|
Configuring Windows for Performance, Usability and Security
This document applies to Windows 95, 98 and Me.
Related documents:
Configuring System BIOS,
Windows 95 software installation,
Windows 98 software installation.
Contents
1. Introduction
2. Hard Disk Partitioning
3. Booting MS-DOS
4. The Windows Operating System
5. Disaster Prevention
6. Further Windows Housekeeping
7. Clearing Out Unnecessary Files To Make Space And Increase Performance
8. Functionality That Can Be Removed From Windows If You Don't Use It
9. various fixes / workarounds to common problems
10. Still to add to this document
11. Appendix
You can configure Windows with all its user interface bells and whistles that have little functional value other than to slow the system down, and
pay extra money for bigger, faster, hardware to compensate for your bad configuration; but why bother. This document details how to turn off all the
extra fluff, and how to streamline it further so that the system runs at its fastest on the given hardware and saves you throwing away old equipment
before its time is really up.
as far as performance goes, configuring a Windows system with the settings layed out in this document will really come-into-its-own on a computer
with less resources than those you'd buy brand new now, yet it will enable any computer to run Windows faster and smoother. tuning the operating system
for performance goes hand-in-hand with choosing lightweight software applications.
Use this document in conjunction with win-95-software-installation.html or win-98-software-installation.html ; those documents deal with the software worth loading onto a Windows sytem,
this document deals with how to configure the underlying operating system that exists before you begin loading software onto it.
There are also details of settings worth making in many of the individual programs that make up a Windows system, in documents which can be found
via software.html.
Thanks to David L. Farquhar for his book 'Optimizing Windows (for Games, Graphics and
Multimedia)' (recently out of print), 2000, O'Reilly; which initially helped fill some of the holes.
Key
%username% defines the Windows system variable %username%, when this is used in the text it indicates
that you should type these exact cxharacters and the NT system will substitute it with the current username
'username' indicates that you should type the actual name yourself
2. Hard Disk Partitioning
Stand-alone Windows 95/98/Me
Drive |
Function |
Volume Name |
Directories |
Size(MB) |
File System (95,98,Me) |
Cluster Size |
Partition Type |
C: |
Windows operating system(+/-MB) + virtual memory |
WINDOWS |
\windows |
Win9x, min: 600
advised: 1000 + (1.5/2 X max physical (incl. foreseeable) RAM for virtual memory) |
FAT16 |
32k |
primary |
D: |
program files(+/-MB) |
PROGRAMS |
\ |
min: 600
advised: 1500+ |
FAT16 |
32k |
extended/
logical |
E: |
1. Windows' temporary files (+/- MB)
2. applications' (incl. browsers') temporary files / scratch space (+/- MB) |
TEMP |
1. \temp
2. \program-name
|
min: 400
advised: 1000
(2000+ for audio / still image / video editing) |
FAT16 |
32k |
extended/
logical |
F: |
users' Home space for their data; Windows installer (CAB) files (120MB) and various other uses (+/- MB) |
HOME |
\files\'username'
\mail
\software
\drivers
\freedb
\backup
\win98se.cab | rest of available space; or leave some for GNU/Linux |
FAT16 or FAT32 |
??k |
extended/
logical
|
G: |
CD-ROM / CD-RW / etcetera |
. |
. |
. |
. |
. |
. |
|
backup partitions (optional): |
n/a |
invisible partition for 'WINDOWS' backup |
PROG-BAK |
n/a |
= |
FAT16 |
32k |
|
n/a |
invisible partition for 'PROGRAMS' backup |
WIN-BAK |
n/a |
= |
FAT16 |
32k |
|
|
partitions of an additional dual booting GNU/Linux system (optional): |
hd# |
root |
n/a |
? |
100 |
EXT2 (83) |
? |
primary/logical |
hd# |
swap |
n/a |
? |
= or 2x physical RAM size (and between 128MB and 2GB) |
LINUX-SWAP (82) |
? |
logical |
hd# |
everything else |
? |
? |
min: 800+
advised: 2000+ |
EXT2 (83) |
? |
logical |
Advantages of spreading operating system functionality over multiple partitions:
limits fragmentation (one of the main areas of system performance loss)
limits possible damage from some virii
limits damage from user error
the more partitions that can be given a dedicated physical hard disk, or shared with as fewer other partitions as possible,
the faster the system will run if partitioning themes are followed by users/administrators of the system (i.e. installing programs to the
PROGRAMS partition, saving personal data to the HOME partition) then administration is made simpler because as the system fills up over
time, space for Windows to function properly such as its virtual memory and temporary space won't be eaten up and the whole sytsem grind to a
halt anywhere near as quickly, as those areas have been assigned their space and other functions shouldn't impinge upon that space
(conversly, as a set amount of space has been assigned to, for example, the TEMP partition, if programs don't delete their temporary files
it can fill up sooner than expected and slow the system down, so you must pay attention to that-however, when investigating a problem
atleast all the different programs' temporary directories are located in the same area rather than potentially anywhere in the file system
and are thus easier to find and delete)
with Windows' virtual memory on its own disk drive, it doesn't need disabling whilst the file system is defragmented for it to be
succesfully defragmented.
If you have a second hard disk, depending on how often its being accessed by programs,
you can improve performance by locating Windows' virtual memory on that disk. This saves the virtual
memory file from fragmenting the Windows partition. We used to also advise locating Windows' virtual memory on its own partition in a single disk
system but it transpires that though this reduces fragmentation (a major performance hindrance), it forces the disk heads to move back and forwards
too much between the Windows system files and the virtual memory, reducing the performance boost gained from the lack of fragmentation; where-as
with the virtual memory on a separate disk the disk heads remain constantly around the same position on the disk where the virtual memory file is
located
TEMP wants to be larger (i.e. by an extra 1GB) if an image manipulation (i.e. GIMP, Photoshop) or audio editing software
(i.e. Audacity, CoolEdit) is using it
If you wish to have the GNU/Linux operating system installed concurrently with Windows, install Windows first, leave some partition space free (use something
like Ranish Partition Manager or FIPS and Partition Resizer or Partition Magic or FDISK), and the GNU/Linux installer should prompt you to allow it
to install in the free space and should then insert an operating system loader (LILO/GRUB/etc) in the hard disk's Master Boot Record (MBR) (the first
sectors of the disk, that previously had Windows' operating system loader that took you into Windows automatically) which instead will ask you each
time you switch on which operating system you'd like to run
the minimum and maximum partition sizes in the following table are based on a system presumed to be heavily used for a typical set of popular
contemporary desktop uses, such as office suite applications (word processing, spreadsheet, database), various Internet applications (web, email) and
graphics editing (i.e. GIMP/Photoshop) and other general uses; and assumes you have generous amounts of disk space to use (minimum of 3GB but for
full flexibility its advisable to have 5.5GB or more). More leniant partition sizes could be used instead, for a system not intended for such a
variety of applications and/or with smaller hard disk(s) (see further on)
if you're trying to cram this into a smaller hard disk, remember this:
WINDOWS wants enough to fit Windows, the Windows default Program Files, the program files for some applications that don't give you a choice where they get installed (most often device drivers).
PROGRAMS wants enough to cover all programs you can imagine needing to ever have installed.
SWAP wants enough space for the Windows virtual memory (the total RAM required, minus the physical RAM available)
TEMP wants enough to cover web browser cache (if you download files they'll be stored in here whilst they download)
and all other applications' use of temporary space (some applications use large amounts of temporary/swap/scratch space)
LIBRARY wants to cover the Windows setup files (allthough these could live on a seperate CD) and any other software installers you want to keep
on the hard disk at all times
for example, a system using Windows 98 could fit into:
WINDOWS: a very minimum of 300MB
PROGRAMS: 400MB
SWAP: 200MB+
TEMP: 200MB+
LIBRARY: 150MB (minimum for complete Windows installer and about 30MB for device drivers)
HOME: the rest of available space
How much larger is the WINDOWS partition likely to grow over time?
Occasionally there are applications (usually small hardware drivers) which will completely install their program files to C: without asking.
Some applications (Quicktime, some Macromedia products) will install parts of their installation into %WINDIR%\SYSTEM32 (Windows NT) and
this could be as much as 5 to 10MB.
Windows 2000 out-of-the-box (without adding extra language capabilities) could be perhaps 580MB; Service Packs save
their files (SP2 is 150MB) in %WINDIR%\ServicePackFiles (so even currently unused updated system files are available
when they're needed). The %WINDIR%\SYSTEM32 directory could easily grow to 500MB
MSDOS.SYS
[Win95,98,Me]
location: C:\MSDOS.SYS
download a copy that matches these settings, either for Windows 95 or for Windows 98 (at this point they're the same file)
file type: plain text
turn off its file attributes for Read-Only and Hidden before editing, and (preferably) restore them afterward
AutoScan=2 (after an impromptu shutdown, run SCANDISK without asking)
BootDelay=0 (set startup delay to 0 seconds)
BootGUI=1 (the default, load Windows)
DblSpace=0 (prevents automatic loading of DBLSPACE.BIN, if present, and subsequent unloading of it if not
required)
DoubleBuffer=0 (unless you have an ISA SCSI controller card and play DOS games in the Windows GUI)
DrvSpace=0 (prevents automatic loading of DRVSPACE.BIN, if present, and subsequent unloading of it if not
required)
Logo=0 (don't display the Windows splash screen. small performance gain. this is also dealt with in TweakUI ->
Boot)
Network=1 (load networking components. remove this line if networking components aren't installed)
SystemReg=0(disables scanning the registry for hardware profiles. note: can cause some systems to hang. may be
inappropriate for laptops that dock with a mother ship)
display the boot menu for 1 second
(far from essential but useful for aquainting people with this menu that they will undoubtedly find useful someday but whose existance will
otherwise likely have been obscurred from them. but this method can confuse people)
BootMenu=1
BootMenuDelay=1
CONFIG.SYS
location: C:\CONFIG.SYS
file type: plain text
Windows doesn't need SETVER, HIMEM.SYS or EMM386.EXE to be run from CONFIG.SYS, but some specific DOS programs might
device = c:\%WINDIR%\command\display.sys con=(ega,,1) ?
country = 044,850,c:\%WINDIR%\command\country.sys
files=99 (Windows 95/98's default is 30 which is too low for multitasking. Windows more stable with 99)
buffers=13 (Windows 95/98's default is 20. buffers are no longer a relevant aspect but 13 solves obscure memory
configuration problems)
AUTOEXEC.BAT
[Win95,98,Me]
location: C:\AUTOEXEC.BAT
file type: plain text
prevent AUTOEXEC.BAT's contents from displaying on the screen as they're run:
@echo off keyboard driver:
keyb uk,,c:\windows\command\keyboard.sys
(amend 'c:' and 'windows' to suit your system) remove the line for the DOS sound card driver, if present, and if you don't use the sound card in DOS (i.e. for games), e.g.
SBINIT
set blaster=... set the Windows' default location for storing temporary files:
[Win95,98,Me]
@set temp=x:\windows
@set tmp=x:\windows
(where 'x' is the drive letter of your TEMP partition, if you have one (otherwise use C:\TEMP)
SYSTEM.INI
[Win95,98,Me]
location: %WINDIR%\SYSTEM.INI
file type: plain text
tune the Windows disk cache for best performance
[vcache]
MinFileCache=1/8 of total RAM or 1024, whichever is lower
MaxFileCache=1/4 of total RAM or 16384, whichever is lower
for example, use the values in brackets for the following total RAM sizes: 16MB (1024/4096), 32MB (1024/8192), 64MB or greater (1024/16384)
(If setting this on an old computer with a 386 or 486 cpu, set a fixed disk cache
by making these values the same, either 1/4 total RAM if you have 16MB, or 1/8 if you have less)
There are situations with high performance computing applications where you'd want to tune this cache differently, more on that when we get around to it
System Properties: Device Manager
turn off CD or DVD Auto Insert Notification
with this on, Windows constantly polls the drive to see if a disc has been inserted (which consumes resources) and if it has, it follows the
commands, if present, in the file \AUTORUN.INF, which invariably loads an application setup program (but could also load malicious code, making this
a large security risk with unknown discs). With this disabled, you'll have to run setup programs manually, using something like Start -> Run ->
Browse... and looking for the setup program (often SETUP.EXE if its the kind of program that uses AIN) on the disc drive
System Properties -> CD-ROM or DVD -> Properties -> auto insert notification - disable
disable USB error detection (only if motherboard has VIA Apollo chipset, for fixing problems with it) enable Direct Memory Access (DMA) data transfer on all ATA drives (i.e. hard disk, CD, DVD) (increases performance):
hard disk (beware, operating system may hang on some older systems) optical discs (CD-ROM / CD-R / CD-RW / DVD / DVD-ROM / etcetera)
properly installed IRQ Steering (essential to proper USB connectivity):
System Properties -> Device Manager -> System Devices -> PCI bus -> Settings -> Use Hardware
System Properties -> Device Manager -> System Devices -> PCI bus -> IRQ Steering ->
Use IRQ Steering - on Get IRQ table using ACPI BIOS - on Get IRQ table using MS Specification table - on Get IRQ table from Protected mode PCIBIOS 2.1 call - off Get IRQ table from Real Mode PCIBIOS 2.1 call - on
IRQ Routing Status:
IRQ Steering Enabled
IRQ Table read from MS IRQ Routing Specification
IRQ Miniport Data processed succesfully
IRQ Miniport loaded succesfully
System Properties: Performance
File System
Floppy Disk -> Settings: search for new floppy disk drives each time your computer starts - off (Windows starts quicker) Tune your CD-ROM cacheing (useful if have no CD-ROM or not enough RAM to run Windows in, as it frees up RAM, but progressively
slows CD access down to a crawl. if have plenty of RAM then can even add more by editing the registry):
control panel -> system -> performance -> file system -> CD-ROM ->
if have >16MB RAM and make heavy use of the CD-ROM:
supplemental cache size: all the way to the right (and this can be increased further with a registry edit) if no CD-ROM or you use it just for installing software and playing music:
supplemental cache size: all the way to the left
Optimize Access Patterns: 'No read-ahead'
only if you are able, move Windows' virtual memory to a second hard disk drive (if ATA, then also on a second controller).
Consider how often the second disk drive is being accessed by programs, as this will affect the performance of the virtual memory:
Virtual Memory -> Let me specify my own virtual memory settings ->
choose the second hard disk (if Windows doesn't delete the old virtual memory, do so by hand,
its called: %WINDIR%\WIN386.SWP) Graphics
sounds
multimedia
Networking
Install only those networking components, clients and services you need, remove those you do not. you'll need a networking adaptor
installed before you're able to add these (either a network card physically fitted and recognised in Network Configuration, or the 'dial-up adaptor',
usually associated with modems but is actually a catch-all phrase for a few networking techniques, so can be added regardless of whether you have a
modem or not)
For example, for Internet access you need only the 'TCP/IP' protocol; if you want access to files/printers on other computers, made available using
Windows Shares, you'll need the 'TCP/IP' or 'NetBEUI' protocol, and the 'Client for Microsoft Networks' client; and the 'File and
printer sharing for Microsoft networks' service if you additionally want to share your files/printers with others. A default Windows installation
will install excess protocols such as VPN and IPX/SPX which should usually be removed.
If connecting to the Internet, be careful not to enable 'NetBIOS over TCP/IP' (there are good instructions at http://grc.com/su-bondage.htm) (basically, bind 'Client for Microsoft Networks' and 'File and printer sharing for
Microsoft networks' to the un-routable NetBEUI instead of the routable TCP/IP)
Tune such settings in these places:
for an ethernet connection with a network card:
Control Panel -> Network -> pick network card -> Properties -> Bindings -> check only that which you need (see
above) for private TCP/IP based networks, if you have control of the IP addressing range, use the 10.0.0.x range
(its an easier number sequence than 192.168.x.x for general users to remember)
for a dial-up connection using Windows' dial-up software (Dial-Up Networking or DUN):
Start -> Programs -> Accessories -> Communications -> Dial-Up Networking -> right-click on the desired
connection -> Properties -> Server Type -> set the properties for each connection here (this menu sequence probably differs between
versions of Windows)
set the analog telephone line protocol for between your computer and the ISP (probably PPP) As above, enable only the networking protocols you need (probably only TCP/IP) (this also speeds up the time to connect) - ...
- ...
- ...
Control Panel -> Network -> TCP/IP -> Properties -> these are global settings, TCP/IP settings are best configured
seperately for each connection in Dial-Up Networking, so everything in here wants to be turned off or set to automatic, othewise they over-ride the
Dial-Up Networking settings, so:
Control Panel -> Network -> Dial-Up Adaptor -> Properties -> Bindings -> check only that which you need (see above)
for broadband Internet connections in general (ethernet, cable, DSL, etcetera):
furthermore...choosing a domain name / workgroup name / DNS host name that matches your postcode, or some other such personal
indicator, could compromise privacy
Network Card (hardware)
configure for maximum throughout:
Control Panel -> Network -> pick the adapter -> Properties -> Advanced ->
(these options may or may not exist for you, depending on the particular card)
? Control Panel -> Network -> pick the adapter -> Properties -> Driver Type
Modem (hardware)
once you've configured Dial-up Networking for a particular connection, create a shorcut to it on the Windows desktop:
in Dial-up Networking, right-click on the appropriate connection and choose 'create shortcut' (if you were to drag it to the desktop it
wouldn't create a shortcut but instead an INI file containing all settings relating to this connection, which wouldn't be as elegant) set the port speed to the maximum:
Dial-up Networking -> ? -> ?maximum connection speed? -> 115,200baud
or is it in Control Panel -> Modems...? Change the MTU and RWIN settings:
http://www.annoyances.org/exec/show/article04-006 and see to-do list at the bottom of this document (also
here) enable logging of information of how this Internet connection is used:
Dial-up Networking -> Server Types -> Advanced options -> Record a log for this connection
enable logging of information about the use of the modem device:
Control Panel -> Network -> Dial-up adaptor -> Properties -> Advanced -> Record a log file: yes
Control Panel -> modems -> pick the modem -> Properties -> Connection -> Advanced -> Append to log
the log file is %WINDIR%\modem-name.log
Taskbar & Start Menu
if the monitor isn't large, reduce the size of 'Start menu' icons, as usually this menu is too large
Windows95: Start -> Settings -> Taskbar -> Show small icons in Start menu - enabled
Windows98: Start -> Settings -> Taskbar & Start Menu...-> Show small icons in Start menu - enabled
further tweaking of the menus:
WindowsMe: Start -> Settings -> Taskbar & Start Menu...-> Advanced -> Start Menu Settings
Display Administrative Tools - on Expand Control Panel - on Expand Network and Dial-Up Connections - on Expand Printers - on
disable the clock from showing in the System Tray
unless you need it, it consumes resources
Windows95: Start -> Settings -> Taskbar -> Show clock - off
Windows98: Start -> Settings -> Taskbar & Start Menu... -> Show clock - off
Windows2000: Start -> Settings -> Taskbar & Start Menu... -> Show clock - off
Internet Explorer
These are Internet Explorer (IE) settings (integrated with the operating system from Windows 95c onwards, unless you use 98Lite so as
to not install it in the first place). as IE is installed by default and is an integral part of Windows these changes are worth making in case anyone
or anything chooses to use IE or its components). We recommend you lock down Internet Explorer as tight as you can and use something like Netscape
(or another Gecko-based browser such as Mozilla or K-Meleon) instead. Or, if you do really need to use IE, loosen off those insecure parts of it that
you need in browsing and for only those security zones which
are apply. It is not advised using IE on the open Internet because of its many security vulnerabilities.
it's probably worth running IERadicator (unless Windows was initially installed Windows using 98Lite) to remove a greater proportion of Internet
Explorer (but I haven't used it in a while and need to check what it does and doesn't remove)
'control panel -> Internet Options' or 'Internet Explorer -> Tools -> Options' or right click on Internet Explorer desktop icon and choose
Properties
Options for the IE that comes with Win95 OSR2.5 (is this version 3.x?):
Security
Active content
Allow downloading of active content Enable ActiveX controls and plug-ins Run ActiveX scripts Enable Java programs Safety Level -> Active content security -> Medium
Advanced
temporary Internet files -> Settings -> move folder to TEMP partition (if running a system with multiple partitions)
(e:\%username%\ie\Temporary Internet Files - if you set it this way it'll choose
'Temporary Internet Files' automatically and create the directory; if you set it directly in the registry it won't; so we've set our
registry setting to use the cumbersome 'Temporary Internet Files' for consistency)
(there are more settings in here but they're dimmed, how do they get undimmed?)
Options for other versions of IE (applicable product version number(s) are in square brackets afterward...
(Win98 1st edn comes with IE4.01SP1?, Win98 2nd edn IE5.0, Win2k IE5.0, WinXP IE6.0)
General Programs Security
'High' will turn off all of the features (see Appendix) apart from these, all of which we recommend you disable
(if a 'Custom Level' has already been chosen you will have to restore the button for choosing 'High' by choosing 'Default Level...')
'Script ActiveX controls marked safe for scripting' (defaults to 'Enable') 'Font download' (defaults to Prompt) 'Java permissions' (defaults to 'High safety') [5.5]
-
Internet - set the security level to 'High'
Local intranet - the higher you set this the more obstructive Windows is to your moving around and
running files. we're currently trying this at a 'Medium-low' security level Trusted sites - set the security level to 'High' Restricted sites - set the security level to 'High'
Content -> Personal information -> AutoComplete -> Use AutoComplete for
Privacy -> Privacy Preferences (5.5,6.0) Advanced
Browsing
Automatically check for Internet Explorer Updates - off [5.0,5.5,6.0] Enable Install On Demand - off [5.0,5.5,6.0] Enable page hit counting - off [5.0] Enable page transitions - off [5.5,6.0] Launch browser windows in a seperate process - on [5.0] / Reuse windows for launching shortcuts - off [5.5] Show Internet Explorer on the desktop - off (don't encourage its use) [5.0,5.5,6.0] Use inline AutoComplete [for Web addresses] - off (this also applies to Start Menu -> Run commands)[5.0,5.5] ...automatically suggest used addresses - on (this also applies to Start Menu -> Run commands) use smooth scrolling - off [5.0,5.5] (makes the page scroll in annoying jumps)
Multimedia
Always show Internet Explorer Radio bar - off [5.0,5.5] Play animations - off (do not animate animated GIFs) Show image download placeholders - on [5.0,5.5]
Java (Sun)
If you've installed and set Sun's Java to be the default for Internet Explorer then it will have a setting here
Use Javax vx.x.x for "<"applet">" (requires restart) Java VM
Java console enabled - on (displays Java messages in View -> Java Console) [4.?,5.0,5.5,6.0] Java Logging enabled - on [4.?,5.0,5.5,6.0]
(logs to %WINDIR%\JAVA\JAVALOG.TXT) JIT compiler for virtual machine enabled - off [5.0,5.5,6.0]
Search from the Address bar
When searching: Just display the results in the main window [5.0,5.5] Security
Check for publisher's certificate revocation [5.0,5.5,6.0] Check for server certificate revocation [5.0,5.5,6.0] Do not save encrypted pages to disk - on [5.0,5.5,6.0] Enable Profile Assistant - off [5.0,5.5] Use Fortezza - off [5.0,5.5,6.0] Warn about invalid site certificates [5.0,5.5,6.0] Warn if changing between secure and not secure mode - on [5.0,5.5,6.0] Warn if forms submittal is being redirected [5.0,5.5,6.0]
is it worth removing all security certificates that come with the default installation?
what about updating the 'cipher strength'? (56bit to 128bit?)
Display (settings)
Screen Saver -> Screen Saver - none (a screen saver was once necessary to save the still image burning into the screen, now it just prevents
the monitor from ever resting (which is good for it) and (as is common with screen savers that didn't come with the operating system) can crash the
system) Screen Saver -> Energy saving features of monitor -> Settings / Control Panel -> Power Management -
10 mins for the monitor; 20 mins for the hard disk; 30 mins for standby (but test the standby as not all systems will wake up from it) Screen Saver -> Energy saving features of monitor -> Settings -> Advanced -> Power buttons -> when I press the power
button on my computer: standby/sleep
Tell me if I'm wrong, but you wouldn't want to press the power-off button on the front of the computer whilst Windows is running
anyway, with the intention of cutting the power, unless something was wrong (in which case you can press the reset button);
let-alone mistakenly pressing the keyboard power-off button and Windows just dropping to the ground without shutting itself
down properly. Sending the computer to sleep can also be useful in saving energy and in making for a quieter environment
(especially if you also have a quiet fan or can set in the BIOS setup to turn the fan off in standby/sleep). However, be aware that many
people aren't accustomed to a sleeping computer and can be confused by it, especially if the BIOS settings are such that moving the mouse
or pressing keys on the keyboard will not wake it. Screen Saver -> Energy saving features of monitor -> Settings -> Advanced -> Power buttons -> when I press the sleep
button on my computer: standby/sleep
Effects -> Desktop icons -> Hide icons when the desktop is viewed as a web page - off Effects -> Visual effects -> Use large icons - off (is this the default?) Effects -> Visual effects -> Show icons using all possible colors - on? Effects -> Visual effects -> Animate windows, menus and lists - off (these are also individually dealt with in TweakUI ->
General) Effects -> Visual effects -> Smooth edges of screen fonts - on (otherwise known as 'anti-aliasing' - you probably don't want
this on if you use image manipulation software (i.e. GIMP, Photoshop) Effects -> Visual effects ->Show window contents while dragging - off - {performance}
Settings -> set optimum 'Screen area' (resolution) and 'Colors' settings for you and your video card.
(You can also use these settings to affect performance, which is dependant on whether the card is built predominantly for games or general use.
checkout page 28 of David L. Farquhar's 'Optimizing Windows (for Games, Graphics and Multimedia) Settings -> Advanced -> General -> Compatibility -> Apply the new color settings without restarting - on Settings -> Advanced -> Adapter -> Refresh rate - set to the maximum permissable for the
monitor and display adaptor so that it doesn't noticeably flicker (and give you brain strain - you want white backgrounds to appear as solid
a white as possible). A setting higher than that supported by the monitor can damage it.
Too high a rate may affect performance (if unsure, 75Hz is a good balance). Settings -> Advanced -> Monitor -> Automatically detect Plug & Play monitors - on (set differently in Win95) Settings -> Advanced -> Color Management - ?
Windows Explorer
View -> Details View -> as Web Page - off (this option won't be available if you've removed Internet Explorer with IERadicator) View -> Status Bar - on (is this on by default?) View -> Toolbars -> Radio - off View -> Toolbars -> Links - off [win95][Win98] View -> Folder Options -> General -> Windows Desktop Update -> Classic style [win95][Win98] View -> Folder views -> You can make all your folders look the same : Like current folder (but be sure the current folder is how
you want them all to be!)
[Win98] View -> Folder options -> View -> Files and Folders -> Hidden files:Show all files
[Win95] View -> Options -> Hide files of these types - off
[Win98] View -> Folder options -> View -> Files and Folders -> Hide file extensions for known file types
[Win95] View -> Options -> View -> Hide MS-DOS file extensions for file types that are registered - off
[Win98] View -> Folder options -> View -> Files and Folders -> Remember each folders view settings - off
[Win95] View -> Options -> View -> Include description bar for right and left panes - off [Win98] View -> Folder options -> View -> Visual Settings -> Hide icons when desktop is viewed as Web page - ? [Win98] View -> Folder options -> View -> Visual Settings -> Show window contents while dragging - off (improves
performance massively when copying files) [Win98] View -> Folder options -> View -> Visual Settings -> Smooth edges of screen fonts - off (improves performance) [win95][Win98] View -> Folder options -> File Types - is there a way to configure these manually? there is in NT
Desktop Aesthetic and Usability Improvements
(depending on how you use them, these can be either per-user or per-machine settings)
organise the Start menu (when everythings installed)
get rid of icons that have been rudely put in prominant places that you don't want there, such as
on the same level as the 'Start' button group 'Programs' into logical sections defined by their subject area when installing programs, if you've chosen the often given hierarchy, of company name then application name, get rid of the company names
organise desktop icons
set Quick Launch bar to be on left hand side of the Windows Taskbar, minimised/background applications on the right organise Quick Launch bar
some people find it useful to have often used programs on the Quick Launch bar. whether they intend to use it or not its best to
remove the Outlook Express icon that is placed there, if its not going to be used, and any other icons that are put there when
their applications are installed. because there exist non-standard pages on the web, designed to only work with Internet Explorer
in particular, it can be worth leaving its icon for the rare occasions people need to use that browser to work around a broken page.
[?%USERPROFILE%? or ?%APPDATA%? [Application Data/Microsoft/Internet Explorer/Quick Launch] organise 'Send To'
for applications that don't automatically do this for themselves, add shortcuts to useful applications or functions in 'SendTo'.
(this can be especially useful for WordPad (if you don't have a preferred plain text editor), IrfanView, BinText, your email program, etcetera).
the easy way to add to 'Send To' is:
right-click on the program executable -> choose 'Create Shortcut' -> cut and paste the shortcut to %WINDIR%\SendTo\
remove unnecessary items from the 'Send To' list
organise Favorites
otherwise known as 'bookmarks', these are available from the Start Menu, Windows Explorer and Internet Explorer. They can be useful for
making shortcuts to directories / folders on your hard disk as well as web sites (though though they won't be dynamically available
to choose from within web browsers other than Internet Explorer).
right-click context sensitive menu
depending on personal preference, it can be a good idea to name desktop icons by that of the functionality they
perform rather than the name of the actual program offering that functionality, as this can be more descriptive to less-aware people
and enable the software to change but the desktop remain consistant
Miscellaneous
set Regional Settings to your geographical region:
'Start -> Settings -> Control Panel -> Regional Settings -> Regional Settings' - set this to the region you want disable the pseudo login process for individual desktop customisation:
Win98: 'Start -> Settings -> Control Panel -> Passwords -> User profiles -> All users of this PC use the same preferences and desktop
settings' (only available in Windows 95 if more than one country loaded, whereas it is perhaps an option in Windows 98 with only the one)
Win95: 'Start -> Settings -> Control Panel -> Passwords -> All users of this PC use the same preferences and desktop settings' - on if still present, delete: 'Online Services'; ‘Inbox’ (perhaps with TweakUI, under the ‘desktop’ section) and
'Internet Explorer' icons from the desktop
set keyboard layout for relevant language(s):
'Control Panel -> Keyboard -> Language' if you use multiple written languages and want to switch easily between them: 'Enable indicator on taskbar', but this does use up some RAM
disable active scripting (the Windows Scripting Host) (unless you know that you need it)
the only way we know to disable it is to uninstall it using Control Panel -> Add/Remove Programs -> ? -> Windows Scripting Host and/or,
if these files exist (they all seem to exist even if you haven't chosen Add/Remove Programs -> Accessories -> Windows Scripting Host),
to move them to somewhere out of the way, i.e. %WINDIR%\quarantined:
Windows Scripting Host (GUI version)
[win95,98]: %WINDIR%\WSCRIPT.EXE Windows Scripting Host (command-line version)
[win95,98]: %WINDIR%\COMMAND\CSCRIPT.EXE Windows Scripting Host (command-line version) DLL
(doesn't always appear to be present)
%WINDIR%\COMMAND\CSCRIPT.DLL Windows Scripting Host runtime library / ActiveX control
%WINDIR%\System32\WSHOM.OCX JScript scripting engine
(this file is re-installed by a fresh installation of Internet Explorer or Microsoft Office)
[win95,98]: %WINDIR%\SYSTEM\JSCRIPT.DLL
NOTE: we used to advise quarantining this but its begun to break the Add/Remove Programs window, atleast in Windows 2000,
causing it to display almost a blank window! VBScript scripting engine
[win95,98]: %WINDIR%\SYSTEM\VBSCRIPT.DLL
registry settings:
Windows 98 supposedly has [HKEY_CURRENT_USER\Software\Microsoft\Windows Scripting Host\Settings\]
Add/Remove Programs -> Windows setup
none of these settings are necessary (unless you know you already use and need any of them). other than these few, everything else is a security risk or can be replaced with something
far better for free.
some can be useful:
System Tools: Character Map; system monitor; defragmenter (on some versions of Windows95, later versions load it automatically) Multilanguage Support: Baltic, Central European, Cyrillic, Greek and Turkish Language Support
Multimedia: Volume Control
Networking: Dial-up Networking
some can be worthwhile to have around:
Accessories: Imaging (if have a scanner, to use as a backup if your scanning software breaks); WordPad; Multimedia: CD Player; Sound Recorder; Volume Control
Networking: Direct Cable Connection
some can be dangerous and we warn you against using them:
The Registry
As a Windows system grows old, its registry becomes bloated with unnecessary space.
it can be can be compacted to save RAM and speed things up.
You can download a copy of these registry compacting batch files: RCOMPACT.BAT,
RRESTORE.BAT and their instructions)
set x:\windows-version.CAB (where x is the drive letter where the Windows installation files are
kept and windows-version is the directory, named after the respective version of Windows, i.e. L:\WIN98SE.CAB) to be the only
directory to look in when updating Windows components:
set HKEY_USERS\.Default\InstallLocationsMRU\a = x:\windows-version.CAB
You may also have to edit the MRUList setting which is a simple list which appears to define the order the directories are listed in
You will also have to set this for other users, if they exist, under HKEY_USERS section
TweakUI
Control Panel -> TweakUI
TweakUI (Tweak User Interface) is part of the Microsoft Power Toys collection of utilities for Windows and as such needs to be installed seperately.
it is available from
http://www.microsoft.com/ntworkstation/downloads/PowerToys/Networking/NTTweakUI.asp or
http://www.annoyances.org/exec/show/tweakui
worthwhile settings (currently this deals only with settings worth changing from the default):
Mouse
General (turn off the fancy interface acrobatics to improve performance/prevent the system focusing any resources on
functionally pointless tasks)
Combo box animation - off (this is also dealt with in Display Properties -> Effects)
List box animation - off (this is also dealt with in Display Properties -> Effects ?)
Menu animation - off (this is also dealt with in Display Properties -> Effects)
Smooth scrolling - off (makes the page scroll in annoying jumps, and affects performance)
Window animation - off (this is also dealt with in Display Properties -> Effects) Explorer
IE
Allow Active Desktop to be turned on/off - off (remove the 'Active Desktop' option from the desktop context sesitive menu so that there's less
chance it'll ever be turned on) Allow changes to Active Desktop - off (meaningless if above is off, otherwise prevent previously set Active Desktop options from being
changed) Clear document, run, typed-URL history on exit - depends on personal preference and/or security policy Shell enhancements - on/off - IE integration. turn the feature off to save resources (atleast saves a little RAM)
but some of it may be useful to people.
This setting enables or disables Active Desktop, Web View, folder customization, the Quick Launch bar, the ability to
right-click the taskbar - the Quick Launch bar and taskbar right-clicking are useful, the rest aren't. Show Documents on Start Menu - on Show Help on Start Menu - on (is this on by default?) Show Links on Start Menu - off
Boot
[Win95,98,Me]
General -> Display splash screen while booting (this is also dealt with in MSDOS.SYS)
Boot -> Always show boot menu -> Continue booting after [1] seconds (can also be enabled by settings in
MSDOS.SYS) (far from essential but useful for aquainting people with this menu that they will undoubtedly fuind useful someday but whose
existance will otherwise likely have been obscurred from them)
New
these are types of document that will appear in the list when the right-mouse button is clicked and you choose 'New', too many of them can be
counter-productive so remove those you're unlikely to use
Paranoia
Clear Last User at logon - on (if are turning on Logon -> Logon automatically at system startup, then you need this)
play data CDs automatically - off (tie up security loophole of programs automatically running, and prevent Windows wasting resources by constantly polling the CD drive)
play audio CDs automatically - off (prevent Windows wasting resources by constantly polling the CD drive)
Log application errors to FAULTLOG.TXT (saves an incremental log of reports given when Windows crashes, which saves typing and can
be extremely useful when troubleshooting)
Logon
Log on automatically at system startup - on (if you're using 'Client for Microsoft Windows'. no password required)
My Computer
[Win95,98,Me]
Folder -> Program Files ->
hide partitions/drives that most people don't need to be aware of most of the time - C:, D: and E: - then they just see
their HOME partition (F:), which makes things simpler:
TweakUI -> My Computer -> remove the check mark from C:, D: and E:
Thin Out Critical Directories For Performance Gain
anything unnecessary in \ anything unnecessary in %WINDIR% move all *.txt that don't have the word 'log' in their name from %windir% to %windir%\docs
(you'll need to create the directory) or delete altogether (Windows 98 has script.doc, htmlhelp.jtm, readme.htm, config.txt, display.txt, faq.txt,
general.txt, hardware.txt, license.txt, mouse.txt, msdosdrv.txt, network.txt, printers.txt, programs.txt, recover.txt, services.txt, support.txt,
tips.txt move *.doc from %windir% to %windir%\docs or delete altogether move *.htm from %windir% to %windir%\docs or delete altogether move *.bmp from %windir% to %windir%\wallpaper or delete altogether move *.gif from %windir% to %windir%\web\wallpaper or delete altogether delete *.scr (screen savers) from %WINDIR%
5. Disaster Prevention
6. Further Windows Housekeeping
clean out ghost devices in device manager whilst in safe mode keep an eye on JavaScript left in the browser cache, these can be huge programs, some of which could be malicious,
perhaps left there to be run in future use the Windows Desktop to store shortcuts (to programs, data, directories, drives, etc), rather than the actual item
7. Clearing Out Unnecessary Files To Make Space And Increase Performance
to make space
feel happy to delete these files other than those with question marks beside them (unless you know more than we do you might be better
off waiting till we can confirm these as deletable or not)
%windir%\*.~mp any file with numeric extension from %windir% Windows needs system.dat, user.dat, system.ini and win.ini but files with the same names yet differing
extensions can be deleted %windir%\*.scr and %WINDIR%\SYSTEM32\*.scr - screen savers. they can contain malicious code *.tmp ~*.* (probably) *.bak %windir%\*.txt .old *.gid da0 - last known good copy of Windows registry?
these directories hold temporary information that can all be deleted unless anyone has inadvertantly stored files there they
wouldn't want to lose:
remove from 'Add/Remove Programs -> Windows Setup' anything you don't require.
however, note these dependencies:
'Windows Messaging' is required for MAPI 1.0 'dialup networking' is required for 'direct cable connection 'Microsoft Fax' [Win95] requires 'imaging' and 'windows messaging'
to increase performance
8. Functionality That Can Be Removed From Windows If You Don't Use It
(dont delete the directories, just the files)
\windows\fonts\ - just those that neither you nor Windows uses \windows\help\ \windows\winfile.exe - Windows 3's file manager \windows\media\ - audio files \windows\Sysbckup\ - ??
\windows\system\dcom95\oldole\*.* ?? \windows\system\oldmapi\*.* - left after Pegasus Mail updates MAPI, should contain mapi32.dll \windows\system\Cfgwiz32.exe - ?? \windows\system\QTJava.zip - ??
9. various fixes / workarounds to common problems
10. Still to add to this document
RAM for contemporary computers is cheap, so write-up an alternative configuration making use of a RAM drive cache. can then set to use
it all or some of: operating system's TEMP/TMP and virtual memory; applications' TEMP (incl browser (disk?) cache); applications' swap. there's info on
how to configure it at http://www.speedcorp.net/guides/ramdrive/. you'd want to have a stable
system before really giving over to this modem - Windows 95, 98, Me registry settings tuned for PPP rather than the default tuning for ethernet:
the maximum packet size that can be transferred over a network without fragmentation. The Internet "standard" for MTU is 576, however most ISP's use
MTU's larger than this. The Windows 95 default setting for MTU is 1500, which is the LAN standard. If a packet is sent across a network that has an
MTU smaller than the size of the packet, fragmentation will occur. This will reduce data throughput, as fragments need to be reassembled. If you
connect to a remote site there is a reasonable chance that your data go through a router with an MTU of 576. Note: After installation of the Dial-Up
Networking 1.3 upgrade the MTU size will be automatically set to 576 for dial-up connections. MSS = Maximum Segment Size of TCP data. MSS = MTU - 40.
The 40 bytes is the size of header and trailer information of one packet. RWIN = Reveive Window, the size of the buffer that is filled before the
received data is acknowledged. Usually RWIN is set to 4 times MSS
MaxMTU software: http://www.mjs.u-net.com/mtuspeed.htm
modem - MTU (Maximum Transmission Unit): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\Net\xxxx\TCP/IP\DriverDesc MaxMTU = 1500
[String Value] this is the default, even when they key isn't set, optimized for ethernet (LAN/WAN, xDSL, cable, satellite modems), not analog
modems
(If you are experiencing problems such as your browser stopping in the middle of a page, an MTU value of 576 might fix the problem)
DUN 1.3 automatically adjusts the IP packet (MaxMTU ) size for dial-up connections depending on the connection speed. The setting toggles between
small (576) for Dial-Up connections and large (1500) for LAN connections. One can also manually set the MTU size under the advanced properties for
the Dial-Up Adapter. Select IP Packet Size and set to small (576), medium (1000) or large (1500)
modem - RWIN (TCP Receive WINdow): HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP DefaultRcvWindow = 2144 [String Value]
modem - maximum MSS (Maxmum Segment Size)
modem - default TTL disable password caching - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network\DisablePwdCaching =1 [DWORD]
and HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Network
and delete all .PWL files (tho this might be annoying for some people and not worth it if their passwords aren't important enough to warrant it) ?SYSTEM.INI? non aggressive cache registry setting for systems with more RAM on a laptop, save resources by disabling:
InfraRed system tray icon
the beeping to indicate PCMCIA card insertion and removal
the power management indicator for mains or battery power (you can set Windows to still warn when power is low) (this battery indicator may have
been what on one system was taking upto 20% CPU cycles whilst at idle) in each area, enable logging, except where it contravenes personal privacy: FAULTLOG.TXT; Dial-up Networking; anti-virus software needs to be able to work in this partitioned environment, and to do that it needs to be configurable, for example it needs to
have a user configurable cache directory.
this is all the more important from the wider perspective of needing the software to play well in a multi-user Windows NT environment new document layout:
The technical summary of what the setting/change does
The non-technical summary of what the setting/change does
Why set the setting or make the change (security, performance, usability)
Windows 95
Menu sequence to make it happen
And/or respective registry setting / INI file setting to make it happen
Windows 98
Menu sequence to make it happen
And/or respective registry setting / INI file setting to make it happen
Windows NT 4
Menu sequence to make it happen
And/or respective registry setting / INI file setting to make it happen
Windows 2000
Menu sequence to make it happen
And/or respective registry setting / INI file setting to make it happen
Windows XP
Menu sequence to make it happen
And/or respective registry setting / INI file setting to make it happen
further points for increased security in very security conscious environments... hide away all parts of Windows
considered unnecessary in daily life that could potentially be used maliciously: FORMAT.COM, FDISK.COM, DEBUG.EXE. there are
many more points to this topic -
Windows NT can be configured for complete and
secure independence between multiple users. Windows 95 and 98
have a limited ability to be configured for multiple users (areas
include desktop, etc, etc). though not especially useful, if you
want to configure Windows 95 so that users can configure these
aspects for themselves, then attend to the following areas:
Control Panel/Users; Control Panel/Passwords; and more...
Network/Identification Network/Access Control ICC profile Windows Explorer, Win95: View -> Folder Options -> View -> Folder views -> You can make all your folders look the same.
Like Current Folder turning off 'Shell Enhancements' appears to atleast save a little RAM (Shell Enhancements are IE integration, one enhancement is Quick
Launch icons: Windows -> Application Data -> Microsoft -> Internet Explorer -> Quick Launch) does System Monitor save its open windows to a file that we can save and offer for download? CHM - install the updated MS version or the slimmed-down version by its original author? how does JScript relate to ActiveX? is it a sub-set (Microsoft JScript is supposed to be less secure than Netscape's JavaScript) display properties - small fonts (so that web pages aren't distorted compared to what their designer intended. and instead how should people change the font size?) E:\TEMP renamed E:\WINDOWS SYSTEM.INI: [386enh] COM1FIFO=1 gets put in by fax software configure 'mail recipient' tune Windows' virtual memory make the Windows 'path' more useful than the default:
add a \utils directory and keep useful system utilities there
Windows 95, 98: add path = D:\utils to \AUTOEXEC.BAT read this: http://www.sohointer.net/howto/tweak_tcp.htm though its advised to use the Windows Desktop to store shortcuts (to programs, data, directories, drives, etc),
rather than the actual item, you can make a workaround for people who aren't aware of this and will store large files on the
Desktop and it potentially fill up the WINDOWS partition (C:) by:
for multi-user systems (this will need to be set for each user seperately):
- create a F:\%username%\desktop directory
- Start -> Settings -> Control Panel -> TweakUI -> My Computer -> Special Folders -> Desktop -> and set it to F:\'username'\Desktop when making drive mappings from Windows 98 to Windows shares, to save Windows checking at boot and complaining loudly
if the shares aren't available, it can just display them as if they were connected and check when you try to use them: client for
Microsoft networks -> Properties -> network logon options -> Quick logon. Scheduled Tasks / Task Scheduler - "For example, there are a few tools (the Maintenance Wizard, for one) that automate the creation of scheduled tasks to
complete various automated functions"
Maintenance Wizard: Start -> Programs -> Accessories -> System Tools -> Maintenance Wizard - use Disk Cleanup thru this or stand-alone to
delete obsolete temporary files
Start -> Programs -> Accessories -> System Tools -> Disk Cleanup or run cleanmgr.exe sound playback and record properties
breakdown of Internet Explorer's Security settings
ActiveX controls and plug-ins (Microsoft's ActiveX (.OCX) is
similar to Netscape's JavaScript (.JS) and
ECMA's ECMAScript)
Download signed ActiveX controls [5.5,6.0]
Download unsigned ActiveX controls [5.5,6.0]
Initialize and script ActiveX controls not marked as safe [5.5,6.0]
Run ActiveX controls and plug-ins [5.5,6.0] (enabled by default in the High setting)
Script ActiveX controls marked safe for scripting [5.5,6.0] (enabled by default in the High setting) Cookies
Allow cookies that are stored on your computer [5.5]
Allow per-session cookies (not stored) [5.5] Downloads
File download [5.5,6.0] Font download [5.5,6.0]
Java
Java permissions [5.5,6.0] - change from 'high safety' to 'disable Java'
(are these all the MSJava files themselves?: JAVART.DLL (Runtime Library), %WINDIR%\SYSTEM32\JVIEW.EXE (VM command line
interpreter), %WINDIR%\SYSTEM32\MSJAVA.DLL (VM). under Windows 2000 these filed will be mirrored in
%WINDIR%\SYSTEM32\DLLCACHE and perhaps %WINDIR%\ServicePackFiles) Miscellaneous
Access data sources across domains [5.5,6.0] Allow META REFRESH [6.0] Don't prompt for client certificate selection when no certificates or only one certificate exists [5.5,6.0] Drag and drop or copy and paste files [5.5,6.0] Installation of desktop items [5.5,6.0] Launching programs and files in an IFRAME [5.5,6.0] Navigage sub-frames across different domains [5.5,6.0] Software channel permissions [5.5,6.0] Submit nonencrypted form data [5.5,6.0] Userdata persistance [5.5,6.0]
Scripting
Active scripting [5.5,6.0] Allow paste operations via script [5.5,6.0] Scripting of Java applets [5.5,6.0]
User Authentication
|