Windows XP/Vista/7/8/etc Themers and Customizers BEWARE - Hardware & Software

As you know, there are two components to a Windows NT 5.1+ (XP and onward) theme. The .theme file, which is safe and always runnable, and the optional dll, which requires a uxtheme.dll patch to run (since it can execute arbitrary code as administrator, etc, Microsoft doesn't permit that out of the box). The optional dll is very useful, as it can actually fully theme the window shades, start bar, etc. You may have heard of the Universal UXTheme Patcher, which helps to run these advanced themes clean, but watch out for these fagets: [url]www.windowsxlive.net[/url] - They are the top search result host of the theme patcher. It surprises me that they are still considered legit (after all these years) and show up as one of the first links in a Google search. [b]They are not legit at all. The installer contains a piece of malware that gives you a Chinese SSL hijack (the usual adware bullshit, but even slower, since it goes through somewhere in China :v: ). This is done through their custom uxtheme.dll, poisoned Winsock LSP, proxy settings, etc.[/b] In other words, you will turn your ballhairs gray trying to remove it. Especially the winsock part. I genuinely feel sorry for the lay Windows user who has to go through it. [b]The "go-to" classical symptom of getting SSL Hijacked:[/b] Good cert-aware browsers such as Firefox and Chrome constantly giving a "Connection Untrusted" warning" on HTTPS sites, even upon visiting big companies, such as google.com, microsoft.com, etc. Those warnings are not to be ignored, and are to be taken seriously. If you have this symptom, don't ever log in to your banks, your emails, etc. I had a run in with the site's owner over e-mail years ago, and he is indeed a Chinese dude who accepts the full responsibility for the SSL hijacking. Furthermore, he laughed it off. Also, he frequently updates his installer to avoid having it caught in the crosshairs of an antivirus. I highly doubt that they are actually stealing people's sessions, keys, etc. Given the site's present day stance on ad-blocking (forcing you to disable), I'd bet you that they're one of those assholes who listen in to your Google searches and sell them off to advertising companies (the ones that roll out those gay browser toolbar adwares, etc). Remember that annoying shop thing that injected price catalogues into your search engine results in a browser? Yeah. Those fagets. I had to post this, because today, I just found out that not only did they not ever get shut down, but they just climbed higher SEO-wise on major search engines, such as Google. Just because they are at the top search-wise, doesn't mean that they are at the top ethically. [i]Thanks for reading. Stay safe.[/i] [b]THE EVIDENCE BIN[/b] (Since some requested) [url]https://facepunch.com/showthread.php?t=1453808[/url] -- ON FACEPUNCH ITSELF! Do a quick google search: [img_thumb]https://s17.postimg.org/6rbwbican/Untitled.jpg[/img_thumb] OH WOW! That's my third result and I didn't even finish typing the url. Try this Google yourself. I didn't change anything, nor do I have personalized suggestions enabled, let alone being logged into my GMail. Also, stay tuned. Might whip out sandboxy or a vm myself to directly show the damage/changes.

Some pretty heavy claims with not much evidence

[QUOTE=NitronikALT;51430709]Some pretty heavy claims with not much evidence[/QUOTE] Go install their patcher and you'll get all of the evidence you want. Also a fucking red screen when trying to access [url]https://ANYTHING.ANYTHING[/url] [editline]26th November 2016[/editline] Well, red on FF. Not sure about how Chrome's looks like...

[QUOTE=KD007;51430714]Go install their patcher and you'll get all of the evidence you want. Also a fucking red screen when trying to access [url]https://ANYTHING.ANYTHING[/url] [editline]26th November 2016[/editline] Well, red on FF. Not sure about how Chrome's looks like...[/QUOTE] I reckon it's fair to say burden of proof is on you in this case

[QUOTE=NitronikALT;51430718]I reckon it's fair to say burden of proof is on you in this case[/QUOTE] [URL="https://facepunch.com/showthread.php?t=1453808"]It's happened around here before.[/URL]

But... the evidence is on their website up for download. Sandboxy that shit and see for yourself. For the love of god don't run the installer bare, Avast, Norton, Kasp, etc probably will not pick it up. [editline]26th November 2016[/editline] OH, WHADYA KNOW! [QUOTE=elixwhitetail;51430752][URL="https://facepunch.com/showthread.php?t=1453808"]It's happened around here before.[/URL][/QUOTE] [editline]26th November 2016[/editline] [QUOTE=NitronikALT;51430718]I reckon it's fair to say burden of proof is on you in this case[/QUOTE] Re-check my original post. I think the burden of proof isn't much of a burden. Also, you're being tooo skeptical. Makes me think that you work for those windowsxlive fuckboys. On the other hand, if you happen to be a user of their software, and never noticed anything wrong at all, my sympathies for you.

[QUOTE=elixwhitetail;51430752][URL="https://facepunch.com/showthread.php?t=1453808"]It's happened around here before.[/URL][/QUOTE] Thank you!

I remember trying to use their site when I recently installed W7 and lol'd my way out when I got the big ass disable adblock shit—uBlock saving the day again.

[QUOTE=Axznma;51430885]I remember trying to use their site when I recently installed W7 and lol'd my way out when I got the big ass disable adblock shit—uBlock saving the day again.[/QUOTE] Using ABP here. Gonna check out uBlock at some point. Looks like it's ahead on its malicious site lists.

Oh jeez, thanks for posting this, I had no idea this was going on. I use the universal patcher thingy, and that's what I recommend when I tell people how to do this stuff, but I never give a link or specify exactly what I'm talking about which might make them mistakenly download this. Now I know! :v:

[QUOTE=SuperDuperScoot;51431954]Oh jeez, thanks for posting this, I had no idea this was going on. I use the universal patcher thingy, and that's what I recommend when I tell people how to do this stuff, but I never give a link or specify exactly what I'm talking about which might make them mistakenly download this. Now I know! :v:[/QUOTE] For future reference, this is the one and only thing you should be using: [url]http://uxstyle.com/[/url]

That's the first one I ever tried, and it straight up didn't work. No errors or anything, but I used it, restarted, and it didn't do anything. Universal Theme Patcher/Universal UXTheme Patcher whatever the fuck it's called nowadays was the only one that worked. No idea why, but that's just how it went. I don't see anything wrong with that I use; the OP mentioned it too as a clean way to do it.

[QUOTE=SuperDuperScoot;51432375]That's the first one I ever tried, and it straight up didn't work. No errors or anything, but I used it, restarted, and it didn't do anything. Universal Theme Patcher/Universal UXTheme Patcher whatever the fuck it's called nowadays was the only one that worked. No idea why, but that's just how it went. I don't see anything wrong with that I use; the OP mentioned it too as a clean way to do it.[/QUOTE] It's anything but clean. It breaks with almost every major (And some minor) updates, and it invites people to do nasty things to your system files on-disk. Not sure what issue you had with it, but it works fine. I'm on Windows 10 Anniversary, and the Technical Preview copy of UXStyle still works flawlessly.

[QUOTE=1/4 Life;51432479]It's anything but clean. It breaks with almost every major (And some minor) updates,[/QUOTE] I've went through a massive amount of updates at once and it hasn't broken at all. [QUOTE]and it invites people to do nasty things to your system files on-disk.[/QUOTE] How so?

I only use this for customization on my windows 10 since the title bar is white by default which is an eye sore [url]https://www.reddit.com/r/Windows10/comments/3syvdw/anyone_know_how_to_get_a_simple_black_accent_color/cx20itk/[/url]

As the last XP user in the planet I can say that I stopped using themes in 2012 when most programs fucking pushed their own UI theme preferences so hard it would break the skinning utility.

[QUOTE=pentium;51438049]As the last XP user in the planet I can say that I stopped using themes in 2012 when most programs fucking pushed their own UI theme preferences so hard it would break the skinning utility.[/QUOTE] Of all people I assumed you used Classic Theme Restorer for Firefox.

[QUOTE=chipsnapper2;51439664]Of all people I assumed you used Classic Theme Restorer for Firefox.[/QUOTE] CTR is legitimately good even for someone not stuck several decades in the past though. If for no other reason than getting rid of those god awful Chrome-clone angled tabs that waste a bunch of space for no actual reason.

[QUOTE=pentium;51438049]As the last XP user in the planet I can say that I stopped using themes in 2012 when most programs fucking pushed their own UI theme preferences so hard it would break the skinning utility.[/QUOTE]Why are you still on XP, though? If you don't mind me asking. Aren't you afraid of it's security holes?