Make Windows XP Work Well

My preferences about my PC are that it works flawlessly, starts up fast, and is extremely mobile. The requirement of mobility -- I'm currently using a Fujitsu P1610 -- means that I am often trying to run large, intensive programs like Mathematica on teensy, 1GHz machines with less RAM than is desirable. Over the years, I have evolved a strategy with which I am very happy. I apply this strategy to ten PCs, only two of which are similar, ranging from old IBM X31s to brawny desktops.

Organize your discs, programs and drivers
When you get a new machine, it is a very good idea to create a box in which all software discs live. In addition, create a folder named something clever like "Software" and only download software into that folder. Back that folder up, along with anything else you would be unhappy to lose, onto an external USB hard drive, frequently (more below). That way, you can rebuild the machine if you need to, which is sometimes the only solution (e.g. if you get a rootkit) to eliminating malware. When you are ready to throw a PC out a window because of its performance, it is time to reinstall Windows. For a rebuild to be successful, you need software and drivers (programs that let hardware devices like printers run). Most drivers can be downloaded, but you need drivers for operating the web connection (ethernet or wireless) before you have formatted the hard drive and are no longer connected to the web. Generally PC manufacturers make drivers available free on their website.

Shut down System Restore and Indexing Services
Windows XP, out of the box, is occasionally busy doing other things and not responding to your commands. The two prime causes of this are System Restore and Indexing. System Restore is a useful program because, if you install a program that royally trashes your machine, there is hope of rolling back to an earlier state before the installation. In exchange, however, system restore wants about 10% of your storage and a lot of your computer's processing power. The latter is a deal-killer for me and I turn system restore off. But understand that if you turn it off, you should be prepared to rebuild your PC from scratch when a program wrecks your PC, like the Sony rootkit. I don't rebuild from scratch often, but I am ready to if necessary. Indexing makes search go faster, but at the cost of spending a huge amount of time organizing the hard drive; if indexing only ran when I wasn't using the PC I would leave it on but in typical MSFT fashion, Indexing trumps user input, running when I want to do something else.

Here is how to turn Indexing and System Restore off:

Start -> My Computer -> Right click on C:\, select Properties, uncheck "Allow Indexing Service to index this disk -> Accept "All subfolders"

Start -> Control Panel -> System -> System Restore Tab -> Turn off System Restore

While we are here, let's improve two other settings

Start -> Control Panel -> System -> Remote -> Uncheck both boxes (do you really want people remotely doing anything to your computer?)

Start -> Control Panel -> System -> Advanced -> Performance -> Settings -> Adjust for Best Performance

Now that the programs are off, we can shut down the Indexing and System Restore services, to speed up start up:

Start -> Control Panel -> Administrative Tools -> Services -> Indexing Service -> Startup Type, set to disabled

Start -> Control Panel -> Administrative Tools -> Services -> System Restore -> Startup Type, set to disabled

If you shut off remote help, shut off the corresponding services too:

Start -> Control Panel -> Administrative Tools -> Services -> Remote Desktop Help Session Manager -> Startup Type, set to disabled

Start -> Control Panel -> Administrative Tools -> Services -> Remote Registry -> Startup Type, set to disabled

While we are here, I also disable Telnet, Alerter, Clipbook, Error Reporting Service and Messenger. (Messenger should already be disabled; it has nothing to do with instant messaging.)

Services that are set to manual startup but are running (Status = Started) can be set to automatic, which can make your system boot faster since the system doesn't have to call the service and wait while it starts. This is only worth a second or two, though.

Uninstall unused software
Now go to

Start -> Control Panel -> System -> Add Remove Programs

and scan the list for programs that you don't use, and uninstall them. I recommend removing all toolbars. Toolbars let someone track your behavior and may use system resources. Who needs it? Most programs named "helper" are not.

Security programs

A significant issue with security programs is that they often damage performance as much as viruses. (Of course, hopefully antivirus vendors aren't also stealing your credit card information and selling it to Nigerians.) I have, somewhat reluctantly, given up on MSFT's products here. The MSFT antispyware product works well for preventing and removing spyware, but it occupies a lot of RAM and really bogs down PCs. So here is what I use.

Avira Antivir
Because I have ten home computers, I prefer to use a free anti-virus product. As far as I can tell, none of the paid ones allow me to legally use their product on multiple machines or have an "all PCs in a home" license. Moreover, the famous ones, like McAfee and Norton, tend to slow machines to a crawl. So I use Avira Antivir. There are two good competitors, ClamAV and AVG. I used to use AVG, but Avira outperforms it according to AV Ratings, so I switched. Avira is free, is light on system resources, and appears very effective. The free version shows you a large ad once per day after updates.

You can disable the popup through the following procedure:

    Windows XP Pro:
  1. Start - Run - Type �secpol.msc�
  2. Click on Software Restriction Policy - go to Action (at the top) - Create New Restriction Policies
  3. Right-click on Additional Rules (on the right) - Choose New Path Rule new_path_rule.png
  4. Now click Browse and find the �avnotify.exe� file (C:\Program Files\Avira\AntiVir PersonalEdition Classic)
  5. Make sure the security level is set to �Disallowed� and click OK.

This procedure prevents the execution of �avnotify.exe�, which suppresses the popup window. Merely deleting avnotify.exe will temporarily suspend the popup but the program will replace avnotify.

    Windows XP Home (and Media Center)
  1. Boot into Safe Mode (repeatedly press F8 after boot)
  2. Login under the Administrator account
  3. Navigate to C:\Program Files\Avira\AntiVir PersonalEdition Classic
  4. Right-click �avnotify.exe� - Go to Properties - Security - Advanced
  5. Look under the Permissions folder for a listing of all the system users. Do the following for all the users:
  6. Edit - Traverse Folder / Execute File - Deny - Click OK
  7. Reboot (into Normal mode) when finished

It is a good idea to copy the instructions and paste them into a text file saved on your desktop before booting into safe mode since you won't have internet access in safe mode.

Two antispyware programs
The free version of Avira does not provide spyware protection. Spyware tracks your behavior and communicates it to others, and at worst gives thieves your bank account information. Consequently, it is a good idea to use anti-spyware, and I use two different kinds. Spyware Blaster stops tracking cookies in your internet browser, Internet Explorer and Firefox. The free version requires manual updating and I do this about once per month. Spyware blaster stops the creation of about 10,000 tracking cookies; it is not a program, just a set of browser cookie blocks. Thus, it uses no system resources except when you manually update it. (Don't forget to enable the updated list!) The second program is more active and is named Spyware Doctor and I get it from Google's installer. As soon as I download it, I then uninstall the Google installer, because Google's installer has the potential of tracking my behavior. I don't think it does, but why risk it? Do not get your copy of Firefox from Google's installer because it have Google's toolbar installed and then you will have to uninstall the Google Toolbar too.

Cleanup #1: HijackThis
OK, now we are going to clean up a PC. The first useful program is Hijack This. When you run this program, it gives a list of everything that starts up automatically. Your mission, should you choose to accept it, is to figure out what ought to start up automatically and stop everything else. First rule, when in doubt, do not remove it. Second rule, or more of a strategy really, is to search for the program on Yahoo and see what others say about the program and if it is necessary. (There is an impressive list of startup programs here.) Many programs are necessary and many are unnecessary. Most or all helpers are unnecessary and much of your software has a helper eating up your PC even when you aren't using the program. Hijack This lets you find out what's running and kill the unnecessary stuff. Moreover, you may find viruses and trojans here; these malware programs have to automatically start and generally they will be listed in the Hijack This list. Unchecking them may not cure them; usually antivirus software will find and eliminate them. A few trojans require removal with a complicated procedure you will find by searching on the web.

While we are thinking about fixing things, there are bad programs masquerading as programs to help you uninstall malware! Use a major antivirus vendor, CNET, Bleeping Computer, Major Geeks or other reliable source of information. By the way, Yahoo Search provides the McAfee assessment of safety; for this kind of thing, only go to sites rated safe. (Disclosure: I work for Yahoo!)

You can also prevent some programs from automatically starting by going to Start-> Run, enter msconfig and hit return/enter, and then look at the startup tab. The same principle applies; uncheck only when you have established the program is unnecessary. These can be readily restarted simply by checking the box. You will see, when you restart, a notice that you changed the configuration. This is normal.

Cleanup #2: CCleaner
The second program we are going to use is CCleaner. This program does two things. First, it will identify unnecessary files, like those left over from Windows Update. (I uncheck cookies when I run this program because spyware blaster insures that the undesirable cookies are already expunged and I want to keep the rest of them.) On a system that has been running for a year or so, CCleaner will often free a GB of space on the hard drive, which rarely matters much unless you have a small drive like an SSD. What CCleaner does that matters is its second function, fixing the registry. (Click Registry and then Scan for issues.) I fix them without backing up; it has never created a problem for me, but YMMV.

A fact of life is that no program uninstalls properly. There is no incentive for a program to uninstall properly, since after all you are leaving the program when you uninstall it. The fact that programs uninstall at all is a testament to human altruism. CCleaner will clean up bad uninstalls; if you have never run it, there are probably 250 registry problems to fix. Run it more than once; the first run, by fixing some problems, may cause others to become apparent, which are indentified on the second run. The first time I use CCleaner on a system, I'll actually run it a few times, shut down, and then restart and run it again. It is a great program in my experience.

Cleanup #3: Registry Defrag
Our third program is Registry Defrag. This program is especially useful on a machine that has had a lot of software installed over the years. It re-orders the registry (the Windows file which tells XP how everything works, which we just fixed up with CCleaner) for a faster boot, eliminating unnecessary pieces. An additional way to do this is Bootvis, but as it is no longer supported by MSFT, use at your own risk. (If it matters, I use it on systems that boot slowly, meaning more than 75 seconds from pushing the power button to full functionality. I can usually get to 60 seconds on a laptop.) You can also defrag your hard drive:

Start -> My Computer, right click on C:\, choose Properties, Tools tab, and Defragment Now.

Rootkit Search
When there are inexplicable problems, try Rootkit Revealer. Finding Rootkits is apparently a super-hard problem, and so before you recycle the machine, just start over and do a fresh install of Windows XP, which always works. Be careful not to reintroduce the problems, which may be concealed in your documents or software. Don't install programs that might be unsafe; read about them on the web first. Games are especially likely to add viruses and spyware. Ostensibly legitimate firms like Sony and Adobe do terrible things to computers on occasion as do companies you have never heard of.

Backup software isn't worth using
It is an unfortunate fact of life that backup software does not work. The odds of recovering your system and returning it to a functioning state are slim; worse, if you rely on backup software and it fails, usually you have nothing. Consequently, it is critical to back up your important documents; if you have that and the software, you are about 5 hours away from a freshly installed, fully functional, good as brand new Windows XP computer. It is scary the first time you reinstall but it is the right thing to do to a dysfunctional machine.

Backup My Documents folder
It is a really good idea to back up your documents daily. Here is one easy way to do this. On a desktop, you need a second hard drive; an always-on USB drive connected to your PC works fine. On a laptop, you also need a second drive, and a CF card or SD card (depending on your laptop's slot) is pretty much the only choice; most laptops have some card reader. Once you have a target drive, do two things; keep all your documents in the My Documents folder, and mirror it on the second drive. By putting a mirror command in the startup folder, you get a backup every time you start your computer. I use a paid program called Vice-Versa for this task, but MSFT has a perfectly adequate free program, SyncToy, for this purpose. Vice Versa is great if, in addition, you want to synchronize parts of your folders to a USB key and then synchronize the USB key to another PC, even keeping several PCs up to date.

To put the command in the startup folder, right-click on Start, choose Explore, and navigate to Start Menu\Programs\Startup and drop the shortcut for the program there. Mirroring or synchronization programs generally will create an icon which when clicked automatically runs the program; it is this icon that belongs in the startup folder.

Don't forget Outlook or Outlook Express
If you are an outlook user, don't forget to export your information to the backup drive periodically, File -> Import and Export -> Export to a file -> Personal File Folder (.pst) -> and then select the top category (name varies by user) and click the subfolders box.

This is a pretty good article for detecting the worst infections, and contains the following detection advice:

Essential or Free Programs

Firefox
Every Windows XP user should use Firefox. MSFT integrated internet explorer into the operating system. This let MSFT kill Netscape and survive the antitrust effort (since MSFT had to give it away free because it is part of the operating system) but it left IE integrated in the operating system, which means a malicious website has a much easier time taking over your PC. It is a bit harder for a malicious website to take over your PC if you visit the site in Firefox, so there is a bit more security. Firefox is not a substitute for antivirus, though.

Firefox Extensions
Once you have Firefox, there are a couple of very useful extensions. These are Weather, which gives current weather at a location in the bottom of the window, UI Tweaker which makes controlling settings easy, SiteAdvisor, which offers advise about risky sites, and Adblock Plus, which allows you to control third-party advertisements. Adblock can block legitimate content, so use it at your own risk.

Kill most cookies
It is a good idea to set the default for Firefox to keep cookies only for the session

Tools -> Options -> Privacy, check "Keep Cookies until close Firefox."

You can add sites that you want to remember you (e.g. Amazon, airlines, eBay, etc.) to the exceptions. You will see a big (10K+) list of exceptions created by Spyware Blaster, which prevents cookies from known trackers.

Replace Acrobat
I have written about how to Dump Acrobat and since Acrobat is both slow and installs lots of useless helpers, it is the first thing I do. Most PCs come with the reader installed. Uninstall it. Contrary to what most websites say, you do not need Acrobat to read pdfs; there are at least three other pdf reads, all of which work better than Acrobat.

Backgrounds
To replace the standard Windows backgrounds, take a look at these free Wallpapers. Save one to your My Documents folder (any folder), right click on the desktop, choose Properties, Browse to the picture, and select "Save."

FTP
If you use FTP, the free program Filezilla is what I use.

Tweak UI
MSFT's Tweak UI lets you change a large variety of hidden windows settings. I need it just for taking the words "Shortcut to" out of shortcuts I've placed on the desktop.

Media Player Classic
Windows Media Player is an enormous program that has unavoidable moving images that may or may not move to the music but seem irritating if you aren't in fact using LSD and just want to listen to music or watch a movie. I use Media Player Classic. It is very lightweight and plays pretty much everything. Now, it won't start automatically the first time. Instead, when you click on a media file like a .mpg, .mpeg, .wav, .mp3, or .avi, you need to instead right click, choose "open with," navigate to Media Player Classic (I keep it in my My Documents\Software folder) and check the box "Always open with this program." Then it will work from then on with that file type.

Image Editing
To edit photos for the web, I used to use the free Paint.net. Easy, works fine. I've used five or six programs, and each has a feature I really like that is unavailable in the others. One adjusts. However, now I've started using Faststone Image Viewer because it makes cropping, resizing and removing red-eye, the three things I do most, fast, easy and of good quality for the web.

To speed up the processing of photos, I often use two other programs. Bulk Rename Utility is a somewhat challenging to learn program that works great and can rename to any formula I need. Photoresize400 can resize pictures to your specifications -- reducing to a maximum height or width, whichever binds, and process an entire of folder of photos to the desired dimension. The program works in a somewhat odd way -- you rename the program and that tells the program what size the photos should be. The original settings have very low quality; an H added to the name cures that problem. I use the name PhotoResizeF800x800iH.exe, which makes each photo a maximum of 800 pixels in either direction, overwrites the existing image and invokes high quality.

More resources:

Lifehacker is full of good advice, including helpful programs. Download Squad is all about helpful, and a few time-wasting, programs. Blackviper provides more information than MSFT itself, and in a much more usable format, although still requiring an understanding of XP services and expecting you to try things, see how they work, and adjust if they don't. In contrast, this page is for things which, in my experience, always work. (As always, YMMV, code for your mileage may vary.)

Preston McAfee, May 17, 2008, Revised Dec 2008.