PRIVACY / SECURITY

• Switch to classic searching style in both explorer and ie, so queries will not be collected & sent to microsoft. (tweakui -> explorer -> settings) ref: a privacy policy that MS has removed
• Remove microsoft knowledge base from help and support center. (help & support -> options -> set search options)
• Disable media player identification / licenses / codec download. (xp-antispy, or media player -> tools -> options -> player)
• Disable error reporting to microsoft. (system properties -> advanced -> error reporting)
• Disable remote assistance & remote desktop. (system properties -> remote)
• Disable automatic updates. (system properties -> automatic updates)
• Disable services: error reporting, automatic updates, background intelligent transfer service, universal plug-n-play, remote registry, maybe remote desktop help.
• Disable NETBIOS over TCPIP. (local area connection -> *microsoft* & internet protocol properties -> advanced -> WINS)
• Add lots of hosts to windows\system32\drivers\etc\hosts using loopback ip address (e.g. 127.0.0.1). Especially: sa.windows.com, sa.microsoft.com (used by help / search assistant), go.microsoft.com (used by Program Compatibility Wizard).
• Disable cd autoplay (HKLM\system\currentcontrolset\services\cdrom -> autorun, or tweakui -> my computer -> autoplay -> types)
• Disable or remove support user accounts.
• ?Rename the administrator account?
• Install a firewall that will block outgoing traffic by application. (Agnitum Outpost seems quite good, although the 1.x versions can cause some versions of Windows XP and 2000 to crash.)
• Remove or hide all "internet" games under the start->programs->games menu.

BUGS

• Install the latest Intellipoint mouse drivers or Logitech mouse drivers to keep ie from going back a page when the mouse wheel is rolled upward through a KVM switch. (I'm currently trying the Intellipoint driver, and telling it that I have a Microsoft Wheel Mouse.)

CONVENIENCE / CONTROL

• Search for *.msc in \windows, and place wanted items (e.g. device manager & group policy editor) in the start menu.
• Add a shortcut for mplayer2 to the start menu.
• Add a shortcut for etc\hosts to the start menu.
• Edit \boot.ini with /SOS, etc. (options listed at http://www.sysinternals.com/ntw2k/info/bootini.shtml)
• Configure explorer to taste (e.g. explorer window -> tools -> folder options)
• Disable "manipulate connected files as a unit" (tweakui -> explorer -> settings)
• Use google for ie search pane. (http://www.google.com/google.reg / http://www.google.com/default.reg)

PERFORMANCE

• Use windows classic display theme.
• Disable unnecessary effects. (display properties -> appearance -> effects, system properties -> advanced -> performance settings)
• Reduce system restore disk space. (system properties -> system restore)
• Reduce recycle bin disk space.
• Disable autostart of msn messenger.
• Remove unused windows components, such as msn messenger.
• Enable UPS monitor.
• Reduce thumbnail image quality. (tweakui -> explorer -> thumbnails)
• Use bootvis.exe to optimize boot sequence. (file -> new -> next boot trace, reboot, trace -> optimize system -> reboot)
• Set control panel -> program events -> windows explorer -> start navigation to (none)

UTILITIES / INFO

• TweakUI, and other PowerToys for XP
• xp-AntiSpy
• Ad-aware, a free spyware detection and removal utility. There is a USA site as well.
• TweakXP.com (lots of tweaks, some correct information, some incorrect)
• Slashdot discussion of sa.windows.com connections
• The Register article on XP Search Assistant
• Sample hosts files for blocking ad and spy servers:
  http://www.accs-net.com/hosts/get_hosts.html
  http://www.smartin-designs.com/
  http://yoyo.org/~pgl/adservers/
  http://winfosec.com/features/five/HOSTS.txt
  http://www.ecst.csuchico.edu/~atman/spam/adblock.shtml
• Custom privacy policies for Internet Explorer 6:
  How to Create a Customized Privacy Import File
  Internet Explorer Administration Kit