If your software garbles this newsletter, read this issue at WindowsSecrets.com.
 | YOUR NEWSLETTER PREFERENCES Change Delivery address: sekhargreen@gmail.com Alternate address: Locale: India 713215 Reader number: 41838-13269 |
|
| Windows Secrets Newsletter • Issue 188 • 2009-03-12 • Circulation: over 400,000 |
| AD
|
| Table of contents TOP STORY: Downgrade Vista to XP in seven easy steps INSIDER TRICKS: Microsoft flubs a way to disable AutoRun in XP KNOWN ISSUES: Readers dubious of suites, want to mix and match WACKY WEB WEEK: Hell hath no fury like a lunchbox scorned LANGALIST PLUS: Sorting out Windows setup-disc mixups PC TUNE-UP: New rating service verifies sites in real time PATCH WATCH: Service packs undo vital XP, Server 2003 patches |
| You're receiving only our free content. Use the following link to upgrade and get our paid content immediately: |
| ADS
|
| TOP STORY Downgrade Vista to XP in seven easy steps  By Scott Dunn Windows 7's arrival is just a few months away, but many people aren't waiting and just want to replace Vista's newness — some say weirdness — with the familiarity of XP. If you long for the good old days of XP and still have your install CD, this step-by-step guide will help you revert to Vista's predecessor. These days, you have to work to find a new computer that comes with XP installed. Many PC users who upgraded their XP systems to Vista are disappointed with the newer OS's performance and other problems. In either case, as long as you have an XP installation CD, you can kiss Vista good-bye. "Downgrading" from Vista to XP is not as difficult as you may think, but it does entail some time-consuming operations. Many online sources claim to offer techniques for reinstalling XP without having to reformat your hard disk. Based on my research, however, deleting the Vista partition and installing XP in its place is arguably the easiest approach. Moreover, this method ensures a clean install that is uncontaminated by Vista leftovers. (Note: In certain cases, you may be able to undo an XP-to-Vista upgrade, even without an XP installation CD, by following the instructions in Microsoft article 933168. The article takes a command-line approach to the XP restoration, and also requires that you have a windows.old folder on your root drive.) Make a pot of coffee and a new, clean XP machine With your XP installation CD and your application discs in hand (and maybe a cup o' Joe), you're ready to begin: Step 1. Back up your data. Unfortunately, you can't restore in XP a backup that you created using Vista's Backup and Restore Center. That means you have to either back up your data files manually or use a third-party backup tool that works in both XP and Vista. One such program is 2BrightSparks' SyncBack (more info), which is available in free and paid versions. Don't bother backing up your applications; you'll need to reinstall them from their installation CDs after XP is back in place. Do back up the folders that your portable apps use to store their data. The portable apps themselves won't need to be reinstalled, but you'll have to restore their data files from the backup. Managing portable apps is discussed in the Oct. 18, 2007, Top Story, "Free software on USB enables portable computing." Step 2. If necessary, configure your BIOS to boot your computer from a CD, if one is present. Insert your XP installation disk and reboot. Step 3. When XP setup loads, follow the on-screen prompts to accept the license agreement and continue installing XP. When you get to the screen prompting you for the partition on which to install XP, select the one containing Vista and press D to delete the partition. You'll need to press Enter and then L to confirm that you want to delete all data and software on the partition. Step 4. Once you've returned to the partitioning screen, select the unpartitioned space that used to be Vista. You may see that this space has been selected for you automatically. Next, press C to create a partition. Specify the desired partition size, or press Enter to accept the default allotment, which is the maximum possible partition. (Simply pressing Enter instead of C also creates a new partition of the default size.) Step 5. If you're still seeing the partition screen, make sure the desired partition is selected and press Enter. Choose the option that formats the disk as NTFS and press Enter again. Step 6. Follow the prompts on-screen to continue the XP installation. Step 7. Reinstall your applications and restore your data from your backup. That's all there is to it. If you ever change your mind, you can always insert your Vista DVD and upgrade from XP to Vista all over again.
| ||||||||||||||
| INSIDER TRICKS Microsoft flubs a way to disable AutoRun in XP  By Susan Bradley Microsoft's instructions for disabling AutoRun in Windows XP, which I referred to last week, pointed to an incorrect Registry key. It's easy to find the correct key, however, and understanding this Registry tweak can give you fine-grained control over the kinds of external media that AutoRun is allowed to work on. Last week's Top Story covered Microsoft's delay in releasing an AutoRun patch for Windows XP and Server 2003. Many people want to disable AutoRun entirely, because when it runs the autorun.inf file that's often found on CDs, USB drives, and other removable media, your machine can silently become infected. Prior to the patch, Microsoft's official method for disabling AutoRun could be circumvented by hackers. Unfortunately, Microsoft's Knowledge Base article about disabling AutoRun included some misinformation. The document specified a location in the Registry that can be used to disable AutoRun, but the location exists only in Vista. The key is in a different branch of the Registry in XP. To clarify the process of configuring XP's AutoRun settings, I've created a Web page with screenshots to help explain the steps once and for all. Most security patches take effect as soon as you install them. The patches for AutoRun, by contrast, merely enable you to disable AutoRun in a way that hackers can't get around. After installing the AutoRun update, you need to reset a Registry key to actually disable AutoRun. The setting you choose will be based on how much you trust the USB flash drives and other removable media you might use. First off, unless you use Microsoft's free TweakUI or a similar third-party utility, the Registry key that controls AutoRun in Vista is under HKEY_LOCAL_MACHINE; in XP it's under HKEY_CURRENT_USER. In other words, the key in XP that you need to navigate to in the Registry Editor is as follows: HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer The instructions to disable AutoRun in last week's article worked fine in Vista Home and Vista Business, where the Registry key is where Microsoft said. The instructions also worked in XP Professional, which includes the Group Policy Editor and automatically operates on the correct branch of the Registry. The errant key location in the steps affected only users of XP Home, which doesn't come with the Group Policy Editor. XP Home requires manual editing of the Registry key via the Regedit utility. Disabling AutoRun, of course, means you won't get automatic loading of content, such as camera-conversion software. You'll need to remember (and teach others who use your PC) to use Windows Explorer or your favorite file manager to start any software that may exist on removable media. If every USB flash drives you touch is guaranteed to be free from viruses, you may decide not to disable AutoRun. But you probably can't guarantee such a thing. It's likely that you'll want to change this setting on the computers of friends and relatives. On these systems, the preferred AutoRun setting depends on which types of external media you want to block. You can block or allow some or all types of AutoRun functions. Instructions for doing so at the Annoyances.org site describe (in technical language) how you can configure AutoRun by adding up decimal values. For example, let's say you want to disable AutoRun for everything but CD-ROMs. To block the other media types, according to Microsoft's cryptic documentation, you'd add 1 for unknown media, 4 for removable drives (such as USB drives), 8 for fixed drives, 16 for network drives, 64 for RAM drives, and 128 for other drives of unknown types. Add all of those decimal values together and enter the result — 221 — in the Decimal box of the NoDriveTypeAutorun Registry key. To install the AutoRun patch, which is described in Microsoft Knowledge Base article 967715, without having to validate your computer via Windows Genuine Advantage, you can use the update described in KB article 953252 instead. This patch is exactly the same, except that you can install it without the WGA checkup. Windows 7 won't let you postpone updates In a column on Feb. 5, WS contributing editor Woody Leonhard explained a crucial flaw in the forthcoming Windows 7's User Account Control (UAC) function. Hacker code could defeat UAC in the beta of Win7, a fact amply demonstrated by blogger Long Zheng and many others besides Woody. Microsoft initially refused to change the settings, forcing Long to make his concerns public. A few days later, Redmond changed course, announcing it would fix the problem, as Woody reported in a special news update on Feb. 11. The situation with the weird shutdown logic of Windows 7 isn't security-related, but is just an important to many of us. When an issue like this comes up, I wish every bug tester had the ability to muster public support the way Long did. I recall many times when Microsoft has shut down any discussion of bugs by simply labeling them "by design." Microsoft has already closed at least one bug ticket on the shutdown behavior in exactly this way: calling it "by design." I disagree with Microsoft's decision, and I think you will, too. Here's the problem: when you set Windows 7's update settings to Download but do not install, the new OS behaves much differently than the same settings in XP and Vista. If I happen to be in a situation where I don't have time to install patches, the shutdown buttons in XP and Vista currently let me turn the machine off without installing patches. (See Figure 1.)  Figure 1. Windows XP lets you shut down without installing updates. Even Windows Server 2008 allows you to shut down the computer and choose to patch at a later time. (See Figure 2.)  Figure 2. Windows Server 2008 gives you the same selective shutdown. In build 7000 of the Windows 7 beta, however, there's no option on the shutdown button to quit without installing the updates. You see only a button for the normal shutdown process, which applies the patches before the machine powers off. (See Figure 3.)  Figure 3. Windows 7's shutdown options don't include the no-update alternative. I was caught off guard and found that patches were being installed as the system shut down. I had to turn the system back on to confirm that this is what had happened; it was caused by the lack of an "install patches later" choice. Workaround for a no-update Windows 7 shutdown Here's the secret: the only way to shut down Win7 without installing patches is to press Ctrl+Alt+Del and then click the up-arrow by the red shutdown button. This allows the system to shut down without installing patches. (See Figure 4.)  Figure 4. The only way to shut down Windows 7 without applying patches is via Ctrl+Alt+Delete. I'm aware that build 7000 is only a beta of Win7 and not a release candidate. I honestly don't know whether this behavior will be included in the final version. If it is, though, I consider it to be a bad design decision that will give many Windows 7 users an unsatisfactory patching experience. I'm not the only Win7 beta tester with concerns about the way Microsoft is passing over bugs in its zeal to get the product out the door. Don't get me wrong: I like Windows 7 and think you'll like it as well, once you see it in action. However, I'm concerned that a squeaky wheel is what it takes these days to goad Microsoft into making some required alterations. I hope I'm wrong and that Win7's lack of this important shutdown option will get fixed.
| ||||||||||||||
| KNOWN ISSUES Readers dubious of suites, want to mix and match  By Dennis O'Reilly The tremendous response to our request for your opinion on the best approach to securing your PC gives us much to ponder as we prepare the next Security Baseline update. Many readers feel that security suites stink, and best-of-breed is the only way to go — but, unfortunately, what's "best" for one PC can be disastrous for another. Last week's Known Issues column presented responses to Ryan Russell's Feb. 26 Top Story on the WS Security Baseline. We asked you to chime in on your security-software preferences. Your opinions on the subject could easily fill an entire newsletter — in fact, multiple newsletters. The responses were many and varied, but most people agreed on two points: The first is that individual antivirus, anti-spyware, firewall, and other specialty apps are preferable to such all-in-one security suites as Symantec's Norton Internet Security 2009. (Ryan's article had pointed out that NIS 2009 is the top choice of PC World, PCMag.com, Maximum Software, and other reviewers. But not everyone concurs.) The second is that a security solution that works great on one PC or network may flop miserably on another. Reader Mary Smith-Markell puts it this way:
| |||||||||||||||
| WACKY WEB WEEK Hell hath no fury like a lunchbox scorned
|
| ADS
|
| PERMALINKS Use these permalinks to share info with friends We love it when you include the links shown below in e-mails to your friends. This is better than forwarding your copy of our e-mail newsletter. (When our newsletter is forwarded, some recipients click "report as spam," and corporate filters start blocking our e-mails.) The following link includes all articles this week: http://WindowsSecrets.com/comp/090312 Free content posted on Mar. 12, 2009:
You get all of the following in our paid content:
Thanks in advance for your support! |
| YOUR SUBSCRIPTION The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets resulted from the merger of several publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008. Publisher: WindowsSecrets.com LLC, Attn: #120 Editor, 1700 7th Ave., Suite 116, Seattle, WA 98101-1323 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine). Editorial Director: Brian Livingston. Senior Editor: Ian Richards. Editor-at-Large: Fred Langa. Technical Editor: Dennis O'Reilly. Program Director: Tony Johnston. Program Manager: Ryan Biesemeyer. Web Developer: Damian Wadley. Editorial Assistant: Katy Abby. Copyeditor: Roberta Scholz. Contributing Editors: Susan Bradley, Scott Dunn, Mark Joseph Edwards, Stuart J. Johnston, Woody Leonhard, Ryan Russell, Becky Waring. Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com LLC. All other marks are the trademarks or service marks of their respective owners. YOUR SUBSCRIPTION PREFERENCES (change your preferences): Delivery address: sekhargreen@gmail.com Alternate address: Country: India ZIP or postal code: 713215 Reader number: 41838-13269 Bounce count: 0 Your bounce count is the number of times your server has bounced a newsletter back to us since the last time you visited your preferences page. We cannot send newsletters to you after your bounce count reaches 3, due to ISP policies. If your bounce count is higher than 0 or blank, please visit your preferences page. This automatically resets your bounce count to 0. To change your preferences: Please visit your preferences page. To access all past issues: Please visit our past issues page. To upgrade your free subscription to paid: Please visit our upgrade page. To resend a missed newsletter to yourself: If your mail server filtered out a newsletter, you can resend the current week's issue to yourself. To do so, visit your preferences page and use the Resend link. To get subscription help by e-mail (fastest method): Visit our contact page. Subscription help by facsimile: 206-282-6312 (fax). Emergency subscription help by phone: 206-282-2536 (24 hours). HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page. WE GUARANTEE YOUR PRIVACY: 1. We will never sell, rent, or give away your address to any outside party, ever. 2. We will never send you any unrequested e-mail, besides newsletter updates. 3. All unsubscribe requests are honored immediately, period. Privacy policy HOW TO UNSUBSCRIBE: To unsubscribe sekhargreen@gmail.com from the Windows Secrets Newsletter,
|
