lammypie

as I become more and more security paranoid, I wish only the user accounts to be visible on the welcome screen, and no administrator accounts (that way people have to guess the administrator user name as well as the password, and it is not readily visible for people to mess with) I wished to remove all of the administrator account from the welcome screen. Most of the tech forums I visit seem to suggest that the welcome screen will always display an account with administrator rights. well I've just managed to get a welcome screen with only limited accounts displayed! Some of you may know this - so apologies, many will not. Create another Administrator account. Use Tweakui to untick 'display administrator account' untick 'display newadmin account' all of the other user accounts are limited accounts only. SO FAR, the welcome screen will not display 'newadminaccount' but will still display the original 'administrator' account even though tweakxp is set not to display it. So having created a new administrator account. I simply disable the original 'administrator' account in computer managment. NOW - NO administrator account is displayed on the welcome screen. I can access the new administrator account I created by pressing CTRL-ALT-DEL twice and inputting the userid and password. This way none of the users have any idea of what account is the admin account, and seeing as the admin account is a complelety different name to administratorm and the original admin account is disabled it makes hacking it VERY hard. Hope this helps somebody

thanks Theefool Its winxp pro. Update This is what I have found so far. If I add a site to the restricted site list in IE, it creates it in this registry key. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ This only adds it to the restricted site list for the user who is logged in at the time. To add it globally, you have to manually add it to the registry - here! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ Note the only difference in the key is CURRENT_USER to LOCAL_MACHINE. However this will not make ANY difference to each users restricted sites list, until you enable 'SECURITY ZONES:Use only machine settings' to 'ENABLED' you can do this through GPEDIT (I haven't discovered the registry key for this yet) If you don't enable the above option then the Local Machine entries are ignored, and it won't have anyeffect on the restricted lists. So using Spybot, and spyware blaster to maintain the restricted lists, only updates the current user, so to use those programs to maintain the restricted site lists for the other users on my PC, (which is the whole point) I have to do the following. Make sure the 'Use only machine settings' is 'enabled' in GPedit Run Spybot/Spyware blaster Open registry, export HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ to a text file. edit the text file replacing HKEY_CURRENT_USER with HKEY_LOCAL_MACHINE rename the text file so it ends in .reg. Then run it, and it'll add it to the registry. a bit long winded but it seems to work. Now I need to figure out how to write a script or something to do that automatically. (I have no idea how to write scripts) I have also discovered a conflict when using such programs to maintain these lists. When using domain names everything seems to work hunkydory, however also updated is the range key (IP ADDRESSES) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges Now unlike the domains key where the subkeys are the names of the website. The list of IPaddresses is different. Inside the ranges key, sub keys are numbered 1, 2, 3, 4, 5 etc. with the ip address stored as a value, not a key. therefore the ranges installed by one such utility work great but is overwritten by another will replace the Keys 1, 2, 3, 4, 5, 6, with its own ones storing different ip addresses. This does not happen with the domains, as the domain or website names itself is the key name, so they don't get removed accidentally. I think this is just a limitation of the os. I have spent ALL day on this so far, and do not have anymore time to try and find a work around for this issue today. If anyone knows an easier way of spreading the restricted list through all users on the machine, then please let me know. Also if anyone knows how to automate the above process (perhaps by way of script), then I'd really appreciate it . Kind regards Chris (Now I have to learn how to do the same, with the privacy settings - ALL SUGGESTIONS NEEDED AND MOST WELCOME)

I can create a group in user accounts, but I can't get GPedit to apply settings just to one group. Just to either all the users, or the whole machine. Seeing as I am only running 1 machine (not connected to any network or domain, those two configurations have the same effect). aarrgh

thanks guys, I'm very new to this aspect of winxp The IEAK seems not to be good for other users on the same computer, I only have 1 computer running winXP not a network or domains or anything. I've been looking at the GPedit. In Administrative templates, win comp, Internet explorer "use only machine settings to enabled" which should keep a standard set of settings amongst all users, however if I change them on the administrator account they do not propagate to the other limited accounts. I have set "security Zones: Do not allow users to change policy" to enabled, however that also locks the administrator account from making amendments! Any more suggestions? Thanks Chris

Hi. On my pc I have several user accounts (user priviliedges only)in addition to a Administrator account. I maintain a list of Restricited Sites, Blocked Cookies, Blocked Active X controls etc. (via Spybot Immunise, Spyware blaster, and some manual additions) If I update the lists on the Administrator account, how do I get WinXP to automatically propagate those restrictions to all of the user accounts? Also how can I lock the security settings page, so users can not lower security settings, or alter cookie handling, or active x controls etc? I know this can be done, as most big businesses use this kind of approach, Ijust can't figure it out. Many Thanks Kind Regards Chris

http://www.msgplus.net/ Download Meggenger plus from the above web site. That allows you to increses the word limit, also gives you loads of extra cool tweaks! Enjoy

via have released a NEW 4.36 !!!! (4.36 version 3) which fixes some issues! download it from the driver page at www.viaarena.com

well it worked for me!

New Official Via 4in1 drivers 4.36v available for download at www.viaarena.com They include a 'silent' install of the patch to fix the 'infinite loop'error seen with XP and highperformance graphics cards. It is a silent install so all you will see is that the INF driver is being updated, but it will install. I've tested this patch and it works great. Haven't slipped up once since installing. Highly Recommended

yeah NORTON is not what it used to be (before Symantec bought it) With WinXP there is little reason to waste your money on it. The AntiVirus is Vgood but thats it. DiskDoctor is just a shell for the builtin CHKDSK. SpeedDisk is OK but not really better than the winXP defragger, and has more than a few issues. The others are really bad. Get Antivirus, thats all Nortons Good for now!

Hey Dazultra I was just logging in here to tell everyone about the planned BIOS updates from VIA to fix this thing, and guess what, I found you beat me to it. Its good to see some people from Icrontic here also.

yeah I've been getting this as well. Each time it happens I send a bug report to Microsoft, and fill in my contact details so they can get back to me. However most times their website packs up so I've only been able to give my contact details for 3. If you have done this you can check the status of the problem by going to http://oca.microsoft.com/welcome.asp If everybody always submits the report even if its anonymously then hopefully the pressure will be on to fix it!

This is the reply I had from Seagate Tech Support. Chris, The Barracuda ATA IV has the fastest internal transfer rate of any of its competitors. This is why it is the highest performance drive in its class in certain applications when used by itself. Evidently, when the drive is used in some RAID 0 environments, it can supply data to the interface faster than the host system can request it. Under some circumstances, such as reading sequential data, this can cause the drive to incur a latency. This means when the host request comes too late -- after the data's initial immediate availability -- the drive must wait for the disc to rotate up to one revolution for the requested data to be available again. Under these circumstances, the drive appears to be slow in performance when actually it is too fast. This is not a new phenomenon. Because Seagate is the leader in new technologies and products, and the increased performance they bring, we sometimes have to wait for the rest of the industry to catch up. When Seagate introduced the Cheetah X15, over one million drives ago, there was a similar issue with a few SCSI RAID controllers. Like the SCSI RAID environment, we anticipate optimized controllers will become available. In the meanwhile, it appears some 2-drive ATA RAID 0s can't keep up with the Barracuda ATA IV. There is no alternate slower firmware available to accommodate the problem. Best Regards, Ron Stacy Seagate Product Support

I thought I'd warn you guys that there are SERIOUS issues with the Seagate Barracuda IV hard disks and the HPT370 RAID controller. Using a RAID 0 configuration the RAID 0 will perform almost 50% SLOWER than using a single drive!!!!!! I have tested this using HPT bios and driver combos 1.03b1, 1.11.0402, 2.0.1015, 2.0.1019. It just doesn't work. Other users have experienced the same thing over at the forums at www.storagereview.com. Also the 2.0.1019 HPT Bios will limit the cuda4s to 66Mbs (DMA Mode4) and will crash the RAID 0 array on reboot. I am still waiting for a reply from Highpoint and Seagate tech support. For more info and proofcheck out this thread at the Icrontic forums which included clear and detailed ATTO benchmarks. http://www.icronticforums.com/showthread.php?threadid=15092&goto=newpost If you use the HPT370 controller I recomend you DO NOT purchase the Barracdua IVs like I did. Especially if you intend to use the RAID 0.

I thought I'd warn you guys that there are SERIOUS issues with the Seagate Barracuda IV hard disks and the HPT370 RAID controller. Using a RAID 0 configuration the RAID 0 will perform almost 50% SLOWER than using a single drive!!!!!! I have tested this using HPT bios and driver combos 1.03b1, 1.11.0402, 2.0.1015, 2.0.1019. It just doesn't work. Other users have experienced the same thing over at the forums at www.storagereview.com. Also the 2.0.1019 HPT Bios will limit the cuda4s to 66Mbs (DMA Mode4) and will crash the RAID 0 array on reboot. I am still waiting for a reply from Highpoint and Seagate tech support. For more info and proofcheck out this thread at the Icrontic forums which included clear and detailed ATTO benchmarks. http://www.icronticforums.com/showthread.php?threadid=15092&goto=newpost If you use the HPT370 controller I recomend you DO NOT purchase the Barracdua IVs like I did. Especially if you intend to use the RAID 0.