dslreports logo


5.1 Customization and Performance

Outlook Express
    1. Run regedit
    2. Go to the key named something like HKEY_CURRENT_USER\Identities\{EC7994FF-9DB7-4854-B5F1-C3D3956DED35}\Software\Microsoft\Outlook Express\5.0
    3. Add a new DWORD called "NoSplash"
    4. Set it to "1"
Note - {EC7994FF-9DB7-4854-B5F1-C3D3956DED35} may be a different combination of alphanumeric characters but it's the only one under the Identities directory.

For IE 5 and up:
  1. Run regedit
  2. Go to the following structure HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Infodelivery\Restrictions
  3. Add a DWORD called NoSplash and set the value to 1

by MSeng See Profile
last modified: 2002-09-02 12:12:28


Originally submitted by Tommy G:
I see quite a few post just about weekly where people cannot keep IE (Internet Explorer)Maximized or have it open Maximized or having any "Open New Window" to open Maximized so I thought I would post this "How To" for everyone...

If your IE is not corrupted, this should work but you must follow all of the steps that I am listing...If you don't follow all of the steps or do them in the order I am listing them, then it will not work for you..I hope this is helpful for those of you who have asked about it..
      •Open IE making sure it is Not already maximized.•Using your mouse, stretch the window to maximize size making sure before you do this that the window is not already in the maximized position..You need to do this when it is the regular size (restore) window size.•After you stretch the window to the maximize size, close IE.•Now open IE and click on the Maximize button.•Now close IE again.
If you follow the steps exactly, the next time you open IE your windows should open maximized and also, all of your "Open New Window" windows should also open maximized (or to exactly how far you stretched it in Step 2)

And always remember to close the main window Last or you'll have to do it all over again.

And for those of you who always Right Click to open a new window, you can also open a new window by holding down the Shift Key while you Left Click on the link..

And to make your window go full screen just press F11 and F11 again to go back to normal.


Added - 12/03

An alternative to the instructions above is a little freeware program that is repeatedly mentioned for this problem - IE Maximizer.


Feedback received on this FAQ entry:
  • Thanks alot this really worked. It was really anoying until you helped.However it did take me several tries because I was trying this with a shortcut that I saved to my desk top(including this page that I saved to my desk top). You must actually use the IE program for this to work. Thanks again.

    2013-03-01 15:14:31

  • Tommy G. Right on brother. Your instructions were simple and effective. It worked for me, thanks.

    2013-02-10 12:57:27

  • I had the same problem and tried all the fixes listed on numerous posts none of them worked until.....Move your mouse to the taskbar, right click, there are three choices: cascade windows, show windows stacked and show windows side by side. If any of these are turned on you'll see turn off (which ever one is on) click the turn off then do the steps to open maximized.

    2012-11-19 10:16:13

  • IE 9 fixed this problem for me.

    2011-07-22 22:23:52

by MSeng See Profile
last modified: 2003-12-20 21:38:27

Found at WinGuides.com. As always, backup the registry before making any changes.
This setting specifies whether a new process is created for each instance of Internet Explorer that you start. This can prevent one instance of Explorer from affecting other instances if it stops responding.

Open your registry and find the key below.
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\BrowseNewProcess]

Value Name: BrowseNewProcess
Data Type: REG_SZ (String Value)
Value Data: Yes or No

You may need to create the key if it does not already exist.

Create a new String value, or modify the existing value, called 'BrowseNewProcess' and edit the value according to the settings below.

Exit your registry, you may need to restart or log out of Windows for the change to take effect.

Note: Normally this is automatically enabled or disabled based on the amount of random access memory (RAM) that is installed in the computer. If the computer has less than 32 megabytes (MBs) of RAM installed, this setting is disabled. If there is 32 MBs of RAM or more installed on the computer, the setting is enabled.

by MSeng See Profile
last modified: 2002-09-02 12:13:00

Found at WinGuides.com. Always backup the registry before making any changes.
When you browse the Internet using Internet Explorer or read messages using Outlook Express, a logo is displayed indicating whether activity is taking place. With this tweak you can modify which logo is shown, customize it or reset it to the default.

Use Your Own Animated Logo
There are two bitmap files used to display the animated logo, both can be identical except for the size, one is 38 pixels wide and the other 22 pixels.

Using an image editor, such as MS Paint, create an image similar to a roll of film, where equal sized "frames" are a stacked vertically within the one larger image. For example, a large icon, with 10 frames, would be 38 pixels wide and 380 pixels high (38 pixels x 10 frames = 380 pixels high).

When active and the logo is animated, the top frame is shown first, then the next, an so on, until the last frame is reached and the image loops. Similarly, when the application is idle, the first frame is shown statically until further activity, that is unless an alternate non-animated logo has been defined using the technique below.

Once you have created the icons you need to register them by opening the key [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar] in your registry.

Then create two new string values, or modify the existing values, named 'SmBrandBitmap' and 'BrandBitmap' and set their values to equal the full filename of the small (22 pixel) image and large (38 pixel) image respectively.

Use Your Own Non-Animated Logo
These images are shown when the application is idle, as with the method above there are two images one small 22 x 22 pixel and a larger 38 x 38 pixel. To activate them open the key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main] and create two string values named 'SmallBitmap' and 'BigBitmap' setting the values to equal the filenames of the images.

Reset to the Default Logos
To restore the default animated logo, delete the 'BrandBitmap' and 'SmBrandBitmap' string values found under the registry key [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar].

To restore the default idle logo, delete the 'SmallBitmap' and 'BigBitmap' string values found under the registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main].

Restart Internet Explorer or Outlook Express for the change to take effect.

by MSeng See Profile
last modified: 2002-09-29 15:27:21

Found at AXCEL216 and originally submitted by Roctagon in the thread below:

BROWSING SPEEDUP

by MSeng See Profile
last modified: 2003-02-11 20:45:22

Submitted by mrchipb:
Regardless of whether you choose to install over a network or download the installation files to your hard disk, some or all of the Setup files are copied to your hard disk. This allows you to reinstall more quickly if necessary. If you want to reclaim the disk space, you can remove the Setup directory.

To remove the Setup directory:
      •In Control Panel, double-click Add/Remove Programs, and then click Internet Explorer 6.•Click Add/Remove.•Make sure the Restore the Previous Windows Configuration check box is selected, and then click Advanced.•Click Remove Folder Containing Windows Update Setup Files, and then click OK.•When prompted whether you want to continue, click Yes.
NOTE: Depending on your options, this can free up 10-20mb of space. Also, you would no longer be able to re-install IE6, from your hard drive.
This does not affect the repair function.

by MSeng See Profile
last modified: 2003-02-11 20:46:04

submitted by gt7697c:

Notes

    •The tweaks mentioned only apply to Win 2k Pro and XP Pro. You must be logged in as the admin of the system in order to make these changes.•Before you lock down IE make any branding changes first.


Prevent Homepage and Branding
Start up Group Policy Editor and go to User Configuration\administrative templates\Windows Component\Internet Explorer and enable the following Disable settings:
    •Disable Search Customization (I was at a web site that changed my search page, now nothing can change it until I allow the change.)•Disable External Branding of Internet Explorer (Very important to have it enabled.)•Disable importing \ exporting of Favorites (Very important to have it enabled.)•Disable changing Advanced page settings•Disable changing home page settings (Very important to have it enabled.)•Disable changing Temporary Internet files settings•Disable changing color settings•Disable changing link color settings•Disable changing font settings.
You also may want to Lock your Toolbar in IE from being changed as well as well as buttons. Go to User Configuration\Administrative Templates\Internet Explorer\Toolbars and enable the Disable Setting for these two items:•Disable customizing browser toolbar buttons
•Disable customizing browser toolbars
Brand IE
Start the Group Policy Editor and then go to User Configuration\Windows Settings\Internet Explorer Maintenance

Highlight Browser User Interface and on the right you are presented with everything you need to customize IE including (but not limited to) Browser Title, Animated Bitmaps, Custom Logo and Browser Toolbar Buttons. You also get the ability to add as many toolbar buttons as you need. If you select URLS then Important Urls you can set your Homepage URL, Search URL, and Support Page URL permanently.

by MSeng See Profile
last modified: 2003-02-11 20:46:33

This registry edit works in all versions:
    •go to Start-->Run, type regedit and press ENTER.•Browse to the following key -
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title•Create a new string value, or modify the existing value, to equal the title you would like.
Windows 2000 and XP Pro users can accomplish this by using the Group Policy Editor (gpedit.msc) and changing the Browser Title under User Configuration-->Window Settings-->Browser User Interface.


Feedback received on this FAQ entry:
  • Thanks so much for the clear-cut directions!!

    2008-06-23 15:22:44

by MSeng See Profile
last modified: 2002-09-02 12:14:02

Outlook Express 5.0 and 6.0 users...

Open the Registry Editor (Start-->Run-->regedit), drill down to the following key and modify the data to what you want to appear:

[HKEY_CURRENT_USER\Identities\{*UserID#*}\Software\Microsoft\Outlook Express\5.0\WindowTitle]

Note: Delete the value of 'WindowTitle' to change the title back to the default.

by aeroman See Profile edited by MSeng See Profile
last modified: 2003-02-01 20:02:20

    ActiveX control and plug-ins....Fig 1 Default Level recommended settings
    ActiveX technologies are built using Microsoft's Component Object Model (COM) and have the ability to access everything on your computer, all folders, all files, everything!. ActiveX control and plug-ins can include many things such as web forms, sound and graphics and installation programs. Some of the names associated with ActiveX and benign in nature are Microsoft Windows Media Player, Macromedia Shockwave, RealNetworks RealPlayer.Unfortunately there are forms of ActiveX that some refer to as trojanware and are asociated with names such as Comet Cursor, Xupiter, Gator\Gain, Bonzi....etc. The controls for ActiveX were designed so that you can trust or not trust the person who developed the control. This is done through signatures.
      Download signed ActiveX controls and plug-ins....Fig 1a Security Warning popup
      ActiveX controls and plug-ins have a facility for signing by the developer by checking the developer certificate.Digital certificates are electronic credentials that verify an individual's or an organization's identity on the Web. The identity of the digital certificate owner is bound to a pair of electronic keys that can be used to encrypt and sign digital information, assuring that the keys actually belong to the person or organization specified. A valid digital signature, though, does not necessarily mean that the software is without problems. It just means that the software originated from a traceable source that you may choose to trust and that the software has not been tampered with since publication. Likewise, an invalid signature does not prove the software is bad or dangerous, but just alerts users to potential dangers and problems.
      Download unsigned ActiveX controls and plug-ins....Fig 1b Security Warning popup
      This option determines whether users may download unsigned ActiveX controls from the zone. Such code is potentially harmful, especially when coming from an untrusted zone.
      Initialize and script ActiveX controls not marked as safe
      Many ActiveX Controls are initialized with persistent data, which is either local or remote, and most ActiveX Controls are scriptable (they support a set of methods, events, and properties). Both initialization (with persistent data) and scripting require certain safeguards to ensure that security is not violated.
      An example of a control that poses a security risk at initialization time would be a data compression/decompression control. If the user pointed this control to a remote, compressed file that contained a Trojan-horse copy of a system file (such as Kernel.dll) and requested that the control decompress this file, system security could be breached.
      An example of a control that poses a security risk at scripting time would be a control that relies on certain system settings before a script can be safely executed. It would be up to the control developer to provide the necessary code that retrieves the system settings before allowing the script to execute.
      Run ActiveX controls and plug-ins....Fig 1d Security Warning popup
      Determines whether a Control or Plug-In is allowed to run assuming it has already been downloaded and is on the machine. An example would be if you had already downloaded Windows Media player.
      Script ActiveX controls marked safe for scripting....Fig 1e Security Warning popup
      Indicates that it is permissible to invoke the control from a script contained in a web page, using data and parameters provided by that page. In essence, a control marked "safe for scripting" is an assertion by the author that the control has implemented its own "sandbox" and cannot be used by an intruder to damage or compromise your system. Because you must rely on the author of the control to implement this "sandbox" correctly, controls marked as "safe for scripting" require an especially high degree of trust.
Downloads....Fig 2 Default Level recommended settings
    File download....Fig 2a Security Warning popup
    While downloading files is an everyday occurence....downloading files from the Internet can be dangerous. Trojan horses love to hide in games and other programs users frequently download from the Internet. Some versions of the popular Whackamole game are actually Trojan horses that install Netbus, which lets hackers take complete remote control of your computer. Letting users download files also makes it easy for malicious users to bring hacker tools into your network (like the password sniffer in L0phtcrack).
    Font download....Fig 2b Security Warning popup
    This option determines whether Web pages within the zone can download HTML fonts.

Microsoft VM....Fig 3 Default Level recommended settings
Microsoft VM (Virtual Machine) is the software in your browser that allows Java Applets to be fully functional.
    Java permissions
    Your browser displays what HTML code says, but Java goes beyond display and actually executes what the Java says to do. Java is a language that can execute commands to access your files, other computers, even your printer. Because of this, Java must be handled with care. For the novice, recommended settings for your Internet Zone are "High Safety". This will allow Java to function without allowing access to files, printers, or other computers. Additionally, it won't allow any new windows out side of the IE window.


Miscellaneous Options....Fig 4 Default Level recommended settings
    Access data sources across domains
    Controls cross-domain data access. Cross-domain data access can open the door to various spoofing attacks.
    Allow META REFRESH
    The Meta Refresh setting (tag) enables the author of a Web page to redirect your browser to another Web page after a specified amount of time.
    Display mixed content....Fig 4a Security Warning popup
    When you browse to a secure web site(Https\SSL(Secure Sockets Layer) your information that you provide, such as your name or credit-card number, is encrypted so that it can't be viewed by other people. However, that page may also contain items that do not use this secure protocol. This is referring to miscellaneous images or navigation bars, which do not need to be encrypted. All personal information you send and receive should still be encrypted.
    Don't prompt for client certificate selection when no certificates or only one certificate exists
    This option specifies whether users are prompted to select a certificate when no trusted certificate or only one trusted certificate has been installed on the computer.
    Drag and drop or copy and paste files
    Controls whether users can drag-and-drop files or copy and paste files.
    Installation of desktop items
    Controls whether or not users can download and install Active Desktop content.
  • Launching programs and files in an IFRAME
    Controls whether applications may be run and files may be downloaded from a floating frame (IFRAME).
  • Navigate sub-frames across different domains
    Prevents frame spoofing (e.g., inserting a malicious page within a frame in a legitimate web site). Introduced in version 5.
  • Software channel permissions
    Controls whether or not an email message it sent with notification of available software for download, and whether or not that software can be installed.
  • Submit nonencrypted form data
    Controls whether data in HTML forms may be submitted. Only affects non-SSL form data. Forms sent with SSL encryption are always allowed.
  • Userdata persistence
    Enables objects to persist data, such as page state in user data. Used within an XML store.


  • Scripting....Fig 5 Default Level recommended settings
    • Active scripting....Fig 5a Security Warning popup
      Current security vulnerabilities that exist in Microsoft's Internet Explorer web browser exist in the service called "active scripting". Active scripts are programs written in Javascript, or sometimes Microsoft's VBScript and ActiveX. If you ever go to a URL that has an ".asp" extension, you are most likely running a script, or program, off of that server. Active scripting is one mechanism by which worms can enter our computing environment, infect your PC, and then use your PC to launch attacks elsewhere. There is also a risk that such attacks could release personal information such as cookies containing passwords, URL's, and credit card information.
    • Allow paste operations via script
      Since Internet Explorer ("IE") version 5.0, there has been a way to read and set the users clipboard text using script. This can be handy for web-based applications but can be used in a malicious way to steal the clipboard contents. It is easily possible to monitor the contents of the clipboard, and send it to a remote server-side script for processing. The remote script could then save the clipboard text in a database, or e-mail it to the evil overlord script creator. By itself this doesn't cause much harm, but users can often copy sensitive information to the clipboard....e-mails, addresses, passwords, pictures....which could then fall into the wrong hands.
    • Scripting of Java applets
      A java applet downloaded from the web runs on your system in a secure environment called the sandbox. An applet running in the sandbox is not allowed to do anything that could violate the security of your system. In particular it can't read or write files.


  • User Authentication....Fig 6 Default Level recommended settings
    • Anonymous logon
      Disables HTTP authentication and uses guest access for CIFS (Common Internet File System).
    • Automatic logon only in Intranet zone
      Logs on automatic on all intranet sites and prompts for username and password for sites in all other zones.
    • Automatic logon with current username and password
      Configures Internet Explorer to attempt to logon using Windows NT Challenge Response (also known as NTLM authentication). If NTLM is supported by the server, the logon uses the users network user name and password for logon. If NTLM is not supported, the user is prompted for a username and password.
    • Prompt for user name and password
      Prompts once per session for username and password. Once successfully logged on, the credentials are silently used for the remainder of the session.


  • References

  • Recommended Personal additions for securing Internet Explorer browsing


  • Feedback received on this FAQ entry:
    • what does security settings mean !!!

      2013-09-16 04:31:19

    • You simply defined "Access data sources across domains" by re-arranging and repeating the phrase. Worthless explanation.

      2012-10-18 20:18:40

    by Bubba See Profile edited by MSeng See Profile
    last modified: 2005-06-11 12:24:22