Best Security Practise

If you have an administrator account—even if you’re the only person who will be using your computer—it’s a good idea to create and use a standard user account for your day-to-day computing. There is a much higher risk of serious damage to a computer system if malware infiltrates your computer (or a malicious person gains control of it) when you’re signed in as an administrator than there is when you’re signed in as a standard user. Through an administrator account, the person or app has access to all system files and settings, whereas a standard user account doesn’t have access to certain functions that can permanently damage the system.


Windows install

  • install windows 7 to virtual machine, (till configure setup stage)
  • boot windows PE into virtual machine, Ghost windows 7 partition to a gho file
  • copy that gho file out to usb drive
  • boot windows pe into netbook, ghost the un-configured windows 7 system gho into netbook
  • set the boot segment
    • option 1: boot windows 7 install image from usb on netbook, repair the boot segment.
    • option 2: use PE system boot, and use partition software (windows built-in 'diskmgmt' or 'MiniTool Partion Wizard Home Edition (install and copy app to usb)') to set the C drive to active,

Problem 1: “Bootmgr is missing”

  • run windows PE from usb, then cmd “bcdboot C:\Windows” to create the bootmgr

(as usb install method may pop-up the asking-for-cd-drive dialog during windows 7 usb install)

reference: xp-win7-netbook install boosect cmd for booting

Post App install

    1. disable the IE toolbar
      Control Panel\All Control Panel Items\Programs and Features
  1. winrar (7zip)
    1. Microphone setup > Microphone array (IDT high definition audio codec)
  2. sougou chinese input
    1. disable the IE toolbar
      Control Panel\All Control Panel Items\Programs and Features
    1. run from admin right cmd
  3. DiskInternals Linux Reader

Windows tool open file

file type description tool usage
.dmg mac disk image ultraISO open dmg file, choose tool > convert (to iso)
.dmg mac disk image dmg2iso dos:dmg2iso File.dmg File.iso

Windows customize for appearance

Dual Screen Wallpaper setup

  • photoshop 2 wallpaper together, left right combine, then choose Tile option to layout the wallpaper

Windows customize for efficiency

(dos + .lnk shortcuts) + autohotkey(app) + autohotkey scripts

Create a application shortcut / alias.

  1. right click on app shortcut, pop-up menu > property;
  2. “shortcut” tab > click “Advanced…” button
  3. in Pop-up dialog: check “Run as Admin”
  • run
    rundll32.exe sysdm.cpl,EditEnvironmentVariables
  • then you can add user level variable without admin right

Services and Function addon for Windows

SSH's username and password is using the same name and pass as the system (linux.unix), which stored at /etc/passwd text file. (like text user db)

/etc/passwd contains one line per user, fields of each user separated by “:”


UID:0 for root, 1-99 reserved

  • OpenSSH server solutions
    • method one - through Cygwin :
    • method two - SSHWindows :
      1. download SSHWindows and install
      2. regedit
        [HKEY_LOCAL_MACHINE\SOFTWARE\Cygnus Solutions\Cygwin\mounts v2\/home]
        "native"="C:\Program Files\OpenSSH\home" 
      3. make user folders at C:\Program Files\OpenSSH
        cd %PROGRAMFILES%\OpenSSH
        mkdir home
        mkdir home\yourUserName
        mkdir home\yourUserName\.ssh
      4. create user password
        cd %PROGRAMFILES%\OpenSSH\bin
        ssh-keygen.exe -d
      5. enter “/home/yourUserName/.ssh/id_dsa” as file name, and create your password
      6. copy to your
    • method others:

Tips on how to share Folder, Hard drive, Printer and other device on Windows.

Note: to securely share a folder, you need have a account of that computer.

  • (for Windows 7) right click on that folder, click “Property”
    • under “Sharing” tab, click the “Share…” button
      • then add the people you want to share with from the first Drop Down menu,
      • (choose everyone if you want to share with Everyone, or create a user account if the user you want to share is not in)
      • then, click share, that is it
  • To access the share folder from other computer under same local network,
    • press “Windows key + R”, then type "\\the_computer_name\"
    • (on Mac) go to Finder > Go menu > Connect to Server > at the dialog, enter "smb://the_computer_name/"
    • enter the user name and pass if needed
    • now the shared folder will appear on your computer

Problem and Solution:

  • logout or clean the authorization of current share folder connection
    REM list all the share folder connection
    net use
    REM delete the connection
    net use /delete \\sharedServerName
  • disable Password Protection for shared folder access, (so that others don't have to ask you enter password to open your shared folder)
    1. Control Panel\All Control Panel Items\Network and Sharing Center\Advanced sharing settings
    2. under “Password protected sharing” > choose “Turn off password protected sharing”

Some guides on sharing printer from your Windows computer to the local network.
my reference:

(for Windows 7 or similar)

  1. go to Start Menu > Devices and Printers
  2. double click on the printer you want to share, go into that printer's control panel
    1. click “Customize your printer”
    2. then click on the “Sharing” tab, check “share this printer” and give it a name
    3. click OK, done

Problem and Solution

  • disable Password Protection for shared Printer access, (so that others don't have to ask you enter password to add your shared printer)
    1. Control Panel\All Control Panel Items\Network and Sharing Center\Advanced sharing settings
    2. under “Password protected sharing” > choose “Turn off password protected sharing”

Add the shared printer on your computer

On Windows

  1. go to Start Menu > Devices and Printers
  2. in the “Devices and Printer” panel, click “Add a printer”
  3. in the pop-up dialog, choose “Add a network printer”
    1. then, choose “The printer that I want isn't listed”
    2. select a shared printer by name, enter as "\\the_printer_host_computer_name\printer_name"

On the Mac

  1. Open “System Preferences” - “Print & Fax”
  2. Click “+” to add a printer
  3. Right hand button tool bar to customize and add “Advanced” button
  4. Select “Advanced”
  5. In the “Type:” field select “LPD/LPR Host or Printer”
  6. In the “URL:” field enter "lpd://IPserver/PrinterShareName; (e.g., "lpd://")
    • Using "lpd://ServeName/PrinterShareName" does not work, the IP address must replace ServerName
    • The IP address is the address of your PC, the one assigned by your router
  7. Click the “Add” button

Common Background App Disable

  • adobe reader
    C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\
    AAM Updates Notifier.exe
    C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat
    acrotray.exe (it affects right menu click to convert)
    C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroCEF

FAQ - Problem and Solutions

  • install AppLoc from Microsoft
    • tips for install apploc on Windows 7,
      • simple: run apploc installer from terminal with admin rights
      • dummy guide
        1. Go to your start menu, type cmd in the search box
        2. Hold down crtl+shift and click on cmd.exe
        3. Select Yes when a dialog asks if you want the program to make chances to your computer
        4. The command prompt should show C:\Windows\System32
        5. Type cd\ and press enter to navigate to the installer
        6. Type apploc.msi and press enter, the installer will appear
        7. then install as normal, fixed

Method 1:

  • update graphic driver

Method 2 (tmp fix):

  • control panel > mouse > pointer options > Visibility: check display pointer trails (shortest)
  • run “services.msc”, and find the service name
  • then open a console terminal, type
    sc delete "service name not the display name"


You can't use XBOX 360 Wireless controller for PC unless you buy the Xbox 360 Wireless Controller PC Adapter:

Using the Play and Charge Kit for a wireless controller only carries power to the wireless controller, not data. When its charging with this cable, the wireless controller doesn't send data through the play and charge cable - it continues to send the data wireless.

The Xbox 360 Wired controller will work without any adapters on PC.

  1. Open Java control panel with Admin rights
    • On a 64bit system:
      C:\Program Files (x86)\Java\jre6\bin\javacpl.exe
    • On 32 bit system:
      C:\Program Files\Java\jre6\bin\javacpl.exe
  2. Right Click javacpl.exe, then select “Run as Administrator”
  3. Uncheck the “Check for Updates Automatically” Update feature and click on “Never Check” and you are done.
    • or you can check that option, and click the “Advance..” button and let it do Monthly update check
  1. Make sure Window Ink is checked in Wacom Pen mapping option (as photoshop use windows ink for pressure)
  2. Make sure Brush tool option bar, last icon is clicked/checked (Always use pressure for size)

alternatively, force photoshop use wacom driver not use ink

Guide for fix Wacom tablet on windows 7, disable all the annoying feature of windows pen input for CG artists.

Update: 2016.06

  • Simple fix: Just go wacom config, under Mapping, uncheck using Windows Ink
  1. Pen and Touch
    1. > Flicks (disable)
    2. > Pen option: Press hold (disable)
  2. Tablet PC setting
    1. > Other: input panel setting > Opening (un-check all to disable)
  3. Addition Click Feedback fix
    • Method 1: (only applicable to Windows 7 Ultimate Edition)
      1. windows+R, enter gpedit.msc
      2. User Configuration - Administrative Templates - Windows Components - Tablet PC - Cursor
      3. Enable “Turn off pen feedback setting”
    • Method 2: (for non UE version of Windows 7)
      1. windows+R, enter services.msc
      2. Tablet PC Input Service (Not TabletServiceWacom)
        1. > (Right Click Menu) Stop Service
        2. > (Right Click Menu) Properties → Change Startup Type to Disabled
    • Method 3: (not recommended)
      1. Turn Windows features on or off > Un-check “Tablet PC Components”
    • Method 4: (not recommended)
      1. Click Run, type “regedit”, navigate to this directory.
        "Splash" =dword: 0x00000032(50) and
        "UIFeedbackMode" -dword: 0x0000001(1)
      2. Right click each one, click modify. Check the Decimal radio button and set the Value Data number to 0.

temporary fix driver not found issue

  • run following batch file with admin right (right click on bat file and choose run as Admin, or select the file in Explorer, File menu > Run as Admin), basically restart wacom service.
    @echo off
    net stop WTabletServicePro
    timeout /t 5 /nobreak > NUL
    net start WTabletServicePro
    timeout /t 2 /nobreak > NUL

may or may not useful

  • under power plan setting > put USB selective suspend setting as disabled
  • solution: try find the application's association in regedit, and fix the path registered for that application
    • HKEY_CLASSES_ROOT\Applications\Your_App_Name\shell\open\command
  • method 1: use regedit to increase drag and drop start distance
    • HKEY_CURRENT_USER\Control Panel\Desktop; DragHeight and DragWidth value set from 4 to large number like 20, so it take 20px move to activate drag and drop
    • to help you get the idea of distance, 20px is the height of 1 explore item, so put 120 will only allow you to drag if you move your cursor in 6 item distances, which almost likely prevent accident click drag problem
    • however, your window drag movement and item drag selection in windows explore will be affected as well
  • device manager > Human interface > double click on Touch Screen
    • under driver tab, click button Disable Device
  • Problem analysis:
  • Solution:
    • open Group Policy control panel by Ctrl+R to open Run Dialog, then type “gpedit.msc”
    • on left side, expand Computer configuration > Administrative template > System folder > User profiles item
    • then, on right, double click “set maximum wait time for the network if a user has a roaming user profile or remote home directory”, and change to Enable, and with option as 0 seconds at below.
  • Problem Analysis:
    • the Input language shortcut sometimes it is hard to change, and seems not allow you to change, especially the Shift+Space for toggle the shape of characters. full-width and half-width
  • Solution:
  • Problem:
    • can't delete a file or folder, deleting causing Explorer hanging. even in admin cmd mode
  • Solution:
  • Problem: Delete files and folder with windows explorer will be slow like 20min above
  • Solution:
    • as windows will check files and folders and give you an estimation of delete time (which actually cause long wait before delete)
    • disable realtime file protection from windows defender may also help
    • use cmd to delete is fast
      cd /d ToThePathWhereContains_FolderToDelete
      rmdir /q/s FolderToDelete
      # above will quietly subfolderly delete that FolderToDelete, which is still slow but faster than explorer.
      # some says rmdir will complain and stop for hidden files, so suggested delete all sub file then run above, which maybe useful and not time differ
      # ref:
      del /f/q/s FolderToDelete > nul
      rmdir /q/s FolderToDelete
      # which 1st line delete all file and sub files, and > nul is not show screen feedback
  • Win+R, type msconfig, in boot tab, check Safe Mode, after into safe mode, same step to uncheck and reboot
  • in admin level cmd
    • show network adapter list
      netsh interface show interface
    • enable a adapter
      netsh interface set interface custom_named_wifi_adapter enable


  • MSVC is microsoft visual c++ library, and most Microsoft windows based software are designed based on core function of a series of Visual C++ library, and as years goes, there are yearly based dll libraries like MSVCP100, MSVCP140 and so on. The dll name and corresponding year is following
    • Note: x86 and x64 library are separate libraries, and your software may depends on either of it (x86 app use x86 dll), so sometimes you need to install both to insure the one it wants is there.


MSVCR C runtime library (CRL)
MSVCP Standard C++ library
MFC standard foundation class library
VC version file name example
Visual Studio 2005 ~80.dll
Visual Studio 2008 ~90.dll
Visual Studio 2010 ~100.dll
Visual Studio 2012 ~110.dll
Visual Studio 2013 ~120.dll
Visual Studio 2015 ~140.dll
Visual Studio 2017 ~150.dll
Visual Studio 2019 ~160.dll
  1. Start the computer and press F8 key immediately.
  2. In the “Advanced Boot Options” window, select “Safe Mode” and then press “Enter”
  3. Login to your account.
  4. Click Start
  5. In Start Search box, type “regedit”, and press “Enter”.
  6. In Registry Editor window, navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
  7. In the left pane, look for the folder name starting with S-1-5 (SID key) followed by a long number, then click the folder and locate ProfileImagePath from the right pane to verify that this is the user account profile that has the error.
  8. If you have two folders starting with S-1-5 followed by same long numbers and one of them ends in .bak
  9. Change the .bak folder to normal one. To do this:
  10. Right click the folder without .bak and choose “Rename”. Then add .ba at the end of the folder name.
  11. Right click the folder with .bak and choose “Rename”. Then remove “.bak” at the end of the folder name.
  12. Right click the folder with .ba and choose “Rename”. Then change the .ba to .bak at the end of the folder name.
  13. Choose the folder without .bak
  14. In the right pane, right click on RefCount and then select “Modify”
  15. Under “Value Data”, type 0 and then click OK.
  16. Right click on State and then select “Modify”
  17. Under “Value Data”, type 0 and then click OK.
  18. Close Registry Editor window.
  19. Restart the computer in normal mode.
  20. Log on to your account again.
  • windows path has a length limit of 260 characters.
  • techwiki/winsys.txt
  • Last modified: 2022/09/27 02:09
  • by ying