This one has a lot of very nice performance tweaks, and a defrag within that seems to do a good job, though one cannot defrag an SSD, only TRIM.
Category: Performance
New Windows performance tool: Wise Care 365
article #1517, updated 8 days ago

CLEANMGR Advanced Mode
article #1444, updated 30 days ago
Run it like this from administrative CMD, in two steps. In the first step just check everything off. The second step runs it all. Cleans a whole lot more than any other way, and after you do the first step, the second step stays put, the number is actually the maximum index of sets of cleanup that you can keep around for future semi/automatic use.
Cleanmgr /sageset:65535
Cleanmgr /sagerun:65535

Renoberate & Clear Windows Logs
article #1482, updated 90 days ago
Recently it was discovered that a Windows server was running very slow because the Security log’s maximum size was set to 40 gigabytes. Here is a Powershell bit which will look at all event logs, set their max size to 2.5M if set larger, and clear them. Seems to free up a nice healthy dollop of performance in general.
wevtutil el | Foreach-Object { $LogObject = Get-WinEvent -ListLog $_ If ( $LogObject.MaximumSizeInBytes -gt 2500KB ) { "$_ has max set to larger than 2.5M. Setting to 2.5M." $LogObject.MaximumSizeInBytes = 2500KB $LogObject.SaveChanges() } wevtutil cl $_ "$_ cleared." }
There are times when an operation, a software install or configure perhaps, will error with “Cannot open log for source ———-. You may not have write access.” The below will do the above, and also give read/write to every local admin.
wevtutil el | Foreach-Object { wevtutil sl $_ "/ca:O:BAG:SYD:(A;;0x1;;;SY)(A;;0x5;;;BA)(A;;0x1;;;LA)(A;;0x3;;;LA)" $LogObject = Get-WinEvent -ListLog $_ If ( $LogObject.MaximumSizeInBytes -gt 2500KB ) { "$_ has max set to larger than 2.5M. Setting to 2.5M." $LogObject.MaximumSizeInBytes = 2500KB $LogObject.SaveChanges() } wevtutil cl $_ "$_ cleared." }
The security string is written in something called SDDL. Some more info:
https://itconnect.uw.edu/wares/msinf/other-help/understanding-sddl-syntax/

Performance Removals, Newer Windows, for Business Use
article #1505, updated 91 days ago
Microsoft is loading Windows with gaming bits and other things which take resources. The last two builds of 10, and 11, have ‘winget’, which make it quite easy to remove things:
winget uninstall "Xbox TCUI" winget uninstall "Xbox Console Companion" winget uninstall "Xbox Game Bar Plugin" winget uninstall "Xbox Game Bar" winget uninstall "Xbox Identity Provider" winget uninstall "Xbox Game Speech Window" winget uninstall "Phone Link" winget uninstall "Movies & TV"

The Windows Slowdown Cycle (System Volume Information fills up!)
article #1441, updated 185 days ago
Recently a number of things have come to light together, the combination of which is remarkable.
- The System Volume Information folder, on very many slow Windows machines, has a lot of junk files within, files that serve no purpose. These are called “orphan shadows”.
- Orphan shadows occur when the RAID or other drive capability of a Windows machine, cannot keep up with demands on the Volume Shadow Services (VSS) subsystem of Windows, and/or has to abandon an effort in midstream. VSS is used by a huge variety of Windows and application operations.
- The best-understood examples of events causing orphan shadows, are hard poweroffs in the middle of many different operations large and small. Another is when block-level backups fail.
- Other examples are simultaneous heavy demands which are too high for the RAID or drive capability. For instance, if demands on RAID are already fairly high, a large database request happening at the same moment as the incremental for a backup will cause one or both to fail, and will create orphan shadow(s) for one or both.
- As orphan shadows build up, they take more and more space in System Volume Information, and when SVI has more than 20 gigabytes or so of these things, all VSS operations get slower and slower, presumably because the VSS system has to choose to bypass all of the orphans over and over again.
- SVI has been seen to rise to hundreds of gigabytes, sometimes taking hours to clear.
The short-term step, to get things working, is to clear SVI. On a client OS, this is done thus:
vssadmin delete shadows /all
On a server OS, we do the above, and then we also run diskshadow
, and within that little environment, we do:
delete shadows all
Alternatively, we can replace all of the above steps with:
wmic shadowcopy delete /nointeractive
One situation has been seen thus far, where the above two do not do the job, where SVI remains huge. No standard solution has been identified for this as of yet. Up until now, the symptoms have been clear and obvious, but causality a lot more mysterious, and we have often alleviated the situation via removal of OEMware, BIOS, firmware, and driver updates, and use of tweaking tools. On a server, one can remove Windows Defender:
Uninstall-WindowsFeature Windows-Defender
and this helps a lot (solved one big problem so far) on server, but not on a client OS, Microsoft doesn’t allow it. Also, methods to disable bits of Windows Defender on client OS have been disallowed increasingly, as build upgrades have been given.
One step which has helped is to CHKDSK /F
the volumes and reboot, and then try the standard cleanout steps again.
Just today, some VSS tweaks have manifest:
https://docs.microsoft.com/en-us/windows/win32/backup/registry-keys-for-backup-and-restore?redirectedfrom=MSDN#maxshadowcopies
specifically this:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VSS\Settings DWORD MaxShadowCopies
and this:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VolSnap DWORD MinDiffAreaFileSize
but it will be a while of testing before any confidence is available as to how to use these to help. Thus far, MaxShadowCopies of 8 and MinDiffAreaFileSize of 128 seems to be helping.

Puran Defrag
article #1485, updated 224 days ago
Appears excellent on the desktop.

Delete NTFS USN journal
article #1483, updated 245 days ago
The journal can, reportedly, get huge. Here’s how to delete it for C:
fsutil usn deletejournal /n C:
Warnings and info is here, but haven’t seen any signs of the warned items, perhaps they happen mostly with very large and/or very slow machines:
docs.microsoft.com/en-us/windows-server/administration/windows-commands/fsutil-usn

HPE RAID Controller Selection
article #1475, updated 328 days ago
Here is a useful guide to HPE RAID model numbers:
medium.com/@ITsolutions/selecting-the-best-hpe-smart-array-controller-for-your-server-da10b7424c8c

General Defrag for Windows
article #480, updated 336 days ago
UltraDefrag still comes in its free open source version:
sourceforge.net/projects/ultradefrag/
as well as a newer, more developed paid version:

Windows 10 Networking Performance
article #1461, updated 430 days ago
Something new. Reported to help a lot, especially with Internet connections higher than 10Mbps.
Basically, we browse here in the registry:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
we create (or edit) DWORD IRPStackSize
, and we set it to 32. Default is 15, and Microsoft reportedly says that values 33-38 are fraught with peril.