Windows XP for power users

Windows Vista has been released over 18 months ago, and my initial reaction was that this operating system is the most bloated, sluggish crap ever released by Microsoft. Everyone was hoping that Service Pack 1 would relieve some of the pain, but unfortunately Microsoft failed to put any significant performance improvements in. I have come to the conclusion that Vista stays crap and should not be used by any self respecting computer user. It might be an option for the average clueless users that have no notion of security, but anyone beyond that experience level, especially power users like system administrators, should not use any flavour of Vista, but Windows XP Professional.

XP has its limitations too, but with the right kind of measures it can be a very good and safe computer experience. Some of these measures and guidelines:

Always do a clean install

Whatever computer you want to start using, always reinstall it before putting it into service. It might sound strange but this holds especially true for new machines that come with XP preinstalled. Vendors like Dell and HP are known for putting huge amounts of crap on their machines. Software vendors want to sell their stuff to customers, and make deals with PC manufacturars to put trial versions on new PC’s. This means that a new PC is in fact partly sponsored by the software companies. It is easy to see that this strategy is not in the best interest of the actual user of the PC.
It is not uncommon for new PC’s to come with 3 different (incompatible) virus scanners installed, 2 different CD/DVD burning programs, a couple of firewall programs, and loads of other crap.
The way to get rid of this is not to uninstall everything, but wipe everything and reinstall. It is recommended to slipstream the latest Service Pack into your installation CDROM (SP3 at the moment), to avoid trouble installing it afterwards. A possible loophole is the drivers — these usually reside somewhere on disk — so please take care to save these onto a USB stick first.

Don’t install driver packs, but manually point to INF files

Another trap users tend to fall in, is to click the binary installers of the various drivers. While this is not a huge problem, things potentially can get screwed up during this step:

  • Wireless drivers that disable the Windows Wireless Zero Configuration (WZC) service. This is known to happen with Intel cards, and some of the Sitecom cards. Having a custom wireless configuration tool bloats your system and makes debugging very hard.
  • Drivers that install all kinds of management applications. Examples of this are vendor specific control panels for video, audio, etc. The standard Windows control panels are perfectly capable of controlling everything. Only install if you absolutely need their functionality

A convenient way to circumvent this is to extract the actual drivers by opening the installer binary with 7-Zip, and then point Windows at those drivers files.

Dont’ run as Adminstrator

The University of Michigan has a good paper on how to do this. The introduction speaks for itself:

You’ve heard it a thousand times: “Don’t run as admin”. Yet you continue to tempt fate. You log in with admin credentials and surf the wild wild web through whatever minefield it takes you. You open email and attachments with abandon, confident in the fact that you’ve never been hacked before. Yet every once in a while, your heart starts to beat a little faster. Perhaps it happens when you land on some web site you didn’t expect, or when you double click on that unsolicited email or launch some video clip that your friend sent you. Your heart accelerates because you know, deep down, it’s just a matter of time before you do get hacked. And then, because you’re logged in with administrative credentials, you know the price could be big. If you’re lucky, only your ego will be bruised. Worse, the integrity of your system will be compromised and personal as well as private University information will belong to someone else. In fact, it’s entirely feasible that your system has already been compromised and you’re not even aware of it. How do you know that it hasn’t?

If you’re pushing your luck by logging in with administrative credentials, then read this paper. We’ll illuminate the “tips and tricks” necessary to start running as user. You’ll feel better running in a less privileged context, and you’ll be making a critical contribution to the security posture of your unit and the University.

I have been non-admin for half a year now and I have no problems whatsover using my computers. However, right after installation of system you typically spent some time configuring it:

  • installing applications
  • installing printers
  • installing backup scripts
  • customising system options
  • configuring network settings and VPN connections
  • configuring power options

A practical recommendation is to leave yourself Admin until you have installed and configurated your system to the extent that you do not need admin rights during dayly use. This is usually a few weeks after installation. At that point, make yourself a regular user, and switch to Admin only if needed. There is a small list of issues that require manual intenvention, but it can be done, and it is recommended to spent some time figuring out how to fix them, instead of becoming admin again. The Michigan University PDF already contains some practical tips for some of these issues, but I ran into some additional problems that weren’t covered there.

Usually you can right-click and select Run as… to run stuff as admin. You can also use the poormans sudo for Windows: runas. However, you have to type an awkward string each time:

runas /user:administrator regedit

To make things more convenient and appeal more to the power user, place a textfile with this content in your WINDOWS directory and name it sudo.bat 😉 :

RUNAS /USER:Administrator "%*"

Now you press Windows-R -> “sudo regedt32” and off you go!
When you are admin, you can directly run MMC files, but when using sudo or runas you need to supply the application as well. For instance to run the Group Policy Editor, you would run sudo mmc gpedit.msc

Here is an overview of common admin tasks and how to conveniently run them. Note that sometimes there is not option to right-click and select “Run as…”, so you have run commands from a shell (you are not afraid of that anyway aren’t you?).

Formatting removable media Can be fixed with GPO
Configure printers Shift-Click on printer -> Run as… -> Configure
Configure networking Add yourself to Network Configurators group
Group Policy Editor sudo mmc gpedit.msc
Add/Remove Programs sudo control appwiz.cpl
Teletubby user control panel sudo control userpasswords
Normal user control panel sudo control userpasswords2
complete Control Panel sudo control

More examples of how to run specific Control Panel item are listed on

Probably the last option is the best compromise between usability and amount of typing.

Try to stick with default options

Just because it is possible to customize about every aspect of the operating system and the user interface doesn’t mean that you should do so. Some of these customisations lead to poor performance. A good example in this respect is installing 12 Mb desktop wallpaper images. The default theme however (teletubby style) is eligable for replacement. For best results, choose the “Windows Classic” style, and after that choose “Adjust for best performance” in the Visual Effects Tab of the Performance Options.


  1. While i agree with your “Don’t install driver packs, but manually point to INF files” and in fact, most of your points, I cannot agree that not using Vista is any sort of answer.
    XP is no longer being sold, first of all, by microsoft anymore, so it will be impossible to buy new pc’s with XP.
    Second – UAC in my opinion makes managing a domain far easier – forcing users to seek out an administrator when trying to do any sort of administrative tasks (they get prompted for the domain administrators password – which they dont have).
    Whilst it may be bloated, and slower – this is only of concern to gamers, not to buisnesses whos users are running word, excel etc. Any sort of design work gets done on macs, so processing power is not so needed on pc’s in the workplace as much as it once was.
    I prefer vista my self to xp. I dont play games, but doing the little programming and whatnot seems quick. I may be coming from a higher end machine however (4GB ram) but as usual computers take time to catch up with the OS. This was true for XP remember? Loads of users refused to switch from good old win98.
    One thing I can say is that I never switch off my pc anymore, I used to reboot my xp machine all the time, but often a month or to 2 will go by without a restart with vista…

    As for reloading and doing a clean install of XP, i find the same is true of vista. Whenever I give a customer a new PC – sony viao notebooks especially, I make sure that it has been formatted and reinstalled with just the vista disk. Without all the software that comes bundled with the new pc’s vista runs about 100% quicker.

    Lastly, as mentioned briefly, since microsoft want you to switch, to some extent you will have to. If microsoft are no longer going to support XP from June 2009, continuing to use it will be like trying to use windows 2000 over XP. Sure its a good operating system, but without mainstream support, its a dying OS, like it or not.

    One thing I have found in vista is that if you have a large amount of ram, try setting your page file very small – ie 200Mb. This forces vista to only use ram, instead of trying to page everything.

  2. About customisation:

    It doesn’t really matter what size your original desktop wallpaper file is. Whether it’s a 50 kb jpg or a 20 MB bmp, XP will convert it to a bitmap of about 2 or 3 megabytes, depending on your screen resolution.

    Having a large source file may add a split second to your boot up time, but that’s all.

Comments are closed.