Home and Links
 Your PC and Security
 Server NAS
 DVD making
 Raspberry Pi
 PIC projects
 Other projects
 Next >>

Setting up a Windows XP computer

New XP setup
WARNING: By 'default', more and more 'free' software (and even some Open Source) will install unwanted 'tool bars', reset your Browser 'Home Page' and 'hijack' your file 'associations' - some even install a 'replacement' Browser (Google Chrome being a favourite). Whilst you can (usually) remove the unwanted garbage later, it is far better to avoid this sort of crapware being installed in the first place. So ALWAYS look for the 'Custom install' (aka 'deselect the crapware') option :-)

XP end of support (sp4)

On April 14 2014 Microsoft ended support for Windows XP - so you might have expected MS to issue an official 'roll-up' package containing all the bug fixes since sp3 - 'sp4' perhaps ? Fat chance - MS would rather sell you Windows 8.1 ("the kiddie tablet version") = see note 1. Although MS will continue to make all the existing XP 'fixes' available for download, this means anyone re-installing XP will find it downloads and installs over a gigabyte of fixes as soon as they plug in the network cable !

Fortunately the XP 'user community' have put together their own 'sp4' (which requires only base XP with sp1). Since MS may slap a 'copyright take down' on this at any time (it's hosted on Google drive), I recommend you grab a copy now !

Note 1. Those worried about XP end of support should ignore MS 'suggestions' re: 8.1 and migrate to Windows 7 (64bit), which has a 'built in' XP 'mode' and is thus able to run all your existing (paid for) XP 32 bit applications (unlike Windows 8/8.1, which has no XP mode and will 'just say no')

What to do after a 'factory restore'

When your XP computer is 'restored' to the 'factory ship' level, on first boot you may well discover it tries to re-install all the useless bloated commercial 'free trial' garbage that it originally shipped with

Having installed the Recovery Console and setup your RAID, the next step is discover what 'auto-configuration' crapware traps are waiting for you - and then 'disable' them before they 'drop you in it' :-)

See later = typically all that is needed is to boot into Safe Mode, find the 'Run Once' entries and delete them all. Be careful, however, that you don't disable some Operating System set-up choices (eg language / keyboard layout etc))

After 'defusing the crap traps', you should remove the useless applications (and disable the dangerous Services) that Microsoft loads by default (to allow Corporate Domain IT Administrators, and web based hackers, to take remote control over your computer).

Most computers have Windows 'pre-configured' by the manufacturer. The configuration they choose may well differ from Windows default. Generally, however, they are likely to make it even LESS secure, since they typically 'enable' all sorts of 'Help and Support' services along with a 'back door' Help User account (i.e. so they can take over your computer via the Internet). Remember - the criminal already knows all the manufacturers default passwords !

You then need to install a 'secure' browser (i.e. anything other than MSIE :-) ) plus Firewall, Anti-virus & Antimalware software and perform your first local backup. After checking that you have secured your home network, you can finally risk using your new PC to browse the web.

How should I set my folder 'View' options ?

By default, Microsoft 'hides' many things from the user, including the 'extensions for known file types'. This helps the virus writer fool you into running an executable (.exe, .com, .scr, .cmd, .bat etc.) by sending you a file like 'nude.jpg.exe' (you will just see 'nude.jpg' since Windows 'hides' the .exe by default).

Microsoft's 'default' settings are intended to make life easier for Corporate IT staff = which also makes Microsoft the hackers and virus writers 'best friend'

So go into Tools / Folder Options / View and remove the tick from 'Hide extensions for known file types' (and 'Hide protected operating system files') - and while you are at it, tick 'Display the contents of System Folders' and 'Show hidden files and folders' ... and then click the 'Apply to all folders' button.

What about the Desktop ?

Many people like the 'default' Windows XP desktop. I don't = I think a background 'image' is distracting and whilst an 'empty' desktop (without 'My computer' etc) may look 'nice' it means more mouse movements and clicks to reach common functions.

If, like me, you want 'My computer' and 'Recycle Bin' where you can see them, I suggest selecting the 'Classic Start menu'.
While you are at it, you should remove the 'Hide inactive icons' from the Taskbar settings (I enable 'Lock the taskbar' and 'Keep taskbar on top', and disable the rest ('Auto-hide ..', Group similar ..' and 'Show Quick Launch' etc.).
The more Windows 'hides' from you the more likely some virus will be able to get it's teeth into your PC without you ever noticing ..

Logical? file list order

In Windows 2000, if you listed files 'by name', you would get a strict alphabetical listing order (so 1. 1a. 111. 2. 20. 2b. 3. 3a. 3a1. 9. 9a. 99. and so on). From XP Microsoft got 'clever' and decided to show files in 'numerical order'. So you would get 1. 2. 3. 9. 1a. 2b. 3a. 9a. 3a1. 20. 99. 111. etc). This is a RIGHT PAIN, especially for those using fixed digit count hex file prefixes for file 'version' control ... and for anyone who switches between Windows and Linux on a regular basis (when you return to Windows you can play that well known Microsoft game of "where's this POS hidden my files now ?")

To get the logical name order back :-
Launch regedit
Find the KEY:-
Add New DWORD :-
Set it's value = 1

Explorer will pick up the change when it's re-started (to avoid logging out, Alt+Ctrl+Del to launch Windows Task Manager, Processes tab, highlight 'explorer.exe', click End Process, click Applications tab, New Task button, type 'explorer.exe')

How do I defuse the "auto-run" crap-traps ?

An auto-install is typically 'launched' by 'RUN ONCE' instructions found in the Registry but can be sometimes found in the 'Startup' folder. These can be inspected from Safe Mode and deleted.

a1) Install HiJackThis

Use another PC to download HiJackThis.

Power-up whilst pressing F8 and select Safe Mode. Copy HiJackThis.exe onto c: and run it. This will show you what software is set to RUN / RUN ONCE. Look through the list and 'Fix' (delete) anything that isn't Microsoft.

a2) Inspect the Startup folder contents

Still in Safe Mode, goto C:\Documents and Settings\All Users\Start Menu\Programs\Startup and delete everything. Do the same for C:\Documents and Settings\All Users\Start Menu\Programs\Startup and C:\Documents and Settings\Default User\Start Menu\Programs\Startup.

Note - 'Default User' is a hidden folder (i.e. unless you changed the View setting above, you can't even see it).

a3) Install WinPatrol

WinPatrol will 'monitor' your Registry and warn you if an application tries to add a 'Run' or 'Service'. You can choose to allow it (Firewall etc) or 'deny' it (Adobe's 'auto-updater' etc)

What about unwanted Windows components ?

Most computers come with all the Microsoft Windows 'default' components. Virus writers and hackers know this, so they 'target' Windows components (and achieve a fair degree of success).

Even after 10 years of 'patching' and 'security updates', Windows XP 'components' are still full of 'holes' that can be abused - every time you see a 'Malicious Software Removal tool' in one of the MS Updates it means that yet another 'hole' has been found and exploited. So the more of Microsoft's software you can remove, the more 'holes' you will be removing along with it.Of course anything 'younger' than XP will have even more 'holes' - so ripping out unwanted Services etc. is even more important !

NOTE. The following is for Windows XP - for tips on optimising Vista and Windows 7, see elsewhere.

Can I remove unwanted Windows components ?

A1. Yes & No. You can use 'Add/Remove Programs' to 'remove' Outlook Express, MSN Explorer, MSN Messenger etc. however all that happens is that Windows removes the 'name' from the list of 'All Programs' (and from Add/Remove Programs) !

All the dangerous DLL's (and your address book etc. from Outlook) STILL EXIST on your PC, in Programs Files and hidden in various other folders scattered around the filing system. All the dangerous 'hacker friendly' DLL's remain 'registered', just waiting to be 'launched' by the first scrip kiddie to come along. You may find folders for things like 'microsoft frontpage', 'msn gaming zone' etc. (some of which are also full of dangerous code) even if you never installed these in the first place !!

This is another Microsoft 'gift to hackers'. By removing the program 'name' from 'Add/Remove Programs' the user is fooled into a 'false sense of security', so the hacker can continue undisturbed.If you ever wondered how some virus copied itself to everyone in some ancient address book you stopped using years ago, now you know (yep - you think you un-installed Outlook Express and deleted the address book ?? - but Windows kept hidden copies of everything 'just in case' you (or Corporate IT admin) 'changed your mind' later)

If you try to manually 'delete' the executable files of some MS components, you will get a "Can't delete, file/folder in use" type error. If you go into Safe Mode and manually delete the DLL's without 'unregistering' them first, Windows will "help the hacker" by 'restoring' them from the copies held in the DLL-cache !

About the ONLY way to ACTUALLY remove all of Outlook, Messenger etc. from an installed system is to use XP Lite. The reduced functionality free version (called 'trial') will do most of the job, however the cost is only $40 and it saves a lot of manual mucking about

Of course the best way is to use nLite to make you own Windows System CD and do a complete re-install, thus avoiding installing the unwanted components in the first place. You may wish to take this route when preparing your own 'Home Server' (see my Home Server (NAS) topic in the 'Navigation Bar', left

A2. Windows likes to 'hide' some of it's components (MSN Messenger etc.) so they don't even appear in 'Add/Remove' thus making it even harder for you to remove them.

To 'un-hide' them, edit the c:\windows\inf\sysoc.inf file & remove the "hide" setting

For example, to 'un-hide' MSN Messenger, modify the line :-

A3. In Safe Mode, go to Start, Settings, Control Panel, Add Remove Programs. Click 'Add / Remove Windows Components'.

Accessories and Utilities, highlight 'Games', click 'Details' and remove 'Internet Games', OK, OK.
Fax Services - not installed as MS Windows default but often loaded by OEM's. If found, remove (UNLESS you have a FAX machine, of course)
FTP Publishing - (not usually installed, if found, remove)
Indexing Service - DISABLE the Service (= see Next>> page)
Internet Explorer - AFTER installing Firefox or some other web browser, you can 'remove' MSIE (see **1)
Internet Information Services (IIS) - if found, remove
Management and Monitoring Tools - remove
Media Center - (Digital Rights Management enforcement, so MS won't let you remove it after it's been installed (see **2)
Message Queuing - remove
MSN Explorer - remove (unless you keep Outlook & want to avoid the 30s start-up delay whilst it tries to start MSN Explorer)
MSN Messenger - remove (unless you use MSN Explorer, which will run MSN Messenger 'in the background')
Networking Services - remove (this is Microsoft's version of 'popular' Unix network utilities such as the annoying 'Message Of The Day' pop-up)
Other Network File and Print Services - remove
Outlook Express - remove(**3) (use Thunderbird Open Source email client instead)
Terminal Server - remove (BIG security risk)
Update Root Certificates - allow
Windows Media Player - remove or not = up to you, I recommend VLC Open Source media player instead, HOWEVER if you intend to use MS PhotoStory (left, nav. menu bar) you will need WMP.
Windows Messenger - remove

A number of individuals have looked well beyond the short list of applications Microsoft allow you to delete via 'Add / Remove', however most expect some payment for their efforts. To rip out even more of the useless crap, see 'XPlite'.


(**1) How can I remove MSIE ?

If you want 'MS Updates' (which includes the automatic 'malware removal' updates that MS is still issuing for XP), you can't completely remove MSIE

Like all criminals, hackers are lazy. They will go for the 'easy meat' and that means anyone browsing with MSIE (people who use an alternative browser are more likely to be 'security aware' and install all sorts of Script 'blockers', anti-virus, anti-malware and Firewalls which makes them a very hard 'target' to crack).

MSIE was never designed to be 'secure' .. web pages can use MSIE to obtain access to your computer at 'system' level (unlike 'proper' browsers such as Firefox).Remember - MSIE is used by Windows Update to 'invisibly' download and install changes to your Operating System. Unless you actually remove MSIE software entirely, the only thing stopping a criminal downloading a 'root-kit' in exactly the same way is Microsoft's own bug ridden software

Why else is MSIE such a target ? Well, among other things, if you ever make the mistake of clicking 'Remember my details' on ANY web site, MSIE will 'save' those details (including your password) and deliver those details to any web site clever enough to ask for them.

In fact, if you click 'Remember..' in ANY web browser, your details are saved in a form that the web browser can be convinced to reveal - however, unlike MSIE, other web browsers typically have some obvious way to delete the details (in Firefox, in Tools, Options, Security, click 'Saved Passwords' .. do it now and delete them all :-) )

(**2) to avoid DRM ('Digital Rights Management' aka CD/DVD drive access interference) infecting your computer, use nLite to build a new Windows System CD without anything to do with Microsoft 'Media Center' and re-install

(**3) 'Default eMail missing' error

After removing Outlook Express you may get complaints about 'missing email services' and 'instructions' to 'run Outlook express and set it as the default'. You can safely ignore this 'error'.

Like MSIE, Outlook Express is the virus writers 'default' target - it makes essentially no check on incoming 'scripted' / 'HTML' mail and will happily allow a virus to trawl through your address book sending thousands of copies of itself to all your contacts.

After installing Thunderbird, you can use this instead of Outlook. The 'default' is used when you click on 'mail to:' on a web page. To set Thunderbird as the new default in Firefox, go to Tools / Options, Applications ('mailto' setting).

In MSIE, to set Thunderbird as the default for 'mail to:', go to Tools / Options, Programs tab.

How do I remove MSIE ?

Choosing Firefox etc. does not delete MSIE !

To actually remove (most) of MSIE you have to use third party tools. Of course, the best way to 'remove' something is not to install it in the first place ! This can be achieved by using 'nLite' to create your own 'custom' Windows System install CD. To eliminate MSIE after install is a lot harder (Google 'Open Source MSIE remove tool')

If you delete MSIE, Windows Update will no longer work = however this is not too much of an issue now that MS support has finished (although MS is still issuing 'malware removal' updates). To support a re-install without MSIE, you can download the 'unofficial sp4' fix roll-up package and install that from CD / DVD.

What other stupid tricks does Microsoft pull to help the 'walk in wannabee hacker' ?

A1. The Welcome screen shows all the User Accounts (except Administrator) & even if you use the 'classic' Logon window, XP will remember and display the 'last logged on' user name. Whilst this 'feature' is obviously provided for Americans (who plainly keep forgetting their own names) it also means that all the average visiting wannabee hacker has to do next is guess the password (something 'about' the person who's name MS thoughtfully displayed is always a good bet).

So the first thing you should do is make sure to use the 'classic' log-on window ... and then you need to stop your log-on name being shown to the world ... 

A2. XP also has a habit of showing 'X unread emails' at log-on (click on the 'notification' and it will reveal your email address, once again doing half the hackers job for them). Fortunately it's only Microsoft software (Outlook Express, Messenger, Windows Live etc etc) that uses this 'hackers help feature', so if you avoid all types of MS mail & Messaging you should never see this.

The above trick can be defeated by modding the Registry or by downloading 'TWEAKUI' and un-checking the "Show" option in "Unread mail" in the "Logon" tree (click the '+' to expand the tree).In TWEAKUI, under 'Repair' there is a 'Reset unread email count' (why ? because MS keeps getting the 'eMail count' wrong, claiming you have unread emails even when you don't and even listing email accounts which it has 'remembered' automatically but that you 'deleted' years ago ...

A3. By default, 'simple file sharing' is enabled on Windows XP-based computers. With 'simple file sharing' enabled, everyone (and anyone) in your Workgroup has access to your 'shared' folders !

When you add this to the fact that many WiFi Routers default to 'no encryption' you can see how easy it is for your neighbours kids to access all the Shared Music, Shared Pictures and Shared Videos on every computer in your house. The clever ones can also get easy access to the 'hidden' drive root shares (C$, D$ etc) and access all your on-line account & password details that MSIE helpfully 'remembers' for you ...

If 'simple file sharing' is disabled, members of your Workgroup cannot access your shared folders until you choose to share particular folders (or drives) with specific users or groups that you select. You cannot disable simple file sharing in Windows XP Home Edition (plainly MS believes that Home users should not be bothered with 'security')

To disable 'simple file sharing', open (double click) My computer, then in the Tools menu, Folder Options, View tab scroll down the Advanced Settings list & clear the 'Use simple file sharing (Recommended)' check box

A4. When removing unwanted Windows components, the COM+ and 'Help and Support' services are reset to 'Automatic' (even if you have manually set them to 'disable'). So always remove 'components' before you disable services

NB. To remove Windows components, the Windows Installer service must be running

A5. By default, any USB 'thumb drive' inserted is checked for the existence of an 'autorun' file = and if found, it's run !!!!

If you think thats bad, consider what the enterprising hacker can do with a USB device that identifies itself to Windows as a 'Keyboard' !

Controlling how Windows assigns drive letters to USB drives

One major annoyance is the way Windows not only 'remembers' every USB device you ever inserted but also checks the list of past devices against every device you plug in on the off chance it's one thats' been seen before, thus SLOWING DOWN the detection of ALL USB devices. Even more annoying is the way in which it continually shows driver letters for 'drives' that don't exist (i.e. for USB thumb drives you have unplugged).

Needless to say, My Computer, Manage, Storage/Disk Management WON'T SHOW the non-existent drive, so you CAN'T REMOVE THE NON-EXISTANT DRIVE LETTER !!!!

Microsoft did address the 'non-existent drive' issue in Windows 7, but never provided any solution for XP users. Instead, we have to make use of a free 3rd party tool 'USBDLM'. This Service also monitors for new Keyboard devices ...

For Windows 7, in "Folder Options", open the View tab. Then in the options list, locate the line "Hide empty drives in the computer" and 'check' the box. This should ensure that USB readers won't be assigned a driver letter until something is inserted.

How should I set my 'Screen Saver' (Sleeping and Hibernation) ?

Any computer that is left unattended with an Administrator level account 'logged in' is just asking to be abused = whilst one that is showing the 'Please enter your password' box is (somewhat) safer :-)

So you should always set the 'Screen Saver' to 'Wait: 5 minutes' (see note 1) and 'On resume, password protect'. Having set the screen Saver, click 'Power' and set the 'Turn off hard disks' to (eg) 30 mins (note 2) and 'System standby' to (eg) 'After 1 hour' (note 3).

Note 1. The more often you have to enter your Password, the more likely it is that you will remember it (without needing a Post-it note stuck to the screen :-) )
Note 2. It's not a good idea to keep spinning your hard drives up and down at 5 minute intervals .. however IF you have a separate data drive (which is where you have placed the Virtual Memory 'swap file' and your user 'Profile' = where all the application 'temp' data etc. is stored) it is a good idea to allow your system drive(s) to spin down half an hour after boot-up when they are not needed. That let's them cool down and that extends their life time.
Note 3. If you let the system go into 'standby' (Hibernate) you can just leave it 'on' all the time and it will consume almost no power

What Firewall should I use ?

There was a time when I would have recommended Zone Alarm. However it now comes with unwanted 'add ons' ('mail shield', 'web shield' & 'search bars' etc) all of which proved to be incompatible with my XP system.

When Zone Alarm started to subject me to 'pop-up hell' (opening windows in the centre of my desktop over whatever I'm working on and asking me to take part in their 'community' or inviting me to 'Upgrade to Pro' which appeared at regular intervals with no way to stop them) it's days were numbered.

The final straw came when a Zone Alarm update started putting my hard drive to 'sleep' half way through the boot-up sequence ! After going into Safe Mode (and returning to the 'Restore Point' I made before the update) I un-installed ZoneAlarm and vowed never to use it again

My experience with ZoneAlarm is, unfortunately, similar to that of many 'free' software packages. More and more 'Open Source' packages (and repositories) are becoming 'money orientated' - installing unwanted crapware and 'nagging' you to 'upgrade to the Pro (paid for) Edition'. So don't just click on the 'update' button without checking for a 'custom' option (which is where you can usually say 'no' to the unwanted garbage that is going to be installed along with the latest virus definitions or 'security fix')

So I now recommend Comodo

Whilst the only English is 'US' (no UK English), it also offers access to their secure DNS servers - which hopefully makes 'man in the middle' attacks much harder (by preventing DNS re-directs) but (of course), just like using Google, this allows your browsing habits to be 'profiled' (and maybe sold for advertising use).

Comodo comes with some sort of on-line help called 'GeekBuddy' and something called 'Dragon' (which seems to be some sort of web browser which CoMoDo will try to make your 'default browser'). If you slip up (like I did) and allow these to be installed along with the Firewall, you can immediately uninstall them both (via Add/Remove programs) without any negative effects

Comodo's 'advertising pop-ups' are restricted to the 'task bar' icon area in the bottom right-hand corner, so (unlike Zone Alarm) they are easy to ignore ..

Browsing without being 'tracked'

In today's world of 'targeted' adverts' and 'personalised' search results (yes, Google will 'bias' search results depending on what it 'decides' you should see) and the obvious possibility of 'tailored' or 'variable' pricing (ever wonder why the price goes up every time you re-visit a site ?), you should do all you can to prevent 'tracking'.

Ideally you want all cookies** to be deleted when you leave a web site - however even Firefox only offers you the option (in Tools, Options, Privacy) of 'Keep until', 'I close Firefox' (you can't 'refuse all' cookies since that will prevents most on-line shopping / banking sites from working). So make a point of closing Firefox 'often' :-)

**Be aware that cookies can cost you real money. If you visit a holiday booking site (hotels, airlines) that discovers cookies indicating you are 'serious' about buying they may well take the opportunity to 'up the price'. This happens if you visit the booking site, 'go away' to check prices elsewhere and then 'come back again' - they will 'see' you visited recently, assume you are now serious about booking and need no longer be tempted with any sort of 'special offer'.
This happened to me when booking a well-known 'budget' hotel room - deleting all their cookies and returning to the site got me the original, lower, price again.
Note this has also been known to occur when booking flights (see here) and that can cost you real money (£ hundreds extra).

Stopping the adversing companies from 'profiling' your web browsing can be very difficult. The major culprit by far is 'Google analytics' = almost all web sites are riddled with it. Whilst Firefox NoScript will 'stop' this cr*p tracking you 'by default', chances are you will have a long list of 'trusted' sites where scripts have been 'enabled' to achieve the functions you want - and that opens the door to 'analytics'.

The 'issue' is, of course, that Google wants to make money out of you .. so it will 'feed' you search results designed to 'direct' you to it's 'paid for' advertiser sites. When you are looking for a 'best price offer', the LAST thing you want is Google directing you to the (no-doubt over-priced) offerings of it's highest paying advertisers

You can stop Google analytics by 'redirecting' both www.google-analytics.com and ssl.google-analytics.com to (in your system32\drivers\etc\HOSTS file), however that won't stop the hundreds of other 'tracking' tricks - instead I suggest installing the Firefox Ghostery add-on (an alternative is the Disconnect add-on)

If you edit HOSTS, you might want to add ' pagead.googlesyndication.com' and ' pagead2.googlesyndication.com' - this will block most 'Adsense' banner adverts that Adblock misses

STOP PRESS. AdBlock Plus has 'sold out' to the advertisers. Specifically, Google (and others) have paid them to let thorough their Ads. Of course it's easy enough to uninstall Adblock Plus (and switch to 'uBlock')

Browsing without Adverts

If you use Firefox with the AdBlock Plus, NoScript and FlashBlock 'add-ins', very few adverts will get through. However, whilst 'pop-ups' have effectively been 'killed off' by almost all browsers (and most users now set Firefox to 'clean out' cookies on exit from the browser), the advertising industry continues to pay big money to 'very clever chaps' who always seem to find new ways of bypassing the 'blockers' in order to 'force-feed' you their spam.

If the adverts start to get too annoying, I suggest adding the Privoxy non-caching web proxy between your browser and the internet. This will provide some more 'in depth' protection and (so long as the developers keep updating it) hopefully it will 'catch' the spam that AdBlock Plus does not

Blocking Google's 'paid for' results

At various times various individuals have become so annoyed at Google's (and Yahoo's) habit of placing of 'paid for' results at the top of the 'search results' that they have found ways to block these. Unfortunately, Google's 'Terms and Conditions of use' state you are not allowed to remove their 'paid for' results (so much for their 'Don't be evil' claims). In any event, various attempts to 'search without ads' seem to 'come and go' (see, or rather, don't see, Scroogle and the Firefox 'customizegoogle' add-in)

There was a time when you could get Google itself to 'block' sites from it's results you didn't want to see again. Apparently, that no longer works either. Fortunately, Firefox users can still block sites from Google results using an 'add-in' (of course blocking all the 'garbage advertising' sites may mean you end up with an empty 'top hits' (first) page :-) )

All you can do is 'Google' for the latest "blocking paid-for Google results" methods (no doubt the top 'hit' will be for some overpriced commercial rubbish that has paid Google the most for the 'top hit' slot :-) )

Blocked (downloaded) files

By default, since about 2012, Windows sets a 'flag' that 'stops' what it regards as 'executable' files from 'foreign' systems being 'run' (or deleted).

Why ? well after 10 years Microsoft has finally realised the danger of 'auto-run' executing every new file it found.
Most users might expect MS would simply remove the 'auto-run' code, however they decided to make life 'more interseting' for users by adding the 'blocked' flag.
The result ? Most 3rd party apps (such as your auto-system 'back-up' utility) would 'freeze' when running into such as file, preventing the PC being shut down (and forcing you to pull the power-plug ..)
Xp Pro users logged-in as a member of the Administrators Group can 'right click' for the file Properties and, if the 'Security:' attribute is seen (ot is only shown if the file is blocked), use the 'Unblock' button.
Non-admin users and XP Home users don't get that 'privilege', so will have no idea why they have to keep pulling the power-plug each night to shut-down after their back-up app. freezes and locks-up the PC ... (to over-ride this stupid 'hide the reason for the lock-up' trick, see this page)

To disable this stupid 'marking' of downloaded files as 'security blocked', set the Registry Key :-

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\SaveZoneInformation = 1.
To unblock all files, go find the 'streams' utility (see my 'Deleting Files' page)

Next page :- User accounts setup