries when updating from builds before 2020-08-15. -- New build of HBL-UXP for XP! Test binary: IceDove-UXP(mail) https://o.rthost.win/hbl-uxp/icedove.win32-20230107-id-656ea98-uxp-7ecc55be2-xpmod.7z IceApe-UXP(suite) https://o.rthost.win/hbl-uxp/iceape.win32-20230107-id-656ea98-ia-93af9a0-uxp-7ecc55be2-xpmod.7z source repo (excluding UXP): https://github.com/roytam1/icedove-uxp/tree/winbuild https://github.com/roytam1/iceape-uxp/tree/winbuild for UXP changes please see above.

Comparing abortion to wars seems a bit insidious to me...so basically a fetus (undeveloped human) vs. fully grown, fully aware of the situation human going to the slaughter, returning with a PTSD if he makes it. You won't convince me that the turn of events in the U.S. was a step forward. https://vanderbilthustler.com/2022/06/24/tadross-abortion-is-more-than-a-debate-over-murder/ At the end of the day, every cradle is the grave. Life kills life, humans just happen to be more creative in that department. The game is rigged, there's no winner in this meat grinder.

hi The tabs in Windows Explorer 10 mode are very bad, so I use Windows 11's own Explorer mode, but I had two problems that would be great if you could solve them. First of all, I wanted you to put a new option to move the copy paste cut options in Windows 11 explorer mode because the copy and paste options are very similar and if it is possible to move them so that it is copy first then cut and paste is better than first cut and then copy and paste Secondly, a very used option for me in Explorer Windows 10 mode is the permanent delete option in the form of a tab next to the delete option, because in Windows Explorer 11 there is only delete to the trash, which is done again and you have to permanently delete from the trash again. It would be great if you could put this permanent deletion option as a tab next to the normal deletion option in Windows Explorer 11 mode, or allow adding, deleting, or moving options in future updates. Thank you very much, I would appreciate it if you apply these two items in the next updates

Yes, I know this feeling very well.

Yeah, me too. Completely agreed! I even have respect for lions too.

I read that as 44,415,533 unwanted people spared from the burden of existence. Things are rough as they are and being a resented child is not good for either party. That said, I think it's better to prevent the situation that makes the abortion the only remaining option. Well, you think that unwanted people could be killed... dead... that's "an option". Hommes already kill unwanted people in the wars too... Not so good, what do you think...I't's NOT an option valable to kill the others, I think... But men are vicious, and have been killing others since Kain and Abel... I don't share the same opinion, that it is allowed to kill someone else for any reason. I have respect for life, the lives of people - and animals too. Wolves, lynxes, spiders, ants.... all have the right to life. Killing individuals of the same species is a total and unnatural perversion, only human ideologies and madness lead to this. See Nazism (national socialists), communism.... The Second World War was the deadliest military conflict in history. In total, more than 60 million people were killed, both civilians and soldiers, during six years. Here, we are talking about 44.42 million killed during only one year. The innocent, the defenseless. This is inhumane, cruel, deviant, unacceptable under any circumstances.

Do I deal with it? If you can call it "dealing with it", I try to comfort my mind with this thought: Funny thing, I only watched The Matrix in recent times, well, about 3,5 years ago actually. Either way, I don't think you're alone. Are you thinking about past friendships and how they've ended? If something lacked on both sides or just one side? I read that as 44,415,533 unwanted people spared from the burden of existence. Things are rough as they are and being a resented child is not good for either party. That said, I think it's better to prevent the situation that makes the abortion the only remaining option.

Very nice, great work, but IMO compiling KernelEx doesn't really fit here. This is not the topic here and a discussion would be off topic. It should be moved to https://msfn.org/board/topic/162223-kernelex-on-building-debugging-and-related-matters/.

Not to worry it still works fine and receives virus definitions etc.. If you want to get rid of that red x you can always do a clean install. Please go through this thread : https://forum.avast.com/index.php?topic=220639.285 On page one you can get 18.8 download also an off line installer is available. Do not forget to use avast clear for xp/vista from reply 295 AvastClear.exe file is 9.63 MB (10,105,016 bytes). https://install.avcdn.net/iavs9x-xp/avastclear.exe Cheers PS: I'll be doing this in about 9 days since I got 8 days left .

- Moved all edited browsers to the Internet Archive (hope the platform exists forever). - Created simple lanchers for each browser (BATCH) (they have to be put in the same place the executable of the browser is to work). - Created a rebase BATCH script for each browser (only for the main DLLs of the browser like chrome.dll and/or chrome_child.dll). The "rebase" folder has to be on the same place the executable of the browser is and then you can execute the "rebase.bat" file inside that folder). All files can be seen easily here --> https://archive.org/download/360EE_Modified_Version Cheers.

Why I switched from Avast! to WiseVector StopX There is a very specific reason why I have recently started recommending WiseVector StopX. Until now, I have always used products from Avast! and was also satisfied. On my old computer, which is low on resources and performance, I actually had Avast! Premier installed on my Windows XP partition and had been using it for many years. This year, unfortunately, I had several negative experiences. More and more often, the GUI shut down completely and showed only an empty, white window. Only a repair installation could revive it. In addition, programmes that were reported as false positives were not ignored as offered and excluded from further monitoring. Instead, their access was completely blocked and no longer released. Furthermore, again and again, almost periodically, the Avast! service caused a very high and prolonged CPU load. All these problems prompted me to uninstall the entire Avast program package. And then came the next set of difficulties. The uninstall routine is an imposition. An uninstallation had not really taken place. Whoever programmed this routine should be fired! All files and program folders were not deleted. Thus, completely useless! Even the special Avast uninstaller "Avast! Clear" could not remove everything. So I had to do it manually. The main program folder could not be deleted. Not even with administrator rights. Same with a booted Linux and Mini Windows XP from outside. Both could not delete anything from the locked files and folders. So I was thinking about a proper solution how to delete the locked folders and files. By the way, I am writing this to spare others similar problems. Anyway, the solution is either one tries to delete it under the user account System, whose rights can be obtained with suitable tools (for example RunAsSystem), or one falls back on good old DOS. And this is how I did it. I booted my computer into a real DOS mode and used Volkov Commander to delete all the locked files and folders. DOS doesn't give a damn about accounts and permissions. What needs to be deleted, gets deleted. DOS was my first OS on an IBM compatible PC, and it is an endless love. In any case, this approach was the right way to get rid of all remnants of Avast! Premier. BTW, before uninstalling, I measured the amount of disk space which was consumed by Avast!. And I was stunned. It was about 1.5 GB in many different folders. Unbelievable! After that torture, I installed WiseVector StopX at last. I configured it as well as possible and tested it deeply. WiseVector StopX is very light-weight and consumes approximately 100 MB of disk space in only one program folder. It has less RAM usage, very low CPU load and is easy to handle via its tray icon. On my old computer, it's simply perfect. The performance of my system has been increased, all actions are much faster than before. In short, I am impressed and very happy with my switch to this antivirus program. Cheers, AstroSkipper

@Dave-H Try this font --> https://www.mediafire.com/file/op0i6rdpd0mkou1/SegoeUIEmoji_edited.ttf/file Cheers.

The previous version of that font implemented some code to make it thicker but the build process took so long the author left the thicker-fallback variant out of the newer release. I decided to build the font and it took 2 days (with huge breaks because electricity problems lately). Here there are --> https://www.mediafire.com/folder/1hf8d38zg8seq/Fonts There is one that is original and one that has the fake Segoe UI Emoji ID. If you want to use the original instead the CSS name is "Twitter Color Emoji Thick" Regarding Unicode compatibility with XP I also found some fonts that may be useful to some. - Code2000 --> http://www.code2000.net/ (Huge Unicode compatibility for Plane 0) The other downloads are for Plane 1 and Plane 2. Unicode Planes --> https://en.wikipedia.org/wiki/Plane_(Unicode) And, - Arial Unicode MS --> https://www.download-free-fonts.com/details/88978/arial-unicode-ms --> https://en.wikipedia.org/wiki/Arial_Unicode_MS They are very good fonts for wide unicode coverage.