1. Improve security If strangers have physical access to your PC, it's easy for them to plug in a USB flash drive and make copies of your data. If you're using Windows XP SP2 or later, though, there's a simple way to prevent this from happening. Go to 'HKLM\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies', create a DWORD value called 'WriteProtect' and set it to 1. You'll be able to read USB drives, but not write to them any more. 2. Tame UAC Windows Vista's User Account Control raises so many alerts that many people just turn it off. But do that and you'll also lose useful features like IE's protected mode. If you really can't live with UAC, try disabling the alerts for administrators: you won't get any more hassle, but UAC will run in the background and you'll still get its other features. To do this, set 'HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPro mptBehaviorAdmin' to 0. You can restore normal UAC behaviour by setting it to 2. 3. Change the owner Install Windows on your PC and you'll be asked to enter your name, which is then stored as the registered owner (run WinVer to see this on your system). If you've got a second- hand PC, you probably want to change the name stored as the registered owner. There's no obvious way to do this, and that's where the Registry comes in. Browse to 'HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion' and you'll see both a 'RegisteredOwner' and 'RegisteredOrganization' value. Double-click either to change them. 4. Sort files properly Sorting filenames in Explorer can be a problem. By default, it will place 'File_v2.txt' before 'File_v15. txt': that's not ASCII ordering, but it seems to be sensible. But what if the 'v' refers to a version number, and actually File_v15.txt should come first? Suddenly Explorer's default system doesn't work at all. To restore regular ASCII file ordering, go to 'HKLM\Software\Microsoft\Windows\Currentversion\Policies\Explorer', create a DWORD value called 'NoStrCmpLogical' and set it to 1. Delete the key to restore the standard Explorer approach. 5. Troubleshoot startup If Windows is taking its time to start up or shut down, there might be a problem. To find out what's going on, go to 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System', create a DWORD value called 'verbosestatus' and set it to 1. Restart your PC and Windows will tell you what it's getting up to. 6. Manage folder types Windows Vista's Explorer will 'intelligently' choose your folder type based on its contents. But this means that a Download folder will change to a Music folder if you grab a few MP3s. To fix this, go to 'HCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell', delete the 'Bags' subkey and then create a new Bags key in the same location. Create a key called 'AllFolders' beneath Bags, and a key called 'Shell' below that. Click it to open 'HCU\Software\Classes\LocalSettings\Software\Microsoft\Windows\Shell\ Bags\AllFolders\Shell'. Right-click the right-hand pane, choose 'New | String Value' and call this 'FolderType'. Then double-click FolderType and set its value to 'NotSpecified'. You'll still be able to change the folder type, but Vista will no longer assign one. 7. Easy encryption Some versions of Windows have always allowed you to encrypt files, but it's an awkward process; you must right-click the file, select 'Properties', click the 'Advanced' button, check 'Encrypt contents to secure data' and then press 'OK' twice. For a simpler alternative, go to 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced', create a new DWORD called 'EncryptionContextMenu' and set it to 1. Now you can just right-click a file and select 'Encrypt'. 8. Access folders fast Get speedy access to any folder by pinning it to the Start menu. Run REGEDIT, go to 'HKCR\Folder\shellex\ContextMenuHandlers', right-click 'ContextMenuHandlers' and click 'New | Key'. Type '' (as ever, without quotation marks) and press [Enter]. Now hold down [Shift], right-click a folder and select 'Pin to Start Menu'. 9. Speed up copy times Vista gives a high priority to your soundcard, so you should get glitch-free audio no matter what you're doing. This can cause slower network copy speeds, however. To tweak this, browse to 'HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Multimedia\SystemP rofile'. Try setting 'NetworkThrottlingIndex' to more than 10 – 50 or 60 should be effective – then reboot and test your network speeds again. 10. Fix the drive listing If Explorer no longer lists your DVD drive (or thinks that it's a DVD-ROM and can't burn discs), go to 'HKLM\System\CurrentControlSet\Control\Class\' and delete the 'UpperFilters' or 'LowerFilters' settings. This usually works, but it may break whatever application caused the problem in the first place. If a program stops working, check to see if it has an update, then reinstall it. 11. Access display settings quickly Right-click the desktop in Windows Vista and you can't directly access the display settings. Windows 7 will fix this, but in the meantime go to 'HKCR\Directory\Background\Shell', right-click 'Shell', select 'New | Key' and call it 'Display Settings'. Double-click '(Default)' in the right-hand pane and enter 'Display Settings' in the Value Data box. Now right-click Display Settings in the left-hand pane, select 'New | Key' again and call this key 'command'. Double-click this new key's (Default) value and enter this text: 'rundll32 shell32.dll,Control_ RunDLL DESK.CPL,@0,3'. (That's a zero following the @ sign, and take care to use the right cases.) Click 'OK' and right-click the desktop to see the new Display Settings option. 12. Multiple Live Messenger log-ins By default, Windows Live Messenger only lets you log into one account at a time. To rectify this situation, go to 'HKLM\Software\Microsoft\WindowsLive\Messenger', create a DWORD value called 'Multiple Instances' and set it to 1. Delete the value to restore things to the way they were beforehand. 13. Clean the menus You've uninstalled an application, but it's left you a gift: several now-useless right-click context menu entries. To fix this, go to 'HKCR\*' and 'HKCR\Directory'. Expand the shell, then the 'shellex\ContextMenuHandlers' keys and look for any keys beneath these that relate to your unwanted command. On our PC, the key 'HKCR\*\shellex\ContextMenuHandlers\7-Zip' links to the 7-Zip context menu, for instance, so to get rid of that we would right-click the 7-Zip part in the left-hand pane and click 'Delete'. But be careful – only delete a key if you're really sure it's the right one. 14. Speed up backups Windows XP's NTBACKUP improves its performance by maintaining a list of system files it knows you won't want to back up (such as the paging file). Add your own files and folders that you're not bothered about and you'll get even better results. View the list at 'HKLM\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBackup'. 15. Change the default installation folder Most installations default to the Program Files folder, but if you want to point this elsewhere, navigate to 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion', change the 'ProgramFilesDir' entry to point at your chosen folder and reboot. 16. Rename drives Add a memory card reader to a PC and Explorer will often cram the Computer folder with similar sounding drive names ('Removable Drive D:', 'Removable Drive E:' and so on), making it difficult to tell them apart. But it doesn't have to be that way. If drive G: is a CompactFlash slot, say, then a few Registry tweaks can change it to read 'CompactFlash (G:)', making things much clearer. Start at 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer' and create a key called 'DriveIcons'. Within that, create a key with the drive letter ('G' in this example), and within that, create a new key called 'DefaultLabel'. Double-click this key's (Default) value entry, give it the name 'CompactFlash' (or whatever you like) and click 'OK'. Restart Explorer or press [F5] to see the change. 17. Wipe the page file Windows stores memory pages in its paging file as you work. That's fine unless an intruder gets access to your system. If so, they may then be able to browse the paging file and extract confidential information. To avoid this, go to 'HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManageme nt', set the 'ClearPageFileAtShutdown' value to 1 and reboot. Windows will now wipe the page file every time it shuts down, lengthening the process but increasing your security. 18. Crash on cue Blue-screen crashes are usually bad news, but occasionally you might want to initiate one yourself. You might need to test Windows' error reporting, for example. There's a Registry trick that can help achieve this. Go to 'HKLM\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters', create a DWORD called 'CrashOnCtrlScroll' and set it to 1. Reboot your computer, and to crash it just hold down the right [CTRL] and press [Scroll Lock] twice. Use this sparingly: it's a crash like any other, and there's a chance of hard drive corruption. To be safe, delete the CrashOnCtrlScroll value when you're done. 19. Save CPU time The average PC has several programs wanting to use the processor at any one time, and so Windows allocates each a period of CPU time – a 'quantum' – before moving to the next. By default this is very short, which makes for a responsive PC, but it sometimes means that Windows wastes time just switching between processes. The solution? You can try what Windows Server does: set up your system to use a long quantum. Set 'HKLM\SYSTEM\CurrentControlSet\Control\PriorityControl\Win32PrioritySepar ation' to 16 (hex). Longer quantums mean fewer switches between programs and so less wasted time. It can push some programs too far, though, and you might begin to notice games lagging or video playback becoming less smooth. If you spot any problems, just restore the original Win32PrioritySeparation value (probably 26 hex). 20. Disable AutoRun Windows' AutoRun feature is a potential security risk because it automatically runs code when you connect removable devices to your PC. If you can put up with the inconvenience of doing things manually then it's safest to disable it. On some systems, this can only be done from the Registry. To do so, go to 'HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\IniFileMapping' and create a key called 'Autorun.inf'. Next, double-click the new key's (Default) value and enter the new value '@SYS:DoesNotExist'. Now delete the Registry key 'HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2'. Windows now won't automatically run any code on CDs, DVDs or removable drives; you will have to manually launch it.
Pages to are hidden for
"How To Improve Windows security"Please download to view full document