New to Windows 7 on SSD drive

I'm not sure about the security configuration of Windows 7 with a small SSD drive, so I wanted to ask. Here's what I had in mind:

60 GB SSD Drive Labeled "System" C:
System Programs (maybe 20-40 GB)
Pagefile (Keeping the pagefile on SSD will probably make OS faster)
--------
Secured by a System Image and :
Deep Freeze (anti virus)
Rollback Rx (anti bug)
(Shadow Defender is not compatible with SSD & TRIM)​

1 TB USB v3.0 Labeled "Data" D:
System Image Backup
Applications/Games
Users Folder
Sandbox Folder (for preinstallations)
--------
Secured by Sandboxie + a File Integrity Checker + a Virus Scanner on Downloads:
AVZ
Kaspersky Virus Removal Tool
ClamWin
​

1. After Windows 7 installation have all driver updates from your motherboard vendor ready
2. Enable display of hidden folders and files in explorer and check what temporary folders are created during drivers update
3. Update BIOS and check BIOS settings (that it supports virtual machine etc.)
   And set use of AHCI (not IDE) for SSD
4. Update Drivers (processor, SSD, SATA, USB etc; old processor driver might not support SSD TRIM function)
5. Check in system that all hardware & drivers are working and delete again temporary folders created during updates
6. Use USBDLM to secure a letter for drive users folder is to be redirected to
7. Redirect Users folder to "Data" partition as described here.
8. Turn off:
   • Indexing (probably useless if system is frozen with DF or Rollback RX)
   • Windows Restore (it has issues with SSD TRIM & to use less space on SSD)
   • Hibernation Option (SSD boot should be just as fast) Enter cmd (command prompt): powercfg -h off
   • Splash Screen: Winkey + R, type MSConfig and enable NO GUI Boot
   • Prefetch, Superfetch, Boottrace for SSD in regedit: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SessionManager\MemoryManager\PrefetchParameters and set them to 0
   • Windows Defender
   • Defrag schedule for SSD drive (do not defrag SSD!)
   • Windows Update (because system will be frozen)
9. Lower Recycle Bin to 200MB to save space on SSD and reduce writes.
10. Install additional Themes and setup background rotation and power savings
11. Install Desktop Gadgets and configure icons, menus and explorer
12. Check Pagefile location and size (Keep it on SSD for faster OS or on "Data" drive for more space)
13. Check graphics card settings (highest res), Processor settings and perhaps SSD configuration
14. Install System Tools:
    • Deep Freeze
    • CCleaner
    • Fraps
    • Daemon Tools Lite
    • DirectX (game edition)
    • Redistributionable packages
    • 7zip
    • Sandboxie
    • File Verifier++
15. Check Windows 7 install list
16. Run all system tools and do setup
17. Defrag SSD system drive
18. Set all programs auto update to off
19. Put Internet Explorer in sandbox
20. Create a Sandbox folder on "Data" drive
21. Run CCleaner
22. Create System Image and save it to "Apps" drive
23. Freeze System with DF and Rollback RX

 

Do NOT defrag the SSD drive. It only creates unnecessary reads and writes. Aside from that, your list is pretty comprehensive. Only thing that I would add would be the SATA drivers, if you have a Intel chipset powered system.

 

> 22. Create a Sandbox folder on "Data" drive

I could create the normal SandboxIE used folder to browse on a RamDisk drive.

 

Thx. Apparently Windows 7 is not very flexible concerning small SSD drives, so the setup list becomes comprehensive when you need to move users folder etc. Maybe Windows 7 does it automatically but it is also suggested concerning SSD, that one turn off Prefetch, Superfetch and Boottrace.

Btw I'm also planning to reduce IE temp files directory size
Set Firefox to use memory as cache instead of using disk
And turn off Windows Logs all except "Eventlog-Application, Security, System and Security-Essentials"

The processor is an Intel i7-2600 3.40 but I don't think it needs SATA drivers update, because I'm going to use an USB v3.0 portable drive.

 

Hi Smuck

Here is some information that you might find of help :- SSD Optimization Guide

Take Care
TheQuest

 

this is great!
Thanks for the link!

 

Thx, good to know that SSD require AHCI and not IDE.

I think it's better not to split Applications from Users Folder on "Data" drive in two partitions, cause they do belong together.

But how should new downloads be treated securely? The system is frozen and the downloads are in a sandbox folder until scanned. But should they be scanned with Windows Defender or MSE? Or can I just as well turn off Windows Defender since the system is frozen with Deep Freeze?

I'm neither so sure about how to secure drive letter for link to Users folder from system before login?

 

Just use it as it is.
Mrk

 

Yeah, why not install fishy windows 8, that surely must be an update and use it as it is. You have to be sherlock to even find it