TweakHound - Tweaking Windows Vista, page 5

Security Center & Other Security Related Tweaks

I realize what I'm about to say will seem condescending to some folks but it needs to be said, sorry.

For Geeks many of the security features in Vista range from really annoying to unneeded. For many people all these features really do help them secure their computer. Most computer users fall somewhere in the middle. The decision on what features to keep or not is yours, as is the responsibility. The price you may pay for a wrong decision is an unusable computer or loss of personal or financial information. Consider yourself warned.

 

Recommendation: IMHO, the average user should not disable:

Security Center

Windows Defender (if you do not have another anti-spyware tool)

User Account Control

System Restore (if you do not have another backup method)

Automatic Updates (configure it instead)

 

If you are not familiar with the security features in Vista PLEASE read this before changing anything security related:

Some guidelines for securing your Windows Vista PC (word.doc)

 

Stop Security Notifications

You must to this BEFORE you disable the Security Center.

In the Notification Area (bottom-right where the time is), right-click on the Security Shield and choose Open Security Center.

In the left pane of the resulting window choose Change the way Security Center alerts me,

choose Don't notify me and don't display the icon, *poof* the shield is gone!

 

Reg Value:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-some series of numbers, diff on each machine]
"EnableNotifications"=dword:00000000

;note - the value below EnableNotifications is EnableNotificationsRef, it shows the number of times the above value is changed.

;if you like you may delete but leaving it hurts nothing

 

Don't Monitor Specific Events

Must be done from regedit

Reg Values:

; 00000000, or 0 = On, 00000001 or 1 = Off, Off means do not monitor

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
"FirewallOverride"=dword:00000001

 

Disable Security Center

* see Stop Security Notifications above.

Press the Windows + R keys > type services.msc .

Scroll down to Security Center and double-click on it.

In the resulting window, click in the box next to Startup type:  and choose Disable.

To stop the service now click the Stop button, otherwise the changes will be in effect on reboot.
 

Reg Value:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc]

"Start"=dword:00000004

 

Disable Windows Defender

Go to Start > Programs > Windows Defender >  Tools > Options > Uncheck everything, especially Use Windows Defender.

Click Save.

You need to do this before you disable the service or else you'll generate an error.

Reg Value:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=dword:00000001

 

TweakUAC

If the only reason you are going to disable User Access Control (UAC) is because it annoys you you may want out check out TweakUAC. It is a free program that allows you to adjust UAC to run in quiet mode.

TweakUAC is a free software tool that you can use to quickly turn UAC on or off,

or to make UAC operate in the quiet mode.

 

Disable User Account Control (UAC)

initial source

If you want to argue over UAC see here: Neowin - The Great UAC Debate.

***Very important.

If you intend to disable User Access Control (UAC) as I have then you should do this BEFORE YOU INSTALL ANY PROGRAM. Not doing so can lead to problems later.

***Important

Disabling UAC will cripple Internet Explorer 7 & 8's Protected Mode. Protected Mode will show enabled in the Internet Options box but Protected Mode will always read Off in the actual IE window. (Reason # 1,857,343 to use Firefox)

You can use the above program, TweakUAC to do disable UAC or:

Press the Windows + R keys > type msconfig > open the Tools pane.

Scroll down to Disable UAC and click once on that line.

Hit the Launch button.

Reg Values:

; Disable UAC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=dword:00000000

 

; turn off UAC prompt

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001

 

Luafv.sys

If you have choose to permanently disable UAC and you are in the mood for an advanced tweak:

This comes from Chris123NT and suggested by Ouzel (thanks!) via the comments section. Based on my understanding and in simple terms, UAC uses a driver called the UAC File Virtualization Filter Driver or luafv.sys to trick legacy apps (apps that aren't correctly written for UAC's least privilege) into thinking they are running with the privileges they think they need but really don't. Of course, if you aren't using UAC then you do not need this driver loaded.

***Please visit Chris123NT's Page for more info, he was the one that discovered it.

And BTW Chris, awesome find and nice tweak!

 

The setting is located in the registry:

This is they key in it's default (enabled)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\luafv]
"Start"=dword:00000002

This is the key disabled:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\luafv]
"Start"=dword:00000004

 

An easy way to disable it is to use Autoruns and uncheck it (it's in the drivers section).

Did I mention this is an advanced tweak?

 

Turn Off System Restore

Be sure you have another backup/restore option BEFORE you do this. Disabling System Restore means that you will not be able to use Shadow Copies or Driver Rollback. See Windows Vista Backup Strategies For Home Users for more info.

Press the Windows + Pause Break keys > in the left pane click on Advanced system settings.

In the resulting window, switch to the System Protection pane.

Uncheck all drives.

A pop-up will happen asking "Are you sure..." (what, are you my wife? stop freakin' nagging me!), click Turn System Restore Off, the click Apply.

 

Reg Value:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"RPSessionInterval"=dword:00000000

 

Turn Off Remote Assistance

Press the Windows + Pause Break keys > in the left pane click on Advanced system settings.

In the resulting window, switch to the Remote pane.

Uncheck Allow Remote Assistance connections to this computer.

 

Reg Value:

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Remote Assistance]
"fAllowToGetHelp"=dword:00000000

 

Turn Off  or Configure Automatic Updates

There is no sense in having Windows incessantly checking for updates. Microsoft releases their updates on Tuesdays and usually once a month.

If you are a Geek and hit the tech sites often you'll know when updates are released and you can update manually. Non-Geeks should use the second option.

To Disable Automatic Update:

Launch Windows Update, in the left pane click Change Settings.

In the resulting windows check Never check for updates, click OK.

Reg Value:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"AUOptions"=dword:00000001

 

To Configure Automatic Update:

Launch Windows Update, in the left pane click Change Settings.

In the resulting windows check Install updates automatically( recommended), under Install new updates, change the day to Wednesday and the time to 1:00 AM, click OK.

(click thumbnail for larger view)

NEXT >