NBR Vista Tips and Tweaks Guide

Thanks McGrady.

How can I do it?

 

Right click>Properties>compatibility tab>run as admin

 

Do you have vista SP1? NOD32 should auto-start when your system boots with admin rights.

 

Yep Calvin,

Vista SP1 up to date.

I've hear even if you are the "Admin" in windows vista you don't have truly Admin privileges.

Is that true?

McGrady: I clicked on the NOD32 icon, right button but is pops out to the main window.

 

When you're an admin on vista you have full admin powers, but those are limited, only the system has system access and can do whatever it wants. Do you have UAC on?

 

Yes Calvin, the UAC is on.

 

Turn UAC off. That's the culprit for most of the admin related issues in vista.

 

Should I?

Windows says is not recommendable...

 

Yes, you should. Turning it off isn't going to kill your computer, since you have NOD32 and a firewall (If you don't I'll be happy to help you get one, or change your existing) you're fine.

 

Thanks again Calvin for all your help.

How can I disable that annoying red icon with a cross in the middle when the computer turns on?

Rep +1

Edit: me and my d*** typos

 

Double click on the icon. Select you don't want to be notified anymore and it goes away.

edit: My bad for not mentioning. You need to click on Change the way Windows notifies you on the left side of the window pane. Then you select don't notify me anymore.

 

Remove that Annoying Security Center Notification!!

Sometimes I take for granted that things will work themselves out when they occur as should be the response to Vista 's Security Center alerts. For example, if you turn off UAC in the tweak above, you will continually get security balloon tip warnings that display the 'Red Armour X' with a balloon warning. I am surprised to learn that many leave it on and are alerted continually because they aren't sure of how to turn it off.

Well, for all those who fall into this category, your gonna chuckle at the simplicity of it. But first, a bit of a background if I may...

Security is placed in Vista to ensure that your system is as protected as it can be. It not only gives you an idea of what to do to protect your system and keep it protected, but it alerts you if something is not working.

It monitors your antivirus program, firewall, automatic updating, spyware, internet security settings as well as UAC. If I left mine on, I would be getting alerts every 2 seconds as I am tweaked and have many of these systems adjusted.

If you are computer savvy and want to rid yourself of this annoying 'Coat of Armor' and its balloon tips, just do the following:

1. Double click on the Armour icon in your system panel to go into Security Center;
2. On the left, click on 'Change the way Security Center Alerts me'; and
3. Choose to either have the icon remain and get rid of the balloon alerts or to remove the icon and not be alerted.

You can always change back or check it later if you would like by going into Control Panel/Security Center and modifying your options.

 

Great explanation Calvin.

Keep up with the good work, great forum member.

 

Hey Calvin and others....

Can anybody recommend me a good free software to split and merge pdf files ?

Thanks

 

You're welcome, I'm here to help.

 

Calvin, Calvin, Calvin. Did you even BOTHER to explain to him what happens if you turn off UAC, with all the data that programs have been saving in the ProgramData folders?

To the OP you should NOT turn off UAC. Doing so removes one of the major security improvements in Vista and will also cause you to loose any saved games, program configuration files and other things that applications used to store in the C:\Program Files directory.

There are other ways to grant privileges to apps that need elevated access to the system. Turning off UAC is a blanket solution removing one entire layer of security on your system.

You do NOT need to turn of UAC to get NOD32 to run!!

Gary

 

Look Gary, I'm not willing to have a debate on whether UAC is useful or not, but if he experiences problems (which I'm 99.99% sure he won't) then he can always switch it back on. Any app that used to run with UAC can run just fine with it off.

You call it "one of the major security improvements in Vista" but i find it to be a big pain in the neck, he has NOD32 and (i presume) a firewall so he's fine. If he wants something similar to UAC (but better) he can install D+ of Comodo or TF.

I don't give advise that harms people, but by all means if my views are flawed give me valid scientific data of why UAC should be left on and why he should look for other ways to give NOD32 admin privileges when he has a solution right now.

 

So which is it? You are not willing to have the debate or you want data as to why it should be left on? How's this for data, despite what you think, you do NOT know more about operating systems than the folks who wrote Vista. Do you REALLY think that a firewall and an anti virus package replace the protections of UAC? If you do you really do know a LOT less about the OS than you think. Ever hear of the security concept of a layered defense? UAC is one of the layers. Does Comodo or TF replace that layer? UAC is there to protect from zero day threats. You do know what those are right? For years folks railed at Microsoft for producing a OS that assumed admin rights for anything and everything that ran while a user was logged on. Then they fix it, and so called "experts" think it is a pain in the neck and tell everyone who has any sort of admin privilege issue, "Oh just turn it off. It's a pain in the neck. You don't need it." Instead of helping folks figure out WHY their app is having admin rights issues, the answer is aw just let everything on your machine run with admin rights.

Do me a favor, go to a Linux forum and suggest that it is ok for a user to stay logged in as an admin all the time. Tell me how long it takes before they laugh you off the forum. Turning off UAC is EXACTLY the same thing.

If you INSIST on telling people to turn off security features of the OS at least have the decency to also explain to them about the virtualization of the program files directory so they know what to do when their saved games and program settings suddenly disappear.

Most of the time your advice to folks here is spot on. You do a lot of good. But in this case you are just flat out wrong. Sorry.

Gary

 

I think Gary may be right on this one.
I`ve done some reading onto what the UAC does and it`s better to just hit 1-2 more clicks and be safe than to just start clicking and by accident doing something else or exposing your system.

 

Gary is becoming a bit Crusty and Cal, well he should have just recommended the tweak be read as it is written. We are spending lots of space to argue points that we have all discussed prior and agreed upon a "detailed written caveat" to be included with the tweak. This same thing just happened with turning pagefile off yesterday.

Folks we have already hammered out the fineprint.

As far as UAC, it is the most useless piece of security ever imagined and should be turned off as soon as a reinstall is done or, if nothing can be lost as detailed in the tweak. A Microsoft representative has even conceded this was created to do nothing but annoy the Vista user.

SAN FRANCISCO--A Microsoft manager has said that one of the security features in Vista was deliberately designed to "annoy users" to put pressure on third-party software makers to make their applications more secure.

Its a really DUMB security function, just as taking away administrator priviledges was. We now treat the consumer like they aren't capable of using their mind whereas they were just a few MS OS's back.

Its like owning a car that will not let you speed and buckles up for you every time you get in and senses an up coming turn so it puts the signal on for you. That same car warns you that someone is too close and so on and so on...lots of great safety precautions but it leaves the operator incapable of enjoying the true vehicle he/she just bought.

 

Les, sorry but you could not be more wrong. It is absolutely STUPID to run a machine in a mode that allows EVERYTHING to run as Administrator. Go back and read the quote from the Microsoft guy again. The point is that third party software, with few exceptions, should not need Admin rights. His point is NOT that it was designed to annoy the users, the point was to force developers to change their ways. You and many other folks have seized on the wrong words in his message. You have siezed on ones that fit YOUR point not his.

Please tell me WHY you would want every web page you visit to have Admin rights to your machine? Because that is PRECISELY what happens if you run with full admin rights and no UAC. UAC gives YOU that ability to have admin rights without having to also elevate the rights of every single stinking piece of code that somehow runs on your machine. Please explain to me how DUMB that is, cause man I sure as hell don't see it.

I'll repeat two questions to you that I directed to Calvin. Have you ever heard of zero day exploits? No anti virus app is 100% perfect. By refusing admin rights to a piece of code without the explicit OK from the user, UAC presents another layer of defense against these exploits.

The second question is how long would it take you to get laughed off a Linux forum if you went there and suggested that folks should run their Linux OS with full admin rights all the time.

In closing, I have presented a case for why UAC is NOT a dumb idea. I have yet to see a concrete case for why it is. I am still waiting to hear why the concept of UAC is dumb. Look I am not saying UAC is perfect, I have issues with its implementation. I would very much like to see the ability for me to tell UAC to grant rights to a particular app at my direction and remember that fact.

The OP that Calvin told to "just turn of UAC" was looking for a solution to an issue with NOD32. He was not looking to be told to open up a entire layer of security.

Call me crusty if you want. I am sick and tired of seeing so called "experts" telling folks to use a shotgun approach to swatting a small fly, with a shotgun that leaves their machines vulnerable to zero day exploits.

Gary

 

Comodo D+ and/or TF prevent zero day exploits, but just so you know, NOD32 also protects from zero day exploits, read their website. Your generalization is STUPID if you don't know what SOFTWARE can do. UAC is SOFTWARE so is WINDOWS. I probably would have given him a difference solution if he DIDN'T have NOD32 but since he HAS it this is the best solution. Also, why don't YOU make a thread in OUR Linux forum here and ask about admin privileges, WE'RE talking about WINDOWS so i see no NEED in WASTING my time doing that.

 

I am NOT the one suggesting that it is a good idea for folks to run their machines in a mode where every piece of code, no matter where it comes from, is given full admin rights to the entire machine.

That suggestion would be laughable, if it weren't for the fact that many folks see your rep level and assume that like most of the VERY GOOD advice you give folks here, that this particular piece is good too. It's not. Like I said if you said the same thing in a linux forum you would be laughed out in minutes if not seconds.

There are other ways to grant admin rights to specific apps without having to open up the entire machine.

Tell me, do either Comodo or TF monitor code that is executing to see if they are about to access portions of the system that ought to be protected? Explain to me how a firewall does anything like that.

Gary

 

Gary, if you find my advise so bad then why don't you tell him another way to have NOD32 work perfectly fine? I personally don't care if you like or hate UAC, i gave him a solution to his problem in a matter of minutes but you choose to have a debate with me.

If you really think my suggestion is so bad ask him if he wants to keep UAC and give him an alternative suggestion that still keeps UAC active.

I'm just here to help others, if you want to help then go right ahead, but if you don't then please don't waste my time.

 

Thanks for your explanations Calvin, Les and Scuderia (Gary).

Debate is always good, but in a respectfully manner.

Now I disabled the AUC, and scanned a file and doesn't show me that admin thing.

Thanks for your advices, looking forward for more on this thread.

Cheers.

 

Calvin,

Let me make this perfectly clear. I do NOT find your advice bad. On the contrary. 99.9% of the time I think you give excellent advice. It is ONLY this point on which we disagree. OK?

I don't use NOD32 so I can't give him any first hand advice, but I did some checking and found this:

http://www.wilderssecurity.com/showpost.php?p=944155&postcount=15

But on a more generic level there is this:
http://blogs.techrepublic.com.com/window-on-windows/?p=616

and this:

http://blogs.techrepublic.com.com/window-on-windows/?p=635

or this:

http://www.vista4beginners.com/Disable-UAC-for-certain-applications

or this:

http://www.neowin.net/forum/lofiversion/index.php/t610419.html

These last three are links about the same method.

None of these require dropping UAC and the extra level of protection. I did a quick check on the NOD32 forums and there are many folks there who say that the problem that the OP has does NOT show up on their machines. Some of these reference NOD32 version 3. So maybe it has been fixed. Again I don't use NOD32, so I can't say. But I am at least willing to help find a solution that does not involve exposing the machine to possible vectors of infection or worse.

Once again Calvin, I want to be perfectly clear. I do NOT think you give bad advice. I only thing your advice on UAC is bad. Please, I truly want you to understand that!

Gary

 

Interesting Debate.... Users will learn more and all the misconception against Vista will be no more soon, I hope...

*Most of the Advices given by Calvin to me are GREAT, It is proven.
"Not Just For the GEEKS But For ALL"

 

I understand you don't think my advice is bad Gary, I'm just asking you to provide good sources of information to help the OP like the links you gave, instead of debate with me.

I'm here to help people and since i only want to give the best advice i ask of you to correct me not because i find it to be a challenge, but because i find it to be a good chance to learn something new.

 

Good! I just wanted to make sure you understood. And I too am here to learn as much as I can. I found out about the "Application Compatability Toolkit" in another thread here. It is a great way, although a bit convoluted, to grant Admin privs to a specific app. While leaving all the rest of UAC in place.

But since my post I did some more reading on NOD32. The issue of UAC popups ONLY seems to appear when using a right click context menu to scan a single file. It is a "bug" in the way the NOD32 folks implemented that item. Apparently, if you use their app INSTEAD of the context menu the issue does not exist. It also seems like they migh have fixed it in version 3, but I am reading betweem the lines a bit on that.

Gary

 

All you need to use is Task Scheduler.

 

Flippin' awesome... amazing thread. Got my startup from 4 minutes out of the box down to 45 seconds and shutdown from 2 minutes down to 20 seconds... They should ship all vista machines with this thread in bold letters on the desktop!

 

Nice compliment South Beach Guy! Tx!

 

Les you might wanna add this to the tweaks guide.

http://forum.notebookreview.com/showthread.php?t=244656

feel free to do so in your own words

 

Actually I was the first one to ask Les about adding vsp1cln.exe to this guide.
http://forum.notebookreview.com/showthread.php?p=3004661#post3004661


But I was too early back then, that he wants to wait....Les, it's time now~

 

No worries... I really need to get a cool sig like some of ya's out there!

 

Click the GraphX linky next to my Sig...they are awesome.

 

I'm hoping that Les, or someone, could help me...

I've been through the first post, and seen a difference in both the old HP laptop and the new one (dv2700, T5450 Core Duo, 3 GB RAM, Vista Home Premium). I'm having some trouble with EasyCleaner though...

EasyCleaner 2.0 worked flawlessly in the old laptop (XP SP2). On the new one, I've downloaded, installed and run the program with "Run as administrator" and with UAC disabled. No matter what I do, the program starts, finds about 182,000 kb of "unnecessary files" and then Vista declares that the program has stopped running (I'll try to post a picture of the window - thanks to Snipping Tool from Les ) even though it appears to be running just fine until that point. I've stopped all other running programs, including NIS 2008, Sidebar, wireless, etc.

Any thoughts? It made such a difference on the XP machine that I hate to give up on the Vista if I can get it to work! Thanks a lot,

 

One simple solution, unistall this program and install Ccleaner instead.

 

ice, did you install it while UAC was on? If so, you may need to turn it back on, uninstall it, and then install with UAC off. Toggling it on/off causes problems as UAC on, installs some files in virtual layers (if I understand it correctly), and your computer cannot access those layers with UAC off.

 

most of the needed tweaks i have had done before reading this post, but some were very helpful, especially one about Shadow Copies. Freed 7Gb of my harddrive space!!! Thank you!

 

Coolguy-I have uninstalled the program at this point. I've already run CCleaner, which did help. But when I started EasyCleaner, it found a lot of files that CCleaner didn't touch. Maybe files that were better left untouched? I'm not sure...

Meetloaf-I've tried it in every combination that I could think of, including installing the program w/UAC off. I'll try again right now just to make sure...

I appreciate you guys making suggestions very much. Any other thoughts? Thanks again,

 

I ran all of these tweaks when I first got my notebook and I got myself a boot time of about 45 seconds in Vista x64 which I was happy but not thrilled with. Now, though, after having had a good month with my m1330 (loooove it), I find that my boot time has gone up significantly to a good portion over a minute. This is distressing to me and I would really like to lower it. I have even been following the maintenance instructions probably bi-weekly and still it has not kept the boot time down. What factors wear at the boot time?

Too many programs installed? Using sleep instead of rebooting too often? Too many songs, pictures, videos? I really would love if I could have a 45 second boot time while still maintaining the amount of software and media that I have on my computer. Is there any way to find the thing that is really limiting the notebook from having a fast start-up?

 

None of the things you mentioned in the second paragraph will affect the boot time. The ONLY thhing that does is a change to the list of files that are loaded at boot time, or an update to one of those files. If you have updated any drivers or other items that load at boot time you might want to defrag your bootfiles again. See my signature line below. Make sure you read the instructions CAREFULLY and do EXACTLY as they say. Be patient and under no circumstances should you interrupt the process until it finishes. NO EXCEPTIONS!!!!

Gary

 

Boot time anywhere between 45 secs - 1.15 mins is considered normal with vista. There is nothing to get distessed about this.

 

Gary, the same two processes (defrag.exe, defragntfs.exe) are running with the built in vista defrag tool. So what's special about your command line app?

 

Did you read the message in the link? The batch file, tricks Vista into thinking it is idle. This causes Vista to run a task that only runs when the machine is idle. The task analyzes the data Vista collects about the sequence of the files it uses during boot up. That task creates a file with this sequence info. The batch file then issues the defrag command with parameters to tell it to defrag the boot files using this sequence info.

Most folks with laptops never really let the machine stay idle long enough for this to automatically happen. My batch just triggers the process manually.

Gary

 

nm


Thanks for great tweaks!

 

How often do you run this? And does it harm anything if it does not complete? You use CAPS on the instructions, so that typically means pay attention, but is it harmful in anyway?

 

If you interrupt it, it may cause your machine to be UN-BOOTABLE! So yep, it can cause some real harm, but only if you interrupt it.

I only run this after I have updated or added something to my boot sequence. If I get a new driver, or add an app that loads soemthing at boot time I re run it. Once the bootfiles are defragmented, since they are not written to, there is no need to defrag them again until something is changed, or like I said you add something new that runs at boot time.

Gary

 

Thanks - actually I forgot to readjust my sleep mode and the laptop went to sleep is seems while that window was still up. I woke it up and then that window disappeared. All worked well - but I did it again the next day to be sure. It did seem to help overall.