List of All Kinds of Restrictions for Windows 2000, XP, Server 2003, Vista, Server 2008 and 7

Many times people access our system and change our customized settings here and there. Wouldn't it be great if we can restrict them to change the settings and other things like restrict from changing Folder Options, Taskbar settings, Desktop settings, etc.

Today in this tutorial, we'll share a list of some important and useful restrictions, which can be put in Windows 2000, XP, Server 2003, Vista, Server 2008 and 7.

STEP 1: Open Registry Editor

All restrictions are based on Registry editing. So you'll need to open Registry Editor by providing regedit command in RUN or Start menu Search box and press Enter. After that go to the registry key mentioned in step 2.

STEP 2: Create Registry Key

Once you are in Registry Editor. Go to following keys and create or modify required DWORD value as mentioned below:



1. Restricting Desktop Properties

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\System

Create new DWORD NoDispCPL and set its value to 1

If you want to restrict any particular tab in Desktop Properties like Themes, Screen Saver, etc, you can take help of following tutorial:

How to Enable / Disable Changing Themes, Wallpapers, Screen Savers and Other Settings

2. Restricting Taskbar Properties

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoSetTaskbar and set its value to 1

3. Restricting System Properties

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoPropertiesMyComputer and set its value to 1

4. Restricting Folder Options

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoFolderOptions and set its value to 1

5. Restricting Registry Editor

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\System

Create new DWORD DisableRegistryTools and set its value to 1

6. Restricting Task Manager

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\System

Create new DWORD DisableTaskMgr and set its value to 1

7. Restricting Control Panel

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoControlPanel and set its value to 1

Also check following tutorial:

How to Hide / Show Specific Control Panel Applets / Icons in Windows?

8. Restricting Command Prompt

Go to following key:

HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\System

Create new DWORD DisableCMD and set its value to 2

9. Restricting Locking/Unlocking of Taskbar

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD LockTaskbar and set its value to 1

10. Restricting right-click on Taskbar

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoTrayContextMenu and set its value to 1

11. Restricting Toolbars in Taskbar

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoToolbarsOnTaskbar and set its value to 1

12. Restricting drag-and-drop and right-click in Start Menu

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoChangeStartMenu and set its value to 1

13. Restricting RUN in Start Menu

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoRun and set its value to 1

14. Restricting Shut Down, Restart, Sleep and Hibernate commands

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoClose and set its value to 1

15. Restricting Log off in Start Menu

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD StartMenuLogOff and set its value to 1

16. Restricting Active Desktop Feature

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoActiveDesktop and set its value to 1

17. Restricting adding/removing items to/from Toolbars

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoToolbarCustomize and set its value to 1

18. Restricting adding/removing Toolbars

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoBandCustomize and set its value to 1

19. Restricting Autorun Feature

Visit following tutorial:

How to Disable Autorun Functionality in Windows Using Registry Editor?

20. Restricting notification at low disk space

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

Create new DWORD NoLowDiskSpaceChecks and set its value to 1

21. Restricting Writing to USB Drives

Go to following key:

HKEY_LOCAL_MACHINE\SYSTEM\Current Control Set\Control\StorageDevicePolicies

Create new DWORD WriteProtect and set its value to 1

Also check following tutorial:

How to Disable / Restrict Use of USB Storage Devices in Windows?

22. Restricting "New" option in context menu

Go to following key:

HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenu Handlers\New

And delete the value of Default, e.g., empty it.

23. Restricting "Send To" option in context menu

Go to following key:

HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenu Handlers\Send To

And delete the value of Default, e.g., empty it.

24. Restricting any desired application

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer\DisallowRun

Create new String value with any name, like 1 and set its value to the desired program's EXE file.

e.g., If you want to restrict msconfig, then create a String value 1 and set its value to msconfig.exe. If you want to restrict more programs, simply create more String values with names 2, 3 and so on and set their values to the program's exe file.

25. Restricting Drives in My Computer

Go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer

In right-side pane, create new DWORD NoViewOnDrive and change its value as following:

3 : To Restrict A and B drives only.
4 : To Restrict C drive only.
7 : To Restrict A, B, and C drives only.
8 : To Restrict D drive only.
F : To Restrict A, B, C, and D drives only.
03FFFFFF : To Restrict all drives.

If you want more specific restrictions, like you want to restrict a combination of drives, you can use decimal no. instead of hexadecimal no. Following is a list for all drives decimal no.:

A: 1
B: 2
C: 4
D: 8
E: 16
F: 32
G: 64
H: 128
I: 256
J: 512
K: 1024
L: 2048
M: 4096
N: 8192
O: 16384
P: 32768
Q: 65536
R: 131072
S: 262144
T: 524288
U: 1048576
V: 2097152
W: 4194304
X: 8388608
Y: 16777216
Z: 33554432
ALL: 67108863

So if you want to disable a combination of drives, just sum their numbers and give the same value to NoViewOnDrive. e.g., for restricting C, D, E and F drives, give the value: 4+8+16+32 = 60

NOTE: You can also hide the drives using NoDrives DWORD value. The location and its value remain same as the above trick.

That's all. Above are some common restrictions, if you want to know about any specific restriction, please let us know.

NOTE: If you want to remove the restriction, simply delete the DWORD or set its value to 0

PCI Vendor and Device Lists

This page is primarily intended as an engineering resource* for people who need to deal with computers built around the PCI bus. It's reason for being is that there is no other centralized database of PCI device IDs. This database is entirely user-supported; all the data has been, and continues to be, furnished by those working in the PCI market. Feel free to add info for the use of others!

What's available here:

PCI Vendor List By Name or by Vendor ID: from these lists, you can select a vendor, and get more information about either the vendor itself or the devices they manufacture. (These lists are long, and may take a little while to load). There are links available to add information to the database as well.

Go to Run Type devmgmt.msc select any device properties select details tab & finally select device instance id.

For Ref. see following screenshot

How to Open and View .NFO Files

Many users who download program files on the internet find it difficult to open or view NFO files. These are just text files and using them is very easy.
NFO files are really “info” files. These text files frequently contain information regarding the installation or use of downloaded packages. Here is how to open and use these files.

If you click on it without following these directions,you will probably get this error:

System Information cannot open this NFO file. It might be corrupted or an unrecognized version.

You can download many programs to view these text files; however,why not just use notepad to view them?
1. Browse to the NFO file on your computer
2. Right-click on the file and click Open With
(If you are given several options in the menu here, select Choose Program…)
3. Select Notepad under Other Programs
(In Vista you might need to actually click the Other Programs drop down arrow on the right of the Open With window)
4. Make sure that Always use the selected program to open this kind of file is checked.
5. Click OK.

How Long Has Your System Been Running?

Click Start | Run and type cmd to open a command prompt.
At the prompt, type systeminfo

Scroll down the list of information to the line that says System Up Time.
This will tell you in days, hours, minutes and seconds how long the system has been up.

Remote Access Method

Just Control Another Computer Remotely.

Things to Need
Remote Pc's Account Username And Password

<-- Method -->

1. Go tO COmmand Promt(press Windows+R and type cmd)
2. type cd\ (to go to main root Of C:)
3. type the command
c:\net use \\(Rempote PC's Username i.e Adrian)\ipc$ /u:Administrator
c:\net use \\Adrian\ipc$ /u:Administrator(press Enter)
(Results of the above Command)
The Password Or Username Is Invalid For \\Adrian\ipc$.
Enter The PassWord For "Administrator" tp connect to 'Adrian':*****
The Command COmpleted Successfuly.
4. Press Window+R Write regedit To Enter RegsitryEditor.
5. Press Alt+F Then C.
6. Write Down The "Object's Name".Adrian(Computer's Username)then Press Enter.
(New Computer's Registry Is Successsfully Accessed).
7. Just GO TO
Adrian\HKEY_LOCAL_MACHINE\SFTWARE\Microsoft\Windows\TelnetServer\1.0
On The Right Hand Double Click On The Key Named As "NTLM"(New BOx Appear)
Value Name:NTLM
Value Data:(Replace 2 with 0)
Base :HexaDecimal
Press OK.
Get Out Of registry Editor.
8. Again Press Windows+R And Write mmc.(Consol1 Will Open)
9. Press Alt+F then M(New Windows Will Appear)
10.Press Alt+D Then Double Click On "Computer Management"
11.Select "another Computer" and write its Account Login(Adrian).
12.Press Finish And Then Close The "Add StandALone Snap-in"Dialogue Box.
13.Now Press OK Of "Add/Remove Snap-in".
14.On The Left Hand Expand Computer Management>Select Services And Aplications>Services
15.On The Right Hand Scroll down And Right CLick At "Telnet"And Select Restart Option.
16.Leave It As It is
17.Turn To Command Promt Write
c:\telnet Adrian(Press Enter)
it Will Require Login And PassWord
Login:Administrator
PassWord:********(Enter)
*-----------------------------------------------------------
Welcome TO Microsoft Telnet SErver
C:dir(Enter)

Speed Up Windows XP Boot (SLIGHTLY)

Here’s another tip for speed demons, determined to shave the last few nanoseconds off their Windows XP boot up times.


Truth be told this one probably won’t save more than a second or so but every little helps.


The idea is that XP wastes time and resources checking to see if there are any devices connected to empty IDE slots on the PC’s motherboard.


To stop this happening open Device Manager (Winkey + Break > Hardware > Device Manager) and click on the plus sign next to the IDE ATA/ATPI listing to expand the tree.

Right click on Primary IDE Channel and select Properties then the Advanced Settings tab. If either Device 0 or Device 1 is ‘Device Type’ box is empty (not greyed out) change the drop down menu setting for this box to ‘None’ and click OK.


Repeat for the Secondary IDE Controller listing. Note that if you add a new IDE device you will have to go back and change the Device Type drop down menu back to Auto Detect.

How to increase broadband connection speed in Windows XP/2003?

To speed up the Internet connection speed we need to configure a special buffer in the computer's memory in order to enable it to better deal with interrupts made from the NIC or the USB modem.

This tip is only recommended if you have 256MB RAM or higher.

Step #1 - Identify the IRQ used by the NIC/USB modem


Follow these steps:

1.Open the System Information tool by running MSINFO32.EXE from the Run command.

2.Expand System Summary > Hardware Resources > IRQs.

3.Look for the listing made for your NIC (in my case - a Intel(R) PRO/100+ Management Adapter). Note the IRQ next to the specified line (in my case - IRQ21).

In case of USB modems you will first need to find the right USB device used by your modem. Follow these steps:

1.Open the Device Manager tool by running DEVMGMT.MSC from the Run command (or by right-clicking My Computer > Hardware tab > Device Manager button).

2.Scroll down to Universal Serial Bus controllers and expand it.

3.Right-click the USB Root Hub and select Properties. Note that you might need to do so for all listed USB Root hubs (if there are more than one) in order to find the right one.

4.In the Power tab, look for your USB ADSL modem.

5.In the Resources tab look for the assigned IRQ (in this case - IRQ21).

6.This is the IRQ we're looking for.

Lamer note: IRQs and modem names might vary...

Step #2 - Modify the system.ini file

Follow these steps:

1.Run SYSEDIT.EXE from the Run command.

2.Expand the system.ini file window.

3.Scroll down almost to the end of the file till you find a line called [386enh].

4.Press Enter to make one blank line, and in that line type

IrqX=4096

where X is the designated IRQ number we found in step #1, in my case it's IRQ21.

Note: This line IS CASE SENSITIVE!!!

5.Click on the File menu, then choose Save.

6.Close SYSEDIT and reboot your computer.

Done. Speed improvement will be noticed after the computer reboots.

Windows XP Tips And Tricks

STOP NOISE IN COPYING AUDIO CD

When using 3rd party burning software (eg, Nero Burning Rom) to copy audio CD,some noise may be heard at the end of each track. To prevent this,try the following method:
1. Enter System Properties\device manager
2. Select IDE ATA/ATAPI controllers
3. Double click on thee CD writer IDE channel
4. Select advance setting
5. Change the transfer mode to 'PIO Only'
6. Restart Computer


RESTORING MEDIA PLAYER

To restore Windows Media Player insert the the XP CD into the CD drive (if it autostarts click exit). Open a command window and type the following :
rundll32.exe setupapi,InstallHinfSection InstallWMP7 132 c:\windows\inf\wmp.inf


RESTORING ACCESS TO CD ROM'S

If you removed CD Burning software, or for some other mystical reason, can not longer access your CD ROM's, in most cases following registry keys needs to be deleted: Locate and delete the UpperFilters and LowerFilters values under the following key in the registry:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\
{4D36E965-E325-11CE-BFC1-08002BE10318}


REMOVING USERNAME IN THE STARTMENU

Open Registry Editor Then Go To :
1. "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer"
2. On The Right, Make A New Entry With Right Click On Your Mouse Then Choose "New | DWORD Value"
3. Change The Entry's Name Into "NoUserNameInStartMenu", Double Click In The New Entry And Fill The "Value Data" With "1".
4. Press OK, Exit From The Registry Editor.
5. Restart Your Computer.


INTERNET EXPLORER LIGHTING-FAST STARTUP

Isn't it annoying when you want to go to a new website, or any other site but your homepage, and you have to wait for your 'home' to load? This tweak tells Internet Explorer to simply 'run', without loading any webpages. (If you use a 'blank' page, that is still a page, and slows access. Notice the 'about:blank' in the address bar. The blank html page must still be loaded..). To load IE with 'nothing' [nothing is different than blank]:
1. Right-click on any shortcut you have to IE
[You should create a shortcut out of your desktop IE icon, and delete the original icon]
2. Click Properties
3. Add ' -nohome' [with a space before the dash] after the endquotes in the Target field.
4. Click OK
Fire up IE from your modified shortcut, and be amazed by how fast you are able to use IE!


ORIGINAL WALLPAPERS

This is more of a fun tweak than it is useful. Go to run, type regedit press ok. when that comes up go to HKEY_CURRENT_USER>Control Panel>Desktop
Now find the orginalwallpaper, right click and select modify.In the text box type the path to the file you want to be your orginal desktop wallpaper.


REMOVE PAST ITEMS ICONS IN TASKBAR

Some times When you check your TasKbar properties or when you hide or unhide icons you can see old icons from Uninstalled or old programs you dont have anymore. This Tweak will help you how to get rid of this problem. Here is how to clear the past items or icons list in the TaskBar, perform the following steps:
1.Open Regedit Navigate to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\TrayNotify
2.Delete the IconStreams and PastIconsStream values
3.Open Task Manager, click the Processes tab, click Explorer.exe , and then click End Process .
4.In Task Manager, click File , click New Task , type explorer , and then click OK .


How to Add an Option to Print the Contents of a Folder

Would you like to be able to right click any folder in Explorer and print its contents? You can add this option to the context menu by following these steps:

First, you need to create a batch file called Printdir.bat. Open Notepad or another text editor and type (or cut and paste) this text:

@echo off
dir %1 /-p /o:gn > "%temp%\Listing"
start /w notepad /p "%temp%\Listing"
del "%temp%\Listing"
exit

Now, in the Save As dialog box, type "%windir%\Printdir.bat" (without the quotation marks) and click the Save button.
Click Start, Control Panel, Folder Options.
Click the File Types tab, and then click File Folder.
Click the Advanced button.
Click the New button.

In the Action box, type "Print Directory Listing" (without the quotation marks).

In the Application used to perform action box, type "Printdir.bat" (without the quotation marks).

Click OK in all three dialog boxes to close the dialog boxes.

You're not quite finished yet! Now you need to edit the Registry, so open your favorite Registry Editor.

Navigate to HKEY CLASSES ROOT\Directory\shell.

Right click on "default" and select Modify.
In the File Data box, type "none" (without the quotation marks).

Click OK and close the Registry Editor.

Now when you right click a folder, you'll see the option to Print Directory Listing. Selecting it will print the contents of the folder.

Who needs a stinking program to print a folder directory? :-)


Make Your Cd Autorun

If you wanna make a autorun file for that CD you are ready to burn just read this...

1) You open notepad

2) now you writ: [autorun]
OPEN=INSTALL\Setup_filename.EXE
ICON=INSTALL\Setup_filename.EXE

Now save it but not as a .txt file but as a .inf file.

But remember! The "Setup_filename.EXE" MUST be replaced with the name of the setup file. And you also need to rember that it is not all of the setup files there are called '.exe but some are called '.msi

3) Now burn your CD with the autorun .inf file included.

4) Now set the CD in you CD drive and wait for the autorun to begin or if nothing happens just double-click on the CD drive in "This Computer"


Boot Windows XP Fast

Follow the following steps:

1. Open notepad.exe, type "del c:\windows\prefetch\ntosboot-*.* /q" (without the quotes) & save as "ntosboot.bat" in c:\
2. From the Start menu, select "Run..." & type "gpedit.msc".
3. Double click "Windows Settings" under "Computer Configuration" and double click again on "Shutdown" in the right window.
4. In the new window, click "add", "Browse", locate your "ntosboot.bat" file & click "Open".
5. Click "OK", "Apply" & "OK" once again to exit.
6. From the Start menu, select "Run..." & type "devmgmt.msc".
7. Double click on "IDE ATA/ATAPI controllers"
8. Right click on "Primary IDE Channel" and select "Properties".
9. Select the "Advanced Settings" tab then on the device or 1 that doesn't have 'device type' greyed out select 'none' instead of 'autodetect' & click "OK".
10. Right click on "Secondary IDE channel", select "Properties" and repeat step 9.
11. Reboot your computer.

Hide Files Inside Pictures

It will teach you how to hide files from others. It will use to protect your data from others.Then watch this demo in following video.

Set User Level Permissions in XP

First u need NTFS file system on ur drive.
Use the command " convert "to change file system to NTFS.
U won't need to format the drive if u use this command.
The syntax is as follows convert drive /fs:ntfsif u need to convert drive d:
the command will be " convert d: /fs:ntfs

"If the volume is in use by the OS, it will ask for a force unmount of the volume.
Allow it. Ur drive will be converted to NTFS either at the same time or after reboot. Then do the following steps.
Open folder options.
Select the View tabnavigate to the last entryThe last entry is " Use simple file sharing "Uncheck it.
Now check the property window of the NTFS drive.
You will find an additional tab called "security".
Now you can set user level permissions on ur drives and folders.
If u check the USE simple file sharing after setting the permissions,nobody will find the trick.
U can restrict the access to ur personal files.
NB: Use the following commands to make ur account more secure1.gpedit.msc -allows u to edit group policies2.secpol.msc -allows u to edit the security policies3.services.msc - allows you to disable unwanted services like "remote registry"U can restrict access even to control panel,command promt and registry if u use group policy editor(gpedit.msc).

Group policy editor is not available in Windows XP home edition.

Auto Logon in XP

Save some time by skipping the login screen completely, and coming directly to the desktop.

if you are the administrator of your computer then you can force a user to login without putting in the login details.

For automatically Login to XP just follow these steps.

1. Click Start –> Run, and type “control userpasswords2″

2. You will see a new Window, now in that window, Untick “Users must enter a user name and password to use this computer”.

3. Click OK, and the you will see a new window asking you to type in the username and password with default username as Administrator.

4. There you can put in the username you want to specify and put in the login details, click OK, and thats it, you are done with this.

Windows XP Vs Windows 2000

Windows 2000 and Windows XP are essentially the same operating system (known internally as Windows NT 5.0 and Windows NT 5.1, respectively.)

Microsoft has added a host of new features to both versions of Windows XP, but nothing that appears to be absolutely compelling for business users. One of the new features called "Fast User Switching" allows to to run two separate logged in sessions at once. This allows a user to do everyday work such as e-mail using a non-privileged user account, and then run an Administrative session at the same time without rebooting or resorting to the "Run As" command. This also allows you to quickly log onto any users workstation and make administrative changes without logging them off. The remote assistance feature of XP can also help reduce support costs by allowing your Help Desk staff to interact with a user's PC over the network. XP's built in ZIP compression support can also save your company a lot of money in licensing fees if you are currently using a third party utility such as WinZIP.


Windows 2000 benefits:

=> Windows 2000 has lower system requirements, and has a simpler interface (no "Styles" to mess with).
=> Windows 2000 is slightly less expensive, and has no product activation.
=> Windows 2000 has been out for a while, and most of the common problems and security holes have been uncovered and fixed.

Windows XP benefits:

=> Windows XP is somewhat faster than Windows 2000, assuming you have a fast processor and tons of memory (although it will run fine with a 300Mhz Pentium II and 128MB of RAM).

=> The new Windows XP interface is more cheerful and colorful than earlier versions, although the less-cartoony "Classic" interface can still be used if desired.

=> Windows XP has more bells and whistles, such as the Windows Movie Maker, built-in CD writer support, the Internet Connection Firewall, and Remote Desktop Connection.

=> Windows XP has better support for games and comes with more games than Windows 2000.

=> Windows XP is the latest OS - if you don't upgrade now, you'll probably end up migrating to XP eventually anyway, and we mere mortals can only take so many OS upgrades.

=> XP is less prone to crash than its previous versiond and 2000.

XP Application Secrets

1.Easter Eggs (Definition) - A hidden message or

feature in an application. This guide covers the

undocumented and hidden features in Windows XP. All

of the following were tested in Windows XP only.

Notes - This is not a performance related guide,

use the Optimize XP Guide to improve system

performance and the Diagnose XP Guide to

troubleshoot a system problem.


a. Defrag

Secret - Hidden Command Line Switch
Instructions - Go to "Start", "Run" and Type defrag

c: -b to defragment the Boot and Application

Prefetch information.

Notes - Windows XP will run this automatically

every three days or so, during system idle periods.

BootVis will evoke this when you run the "Optimize

System" function. There is no need to manually run

this unless you wish to immediately optimize a

newly installed application's load time.


b. Paint

Secret - Image Trails
Instructions - Open an image and hold down Shift

then drag the image around to create an image

trail.

Secret - 10x Zoom
Instructions - Open an image and select the

magnifying glass icon. Left-Click exactly on the

line below the 8x.


2.Game Secrets


a. FreeCell

Secret - Instant Win
Instructions - Hold down Ctrl + Shift + F10 during

game play. Then you will be asked if you want to

Abort, Retry or Ignore. Choose Abort, then move any

card to instantly win.

Secret - Hidden Game Modes
Instructions - In the "Game" menu choose "Select

Game". Enter -1 or -2 to activate the hidden game

modes.


b. Hearts

Secret - Show All Cards
Instructions - Edit this registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Curren

tVersion\Applets\Hearts and create a new String

value named ZB with a Data value of 42. Start

Hearts and Press Ctrl + Alt + Shift + F12 to show

all the cards.

Background - This secret is a reference to Douglas

Adams' book the Hitch Hiker's Guide to the Galaxy.

'ZB' is the initials of the character Zaphod

Beeblebrox, the Galactic President. '42' is the

answer to The Ultimate Question Of Life, the

Universe and Everything.


c. Minesweeper

Secret - Reveal Mines
Instructions - Minimize or close all running

applications. Launch Minesweeper, then type xyzzy.

Next hold down either shift key for one second. Now

when you move the mouse cursor over a Minesweeper

square you will see a tiny white pixel in the top

left corner of your desktop screen. This pixel will

change to black when your mouse moves over a mine.

You may need to change you desktop background to a

solid color other then white or black to see the

pixel.

Secret - Stop Timer
Instructions - Launch Minesweeper and start a game

so the timer starts counting, then press the

Windows Key + D to show the desktop. Now when you

select minesweeper from the taskbar you can

continue playing with the timer stopped.


d. Pinball

Secret - Extra Balls
Instructions - Type 1max at the start of a new ball

to get extra balls.

Secret - Gravity Well
Instructions - Type gmax at the start of a new game

to activate the Gravity Well.

Secret - Instant Promotion
Instructions - Type rmax at the start of a new game

to go up in ranks.

Secret - Skill Shot
Instructions - Launch the ball partially up the

chute past the third yellow light bar so it falls

back down to get 75,000 points. There are six

yellow light bars that are worth a varying amount

of points:

First: 15,000 points
Second: 30,000 points
Third: 75,000 points
Fourth: 30,000 points
Fifth: 15,000 points
Sixth: 7,500 points

Secret - Test Mode
Instructions - Type hidden test at the start of a

new ball to activate Test Mode. No notification

will be given that this is activated but you can

now left-click the mouse button and drag the ball

around. While in test mode press the following keys

for more secrets:

H - Get a 1,000,000,000 High Score
M - Shows the amount of system memory
R - Increases your rank in game
Y - Shows the Frames/sec rate

Secret - Unlimited Balls
Instructions - Type bmax at the start of a new

ball. No notification will be given that this is

activated but when a ball is lost a new ball will

appear from the yellow wormhole indefinitely. Once

this is activated you will be unable to activate

other secrets without restarting the game.


e. Solitaire

Secret - Instant Win
Instructions - Press Alt + Shift + 2 during game

play to instantly win.

Secret - Draw single cards in a Draw Three game
Instructions - Hold down CTRL + ALT + SHIFT while

drawing a new card. Instead of drawing three cards

you will only draw one.


3. OS Secrets

a. Add/Remove

Secret - Hidden Uninstall Options
Instructions - Warning: Proceed at your own risk!

Browse to C:\Windows\inf\ and make a backup copy of

sysoc.inf. Then open the original file

C:\Windows\inf\sysoc.inf in notepad. Go to "Edit"

and select "Replace". In "Find what:" type ,hide

and in "Replace with:" type , then select "Replace

All", save and close the file. Go to the "Control

Panel", "Add/Remove", select "Add/Remove Windows

Components". You will now see many more Windows

components to uninstall. Do not remove anything

with no label or that you do not recognize or fully

understand what it does. Doing so can break certain

functionality in Windows.


b. Control Panel

Secret - Hidden Control Panel Extensions
Instructions - Download and install TweakUI,

launch, go to "Control Panel" and check any item

not selected, then "Apply" and "OK". You will now

see the hidden control panel extensions.


c. Device Manager

Secret - Hidden Devices
Instructions - Go to the "Control Panel", "System"

icon, "Hardware" tab and select "Device Manager".

Select "View" and Show hidden devices.

Secret - Phantom Devices
Instructions - Go to "Start", "Programs",

"Accessories" and select "Command Prompt". At the

command prompt, type "set

devmgr_show_nonpresent_devices=1" and press Enter.

At the command prompt, type "start devmgmt.msc" and

press Enter. Select "View" and Show hidden devices.

You can see devices that are not connected to the

computer. - Source

Notes - When you close the command prompt window,

Windows clears the

"devmgr_show_nonpresent_devices=1" variable that

you set and prevents phantom devices from being

displayed when you select "Show hidden devices".


d. Music

Secret - Music from the Installer
Instructions - Browse to

C:\Windows\system32\oobe\images\title.wma and play.

Notes - "OOBE" stands for "Out-of-Box Experience".

e. Shutdown

Secret - Display Hibernate Option on the Shut Down

dialog
Instructions - Go to "Start", "Turn Off

Computer..." and press either Shift key to change

the "Stand By" button to "Hibernate".


f. Support Tools

Secret - Over 100 Windows XP Support Utilities are

on the install CD

Instructions for Pre-SP2 users - If you do not have

SP2 installed, put the original Windows XP CD in

the CD-ROM Drive, run the

D:\Support\Tools\setup.exe file.

Instructions for SP2 users - If you have SP2

installed, Download the Windows XP Service Pack 2

Support Tools and install.

Optimization Myths 2

1. Disable System Restore

Myth - "Disabling System Restore improves performance."

Reality - "System Restore does not cause any noticeable performance impact when monitoring your computer. The creation of a Restore point also is a very fast process and usually takes only a few seconds. Scheduled System Checkpoints (every 24 hours by default) are created only at system idle time to avoid interfering with a computer during use." - Source


2. Disk Defragmenter

Myth - "The built-in Disk Defragmenter is good enough."

Reality - "This statement would be true if the built-in defragmenter was fast, automatic, and customizable. Unfortunately, the built-in defragmenter does not have any of these features. The built-in defragmenter takes many minutes to hours to run. It requires that you keep track of fragmentation levels, you determine when performance has gotten so bad you have to do something about it, and then you manually defragment each drive using the built-in defragmentation tool." - Source - Comparison Chart (PDF)

Disk Defragmenter Limitations - "The Disk Defragmenter tool is based on the full retail version of Diskeeper by Executive Software International, Inc. The version that is included with Microsoft Windows 2000 and later provides limited functionality in maintaining disk performance by defragmenting volumes that use the FAT, the FAT32, or the NTFS file system. The XP version has the following limitations." - Source

- It can defragment only local volumes.
- It can defragment only one volume at a time.
- It cannot defragment one volume while scanning another.
- It cannot be easily scheduled without scripts or third party utilities
- It can run only one Microsoft Management Console (MMC) snap-in at a time.


3. Hiberfil.sys

Myth - "It is necessary to delete the Hiberfil.sys before defragmenting."

Reality - "The Hiberfil.sys is a file to which the system's physical memory is written during hibernation. On resuming from hibernation, the BIOS reads Hiberfil.sys to restore the state of the computer to its pre-hibernation state. Because the location of the Hibernate file is determined very early in the startup process, it cannot be moved. It can, however, be defragmented safely at startup using an enterprise-level defragmenter such as Diskeeper or the freeware utility PageDefrag." - Source


4. FAT32 vs. NTFS

Myth - "The FAT32 file system is faster/better than NTFS."

Reality - "NTFS is the better file system with many advantages over FAT32. NTFS features: Built-In Security, Recoverability, Alternate Streams, Custom File Attributes, Compression, Object Permissions, Economical Disk Space Usage using a more Efficient Cluster Size and Fault Tolerance. Windows 2000 and XP come with NTFS version 5 which includes even more advanced features such as: Encryption, Disk Quotas, Sparse Files, Reparse Points, Volume Mount Points. None of which is available with FAT32." - Comparison Chart

Performance
"NTFS is built for speed with impressive disk I/O performance on large volumes (Over 400 MB). NTFS uses a binary tree structure for all disk directories, which reduces the number of times the system has to access the disk to locate files. This system is best for large directories, and NTFS easily outperforms FAT32 in these situations. In addition, NTFS automatically sorts files in a folder on the fly. NTFS gains an edge over FAT32 by using relatively small disk allocation units (cluster sizes) for NTFS volumes. Smaller clusters prevent wasted disk space on volumes, especially those with numerous small files. Because NTFS uses small clusters better and has a more efficient design, its performance doesn't degrade with large volumes, in contrast to FAT's." - Source - Source 2

"NTFS is generally believed to be slower than FAT. However, with a correctly created NTFS volume, NTFS performance optimizations, and improved disk defragmentation, NTFS performance (including the extra "journaling") is equivalent to FAT on small disks and is faster than FAT on large disks. FAT32 performance is further reduced for volumes larger than 32 GB in two areas:

- Boot time with FAT32 is increased because of the time required to read all of the FAT structure. This must be done to calculate the amount of free space when the volume is mounted.
- Read/write performance with FAT32 is affected because the file system must determine the free space on the disk through the small views of the massive FAT structure. This leads to inefficiencies in file allocation." - Source

Gaming Performance
"The numbers show...not much difference. In fact, the only test that doesn't show near-perfect parity is PCMark04, and the difference between the results on the two file systems is less than two percent. HDTach's read and access tests, which respectively measure how fast data can be read from the drive and how quickly the drive can locate data, were nearly identical. More importantly, the gaming tests showed nary a difference in all-important frame rates between the file systems and the cluster sizes. Based on the uniformity we experienced, we highly recommend that users of Windows XP take advantage of the NTFS file system. Its gaming prowess matches that of FAT32 and it boasts a healthy line-up of advantages over its opponent." - Source

Reliability
In addition to its extensive memory and application protection features, NTFS is a reliable file system. When storing data to disk, NTFS records file I/O events to a special transaction log. If the system crashes or encounters an interruption, NTFS can use this log to restore the volume and prevent corruption from an abnormal program termination or system shutdown. NTFS doesn't commit an action to disk until it verifies the successful completion of the action. This precaution helps prevent corruption of an NTFS volume. NTFS also supports hot-fixing disk sectors, where the OS automatically blocks out bad disk sectors and relocates data from these sectors. This housecleaning happens in the background. An application attempting to read or write data on a hot-fixed area will never know the disk had a problem. I only recommend and use NTFS with Windows 2000 and XP." - Source


5. Converting FAT32 to NTFS

Myth - "Converting FAT32 volumes to NTFS instead of formatting them will reduce performance by forcing a 512 byte cluster size."

Reality - "Windows XP CONVERT creates the best possible cluster size according to the existing FAT format. On NTFS volumes, clusters start at sector zero; therefore, every cluster is aligned on the cluster boundary. For example, if the cluster size was 4K and the sector size was 512 bytes, clusters will always start at a sector number that is a multiple of 4096/512 for example, 8. However, FAT file system data clusters are located after the BIOS Parameter Blocks (BPB), reserved sectors, and two FAT structures. FAT formatting cannot guarantee that data clusters are aligned on a cluster boundary. In Windows 2000, CONVERT handled this problem by forcing an NTFS cluster size of 512 bytes, which resulted in reduced performance and increased disk fragmentation. In Windows XP, CONVERT chooses the best cluster size (4K is the ideal)." - Source

Notes - The FAT32 file system does not use a default cluster size smaller than 4 KB. The maximum NTFS default cluster size under Windows XP is 4 KB because NTFS file compression is not possible on drives with a larger allocation size. - Source


6. IO Page Lock Limit

[HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManagement] "IoPageLockLimit"

Myth - "Increasing the IO Page Lock Limit will lock more memory for exclusive access by the kernel, improving performance."

Reality - "Indeed, it does do this but only in an RTM Windows 2000 machine. It does absolutely nothing in Windows 2000 Service Pack 1 and up, and absolutely nothing in Windows XP. This makes it effectively useless, since no one in their right minds would be running RTM Windows 2000. The RTM kernel references IoPageLockLimit. The SP1 kernel does not. Neither do any subsequent editions of the kernel; neither does the XP kernel in any of its incarnations." - Source


7. IRQ Priority

[HKLM\SYSTEM\CurrentControlSet\Control\PriorityControl] "IRQ8Priority"

Myth - "Adjusting the Priority of IRQs especially IRQ 8 improves system performance."

Reality - "IRQs don't even HAVE a concept of "priority" in the NT family; they do have something called "IRQL" (interrupt request level) associated with them. But the interval timer interrupt is already assigned a higher IRQL than any I/O devices, second only to the inter-processor interrupt used in an MP machine. The NT family of OSes don't even use the real-time clock (IRQ 8) for time keeping in the first place! They use programmable interval timer (8254, on IRQ 0) for driving system time keeping, CPU time accounting, and so on. IRQ 8 is used for profiling, but profiling is almost never turned on except in very rare development environments. Even if it was possible it doesn't even make sense why adjusting the real-time clock priority would boost performance? The real-time clock is associated with time keeping not CPU frequency. I would not be surprised if this originated in an overclocking forum somewhere. This "tweak" can be found in most XP all-in-one tweaking applications. This is a perfect example of why they are not recommended." - Source


8. Launch folder windows in a separate process

Myth - "Enabling Launch folder windows in a separate process improves performance."

Reality - "Use this setting if your computer frequently crashes, and you are trying to minimize problems or troubleshoot. Be aware, however, this process uses more memory and that doing this could slow down the performance of your computer." - Source

Notes - Windows XP is a very stable operating system and should never Lock-up (freeze), display Blue Screen Stop Errors or Randomly Reboot. These are all warning signs something is wrong or misconfigured with your system. Use the Diagnose XP Guide to help troubleshoot the most common causes of system problems.


9. Large System Cache

[HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManagement] "LargeSystemCache"

Myth - "Enabling LargeSystemCache improves desktop/workstation performance."

Reality - "LargeSystemCache determines whether the system maintains a standard size or a large size file system cache, and influences how often the system writes changed pages to disk. Increasing the size of the file system cache generally improves file server performance, but it reduces the physical memory space available to applications and services. Similarly, writing system data less frequently minimizes use of the disk subsystem, but the changed pages occupy memory that might otherwise be used by applications. On workstations this increases paging and causes longer delays whenever you start a new app. Simply put enable this on a file server and disable it on everything else." - Source

"System cache mode is designed for use with Windows server products that act as servers. System cache mode is also designed for limited use with Windows XP, when you use Windows XP as a file server. This mode is not designed for everyday desktop use. When you enable System cache mode on a computer that uses Unified Memory Architecture (UMA)-based video hardware or an Accelerated Graphics Port (AGP), you may experience a severe and random decrease in performance. For example, this decrease in performance can include very slow system performance, stop errors, an inability to start the computer, devices or applications that do not load, and system instability. The drivers for these components consume a large part of the remaining application memory when they are initialized during startup. Also, in this scenario, the system may have insufficient RAM when the following conditions occur:

- Other drivers and desktop user services request additional resources.
- Desktop users transfer large files.

By default LargeSystemCache is disabled in Microsoft Windows XP." - Source


10. L2 Cache (SecondLevelDataCache)

[HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManagement] "SecondLevelDataCache"

Myth - "Adjusting the SecondLevelDataCache Registry value to match your CPU's L2 Cache size improves performance."

Reality - "SecondLevelDataCache records the size of the processor cache, also known as the secondary or L2 cache. If the value of this entry is 0, the system attempts to retrieve the L2 cache size from the Hardware Abstraction Layer (HAL) for the platform. If it fails, it uses a default L2 cache size of 256 KB. If the value of this entry is not 0, it uses this value as the L2 cache size. This entry is designed as a secondary source of cache size information for computers on which the HAL cannot detect the L2 cache. This is not related to the hardware; it is only useful for computers with direct-mapped L2 caches. Pentium II and later processors do not have direct- mapped L2 caches. SecondLevelDataCache can increase performance by approximately 2 percent in certain cases for older computers with ample memory (more than 64 MB) by scattering physical pages better in the address space so there are not so many L2 cache collisions. Setting SecondLevelDataCache to 256 KB rather than 2 MB (when the computer has a 2 MB L2 cache) would probably have about a 0.4% performance penalty." - Source - Source 2


11. NTFS is Fragmentation Free

Myth - "The NTFS File system does not get fragmented and Defragmenters are unnecessary."

Reality - "Even though NTFS is more resistant to fragmentation than FAT, it can and does still fragment. The reason NTFS is less prone to fragmentation is that it makes intelligent choices about where to store file data on the disk. NTFS reserves space for the expansion of the Master File Table, reducing fragmentation of its structures. In contrast to FAT's first-come, first-served method, NTFS's method of writing files minimizes, but does not eliminate, the problem of file fragmentation on NTFS volumes." - Source


12. QoS

Myth - "Disabling QoS will free up the 20% bandwidth reserved by QoS."

Reality - "As in Windows 2000, programs can take advantage of QoS through the QoS APIs in Windows XP. 100% of the network bandwidth is available to be shared by all programs unless a program specifically requests priority bandwidth. This "reserved" bandwidth is still available to other programs unless the requesting program is sending data. By default, programs can reserve up to an aggregate bandwidth of 20% of the underlying link speed on each interface on an end computer. If the program that reserved the bandwidth is not sending sufficient data to use it, the unused part of the reserved bandwidth is available for other data flows on the same host." - Source


13. RAM Optimizers/Defragmenters

Myth - "Increasing the amount of available RAM using RAM Optimizers/Defragmenters improves performance."

Reality - "RAM Optimizers have no effect, and at worst, they seriously degrade performance. Although gaining more available memory might seem beneficial, it isn't. As RAM Optimizers force the available-memory counter up, they force other processes' data and code out of memory. Say that you're running Word, for example. As the optimizer forces the available-memory counter up, the text of open documents and the program code that was part of Word's working set before the optimization (and was therefore present in physical memory) must be reread from disk as you continue to edit your document. The act of allocating, then freeing a large amount of virtual memory might, as a conceivable side effect, lead to blocks of contiguous available memory. However, because virtual memory masks the layout of physical memory from processes, processes can't directly benefit from having virtual memory backed by contiguous physical memory. As processes execute and undergo working-set trimming and growth, their virtual-memory-to-physical-memory mappings will become fragmented despite the availability of contiguous memory." - Source


14. Clearmem

Myth - "Running Clearmem improves performance by freeing up memory."

Reality - "Microsoft's Clearmem, the memory-consuming test tool, is a simulation tool that lets developers measure the minimum working set for a process and to help system administrators isolate cache bottlenecks on servers. Clearmem was originally found on the Windows NT Resource Kit 4.0 CD and can now be found on the Windows Server 2003 Resource Kit. It allocates and references all available memory, consuming any inactive pages in the working sets of all processes (including the cache) and effectively clears the cache of all file data. As Clearmem increases its working set the working sets of all other processes are trimmed until they contain only pages currently being used and those most recently accessed. This reduces the performance of all running applications every time you run this by reducing their amount of available memory, forcing them to needlessly page and causing any cached file data to have to be reread from disk." - Source - Source 2


15. RegClean

Myth - "It is safe to use Microsoft's RegClean."

Reality - "The RegClean utility is no longer supported by Microsoft and has been removed from all Microsoft download sites. This was done for legitimate compatibility reasons with certain applications and Operating Systems. The RegClean utility was originally supplied with Microsoft Visual Basic version 4.0 for Windows. The last version of RegClean was 4.1a (build 7364.1) released on March 13, 1998 (RegClean.exe is dated December 30, 1997). During this time the latest Operating Systems were Windows 95 OSR2.1 and Windows NT 4.0. Windows 98 was not released until June 25, 1998. Compatibility with any Operating System besides Windows 95 and NT 4.0 was never substantiated, especially Windows XP. It is very dangerous to run a Registry Cleaner that was never certified to run on your Operating System since removing the wrong Registry Keys can break Applications and the Operating System. RegClean breaks functionality in the following Applications:

- Microsoft Office XP (Setup)
- Microsoft Office Standard Edition 2003
- Microsoft Office Small Business Edition 2003
- Microsoft Office Access 2003
- Microsoft Office FrontPage 2003
- Microsoft Office PowerPoint 2003
- Microsoft Office Word 2003
- Microsoft Office Professional Edition 2003
- Microsoft Office Student and Teacher Edition 2003
- Microsoft Office Basic Edition 2003
- Microsoft Office Excel 2003
- Microsoft Office Outlook 2003
- Microsoft Office Publisher 2003
- Microsoft Office 2000 Premium Edition
- Microsoft Office 2000 Professional Edition
- Microsoft Office 2000 Standard Edition
- Microsoft Office 2000 Small Business Edition
- Microsoft Office 2000 Developer Edition
- Microsoft Access 2002 Standard Edition
- Microsoft Excel 2000 Standard Edition
- Microsoft FrontPage 2000 Standard Edition
- Microsoft Outlook 2000 Standard Edition
- Microsoft PowerPoint 2000 Standard Edition
- Microsoft Word 2000 Standard Edition

This occurs for any Microsoft Windows Installer product on which the program's installation state is set to Installed on First Use. - Source


16. Registry Cleaners

Myth - "Registry Cleaners improve performance."

Reality - "A few hundred kilobytes of unused keys and values causes no noticeable performance impact on system operation. Even if the registry was massively bloated there would be little impact on the performance of anything other than exhaustive searches." - Source

Notes - "Registry Cleaners can fix problems associated with traces of applications left behind due to incomplete uninstalls. So it seems that Registry junk is a Windows fact of life and that Registry cleaners will continue to have a place in the anal-sysadmin's tool chest, at least until we're all running .NET applications that store their per-user settings in XML files - and then of course we'll need XML cleaners."


17. Set CPU Priority

[HKLM\SYSTEM\CurrentControlSet\Control\PriorityControl] "Win32PrioritySeparation"

Myth - "Setting this value to 26 gives a boost to the priority of foreground applications."

Reality - "This is one of the most useless tweaks since this is already the default and optimal setting in Windows XP. Thus you are changing nothing. The GUI control for this is built-in to Windows. Go to the Control Panel, System Icon, Advanced Tab, Performance - click Settings, Advanced Tab, Processor Scheduling - Programs is the default setting. Choosing the Programs option (26 Hexadecimal) will result in a smoother, faster response time for your foreground program (default and optimal). If you want a background task, such as a Backup utility, to run faster, choose the Background services option (18 Hexadecimal)." - Source

Myth - "Setting this value to 38 gives a boost to the priority of foreground applications."

Reality - "People are confusing the Hexadecimal and Decimal value settings of this Registry Key. By Default Windows XP already sets this value optimally to 26 Hexadecimal = 0x00000026 which is automatically translated to 38 Decimal = (38). This is shown as 0x00000026 (38) in this registry key. The Windows XP Registry Editor defaults to changing the Hexadecimal Value when you go to modify a Registry Key. The problems is it is commonly recommended to change this value to "38" with no mention of this being the Decimal value and instead the Hexadecimal Value is changed because it is the default. This makes the key show 0x00000038 (56). This is not one of this key's functional values and setting a bit field in Win32PrioritySeparation to values other than those shown in the table will result in the default option being selected (26 Hexadecimal). Thus this does absolutely nothing." - Source

Functional Values:
0x28 (0x29, 0x2A)
0x18 (0x19, 0x1A)
0x24 (0x14)
0x25
0x26 (Default and Optimal)
0x15
0x16

Optimization Myths 1

Also known as "Bad Tweaks" these are frequently recommended and included in various tweaking programs claiming to improve performance. In each case they either do absolutely nothing or even worse, actually hurt performance. For Tweaks that work use the Optimize XP guide.

1. Always Unload DLL (Disable DLL Caching)

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer] "AlwaysUnloadDLL"

Myth - "Enabling AlwaysUnloadDLL frees up more memory and improves performance."

Reality - "Adding this Registry Key in Windows 2000 or XP has no effect since this registry key is no longer supported in Microsoft Windows 2000 or later. The Shell automatically unloads a DLL when its usage count is zero, but only after the DLL has not been used for a period of time. This inactive period might be unacceptably long at times, especially when a Shell extension DLL is being debugged. For operating systems prior to Windows 2000, you can shorten the inactive period by adding this registry key."

2. /Prefetch:1 Switch

Myth - "Adding the /Prefetch:1 Switch to the startup path of a program's shortcut will decrease the program's startup time."

Reality - All it does is change your hash number - the OS is doing exactly the same thing it did before, and just saving the prefetch pages to a different file. It does not improve performance in any way. Ryan Myers of Microsoft's Windows Client Performance Team writes: "The /prefetch:# flag is looked at by the OS when we create the process - however, it has one (and only one) purpose. We add the passed number to the hash. Why? WMP is a multipurpose application and may do many different things. The DLLs and code that it touches will be very different when playing a WMV than when playing a DVD, or when ripping a CD, or when listening to a Shoutcast stream, or any of the other things that WMP can do. If we only had one hash for WMP, then the prefetch would only be correct for one such use having incorrect prefetch data would not be a fatal error - it'd just load pages into memory that'd never get used, and then get swapped back out to disk as soon as possible. Still, it's counterproductive. By specifying a /prefetch:# flag with a different number for each "mode" that WMP can do, each mode gets its own separate hash file, and thus we properly prefetch. (This behavior isn't specific to WMP - it does the same for any app.) This flag is looked at when we create the first thread in the process, but it is not removed by CreateProcess from the command line, so any app that chokes on unrecognized command line parameters will not work with it. This is why so many people notice that Kazaa and other apps crash or otherwise refuse to start when it's added. Of course, WMP knows that it may be there, and just silently ignores its existence. I suspect that the "add /prefetch:1 to make rocket go now" urban legend will never die, though."


3. Cleaning the Prefetch Folder

Myth - "Deleting the contents of the Prefetch folder improves performance."

Reality - "Every time you delete an application's Prefetch (.PF) file you will cripple that application's load time the next time you go to launch it. This can temporarily increase load times by as much as 100%. For one thing, XP will just re-create the Prefetch (.PF) trace files anyway; secondly, it trims the files if there's ever more than 128 of them so that it doesn't needlessly consume space. However you do not regain optimal application load times back until after the second time you launch the same application due to the Prefetch (.PF) trace file being re-created. Prefetch (.PF) trace files are not a cache and are not preloaded into memory upon windows startup. They are never even accessed until you launch an application. Only one Prefetch (.PF) trace file per application is created. There is never ANY reason to delete these files. Cleaning the Prefetch folder is actually a temporary self-inflicted unoptimization. Why you would want to deliberately hurt your PC's performance I have no idea." - Source - Source 2 - Source 3 - Source 4

Malware/Viruses - Some people irresponsibly recommend cleaning this folder due to possible Malware/Virus infection. Malware/Viruses can place an infected file(s) in any folder and the Prefetch folder is no different. Do these same people recommend deleting the contents of the Windows folder because it is a popular location to find an infected file(s)? Of course not, you simply clean or delete the infected file(s) not the contents of the folder. This Myth got started due to the indiscriminate nature of the Windows Prefetcher, which will Prefetch any executable file that you load or loads during Windows start up. Thus it is quite common on an infected machine to find a Prefetch (.PF) trace file in the Prefetch folder with the same name as an infected executable. These files are NOT Malware/Viruses. They are there to improve the load time, in this case ironically, of the Malware/Virus but do not contain any infected code. Once the associated infected executable is deleted, these Prefetch (.PF) trace files do nothing and will eventually automatically be cleaned by Windows.

Corrupted Files - Some people claim that Prefetch (.PF) trace files can get randomly "corrupted" and thus they need to be periodically deleted. Files do not get "corrupted" unless something is wrong with your computer. Any file corruption is a warning sign something is wrong with your system. Overclocking, using defective components like Memory and Harddrives and using FAT32 instead of the superior NTFS file system are common causes of file corruption. NTFS is very resilient to file corruption as compared to FAT32. When storing data to disk, NTFS records file I/O events to a special transaction log. If the system crashes or encounters an interruption, NTFS can use this log to restore the volume and prevent corruption from an abnormal program termination or system shutdown. NTFS doesn't commit an action to disk until it verifies the successful completion of the action. This precaution helps prevent corruption of an NTFS volume. NTFS also supports hot-fixing disk sectors, where the OS automatically blocks out bad disk sectors and relocates data from these sectors. This housecleaning happens in the background. An application attempting to read or write data on a hot-fixed area will never know the disk had a problem. Thus the solution is fixing the cause of the file corruption.

CCleaner - Finally the useless, performance slowing cleaning option "Old Prefetch data" was moved to the advanced section and is now not selected by default. Never select this option for cleaning as it will increase application and Windows load times. This option removes Prefetch files that are a few weeks old based on the NTFS last access date. Since Windows XP already cleans this folder at 128 entries, this is a useless option that will only reduce system performance. You should never delete a Prefetch file for any installed application since that would cripple it's load times. Just because a program was not used in a few weeks does not mean you want it to load as slow as possible when you do decide to use it. If you disable the NTFS last access date stamp then this option will delete the whole contents of the Prefetch folder after a few weeks, which will cripple Windows Boot and all application load times. The Prefetch folder is also ridiculously small so cleaning Prefetch files before the 128 limit will reclaim next to no disk space. This option clearly needs a warning to prevent people from unknowingly hurting their system performance. Anyone who claims this should be cleaned for ANY reason does not understand how Windows Prefetching works. - Source

Bad Advice - This bad advice to clean the prefetch folder is posted frequently on the Internet by people who do not understand how the Windows XP Prefetcher works. Their explanations are 100% inaccurate. - Bad Advice 1 - Bad Advice 2 - Bad Advice 3 - Bad Advice 4


4. EnablePrefetcher

[HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManagement\PrefetchParameters] "EnablePrefetcher"

Myth - "Setting any value higher then 3 to EnablePrefetcher will improve performance."

Reality - The Prefetcher component in Windows XP is part of the Memory Manager, and helps to shorten the amount of time it takes to start Windows and programs. This is a new feature in Windows XP which improves application load times and Windows boot times automatically. The slower your system and the larger an application, the more Prefetching helps. Even high end systems benefit from prefetching with large, slow loading applications, such as large games. By default Prefetching is enabled in Windows XP and already configured optimally. The following list describes the different possible values for the EnablePrefetcher registry key.

0 = Disabled
1 = Application launch prefetching enabled
2 = Boot prefetching enabled
3 = Applaunch and Boot enabled (Optimal and Default)

By default the Prefetcher is set to a value of 3 in Windows XP. Values such as 4, 5, 6 ect... do not exist and are thus useless. Leave this at the default value of 3 which is already optimal for maximum performance on both Windows XP Boot and initial application launches. - Source

Low Memory Systems - Recommendations to disable Prefetching on low memory systems (128 MB - 512 MB) is based on the fallacy that portions of application code are preloaded into memory before the application load is initiated during Windows startup. This is completely false and is spread by people who do not understand how Windows XP Prefetching works. The slower the system the more it will benefit from Prefetching. 64 MB systems will suffer due to insufficient RAM, reducing but not eliminating Window XP's prefetching benefits. 128 MB is the recommended minimum for optimal prefetching performance.

Boot Performance - Recommendations to set the EnablePrefetcher value to 2 to improve boot performance is based on the fallacy that portions of application code are preloaded into memory before the application load is initiated during Windows XP startup. This is completely false and is spread by people who do not understand how Windows XP Prefetching works. Only the files used during boot will be Prefetched. The Prefetch folder is not a cache. Windows XP will boot in the exact same amount of time with either value 2 or 3, the only difference with 2 is that now all of your initial application launches will not be Prefetched and thus load slower. The default value of 3 in no way negatively affects Windows XP boot times. Leave the value at 3 for optimal Windows XP boot and initial application launch times.


5. Enable Superfetch

[HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManagement\PrefetchParameters] "EnableSuperfetch"

Myth - "Adding EnableSuperfetch to the registry improves performance in Windows XP as it does in Windows Vista."

Reality - "This myth was started when the Inquirer irresponsibly ran a bogus letter without doing any fact checking. Windows internals guru Mark Russinovich said this won't work, the "Superfetch" string isn't even in the Windows XP kernel. You can confirm this yourself by checking with the strings.exe utility. This makes it impossible for it to do anything since no "Superfetch" command exists. Windows cannot execute a nonexistent command and will simply ignore it. Anyone who says this works is not only lying but a fool." - Source


6. Conservative Swapfile

Myth - "Adding ConservativeSwapfileUsage=1 to the System.ini file improves performance."

Reality - "The System.ini and Win.ini files are provided in Windows XP for backward compatibility with 16-bit applications. They have no effect on the Windows XP paging file settings which are stored in the Registry. This setting only effects Windows 95/98 operating systems. The default setting for ConservativeSwapfileUsage is 1 for Windows 95, and 0 (zero) for Windows 98. On Windows 98 systems you can set ConservativeSwapfileUsage=1 under the [386Enh] heading of the System.ini file causing the system to behave as Windows 95 does, at some cost in overall system performance." - Source


7. Deleting Temp Files

Myth - "Deleting Temp Files improves performance."

Reality - Deleting temporary files does not improve application, gaming or system performance. All it does is increase your available disk space. While AntiVirus and AntiSpyware scan times and general disk search times can be reduced, these are not what people associate with improved performance. Deleting the contents of your browser cache actually reduces performance for previously visited webpages since they must be reloaded into the cache.

Notes - Modern disk search engines such a Windows Desktop Search take the location of temporary files into account and does not waste time indexing these files. Versions are available for download for Windows 2000, XP, 2003 and it is included in Vista.


8. Disable Dr. Watson

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug]

Myth - "Disabling Dr. Watson improves performance since it is always running."

Reality - "If a program error occurs, Dr. Watson will start automatically but not before unless you manually start it. Which means disabling Dr. Watson has no effect on system performance. Dr. Watson (Drwtsn32.exe) for Windows is a program error debugger that gathers information about your computer when an error (or user-mode fault) occurs with a program. Technical support groups can use the information that Dr. Watson obtains and logs to diagnose a program error. When an error is detected, Dr. Watson creates a text file (Drwtsn32.log) that can be delivered to support personnel by the method they prefer. You also have the option of creating a crash dump file, which is a binary file that a programmer can load into a debugger. This is valuable information to help troubleshoot a system problem, thus it makes no sense to disable Dr. Watson." - Source - Source 2 - Source 3

Notes - Programs errors should be addressed and not ignored by making sure you are using the latest non-Beta version of the application that crashed and apply all patches that are available from the developer of the application. This can also be a warning sign something is wrong or misconfigured with your system. Use the Diagnose XP Guide to help troubleshoot the most common causes of system problems.


9. Clearing the Paging File

[HKLM\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManagement] "ClearPageFileAtShutdown"

Myth - "Clearing the Paging File at Shutdown improves performance."

Reality - "Enabling this will clear the Window's paging file (Pagefile.sys) during the shutdown process, so that no unsecured data is contained in the paging file when the shutdown process is complete. If you enable this feature, the shutdown time will be increased. Some third-party programs can temporarily store unencrypted (plain-text) passwords or other sensitive information in memory. Because of the Windows virtual memory architecture, this information can be present in the paging file. Although clearing the paging file is not a suitable substitute for physical security of a computer, you might want to do this to increase the security of data on a computer while Windows is not running." - Source


10. Disable the Paging File

Myth - "Disabling the Paging File improves performance."

Reality - "You gain no performance improvement by turning off the Paging File. When certain applications start, they allocate a huge amount of memory (hundreds of megabytes typically set aside in virtual memory) even though they might not use it. If no paging file (pagefile.sys) is present, a memory-hogging application can quickly use a large chunk of RAM. Even worse, just a few such programs can bring a machine loaded with memory to a halt. Some applications (e.g., Adobe Photoshop) will display warnings on startup if no paging file is present." - Source

"In modern operating systems, including Windows, application programs and many system processes always reference memory using virtual memory addresses which are automatically translated to real (RAM) addresses by the hardware. Only core parts of the operating system kernel bypass this address translation and use real memory addresses directly. All processes (e.g. application executables) running under 32 bit Windows gets virtual memory addresses (a Virtual Address Space) going from 0 to 4,294,967,295 (2*32-1 = 4 GB), no matter how much RAM is actually installed on the computer. In the default Windows OS configuration, 2 GB of this virtual address space are designated for each process' private use and the other 2 GB are shared between all processes and the operating system. RAM is a limited resource, whereas virtual memory is, for most practical purposes, unlimited. There can be a large number of processes each with its own 2 GB of private virtual address space. When the memory in use by all the existing processes exceeds the amount of RAM available, the operating system will move pages (4 KB pieces) of one or more virtual address spaces to the computer's hard disk, thus freeing that RAM frame for other uses. In Windows systems, these "paged out" pages are stored in one or more files called pagefile.sys in the root of a partition. Virtual Memory is always in use, even when the memory required by all running processes does not exceed the amount of RAM installed on the system." - Source


11. Moving the Paging File

Myth - "Moving the Paging File to a different partition on the same drive improves performance."

Reality - "Moving the Paging File (pagefile.sys) to a different partition on the same physical hard disk drive does not improve performance. Simply using a different partition on the same drive will result in lots more head-seeking activity, as the drive jumps between the Windows and paging file partitions. Even though moving the paging file in this case can have the positive effect of defragmenting it, the loss in I/O performance out weighs any gains. It is better to simply defragment the paging file using PageDefrag and keep maximum I/O performance by leaving the paging file where it is with a single drive setup. - Source

Notes - However you can enhance performance by putting the paging file on a different partition and on a different physical hard disk drive. That way, Windows can handle multiple I/O requests more quickly. When the paging file is on the boot partition, Windows must perform disk reading and writing requests on both the system folder and the paging file. When the paging file is moved to a different partition and a different physical hard disk drive, there is less competition between reading and writing requests."


12. Paging File RAMdisk

Myth - "Putting the Paging File on a RAMdisk improves performance."

Reality - "Putting a Paging File in a RAM drive is a ridiculous idea in theory, and almost always a performance hit when tested under real-world workloads. You can't do this unless you have plenty of RAM and if you have plenty of RAM, you aren't hitting your paging file very often in the first place! Conversely, if you don't have plenty of RAM, dedicating some of it to a RAM drive will only increase your page fault rate. Now you might say "yeah, but those additional page faults will go faster than they otherwise would because they're satisfied in RAM." True, but it is still better to not incur them in the first place. And, you will also be increasing the page faults that have to be resolved to exe's and dll's, and the paging file in RAM won't do diddly to speed those up. But thanks to the paging file in RAM, you'll have more of them. Also: the system is ALREADY caching pages in memory. Pages lost from working sets are not written out to disk immediately (or at all if they weren't modified), and even after being written out to disk, are not assigned to another process immediately. They're kept on the modified and standby page lists, respectively. The memory access behavior of most apps being what it is, you tend to access the same sets of pages over time... so if you access a page you lost from your working set recently, odds are its contents are still in memory, on one of those lists. So you don't have to go to disk for it. Committing RAM to a RAMdisk and putting a paging file on it makes fewer pages available for those lists, making that mechanism much less effective. And even for those page faults resolved to the RAMdisk paging file, you are still having to go through the disk drivers. You don't have to for page faults resolved on the standby or modified lists. Putting a paging file on a RAMdisk is a self-evidently absurd idea in theory, and actual measurement proves it to be a terrible idea in practice. Forget about it." - Source - Source 2


13. Disable Certain Services

Myth - "Disabling these Services improves performance."

Reality - "Disabling these Services actually reduces performance."

DNS Client Service - "The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated. This effectively reduces Internet Performance for sites you have previously visited and puts an unnecessary load on your ISP's DNS server." - Source

Task Scheduler Service - "Disabling the Task Scheduler completely cripples Windows XP's Boot and Application Load times by preventing Prefetch (.PF) trace files and the Layout.ini file from being created or updated." - Source

Notes - Disabling other unnecessary services in general has only one affect on performance and that is reduced Windows XP boot times. - Source


14. Disable Paging Executive Low Memory Systems or High Memory Systems

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management] "DisablePagingExecutive"

Myth - "Setting DisablePagingExecutive to 1 improves performance by preventing the kernel from paging to disk."

Reality - "DisablePagingExecutive applies only to ntoskrnl.exe. It does not apply to win32k.sys (much larger than ntoskrnl.exe!), the pageable portions of other drivers, the paged pool and of course the file system cache. All of which live in kernel address space and are paged to disk. On low memory systems this can force application code to be needlessly paged and reduce performance. If you have more than enough RAM for your workload, yes, this won't hurt, but then again, if you have more than enough RAM for your workload, the system isn't paging very much of that stuff anyway. This setting is useful when debugging drivers and generally recommended for use only on servers running a limited well-known set of applications."

Secret Myths

There are various myths people incorrectly think are hidden Secrets, Easter eggs or bugs in Windows XP.

1. 'CON' Folder

Myth - "Not being able to name a file or folder 'CON' is a bug or a secret"

Reality - "Several special file names are reserved by the system and cannot be used for files or folders: CON, AUX, COM1, COM2, COM3, COM4, LPT1, LPT2, LPT3, PRN, NUL. This goes back to DOS 1.0 which didn't support subdirectories, lowercase, or filenames longer than 8.3. 'CON' is a reserved word from the old DOS days, simply meaning 'console'. If you wanted to create a new text file in DOS you could type 'copy con newfile.txt' meaning copy from the console to newfile.txt. This would let you type some lines and when you ended the file you would have a file called newfile.txt containing whatever you wrote in the console. Since they are still relied on with things like batch files (redirect to >NUL) they are still reserved today."


2. Notepad Phrases

Myth - "There are Secret phrases like "bush hid the facts" you can type into Notepad"

Reality - "Notepad makes a best guess of which encoding to use when confronted with certain short strings of characters that lack special prefixes. The encodings that do not have special prefixes and which are still supported by Notepad are the traditional ANSI encoding (i.e., "plain ASCII") and the Unicode (little-endian) encoding with no BOM. When faced with a file that lacks a special prefix, Notepad is forced to guess which of those two encodings the file actually uses. The function that does this work is IsTextUnicode, which studies a chunk of bytes and does some statistical analysis to come up with a guess. Sometimes it guesses wrong and displays random characters after you save and open the file. Any combination of characters in the same order will cause the same problem: "this app can break", "hhhh hhh hhh hhhhh", "this isa bug dummy" ect..."

Security Myths

1. Cookies

Myth - "Cookies are Spyware."

Reality - "Cookies are not Spyware. It's grossly irresponsible for these Anti-Spyware companies to treat cookies like Spyware. REAL Spyware is malicious, machine-hijacking junk that throw pop-ups on your computer, resets your start page, and all sorts of other ugly tricks. A cookie is a text file that has some non-personal information what banner ads have shown on certain sites. That's it. Go ahead and open the cookie on your computer and you'll see it's harmless. Cookies are not Spyware, no matter how hard these Anti-Spyware companies try to make them out to be."

Notes - "Certain Cookies can still pose some privacy concerns and if you wish to remove them it will do no harm. The point is when you find many of these after running a standard Anti-Spyware scan you should not get excited that you are infected with malicious Spyware."


2. Limited User Accounts

Myth - "Limited User Accounts are a Realistic Security Solution."

Reality - "On a nonmanaged XP machine today, it isn't realistic to run without Administrator privileges. Unlike UNIX and UNIX-like systems such as Linux and Apple Computer's Mac OS X, Windows isn't very useable with a non-Administrator account, largely because so many applications are ignorant of rights and were written to work only with Administrator-level accounts. This is particularly problematic in a home environment, in which XP Home Edition's crippled Limited Account type, designed for children and less-technical users, is virtually useless. In Windows XP, the lame Run As option, virtually hidden under a right-click menu that typical users will never know about, is a poor substitute."

"After you log on to a computer by using a Limited User Account, you may observe one or more of the following behaviors when you try to use a program that is not expressly designed for Windows XP.

- The program does not run.
- The program stops responding (hangs).
- You receive notification of run-time error 7 or run-time error 3446.
- The program does not recognize that a CD-ROM is in the CD-ROM drive.
- The program does not allow you to save files.
- The program does not allow you to open files.
- The program does not allow you to edit files.
- The program displays a blank error message.
- You cannot remove the program.
- You cannot open the Help file.

This behavior can occur because the Limited User Account prevents older programs from performing certain functions. Microsoft lists over 189 applications in this article alone that do not work right on a Limited User Account."


3. Power User Accounts

Myth - "Power User Accounts are a Good Compromise Security Solution."

Reality - "Power User accounts allow the installation of software, including ActiveX controls and can easily be elevated to fully-privileged administrators. The lesson is that as an IT administrator you shouldn't fool yourself into thinking that the Power Users group is a secure compromise on the way to running as limited user."


4. Hosts File

Myth - "Special AntiSpyware Hosts Files are necessary to prevent Spyware infections."

Reality - "Using Special AntiSpyware Hosts Files are a waste of time and leads to a false sense of security. Any Malware/Spyware can easily modify the Hosts File at will, even if it is set to Read-only. It is impossible to "lock-down" a Hosts File unless you are running as a limited user which makes using it in this case irrelevant anyway. Various Malware/Spyware uses the Hosts File to redirect your Web Browser to other sites. They can also redirect Windows to use a Hosts File that has nothing to do with the one you keep updating. The Hosts file is an archaic part of networking setups that was originally meant to be used on a LAN and was the legacy way to look up Domain Names on the ARPANET. It tells a PC the fixed numeric address of the internal server(s) so the PC doesn't have to go looking for them through all possible addresses. It can save time when "discovering" a LAN. I don't consider 1970's ARPANET technology useful against modern Malware/Spyware. When cleaning Malware/Spyware from a PC, it is much easier to check a clean Hosts File then one filled with thousands of lines of addresses. Considering how easily a Hosts File can be exploited, redirected and potentially block good sites, it is strongly recommended NOT to waste time using Special Hosts Files. Especially when proper Malware/Spyware protection can be achieved by simply using these steps, all without ever using a Hosts File."

5. 127.0.0.1

"Special AntiSpyware Hosts Files attempt to associate a known safe, numeric address (127.0.0.1) with the names of sites or IP addresses you want to block. When the user or any process on the PC then tries to access a blocked site, it is instead directed to the safe location. It is simply impossible to update a Hosts file frequently enough since it is cheap and easy to purchase new domain names and move to new IP addresses. You also run into problems in accidentally blocking good sites since many sites share the same IP addresses with other sites using Shared IP Hosting. Also once a malicious site is shutdown, that IP Address then becomes free and can easily be acquired by another non-malicious site."


6. Large Hosts Files
"Large Hosts Files cause Internet related slowdowns due to DNS Client Server Caching. This negatively effects your browsing speed. AntiSpyware Hosts File authors irresponsibly recommend disabling the DNS Client Service to solve this problem. This is not a solution. The overall performance of the client computer decreases and the network traffic for DNS queries increases if the DNS resolver cache is deactivated. This effectively reduces Internet Performance for sites you have previously visited and puts an unnecessary load on your ISP's DNS server."

Notes - There is a much better solution for bad site blocking using SpywareBlaster which more intelligently use's Internet Explorer's built-in Zone Security settings and the registry. Mozilla/Firefox protection is also provided.


7. Spyware, Malware and Virus Security

Myth - "It is impossible or difficult to secure Windows XP from Spyware, Malware or Viruses."

Reality - "It is very easy to secure Windows XP, simply use Secure XP - A Windows XP Security Guide. To put it bluntly I simply do not get infected with anything. Keep in mind nothing can fully protect you from something you manually install." - Source


8. Really Hidden Files

Myth - "There are Really Hidden Files in Windows XP that are impossible to see."

Reality - "Any file can be seen in Windows XP once you change from the default view settings. Go to the Control Panel, Appearance and Themes, Folder Options, select Show hidden files and folders and uncheck Hide protected operating system files (Recommended). Protected operating system files also known as Super Hidden Files are by default hidden from view. They are critical system files that if deleted can cause various system problems." - Source - Source 2

Notes - It is possible to get infected by malicious programs known as "Rootkits" which can truly hide themselves from being viewed in Windows Explorer. These malicious programs can be detected using special scanners such as RootkitRevealer.


9. Virus Hoaxes

Myth - "All Email Virus warnings are real."

Reality - "With the increase in the growth of viruses and Trojan programs, many computer users have turned to the Internet as a fast and easy tool to warn friends and co-workers of these threats. At the same time, there has also been a growth of virus hoax warnings. These warnings often describe fantastical or impossible virus or Trojan program characteristics, but appear to be real and forwarding these hoax warnings to friends and co-workers only perpetuates the problem. If you receive an Email that you suspect is a hoax, do not forward it to anyone and never open the attachments. Check in the Vmyths Hoax Database to confirm it is a hoax and delete the Email. If the Email originated from someone you know, send them an Email explaining the hoax." - Source


10. Vulnerabilities

Myth - "The Windows Platform has more Security Vulnerabilities than the Linux/Unix Platform."

Reality - "Between January 2005 and December 2005 there were 5198 reported vulnerabilities: 812 Windows operating system vulnerabilities; 2328 Unix/Linux operating vulnerabilities; and 2058 Multiple operating system vulnerabilities" - Source

Notes - Software vulnerabilities are categorized in the appropriate section reflecting the operating system on which the vulnerability was reported; however, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information.

Reality - "The Linux Kernel v2.6.x has had 231 Vulnerabilities compared to 213 Vulnerabilities for Windows XP." - Source


11. XP Firewall

Myth - "The Windows XP Firewall is not good enough because it lacks outbound filtering."

Reality - "I believe there are a lot of incorrect assumptions and outright myths about outbound filtering. I really like the Firewall in Windows XP Service Pack 2 (SP2). It is lightweight, centrally manageable, does the job well, is unobtrusive, and does something very critical: it protects the system at boot. That last one is crucial; we have seen many systems in the past get infected during boot even with a firewall turned on. Any outbound host-based firewall filtering in Windows XP is really just meaningless as a security feature in my opinion. True, it stops some malware, today, but only because current malware has not been written to circumvent it. There simply are not enough environments that implement outbound rules for the mass market malware authors to need to worry about it. In an interactive attack the attacker can circumvent outbound filters at will. To see how, consider this. Circumventing outbound host-based firewall filters can be accomplished in several ways, depending on the scenario of the actual attack. First, the vast majority of Windows XP users run as administrators, and any malware running as an administrator can disable the firewall entirely. Of course, even if the outbound filter requires interaction from the user to open a port, the malware can cause the user to be presented with a sufficiently enticing and comprehensible dialog, that explains that without clicking "Yes" they will not ever get to see the "dancing pigs". See, the problem is that when the user is running as an administrator, or the evil code runs as an administrator, there is a very good chance that either the user or the code will simply disable the protection. Of course, the user does not really see that dialog, because it is utterly meaningless to users. That is problem number one with outbound filtering. Given the choice between security and sufficiently enticing rewards, like "dancing pigs", the "dancing pigs" will win every time. If the malware can either directly or indirectly turn off the protection, it will do so. The second problem is that even if the user, for some inexplicable reason clicked "No. Bug me again" or if the evil code is running in using a low-privileged account, such as Network Service, the malware can easily step right around the firewall other ways. As long as the account the code is running as can open outbound connections on any port the evil code can simply use that port. Ah, but outbound Firewalls can limit outbound traffic on a particular port to specific process. Not a problem, we just piggy back on an existing process that is allowed. Only if the recipient of the traffic filters based on both source and destination port, and extremely few services do that, is this technique for bypassing the firewall meaningful. The key problem is that most people think outbound host-based firewall filtering will keep a compromised asset from attacking other assets. This is impossible. Putting protective measures on a compromised asset and asking it not to compromise any other assets simply does not work. Protection belongs on the asset you are trying to protect, not the one you are trying to protect against! Asking the bad guys not to steal stuff after they have already broken into your house is unlikely to be nearly as effective as keeping them from breaking into the house in the first place." -

Reliability Myths

1. Windows 95/98/ME vs XP Reliability

Myth - "Windows 95/98/ME is as reliable as XP." - Comparison Chart - Reliability Video

Reality - "Windows XP is 10-30 times more reliable then Windows 95/98/ME. Windows XP Professional is built on the proven code base of Windows 2000, which features a 32-bit computing architecture, and a fully protected memory model. Windows XP offers several enhancements that make it the most reliable version of Windows yet: Application Compatibility, Compatibility Mode, Improved Device and Hardware Support, Shared DLL Support, Shutdown Event Tracker, Windows Driver Protection, Device Driver Rollback, Windows Installer, Auto Update, Dynamic Update, Windows Update, Shadow Copy Integration with Backup, Last Known Good Configuration, Automated System Recovery, System Restore Enhancements, Error Messaging and Product Support, Online Crash Analysis, " - Source

Lab Report: Windows XP More Reliable
- Windows XP Professional ran over 30 times as long without encountering problems as those running Windows 98 SE.
- None of the Windows XP Professional systems had a single application or operating system failure during the test period.
- None of the Windows 2000 Professional Gold systems had a single application or operating system failure during the test period.