Public-Mirrors
/
Debloat-Windows-10
mirror of https://github.com/W4RH4WK/Debloat-Windows-10
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

Merge branch 'master' into master

pull/143/head
Benedikt Graeb 6 years ago
committed by GitHub
parent
6a46c082b0 fce233d729
commit
315daa49f7
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
18 changed files with 695 additions and 589 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      .gitattributes
  2. 55
      README.md
  3. 212
      lib/take-own.psm1
  4. 32
      scripts/block-telemetry.ps1
  5. 68
      scripts/disable-services.ps1
  6. 34
      scripts/disable-windows-defender.ps1
  7. 94
      scripts/experimental_unfuckery.ps1
  8. 90
      scripts/fix-privacy-settings.ps1
  9. 98
      scripts/optimize-user-interface.ps1
  10. 17
      scripts/optimize-windows-update.ps1
  11. 38
      scripts/remove-default-apps.ps1
  12. 50
      scripts/remove-onedrive.ps1
  13. 6
      utils/boot-advanced-startup.bat
  14. 14
      utils/dark-theme.reg
  15. 3
      utils/disable-memory-compression
  16. 414
      utils/disable-scheduled-tasks.ps1
  17. 38
      utils/enable-god-mode.ps1
  18. 20
      utils/install-basic-software.ps1

1
.gitattributes
View File

@ -1,4 +1,5 @@
* text=auto
*.bat text eol=crlf
*.ps1 text eol=crlf
*.psm1 text eol=crlf
*.reg text eol=crlf

55
README.md
View File

@ -1,23 +1,36 @@
# Debloat Windows 10
**Note about Creators Update:** These scripts have *not* been tested with the
Creators Update. Anything may happen, be prepared. I'll look into relevant
changes and recent issues when the update is released / pushed on to everyone.
This project collects Powershell scripts which help to *debloat* Windows 10,
tweak common settings and install basic software components.
I develop those scripts on a Windows 10 Professional 64-Bit (English) virtual
machine. Please let me know if you encounter any issues with other Windows 10
versions.
I test these scripts on a Windows 10 Professional 64-Bit (English) virtual
machine. Please let me know if you encounter any issues. Home Edition and
different languages are not supported. These scripts are intended for
tech-savvy administrators, who know what they are doing and just want to
automate this phase of their setup. If this profile does not fit you, I
recommend using a different (more interactive) tool -- and there are a lot of
them out there.
**There is no undo**, I recommend only using these scripts on a fresh
installation (including Windows Updates). Test everything after running them
before doing anything else. Also there is no guarantee that everything will
work after future updates since I cannot predict what Microsoft will do next.
Home Edition and different languages are not supported. Let me know of you fork
this repo for fixing Home Edition or a different language.
## Interactivity
Note that **there is no undo**, I recommend only using these scripts on a fresh
install (including updates). Test everything after running them before
continuing with something else. Also there is no guarantee that everything will
work after future updates since I cannot predict what Microsoft will do next.
The scripts are designed to run without any user-interaction. Modify them
beforehand. If you want a more interactive approach check out
[DisableWinTracking](https://github.com/10se1ucgo/DisableWinTracking) from
[10se1ucgo](https://github.com/10se1ucgo).
## Download Latest Version
Code located in the `master` branch is under development (for now).
Code located in the `master` branch is always considered under development, but
you'll probably want the most recent version anyway.
- [Download [zip]](https://github.com/W4RH4WK/Debloat-Windows-10/archive/master.zip)
@ -36,8 +49,12 @@ Unblock PowerShell scripts and modules within this directory:
1. Install all available updates for your system.
2. Edit the scripts to fit your need.
3. Run the scripts
3. Run the scripts from a PowerShell with administrator priviledges (Explorer
`Files > Open Windows PowerShell > Open Windows PowerShell as
administrator`)
4. `PS > Restart-Computer`
5. Run `disable-windows-defender.ps1` one more time.
6. `PS > Restart-Computer`
## Startmenu
@ -71,12 +88,18 @@ has been discovered by BK from Atlanta:
You may now disable the GeoLocation service again, the search box should remain
functional.
## Interactivity
### Sysprep will hang
The scripts are designed to run without any user-interaction. Modify them
beforehand. If you want a more interactive approach check out
[DisableWinTracking](https://github.com/10se1ucgo/DisableWinTracking) from
[10se1ucgo](https://github.com/10se1ucgo).
If you are deploying images with MDT and running these scripts, the sysprep
step will hang unless `dmwappushserivce` is active.
### XBox Wireless Adapter
Apprently running the stock `remove-default-apps` script will cause XBox
Wireless Adapters to stop functioning. I suspenc one should not remove the XBox
App when wanting to use one. But I haven't confirmed this yet, and there is a
workaround to re-enable it afterwards. See
[#78](https://github.com/W4RH4WK/Debloat-Windows-10/issues/78).
## Liability

212
lib/take-own.psm1
View File

@ -1,106 +1,106 @@
function Takeown-Registry($key) {
# TODO does not work for all root keys yet
switch ($key.split('\')[0]) {
"HKEY_CLASSES_ROOT" {
$reg = [Microsoft.Win32.Registry]::ClassesRoot
$key = $key.substring(18)
}
"HKEY_CURRENT_USER" {
$reg = [Microsoft.Win32.Registry]::CurrentUser
$key = $key.substring(18)
}
"HKEY_LOCAL_MACHINE" {
$reg = [Microsoft.Win32.Registry]::LocalMachine
$key = $key.substring(19)
}
}
# get administraor group
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$admins = $admins.Translate([System.Security.Principal.NTAccount])
# set owner
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership")
$acl = $key.GetAccessControl()
$acl.SetOwner($admins)
$key.SetAccessControl($acl)
# set FullControl
$acl = $key.GetAccessControl()
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow")
$acl.SetAccessRule($rule)
$key.SetAccessControl($acl)
}
function Takeown-File($path) {
takeown.exe /A /F $path
$acl = Get-Acl $path
# get administraor group
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$admins = $admins.Translate([System.Security.Principal.NTAccount])
# add NT Authority\SYSTEM
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow")
$acl.AddAccessRule($rule)
Set-Acl -Path $path -AclObject $acl
}
function Takeown-Folder($path) {
Takeown-File $path
foreach ($item in Get-ChildItem $path) {
if (Test-Path $item -PathType Container) {
Takeown-Folder $item.FullName
} else {
Takeown-File $item.FullName
}
}
}
function Elevate-Privileges {
param($Privilege)
$Definition = @"
using System;
using System.Runtime.InteropServices;
public class AdjPriv {
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele);
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
[StructLayout(LayoutKind.Sequential, Pack = 1)]
internal struct TokPriv1Luid {
public int Count;
public long Luid;
public int Attr;
}
internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
internal const int TOKEN_QUERY = 0x00000008;
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static bool EnablePrivilege(long processHandle, string privilege) {
bool retVal;
TokPriv1Luid tp;
IntPtr hproc = new IntPtr(processHandle);
IntPtr htok = IntPtr.Zero;
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
tp.Count = 1;
tp.Luid = 0;
tp.Attr = SE_PRIVILEGE_ENABLED;
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
return retVal;
}
}
"@
$ProcessHandle = (Get-Process -id $pid).Handle
$type = Add-Type $definition -PassThru
$type[0]::EnablePrivilege($processHandle, $Privilege)
}
function Takeown-Registry($key) {
# TODO does not work for all root keys yet
switch ($key.split('\')[0]) {
"HKEY_CLASSES_ROOT" {
$reg = [Microsoft.Win32.Registry]::ClassesRoot
$key = $key.substring(18)
}
"HKEY_CURRENT_USER" {
$reg = [Microsoft.Win32.Registry]::CurrentUser
$key = $key.substring(18)
}
"HKEY_LOCAL_MACHINE" {
$reg = [Microsoft.Win32.Registry]::LocalMachine
$key = $key.substring(19)
}
}
# get administraor group
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$admins = $admins.Translate([System.Security.Principal.NTAccount])
# set owner
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership")
$acl = $key.GetAccessControl()
$acl.SetOwner($admins)
$key.SetAccessControl($acl)
# set FullControl
$acl = $key.GetAccessControl()
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow")
$acl.SetAccessRule($rule)
$key.SetAccessControl($acl)
}
function Takeown-File($path) {
takeown.exe /A /F $path
$acl = Get-Acl $path
# get administraor group
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
$admins = $admins.Translate([System.Security.Principal.NTAccount])
# add NT Authority\SYSTEM
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow")
$acl.AddAccessRule($rule)
Set-Acl -Path $path -AclObject $acl
}
function Takeown-Folder($path) {
Takeown-File $path
foreach ($item in Get-ChildItem $path) {
if (Test-Path $item -PathType Container) {
Takeown-Folder $item.FullName
} else {
Takeown-File $item.FullName
}
}
}
function Elevate-Privileges {
param($Privilege)
$Definition = @"
using System;
using System.Runtime.InteropServices;
public class AdjPriv {
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele);
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
[StructLayout(LayoutKind.Sequential, Pack = 1)]
internal struct TokPriv1Luid {
public int Count;
public long Luid;
public int Attr;
}
internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
internal const int TOKEN_QUERY = 0x00000008;
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static bool EnablePrivilege(long processHandle, string privilege) {
bool retVal;
TokPriv1Luid tp;
IntPtr hproc = new IntPtr(processHandle);
IntPtr htok = IntPtr.Zero;
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
tp.Count = 1;
tp.Luid = 0;
tp.Attr = SE_PRIVILEGE_ENABLED;
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
return retVal;
}
}
"@
$ProcessHandle = (Get-Process -id $pid).Handle
$type = Add-Type $definition -PassThru
$type[0]::EnablePrivilege($processHandle, $Privilege)
}

32
scripts/block-telemetry.ps1
View File

@ -1,16 +1,23 @@
# Description:
# This script blocks telemetry related domains via the hosts file and related
# IPs via Windows Firewall.
#
# Please note that adding these domains may break certain software like iTunes
# or Skype. As this issue is location dependent for some domains, they are not
# commented by default. The domains known to cause issues marked accordingly.
# Please see the related issue:
# <https://github.com/W4RH4WK/Debloat-Windows-10/issues/79>
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
echo "Disabling telemetry via Group Policies"
Write-Output "Disabling telemetry via Group Policies"
force-mkdir "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection"
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0
Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0
echo "Adding telemetry domains to hosts file"
Write-Output "Adding telemetry domains to hosts file"
$hosts_file = "$env:systemroot\System32\drivers\etc\hosts"
$domains = @(
"184-86-53-99.deploy.static.akamaitechnologies.com"
"a-0001.a-msedge.net"
"a-0002.a-msedge.net"
"a-0003.a-msedge.net"
@ -52,7 +59,7 @@ $domains = @(
"cds26.ams9.msecn.net"
"choice.microsoft.com"
"choice.microsoft.com.nsatc.net"
"c.msn.com"
"c.msn.com" # can cause issues with Skype
"compatexchange.cloudapp.net"
"corpext.msitadfs.glbdns2.microsoft.com"
"corp.sts.microsoft.com"
@ -121,6 +128,7 @@ $domains = @(
"vortex.data.microsoft.com"
"vortex-sandbox.data.microsoft.com"
"vortex-win.data.microsoft.com"
"cy2.vortex.data.microsoft.com.akadns.net"
"watson.live.com"
"watson.microsoft.com"
"watson.ppe.telemetry.microsoft.com"
@ -143,24 +151,25 @@ $domains = @(
"watson.telemetry.microsoft.com",
"watson.telemetry.microsoft.com.nsatc.net"
"wes.df.telemetry.microsoft.com"
"ui.skype.com",
"pricelist.skype.com"
"apps.skype.com"
"ui.skype.com", # can cause issues with Skype
"pricelist.skype.com" # can cause issues with Skype
"apps.skype.com" # can cause issues with Skype
"m.hotmail.com"
"s.gateway.messenger.live.com"
"s.gateway.messenger.live.com" # can cause issues with Skype
)
echo "" | Out-File -Encoding ASCII -Append $hosts_file
Write-Output "" | Out-File -Encoding ASCII -Append $hosts_file
foreach ($domain in $domains) {
if (-Not (Select-String -Path $hosts_file -Pattern $domain)) {
echo "0.0.0.0 $domain" | Out-File -Encoding ASCII -Append $hosts_file
Write-Output "0.0.0.0 $domain" | Out-File -Encoding ASCII -Append $hosts_file
}
}
echo "Adding telemetry ips to firewall"
Write-Output "Adding telemetry ips to firewall"
$ips = @(
"134.170.30.202"
"137.116.81.24"
"157.56.106.189"
"184.86.53.99"
"2.22.61.43"
"2.22.61.66"
"204.79.197.200"
@ -168,6 +177,7 @@ $ips = @(
"65.39.117.230"
"65.52.108.33"
"65.55.108.23"
"64.4.54.254"
)
Remove-NetFirewallRule -DisplayName "Block Telemetry IPs" -ErrorAction SilentlyContinue
New-NetFirewallRule -DisplayName "Block Telemetry IPs" -Direction Outbound `

68
scripts/disable-services.ps1
View File

@ -1,34 +1,34 @@
# Description:
# This script disables unwanted Windows services. If you do not want to disable
# certain services comment out the corresponding lines below.
$services = @(
"diagnosticshub.standardcollector.service" # Microsoft (R) Diagnostics Hub Standard Collector Service
"DiagTrack" # Diagnostics Tracking Service
"dmwappushservice" # WAP Push Message Routing Service
"HomeGroupListener" # HomeGroup Listener
"HomeGroupProvider" # HomeGroup Provider
"lfsvc" # Geolocation Service
"MapsBroker" # Downloaded Maps Manager
"NetTcpPortSharing" # Net.Tcp Port Sharing Service
"RemoteAccess" # Routing and Remote Access
"RemoteRegistry" # Remote Registry
"SharedAccess" # Internet Connection Sharing (ICS)
"TrkWks" # Distributed Link Tracking Client
"WbioSrvc" # Windows Biometric Service
#"WlanSvc" # WLAN AutoConfig
"WMPNetworkSvc" # Windows Media Player Network Sharing Service
"wscsvc" # Windows Security Center Service
#"WSearch" # Windows Search
"XblAuthManager" # Xbox Live Auth Manager
"XblGameSave" # Xbox Live Game Save Service
"XboxNetApiSvc" # Xbox Live Networking Service
# Services which cannot be disabled
#"WdNisSvc"
)
foreach ($service in $services) {
echo "Trying to disable $service"
Get-Service -Name $service | Set-Service -StartupType Disabled
}
# Description:
# This script disables unwanted Windows services. If you do not want to disable
# certain services comment out the corresponding lines below.
$services = @(
"diagnosticshub.standardcollector.service" # Microsoft (R) Diagnostics Hub Standard Collector Service
"DiagTrack" # Diagnostics Tracking Service
"dmwappushservice" # WAP Push Message Routing Service (see known issues)
"HomeGroupListener" # HomeGroup Listener
"HomeGroupProvider" # HomeGroup Provider
"lfsvc" # Geolocation Service
"MapsBroker" # Downloaded Maps Manager
"NetTcpPortSharing" # Net.Tcp Port Sharing Service
"RemoteAccess" # Routing and Remote Access
"RemoteRegistry" # Remote Registry
"SharedAccess" # Internet Connection Sharing (ICS)
"TrkWks" # Distributed Link Tracking Client
"WbioSrvc" # Windows Biometric Service
#"WlanSvc" # WLAN AutoConfig
"WMPNetworkSvc" # Windows Media Player Network Sharing Service
"wscsvc" # Windows Security Center Service
#"WSearch" # Windows Search
"XblAuthManager" # Xbox Live Auth Manager
"XblGameSave" # Xbox Live Game Save Service
"XboxNetApiSvc" # Xbox Live Networking Service
# Services which cannot be disabled
#"WdNisSvc"
)
foreach ($service in $services) {
Write-Output "Trying to disable $service"
Get-Service -Name $service | Set-Service -StartupType Disabled
}

34
scripts/disable-windows-defender.ps1
View File

@ -1,7 +1,13 @@
# Description:
# This script disables Windows Defender.
# This script disables Windows Defender. Run it once (will throw errors), then
# reboot, run it again (this time no errors should occur) followed by another
# reboot.
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
Write-Output "Elevating priviledges for this process"
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
$tasks = @(
"\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance"
@ -15,16 +21,28 @@ foreach ($task in $tasks) {
$name = $parts[-1]
$path = $parts[0..($parts.length-2)] -join '\'
echo "Trying to disable scheduled task $name"
Write-Output "Trying to disable scheduled task $name"
Disable-ScheduledTask -TaskName "$name" -TaskPath "$path"
}
echo "Disabling Windows Defender via Group Policies"
Write-Output "Disabling Windows Defender via Group Policies"
force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender"
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableAntiSpyware" 1
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableRoutinelyTakingAction" 1
Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableAntiSpyware" 1
Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableRoutinelyTakingAction" 1
force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection"
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection" "DisableRealtimeMonitoring" 1
Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection" "DisableRealtimeMonitoring" 1
Write-Output "Disabling Windows Defender Services"
Takeown-Registry("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend")
Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\WinDefend" "Start" 4
Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\WinDefend" "AutorunsDisabled" 3
Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\WdNisSvc" "Start" 4
Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\WdNisSvc" "AutorunsDisabled" 3
Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\Sense" "Start" 4
Set-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Services\Sense" "AutorunsDisabled" 3
Write-Output "Removing Windows Defender context menu item"
Set-Item "HKLM:\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780}\InprocServer32" ""
echo "Removing Windows Defender context menu item"
si "HKLM:\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780}\InprocServer32" ""
Write-Output "Removing Windows Defender GUI / tray from autorun"
Remove-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "WindowsDefender" -ea 0

94
scripts/experimental_unfuckery.ps1
View File

@ -1,47 +1,47 @@
# Description:
# This script remove strang looking stuff which will probably result in a break
# of your system. It should not be used unless you want to test out a few
# things. It is named `experimental_unfuckery.ps1` for a reason.
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
echo "Elevating priviledges for this process"
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
echo "Force removing system apps"
$needles = @(
#"Anytime"
"BioEnrollment"
#"Browser"
"ContactSupport"
#"Cortana" # This will disable startmenu search.
#"Defender"
"Feedback"
"Flash"
"Gaming"
#"InternetExplorer"
#"Maps"
"OneDrive"
#"Wallet"
#"Xbox" # This will result in a bootloop since upgrade 1511
)
foreach ($needle in $needles) {
echo "Trying to remove all packages containing $needle"
$pkgs = (ls "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" |
where Name -Like "*$needle*")
foreach ($pkg in $pkgs) {
$pkgname = $pkg.Name.split('\')[-1]
Takeown-Registry($pkg.Name)
Takeown-Registry($pkg.Name + "\Owners")
Set-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name Visibility -Value 1
New-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name DefVis -PropertyType DWord -Value 2
Remove-Item -Path ("HKLM:" + $pkg.Name.Substring(18) + "\Owners")
dism.exe /Online /Remove-Package /PackageName:$pkgname /NoRestart
}
}
# Description:
# This script remove strang looking stuff which will probably result in a break
# of your system. It should not be used unless you want to test out a few
# things. It is named `experimental_unfuckery.ps1` for a reason.
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
Write-Output "Elevating priviledges for this process"
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
Write-Output "Force removing system apps"
$needles = @(
#"Anytime"
"BioEnrollment"
#"Browser"
"ContactSupport"
#"Cortana" # This will disable startmenu search.
#"Defender"
"Feedback"
"Flash"
"Gaming"
#"InternetExplorer"
#"Maps"
"OneDrive"
#"Wallet"
#"Xbox" # This will result in a bootloop since upgrade 1511
)
foreach ($needle in $needles) {
Write-Output "Trying to remove all packages containing $needle"
$pkgs = (Get-ChildItem "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" |
Where-Object Name -Like "*$needle*")
foreach ($pkg in $pkgs) {
$pkgname = $pkg.Name.split('\')[-1]
Takeown-Registry($pkg.Name)
Takeown-Registry($pkg.Name + "\Owners")
Set-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name Visibility -Value 1
New-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name DefVis -PropertyType DWord -Value 2
Remove-Item -Path ("HKLM:" + $pkg.Name.Substring(18) + "\Owners")
dism.exe /Online /Remove-Package /PackageName:$pkgname /NoRestart
}
}

90
scripts/fix-privacy-settings.ps1
View File

@ -5,26 +5,26 @@
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
echo "Elevating priviledges for this process"
Write-Output "Elevating priviledges for this process"
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
echo "Defuse Windows search settings"
Write-Output "Defuse Windows search settings"
Set-WindowsSearchSetting -EnableWebResultsSetting $false
echo "Set general privacy options"
sp "HKCU:\Control Panel\International\User Profile" "HttpAcceptLanguageOptOut" 1
Write-Output "Set general privacy options"
Set-ItemProperty "HKCU:\Control Panel\International\User Profile" "HttpAcceptLanguageOptOut" 1
force-mkdir "HKCU:\Printers\Defaults"
sp "HKCU:\Printers\Defaults" "NetID" "{00000000-0000-0000-0000-000000000000}"
Set-ItemProperty "HKCU:\Printers\Defaults" "NetID" "{00000000-0000-0000-0000-000000000000}"
force-mkdir "HKCU:\SOFTWARE\Microsoft\Input\TIPC"
sp "HKCU:\SOFTWARE\Microsoft\Input\TIPC" "Enabled" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Input\TIPC" "Enabled" 0
force-mkdir "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo"
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" "Enabled" 0
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" "EnableWebContentEvaluation" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" "Enabled" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" "EnableWebContentEvaluation" 0
echo "Disable synchronisation of settings"
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "BackupPolicy" 0x3c
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "DeviceMetadataUploaded" 0
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "PriorLogons" 1
Write-Output "Disable synchronisation of settings"
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "BackupPolicy" 0x3c
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "DeviceMetadataUploaded" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "PriorLogons" 1
$groups = @(
"Accessibility"
"AppSync"
@ -39,63 +39,63 @@ $groups = @(
)
foreach ($group in $groups) {
force-mkdir "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\$group"
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\$group" "Enabled" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\$group" "Enabled" 0
}
echo "Set privacy policy accepted state to 0"
Write-Output "Set privacy policy accepted state to 0"
force-mkdir "HKCU:\SOFTWARE\Microsoft\Personalization\Settings"
sp "HKCU:\SOFTWARE\Microsoft\Personalization\Settings" "AcceptedPrivacyPolicy" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Personalization\Settings" "AcceptedPrivacyPolicy" 0
echo "Do not scan contact informations"
Write-Output "Do not scan contact informations"
force-mkdir "HKCU:\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore"
sp "HKCU:\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore" "HarvestContacts" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore" "HarvestContacts" 0
echo "Inking and typing settings"
Write-Output "Inking and typing settings"
force-mkdir "HKCU:\SOFTWARE\Microsoft\InputPersonalization"
sp "HKCU:\SOFTWARE\Microsoft\InputPersonalization" "RestrictImplicitInkCollection" 1
sp "HKCU:\SOFTWARE\Microsoft\InputPersonalization" "RestrictImplicitTextCollection" 1
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\InputPersonalization" "RestrictImplicitInkCollection" 1
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\InputPersonalization" "RestrictImplicitTextCollection" 1
echo "Microsoft Edge settings"
Write-Output "Microsoft Edge settings"
force-mkdir "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main"
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" "DoNotTrack" 1
Set-ItemProperty "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" "DoNotTrack" 1
force-mkdir "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\User\Default\SearchScopes"
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\User\Default\SearchScopes" "ShowSearchSuggestionsGlobal" 0
Set-ItemProperty "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\User\Default\SearchScopes" "ShowSearchSuggestionsGlobal" 0
force-mkdir "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead"
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" "FPEnabled" 0
Set-ItemProperty "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" "FPEnabled" 0
force-mkdir "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter"
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" "EnabledV9" 0
Set-ItemProperty "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" "EnabledV9" 0
echo "Disable background access of default apps"
foreach ($key in (ls "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications")) {
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\" + $key.PSChildName) "Disabled" 1
Write-Output "Disable background access of default apps"
foreach ($key in (Get-ChildItem "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications")) {
Set-ItemProperty ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\" + $key.PSChildName) "Disabled" 1
}
echo "Denying device access"
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "Type" "LooselyCoupled"
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "Value" "Deny"
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "InitialAppValue" "Unspecified"
foreach ($key in (ls "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global")) {
Write-Output "Denying device access"
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "Type" "LooselyCoupled"
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "Value" "Deny"
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "InitialAppValue" "Unspecified"
foreach ($key in (Get-ChildItem "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global")) {
if ($key.PSChildName -EQ "LooselyCoupled") {
continue
}
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "Type" "InterfaceClass"
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "Value" "Deny"
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "InitialAppValue" "Unspecified"
Set-ItemProperty ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "Type" "InterfaceClass"
Set-ItemProperty ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "Value" "Deny"
Set-ItemProperty ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "InitialAppValue" "Unspecified"
}
echo "Disable location sensor"
Write-Output "Disable location sensor"
force-mkdir "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Permissions\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}"
sp "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Permissions\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}" "SensorPermissionState" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Permissions\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}" "SensorPermissionState" 0
echo "Disable submission of Windows Defender findings (w/ elevated privileges)"
Write-Output "Disable submission of Windows Defender findings (w/ elevated privileges)"
Takeown-Registry("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet")
sp "HKLM:\SOFTWARE\Microsoft\Windows Defender\Spynet" "SpyNetReporting" 0 # write-protected even after takeown ?!
sp "HKLM:\SOFTWARE\Microsoft\Windows Defender\Spynet" "SubmitSamplesConsent" 0
Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows Defender\Spynet" "SpyNetReporting" 0 # write-protected even after takeown ?!
Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows Defender\Spynet" "SubmitSamplesConsent" 0
echo "Do not share wifi networks"
Write-Output "Do not share wifi networks"
$user = New-Object System.Security.Principal.NTAccount($env:UserName)
$sid = $user.Translate([System.Security.Principal.SecurityIdentifier]).value
force-mkdir ("HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\" + $sid)
sp ("HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\" + $sid) "FeatureStates" 0x33c
sp "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseCredShared" 0
sp "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseOpen" 0
Set-ItemProperty ("HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\" + $sid) "FeatureStates" 0x33c
Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseCredShared" 0
Set-ItemProperty "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseOpen" 0

98
scripts/optimize-user-interface.ps1
View File

@ -6,73 +6,81 @@
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
echo "Elevating priviledges for this process"
Write-Output "Elevating priviledges for this process"
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
echo "Apply MarkC's mouse acceleration fix"
sp "HKCU:\Control Panel\Mouse" "MouseSensitivity" "10"
sp "HKCU:\Control Panel\Mouse" "MouseSpeed" "0"
sp "HKCU:\Control Panel\Mouse" "MouseThreshold1" "0"
sp "HKCU:\Control Panel\Mouse" "MouseThreshold2" "0"
sp "HKCU:\Control Panel\Mouse" "SmoothMouseXCurve" ([byte[]](0x00, 0x00, 0x00,
Write-Output "Apply MarkC's mouse acceleration fix"
Set-ItemProperty "HKCU:\Control Panel\Mouse" "MouseSensitivity" "10"
Set-ItemProperty "HKCU:\Control Panel\Mouse" "MouseSpeed" "0"
Set-ItemProperty "HKCU:\Control Panel\Mouse" "MouseThreshold1" "0"
Set-ItemProperty "HKCU:\Control Panel\Mouse" "MouseThreshold2" "0"
Set-ItemProperty "HKCU:\Control Panel\Mouse" "SmoothMouseXCurve" ([byte[]](0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0xC0, 0xCC, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x00,
0x80, 0x99, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x66, 0x26, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x33, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00))
sp "HKCU:\Control Panel\Mouse" "SmoothMouseYCurve" ([byte[]](0x00, 0x00, 0x00,
Set-ItemProperty "HKCU:\Control Panel\Mouse" "SmoothMouseYCurve" ([byte[]](0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x38, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x70, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xA8, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0xE0, 0x00, 0x00, 0x00, 0x00, 0x00))
echo "Disable mouse pointer hiding"
sp "HKCU:\Control Panel\Desktop" "UserPreferencesMask" ([byte[]](0x9e,
Write-Output "Disable mouse pointer hiding"
Set-ItemProperty "HKCU:\Control Panel\Desktop" "UserPreferencesMask" ([byte[]](0x9e,
0x1e, 0x06, 0x80, 0x12, 0x00, 0x00, 0x00))
echo "Disable easy access keyboard stuff"
sp "HKCU:\Control Panel\Accessibility\StickyKeys" "Flags" "506"
sp "HKCU:\Control Panel\Accessibility\Keyboard Response" "Flags" "122"
sp "HKCU:\Control Panel\Accessibility\ToggleKeys" "Flags" "58"
Write-Output "Disable Game DVR and Game Bar"
force-mkdir "HKLM:\SOFTWARE\Policies\Microsoft\Windows\GameDVR"
Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\GameDVR" "AllowgameDVR" 0
echo "Restoring old volume slider"
Write-Output "Disable easy access keyboard stuff"
Set-ItemProperty "HKCU:\Control Panel\Accessibility\StickyKeys" "Flags" "506"
Set-ItemProperty "HKCU:\Control Panel\Accessibility\Keyboard Response" "Flags" "122"
Set-ItemProperty "HKCU:\Control Panel\Accessibility\ToggleKeys" "Flags" "58"
Write-Output "Restoring old volume slider"
force-mkdir "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\MTCUVC"
sp "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\MTCUVC" "EnableMtcUvc" 0
Set-ItemProperty "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\MTCUVC" "EnableMtcUvc" 0
echo "Setting folder view options"
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "Hidden" 1
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "HideFileExt" 0
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "HideDrivesWithNoMedia" 0
Write-Output "Setting folder view options"
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "Hidden" 1
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "HideFileExt" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "HideDrivesWithNoMedia" 0
Set-ItemProperty "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "ShowSyncProviderNotifications" 0
echo "Setting default explorer view to This PC"
sp "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "LaunchTo" 1
Write-Output "Setting default explorer view to This PC"
Set-ItemProperty "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "LaunchTo" 1
echo "Removing user folders under This PC"
Write-Output "Removing user folders under This PC"
# Remove Desktop from This PC
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}"
# Remove Documents from This PC
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}"
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}"
# Remove Downloads from This PC
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}"
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}"
# Remove Music from This PC
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}"
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}"
# Remove Pictures from This PC
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}"
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}"
# Remove Videos from This PC
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}"
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}"
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}"
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}"
# Remove 3D Objects from This PC
Remove-Item "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{0DB7E03F-FC29-4DC6-9020-FF41B59E513A}"
Remove-Item "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{0DB7E03F-FC29-4DC6-9020-FF41B59E513A}"
#echo "Disabling tile push notification"
#force-mkdir "HKCU:\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications"

17
scripts/optimize-windows-update.ps1
View File

@ -4,16 +4,16 @@
#
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
echo "Disable automatic download and installation of Windows updates"
Write-Output "Disable automatic download and installation of Windows updates"
force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU"
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "NoAutoUpdate" 0
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "AUOptions" 2
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "ScheduledInstallDay" 0
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "ScheduledInstallTime" 3
Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "NoAutoUpdate" 0
Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "AUOptions" 2
Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "ScheduledInstallDay" 0
Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "ScheduledInstallTime" 3
echo "Disable seeding of updates to other computers via Group Policies"
Write-Output "Disable seeding of updates to other computers via Group Policies"
force-mkdir "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization"
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" "DODownloadMode" 0
Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" "DODownloadMode" 0
#echo "Disabling automatic driver update"
#sp "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DriverSearching" "SearchOrderConfig" 0
@ -22,6 +22,9 @@ $objSID = New-Object System.Security.Principal.SecurityIdentifier "S-1-1-0"
$EveryOne = $objSID.Translate( [System.Security.Principal.NTAccount]).Value
echo "Disable 'Updates are available' message"
Write-Output "Disable 'Updates are available' message"
takeown /F "$env:WinDIR\System32\MusNotification.exe"
icacls "$env:WinDIR\System32\MusNotification.exe" /deny "$EveryOne:(X)"
takeown /F "$env:WinDIR\System32\MusNotificationUx.exe"

38
scripts/remove-default-apps.ps1
View File

@ -3,11 +3,12 @@
# to remove certain Apps comment out the corresponding lines below.
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
echo "Elevating priviledges for this process"
Write-Output "Elevating privileges for this process"
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
echo "Uninstalling default apps"
Write-Output "Uninstalling default apps"
$apps = @(
# default Windows 10 apps
"Microsoft.3DBuilder"
@ -38,12 +39,16 @@ $apps = @(
"Microsoft.ZuneVideo"
"microsoft.windowscommunicationsapps"
"Microsoft.MinecraftUWP"
"Microsoft.MicrosoftPowerBIForWindows"
"Microsoft.NetworkSpeedTest"
# Threshold 2 apps
"Microsoft.CommsPhone"
"Microsoft.ConnectivityStore"
"Microsoft.Messaging"
"Microsoft.Office.Sway"
"Microsoft.OneConnect"
"Microsoft.WindowsFeedbackHub"
#Redstone apps
@ -69,6 +74,23 @@ $apps = @(
"TuneIn.TuneInRadio"
"GAMELOFTSA.Asphalt8Airborne"
#"TheNewYorkTimes.NYTCrossword"
"DB6EA5DB.CyberLinkMediaSuiteEssentials"
"Facebook.Facebook"
"flaregamesGmbH.RoyalRevolt2"
"Playtika.CaesarsSlotsFreeCasino"
"A278AB0D.MarchofEmpires"
"KeeperSecurityInc.Keeper"
"ThumbmunkeysLtd.PhototasticCollage"
"XINGAG.XING"
"89006A2E.AutodeskSketchBook"
"D5EA27B7.Duolingo-LearnLanguagesforFree"
"46928bounde.EclipseManager"
"ActiproSoftwareLLC.562882FEEB491" # next one is for the Code Writer from Actipro Software LLC
"DolbyLaboratories.DolbyAccess"
"SpotifyAB.SpotifyMusic"
"A278AB0D.DisneyMagicKingdoms"
"WinZipComputing.WinZipUniversal"
# apps which cannot be removed using Remove-AppxPackage
#"Microsoft.BioEnrollment"
@ -81,11 +103,15 @@ $apps = @(
)
foreach ($app in $apps) {
echo "Trying to remove $app"
Write-Output "Trying to remove $app"
Get-AppxPackage -Name $app -AllUsers | Remove-AppxPackage
Get-AppxPackage -Name $app -AllUsers | Remove-AppxPackage -AllUsers
Get-AppXProvisionedPackage -Online |
where DisplayName -EQ $app |
Where-Object DisplayName -EQ $app |
Remove-AppxProvisionedPackage -Online
}
# Prevents "Suggested Applications" returning
force-mkdir "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Cloud Content"
Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Cloud Content" "DisableWindowsConsumerFeatures" 1

50
scripts/remove-onedrive.ps1
View File

@ -4,11 +4,11 @@
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
echo "Kill OneDrive process"
Write-Output "Kill OneDrive process"
taskkill.exe /F /IM "OneDrive.exe"
taskkill.exe /F /IM "explorer.exe"
echo "Remove OneDrive"
Write-Output "Remove OneDrive"
if (Test-Path "$env:systemroot\System32\OneDriveSetup.exe") {
& "$env:systemroot\System32\OneDriveSetup.exe" /uninstall
}
@ -16,41 +16,47 @@ if (Test-Path "$env:systemroot\SysWOW64\OneDriveSetup.exe") {
& "$env:systemroot\SysWOW64\OneDriveSetup.exe" /uninstall
}
echo "Removing OneDrive leftovers"
rm -Recurse -Force -ErrorAction SilentlyContinue "$env:localappdata\Microsoft\OneDrive"
rm -Recurse -Force -ErrorAction SilentlyContinue "$env:programdata\Microsoft OneDrive"
rm -Recurse -Force -ErrorAction SilentlyContinue "$env:userprofile\OneDrive"
rm -Recurse -Force -ErrorAction SilentlyContinue "C:\OneDriveTemp"
Write-Output "Removing OneDrive leftovers"
Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:localappdata\Microsoft\OneDrive"
Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:programdata\Microsoft OneDrive"
Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:systemdrive\OneDriveTemp"
# check if directory is empty before removing:
If ((Get-ChildItem "$env:userprofile\OneDrive" -Recurse | Measure-Object).Count -eq 0) {
Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:userprofile\OneDrive"
}
echo "Disable OneDrive via Group Policies"
Write-Output "Disable OneDrive via Group Policies"
force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive"
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive" "DisableFileSyncNGSC" 1
Set-ItemProperty "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive" "DisableFileSyncNGSC" 1
echo "Remove Onedrive from explorer sidebar"
Write-Output "Remove Onedrive from explorer sidebar"
New-PSDrive -PSProvider "Registry" -Root "HKEY_CLASSES_ROOT" -Name "HKCR"
mkdir -Force "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
sp "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
Set-ItemProperty "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
mkdir -Force "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
sp "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
Set-ItemProperty "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
Remove-PSDrive "HKCR"
# Thank you Matthew Israelsson
echo "Removing run hook for new users"
Write-Output "Removing run hook for new users"
reg load "hku\Default" "C:\Users\Default\NTUSER.DAT"
reg delete "HKEY_USERS\Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OneDriveSetup" /f
reg unload "hku\Default"
echo "Removing startmenu entry"
rm -Force -ErrorAction SilentlyContinue "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk"
Write-Output "Removing startmenu entry"
Remove-Item -Force -ErrorAction SilentlyContinue "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk"
Write-Output "Removing scheduled task"
Get-ScheduledTask -TaskPath '\' -TaskName 'OneDrive*' -ea SilentlyContinue | Unregister-ScheduledTask -Confirm:$false
echo "Restarting explorer"
start "explorer.exe"
Write-Output "Restarting explorer"
Start-Process "explorer.exe"
echo "Waiting for explorer to complete loading"
sleep 10
Write-Output "Waiting for explorer to complete loading"
Start-Sleep 10
echo "Removing additional OneDrive leftovers"
foreach ($item in (ls "$env:WinDir\WinSxS\*onedrive*")) {
Write-Output "Removing additional OneDrive leftovers"
foreach ($item in (Get-ChildItem "$env:WinDir\WinSxS\*onedrive*")) {
Takeown-Folder $item.FullName
rm -Recurse -Force $item.FullName
Remove-Item -Recurse -Force $item.FullName
}

6
utils/boot-advanced-startup.bat
View File

@ -1,3 +1,3 @@
@echo off
shutdown /o /r /t 00
@echo off
shutdown /o /r /t 00

14
utils/dark-theme.reg
View File

@ -1,7 +1,7 @@
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize]
"AppsUseLightTheme"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize]
"AppsUseLightTheme"=dword:00000000
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize]
"AppsUseLightTheme"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize]
"AppsUseLightTheme"=dword:00000000

3
utils/disable-memory-compression
View File

@ -0,0 +1,3 @@
@echo off
Disable-MMAgent -mc

414
utils/disable-scheduled-tasks.ps1
View File

@ -1,207 +1,207 @@
# Description:
# This script will disable certain scheduled tasks. Work in progress!
$tasks = @(
# Windows base scheduled tasks
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319"
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64"
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical"
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical"
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)"
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)"
#"\Microsoft\Windows\AppID\EDP Policy Manager"
#"\Microsoft\Windows\AppID\PolicyConverter"
"\Microsoft\Windows\AppID\SmartScreenSpecific"
#"\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck"
"\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser"
"\Microsoft\Windows\Application Experience\ProgramDataUpdater"
#"\Microsoft\Windows\Application Experience\StartupAppTask"
#"\Microsoft\Windows\ApplicationData\CleanupTemporaryState"
#"\Microsoft\Windows\ApplicationData\DsSvcCleanup"
#"\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup"
"\Microsoft\Windows\Autochk\Proxy"
#"\Microsoft\Windows\Bluetooth\UninstallDeviceTask"
#"\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask"
#"\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask"
#"\Microsoft\Windows\CertificateServicesClient\SystemTask"
#"\Microsoft\Windows\CertificateServicesClient\UserTask"
#"\Microsoft\Windows\CertificateServicesClient\UserTask-Roam"
#"\Microsoft\Windows\Chkdsk\ProactiveScan"
#"\Microsoft\Windows\Clip\License Validation"
"\Microsoft\Windows\CloudExperienceHost\CreateObjectTask"
"\Microsoft\Windows\Customer Experience Improvement Program\Consolidator"
"\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask"
"\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip"
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan"
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery"
#"\Microsoft\Windows\Defrag\ScheduledDefrag"
#"\Microsoft\Windows\Diagnosis\Scheduled"
#"\Microsoft\Windows\DiskCleanup\SilentCleanup"
"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector"
#"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver"
#"\Microsoft\Windows\DiskFootprint\Diagnostics"
"\Microsoft\Windows\Feedback\Siuf\DmClient"
#"\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync"
#"\Microsoft\Windows\FileHistory\File History (maintenance mode)"
#"\Microsoft\Windows\LanguageComponentsInstaller\Installation"
#"\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation"
#"\Microsoft\Windows\Location\Notifications"
#"\Microsoft\Windows\Location\WindowsActionDialog"
#"\Microsoft\Windows\Maintenance\WinSAT"
#"\Microsoft\Windows\Maps\MapsToastTask"
#"\Microsoft\Windows\Maps\MapsUpdateTask"
#"\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents"
#"\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic"
"\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser"
#"\Microsoft\Windows\MUI\LPRemove"
#"\Microsoft\Windows\Multimedia\SystemSoundsService"
#"\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler"
#"\Microsoft\Windows\NetTrace\GatherNetworkInfo"
#"\Microsoft\Windows\Offline Files\Background Synchronization"
#"\Microsoft\Windows\Offline Files\Logon Synchronization"
#"\Microsoft\Windows\PI\Secure-Boot-Update"
#"\Microsoft\Windows\PI\Sqm-Tasks"
#"\Microsoft\Windows\Plug and Play\Device Install Group Policy"
#"\Microsoft\Windows\Plug and Play\Device Install Reboot Required"
#"\Microsoft\Windows\Plug and Play\Plug and Play Cleanup"
#"\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers"
#"\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem"
#"\Microsoft\Windows\Ras\MobilityManager"
#"\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE"
#"\Microsoft\Windows\Registry\RegIdleBackup"
#"\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask"
#"\Microsoft\Windows\RemovalTools\MRT_HB"
#"\Microsoft\Windows\Servicing\StartComponentCleanup"
#"\Microsoft\Windows\SettingSync\NetworkStateChangeTask"
#"\Microsoft\Windows\Shell\CreateObjectTask"
#"\Microsoft\Windows\Shell\FamilySafetyMonitor"
#"\Microsoft\Windows\Shell\FamilySafetyRefresh"
#"\Microsoft\Windows\Shell\IndexerAutomaticMaintenance"
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon"
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork"
#"\Microsoft\Windows\SpacePort\SpaceAgentTask"
#"\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate"
#"\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance"
#"\Microsoft\Windows\Sysmain\ResPriStaticDbSync"
#"\Microsoft\Windows\Sysmain\WsSwapAssessmentTask"
#"\Microsoft\Windows\SystemRestore\SR"
#"\Microsoft\Windows\Task Manager\Interactive"
#"\Microsoft\Windows\TextServicesFramework\MsCtfMonitor"
#"\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime"
#"\Microsoft\Windows\Time Synchronization\SynchronizeTime"
#"\Microsoft\Windows\Time Zone\SynchronizeTimeZone"
#"\Microsoft\Windows\TPM\Tpm-HASCertRetr"
#"\Microsoft\Windows\TPM\Tpm-Maintenance"
#"\Microsoft\Windows\UpdateOrchestrator\Maintenance Install"
#"\Microsoft\Windows\UpdateOrchestrator\Policy Install"
#"\Microsoft\Windows\UpdateOrchestrator\Reboot"
#"\Microsoft\Windows\UpdateOrchestrator\Resume On Boot"
#"\Microsoft\Windows\UpdateOrchestrator\Schedule Scan"
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display"
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot"
#"\Microsoft\Windows\UPnP\UPnPHostConfig"
#"\Microsoft\Windows\User Profile Service\HiveUploadTask"
#"\Microsoft\Windows\WCM\WiFiTask"
#"\Microsoft\Windows\WDI\ResolutionHost"
"\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance"
"\Microsoft\Windows\Windows Defender\Windows Defender Cleanup"
"\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan"
"\Microsoft\Windows\Windows Defender\Windows Defender Verification"
"\Microsoft\Windows\Windows Error Reporting\QueueReporting"
#"\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange"
#"\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"
#"\Microsoft\Windows\WindowsColorSystem\Calibration Loader"
#"\Microsoft\Windows\WindowsUpdate\Automatic App Update"
#"\Microsoft\Windows\WindowsUpdate\Scheduled Start"
#"\Microsoft\Windows\WindowsUpdate\sih"
#"\Microsoft\Windows\WindowsUpdate\sihboot"
#"\Microsoft\Windows\Wininet\CacheTask"
#"\Microsoft\Windows\WOF\WIM-Hash-Management"
#"\Microsoft\Windows\WOF\WIM-Hash-Validation"
#"\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization"
#"\Microsoft\Windows\Work Folders\Work Folders Maintenance Work"
#"\Microsoft\Windows\Workplace Join\Automatic-Device-Join"
#"\Microsoft\Windows\WS\License Validation"
#"\Microsoft\Windows\WS\WSTask"
# Scheduled tasks which cannot be disabled
#"\Microsoft\Windows\Device Setup\Metadata Refresh"
#"\Microsoft\Windows\SettingSync\BackgroundUploadTask"
)
foreach ($task in $tasks) {
$parts = $task.split('\')
$name = $parts[-1]
$path = $parts[0..($parts.length-2)] -join '\'
Disable-ScheduledTask -TaskName "$name" -TaskPath "$path"
}
# Description:
# This script will disable certain scheduled tasks. Work in progress!
$tasks = @(
# Windows base scheduled tasks
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319"
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64"
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical"
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical"
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)"
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)"
#"\Microsoft\Windows\AppID\EDP Policy Manager"
#"\Microsoft\Windows\AppID\PolicyConverter"
"\Microsoft\Windows\AppID\SmartScreenSpecific"
#"\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck"
"\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser"
"\Microsoft\Windows\Application Experience\ProgramDataUpdater"
#"\Microsoft\Windows\Application Experience\StartupAppTask"
#"\Microsoft\Windows\ApplicationData\CleanupTemporaryState"
#"\Microsoft\Windows\ApplicationData\DsSvcCleanup"
#"\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup"
"\Microsoft\Windows\Autochk\Proxy"
#"\Microsoft\Windows\Bluetooth\UninstallDeviceTask"
#"\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask"
#"\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask"
#"\Microsoft\Windows\CertificateServicesClient\SystemTask"
#"\Microsoft\Windows\CertificateServicesClient\UserTask"
#"\Microsoft\Windows\CertificateServicesClient\UserTask-Roam"
#"\Microsoft\Windows\Chkdsk\ProactiveScan"
#"\Microsoft\Windows\Clip\License Validation"
"\Microsoft\Windows\CloudExperienceHost\CreateObjectTask"
"\Microsoft\Windows\Customer Experience Improvement Program\Consolidator"
"\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask"
"\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip"
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan"
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery"
#"\Microsoft\Windows\Defrag\ScheduledDefrag"
#"\Microsoft\Windows\Diagnosis\Scheduled"
#"\Microsoft\Windows\DiskCleanup\SilentCleanup"
"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector"
#"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver"
#"\Microsoft\Windows\DiskFootprint\Diagnostics"
"\Microsoft\Windows\Feedback\Siuf\DmClient"
#"\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync"
#"\Microsoft\Windows\FileHistory\File History (maintenance mode)"
#"\Microsoft\Windows\LanguageComponentsInstaller\Installation"
#"\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation"
#"\Microsoft\Windows\Location\Notifications"
#"\Microsoft\Windows\Location\WindowsActionDialog"
#"\Microsoft\Windows\Maintenance\WinSAT"
#"\Microsoft\Windows\Maps\MapsToastTask"
#"\Microsoft\Windows\Maps\MapsUpdateTask"
#"\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents"
#"\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic"
"\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser"
#"\Microsoft\Windows\MUI\LPRemove"
#"\Microsoft\Windows\Multimedia\SystemSoundsService"
#"\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler"
#"\Microsoft\Windows\NetTrace\GatherNetworkInfo"
#"\Microsoft\Windows\Offline Files\Background Synchronization"
#"\Microsoft\Windows\Offline Files\Logon Synchronization"
#"\Microsoft\Windows\PI\Secure-Boot-Update"
#"\Microsoft\Windows\PI\Sqm-Tasks"
#"\Microsoft\Windows\Plug and Play\Device Install Group Policy"
#"\Microsoft\Windows\Plug and Play\Device Install Reboot Required"
#"\Microsoft\Windows\Plug and Play\Plug and Play Cleanup"
#"\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers"
#"\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem"
#"\Microsoft\Windows\Ras\MobilityManager"
#"\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE"
#"\Microsoft\Windows\Registry\RegIdleBackup"
#"\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask"
#"\Microsoft\Windows\RemovalTools\MRT_HB"
#"\Microsoft\Windows\Servicing\StartComponentCleanup"
#"\Microsoft\Windows\SettingSync\NetworkStateChangeTask"
#"\Microsoft\Windows\Shell\CreateObjectTask"
#"\Microsoft\Windows\Shell\FamilySafetyMonitor"
#"\Microsoft\Windows\Shell\FamilySafetyRefresh"
#"\Microsoft\Windows\Shell\IndexerAutomaticMaintenance"
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon"
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork"
#"\Microsoft\Windows\SpacePort\SpaceAgentTask"
#"\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate"
#"\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance"
#"\Microsoft\Windows\Sysmain\ResPriStaticDbSync"
#"\Microsoft\Windows\Sysmain\WsSwapAssessmentTask"
#"\Microsoft\Windows\SystemRestore\SR"
#"\Microsoft\Windows\Task Manager\Interactive"
#"\Microsoft\Windows\TextServicesFramework\MsCtfMonitor"
#"\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime"
#"\Microsoft\Windows\Time Synchronization\SynchronizeTime"
#"\Microsoft\Windows\Time Zone\SynchronizeTimeZone"
#"\Microsoft\Windows\TPM\Tpm-HASCertRetr"
#"\Microsoft\Windows\TPM\Tpm-Maintenance"
#"\Microsoft\Windows\UpdateOrchestrator\Maintenance Install"
#"\Microsoft\Windows\UpdateOrchestrator\Policy Install"
#"\Microsoft\Windows\UpdateOrchestrator\Reboot"
#"\Microsoft\Windows\UpdateOrchestrator\Resume On Boot"
#"\Microsoft\Windows\UpdateOrchestrator\Schedule Scan"
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display"
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot"
#"\Microsoft\Windows\UPnP\UPnPHostConfig"
#"\Microsoft\Windows\User Profile Service\HiveUploadTask"
#"\Microsoft\Windows\WCM\WiFiTask"
#"\Microsoft\Windows\WDI\ResolutionHost"
"\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance"
"\Microsoft\Windows\Windows Defender\Windows Defender Cleanup"
"\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan"
"\Microsoft\Windows\Windows Defender\Windows Defender Verification"
"\Microsoft\Windows\Windows Error Reporting\QueueReporting"
#"\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange"
#"\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"
#"\Microsoft\Windows\WindowsColorSystem\Calibration Loader"
#"\Microsoft\Windows\WindowsUpdate\Automatic App Update"
#"\Microsoft\Windows\WindowsUpdate\Scheduled Start"
#"\Microsoft\Windows\WindowsUpdate\sih"
#"\Microsoft\Windows\WindowsUpdate\sihboot"
#"\Microsoft\Windows\Wininet\CacheTask"
#"\Microsoft\Windows\WOF\WIM-Hash-Management"
#"\Microsoft\Windows\WOF\WIM-Hash-Validation"
#"\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization"
#"\Microsoft\Windows\Work Folders\Work Folders Maintenance Work"
#"\Microsoft\Windows\Workplace Join\Automatic-Device-Join"
#"\Microsoft\Windows\WS\License Validation"
#"\Microsoft\Windows\WS\WSTask"
# Scheduled tasks which cannot be disabled
#"\Microsoft\Windows\Device Setup\Metadata Refresh"
#"\Microsoft\Windows\SettingSync\BackgroundUploadTask"
)
foreach ($task in $tasks) {
$parts = $task.split('\')
$name = $parts[-1]
$path = $parts[0..($parts.length-2)] -join '\'
Disable-ScheduledTask -TaskName "$name" -TaskPath "$path" -ErrorAction SilentlyContinue
}

38
utils/enable-god-mode.ps1
View File

@ -1,19 +1,19 @@
# Description:
# This scripts places the "God Mode" folder on the current user's desktop.
echo @"
###############################################################################
# _______ _______ ______ __ __ _______ ______ _______ #
# | || || | | |_| || || | | | #
# | ___|| _ || _ | | || _ || _ || ___| #
# | | __ | | | || | | | | || | | || | | || |___ #
# | || || |_| || |_| | | || |_| || |_| || ___| #
# | |_| || || | | ||_|| || || || |___ #
# |_______||_______||______| |_| |_||_______||______| |_______| #
# #
# God Mode has been enabled, check out the new link on your Desktop #
# #
###############################################################################
"@
$DesktopPath = [Environment]::GetFolderPath("Desktop");
mkdir "$DesktopPath\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}"
# Description:
# This scripts places the "God Mode" folder on the current user's desktop.
Write-Output @"
###############################################################################
# _______ _______ ______ __ __ _______ ______ _______ #
# | || || | | |_| || || | | | #
# | ___|| _ || _ | | || _ || _ || ___| #
# | | __ | | | || | | | | || | | || | | || |___ #
# | || || |_| || |_| | | || |_| || |_| || ___| #
# | |_| || || | | ||_|| || || || |___ #
# |_______||_______||______| |_| |_||_______||______| |_______| #
# #
# God Mode has been enabled, check out the new link on your Desktop #
# #
###############################################################################
"@
$DesktopPath = [Environment]::GetFolderPath("Desktop");
mkdir "$DesktopPath\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}"

20
utils/install-basic-software.ps1
View File

@ -32,16 +32,24 @@ $packages = @(
echo "Setting up Chocolatey software package manager"
Get-PackageProvider -Name chocolatey -Force
echo "Setting up Full Chocolatey Install"
Install-Package -Name Chocolatey -Force -ProviderName chocolatey
$chocopath = (Get-Package chocolatey | ?{$_.Name -eq "chocolatey"} | Select @{N="Source";E={((($a=($_.Source -split "\\"))[0..($a.length - 2)]) -join "\"),"Tools\chocolateyInstall" -join "\"}} | Select -ExpandProperty Source)
& $chocopath "upgrade all -y"
choco install chocolatey-core.extension --force
echo "Creating daily task to automatically upgrade Chocolatey packages"
# adapted from https://blogs.technet.microsoft.com/heyscriptingguy/2013/11/23/using-scheduled-tasks-and-scheduled-jobs-in-powershell/
$taskName = "Chocolatey Daily Upgrade"
$taskAction = New-ScheduledTaskAction Execute C:\programdata\chocolatey\choco.exe -Argument "upgrade all -y"
$taskTrigger = New-ScheduledTaskTrigger -At 2am -Daily
$taskUser = "Admin"
Register-ScheduledTask TaskName $taskName -Action $taskAction Trigger $taskTrigger -User $taskUser
$ScheduledJob = @{
Name = "Chocolatey Daily Upgrade"
ScriptBlock = {choco upgrade all -y}
Trigger = New-JobTrigger -Daily -at 2am
ScheduledJobOption = New-ScheduledJobOption -RunElevated -MultipleInstancePolicy StopExisting -RequireNetwork
}
Register-ScheduledJob @ScheduledJob
echo "Installing Packages"
Install-Package -Name $packages -Force -ProviderName chocolatey
$packages | %{choco install $_ --force -y}
echo "Installing Sysinternals Utilities to C:\Sysinternals"
$download_uri = "https://download.sysinternals.com/files/SysinternalsSuite.zip"

Write Preview
Loading…
Cancel
Save