New PC? Change These Windows Settings Right Away

About the author
Avram Piltch

Avram Piltch is Tom's Hardware's editor-in-chief. When he's not playing with the latest gadgets at work or putting on VR helmets at trade shows, you'll find him rooting his phone, taking apart his PC or coding plugins. With his technical knowledge and passion for testing, Avram developed many real-world benchmarks, including our laptop battery test.

Read more
This thread is closed for comments
    Your comment
  • Lutfij
    Good tips! ;)
  • fmstrat
    Holy crap. Seriously? Disable UAC? So of you're an admin user any malware on the planet can invisibly install helpers? This is rediculous advice and should be edited.
  • RememberThe5th
    Who needs uac when you are admin of PC in your home, you should know what you are downloading.
    Its pretty anoying.

    Another thing to add, even if you are an admin of windows , you still cannot change some things.
  • judicus.temp
    This is the 'ease of user quality of life' not the best security mix of setting changes, of course there are a thousand other settings to adjust that are worse.
  • allen.conway
    "might want to change" rather than "should change", would be better advice, and, even then, reasons for not following the advice should be given too - except if the audience here is considered to be too expert to need a for and against approach - but in that case why give it at all?
  • springdale
    Congratulations on the tip to disable UAC...
  • Rexer
    'Show hidden files and extensions'. If you surf the internet to any extent, this should be closed. It prevents viruses, worms and malware from seeking out jpg, pdf, exe, etc. files they're may be programmed to search and destroy. The only times this should be opened is when you're running a complete anti-virus/malware scan or you don't see a file you know is there.
  • RememberThe5th
    Lol... Ive been with disabled uac for years, no issues with virus or anything, if you are smart enough you wouldnt download crap from internet.
    Thats what are VM used for...
    Adblocker blocks popups and ads which use cookies , also thanks to google whatever you say with microphone on that ad will pop up.

    The thing that more worries you is uac, than stealing personal information, like microsoft does.
    Or other companies, softwares etc.

    Also for hidden files some antivirus or malware scans dont have rights to scan hidden folders, thats why i use hitmanpro or rogue scanner.

    Also that nobody mentioned as I remember that if you disable uac I think you cannot use microsoft store?
  • ehrharttaylor
    Wow... definitely would advise against not disabling UAC. This is coming from a power user.
  • alextheblue
    Windows' User Account Control (UAC) gives you an aggressive warning every time you want to install software or change a key system setting. In other words, you have to be alerted to your own behavior so you can think twice about it. But since you presumably graduated kindergarten, you don't need this kind of paternalism.

    No, that's not the only purpose of UAC, as others have pointed how. Kind of funny seeing someone recommend disabling something they don't understand. How often do you have to deal with UAC prompts? Personally I don't see them very often. If the answer is rarely, leave it on. If you CONSTANTLY see UAC prompts, you can adjust it... still wouldn't recommend turning it off.

    Next you'll recommend disabling the firewall. Damn thing prompts me sometimes! Feh! Who needs security.

    most people prefer the rich ecosystem of extensions and broad support that Chrome and Firefox enjoy.

    I do like Firefox but I mostly use Edge these days. It's good enough to be a daily driver and it works well on my desktop and 2-in-1 touchscreen alike. I don't use a crapload of extensions but all the ones I want are there. Such as Adguard, which I intentionally disable on TH and AT, despite the swarm of ads. So that I can... support you giving questionable advice about UAC? I guess.
  • bigpinkdragon286
    Why is too much credit being given to UAC? The type of user that is going to plow headfirst into endangering their PC is hardly going to be anything but annoyed by UAC.
  • aylafan
    Bad advice to disable UAC. A malware/keylogger was installed on my computer by just surfing a website on Google and someone stole all my passwords on my computer in less than 10 minutes. Amazon says I own them around $3,000 because there were several big purchases from my account. My Amazon Prime account is locked, Amazon hasn't resolved the issue, and it still ongoing for several months now. UAC would have prevented this if I left it on; I turned it off because I thought the popup was annoying.

    I also had Avast antivirus and MalwareBytes (free version) installed at the time, but they did nothing. It only takes 10 minutes or less for a hacker to steal all your information so unless you have UAC or MalwareBytes Premium (real-time scanning) to prevent this then you are not even remotely safe browsing the web.
  • zircular
    I've had UAC disabled for four years, never had any problems.
  • Darkbreeze
    1293170 said:
    'Show hidden files and extensions'. If you surf the internet to any extent, this should be closed. It prevents viruses, worms and malware from seeking out jpg, pdf, exe, etc. files they're may be programmed to search and destroy. The only times this should be opened is when you're running a complete anti-virus/malware scan or you don't see a file you know is there.

    That setting is there to keep the user, who is probably not very experienced in most cases and may inadvertently try deleting or otherwise borking up files that they shouldn't tamper with. It does not, in any stretch of conversation, hide those files from malicious programs or other software. The people writing both beneficial and malicious software already know those files are there, and how to access them, so disabling that feature does not protect you from anything other than yourself.

    That setting is readily available to be changed, or not changed, in folder options anyhow and is not really relevant to the question of whether UAC should or should not be disabled. They really are two different beasts.
    All good advices but diabling UAC is terrible advice for the normal user. In fact, I even enable UAC + password authentication with a really long password on my parents' computers in order to train them not to simply click on every friggin popup they see. The password is written on a sheet of paper along the lines "Are you installing a software or driver update? If not, you don't need this password!" Since then, I never had to cleanse their computers of ad/mal/annoyware again.
  • aylafan
    For those saying they have UAC disabled for years and haven't gotten anything is lucky. UAC is there to prevent malware/keyloggers from installing or running on your computer in the first place. All it takes is visiting a random website from a Google search to catch one. You don't need to specially download anything to catch a malware/keylogger. I've turned UAC off since the first time it was introduced by Microsoft on all my computers, but I finally caught one on one computer and now Amazon says I owe them around $3,000. I now turn on UAC on all my computers and have several other security programs to try to prevent this from happening again.
  • Karadjgne
    People who run with UAC disabled are only playing Russian Roulette. Just because you disabled it 4 years ago, and have not had any issues does not make that the rule, just makes you lucky. As kids, we all get vaccination against a variety of diseases like rubella and measles and mumps Yada Yada Yada. Most of us will never come in contact with that disease in any form, but there are some who will. And have no clue until you get sick. You might find it 'annoying' that you actually have to click Yes, I want to install, or Yes, I want to open, but that's a might better than having someone drop Trojans unannounced onto your pc. Malware might be annoying, easy enough to get rid of, virus are distructive, easy enough to find, but Trojans are invasive. I personally don't want ppl looking at my bank records when all I did was order a pizza online. Adobe, Java and some few others are nice enough to at least give you a checkbox when installing, you are allowed not to install the f'n Google toolbar, but many others are not so nice.

    I don't see anybody complaining when mail is automatically routed to junk/spam boxes, even if it's something important, so why complain if there's other aspects of windows that are trying to do a similar job.

    If you want to disable UAC, fine, do so, your gun and your bullets. But advising that ppl 'should' is tantamount to mass pc murder.

    Apart from the fact there's plenty of software out there that does not work right without the UAC permissions.
  • Adm1ra1P
    I appreciate the tips for auto-killing the tasks on shutdown or restart. That has been an annoyance for me for some time now. I also had no idea that Win 10 had system restore quashed by default. I have not had to use that in many years, but when I did I was grateful for it. As far as the UAC, personally, I impose my own "paternalism" there. I have an admin account, but do 99% of my work in a standard user account. I do have UAC turned off, but agree that wording this as if everyone should turn it off is probably not the best idea. Even with it turned on there are so many users that will still acquire things that will adversely affect their computer and them. At least with it in place the hope is that some of those would be users will be deterred from making those mistakes.
  • RememberThe5th
    For those who disable uac and dont catch anything know atleast whether site is corrupted or normal.
    Its most user error for downloading sketchy stuff always, thats why I never got to reinstall windows in my 6 years of use it, not including reinstalling to windows 10. I blame users who got viruses, malware on their pc.

    Oh and to add I dont give personal visa card info directly to site, i use paypal, never had issues with it, nor some sketchy buyings off it.

    Yeah hate me as much as you want.
  • USAFRet
    Sorry, but a blanket recommendation to disable UAC is just wrong, IMHO.
  • NinjaNerd56
    I’ve been in IT for 40...yes 40...years.

    I did security audits for several years with the following guarantee - if I couldn’t penetrate a client’s system in 24 hours, the engagement ($2000/day) was free.

    I was paid 100% of the time.

    This is possibly the worst article I’ve read on a technology site in years.

    Do NONE of what this idiot suggests. There are exploits for virtually all of them.

    I’ll add that your everyday account for your PC should NOT be Administrator equivalent anyway.

    I just finished ANOTHER bare metal rebuild for a relative and gave the primary users Limited Accounts (Windows 10) and told them NOT to add any widgets, plug-ins, or anything similar. And that they rarely if EVER, should override a UAC warning.

    This is why stupid amounts of money is stolen everyday...people choosing convenience over security. Many of them run red lights as well. Risk / reward thinking is seriously broken. (Which explains the GOP and Trump a bit, but that’s another subject for another day)
  • RememberThe5th
    Well for me as a bit amateur/advanced user isnt, but for normal users it it as they can get.
    Thats my statement.
    Partially agreeing with all of you.
  • stairmand
    Most of these "tips" are simply stupid. If you want to show filename extension you can just tick the box in the view tab, A better tip would be to hold alt and press v then it will should you shortcut buttons to use too (HF for hide filenames in this case) and No, UAC shouldn't be disabled, even for a pro user.
  • nutrynion
    These articles have got to stop. The moment people start turning things off and disabling things are when all the support tickets get registered because <mod edit> don't work right. Then people blame it on the manufacturer. No girlfriend. Blame it on these frikkin articles.