Enable Registry Editor, Task Manager and Folder Options

Many of us see that when a virus infects our system, the first thing it does is Disable Registry Editor, Task Manager and Folder Options. As soon as you see these option disabled you have to know your system is infected.

If you press Ctrl+Alt+Del you ll get a dialog box saying "Task manager has been disabled by your Administrator" and the same thing comes up when you try to edit registry using regedit.

It is irritating that, you cannot remove this problem by going to registry and you cannot see the Folder options also so you will not be able to delete the hidden files.

Now to first enable the Task manager

--- Go to Start menu --> Run and type gpedit.msc and press enter

--- Now in the left pane select

User Configuration --> Administrative Templates --> System --> Ctrl+Alt+Delete options

--- In the right pane double click on Remove task manager and disable it and press Apply and then OK.

You got back your Task manager

The process to get back regedit is similar

--- Go to Start menu --> Run and type gpedit.msc and press enter

--- Now in the left pane select User Configuration --> Administrative Templates --> System

--- In the right pane double click on "Prevent access to registry editing tools"

--- Disable this option

Now your registry editor is back.

To get the Folder options

--- Go to gpedit as given earlier.

--- Then to

User Configuration --> Administrative Templates --> Windows Component --> Windows Explorer

--- In the right pane look for "Removes the Folder Options menu item from the Tools menu"

--- Double click on it then disable it to get folder options back.

There are alternate methods for getting these settings back which I will give in the next post.

Remove regsvr.exe Virus

The regsvr.exe is most common virus for people who deal with transferring files across PC's using their Pen drives or USB drives. These are the main sources from where this virus travels. Most of the anti virus softwares should detect this virus and delete it but if your system gets infected for some reason get ready to clean it manually.

regsvr.exe virus first creates entries in the startup folders so that it will execute at every startup. It also creates entries in scheduled tasks so as to execute at a specific time and date. And finally it creates autorun.inf files in the root of all the drives, which prevent you from opening these drives.

Here are the steps to get this resvr.exe virus out of your computer.

--- If the virus disables your task manager and registry then you should consider the tips given here to get them back.

--- After that you need to get rid of the autorun.inf file. This file will be hidden so follow these tips here to delete these files.

--- Now type msconfig in start menu --> Run and press enter and uncheck the option that says regsvr. Press ok and dont restart yet.

--- Now go to ControlPanel --> Scheduled tasks and delete the entry At1 which is created by the virus.

--- Now go to registry editor by typing regedit in run dialog box and then to find menu in regedit and search for regsvr.exe and delete all entries except one that say "Explorer.exe regsvr.exe". You need to edit this entry to only remove the regsvr.exe part and leave the other part as it is.

--- Now search your entire system for regsvr.exe and delete any entries you find. Make sure you search within Hidden files & system files also.

--- Reboot your system for the changes to take effect and the virus is gone without any traces.

Microsoft Office to go online — for free

It’s too early to say Microsoft has checkmated Google in online documents – the latest version of Office hasn’t shipped yet. But the sleeping giant in Redmond has clearly woken up to the Internet threat.

Get this: Microsoft – the king of paid software – will announce today that it is going to give a version of Office away for free online. Both the online and desktop versions are scheduled to arrive in the first half of next year. Yes, you read that right. The latest version of its ubiquitous productivity software, dubbed Office 2010, will come as both a piece of software you can buy for your computer, and as a service you can access in your browser. [UPDATE: Microsoft says it will support the Firefox and Safari browsers as well as IE.]

For free. From Microsoft.

One could argue that the software giant is late to the giveaway party. Folks like Google, Zoho and SlideShare have been offering free equivalents to Word, Excel and PowerPoint for years. Unlike those companies however, Microsoft already has a very profitable $20 billion business selling desktop versions of its Office software. It would have been foolish to jump into the free game too hastily and watch that business evaporate overnight.

And that’s what makes this bold move to the web either the dumbest thing the company has ever done, or a stroke of genius. If Microsoft gets this wrong, it will cannibalize its own Office business, and investors will howl. If it gets this right, Microsoft will crush Google, Zoho, and all the other rivals who are nibbling away at Office’s dominance.

My hunch is that this is a stroke of genius from Microsoft. Why? Earlier this year when I talked to Chris Capossela, the executive who manages Office, he had clearly thought hard about how to do this right.

Capossela told me that Microsoft has studied it closely, and Office Web Applications, the free, ad-supported version of Word, Excel and PowerPoint, will probably appeal to tightwads who weren’t going to buy a copy of Office anyway. This way, rather than force those folks into Google’s arms, Microsoft can hook them into its online world and tempt them with its latest technology.

And Microsoft can also tempt them to upgrade. Office Web Applications will work better if you actually purchase Office 2010. Users with the latest Office software will be able to more easily share documents and keep each other’s changes in sync. Add in the fact that the paid version of Office will come with a brilliant feature that lets Office buyers broadcast their PowerPoint presentations over the web (like Cisco’s WebEx), and the Microsoft’s online giveaway looks less like an oops, and more like an upsell.

Microsoft Morro - Free Antivirus

How to Reset / Recover Forgotten Windows NT / 2000 / XP / 2003 Administrator Password?

Disclaimer: Following information should be used only if its your system and you have forgotten account password. Don't use this information to access a system which is not yours without permission.

Many times we face this problem when we or our friends forget Windows XPpassword and can't log into Windows. So here we are posting a few methods / utilities which can be used to recover Windows password:

1st Method:

The first thing which you check if you forget login password. When we install Windows, it automatically creates an account "Administrator" and sets its password to blank. So if you have forget your user account password then try this:

Start system and when you see Windows Welcome screen / Login screen, press++ keys twice and it'll show Classic Login box. Now type "Administrator" (without quotes) in Username and leave Password field blank. Now press Enter and you should be able to log in Windows.

Now you can reset your account password from "Control Panel -> User Accounts".

Same thing can be done using Safe Mode. In Safe Mode Windows will show this in-built Administrator account in Login screen.

2nd Method:

Windows XP and further versions also provide another method to recover forgotten password by using "Reset Disk". If you created a Password Reset Disk in past, you can use that disk to reset the password. To know more about it, please visit following links:

How to create and use a password reset disk for a computer in a domain in Windows XP

How to Log On to Windows XP If You Forget Your Password or Your Password Expires

3rd Method:

If the above mentioned tricks don't work, then try following trick which is actually a loophole in Windows XP Setup and a big security hole:

A. Boot using Windows XP Setup CD and follow the instruction like Accepting EULA, etc.

B. When it asks to repair your existing Windows installation, accept it and press "R" to run the repair.

C. Setup will start repairing your Windows and will start copying files, etc.

D. After a few minutes setup will restart your system and when it restarts don't press any key when it shows "Press any key to continue..." otherwise Setup will start from the beginning. Don't press any key and setup will resume where it left.

E. Now it'll start doing other tasks and will show a small progressbar with a few details in left side.

F. Look carefully at the details and when it shows "Installing devices", press+F10 keys in your keyboard.

G. It'll open a Command Prompt window. Now type nusrmgr.cpl and press.

H. It'll open the same "User Accounts" window which you see in Control Panel.

I. Now you can remove or reset any account password without any problem.

4th Method:

There are many 3rd party utilities which claim to recover forgotten Windows password:

Windows Geeks Lost Forgotten Password Service:

Windows Geeks have a program that works instantly to remove any lost or forgotten password. With this program you can get back in very quickly:

Windows Geeks Lost Forgotten Password Service

Emergency Boot CD:

EBCD is a bootable CD, intended for system recovery in the case of software or hardware faults. It is able to create backup copies of normally working system and restore system to saved state. It contains the best system software ever created, properly compiled and configured for the maximum efficient use.

You may download image builder utility which creates image of bootable CD-ROM (.ISO file), plus basic set of system tools. When the image is ready, write it to CD-R or CD-RW, and then everytime you'll need convenient and powerful system tools they'll be just at hand.

It is easy to customize the disk for your needs. You can include to CD any program you like, or remake the structure of CD completely. All you need is to change a few lines in configuration XML files.

Download Link

Offline NT Password & Registry Editor:

This is a utility to reset the password of any user that has a valid (local) accounton your NT system. You do not need to know the old password to set a new one. It works offline, that is, you have to shutdown your computer and boot off a floppydisk or CD. It'll detect and offer to unlock locked or disabled out user accounts. It is also an almost fully functional registry editor.

Download Link

Windows XP Login Recovery:

Login Recovery is a service to reveal user names and recover passwords for Windows NT, 2000, XP, 2003 and Vista. As long as you have physical access to the computer, your passwords can be recovered.

Download Link

Ultimate Boot CD (UBCD): [Thanks to Rakesh for recommending]

Ultimate Boot CD runs independently of any operating system. It will boot from any Intel-compatible machine, regardless of whether DOS/Windows/Linux/BeOS is installed on the machine. However, you do need an operating system and a ISO-capable CD writer software to create the Ultimate Boot CD from the downloaded ISO image file.

Download Link

5th Method:

If all fails, then simply reinstall Windows and create new accounts. To recover lost data, you can use Data recovery tools available on net but the chances will be very low to get data back.

That's all we can suggest. If you have any other method / tool, feel free to post here.

Windows Vista Training

ERP at the Speed of Light

Without the right strategy and tools in place, accelerating your ERP implementation carries a number of risks that, left unchecked, will erode the benefits of ERP and lead to higher TCO. Those risks include, but are not limited to:

Abbreviated end user training

Lack of change management

Over-engineering of business processes

To learn how you can sidestep these pitfalls and enjoy faster time-to-benefit (TTB),

Download Full Text Here

10 security threats to watch out for in 2009

We’re well into the new year now, and we’re beginning to see trends emerging on the security front. Some of the threats we'll see this year will be similar to those in years past (after all, many of the basic con games now being perpetuated online were around long before the advent of computers and the Internet). However, attackers are becoming more sophisticated in their methods to circumvent the increased levels of security built into operating systems and applications. Here are 10 security threats that are likely to become more prominent in 2009

--------------------------------------------------------------------------------------------------

1. Social networking as an avenue of attack

Social networking has experienced a boom in popularity over the last few years. It's now finding its way from the home into the workplace and up the generational ladder from the young folks into the mainstream. It’s a great way to stay in touch in a mobile society, and it can be a good tool for making business contacts and disseminating information to groups. However, popular social networking sites have been the target of attacks and scammers. Many people let their hair down when posting on these sites and share much more personal data (and even company data) than they should.

Think you’ll solve the problem just by blocking social networking sites on your company network? Not so fast. As Steve Riley pointed out in his recent talk on attack progressions at the 2009 MVP Summit, today’s young professionals are growing up with social networking, and they expect to have it available to them at work just as older employees expect to be able to use their office telephones for reasonable, limited personal calls. In addition, you lose the business benefits of social networking if you shut it down completely. After all, companies didn’t shut down e-mail because it could present a security threat. A better approach is to educate your workers about social networking practices and develop policies governing social media use.

2. More attacks on the integrity of the data

Another point Steve made in his presentation is that “First they came for bandwidth; now they want to make a difference.” In the past, many attackers were looking for a free ride on your Internet connection (for example, by connecting to your wireless network and using it to access the Web, send e-mail, etc.). Then the nature of attacks progressed. Instead of the network being the target, it was the data. The next step was stealing data, but step after that is even more insidious: the malicious modification of data (making a difference).

This can result in catastrophic consequences: personal, financial, or even physical. If a hacker changed the information in a message to your spouse, it could harm your marriage. If the change were to a message to your boss, you might lose your job. Changing information on a reputable Web site regarding a company’s financial state could cause its stock prices to drop. A change to electronic medication orders on a hospital network could result in a patient’s death.

3. Attacks on mobile devices

Laptop computers have presented a known security risk for many years. Today, we are more mobile than ever, carrying important data around with us not just when we go on business trips but every day, everywhere we go, on smart phones that are really just small handheld computers. These devices have important business and personal e-mail, text messages, documents, contact information and personal information stored on them. Many of them have 8 or 16 GB of internal storage and you can add another 32 GB on a micro SD card. That’s much more storage space than the typical desktop computer had in the 1990s.

People lose their phones all the time, but many of these devices aren’t configured to require a password to start the system, the data on them isn’t encrypted, and very few protective measures have been taken. They are security disasters waiting to happen. Businesses should develop policies regarding the storage of company information on smartphones and require encryption of data on internal storage and on flash cards, strong passwords, use of phones that can be remotely wiped when lost, etc. Of course, you don’t have to lose the phone to have its data stolen. Attention should also be paid to the potential for attacks using Bluetooth and Wi-fi.

4. Virtualization

Virtualized environments are becoming commonplace in the business world. Server consolidation is a popular use of virtualization technologies. Desktop virtualization, application virtualization, presentation virtualization -- all of these provide ways to save money, save space, and increase convenience for users and IT administrators alike. If it’s properly deployed, virtualization can even increase security -- but that’s a big “if.” Virtualization makes security more complicated because it introduces another layer that must be secured. In essence, you now have to worry about two attack surfaces: the virtual machine and the physical machine on which it runs. And when you have multiple VMs running on a hypervisor, a compromise of the hypervisor could compromise all of those machines.

Another virtualization-related threat was demonstrated by the infamous Blue Pill VM rootkit. Hyperjacking is a form of attack by which the attacker installs a rogue hypervisor to take complete control of a server, and VM jumping/Guest hopping exploits hypervisor vulnerabilities to gain access to one host from another.

The easy portability of virtual images also presents a security issue. With modern virtualization technology, VMs can be easily cloned and installed to a different physical machine. The ability to go back to “snapshots” of past images can inadvertently wreak havoc with patch management.

5. Cloud computing

If virtualization was last year’s buzzword, this year it’s all about “the Cloud.” The uncertain economy and tight budgets have companies looking for ways to lower operating costs, and outsourcing e-mail, data storage, application delivery, and more to cloud providers can present some attractive potential savings. Microsoft, IBM, Google, Amazon, and other major companies are investing millions in cloud services.

Cloud advocates envision a day when we’ll all use inexpensive terminals to access our resources that are located someplace “out there.” But when your data is “out there,” how can you be sure that it’s protected from everyone else “out there?” In fact, the biggest obstacle to moving to the cloud, for many companies and individuals, is the security question. IDC recently surveyed 244 IT executives and CIOs about their attitudes toward cloud services, and 74.6% said security is the biggest challenge for the cloud computing model.

Google, a prominent player in the cloud space, is the subject of a recent complaint to the Federal Trade Commission (FTC) by the Electronic Privacy Information Center (EPIC), which seeks a suspension of Google’s cloud computing services until verifiable safeguards are established.

6. More targeted attacks on non-Windows operating systems

Although Windows still has 91% of the desktop OS market, there has been a big push in some quarters to deploy Linux or Macintosh as a supposedly more secure alternative. But are they really? One reason the non-Windows operating systems have enjoyed fewer attacks is the simple fact that the Windows installed base presents a much bigger target for attackers. Just as terrorists prefer to attack large gatherings of people where they can do the most damage, so do hackers prefer to write malware that will spread to the greatest number of computers -- and that means Windows.

However, as other systems get more publicity and become more popular, they also become more attractive to the bad guys. Malware has been becoming less Windows-centric for the last few years; the 2007 Open Office worm, for example, infected Linux and Mac OS X systems as well as Windows. And Charlie Miller, a security researcher who won a recent hacking contest by breaking into a fully patched MacBook in a few seconds, said, “Hacking into Macs is so much easier. You don’t have to jump through hoops and deal with all the anti-exploit mitigations you’d find in Windows.”

Whatever the reality, the perception is that non-Windows operating systems are becoming more popular as Apple steps up its advertising campaign and vendors offer more netbooks preinstalled with Linux. As they become more high profile, look for hackers to spend more time and energy creating attacks that target non-Windows systems.

7. Third-party applications

Microsoft has put tremendous effort into securing the Windows operating system and its popular productivity applications, such as Microsoft Office. Linux and Mac receive regular security updates. As operating systems become more and more secure, attackers will focus less on OS exploits and more on application exploits. The major Web browsers are routinely updated to patch security vulnerabilities.

But the vendors of many third-party applications are less security-aware. This is especially true of freeware applications written by independent developers. These programs, which may not have been written with security in mind to begin with and which do not automatically check for and download security updates, present an opportunity that we can expect attackers to take advantage of.

8. Side effects of green computing

Green computing is all the rage today, and saving energy is certainly a good thing -- but as with beneficial medications, there can be unexpected and unwanted side effects. Recycling computer components, for instance, can expose sensitive data to strangers if you don’t ensure that hard drives have really been wiped cleaning. (Hint: Deleting files or even formatting disks doesn’t guarantee that the data is gone.) On the other hand, such green initiatives as powering down systems that aren’t in use can actually enhance security, since a computer that’s turned off isn’t exposed to the network and isn’t accessible 24/7.

9. IP convergence

Convergence is the name of the game today, and we are seeing a melding of different technologies on the IP network. With our phones, cable TV boxes, Blu-ray players, game consoles, and even our washing machines connected to the network, we’re able to do things we never even imagined a decade ago. But all of those devices on an Internet-connected network present myriad "ways in" for an attacker that didn’t exist when only our computers used IP.

We can only hope that the manufacturers of all these devices put security at the forefront; otherwise, we may see a rash of new malware targeting vulnerabilities in our entertainment devices and household appliances.

10. Overconfidence

Perhaps the greatest threat to the security of our networks, whether at work or at home, is overconfidence in our security solutions. Many home users believe that as long as they have a firewall and antivirus installed, they don’t have to worry about security. Businesses tend to put too much faith in the latest and greatest security solutions. For example, there is an assumption that biometric authentication is infallible and undefeatable -- but it can be compromised in various ways, and when it is, the legitimate user it was meant to protect becomes the victim. If the system shows that your fingerprint was used to log on, you may be presumed guilty, and an investigation might not even be deemed necessary.

Another type of overconfidence is common among home users and in the business environment, especially with small companies. That’s the idea that “We don’t have anything worth hacking into so we don’t need to worry about security.” In today’s interconnected world, neglecting security doesn’t just put you at risk; it also puts others at risk. Your systems could be used as zombies to attack a whole different network.

End users on a business network often think of security as somebody else’s problem and operate on the assumption that the IT department is taking care of them, so they don’t have to do anything about security.

Overconfidence of any type is a dangerous security threat -- but it’s one that you can most easily do something about because it doesn’t require expensive technology or sophisticated technical skills -- just a change in attitude. We all have a responsibility to keep our own systems as secure as possible.

New virus infects ATM , steals money from banks

Moscow: Automatic Teller Machines (ATM) may not be a safe way of transaction anymore as a new software virus has been found out which infects ATMs to steal money from bank accounts of their users. Doctor Web and 'Kaspersky Lab, two major anti-virus software producers have discovered such virus in the networks of several bank ATMs, which is able to collect information from bank cards. This is a malicious program intended to infect and survive in ATMs. It is possible that new software will appear, aimed at illegitimately using banking information and removing funds," an official of the Kaspersky Lab was quoted as saying by RIA Novosti news agency. According to the official, the virus is a Trojan which is able to infect the popular American Diebold brand of ATMs, used in Russia and Ukraine. Judging by the programming code used, there is a high probability that the programmer comes from one of the former Soviet republics. The computer security experts say the number of infected ATMs is minimal but individual bank cardholders will not be able to detect whether an ATM is infected or not. However, banks can run security software to find out if their machines are at risk.

The Conficker Worm

Worried about the Conficker worm striking on April 1st? A few simple steps can protect you. Target: All users of Windows XP and Windows Vista. If you’re worried about the Conficker worm striking on April 1st, don’t be. On April 1st the Conficker worm will simply start taking more steps to protect itself. After that date, machines infected with the “C” variant of the worm may not be able to get security updates or patches from Microsoft and from many other vendors. The creators of the worm will also start using a communications system that is more difficult for security researchers to interrupt. The Conficker worm, sometimes called Downadup or Kido has managed to infect a large number of computers. Specifics are hard to come by, but some researchers estimate that millions of computers have been infected with this threat since January.

What does the Conficker worm do?

We don’t know the purpose of the Conficker worm. Today the worm has created an infrastructure that the creators of the worm can use to remotely install software on infected machines. What will that software do? We don’t know. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites. The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.

How does the worm infect a computer?

The Downadup worm tries to take advantage of a problem with Windows (a vulnerability) called MS08-067 to quietly install itself. Users who automatically receive updates from Microsoft are already protected from this. The worm also tries to spread by copying itself into shared folders on networks and by infecting USB devices such as memory sticks.

Who is at risk?

Users whose computers are not configured to receive patches and updates from Microsoft and who are not running an up to date antivirus product are most at risk. Users who do not have a genuine version of Windows from Microsoft are most at risk since pirated system usually cannot get Microsoft updates and patches.

Advice to Stay Safe from the Downadup Worm:

1. Run a good security suite (we are partial to Norton Internet Security and Norton 360).
2. Keep your computer updated with the latest patches. If you don’t know how to do this, have someone help you set your system to update itself.
3. Don’t use “free” security scans that pop up on many web sites. All too often these are fake, using scare tactics to try to get you to purchase their “full” service. In many cases these are actually infecting you while they run. There is reason to believe that the creators of the Conficker worm are associated with some of these fake security products.
4. Turn off the “autorun” feature that will automatically run programs found on memory sticks and other USB devices.
5. Be smart with your passwords. This includes

1. Change your passwords periodically
2. Use complex passwords – no simple names or words, use special characters and numbers
3. Using a separate, longer password for each site that has sensitive personal information or access to your bank accounts or credit cards.

6. Use a passwords management system such as Identity Safe track your passwords and to fill out forms automatically.

FAQ Q: Am I safe if I don’t go to questionable web sites? A: No. The Conficker worm seeks out computers on the same network. You can be in a coffee shop, an airport or in the office and the worm will quietly try to attach to your computer and run itself. Q: How do I know if I am infected? A: The best way to know if you are infected is to run a good antivirus product. One symptom that may indicate you are infected is finding that your computer is blocked from accessing the web sites of most security companies. Q: Can’t I just run free antivirus software? A: Yes, but free products often aren’t thorough or comprehensive. Worse, the internet is overflowing with fake free security scanners that actually infect your computer. Fake scanners such as “Antivirus 2008” are difficult to identify and have plagued hundreds of thousands of users around the world.

BJP's IT interest to be threat for Microsoft, telcos

Bharatiya Janata Party's (BJP) interest on IT development may prove to be a threat for software companies like Microsoft and top local telecom firms. The opposition party's leader LK Advani has promised to vehemently promote open-source software and internet telephony if the party comes to power in the upcoming elections. The party also plans for the release of one crore laptops with open source software to students, for which it has earmarked Rs.10,000 crore. The party also plans to allow unrestricted internet telephony. Microsoft India spokesman refused to comment on the speculations, as reported by The Economic Times. However, many of the experts feel that this move might not have a major impact on the software giant. "Open source has been there for a long time in the market now. Any promotional thing for open source will not make any significant difference to the major players. Both enjoy a very different kind of market and there is significant demand for both," says Akhilesh Tuteja, Executive Director of consulting firm KPMG. The IT companies in India also witness it to be a boon than a threat. "We believe the policy will help in improving IT industry in India through adoption of open standards and promotion of domestic web hosting industry. We hope other political parties will follow suit," said Sun Microsystem's country director Jaijit Bhattacharya.

10 dumb things you can do to your Cisco router

One of the best ways to sidestep admin problems is to learn from the mistakes of others. David Davis put together this list of missteps and oversights to help minimize Cisco router pitfalls. Download full text Free

Tokenless Two-Factor Authentication: It Finally Adds Up

Securing access to sensitive corporate and customer data is critical. While two-factor authentication is an effective security solution, traditional two-factor systems have been difficult to implement and administer. In this white paper, learn how a two-factor solution that uses out-of-band authentication coupled with real-time fraud alerts can dramatically improve the security of your organization's systems and data. Download Full Text Free

Top 10 changes to security in Windows 7

Microsoft has released a public beta of its next client operating system, Windows 7. Everybody's talking about the interface changes: the new taskbar, omission of the sidebar, a new look for Windows Explorer. Under the hood, there are more changes, including new and improved security features. Let's look at 10 security features that have been changed or added in Windows 7.

1: Action Center

In Vista, security configurations are accessed from the Security Center in Control Panel. In Windows 7, you won't see a Security Center. That's because it's been absorbed into a new Action Center. The Action Center has security configurations as well as options for other administrative tasks, like Backup, Troubleshooting And Diagnostics, and Windows Update. Figure A shows the Action Center.

Figure A

2: Changes to UAC

User Account Control (UAC) was new in Vista, designed to provide better protection from malware. It makes all user accounts run as standard users, even administrator accounts. If you need to do something that requires admin privileges, it asks for permission. And asks. And asks. This in-your-face aspect of UAC has caused numerous complaints and has led some users to turn it off completely, thus exposing themselves to threats.

In Windows 7, UAC is still there, but now you can configure how "vocal" it will be. There are four settings you configure from the UAC settings in the Action Center. You can set UAC to:

• Always notify you when you install software or make any changes to Windows settings (as Vista does now).

• Notify you when programs make changes but not if you make changes to Windows settings (this is now the default).

• Notify you only when programs make changes but turn off Secure Desktop, which dims the desktop while the UAC prompt is displayed. (This is my preferred setting.)

• Never notify you. (This is not recommended.)

You configure these settings with a slider, as shown in Figure B.

Figure B

3: Better BitLocker

I didn't use BitLocker much in Vista. At first, it would encrypt only the operating system drive. That's nice for laptops, but I didn't need it for my desktop because that machine is physically secure. Then Service Pack 1 added the ability to encrypt other drives, and that was nice, but it applied only to fixed hard disks. What I really needed to encrypt were my thumb drives and flash cards and USB drives, since they're removable and portable and more likely to get lost or stolen.

Windows 7 comes through and lets you encrypt removable drives. And it's easy to do. Just open the BitLocker applet in Control Panel, pick the drive you want to encrypt, and click Turn On BitLocker. The removable drives appear in the section called BitLocker To Go. For more details about the BitLocker improvements and step by step screenshots of how to encrypt a drive with BitLocker in Windows 7, see this article. Also note that, as with Vista, BitLocker probably won't be included in the Home editions of Windows 7.

4: DirectAccess

A brand new feature in Windows 7 is DirectAccess, which allows remote users to connect securely to their corporate networks over the Internet without using a VPN. Administrators can apply Group Policy settings and otherwise manage the mobile computers and even update them whenever the mobile machines are connected to the Internet, regardless of whether the user is logged on to the corporate network.

DirectAccess also supports multifactor authentication with smart cards and uses IPv6 over IPsec for encrypting the traffic.

5: Biometric security

Arguably the most secure method of authentication is biometrics, or the use of a fingerprint, retinal scan, DNA, or other unique physiological feature to identify the user. Windows isn't quite at the point of having built-in support for DNA sampling, but it does include built in support for fingerprint readers. Windows has supported the use a fingerprint sensor to log on, and many Vista laptops come with fingerprint sensors. But a third-party program is required to use it. With Windows 7, it's part of the OS.

The Biometric Devices applet in Control Panel (Figure C) lets you configure fingerprint readers (which are the only kind of biometric devices supported).

Figure C

6: AppLocker

Software Restriction Policies are included in XP and Vista and they seemed like a great idea. Administrators can use Group Policy to keep users from running particular programs that might present a security threat. But they've never been used that much because they aren't easy to use.

Windows 7 has improved on the concept with a new feature called AppLocker. AppLocker is also included in Windows Server 2008 R2. It's easier to use and gives administrators more flexibility and control. You can use AppLocker with domain Group Policies or on the local machine with the Local Security Policy snap-in. As you can see in Figure D, AppLocker falls under the Application Control Policies node in the left pane of the snap-in.

Win7 still supports the old Software Restriction Policies, too. Also note that AppLocker may not be available in some editions of Windows 7.

Figure D

7: Windows Filtering Platform (WFP)

Windows Filtering Platform (WFP) is a set of APIs introduced in Vista. In Windows 7, developers can use it to integrate some parts of the Windows Firewall into their own applications. This will allow a third-party program to turn off certain parts of the Windows Firewall selectively if need be.

8: PowerShell v2

Windows 7 comes with PowerShell v2, the command-line interface by which administrators can use cmdlets (small "one liners" that allow you to perform single functions) to manage various settings, including Group Policy security settings. You can put multiple cmdlets together to create scripts. The cmdlet method generally requires fewer steps than using the graphic interface to perform the same task.

Windows 7 also includes the PowerShell Integrated Scripting Environment (ISE) (Figure E), a graphical tool for using PowerShell.

Figure E

9: DNSSec

Windows 7 includes support for DNSSec (Domain Name System Security), which is a group of extensions to the DNS platform that enhance security. With DNSSec, a DNS zone can take advantage of digital signature technology so that you can validate the authenticity of data that's received.

According to the Port 53 Blog on TechNet, the DNS client doesn't perform the DNS validation on its own but is security-aware, so it expects the server to return the results of validation. You can read more about this here.

10: Internet Explorer 8

Windows 7 comes with IE 8, which provides such security enhancements to the Web browser as:

• The SmartScreen filter-- Replaces/expands upon the Phishing Filter in IE 7

• The XSS Filter -- Protects against cross-scripting attacks

• Domain highlighting -- Puts emphasis on the relevant part of the URL so you can more easily determine the real location of the site you're on

• Better security for ActiveX and the ability to install controls on a per-site basis

• Data Execution Prevention (DEP) enabled by default

How to fix printer job queue issues

How many times has it happened that you want to cancel a print job but when you give a command Windows does nothing? In short, neither can you print anything, nor cancel the existing print job. The easiest remedy - restart the PC, but here's a way to do the same without restarting the PC.

1. First and foremost we need to stop the service which is responsible for printing. Hence hold on Win key + R to bring up the Windows Run command. Type in services.msc, press Enter. In Vista simply hit the Start Orb and type in services, click on the option to open up.

2. Now once in the services window click any of the options on the left side, hit P on the keyboard till you come to Print Spooler option. Right-click and click Stop to disable it. You've just stoped your PC from printing anything further, but your printing job has yet to be flushed.

3. For that navigate to C:\Windows\System32\spool\PRINTERS and delete all the contents in the folder. You've now flushed everything from you print job.

4. Back to services, now Right-click and click Restart to enable printing on your PC again.

5. Refresh the print queue. Your problem should have been solved.

There's a great little freeware application called Print Flush 1.3. It's a batch file that does the same thing mentioned here with just a click of the mouse.

Make Office 2007 More Compatible

Microsoft's new Office 2007 formats are much smarter, smaller in size and aren't compatible with older version by default. For compatibility you'd need Microsoft Office 2007 Compatibility Pack. However, you still may have trouble opening your .docx file that has been mailed across. For maximum compatibility save the document in .doc format itself in Word 2007; this goes for other applications in the suite as well. However, it can be a pain to always remember to change the format, so here is a sure shot way to enable this by default in the options.

1. In Word 2007, click the circular Office Button in the upper-left

2. Now press Word Options

3. Click Save on the left.

4. On the right hand side now you'll see Save files in this format

5. From the drop down menu select Word 97-2003 Document (*.doc)

Now all your saves by default will be in .doc format that is unless you are already working on a .docx format. The same process applies for Excel 2007 and PowerPoint 2007.

Make Adobe Reader Remember Last View When Re-Opening files

If you read a lot, especially PDF documents on the computer, don't you wish there was a way to quickly open the page you last closed? Well, apparently there is a way and all it requires is a simple setting to enable it.

1. Open Adobe Reader, click on Edit | Preferences

2. You should be in Documents category, if not then click on it.

3. Click on Restore last view settings when reopening documents.

That's it you are done. Now go to any page, close a PDF document and open it, your last viewed page will be remembered even if you change the location of the document.