Category: Tips

Tip of the day: Take charge of AutoPlay

When you insert removable media (such as a CD or a flash memory card) into a drive, or when you attach a removable drive to your computer using a USB or Firewire connection, Windows XP checks its AutoPlay settings to see what to do next. That can be annoying if Windows decides to do something other than what you prefer. Fortunately, the fix is easy.

For permanently attached devices that hold removable media, such as a CD/DVD drive or a flash card reader, you can make changes any time, regardless of whether any media is in the drive. Open My Computer and right-click the drive icon under the Devices with Removable Storage category. Click Properties, and then click the AutoPlay tab.

Autoplay_settings

Each time you insert a CD or other media type, Windows analyzes its content and uses the AutoPlay setting for that type of content. (If it can’t figure out what the content is, it uses the generic “mixed content” setting.) You’ll need to define the action for each type of content. You might want a DVD movie to play in one program, for example, and use a completely different program to automatically begin ripping tracks to your hard drive whenever you insert a music CD. (Third-party programs can add themselves to the AutoPlay menu with their own specific actions.)

If you prefer to decide what to do with each new CD, DVD, or flash card on a case-by-case basis, you have two choices:

  • For each type of content, select the Prompt me each time to choose an action option and then click Apply. With this setting in place, you’ll see a dialog box listing all defined actions for that type of content. You can pick one or click Cancel.
  • For each type of content, select Take no action from the list of available options and then click Apply. This setting tells Windows to do absolutely nothing when it detects a new CD or other media containing the specified content type.

AutoPlay settings apply to removable drives as well, including USB and Firewire hard drives and music players that appear as hard drives. You must attach the device and right-click its icon to set AutoPlay options for it,

Tip of the day: Troubleshoot programs that start automatically

Windows XP includes a System Configuration Utility, Msconfig.exe, which is incredibly valuable and often misused. It allows you to see most of the programs that run at startup and selectively disable programs for troubleshooting purposes. To start the System Configuration Utility, type msconfig in the Run dialog box and press Enter.

The Startup tab of the System Configuration Utility is intended for use as a troubleshooting tool (it’s not intended to be a full-time startup manager). By clicking Disable All, you can clear every check box in the list, preventing Windows from starting any programs automatically at startup; then, through an iterative process of restoring one or two programs at a time to the list, you can restart programs and see which one is causing a particular problem.

Msconfig
[Click to see a larger image]

To test whether it’s safe to remove a single program from the list of those that start automatically with Windows, clear the check box to the left of the program’s name on the System Configuration Utility’s Startup tab and restart your computer. After verifying that your system works properly without that program starting automatically, you can safely reconfigure the program so it doesn’t start automatically.

If you’re experiencing problems that start immediately after you start your computer, troubleshoot by clicking the Disable All button to clear every program from the list. Restart and see if the problem goes away. If it does, add a handful of programs and restart (I recommend that you add no more than five at a time). When the problem resurfaces, you can focus your attention on the last batch of programs you added.

Should you use Msconfig as a startup manager? I strongly recommend against it. This tool was designed for troubleshooting, not for everyday use. You’re much better off removing auto-starting programs manually, using one of these methods:

  • Look first for an option in the program itself. Most programs that start automatically allow you to change this behavior by clearing a check box in an Options or Preferences dialog box. It might take some digging around, but this is always the preferred option.
  • Remove the program shortcut from the Startup folder. Be sure to look in the Startup folder for your profile and the corresponding folder in the All Users profile. This option won’t work if the auto-start option is set in the registry. You can move the shortcut to another location if you think you might want to restore it later.
  • As a last resort, edit the registry manually. This technique is messy, risky, and not always successful; some particularly persistent programs will restore the startup values in the registry the next time you run the program.

Easiest of all, use a third-party tool like Mike Lin’s excellent (and free) Startup Control Panel or Autoruns from Sysinternals. Both allow you to temporarily or permanently remove an item from the auto-start list. And if you can’t figure out what each item on the list does, look it up at Paul “Pacman” Collins’ most excellent Start-Up Applications page.

Tip of the day: Send a blind copy

Do you want to send a copy of an email message to someone without letting the main recipient know you’re doing so? That’s the primary purpose of the Bcc (blind courtesy copy) field, which is available in any Internet-standard e-mail program. It also comes in handy when you want to send an e-mail message to a group of people without broadcasting the entire list of addresses to every recipient. Use the Bcc field for the addresses of all the persons you want to receive your message. Those addresses do not appear in the headers of any message, thus protecting the privacy of your recipients.

Most mail programs allow you to leave the To: field blank. The lack of a recipient can cause spam filters to tag your message as junk mail, however, so I recommend that you use your own address in the To: field instead.

By default, Outlook Express hides the Bcc field, but you can make it visible with just two clicks. From a new message window, pull down the View menu and choose All Headers. In Thunderbird, click the down arrow to the left of the To: field on any address line to choose the Bcc field. In Microsoft Outlook, the option to show or hide the Bcc field is on the View menu when you create a new message.

Tip of the day: Create an instant System Restore point

Today’s tip is shamelessly stolen from Jerry Honeycutt, author of the definitive Microsoft Windows XP Registry Guide from Microsoft Press:

You can script System Restore to make taking snapshots quicker and easier. Wouldn’t you like to have a script sitting on your desktop that you can run before making changes to the registry? Here’s how to create a script that will create a restore point when you double-click it:

Using Notepad, type the following listing and save it with the file extension .vbs and make sure that you enclose the file name in quotation marks so Notepad doesn’t add the .txt file extension to the name.

    Set SRP = GetObject( "winmgmts:\.\root\default:Systemrestore" )
CSRP = SRP.CreateRestorePoint( "Hacked the registry", 0, 100 )
    



Double-click the script file any time you want to make a snapshot, presumably before opening the Registry Editor to tweak the registry.


Update: If the word “hacked” bothers you, feel free to modify the script. Just change the text within quotes to something more generic, such as “Manually created restore point using script.” 

	


	



			
				


			

			
Tip of the day: Create instant e-mail messages
		
	
	

		
You probably find yourself creating email messages to a handful of people more than others. If so, why not create a shortcut that lets you automatically begin a new message, addressed to that person, with just one mouse click? Right-click any empty space on the desktop, and choose New, Shortcut from the menu. In the Command Line box, type mailto: (be sure to include the trailing colon), and then enter the recipient’s email address. The final result should look like this:


mailto:ed@example.com


Mailto: links were originally designed for use on Web pages, but you can also save them as shortcuts on the desktop, the Start menu, or the Quick Launch bar so they’re more readily available. When you double-click the shortcut, your default mail program opens, with your preset parameters already entered.


To enter multiple recipients in the To: field, separate e-mail addresses with a comma. To add optional fields, follow the final recipient’s name with a question mark and enter the name of the first optional field, followed by an equals sign and the value for that field. Preface each subsequent field with an ampersand (&). The following optional fields are allowed:


    

  • cc=name@example.com
    • 

  • bcc=name@example.com
    • 

  • subject=text
    • 

  • body=text
    • 



If any value contains a space, you’ll need to enclose the entire command in quotation marks. For instance, here’s how to create a shortcut that begins a daily status report addressed to two people, with the subject and body already filled in:


“mailto:ed@example.com,judy@example.com?subject=Status report&Body=No news today.”


After creating the basic message, you can customize it as needed and click Send.

	


	



			
				


			

			
Tip of the day: Drop a file into an open window
		
	
	

		
One of the most efficient ways to open a file is to drag it directly from the desktop or an Explorer window and drop it in a program window that’s already open. By using this technique instead of double-clicking, you control exactly which program opens the file. But what do you do when the program you want to use is minimized or covered up by other windows? Use an expert technique called “drag and hover.”


Click the file you want to open and hold down the mouse button. Drag the file on top of the taskbar button for the program you want to use — but don’t let go of the mouse button yet, or you’ll get an error message! (If the button is grouped to represent multiple windows, wait until the list of available windows appears, and then move the pointer over the window you want to use.) After a brief pause, the program or folder window associated with the taskbar button appears on the screen, above all other windows. Now drag the file icon up to the window and drop it. In some cases you may find that you need to drop the file on the window’s title bar for it to open properly.


In Microsoft Word, for instance, dropping the icon for a Word document into an open document window inserts the content of the new file into the existing file; to open the file in a new window, aim the mouse pointer at the title bar before releasing the button. Likewise, if you drop the icon for a text file into a Word document window, the file is inserted as an embedded object; drop it on the title bar to open the text file for editing in Word.

	


	



			
				


			

			
Tip of the day: Protect yourself from unwanted ActiveX controls
		
	
	

		
WARNING: The following tip contains script code that makes changes to your Windows registry. Although I have tested this script and believe it performs as described, I am not responsible for any damage that may occur to your computer if you choose to download and run this script.


The single biggest security flaw in Internet Explorer is its capability to download and run ActiveX controls. This feature is a double-edged sword. When used properly, ActiveX controls greatly expand the power of Internet Explorer. Unfortunately, the developers of spyware, adware, and other forms of crapware figured out long ago that ActiveX is a great way to sneak unwanted programs onto an unsuspecting user’s computer.


So how do you protect yourself? You could disable ActiveX programs completely. But when you do so, you cut off access to the good along with the bad. A better approach is the one that Carl Siechert and I came up with in Microsoft Windows Security Inside Out: Configure Internet Explorer so that existing ActiveX programs run as expected, but disable the ability to download new controls from any site in the Internet zone (sites in the Restricted zone are always blocked, and sites that you specifically place in the Trusted Sites zone are unaffected by this change). This configuration change makes it impossible for a Web site to push spyware/adware/crapware onto your machine. The beauty of this technique is that it doesn’t allow you (or an unsophisticated user on your computer) to be fooled into clicking Yes when you should click No. It stops new ActiveX controls cold. 


In the rest of this article, I explain two ways to make this change: one that requires a series of manual steps, a second that runs automatically, using a simple script file. Note that I have only tested this script with Windows XP Service Pack 2. It will probably work with other versions of Windows, but I can’t guarantee it and don’t recommend using the script on any other Windows version. Oh, and this security tip is worth following even if you normally use Firefox as your default browser. Programs like Windows Media Player can call up Internet Explorer when you least expect it. If you’ve blocked unwanted ActiveX installations, they can’t do any damage.


 Continue reading “Tip of the day: Protect yourself from unwanted ActiveX controls” 

	


	



			
				


			

			
Tip of the day: Manage saved passwords
		
	
	

		
Windows XP provides a secure system for storing sensitive data associated with Web pages you visit using Internet Explorer. This data store includes saved user names, passwords, and Web form data you “remember” using the AutoComplete feature in Internet Explorer. Occasionally, people ask me where this data is stored, assuming (logically) that it has to be saved somewhere and that these saved passwords could represent a security risk.


Here’s the good news: The Protected Storage service, which runs as part of the Local Security Administration subsystem (Lsass.exe) manages this data store. This data is encrypted using your logon credentials and is stored in a secure portion of the registry. For security reasons, you cannot view the hashed data directly. Instead, Windows allows programs to query for specific data. The Protected Storage service decrypts the data only when it can verify that the request is accompanied by the correct logon credentials – in other words, that whoever is making the request is currently logged on using the same account that was used to store the data.


What happens if you forget a saved password that you use to access a secure Web site? Although you can log on using the saved credentials, you can’t read the password or export it to another program. That’s especially unfortunate if you’re switching to a new PC, because the Files and Settings Transfer Wizard doesn’t migrate saved passwords either.


The solution? Download a copy of the free Protected Storage Explorer. This tool queries the Protected Storage database and dumps its contents into an Explorer-style window that you can use to browse saved passwords for e-mail accounts, FTP servers, Web sites, and other normally hidden locations. You must be logged on to a user account to view saved data for that account. Needless to say, the existence of a tool like this should inspire you to lock your computer when you step away from your desk.


[Some of the material in this tip originally appeared in Windows XP Inside Out, Second Edition.]

	


	



			
				


			

			
Tip of the day: Log out in a hurry
		
	
	

		
Think of this as the 21st Century equivalent of the “boss key.” When you hear footsteps and you want to clear the contents of the screen right now, hold down the Windows logo key and tap L. In Windows XP, that shortcut takes you to the logon screen if you have Fast User Switching enabled. If you log on to a Windows domain server on a corporate network, or if you’ve disabled Fast User Switching, or if you’re using Windows 2000, the Windows logo+L shortcut locks the computer, displaying a logon dialog box that doesn’t go away until you enter your password.

	


	



			
				


			

			
Debunking yet another bogus Windows tip
		
	
	

		
Updated 25-May-2005: Finally! Some authoritative input on this issue! Ryan Myers, a developer on Microsoft’s Windows Client Performance Team, wrote a very informative blog post, “Misinformation and the Prefetch Flag,” that clears up several of these issues. I’ve revised some remarks below in accordance with his entry.


In today’s tip of the day, I warned about following advice from so-called Windows experts who don’t really know their stuff. Case in point: the thousands of Web sites that pass along the bogus advice to clean out your Prefetch folder. (No! Don’t do it!)


A commenter who read that tip asked a great question:




What do you think about adding /prefetch:1 to shortcuts? Does it make any difference? I’ve read on several forums to use the switch for quicker application launches but I haven’t really noticed any increase in speed.




I’d never heard of this tweak, so I did a Google search for prefetch switch program shortcuts and found more than 10,000 Web pages that advise making this speedup tweak. In the rest of this post, I explain why they’re all wrong.


 Continue reading “Debunking yet another bogus Windows tip”