Ease your paranoia

---

It will destroy ya. Anyone who works with technology for a living will tell you that most things on your computer can be discovered after the fact. This means that when you search for a file, connect to a network device, etc., all that information is stored somewhere.

Hold on, that doesn't mean that the OS maker is spying on you. This is all done under the heading of "user convenience". Unfortunately, other folks can view this information and find out more about you. What files you access most often, pictures you view, etc. Read on find out how to foil them.

Most Recently Run (MRUs) lists can be cool.For example, if you open Explorer, and type MyDocument.DOC in the search field, all copies of the file will be shown. The next time you open Explorer, you'll notice that you only have to type the first few characters, and your history that matches those characters will pop up.

Using this knowledge, a stranger could possibly sit down at your computer, and easily find out what programs you have been running, websites you have visited recently, and if you are on a LAN, what computers you have searched for on the LAN.

This "washing of the history" might be a little extra-paranoid, and I'm not trying to scare you. Just giving a bit of insight. The first step of any security process is physical security. If they can't sit down at your keyboard, they can't check your history. Well, in most cases.

The history is stored somewhere, right? In the case of Windows 7, and most versions of Windows since 95/98, this information is stored in the good ol' registry.

You can also go through the various GUIs for getting rid of this information. For example, to clear the common dialog filename MRU, type URLs MRU, and Run history MRU, you could do this:

• Right-click the Taskbar and choose Properties
• Select the Start Menu tab
• Uncheck the following option:
• Store and display a list of recently opened programs
• Click Apply.

But where would be the fun in that? This is a geek site, by geeks, for geeks. Even aspiring geeks. And we do things through the registry. So without further ado, here are the registry paths and what to do to clear your habits from prying eyes.

To clear the MRU lists in the registry, delete all the values except "(Default)" under each of the following registry keys:

Find Files:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Doc Find Spec MRU

Find Computer:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FindComputerMRU

Printer Ports:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PrnPortsMRU

Run Command:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Window sizes/positions:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

To clear the file search history, navigate to this path and right-click the WordWheelQuery branch and choose delete:

HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ WordWheelQuery

One last thought: What about scripting this? You could set up a task to clear your MRUs every couple of hours, or when you logoff. If you are a system administrator, you could even put this into a login script for sensitive computers (after making a copy for compliance purposes, of course).

About this post

Posted: 2011-11-13
By: FortyPoundHead
Viewed: 1,341 times

Categories

Software Hack/Tweak

Tutorials

Security

Windows

Attachments

No attachments for this post

Comments

No comments have been added for this post.

You must be logged in to make a comment.