Xtremetic

The link to office2003-sp3-x86.ulz takes you to a page with this message 'We could not find the attachment you were attempting to view'.

It is easy to obtain ISOs of WIndows XP from bitorrent or from numerous blogspot sites, but this is a risky thing to do because maliceous code could be inserted into the ISOs to compromise your security. Other legitimate sources are no longer available because XP ISOs are no longer made available to MSDN/Technet subscribers and the Digital Rivers download site no longer exists as far as I can tell, although there are links available for Windows 7 ISOs from Digital River. However, if you can obtain the files names of the original XP downloads from MSDN/Technet along with their SHA1 or MD5 checksum values you should be able to find them archived elsewhere with reasonable certainty that they are untouched ISOs originaly from an authorised source. I post here a list of file names and hash values for XP ISOs that probably originated from MSDN/Technet and you can Google the file names to find downloads for them. Of course, there is no guarentee that either the file names or hash values provided here are authentic. Windows XP Professional with Service Pack 3 (x86) Retail CD (English) Size: 589.14 MB MD5: F424A52153E6E5ED4C0D44235CF545D5 SHA1: 1c735b38931bf57fb14ebd9a9ba253ceb443d459 ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) VL CD (English) Size: 589.14 MB MD5: 5BF476E2FC445B8D06B3C2A6091FE3AA SHA1: 66ac289ae27724c5ae17139227cbe78c01eefe40 ISO/CRC: FFFFFFFF Windows XP Professional N with Service Pack 3 (x86) VL CD (English) Size: 597.83 MB SHA1: a8143d52f60e4acc73d5f267f05ad833f034d453 ISO/CRC: FFFFFFFF Windows XP Home with Service Pack 3 (x86) Retail CD (English) Size: 564.72 MB SHA1: 5a6b959ad24d15dc7ebd85e501b83d105d1b37c6 ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) Volume CD (French) Size: 592.14 MB SHA1: 187fa9ee4e682fce20be6bc5bc092efcb6aafd11 ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) Volume CD (German) Size: 591.06 MB SHA1: 55ad061ba1054da5ec800924b03337674e5a1262 ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) VOL CD (Italian) Size: 586.23 MB SHA1: a04d68b0fc8b97eec1da9277e5d8126f318596dc ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) Volume CD (Spanish) Size: 590.51 MB SHA1: a47603256d7645a2f2788466153ffcd058f77c56 ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) Volume CD (Portuguese - Brazil) Size: 587.23 MB MD5: 178fbe2d83d694ec5a53cc9cfe89ab6f SHA1: 015f13f28655957c93fe20d287ea62a50be64a95 ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) Retail CD (Simplified Chinese) Size: 601.04 MB SHA1: 69dbf131116760932dcf132ade111d6b45778098 ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) VL CD (Simplified Chinese) Size: 601.04 MB MD5: e74d72f3d90456003e9e02ba0fb7da61 SHA1: d142469d0c3953d8e4a6a490a58052ef52837f0f ISO/CRC: FFFFFFFF Windows XP Home with Service Pack 3 (x86) Retail CD (Simplified Chinese) Size: 583.45 MB SHA1: f15ef466b1d87b1ffdadc246b8ce82287bd15ed5 ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) Retail DVD (Japanese) Size: 630.21 MB SHA1: 3125aaed8f40a5d8a10dbb959a03e39acc0d9fcb ISO/CRC: FFFFFFFF Windows XP Professional with Service Pack 3 (x86) VOL DVD (Japanese) Size: 630.21 MB SHA1: 8719219c7a77756a904f4bb9fd2f32781f091c22 ISO/CRC: FFFFFFFF Windows XP Home with Service Pack 3 (x86) Retail CD (Japanese) Size: 608.73 MB SHA1: a907477482a45f0c7617e384b1b8a69802bc815c ISO/CRC: FFFFFFFF Windows XP Home K with Service Pack 3 (x86) Retail CD (Korean) Size: 586.84 MB SHA1: e81c5e6e7aa34e32091538462d963488dc08ef66 ISO/CRC: FFFFFFFF Windows XP Home KN with Service Pack 3 (x86) Retail CD (Korean) Size: 572.42 MB SHA1: 3c88bb786aefff3aabb90c02aa7d569c6aa459c2 ISO/CRC: FFFFFFFF Windows XP Professional K with Service Pack 3 (x86) Volume CD (Korean) Size: 634.25 MB SHA1: aa00d0e694e0d885d654241d74e9654373f222eb ISO/CRC: FFFFFFFF Windows XP Professional K with Service Pack 3 (x86) Retail CD (Korean) Size: 634.25 MB SHA1:cad31b63f9ec47aeaf6e3bded9d36425ddb3183a ISO/CRC:FFFFFFFF Windows XP Professional KN with Service Pack 3 (x86) Retail CD (Korean) Size: 615.45 MB SHA1: 6fd792c71bfa085273472a52aeee1757007c74fa ISO/CRC: FFFFFFFF Windows XP Professional KN with Service Pack 3 (x86) VOL CD (Korean) Size: 615.45 MB SHA1: 723f0206cf09e5c8693de5eeaee7da849e734bc8 ISO/CRC: FFFFFFFF

Thanks to jaclaz and mukke for lending their expertise to this thread. The batch file provided by mukke looks interesting. I assume that you have to change into the HFSLIP directory before starting the batch file, although I cannot understand how HFSLIP itself contributes anything to the modification of sfcfiles.dll. I wonder what change is being made to the code for "%systemroot%\system32\drivers\tcpip.sys" inside sfcfiles.dll by mukke's batch file. Does it 00 out the first letter of the filename part of the path in sfcfiles.dll, or does it put a \ (plus a 00 to terminate the string) at the start of the entry as ElTorqiro recommends? I suppose for a n00b like me the best option would be to use an application on a live system that lets the user choose from a list which file he wants excluded from WFP monitoring. I don't suppose such an application exists. Another approach, apart from disabling the entry for tcpip.sys in sfcfiles.dll, would be to modify the relevant security catalogue in the {F750E6C3-38EE-11D1-85E5-00C04FC295EE} folder. For someone like me this looks like a formidable task as there are dozens of these .CAT files and I have no idea how I would identify the relevant cat file for tcpip.sys. As far as I can see the .CAT files contain SHA1 hashes for each protected file, so I assume that these SHA1 values would need to be modified. Of course there is always the possibility that a Windows security update could over write my hacked version of tcpip.sys. I did once see instructions for how to prevent the infamous KB971033 from being installed using the Group Policy Editor, so this could be one possibility for protecting my hacked tcpip.sys.

I looked at the article by Fred Vorck at http://www.vorck.com/windows/xpsp4.html and in the section called 'Random Notes' he recommends using Modifype to fix the headers of modified dlls so that they show an updated checksum, and WFP will not identify them as corrupt. As far as I can make out ModifyPE is intended to prevent the "File was not copied correctly" error during Windows setup using an installation CD with hacked system files that are slipstreamed into it. It may not aaddress the issue of of the hacked system files being detected as corrupt by WFP. Another approach advocated by ElTorqiro here http://www.msfn.org/board/topic/98306-wfp-app-for-removing-individual-files-from-monitoring/?mode=linearplus is to hack sfcfiles.dll so as to disable the entry for the system file you want excluded from protection. Unfortunately, there does not seem to be an app that can do this for you so you have to use HexEdit to get the job done. Then you can then insert the modified sfcfiles.dll into the REPLACE/i386 folder.

I intend to have WFP runining as normal with my Windows installation made with a slipstreamed installation CD. This seems like a good policy given my level of expertise. If the installation includes patched system files they may be overwritten when I run System File Checker. Unfortunately the Windows 2000/XP/2003 version of SFC does not ask the user if he wants to replace an incorrect system file in the way that the Win98SE version of SFC did.

I have a patched version of tcpip.sys which enables 100 concurrent connection ports and I want to put it in my REPLACE\i386 folder. There could be a problem with this patched version of tcpip.sys in the installed XP being replaced when I run System File Checker. I assume that the file size would no longer tarry with the information in a security catalog. I wonder if there are addons for patched system files that would somehow make XP perceive them as legitimate and not be rejected by WFP. For instance, there is an addon offered at the RyanVM forum to allow the integration of patched dlls into XP to enable software Raid-5. I wonder if this would work with HFSLIP, the RyanVM Integrator and nLite, and would it resolve WFP problems. You can obtain it here: http://www.ryanvm.net/forum/viewtopic.php?t=713 Name of file: Rikgale_XPRAID5_addon_v1.cab

I have previously attempted to use nLite, but with unsatisfactory results because it breaks things and unattended setup never seems to work the way I want it to. I know thousands of people swear by it, so the problem could be me. Anyway, I took the plunge with HFSLIP and the results have exceeded my expectations. I was skeptical about it's ability to slipstream WMP11 and IE8 after reading some comments in forums and articles online, especially as the official HFSLIP website does not inspire confidence in slipstreaming these items. I used these files in the HF folder -wmp11-windowsxp-x86-enu.exe and IE8-WindowsXP-x86-ENU.exe, along with 134 security and hotfix updates, excluding the security updates for IE8 and WMP11. Everything integrated without hitch and once Windows XP Home Edition was installed Automatic Updates provided a list of the security updates needed for these two applications. It seemed unlikely that HFSLIP could integrate their security updates without them being slipstreamed into Windows first, then running HFSLIP a second time on the Sources folder to slipstream their updates. However, I did make a second ISO with IE8, WMP11 and their updates slipstreamed together, and once Windows was installed Windows Update did not indicate that these updates were required. I tried running WMP11 by playing an mpeg, avi and wmv file and everything seemed fine. IE8 appeared to be working OK. The only problem I experienced was UnattendSwitch="Yes" in winnt.sif that is attended to suppress the 'Lets setup Windows XP now' wizard. I found that it produced a number of spurious User sub folders in the Documents and Settings folder. I was particularly surprised at the successful integration of WMP11, because nLite cannot use the Microsoft installer, but requires the WMP11 Slipstreamer to be used first on the source. Similarly, nLite cannot slipstream the Microsoft DX9.0c June 2010 update, but needs a custom addon instead. From my limited experience of HFSLIP I conclude that it is the most powerful and flexible XP/2K/2003 slipstreamer available, and although it presents a steep learning curve for newbies, the time and effort mastering it is worthwhile. OK, where do you make a donation? winnt.sif