Microsoft windows vista, xp and 2000 tips & tricks.

When you try to install a printer in your windows Vista system you receive the following error message:
000005B3: ERROR_REQUIRES_INTERACTIVE_WINDOWSTATION.
This may happen if you have bought a machine with Vista preinstalled and on which you, when finalizing the installation, are presented with multiple language choices and your chosen language doesn’t mach your keyboard choice. E.g. you chose English language for the OS and e.g. a Swedish keyboard during the initial install process.
There is a workaround however. During the first important initial installation you chose the OS language and matching keyboard layout, in this example English OS and English keyboard. In another example you would chose Swedish language OS and the matching Swedish keyboard.

Then, after finalizing the installation; in this example add the Swedish keyboard, making it the default. To do so launch Regional and Language Options from Control Panel, click the Keyboards and Languages tab, and click Change Keyboard.

Windows Vista.

With Windows XP you can let the system synchronize the PC clock with a Time Server on the Internet. The problem is that it's not always reachable. You can easily add more time servers. Find the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DateTime\Servers\. In the right pane you find the two default Time Servers. To add one or more of your own, add a new String Value. Set a name that follows the other two in chronological order. The two that are already there have 1 and 2 so your new server address should be 3 then 4 etc. Double click on the new value and fill in the Web address for the new server.

One server which is always reachable is the Time Server at Lund's Tech University, Sweden. It has the Web address ntp.lth.se

Works with Windows XP.

When you uninstall programs it still show up under Add or Remove Programs. To clean up your Add or Remove Programs list start the Registry Editor (go to Start, Run and type Regedt32). Find the key HKEY_LOCAL_MACHINE\SYSTEM\SOFTWARE\Microsoft\ Windows\CurrentVersion\Uninstall. Find the programs' subkeys ad remove them.
Restart your system for this change to take effect.

Works with Windows 95/98, NT and Windows 2000.

Admit that the default Briefcase Icon on your desktop looks dull. There is a way to replace it with a new and shiny metal Attaché case.
Start the Registry Editor (go to Start, Run and type Regedt32). Find the key HKEY_CLASSES_ROOT\CLSID\{85BBD0920-42A0-1069-A2E4-08002B30309D}\DefaultIcon. Double click on the value in the right pane. It should end with Syncui.dll,0. Change it to Syncui.dll,1.
Restart your system for this change to take effect.

Works with Windows 95/98, NT and Windows 2000.

As long as you are logged in as the system Administrator CD premastering software like Nero will work flawless. But when you are logged in as an ordinary user you will get a massage like this:
"Under Windows NT4/2000 burn rights are required by Nero to access cd recorders and cd-rom/dvd-rom drives. Please ask your system administrator for a permission to use Nero."
You get this message because Windows 2000 and Windows XP do not grant access to low level drivers for users without administrative rights
To solve this.

1. Go to Start, Settings and then Control Panel.
2. Click on Administrative Tools and then Local Security Policy.
3. Navigate to Security Settings, Local Policies, Security Options and then to Restrict CD-ROM access to locally logged-on user only.
   (Under Windows XP you should navigate to Device: Restrict CD-ROM access to locally logged-on user only.)
   Right click and then on Security... to open.
4. Click Enabled and then OK.

This will also increase your security but have consequences if users try to access a shared CD-ROM on your computer.
See Microsoft KB article Prompted for CD-ROM When You Run System File Checker While Correct CD-ROM Is in Drive (Q263499).

If you don't want to change your Security Settings, Ahead Software has made a tool that will help you grant access to low level drivers for users without administrative rights. Thus making it possible for them to burn CDs with Nero. Download Nero BurnRights from here.

Works with Windows 2000 and XP.

When you install your new DVD player you will find that it's still represented by the same old icon as your old CD player and even worse, it's also labeled Compact Disk.
To change the Drive Name or Icon (e.g. on your DVD drive). Start the Registry Editor (go to Start, Run and type Regedt32). Find the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer. If the key doesn't exist add the new sub-key DriveIcons. Create a new sub-key D (D representing the drive letter of the drive you want to modify). Under the drive letter create the new sub-key DefaultIcon and set the REG_SZ string value to equal the fully qualified name of the icon file.
To change the drive description e.g. in Explorer, under the drive letter (D in this example) create the new sub-key DefaultLabel and set the REG_SZ string value to whatever name you want the drive to appear as in Explorer (e.g. DVD Disk).
After you're done you should have two registry keys looking like this:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Explorer\DriveIcons\D\ DefaultIcon and:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Explorer\DriveIcons\D\ DefaultLabel

Restart your system for this change to take effect.

Windows all versions. NOTE: "DefaultLabel" value only works with Windows 2000 and higher.

Windows 2000 provides an environment to run older programs, Win95 or NT4 programs, that experience issues with Windows 2000 in Compatibility-Mode. Compatibility-Mode more closely reflects the behavior of either Windows 95 or Windows NT4.
Compatibility-Mode is installed with Windows 2000 Service Pack 2 but is not enabled by default. To enable Compatibility-Mode:

1. Log on as Administrator.
2. Click Start, and then Run.
3. In the Open box type the following:
   regsvr32 %systemroot%\apppatch\slayerui.dll
4. Click OK.

Now you can right-click on a shortcut, then on Properties and then on the Compatibility tab. (This tab will only appear if the Compatibility-Mode Interface has been properly enabled on the computer). Select either Windows 95 or Windows NT4 in the drop-down box.

NOTE: Be vary careful if you use Compatibility-Mode to bypass version warnings in Setup or installation programs. Some software are designed for specific operating systems and can have the potential to cause serious problems if installed.

Windows 2000 only.

The Device Manager normally only display the Plug and Play units that presently are installed. A not connected USB unit for example or an external modem that is not turned on is not visible at all. Even if you choose "Show Hidden Devices" this behavior will not change. If this is activated installed "Non Plug and Play" devices will be displayed but not Plug and Play devices that are not presently connected. This behavior can be changed.

1. Log on as Administrator.
2. Click Start, Settings, Control Panel, and then System.
3. Click on the Advanced tab and then on Environment Variables...
4. Add a new System Variable to the lower pane. The variable name should be devmgr_show_nonpresent_devices with the value 1.
5. Click OK.

These devices will now be displayed grayed out but only when "Show Hidden Devices" is checked.

Restart your computer for this change to take affect.

Windows 2000 and XP.

If you find the various pop-up warnings that appear in balloons above the system tray annoying you can easily turn them off.

Start the Registry Editor (go to Start, Run and type Regedt32). Find the key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced and add the DWORD value EnableBalloonTips. To turn of Balloon Tips the value should be set to 0.
To turn on Balloon Tips set the value to 1.

Windows XP only.

The first several times you start Windows XP. you'll get various pop-up warnings that appear in balloons above the system tray. You'll se one that says, in part, You need a Passport to use Windows XP Internet communication features... and to access .NET-enabled services on the Internet. Don't be fooled by this in to believing that you must set up a Passport account in order to use the Internet.
Dismiss the pop-up by clicking the X-icon at its top right. If you click anywhere else, you'll start the process of creating a Passport account.

As with other Windows systems there is also a way to do this by editing the Registry.
Start the Registry Editor (go to Start, Run and type Regedt32). Find the key HKEY_CURRENT_USER\Software\Microsoft\MessengerService and find the binary value PassportBalloon. Double-click it, delete the old value and enter 0A.
The value should now be 0A 00 00 00.
On a multi-user computer you will probably want to do this for each account.

Windows XP keeps a count in the Registry of how many times the Passport balloon has been displayed and it stops after you have logged on to your account ten times. The Registry hack above stops it by setting the counter to ten.

Windows XP only.

Every time you open a document via a network -from a resource without a drive letter- Windows will automatically create a short cut to that document in My Network Places. If you open a lot of document this way the list in My Network Places soon becomes cluttered and confusing. This makes this function less useful.

To turn of this function start the Registry Editor (go to Start, Run and type Regedt32). Find the key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer and add the DWORD value NoRecentDocsNetHood. Set the value to 1.
To turn on the function set the value to 0.

Windows XP/2000/ME.

If you install multiple network cards (NICs) in a computer running Windows 2000 Professional there is no really convenient way to enable routing. Yet, if you want the computers on the different networks to be able to talk to each other you need to enable routing on the computer where the multiple network cards are installed.
Both Windows NT Workstation and Server offer convenient dialog boxes (under the Network/Protocols/Routing tab and tick "Enable IP Forwarding") to enable routing and so does Windows 2000 Server.

Windows 2000 Professional is different, though. To enable routing in Windows 2000 Professional you need to use Regedt32 and find the key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
and select IPEnableRouter. To enable IP routing for all network connections installed on this computer, assign a value of 1.
To do this, click on the value IPEnableRouter, go to the Menu, click on Edit, and then click on DWORD.

In Windows 95/98/Me the Registry Key is:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VxD\MSTCP
and select EnableRouting and assign a value of 1.

You need to reboot your computer for this change to take effect.

NOTE: Routing between networks using a software router (e.g. a computer running Win95/98/Me/NT4/2000) only works when routing Ethernet networks or Ethernet - USB networks. To route a 802.11b Wireless network you must use an Access Point with a router.

When you right click on a file in Explorer and use the function "Open With…" the check box "Always use this program to open this type of file" often is automatically checked, thus making it easy to accidentally change a file association.
With a simple Registry hack you can make sure that you always have to check this yourself, should you like to do such a change. Use Regedt32 and find the key:
HKEY_CLASSES_ROOT\Unknown\shell\openas\command. Under that key is a string that looks like this:
%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Open the value and add %2 preceded by a space, as the last entry in the string:
%SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 %2

Works with Windows 95/98, NT and Windows 2000.

If you press shift when you right click on a file in NT Explorer you get an extra alternative on the right click menu, "Open With…". If you like to have this alternative every time you right click on a file in NT Explorer you can add this option by editing your Registry.
The easiest way to achieve this is to open NOTEPAD and write the following lines and save the file with the ending .reg.

Works with Windows 95/98, NT and Windows 2000.

There is a significant privacy problem with Internet Explorer because of a design flaw in the Windows Media Player (WMP).
By using Javascript code on a Web page, a Web site can grab the unique ID number of the Windows Media Player on your computer. This ID number can then be used just like a cookie by Web sites to track you on the Web.

This ID number becomes a SuperCookie because it can be used by Web sites to bypass all of your browsers privacy settings.

If you have patched your system according to this Microsoft security bulletin: http://www.microsoft.com/technet/security/bulletin/MS01-029.asp and turned off the WMP option "Allow Internet sites to uniquely identify your player" (under View, Options and the Advanced tab in Windows Media player) you should not be vulnerable. To find out if you are vulnerable click here.

You can read more about it here.

Windows all versions with Windows Media Player installed.

An extra security precaution is to clear the virtual memory pagefile on system shut down, so that no one with access to the hard drive can use it to search for information.

1. Go to Start, Settings and then Control Panel.
2. Click on Administrative Tools and then Local Security Policy.
3. Navigate to Security Settings, Local Policies, Security Options and then to Clear virtual memory pagefile when system shuts down. Right click and then on Security... to open.
4. Click Enabled and then OK.

Note: One side effect on a system with a very large pagefile is that system shut down will take longer. This is because the shutdown process must physically write to each page in the pagefile to clear the page.

Windows 2000 and Windows XP.

Windows 2000 and XP still come with the POSIX subsystem. The POSIX allows the use of Unix commands. By disabling POSIX you prevent hackers from using Unix commands against your system.

To disable POSIX.

1. Use Regedt32 and find the key:
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems.
2. Click on the multistring called Optional in the right hand pane. Delete the value POSIX and leave the space empty (don't delete the Optional multistring).
3. Then click on the POSIX multistring in the same pane. It will point to a file in your Windows System32 folder called Psxss.exe. Using Windows Explorer delete or rename the file Psxss.exe then use Regedt32 to delete the POSIX multistring.

Note: One side effect on a system with a very large pagefile is that system shut down will take longer. This is because the shutdown process must physically write to each page in the pagefile to clear the page.

Windows 2000 and Windows XP.

The Dump file or the DrWatson32 log file may be helpful when diagnosing a system crash, but like the swap file they can also present a security risk, storing a lot of sensitive, unencrypted data.

To prevent Windows from creating the Dump File:

1. Go to Start, Settings and then Control Panel.
2. In the Control Panel click on System and then the Advanced Tab.
3. Click on the Settings button on the Startup and Recovery pane. Set the drop-down menu under Write debugging information to (none).

To disable DrWatson and to prevent it from creating the DrWatson32.log file:

1. Use Regedt32 and find the key:
   HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\AeDebug.
2. Set the Auto string to 0.
3. Then use Windows Explorer and go to Document and Settings\All Users\Shared Documents\DrWatson\. DeleteUser.dmp and DrWatson32.log.

Windows 2000 and Windows XP.

Many hacker attacks derive from so called "null-session attacks". In short, a null-session attack means that the hacker logs on anonymously and have access to all of that groups user rights. This is possible with the NetBios protocol. The hacker then lists usernames and workgroups or tries to find the name for the administrator account should that have been renamed. One way to increase security is to add a value to the Registry Key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa.
This value should be: RestrictAnonymous and should be of the type: REG_DWORD and the value set to: 1.
Adding this value to the Registry Key will prevent some of the information leakage but not all.

Works with Windows NT4 service pack 3 or higher.

Note: With Windows 2000 and XP Microsoft has already added the value to that key but it is set to 0 by default. To increase your security you should change this value to 1. If you have only Windows 2000 in your network and therefore don't need to worry about legacy support you can disable NetBios over TCP/IP totally. You do so under "Advanced TCP/IP Settings" and under the WINS tab, choose "Disable NetBios over TCP/IP". Found under "Network and Dial-Up connections" in the Control Panel. This will further increase your network's security.

Windows NT4, Windows 2000 and XP.
You can read more here about how to change the Local Security Policy to completely disable "null-sessions" here.

In the event of a program crash with Microsoft Internet Explorer version 5 and 6, Office XP and also Windows XP the user have the option to send debugging information to Microsoft. In theory this sound like a smart function which should help Microsoft create more stable software. However, users sending these reports should be aware that sensitive or personal information may be sent to Microsoft along with debugging information. The relevant dialog box does not make it obvious that the contents of the document being edited may be sent along with information about the program crash.

Users or corporate IT staff may wish to turn of this function. The U.S. Department of Energy's Computer Incident Advisory Capability office (CIAC) has released an excellent security bulletin. At their site you can learn how and also download scripts that does the job of disabling this function in IExplorer and Office XP for you. Read it and learn how here.

To disable this function in Windows XP itself go to Start, Control Panel and then System in System Properties open the Advanced tab and then to Error Reporting click Disable Error Reporting. Click OK twice.
Or you can make the following changes to the registry. Open Regedit and find the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting. Change the DoReport Value Name, a REG_DWORD data type, and set the data value to 0 to disable sending.

Have you ever printed a web page only to find that the right-hand edge is missing? This is for you. First, this download page will install the control. If you have blocked installation of ActiveX controls you need to temporarily allow installation of ActiveX controls. After installation, close the browser window and reopen a new one. You should have a new printer icon with a small 'W' next to it on the toolbar, if you don't, right click on the toolbar and choose customize and find the icon in the left pane. When you have the icon on the toolbar, press this to bring up a print dialog which will then print the page fitted to the width of your paper. Alternatively, hold down the Control key while pressing the button and you will get a print preview instead.

Applies to all versions of Windows with Internet Explorer installed.

By default Internet Explorer limits the number of concurrent downloads to two. This limitation make sense with a modem connection but not so much if you have a broadband connection. If you want to increase the number of concurrent downloads this can easily be achieved through a Registry hack.

Start the Registry Editor (go to Start, Run and type Regedt32). Find the key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings. Create a new REG_DWORD value of MaxConnectionsPerServer then create yet another REG_DWORD value of MaxConnectionsPe