Thursday, November 6, 2008

These speedup utilities aren't worth your money [Newsletter Paid Version]

If your software garbles this newsletter, read this issue at

Windows Secrets logo

Windows Secrets Newsletter • Issue 174 • 2008-11-06 • Circulation: over 400,000


Free 'job insecurity' download still available

Brian Livingston By Brian Livingston

This month's free bonus remains ready for you to download, which is a good thing in case you couldn't get to it last week.

For a few hours prior to 10 a.m. Pacific Time on Oct. 30, our subscribers who tried to download the file received the previous month's file instead, due to a single erroneous character that I mistyped in a line of code — mea culpa!
No Job? No Prob!
That glitch was quickly found and fixed, so if you couldn't retrieve the correct file last week, simply visit your preferences page once again, click the Save button, and then use the download link that appears.

Our free bonus — No Job? No Prob! — is a tongue-in-cheek guide for those who suddenly find themselves unemployed. For a limited time, all Windows Secrets subscribers are eligible to download a PDF e-book excerpt with four full chapters free of charge. You may not need it today, but this light-hearted how-to will be nice to have if the economy gives you a bit of a surprise.

All subscribers: Check your prefs page and download your bonuses
Info on the printed book: United States / Canada / Elsewhere

Every few weeks, we license some new content for our subscribers to download at no cost. I hope you enjoy our latest treat. Thanks for your support!

Brian Livingston is editorial director of and co-author of Windows Vista Secrets and 10 other books.

Table of contents


These speedup utilities aren't worth your money

Scott Dunn By Scott Dunn

Can you really get the extra oomph you want for your system just by shelling out a few bucks for a speedup program?

Many effective utilities do exist, but in my testing I found three that I consider to be just a waste of your hard-earned cash.

Dozens of Windows utilities promise to optimize your system's memory, improve your Internet connection speed, and rev up disk-access times to provide an overall performance boost. Some of these benefits can be demonstrated. For example, in a Sept. 11, 2008, Best Software column (paid content), Windows Secrets contributing editor Scott Spanbauer found three Windows cleanup utilities worth recommending: Business Logic's WinCleaner OneClick Professional Clean, Piriform's CCleaner, and PC Pitstop's PC Optimize.

Other programs promise fantastical performance. The makers of System Speedup Wizard and PC Speeduper, two nearly identical programs I tested, claim to include "new 2007 hard-disk optimization technology that allows your computer to read data up to 300% faster from your hard drive."

The Web pages for these products go on to say that each one "optimizes your RAM and configures other settings to speed up your Internet connection and overall computer performance."

To put these and similar claims to the test, I timed how long it took an XP system to perform the following everyday computing tasks:
  • Boot to the Windows login screen
  • Log into Windows
  • Open a large QuickTime movie file
  • Open a large RTF file in WordPad
  • Exit Windows
I then installed each of four speedup utilities for this review, ran each program's optimize routine (if it had one), and timed the tasks again. I restored my test machine to its original configuration between each product test. I ran the tests multiple times for each product and averaged the results.

As shown in Table 1, the tests reveal a few minor speedups, but nothing that the average person is likely to notice. In most cases, the differences were under one second.

Table 1. These utilities provided little or no speed up, and sometimes slowed things down. (Time in seconds, smaller numbers are better.)

Boot to login
Log in to Windows
Open QT movie
Open .rtf in WordPad
Exit Windows
Windows XP (no utility)
PC Speeduper
System Speedup Wizard
SpeedUpMyPC 2009
Windows Performance

Given the small and irregular improvements, it's just as likely that some of the variations were due to random Windows behavior as to any optimizing the products themselves did.

Of course, it's possible that speedup utilities might have a greater effect on older, badly maintained systems than they had on my one-year-old test system. And to be fair, not every program I tested claims to improve the specific tasks I tested for. Rather, these operations were chosen as ones most likely to make a Windows user wait.

Moreover, most of the products I reviewed provide only a general overview of what they do. None of them offers a help file, user manual, or other documentation describing the nitty-gritty of how these programs operate.

SpeedUpMyPC 2009 and Windows Performance are a little better in this regard, providing short descriptions of each setting. However, you have to know where to click. The information isn't available in a searchable Help file. Clicking the Help icon in Windows Performance takes you to a Web page that is more marketing than documentation.

In addition, the programs' customization settings are minimal. You can't tweak the optimization routines in the slightest, although SpeedUpMyPC and Windows Performance let you choose whether to run individual types of scans and cleanings. It's like having a car that lets you turn some of your dashboard accessories on or off but prevents you from adjusting the temperature or the station on the radio. And just forget about peeking under the hood.

At least SpeedUpMyPC lets you uncheck boxes for individual temp files before the program deletes them. However, you can't change the folders and files it considers "junk."

Given these results, I can't recommend any of these programs and, unlike other reviews I've published, I'm not assigning numerical scores.

Two names, two prices, but the same product

Two of the products I tested appear to be entirely identical except for their names. Even their separate Web sites are exactly alike except for the product name and illustration.

The only apparent difference is that System Speedup Wizard requires installation, while PC Speeduper merely requires that you unzip the download files and launch the executable. System Speedup Wizard, at a price of U.S. $20, is also more than twice the cost of PC Speeduper ($9).

Neither program requires much participation on your part. By default, the Enable Speedup box is checked and Speedup Settings are set to High. The only other option is Realtime, but I couldn't find any explanation of the difference between these settings.

The "Run [product name] at Windows Startup" setting is not on by default, but the products need to be running to affect your system. After all, the vendor sites claim the technology "works in the background to optimize applications constantly." Unfortunately, the products themselves don't tell you that.

Not surprisingly, the two programs turned in nearly identical results on my tests, with less than a one-second difference on the boot test and less than a half-second or no difference on the others.

Both programs offer a 14-day trial period, though I don't think either is particularly worth trying.

System optimizer has ease of use but little else

SpeedUpMyPC 2009 — like the other programs covered here — presents a tabbed window to organize its features into Overview, System Scan, Cleanup, Optimization, and Settings. The two main actions you can take in most tabs are scan and optimize. The Cleanup and Optimization tabs have further subdivisions and even sub-subdivisions. This makes the interface cleaner and more accessible, but it also makes it more difficult to find certain features.

Although I could find no Help file per se, some of the program's tabs (such as the Windows subsection of the Optimization tab) provide capsule descriptions of settings after you check the Show tweak descriptions box.

These so-called tweaks are primarily changes to Registry settings. I didn't examine them in detail, but at least one ("Disable paging executive") has been debunked as not very useful by the site XP Myths (scroll to the middle of the long page to find the pertinent information).

The Optimization tab also includes features that are parallel to and, for all practical purposes, duplicate features found elsewhere in Windows — such as CPU Monitor and CPU Booster (see Windows' Task Manager) or Uninstall Manager (see Add or Remove Programs in Windows' Control Panel).

For example, to get the equivalent of the CPU Booster — which lets you change the priority the processor gives to an application — right-click the taskbar, choose Task Manager, click the Processes tab, right-click the desired executable, and choose an option from the Set Priority submenu.

The Startup Manager feature is not found in Windows, but you can get the same features in Mike Lin's free Startup Control Panel utility rather than pay $30 for this tool.

If you want a program that requires only one or two clicks to apply a variety of popular speedup tweaks, SpeedUpMyPC may be worth your money. But if you're on a budget, you'll save some green by sticking to the advice you find in Windows Secrets.

Multifunction speed tweaker offers few answers

Windows Performance claims to optimize, repair, and clean your system. The program's five main divisions are Windows Registry, CPU/Memory/HDD, Network/Internet, Configuration/Appearance, and Startup. Within each of these are checkboxes denoting tasks that streamline your system.

Unfortunately, the array of options doesn't clearly explain what's going on. You can get information on individual settings under the Details column, but the descriptions never amount to more than a few sentences and often assume expertise users may not have.

Also, the upper-right corner lets you turn "Protection" on or off but doesn't tell you what that means. The page listing the product's features suggests this is designed to "eliminate dangerous spyware, block hidden malware from altering your system settings, and repair security vulnerabilities." Gee — all that, and no settings or information on how this works.

For all I know, Windows Performance may do some really valuable things for your PC. But — as with the other products I tested — the program has little impact on daily PC tasks.

Please tell us how useful this article was to you:

1: Poor
2: Fair
3: Good
4: Great
5: Superb
Scott Dunn is associate editor of the Windows Secrets Newsletter. He has been a contributing editor of PC World since 1992 and currently writes for the Here's How section of that magazine.

Table of contents


Sync your Outlook and mobile-phone contacts

Dennis O'Reilly By Dennis O'Reilly

Scott Dunn's Oct. 23 lead story, which described workarounds to help you sync Outlook contacts and calendars with an iPhone, neglected to provide detailed steps for users of BlackBerrys, Windows Mobile, and other devices.

Fortunately, the procedure to merge data with these other phones' address books requires only the sync software that shipped with your mobile device.

For better or worse, Windows dominates desktop computing. Even though the Windows community is currently split between XP and Vista, there's enough commonality between the versions — some would argue too much commonality, others not enough — that we can make general statements that apply to both.

Not so with our mobile phones.

There's no dominant platform for mobile devices. BlackBerrys, Windows Mobile phones, and iPhones all have healthy market shares. That's good for consumers, but it makes it a bit difficult to describe what works on all those devices.

Fortunately, synching your Windows contact list with a BlackBerry or Windows Mobile is a snap. Simply use the software that ships with the respective devices, such as BlackBerry Desktop and ActiveSync (for XP) or Windows Mobile Device Center (for Vista).

A post on the BlackBerry Insight Forums describes the contact-synching process for Research In Motion's phones. Also, troubleshooting tips for BlackBerry sync problems and help with ActiveSync glitches are available at the BlackBerry site, while tips for the Windows Mobile Device Center are posted at

Former Windows Secrets program director Brent Scheffler writes about a technique he used to sync Outlook 2007 contacts with his new T-Mobile G1 phone, which might help users of other devices, too:
  • "Apropos of importing contacts into an iPhone, I recently picked up the new T-Mobile G1 phone and had some difficulties exporting the contacts from my Outlook 2007 into my Gmail contacts.

    "For some reason, not all contacts and data fields made the transition into Gmail. After several attempts, I then remembered that Outlook Express and Windows Mail have much better import/export features than their full-priced Office cousin, Outlook 2007.

    "To import your contacts from Outlook 2007 (should work for previous versions of Outlook as well), use the following steps:

    Step 1: Open Outlook 2007 and export your contacts using Outlook's Import/Export feature. Click File, Import and Export, select Export to a file, choose Comma Separated Values (Windows), click Contacts, and choose a path and file name to save the file to. Exit Outlook 2007.

    Step 2: Now open Outlook Express (XP) or Windows Mail (Vista) and use the programs' Import feature to add the CSV file you just created. In Outlook Express, click File, Import, Other Address Book; and then select Text file (Comma Separated Values). Choose Import and select the CSV file you created in step 1.

    "In Windows Mail, select File, Import, Windows Contacts; click CSV (Comma Separated Values) and choose the CSV file you created in step 1.

    Step 3: Once the contacts have been imported into Outlook Express or Windows Mail, you export the contacts back to a CSV file. Give the new export file a different name so you do not overwrite the original Outlook 2007 contacts CSV file.

    "In Outlook Express, select File, Export, Address Book; choose Text file (Comma Separated Values), click Export, and enter a path and file name to save the contacts to.

    "For Windows Mail, select File, Export, Windows Contacts. Click CSV (Comma Separated Values), choose Export, and select a path and file name to save the contacts to.

    Step 4: To import the contacts into Gmail's contact list, log into your Gmail account and click the Contacts link in the left column. After the page has loaded, click the Import link in the upper right, select the CSV file that you created in Outlook Express or Windows Mail, and click the Import button.

    "Presto! All of your contacts are properly imported and should be synched with your G1 phone in a few minutes."
You'll find more information on troubleshooting Gmail glitches on Google's Help Center page.

If you run Windows on a Mac, you need to patch

In last week's Top Story, Susan Bradley answered a reader's question about whether someone running Microsoft applications on a Macintosh would be affected by the out-of-cycle patch Microsoft released the previous week. Susan answered that this wasn't necessary.

However, the reader's question referred to Microsoft Office and other applications from the company, not Windows. Several readers pointed out that Macs running Windows need the patch as well. The story should have stated that Macs running Microsoft programs other than Windows needn't apply the out-of-cycle patch.

Help people find this article on the Web (explain):


The Known Issues column brings you readers' comments on our recent articles. Dennis O'Reilly is technical editor of

Table of contents


Nothing's lost in this 80s-video translation!

cartoon face By Katy Abby

Music videos have been a significant component of popular culture since the 1980s, providing musicians with another artistic avenue to express their creativity. Production values run the gamut — from bare-bones to extravagant to just-plain bizarre (the same could be said about the '80s as a whole!).

Take a fresh look at this popular 1985 release from A-Ha. Your trip down memory lane won't be quite as you recall it, but only because the literal reworking provides a frame-by-frame — or sketch-by-sketch — account of the action! Play the video

Help people find this article on the Web (explain):


Table of contents


You're reading our paid version

The following sections provide you with content that doesn't appear in the free version of this newsletter. Please don't forward your paid version to others. (Forwarding the e-mail newsletter to people who didn't request it subjects us to spam complaints.) Instead, we'd love you to share the free version of this content by suggesting that people visit this issue's permanent Web address, shown below. A complete index at the bottom of the Web page provides you with hyperlinks to any article you'd like to recommend.

The address of this issue is


XP's 'other' Explorer can be a real CPU hog

Fred Langa By Fred Langa

A bad naming decision by Microsoft means you have two different "Explorers" on your XP system.

Here's what to do when the lesser-known one starts causing trouble.

Explorer executable file drives an XP user nuts

Don Clucas sounded pretty desperate when he wrote:
  • "If I leave my computer on for a day, explorer.exe takes over and all I can do is shut down. It is not iexplore.exe, which I can find, but the other one that I cannot find in the computer.

    "[The file] takes over and nothing else works. It's driving me nuts. I have Googled until exhausted and still no solution. Help!!!"
I understand your frustration, Don. In part, it's because there are two "Explorers" on your Windows XP machine — and everyone else's, too. You see, Microsoft's original plan, way back in the mid-90s, was to create a single "Explorer" that would let you navigate everywhere: your hard drive, the Web, the local dry cleaners, wherever. (Well, maybe not the dry cleaners.)

That plan was partially realized but then derailed by the antitrust actions that prevented Microsoft from encroaching further onto other Web browsers' turf. So, we now have two separate Explorers on our systems: "Internet Explorer" (iexplore.exe), the well-known Web browser that gets all the attention, and the less-well-known "Windows Explorer" (explorer.exe).

Even though you may be less familiar with the name "Windows Explorer," you use the program all the time. Explorer.exe is the component of Windows that provides the desktop, file browser, taskbar, and most of the windows through which we interact with our PCs.

In normal operation, this Explorer starts with Windows and is also one of the very last programs to shut down. From a user's point of view, in many ways explorer.exe is Windows. While the program is reasonably sturdy and fairly well protected from crashes, no software is immune to problems.

Microsoft shored up some of Windows Explorer's remaining soft spots — including the specific problem that you describe, Don — about a year ago in a hotfix that has since been incorporated into Service Pack 3. Knowledge Base article 317751, titled "Explorer.exe Process Uses Many CPU Cycles When Windows Is Idle," describes the problem and the fix.

So the first suggestion is to get your system current via Windows Update, including XP SP3. If you can't or won't use SP3, at least download the hotfix, which is available separately via the link above. Odds are, that patch will solve your Explorer problem.

If the glitch persists after you download and install the hotfix, check to see that you are actually running the file you think you are: there are Trojan versions of explorer.exe floating around that infect your system while masquerading as the real thing.

The correct location for explorer.exe is the main C:\Windows folder. The file's exact size depends on the patches and language packs you've installed, but on all my XP SP3 systems, explorer.exe is 1,010KB (0.98MB) and has a file-creation date of "4/13/2008."

Search your hard drive for any instances of explorer.exe and see where they turn up. To ensure that your search includes system folders and hidden files, click Start, Search. Scroll to More advanced options and check the boxes to Search system folders, Search hidden files and folders, and Search subfolders.

(Don's question refers to XP, but you can check Vista similarly: click Search, and in the Advanced Search area, select Include non-indexed, hidden, and system files.)

If you find an instance of explorer.exe that resides outside the C:\Windows folder, or if the one in that folder is significantly larger than 1MB, your system may be infected with a Trojan.

In that case, scan your PC using antivirus and antispyware tools other than the ones you currently have installed on the machine. (If you have a bogus explorer.exe file on your system, your current tools failed to detect the malware.)

Explorer.exe is so fundamental to Windows' operation that if my system had a compromised version of the file, I'd reinstall Windows, just to make sure the Trojan was well and truly gone.

Recovery Console won't load at startup

Like many careful Windows users, Michael (no last name given) wanted to set up XP's Recovery Console to make it easier to bounce back after encountering a major problem. Unfortunately, he ran into trouble:
  • "I have the Recovery Console (CMDCONS) installed as a startup option, but it won't load now. It gives an error message saying 'Kbdus.dll can't be found.' In researching it, I've learned that apparently the problem is probably an offshoot of having Norton's GoBack on my computer.

    "In order to use CMDCONS, will I have to disable GoBack first? I haven't tried that procedure yet. (Disabling GoBack takes a looooong time to accomplish!)"
You're right, Michael; GoBack is indeed one of at least three likely reasons why you might get that error message. GoBack wants to be your primary recovery tool, and so the program inserts itself deep into the boot process. In doing so, GoBack prevents other low-level tools, such as the Recovery Console, from operating normally.

If you like "black box" solutions to system troubles, giving GoBack total control is a very good thing. If you prefer to have more say over what happens when things go wrong on your PC, GoBack's approach is actually an impediment.

You have to decide for yourself whether it's worth keeping GoBack installed. I don't use GoBack or similar recovery programs on my systems because I prefer to use Windows' Recovery Console and other tools that let me see exactly what's going on and decide how I want to proceed at each step. The choice is up to you.

Keep in mind that you can get the Setup Cannot Load the Keyboard Layout File Kbdus.dll error message even when you're not running GoBack. There are two other common problem areas: one is when all drive letters (A: to Z:) have been assigned to hard-drive partitions, and the other involves problems with access rights.

You'll find the solution to the drive-letter problem covered in KB 239722 and the access rights problem described in KB 246187.

Firewall 'Allow/Deny?' prompt causes confusion

Reader Charles Lam supports a number of other PC users, so their problems become his:
  • "I run a small chain of nonprofit nursing homes in rural communities. I am also a computer enthusiast and provide support to friends and family. While I have hired professional IT support companies for each location, to the best of my knowledge, the full extent of the security they put on the machines is antivirus and your basic $50 consumer router with NAT and stateful packet inspection.

    "I advise all my friends and family to install a personal firewall such as ZoneAlarm and Comodo, but they are always confused by the prompts and end up allowing everything.

    "How might I better secure my nursing homes' IT infrastructure without confusing my nurses, whose computer skills are often as basic as they get? (Preferably, on a dime, because we are a nonprofit nursing home company, and any money we can save goes toward better patient care.)"
I bet everyone reading this newsletter has been annoyed or confused by firewall "Allow/Deny?" dialogs at one time or another, Charles. (I know I have.) And to a novice, these dialogs can be downright intimidating.

One simple, free solution is to use Windows' built-in firewall, which asks no questions in routine operation. The Windows Firewall is nothing fancy, but it works and provides basic insulation from many of the most common online attacks and intrusions.

(Note that the Windows Firewall monitors inbound traffic but doesn't alert you to data being sent from your PC out. To watch for unauthorized attempts to transmit information from your system, you need a bi-directional firewall such as ZoneAlarm or Comodo.)

Your systems are behind routers that somewhat disguise their network locations via network address translation (NAT). If your PCs also have good antivirus and anti-spyware protection, the four-layer defense of the NAT router, Windows Firewall, and antivirus and antispyware tools make the machines reasonably secure for routine use.

If you want to use a firewall other than the one built into Windows, I'd suggest you have your IT hired guns install the firewall program of your choice and then configure each PC to allow all its primary apps to access the Internet without any prompting from the firewall.

That way, the IT person can correctly answer most of the allow/deny access requests. By telling the firewall to remember those initial answers, users won't see those access requests again later.

Another option is to provide some additional basic education for the users. Tell them that if they see an access request from the firewall when they first run a program that they know is okay, it's probably safe to grant access. However, if they get an unexpected access request — such as one that pops up when they didn't just launch a program — then it's safer to deny access and ask for help from a more knowledgeable user.

By the way, I'm assuming your question involved general-use and basic office PCs. To meet federal HIPAA standards, systems storing patient healthcare records may need a higher level of protection — as well as a higher level of user training for safe operation. Fortunately, providing an acceptable level of basic security for general-use PCs is much simpler.

Change your default program for viewing images

Bill Ellis' system has started using the wrong viewer to display GIF files:
  • "If I launch a .jpg file in XP, I get the Windows Picture and Fax Viewer. But if I launch a .gif file, I get the Microsoft Photo Editor, which does not properly show animated GIFs. I'm talking about direct launch by clicking the files. If I drag the .gif file into the Windows Picture and Fax Viewer window, all is well.

    "How can I set the default GIF viewer to the Windows Picture and Fax Viewer?"
It's easy, Bill, but with one catch. The Windows Picture and Fax Viewer has a very non-obvious file name and location: it's contained in the shimgvw.dll file in the C:\Windows\System32 folder. How's that for obscure?

Once you know where the file is located, setting GIFs to open with Windows Picture and Fax Viewer is basically the same as setting any other file association.

An easy way to change the program associated with a specific type of file in XP is to open Windows Explorer and select Tools, Folder Options, File Types. Scroll to .gif in the Registered file types box, and in the Details for GIF extension area, click Change. A new Open With dialog will appear.

Windows Picture and Fax Viewer may already be listed as an Open With option. If it is, select it and check the box for Always use the selected program to open this kind of file. Click OK and you're golden.

If Windows Picture and Fax Viewer isn't listed as an Open With option, click Browse to bring up a more detailed Open With dialog. In the Files of type list at the bottom of this dialog, select All Files.

Navigate to the C:\Windows\System32 folder, select shimgvw.dll, and click Open. You'll now go back to the previous dialog. Check the Always use the selected program box, click OK, and you're done.

While Vista lacks the Windows Picture and Fax Viewer applet, you can still change your default image viewers via Default Programs in the Control Panel. To open Default Programs, press the Windows key, type default programs, and press Enter. Click Associate a file type or protocol with a specific program, scroll to and select .gif, and click the Change program button.

Make your selection from the list that appears, or click Browse and then navigate to and select the executable file for the program you'd like to use to open GIFs. Don't forget to check Always use the selected program to open this kind of file at the bottom of the Open With dialog.

And remember, this same process can be used to change any file associations or Open With dialogs that aren't working the way you want.

Please tell us how useful this article was to you:

1: Poor
2: Fair
3: Good
4: Great
5: Superb
Fred Langa is editor-at-large of the Windows Secrets Newsletter. He was formerly editor of Byte Magazine (1987–91), editorial director of CMP Media (1991–97), and editor of the LangaList e-mail newsletter from its origin in 1997 until its merger with Windows Secrets in November 2006.

Table of contents


Windows' Registry explained in plain English

Ian Richards By Ian "Gizmo" Richards

Most PC users have heard of the Windows Registry yet have no idea what it does.

This article presents in simple terms the purpose of the Registry, how it functions, and how to make basic changes that will optimize your PC's performance.

So, just what is the Registry, anyway?

The easiest way to envision the Registry is to see it as a centralized database containing details about your PC's hardware, software, and users. In reality, the Registry is somewhat more than this, but if you think of it this way, you're on the right track.

The Registry is needed because hardware, software, and user setups vary. PCs can differ in the number and size of hard drives, the amount of memory, the software installed, and hundreds of other ways.

To run efficiently, Windows and other programs need to know the particular setup of the computer they're running on. This information can be found in the Registry, which serves as the centralized repository of information about your PC and is accessible to all the software running on the machine.

Last year, I encountered a domestic equivalent of the Registry when I rented an apartment at a ski resort. The apartment's modern kitchen contained all the usual things you expect to find there: an oven, a refrigerator, pots and pans, cutlery, etc.

But kitchens are like PCs: while superficially alike, they're all different. The cutlery may be kept in diverse locations, the number and type of saucepans varies, the oven works differently, and much more.

Thoughtfully, the owners of this ski apartment had provided me with a complete list of everything in the kitchen, along with a diagram showing the items' physical location. They also provided instructions on how to use each appliance, right down to noting that the oven read 40 degrees too hot.

This "Kitchen Registry" made life much easier for me, because the document contained all I wanted to know about the kitchen in a single location. In the same way, the Registry makes life easier for Windows and other programs that run on your PC by keeping all the information about the system in a single centralized location.

Registry files are not to be trifled with

The Windows Registry is comprised of files just like all the other files on your hard drive. More accurately, the Registry is a set of six files that in most versions of Windows are located here:


Additionally, two files for each user on the system are located in their respective user profiles.

Registry files can become corrupted, just like any other Windows files. A corrupted Registry could make your PC unusable, so Windows automatically backs up all the files in the Registry. When you create a system restore point, additional backups are made.

Most users will never need to deal with these files directly. Indeed, fiddling with Registry files could create serious problems on your computer or even render it unusable.

Registry updates happen all the time

The Registry on your PC was created when Windows was installed. However, that initial copy of the Registry is constantly being updated.

For example, when you install new software, the installation program may create hundreds or even thousands of new Registry entries containing such information as the installation directory, license numbers, and program defaults.

Similarly, the Registry is updated every time you change a setting in Windows' Control Panel.

In fact, the Registry is being updated even if you aren't installing programs or changing settings. That's because Windows and your other running programs are constantly accessing and updating the Registry as part of their normal processes.

The number of times the Registry is accessed is stunningly large. I just ran a test on the laptop I'm using to write this article, and there were over 100,000 Registry accesses in 60 seconds!

Process Monitor tracks your Registry activity Figure 1. Process Monitor tracks your Registry activity.

I found this out using Microsoft's free RegMon utility, which lists all Registry accesses and updates as they occur. RegMon has been replaced by Sysinternals' free Process Monitor, which is similar to RegMon in that you run the program directly from the procmon.exe file without installation. Do try Process Monitor; you will be quite shocked to discover just how active the Windows Registry is on your PC.

Hacking the Registry requires care and caution

For safety reasons, users cannot edit the Registry through the normal Windows graphical interface. Instead, you must use Windows' special Registry Editor (or Regedit) from a command window. This restricts Registry editing to experienced users — which is a good thing, as an incorrectly edited Registry may render a PC unusable.

The main reason users want to edit the Registry is to make changes to the settings on their PC that they can't make through Windows' Control Panel or the options available in their application programs.

For example, one common tweak disables CD auto-run in Windows XP. Another prevents the Desktop Cleanup Wizard from nagging you to remove unused icons.

There are dozens of sites listing hundreds of these Registry hacks and tweaks. Reputable examples include Kelly's Korner and the Elder Geek.

Though many of these tweaks are useful, I must say I'm uncomfortable with the idea of inexperienced users editing the Registry by hand. The potential gain is too small compared to the possibility of a total disaster, such as an unbootable PC.

It's not the tweaks that are the problem; those listed at the sites above are generally very sound. Rather, it's that Registry editing is by its very nature a tricky business — far too tricky for most inexperienced users. So I'm deliberately not going to tell you how to do it. Instead, I'm going to recommend some safer methods.

Scripts keep your Registry tweaks safe

But that's not a problem. There are two ways to get the benefit of Registry tweaks without engaging in risky manual editing of the Registry.

The first is to use a Registry script file to make the changes. These plain text files use the .reg extension and instruct Regedit to make specific changes to the Registry.

Using a script file to tweak the Registry is very simple. Download the tweak as a .reg file, and then double-click the file. Windows will ask whether you really want to make the changes to the Registry. If you answer "yes," the changes are made immediately and without any further intervention from you. There is no need to go anywhere near the Windows Registry Editor.

Sometimes, your security software will issue a warning when installing a .reg file. That's because such files are sometimes used by malware. However, if you have downloaded the .reg file from a reputable source — such as the two listed above — then you can safely ignore any warnings from your security programs.

Not all Registry tweak sites offer their tweaks in the form of .reg scripts, but Kelly's Korner does. These scripts offer a simple and effective way to get the benefits of Registry editing without the risk. However, stay away from .reg files offered by unknown sites. They may be fine, but there's no way of knowing what you're getting.

Freeware alternatives to the Registry Editor

There's another way to tweak your Registry that's safer than Regedit or scripts. For Windows XP, Microsoft offers a free (though unsupported) program called TweakUI as part of its free collection of PowerToys utilities.

TweakUI gives you access to many Registry settings through a simple graphical interface. The program doesn't allow you to make all the changes you can via the scripts at Registry tweak sites, but it handles many of the most useful tweaks.

Given its ease of use and high level of safety, TweakUI is an attractive option for inexperienced users. Unfortunately, it's available only for Windows XP. Vista users can check out the freeware program WinBubble, which provides functionality similar to that of TweakUI.

TweakUI and WinBubble allow you to realize most of the gains of Registry tweaking without facing the risks involved in manual Registry editing. However, even with these low-risk products, it's a good idea to back up your Registry by creating a system restore point before you do any tweaking, just in case something goes wrong.

Please tell us how useful this article was to you:

1: Poor
2: Fair
3: Good
4: Great
5: Superb
Ian "Gizmo" Richards is senior editor of the Windows Secrets Newsletter. He was formerly editor of the Support Alert Newsletter, which merged with Windows Secrets in July 2008. Gizmo alternates the Best Software column each week with contributing editor Scott Spanbauer.

Table of contents


Like Flash, Silverlight poses a privacy risk

Woody Leonhard By Woody Leonhard

Many readers were outraged by my last column's revelation that Adobe's Flash Player maintains hidden cookies on your computer that are outside the reach of your browser's controls.

It's not just Flash: Microsoft's Silverlight — the Softies' intended Flash killer — covers much of the same ground and poses similar security problems.

What Flash and Silverlight have in common

As I explained in my Oct. 23 column, Adobe's Flash Player maintains its own version of cookies — text files stored on your computer that can be set and read by an individual Web site. Flash's Local Shared Objects (LSOs) look like cookies and act more or less like rogue cookies.

By default, LSOs can store up to 100KB of data. Regular cookies are limited to 4KB. Your browser can't touch LSOs, even when you clear or restrict your cookies, because LSOs operate completely independently. Adobe offers an online program that gives you some access to the LSOs, but the tool is clunky, archaic, and — until I wrote about it last week — virtually unknown.

Microsoft's new Silverlight platform takes on Flash in many ways. Silverlight's Isolated Storage feature walks like a duck and quacks like a ... er, bears more than a passing resemblance to Flash's LSOs.

Using Isolated Storage, a Web site can store up to 100KB of text on your computer (more, if you give permission). The text is maintained completely independently of your browser. As with LSOs, your browser can't touch Independent Storage, even when you clear or restrict your cookies. Microsoft offers an obscure program that gives you some access to Isolated Storage, but the utility offers you few options.

Is there an echo in here?

While Flash has been around forever, Silverlight has just entered prime time. Version 2 shipped last month. (Let's not talk about version 1, okay?)

Microsoft clearly intends for Silverlight to compete for the hearts and minds of Flash developers, ultimately using superior technology to take over Web programming as we know it. Microsoft did the same thing when it ousted Adobe from its dominance in page description languages, supplanting Adobe's PDF with its own XML Paper Specification (XPS).

Yes, my tongue's still in my cheek.

The privacy peril of third-party cookies

Few people have problems with the simple first-party cookies that sites leave on your PC to help identify you and customize content when you return. The difficulties arise with third-party cookies, which are set by programs that "hitch a ride" in advertisements on the sites you view every day. Third-party cookies don't do anything to help you. They exist only to enrich advertisers.

As I explained in my last column, Flash developers can use LSOs to create and manipulate third-party cookies. By default, Flash accepts all third-party LSOs. You have to use Adobe's Flash Player Settings Manager site to turn off third-party cookies — er, LSOs.

As far as I can tell — and there doesn't seem to be a lot of discussion on the topic — Silverlight also allows third-party cookies. More accurately, a Web page can contain two or more Silverlight programs, each of which has its own Isolated Storage.

Using old-fashioned third-party cookie techniques, an advertising company could easily perform the DoubleClick shtick and track your surfing.

Unlike Flash, Silverlight has absolutely no controls that you can set to block third-party cookies — um, Isolated Storage. I guess Microsoft just hasn't gotten around to it. While Flash sits on more than 97% of the world's computers, Silverlight is on only a tiny handful of PCs. (Yes, I know that Microsoft claims millions of downloads a day.)

As a result, Silverlight is a much less inviting object of advertiser's affections than Flash, and you needn't worry much about third-party Silverlight cookies haunting your PC. Yet.

Where to find Silverlight's configuration tools

If you have Silverlight installed on your system, you can open the Silverlight Configuration tool by right-clicking any location inside a Silverlight Web site and choosing Silverlight Configuration. You'll see the window shown in Figure 1.

Microsoft Silverlight Configuration tool Figure 1. Access the Silverlight Configuration utility via any site that uses Microsoft's Flash competitor.

Sounds easy, doesn't it? There's a catch. In order to bring up the Silverlight Configuration tool, you have to find a Silverlight site, and that isn't as easy as you might think. For example, if you go to the main Silverlight page, you won't be able to bring up the Silverlight Configuration tool: Microsoft didn't use Silverlight to write the Silverlight main page. D'oh!

Instead, try a Silverlight site such as the Spatial Wiki. Right-click anywhere on a page, choose Configuration Tool, and click the Application Storage tab. You'll see a list of sites using Isolated Storage on your computer, as seen in Figure 2.

Sites using Isolated Storage Figure 2. View a list of sites that use Silverlight's Isolated Storage via the Silverlight Configuration tool.

From the Application Storage tab, it's easy to wipe out Isolated Storage cookies for specific sites or for all sites, but you can't block third-party Isolated Storage cookies altogether. (Note: Unchecking the Enable application storage option that's shown in Figure 2 isn't a solution, because this would block even useful first-party cookies, not just third-party ones.)

Cookies share what they know about you

I find it disconcerting that Microsoft is up to version 2 of its Flash killer and still hasn't implemented any way to thwart third-party cookies.

The problem is more than skin deep: as far as I can tell, Silverlight presents a much more serious privacy challenge than the Flash Player. The way things stand now, all third-party applications on a particular Silverlight page can access each others' Isolated Storage. That's a security hole bigger than Kansas.

Wilco Bauwer describes it this way in a blog posting from last March:

  • "There is a downside to Silverlight's implementation, though. When hosting a Silverlight application on a server and letting third-party Web sites add this to their page, [the cookies] would all share the same isolated store. This might not be desirable."
Silverlight also faces all the potential security problems that haunt the Flash Player. Like Flash developers, Silverlight programmers have to prevent cross-site access to Isolated Storage. On several occasions, Microsoft has failed that test via bugs in Internet Explorer. How can we be sure Silverlight will be any safer?

Silverlight mimics Flash in many ways. (A pertinent example: Silverlight used to allow 1MB of Isolated Storage space per app, but that was reduced to 100KB in the current version, the same storage limit as Flash's LSOs.) It remains to be seen whether Silverlight can offer a more secure framework for active Web content than Flash does, starting with a better way to handle cookies.

With all the Ray Ozzie-fueled hubbub and press coverage about Azure and Microsoft's impending dominance of the cloud, it's a bit sobering to see what's really happening — right now — inside Microsoft's cutting-edge online applications.

As with so many technologies, the marketing fluff sounds good, and the million-dollar demos leave your jaw on the floor. But when you scrape down to bare metal, reality often fails to live up to the hype.

Woody Leonhard's latest books — Windows Vista All-In-One Desk Reference For Dummies and Windows Vista Timesaving Techniques For Dummies — explore what you need to know about Vista in a way that won't put you to sleep. He and Ed Bott also wrote the encyclopedic Special Edition Using Office 2007.

Table of contents


Some sites break without Flash cookies enabled

By Dennis O'Reilly

There was a remarkably large response to Woody Leonhard's Oct. 23 column on deactivating the Local Shared Objects (LSO) in Adobe's Flash Player.

Few people were aware of Flash's version of third-party tracking cookies, which advertisers use to keep tabs on your surfing habits and deliver ads based on your activities on previously visited sites.

Unfortunately, we also heard from readers who found that some of their favorite sites broke when they blocked the sites' access to third-party LSOs. Heaven only knows why the sites rely on third-party LSOs when regular LSOs should work fine.

For reader Stephen Addy, the Flash-cookie casualty was MTV's new music-video service:
  • "In reference to Woody's great report about Adobe cookies, just to let you know that I followed the advice and then found a few Web sites, such as the recently released, were not working.

    "I managed to track this down to stopping third-party cookies under Flash. If I turned on the ability to allow third-party cookies, the site worked correctly. This might be something to update the readers with to let them know where to look if issues occur."
Another site that relies on Flash's third-party LSos is a popular Internet radio service, as reported by reader David Kramer:

  • "Thanks to Woody for a very informative and good article on Flash cookies. I have just one caveat to the statement [that there's no good reason to allow third-party LSOs on your system].

    "In fact, after disabling third-party LSOs, I found at least one very good reason — there's a very useful Web application that doesn't work with third-party LSOs disabled: Pandora.

    The Pandora Internet radio service requires Flash's LSOs Figure 1. The Pandora online radio site requires Flash's third-party Local Shared Objects.

    "So, I guess I may need to live with the risk of having third-party LSOs enabled or live without Pandora."
Go to the source to disable third-party cookies

The one-fell-swoop approach to blocking third-party cookies is to opt out of the largest Internet ad network, as described by reader Darrell G.:
  • "Woody's cookie article was informative, but he missed a tip on how you can tame the world's biggest third-party-cookie offender. Visiting it [the DoubleClick DART cookie opt-out page] and clicking the Ad Cookie Opt-Out button [located at the bottom of the page] will prevent Doubleclick from placing a unique cookie on your PC, which will stop them from tracking you across sites."
Darrell's suggestion is valid, but clipping DoubleClick's wings is only a partial solution; it won't affect LSOs placed by other ad networks. (Note that DoubleClick's opt-out setting applies to all forms of third-party cookies — LSOs and standard tracking cookies.)

Readers Stephen, David, and Darrell will each receive a gift certificate for a book, CD, or DVD of their choice for sending tips we printed. Send us your tips via the Windows Secrets contact page.

Help people find this article on the Web (explain):


Table of contents


Use these permalinks to share info with friends

We love it when you include the links shown below in e-mails to your friends. This is better than forwarding your copy of our e-mail newsletter. (When our newsletter is forwarded, some recipients click "report as spam" and corporate filters start blocking our e-mails.)

The following link includes all articles this week:

Free content posted on Nov. 6, 2008:

You get all of the following in our paid content:

Sudarto in Indonesia
A portion of your support helps children in developing countries
Each month, we send a full year of sponsorship to a different child. Your contributions in November are helping us to sponsor Sudarto Sagiman, a 12-year-old boy from a village in the area of Rembay, Indonesia. Plan USA channels development aid from donors to Sudarto and his community. We also sponsor kids through Save the Children and other respected agencies. More info

Table of contents


The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last two weeks of August and December. Windows Secrets resulted from the merger of several publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: LLC, Attn: #120 Editor, 1700 7th Ave., Suite 116, Seattle, WA 98101-1323 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editorial Director: Brian Livingston. Senior Editor: Ian Richards. Editor-at-Large: Fred Langa. Technical Editor: Dennis O'Reilly. Associate Editors: Scott Dunn, Stuart J. Johnston. Program Director: Tony Johnston. Program Manager: Ryan Biesemeyer. Web Developer: Damian Wadley. Editorial Assistant: Katy Abby. Copyeditor: Roberta Scholz. Chief Marketing Officer: Jake Ludington. Contributing Editors: Susan Bradley, Mark Joseph Edwards, Woody Leonhard, Ryan Russell, Scott Spanbauer, Becky Waring.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter,, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of LLC. All other marks are the trademarks or service marks of their respective owners.

YOUR SUBSCRIPTION PREFERENCES (change your preferences):

Delivery address:
Alternate address:
Country: Canada
ZIP or postal code: L3B 5N5
Reader number: 32451-65148

Your paid sub expires: 2009-11-08 at 12:01 a.m. Pacific Time.
You'll receive a renewal notice approximately four weeks prior to that date.

Bounce count: 0
Your bounce count is the number of times your server has bounced a newsletter back to us since the last time you visited your preferences page. We cannot send newsletters to you after your bounce count reaches 3, due to ISP policies. If your bounce count is higher than 0 or blank, please visit your preferences page. This automatically resets your bounce count to 0.

To change your preferences: Please visit your preferences page.

HOW TO SUBSCRIBE: Anyone may subscribe to this newsletter by visiting our free signup page.

Table of contents

No comments:

Post a Comment

Thanks for understanding that we need to prevent the nasties.

Terms of Use

Personal & Educational Use Only This blog consists mainly of FREE newsletters from computer web gurus that I receive. I thought you might like to see them all in one place than try to discover them on your own. A moderate amount of editing may be done to eliminate unrelated repetitious ads or unnecessary text which bloat the post. However I have given the authors full credit and will not remove their site links because you deserve to see where it comes from and they deserve to get credit for what they have written. Your use of this site is simply for educational purposes. For more computer-related help go to: CPEDLEY.COM for free software, advice and tips on low cost products which are very helpful. If you want to contact the editor, please go CPEDLEY.COM and check the Contact page for email address.