AstroSkipper

Hello @tinspin! I did not test my program package ProxHTTPSProxy's PopMenu TLS 1.3 3V3 on Windows 7. It was successfully tested on Windows XP 32 and 64 Bit, but I can't see any reasons why the proxy itself shouldn't also run under Windows 7. The commands to show or change the system's proxy status will not work, though. They are compatible with Windows XP and below. Read my documentation, check the stated system requirements, and try it out! And please, report back here! Here is the link: Cheers, AstroSkipper

It's really a strange, "funny" issue. If I turn the website style off and then on again, the fields for the login are visible again. Therefore, with switching the website style I finally could log into my account. I wonder seriously what's going on there. In the past, I never had such problems.

Hello @mina7601! No problem! Personal matters always have the highest priority. Wish you the very best! Kind regards, AstroSkipper

Update notification! Both versions of my Root Certificate and Revoked Certificate Updater have been updated and are now of 09/27/2022. You can find them in the section Downloads -> Latest Downloads -> Downloads related to Root Certificate Updates in the first post of this thread. Cheers, AstroSkipper

The login to the website https://outlook.live.com/ (formerly Hotmail) doesn't work anymore in New Moon 28 (2022-09-29). Tested with a clean profile, too. Here is a screenshot: I don't know how long this problem has existed. Haven't logged in there for a while.

uBlock Origin uBlock Origin (uBO) is not an "ad blocker", it's a wide-spectrum content blocker with CPU and memory efficiency as a primary feature. Out of the box, uBO blocks ads, trackers, coin miners, popups, etc. through the following lists of filters, enabled by default: EasyList (ads) EasyPrivacy (tracking) Peter Lowe’s Ad server list (ads and tracking) Online Malicious URL Blocklist uBO's own lists More lists are available for you to select if you wish: EasyList Cookie Fanboy Annoyances AdGuard Annoyances Dan Pollock’s hosts file And many others Additionally, you can point-and-click to block JavaScript locally or globally, create your own global or local rules to override entries from filter lists, and many more advanced features. uBlock Origin is and was my favourite content blocker. But, to get the more recent versions running in Mypal 68, you have to set the variable dom.moduleScripts.enabled to the default value of true. If not, it will break the gui of uBO. Tested version: 1.46 Here is uBO's wiki: https://github.com/gorhill/uBlock/wiki And the following link opens a short guide: https://www.online-tech-tips.com/software-reviews/ublock-origin-the-ultimate-review-and-guide/ Download link: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/

News about uBlock Origin Legacy! Since version New Moon 28 (2022-09-29), neither a CSS fix nor the setting of uiStyles from unset to font-family: sans-serif is needed anymore. Big thanks to @roytam1! To accelerate the updating of the filter lists and fix the eternal waiting for update end, you can now download the version uBlock Origin Legacy 1.16.4.31b2, only modified in terms of the filter lists, from the previous post. And, don't forget to remove all remnants of uBlock in your profile folder before installing my mod, as already described above! Cheers, AstroSkipper

Thanks for the hint! Never heard of it! I'll have a look at this tool at the next opportunity. Cheers, AstroSkipper

I've got a licence of Malwarebytes for nearly 11 years. I loved Malwarebytes Anti-Malware 1.75 as an on-demand scanner. My licence is also valid for Malwarebytes Premium 3.5.1.2522, the last version for Windows XP. Unfortunately, I couldn't get this version running at all. It crashed and had problems in loading its components. This was a known issue and also discussed in Malwarebytes Forum. In the end, their experts couldn't provide a solution to fix this issue, though. I had several trials installing Malwarebytes Premium 3.5.1.2522 on different Windows XP partitions without any real success. At that time, I was very disappointed with Malwarebytes which always claims to be compatible with all programs. Anyway, I gave up on this version. Therefore, I use Malwarebytes Anti-Malware 2.2.1.1043, which works properly on Windows XP, but only as an on-demand scanner. In my opinion, Malwarebytes is not a full replacement for an AV program as, for example, Avast. But, as an on-demand scanner, to get a second opinion, it's useful although the old Malwarebytes Anti-Malware 1.75, which is no longer supported, was less bloated and much faster. Cheers, AstroSkipper

Very strange! I use avast! Premier Edition for more than 10 years and never observed such problems. No issues with YouTube, no errors in loading the Avast user interface, i.e. the Avast service. Maybe, your system lacks of some components which Avast needs to run properly. Or, Avast became faulty while installing, caused by another program which was interfering the installation. Did you use an offline installer? As far as I can remember (it's more than 10 years ago!), I had difficulties using the online installer. And, you have to configure Avast properly and carefully after installation. Anyway, I can confirm that Avast has been running perfectly under Windows XP for more than 10 years now. I disabled its firewall component to get it running in combination with Windows 10 Firewall Control Plus XP, my favourite firewall for Windows XP. The latest and last version in my system is avast! Premier Edition 18.8.4084.409 (18.8.2356.0). And if you had already installed Avast in the past, you should first use the avast! Uninstall Utility 18.8.4084.0, whose executable is avastclear.exe, in Safe Mode, of course, to get rid of all remnants of previous installations. Cheers, AstroSkipper

In my search for a replacement for ESET NOD32 Antivirus on my second XP partition, I also came across WiseVector StopX 3.07. Although I have considerable reservations about Chinese software in principle, I did some research on the Internet. The result of my research was very promising. I read many positive reviews and tests. Since Windows XP still seems to be quite common in China, I fear that one will not be able to do without software from this country altogether if one wants to continue using Windows XP. Not to be biased, I gave WiseVector StopX a chance in my system. I have deactivated its firewall component and it runs in combination with Windows 10 Firewall Control XP. After my first experience with this AV solution, I am really impressed. It runs much smoother than ESET NOD32 Antivirus, and it's free of charge. More impressions coming soon! Cheers, AstroSkipper

If Avast has been really swallowed up by Norton, then this means the soon end of any support for old Avast products. Norton was quite fast out of the AV business when official support of Windows XP was abandoned by Microsoft, so I fear bad things for the XP fan community. Besides, I never liked Norton AV products for Windows XP.

Maybe, it depends on the OS which is used. But, I don't think so. It is more likely that ESET abandoned updating virus databases on all editions up to and including version 9. That's the way ESET usually behaves.

Windows is basically able to switch summer and winter time by itself automatically. The user do not have to do that manually. This works with most applications except 360Chrome which has obviously a DST problem in Windows XP.

No problem! My Avast Premier is still working, and that's much more important. It was amazing how long ESET kept updating the virus database. I thought they would stop updating much earlier.

@VistaLover! The prevoius post was not meant to be funny, and there is and was no dose of sarcasm. I have the greatest respect for you and always enjoy the detailed analyses you disseminate here. And, you actually should know that, hopefully! When I wrote about Advanced Chrome, I did not find information about the special XP compatible version 54 on its homepage anymore. Therefore, I searched in our forum and saw the string Chrome 49/52/54. It was my mistake not reading deeply your comment, which means I misread your statement. And, as I already stated, my next mistake was not using the Wayback Machine. Anyway, I have the greatest respect for you, appreciate your expertises and knowledge, which is rather rare in this forum. I am beginning to fear you have somehow totally misunderstood my comment. My conclusion: Either my English was not good enough, causing you to totally misunderstand me, or you read my comment with a misguided intention. Anyway, we are all human and subject to an age-old rule, which is: Errare humanum est. The old Romans were wise and already knew that! By the way, I am also well over 50 and know very well the problem with age-related memory. Kindest regards, AstroSkipper

I have two partitions with Windows XP Professional SP3 installed, both fully updated, the first with and the second without all POSReady updates. On the first one, I use Avast Premier for at least 10 years and it's simply great although a bit too bloated. The Avast Free Edition lacked of some important features and therefore, I chose the Avast Premier Edition. On the second XP partition, I used ESET NOD32 Antivirus as an alternative for a long time. It was satisfactory, too, but from the very first it had the problem of not being able to be uninstalled properly. Now, I've uninstalled it and going to try a new alternative. In any case, an AV based on virus definitions, which has to be downloaded by the program, must be updated regularly. If not, it is useless for me and reached its end of "life". Cheers, AstroSkipper

Update notification! The Root Certificates have been updated and are now from 27-09-2022. Here is a screenshot: Cheers, AstroSkipper

Unfortunately, I have to confirm your observation. ESET NOD32 Antivirus 9 can't update its virus definitions anymore. And, that's definitely the end for ESET on my computers. Due to this fact, I uninstalled it completely which is not as easy as it is for other AVs. As expected, it was impossible to remove ESET NOD32 Antivirus 9 via its uninstaller under the System Panel -> Software. Same problem if applying its entry in the Start Menu. Such experiences, I had made a lot with ESET in the past. Here are the steps how to uninstall ESET NOD32 Antivirus 9 completely in Windows XP: Download ESETUninstaller 7.0.7.0 (legacy version): https://help.eset.com/eset_tools/ESETUninstaller_7.0.7.0.exe Restart your computer in Safe Mode. Execute ESETUninstaller_7.0.7.0.exe. Read carefully the instructions and options in the cmd window. When finished, restart your computer. You can only uninstall ESET NOD32 Antivirus 9 in Safe Mode. Here is a link with a more detailed instruction for different Windows versions provided by ESET: https://support.eset.com/en/kb2289-uninstall-eset-manually-using-the-eset-uninstaller-tool Rest in peace, ESET! Cheers, AstroSkipper

Congrats! Glad it works for you!

My source must have had the wrong version numbers then. My source wasn't read correctly by me. It's simply much better to use original sources as you did. I didn't find the release info on the homepage anymore and didn't think of the Wayback Machine. Thanks for your research and correction! You can be relied on! Unfortunately, the process of dying of 360Chrome v11 is also in full swing. On VirusTotal (new interface), it no longer works at all, and on GitHub, it does not work properly, either. All in the last few weeks. And here, your post from August (my source! ): I wrote so much in the last days, I misread your post! Frankly and also tragically, I think it won't be long when Chromium-86-based forks don't work properly, either. Greetings from a "blind" man! AstroSkipper

Hello @VistaLover! You are absolutely right! Sorry again for my generalization regarding 360Chrome and DST! Next time, I will clearly define the conditions under which my statements are valid, as I usually do. Just strictly mathematical! To check my statements, I opened the web page https://browserspy.dk/date.php in Advanced Chrome. And here, the local time is displayed correctly. To illustrate this, here is a screenshot of Advanced Chrome's Date and Time Information on BrowserSPY compared to my system time: Advanced Chrome is based on Chrome 49/51/54 48/51/54, which seems to be more compatible with Windows XP, or, simply better ported than 360Chrome v11, and is able to show the correct local time. If there were a bug in Windows XP itself, Advanced Chrome wouldn't show the correct local time. According to this, I believe that neither Windows XP itself nor the POSReady updates are responsible for this error. Anyway, I can only confirm that on Windows XP Professional SP3 fully POSReady updated, the browser 360Chrome v11.0.2031 rebuild 8 (ArcticFoxie) does not show the correct local time if there is DST in the time zone as it is the case here in Germany. Without any claim of correctness, my conclusion is forcibly the following: The browser 360Chrome v11 is based on Chrome 69, which was not originally developed for Windows XP, either, and probably much more incompatible than Chrome 49/52/54 48/51/54. Thus, I suspect that something went wrong when restoring XP compatibility in 360Chrome. In contrast, establishing Vista compatibility apparently went smoothly. All of it only in terms of the local time in combination with DST, of course. Kindest regards, AstroSkipper

Thanks for your detailed clarification! I didn't notice that, indeed. I do not use Windows Vista, and logically I do not read threads in the dedicated Vista forum, either. Of course, I can only confirm that on Windows XP, 360Chrome does not show the correct local time if there is DST in the time zone as it is the case here in Germany. But New Moon 28 does. Therefore, I assume it is rather a problem of Chrome browsers in Windows XP than a bug in Windows XP itself. I read a lot of such posts and articles about Chrome and its DST problems in the internet. It does not seem to be a rare problem. Anyway, thanks again! Kindest regards, AstroSkipper

Certificates - CA and Root Certificates Although Windows XP was abandoned and updates of root certificates were not provided anymore by Microsoft for this OS, we still found ways to update them. And, if we want to install one of our TLS proxies, we have to install a CA certificate to get them working. In both cases, certificates are needed, and this short article is intended to shed some light on this certificate jungle with regards to our TLS proxies. The CA certficate of ProxHTTPSProxy A certificate authority (CA) is a trusted entity that issues digital certificates. These are files that cryptographically link an entity to a public key. Certificate authorities are an important part of the Internet's Public Key Infrastructure (PKI) because they issue the Secure Sockets Layer (SSL) certificates that browsers use to authenticate content sent from web servers. All popular web browsers use web servers' SSL certificates to keep content delivered online secure. They all need to trust certificate authorities to issue certificates reliably. SSL certificates are used in conjunction with the Transport Layer Security (TLS) protocol to encrypt and authenticate data streams for the HTTPS protocol, and are therefore sometimes referred to as SSL/TLS certificates or simply TLS certificates. The first time ProxHTTPSProxy is started, it creates the keys for a certificate authority in its program directory if there is none. This file CA.crt is used for on-the-fly generation of dummy certificates for each visited website which are stored in the subfolder Certs. And, there is a second file called cacert.pem located in ProxHTTPSProxy's program directory. This file cacert.pem contains the currently valid root certificates (will be considered in more detail below) used by the proxy to verify the server connections. Since your browser won’t trust the ProxHTTPSProxy's CA certificate out of the box, you will either need to click through a TLS certificate warning on every domain, or install the CA certificate once so that it is trusted. It has to be installed in the Trusted Root Certification Authority of Windows XP and in some cases additionally in the Certificate Manager of a browser as in the cases of New Moon, Pale Moon, Firefox, and others. The Internet Explorer doesn't possess an own certificates store and uses the Trusted Root Certification Authority of Windows XP. Typically, digital certificates contain data about the entity that issued the certificate and cryptographic data to verify the identity of the entity, including the entity's public key and expiration date for the certificate, as well as the entity's name, contact information, and other information associated with the certified entity. Web servers transmit this information when a browser establishes a secure connection over HTTPS. In doing so, they send to it the certificate and the browser authenticates it using its own root certificate store. The following graphic illustrates the structure of a Certificate Authority as for example GlobalSign: SSL/TLS certificates are based on PKI as mentioned above, and there are a few key parts that need to be in place for the SSL certificate to work: A digital certificate (for example, an SSL/TLS certificate) that proves the website’s identity. A certificate authority that verifies the website and issues the digital certificate. A digital signature that proves the SSL certificate was issued by the trusted certificate authority. A public key that your browser uses to encrypt data sent to the website. A private key that the website uses to decrypt the data sent to it. Here is another graphic to illustrate the role that a certificate authority (CA) plays in the Public Key Infrastructure (PKI): When installing such CA certificates in Windows XP manually, then there is something else to note. It can be of crucial importance whether one installs a root certificate under the account of the Current User or Local Computer. In the first post of my thread, you can find more information on that. Furthermore, exiting ProxHTTPSProxy completely, deleting the old CA.cert file in ProxHTTPSProxy's program directory, and restarting ProxHTTPSProxy will result in the generation of a new CA certificate CA.crt that will be valid for another ten years. In addition, the certificate bundle cacert.pem should be updated, at best regularly. You can do that with the tool cacert Updater Fixed which can be found in the download section under Downloads related to cacert.pem Certificate Update in the first post of this thread. This tool is also included in my program package ProxHTTPSProxy's PopMenu. And, that is the moment to note something very important. Any change to a ProxHTTPSProxy installation regarding the CA certificate or a severe system crash while one of the proxies is running in the background always requires a reset of all dummy certificates in the Certs subfolder. The word "reset" at this point means deleting all certificates that have been created in the Certs folder, manually by the user. The next time the proxy is started correctly, all necessary certificates will be created again when the corresponding websites are accessed. Here are a few screenshots of ProxHTTPSProxy's CA certificate (German edition of Windows XP, sorry!): The Root Certificates of Windows XP In cryptography and computer security, a root certificate is a public key certificate that identifies a root certificate authority (CA). Root certificates are self-signed and form the basis of an X.509-based PKI. Either it has matched Authority Key Identifier with Subject Key Identifier, in some cases there is no Authority Key identifier, then Issuer string should match with Subject string (RFC 5280). For instance, the PKIs supporting HTTPS for secure web browsing and electronic signature schemes depend on a set of root certificates. A certificate authority can issue multiple certificates in the form of a tree structure. A root certificate is the top-most certificate of the tree, the private key which is used to "sign" other certificates. All certificates signed by the root certificate, with the "CA" field set to true, inherit the trustworthiness of the root certificate. A signature by a root certificate is somewhat analogous to "notarizing" identity in the physical world. Such a certificate is called an intermediate certificate or subordinate CA certificate. Certificates further down the tree also depend on the trustworthiness of the intermediates. The following graphic illustrates the role of a root certificate in the chain of trust: The root certificate is usually made trustworthy by some mechanism other than a certificate, such as by secure physical distribution. Root certificates are distributed in Windows XP by Microsoft and located in special certificate stores. These certificate stores may be viewed through the Certificates snap-in Certmgr.msc in the Microsoft Management Console (MMC). You can open the Certificates console focused on the Current User on a Windows XP computer by opening Certmgr.msc in the Run dialog box. Here is a screenshot of what you see running this command (German edition of Windows XP, sorry!): The root certificates of Windows XP can be updated by @heinoganda's Certificate Updater or by my self-created Root Certificate and Revoked Certificate Updaters, in both cases to the most recent ones provided by Microsoft. These updaters can be found in the download section under Downloads related to Root Certificate Updates in the first post of this thread. There is no automatism for this updating. It must be done manually by the user and, if possible, regularly. @heinoganda's Certificate Updater is also included in my program package ProxHTTPSProxy's PopMenu. Greetings from Germany, AstroSkipper

I am talking about downloading a release from the assets on GitHub. Worked fine with palefill 1.21 the last time in the latest release of New Moon 28. I did not say anything about ZIPs from the repos.