mirror of
https://github.com/ChrisTitusTech/winutil.git
synced 2025-01-17 10:17:44 -06:00
88a622c368
* Winget Sources fix (#1773) - Sometimes, if Winget is installed under user-scope, the source isn't properly installed so that the Admin user can properly use Winget. - This change installs the sources directly from the Winget CDN. - Fixes #1771 https://github.com/microsoft/winget-cli/discussions/3258#discussioncomment-5951658 * Compile Winutil * Finished conversion of DISM commands into DISM cmdlets (#1776) * Continue conversion Began 2nd stage of DISM command conversion. Almost all commands have been replaced by cmdlets * Continue conversion (part 2) Finished part 2 of DISM command to cmdlet conversion * Add New Toggle to Disable/Enable Widgets found in Taskbar (#1768) * Compile Winutil * Fix Search Box Not Showing Apps/Tweaks Checkboxes When typing out Capital-Letters (#1770) * Compile Winutil * Add Microsoft Power Automate and Swift toolchain (#1774) * Add power automate * Add swift toolchain * Compile Winutil * Restart Explorer after Applying/Undoing Classic Right-Click Advance Tweak (#1778) In general, I've added two lines of code to get the explorer process using 'Get-Process', then passed the process object into 'Stop-Process', Windows will automatically restart explorer, so there's no need to run a new process for explorer. Note: restarting explorer in the UndoScript might not be necessary, as it works just fine without it, that's according to the tests done by the author of this commit. * Compile Winutil * editing edgeremoval.ps1 (#1834) * editing edgeremoval.ps1 * Compile Winutil --------- Co-authored-by: DaEpicR <DaEpicR@users.noreply.github.com> * Compile Winutil * Update Github Actions Auto Close Issues (#1801) * Update Github Actions Auto Close Issues * Add try-catch & Error Logging in Github Actions Auto Close Issues * Add a Break Statement To Skip Checking The Remaining Labels of an Issue in Github Actions Auto Close Issues * Add tweak (#1837) * Compile Winutil * Disable SCOOBE in WPFTweaksTele (#1832) * Compile Winutil * Fix 'Disable Storage Sense' Tweak in 'tweaks.json' File (#1843) This was pointed out in GitHub issue https://github.com/ChrisTitusTech/winutil/issues/1838 * Compile Winutil * Add 'UndoScript' to 'Enable End Task With Right Click' Tweak in 'tweaks.json' File (#1842) * Compile Winutil * - Changed version check for Winget to keep Winget updated to latest version and a couple formatting fixes. (#1829) * Compile Winutil * Add 'UndoScript' to 'Disable Hibernation' Tweak in 'teaks.json' File (#1799) * Compile Winutil * Added Requested Apps and Update Command Example in 'README.md' File (#1795) * Add 'UltraVNC' App to 'application.json' File * Update Command Example under sub-section 'Automation' This Commit and its changes are related to issue #1767 , url for issue: https://github.com/ChrisTitusTech/winutil/issues/1767 * Add 'OrcaSlicer' App to 'application.json' File * Add 'Tixati' App to 'application.json' File * Add 'Unigram' App to 'application.json' File * Add 'PDFgear' App to 'application.json' File * Add 'Windows Firewall Control' App to 'application.json' File * Add 'VistaSwitcher' App to 'application.json' File * Add 'Windows Auto Dark Mode' App to 'application.json' File * Add 'CapFrameX' App to 'application.json' File * Update The Link for 'Unigram' App in 'application.json' File * Add 'Magic Wormhole' App to 'application.json' File * Compile Winutil * Add apps from #250 (#1787) * Add SQL management * Add java runtimes * Add azure data studio * Compile Winutil * Update inputXML.xaml (#1845) - Added UseLayoutRounding="True" - This may help fix some cases where text may look blurry on screen for some people. * Compile Winutil * A Temporary Fix to Compilation Program in 'Compile.ps1' Script (#1844) For whatever reason, Compiling using the 'Compile.ps1' Script when there's a Single Quote, in the description of an App for example, it'll try "escaping" it by adding another Single Quote, which's kind of weird. Before there was an Apostrophe, and it'll Compile into Question Marks, probably because the Compile Script doesn't know what an Apostrophe is, or it can't escape it (or for another reason, didn't dig deeper into it), in the end I've made it neither an Apostrophe nor a Single Quote, just the sentence without contractions (Without shortening by combining words). * Compile Winutil * Update Winget Install and Uninstall / Add NuGet and Microsoft.Winget.Client Modules (#1830) * - Changed how WinGet installs and uninstalls are handled, by utilizing and . * Update Winget Install and Uninstall / Add NuGet and Microsoft.Winget.Client Modules - Fixed commands for installing and uninstalling programs through WinGet. - Added NuGet Package Providers (thanks @Marterich) - Added Microsoft.WinGet.Client Module (thanks @Marterich) * Compile Winutil * Reopen #1747 PR (#1818) * Add fxsound * Add simplenote * Add flow launcher * Add CMake * Add musescore * Add jpegview * Add explorer patcher * Add lockhunter * Add BRU * Add spacesniffer * Add Quick Look * Add harmonoid * Add revolt * Add link shell extensions * Add WizFile * Add HWMonitor * Add XnView * Add tabby.sh * Add signalRGB * Add autoruns * Fix typo for 'Autoruns' App in 'applications.json' File * Remove 'Explorer Patcher' App in 'applications.json' File as mentioned by Chris's Feedback on https://github.com/ChrisTitusTech/winutil/pull/1818 PR, Explorer Patcher is known to cause Stability Related Issues to Users who use it, removing it from the Applications List would be a better/wiser decision. * Re-Add 'fxsound' App after Resolving Merge Conflict * Re-Add 'tabby.sh' App after Resolving Merge Conflict --------- Co-authored-by: ModernTTY <165050080+ModernTTY@users.noreply.github.com> * Compile Winutil * Fix Github Actions Auto Close Issues not leaving Issues Open (#1847) * Compile Winutil * Fix Robocopy Not Copying for Users who have a Space in their name (#1851) This was pointed out in https://github.com/ChrisTitusTech/winutil/issues/1848 issue * Compile Winutil * bug fixes from bad pr * Compile Winutil * Better JSON Parsing for Compile Script!! (#1850) * Better JSON Parsing for Compile Script!! Rendering Special XML Character should be possible when parsing json files that have some of these special characters, and without the need to worry about them. Try these changes to see what will be affected, and what won't be. * Undo #1844 PR Changes The problem that #1844 PR Tried to resolve temporarly, should now be fixed permanently with the previous changes to 'Compile.ps1' Script. * Compile Winutil * OO Shutup 10 Tweaks revamped (#1828) * Add new OOSU10 configs * Removed old OOSU config, added install and uninstall calls for the new conrfigs * change filenames, centralize logic in Invoke-WPFOOSU * Change Config Paths to the CTT main repo * removed whitespace * Add -Wait to avoid race condition when OOSU is run together with temp file cleanup --------- Co-authored-by: Chris Titus <contact@christitus.com> * Compile Winutil * Add catch for restore point errors * Compile Winutil --------- Co-authored-by: Rux <jonathan.e.rux@ruxunderscore.com> Co-authored-by: ChrisTitusTech <ChrisTitusTech@users.noreply.github.com> Co-authored-by: CodingWonders <101426328+CodingWonders@users.noreply.github.com> Co-authored-by: Mr.k <mineshtine28546271@gmail.com> Co-authored-by: ModernTTY <165050080+ModernTTY@users.noreply.github.com> Co-authored-by: Straight <107145976+DaEpicR@users.noreply.github.com> Co-authored-by: DaEpicR <DaEpicR@users.noreply.github.com> Co-authored-by: Consejos Tecnológicos de Edu <139326298+lCTdE@users.noreply.github.com> Co-authored-by: Martin Wiethan <47688561+Marterich@users.noreply.github.com>
665 lines
23 KiB
PowerShell
665 lines
23 KiB
PowerShell
function Invoke-MicroWin-Helper {
|
|
<#
|
|
|
|
.SYNOPSIS
|
|
checking unit tests
|
|
|
|
.PARAMETER Name
|
|
no parameters
|
|
|
|
.EXAMPLE
|
|
placeholder
|
|
|
|
#>
|
|
|
|
}
|
|
|
|
function Test-CompatibleImage() {
|
|
<#
|
|
|
|
.SYNOPSIS
|
|
Checks the version of a Windows image and determines whether or not it is compatible with a specific feature depending on a desired version
|
|
|
|
.PARAMETER Name
|
|
imgVersion - The version of the Windows image
|
|
desiredVersion - The version to compare the image version with
|
|
|
|
#>
|
|
|
|
param
|
|
(
|
|
[Parameter(Mandatory = $true, Position=0)] [string] $imgVersion,
|
|
[Parameter(Mandatory = $true, Position=1)] [Version] $desiredVersion
|
|
)
|
|
|
|
try {
|
|
$version = [Version]$imgVersion
|
|
return $version -ge $desiredVersion
|
|
} catch {
|
|
return $False
|
|
}
|
|
}
|
|
|
|
function Remove-Features([switch] $dumpFeatures = $false, [switch] $keepDefender = $false) {
|
|
<#
|
|
|
|
.SYNOPSIS
|
|
Removes certain features from ISO image
|
|
|
|
.PARAMETER Name
|
|
dumpFeatures - Dumps all features found in the ISO into a file called allfeaturesdump.txt. This file can be examined and used to decide what to remove.
|
|
keepDefender - Should Defender be removed from the ISO?
|
|
|
|
.EXAMPLE
|
|
Remove-Features -keepDefender:$false
|
|
|
|
#>
|
|
$featlist = (Get-WindowsOptionalFeature -Path $scratchDir).FeatureName
|
|
if ($dumpFeatures)
|
|
{
|
|
$featlist > allfeaturesdump.txt
|
|
}
|
|
|
|
$featlist = $featlist | Where-Object {
|
|
$_ -NotLike "*Printing*" -AND
|
|
$_ -NotLike "*TelnetClient*" -AND
|
|
$_ -NotLike "*PowerShell*" -AND
|
|
$_ -NotLike "*NetFx*" -AND
|
|
$_ -NotLike "*Media*" -AND
|
|
$_ -NotLike "*NFS*"
|
|
}
|
|
|
|
if ($keepDefender) { $featlist = $featlist | Where-Object { $_ -NotLike "*Defender*" }}
|
|
|
|
foreach($feature in $featlist)
|
|
{
|
|
$status = "Removing feature $feature"
|
|
Write-Progress -Activity "Removing features" -Status $status -PercentComplete ($counter++/$featlist.Count*100)
|
|
Write-Debug "Removing feature $feature"
|
|
Disable-WindowsOptionalFeature -Path "$scratchDir" -FeatureName $feature -Remove -ErrorAction SilentlyContinue -NoRestart
|
|
}
|
|
Write-Progress -Activity "Removing features" -Status "Ready" -Completed
|
|
Write-Host "You can re-enable the disabled features at any time, using either Windows Update or the SxS folder in <installation media>\Sources."
|
|
}
|
|
|
|
function Remove-Packages
|
|
{
|
|
$pkglist = (Get-WindowsPackage -Path "$scratchDir").PackageName
|
|
|
|
$pkglist = $pkglist | Where-Object {
|
|
$_ -NotLike "*ApplicationModel*" -AND
|
|
$_ -NotLike "*indows-Client-LanguagePack*" -AND
|
|
$_ -NotLike "*LanguageFeatures-Basic*" -AND
|
|
$_ -NotLike "*Package_for_ServicingStack*" -AND
|
|
$_ -NotLike "*.NET*" -AND
|
|
$_ -NotLike "*Store*" -AND
|
|
$_ -NotLike "*VCLibs*" -AND
|
|
$_ -NotLike "*AAD.BrokerPlugin",
|
|
$_ -NotLike "*LockApp*" -AND
|
|
$_ -NotLike "*Notepad*" -AND
|
|
$_ -NotLike "*immersivecontrolpanel*" -AND
|
|
$_ -NotLike "*ContentDeliveryManager*" -AND
|
|
$_ -NotLike "*PinningConfirMationDialog*" -AND
|
|
$_ -NotLike "*SecHealthUI*" -AND
|
|
$_ -NotLike "*SecureAssessmentBrowser*" -AND
|
|
$_ -NotLike "*PrintDialog*" -AND
|
|
$_ -NotLike "*AssignedAccessLockApp*" -AND
|
|
$_ -NotLike "*OOBENetworkConnectionFlow*" -AND
|
|
$_ -NotLike "*Apprep.ChxApp*" -AND
|
|
$_ -NotLike "*CBS*" -AND
|
|
$_ -NotLike "*OOBENetworkCaptivePortal*" -AND
|
|
$_ -NotLike "*PeopleExperienceHost*" -AND
|
|
$_ -NotLike "*ParentalControls*" -AND
|
|
$_ -NotLike "*Win32WebViewHost*" -AND
|
|
$_ -NotLike "*InputApp*" -AND
|
|
$_ -NotLike "*AccountsControl*" -AND
|
|
$_ -NotLike "*AsyncTextService*" -AND
|
|
$_ -NotLike "*CapturePicker*" -AND
|
|
$_ -NotLike "*CredDialogHost*" -AND
|
|
$_ -NotLike "*BioEnrollMent*" -AND
|
|
$_ -NotLike "*ShellExperienceHost*" -AND
|
|
$_ -NotLike "*DesktopAppInstaller*" -AND
|
|
$_ -NotLike "*WebMediaExtensions*" -AND
|
|
$_ -NotLike "*WMIC*" -AND
|
|
$_ -NotLike "*UI.XaML*"
|
|
}
|
|
|
|
foreach ($pkg in $pkglist)
|
|
{
|
|
try {
|
|
$status = "Removing $pkg"
|
|
Write-Progress -Activity "Removing Apps" -Status $status -PercentComplete ($counter++/$pkglist.Count*100)
|
|
Remove-WindowsPackage -Path "$scratchDir" -PackageName $pkg -NoRestart -ErrorAction SilentlyContinue
|
|
}
|
|
catch {
|
|
# This can happen if the package that is being removed is a permanent one, like FodMetadata
|
|
Write-Host "Could not remove OS package $($pkg)"
|
|
continue
|
|
}
|
|
}
|
|
Write-Progress -Activity "Removing Apps" -Status "Ready" -Completed
|
|
}
|
|
|
|
function Remove-ProvisionedPackages([switch] $keepSecurity = $false)
|
|
{
|
|
<#
|
|
|
|
.SYNOPSIS
|
|
Removes AppX packages from a Windows image during MicroWin processing
|
|
|
|
.PARAMETER Name
|
|
keepSecurity - Boolean that determines whether to keep "Microsoft.SecHealthUI" (Windows Security) in the Windows image
|
|
|
|
.EXAMPLE
|
|
Remove-ProvisionedPackages -keepSecurity:$false
|
|
|
|
#>
|
|
$appxProvisionedPackages = Get-AppxProvisionedPackage -Path "$($scratchDir)" | Where-Object {
|
|
$_.PackageName -NotLike "*AppInstaller*" -AND
|
|
$_.PackageName -NotLike "*Store*" -and
|
|
$_.PackageName -NotLike "*dism*" -and
|
|
$_.PackageName -NotLike "*Foundation*" -and
|
|
$_.PackageName -NotLike "*FodMetadata*" -and
|
|
$_.PackageName -NotLike "*LanguageFeatures*" -and
|
|
$_.PackageName -NotLike "*Notepad*" -and
|
|
$_.PackageName -NotLike "*Printing*" -and
|
|
$_.PackageName -NotLike "*Wifi*" -and
|
|
$_.PackageName -NotLike "*Foundation*"
|
|
}
|
|
|
|
if ($?)
|
|
{
|
|
if ($keepSecurity) { $appxProvisionedPackages = $appxProvisionedPackages | Where-Object { $_.PackageName -NotLike "*SecHealthUI*" }}
|
|
$counter = 0
|
|
foreach ($appx in $appxProvisionedPackages)
|
|
{
|
|
$status = "Removing Provisioned $($appx.PackageName)"
|
|
Write-Progress -Activity "Removing Provisioned Apps" -Status $status -PercentComplete ($counter++/$appxProvisionedPackages.Count*100)
|
|
Remove-AppxProvisionedPackage -Path $scratchDir -PackageName $appx.PackageName -ErrorAction SilentlyContinue
|
|
}
|
|
Write-Progress -Activity "Removing Provisioned Apps" -Status "Ready" -Completed
|
|
}
|
|
else
|
|
{
|
|
Write-Host "Could not get Provisioned App information. Skipping process..."
|
|
}
|
|
}
|
|
|
|
function Copy-ToUSB([string] $fileToCopy)
|
|
{
|
|
foreach ($volume in Get-Volume) {
|
|
if ($volume -and $volume.FileSystemLabel -ieq "ventoy") {
|
|
$destinationPath = "$($volume.DriveLetter):\"
|
|
#Copy-Item -Path $fileToCopy -Destination $destinationPath -Force
|
|
# Get the total size of the file
|
|
$totalSize = (Get-Item $fileToCopy).length
|
|
|
|
Copy-Item -Path $fileToCopy -Destination $destinationPath -Verbose -Force -Recurse -Container -PassThru |
|
|
ForEach-Object {
|
|
# Calculate the percentage completed
|
|
$completed = ($_.BytesTransferred / $totalSize) * 100
|
|
|
|
# Display the progress bar
|
|
Write-Progress -Activity "Copying File" -Status "Progress" -PercentComplete $completed -CurrentOperation ("{0:N2} MB / {1:N2} MB" -f ($_.BytesTransferred / 1MB), ($totalSize / 1MB))
|
|
}
|
|
|
|
Write-Host "File copied to Ventoy drive $($volume.DriveLetter)"
|
|
return
|
|
}
|
|
}
|
|
Write-Host "Ventoy USB Key is not inserted"
|
|
}
|
|
|
|
function Remove-FileOrDirectory([string] $pathToDelete, [string] $mask = "", [switch] $Directory = $false)
|
|
{
|
|
if(([string]::IsNullOrEmpty($pathToDelete))) { return }
|
|
if (-not (Test-Path -Path "$($pathToDelete)")) { return }
|
|
|
|
$yesNo = Get-LocalizedYesNo
|
|
Write-Host "[INFO] In Your local takeown expects '$($yesNo[0])' as a Yes answer."
|
|
|
|
# Specify the path to the directory
|
|
# $directoryPath = "$($scratchDir)\Windows\System32\LogFiles\WMI\RtBackup"
|
|
# takeown /a /r /d $yesNo[0] /f "$($directoryPath)" > $null
|
|
# icacls "$($directoryPath)" /q /c /t /reset > $null
|
|
# icacls $directoryPath /setowner "*S-1-5-32-544"
|
|
# icacls $directoryPath /grant "*S-1-5-32-544:(OI)(CI)F" /t /c /q
|
|
# Remove-Item -Path $directoryPath -Recurse -Force
|
|
|
|
# # Grant full control to BUILTIN\Administrators using icacls
|
|
# $directoryPath = "$($scratchDir)\Windows\System32\WebThreatDefSvc"
|
|
# takeown /a /r /d $yesNo[0] /f "$($directoryPath)" > $null
|
|
# icacls "$($directoryPath)" /q /c /t /reset > $null
|
|
# icacls $directoryPath /setowner "*S-1-5-32-544"
|
|
# icacls $directoryPath /grant "*S-1-5-32-544:(OI)(CI)F" /t /c /q
|
|
# Remove-Item -Path $directoryPath -Recurse -Force
|
|
|
|
$itemsToDelete = [System.Collections.ArrayList]::new()
|
|
|
|
if ($mask -eq "")
|
|
{
|
|
Write-Debug "Adding $($pathToDelete) to array."
|
|
[void]$itemsToDelete.Add($pathToDelete)
|
|
}
|
|
else
|
|
{
|
|
Write-Debug "Adding $($pathToDelete) to array and mask is $($mask)"
|
|
if ($Directory) { $itemsToDelete = Get-ChildItem $pathToDelete -Include $mask -Recurse -Directory }
|
|
else { $itemsToDelete = Get-ChildItem $pathToDelete -Include $mask -Recurse }
|
|
}
|
|
|
|
foreach($itemToDelete in $itemsToDelete)
|
|
{
|
|
$status = "Deleting $($itemToDelete)"
|
|
Write-Progress -Activity "Removing Items" -Status $status -PercentComplete ($counter++/$itemsToDelete.Count*100)
|
|
|
|
if (Test-Path -Path "$($itemToDelete)" -PathType Container)
|
|
{
|
|
$status = "Deleting directory: $($itemToDelete)"
|
|
|
|
takeown /r /d $yesNo[0] /a /f "$($itemToDelete)"
|
|
icacls "$($itemToDelete)" /q /c /t /reset
|
|
icacls $itemToDelete /setowner "*S-1-5-32-544"
|
|
icacls $itemToDelete /grant "*S-1-5-32-544:(OI)(CI)F" /t /c /q
|
|
Remove-Item -Force -Recurse "$($itemToDelete)"
|
|
}
|
|
elseif (Test-Path -Path "$($itemToDelete)" -PathType Leaf)
|
|
{
|
|
$status = "Deleting file: $($itemToDelete)"
|
|
|
|
takeown /a /f "$($itemToDelete)"
|
|
icacls "$($itemToDelete)" /q /c /t /reset
|
|
icacls "$($itemToDelete)" /setowner "*S-1-5-32-544"
|
|
icacls "$($itemToDelete)" /grant "*S-1-5-32-544:(OI)(CI)F" /t /c /q
|
|
Remove-Item -Force "$($itemToDelete)"
|
|
}
|
|
}
|
|
Write-Progress -Activity "Removing Items" -Status "Ready" -Completed
|
|
}
|
|
|
|
function New-Unattend {
|
|
|
|
# later if we wont to remove even more bloat EU requires MS to remove everything from English(world)
|
|
# Below is an example how to do it we probably should create a drop down with common locals
|
|
# <settings pass="specialize">
|
|
# <!-- Specify English (World) locale -->
|
|
# <component name="Microsoft-Windows-International-Core" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
# <SetupUILanguage>
|
|
# <UILanguage>en-US</UILanguage>
|
|
# </SetupUILanguage>
|
|
# <InputLocale>en-US</InputLocale>
|
|
# <SystemLocale>en-US</SystemLocale>
|
|
# <UILanguage>en-US</UILanguage>
|
|
# <UserLocale>en-US</UserLocale>
|
|
# </component>
|
|
# </settings>
|
|
|
|
# <settings pass="oobeSystem">
|
|
# <!-- Specify English (World) locale -->
|
|
# <component name="Microsoft-Windows-International-Core" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
# <InputLocale>en-US</InputLocale>
|
|
# <SystemLocale>en-US</SystemLocale>
|
|
# <UILanguage>en-US</UILanguage>
|
|
# <UserLocale>en-US</UserLocale>
|
|
# </component>
|
|
# </settings>
|
|
# using here string to embedd unattend
|
|
# <RunSynchronousCommand wcm:action="add">
|
|
# <Order>1</Order>
|
|
# <Path>net user administrator /active:yes</Path>
|
|
# </RunSynchronousCommand>
|
|
|
|
# this section doesn't work in win10/????
|
|
# <settings pass="specialize">
|
|
# <component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
# <CEIPEnabled>0</CEIPEnabled>
|
|
# </component>
|
|
# <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
# <ConfigureChatAutoInstall>false</ConfigureChatAutoInstall>
|
|
# </component>
|
|
# </settings>
|
|
|
|
$unattend = @'
|
|
<?xml version="1.0" encoding="utf-8"?>
|
|
<unattend xmlns="urn:schemas-microsoft-com:unattend"
|
|
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<#REPLACEME#>
|
|
<settings pass="auditUser">
|
|
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<RunSynchronous>
|
|
<RunSynchronousCommand wcm:action="add">
|
|
<Order>1</Order>
|
|
<CommandLine>CMD /C echo LAU GG>C:\Windows\LogAuditUser.txt</CommandLine>
|
|
<Description>StartMenu</Description>
|
|
</RunSynchronousCommand>
|
|
</RunSynchronous>
|
|
</component>
|
|
</settings>
|
|
<settings pass="oobeSystem">
|
|
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<OOBE>
|
|
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
|
|
<SkipUserOOBE>false</SkipUserOOBE>
|
|
<SkipMachineOOBE>false</SkipMachineOOBE>
|
|
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
|
|
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
|
|
<HideEULAPage>true</HideEULAPage>
|
|
<ProtectYourPC>3</ProtectYourPC>
|
|
</OOBE>
|
|
<FirstLogonCommands>
|
|
<SynchronousCommand wcm:action="add">
|
|
<Order>1</Order>
|
|
<CommandLine>cmd.exe /c echo 23>c:\windows\csup.txt</CommandLine>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<Order>2</Order>
|
|
<CommandLine>CMD /C echo GG>C:\Windows\LogOobeSystem.txt</CommandLine>
|
|
</SynchronousCommand>
|
|
<SynchronousCommand wcm:action="add">
|
|
<Order>3</Order>
|
|
<CommandLine>powershell -ExecutionPolicy Bypass -File c:\windows\FirstStartup.ps1</CommandLine>
|
|
</SynchronousCommand>
|
|
</FirstLogonCommands>
|
|
</component>
|
|
</settings>
|
|
</unattend>
|
|
'@
|
|
$specPass = @'
|
|
<settings pass="specialize">
|
|
<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<CEIPEnabled>0</CEIPEnabled>
|
|
</component>
|
|
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
|
<ConfigureChatAutoInstall>false</ConfigureChatAutoInstall>
|
|
</component>
|
|
</settings>
|
|
'@
|
|
if ((Test-CompatibleImage $imgVersion $([System.Version]::new(10,0,22000,1))) -eq $false)
|
|
{
|
|
# Replace the placeholder text with an empty string to make it valid for Windows 10 Setup
|
|
$unattend = $unattend.Replace("<#REPLACEME#>", "").Trim()
|
|
}
|
|
else
|
|
{
|
|
# Replace the placeholder text with the Specialize pass
|
|
$unattend = $unattend.Replace("<#REPLACEME#>", $specPass).Trim()
|
|
}
|
|
$unattend | Out-File -FilePath "$env:temp\unattend.xml" -Force -Encoding utf8
|
|
}
|
|
|
|
function New-CheckInstall {
|
|
|
|
# using here string to embedd firstrun
|
|
$checkInstall = @'
|
|
@echo off
|
|
if exist "C:\windows\cpu.txt" (
|
|
echo C:\windows\cpu.txt exists
|
|
) else (
|
|
echo C:\windows\cpu.txt does not exist
|
|
)
|
|
if exist "C:\windows\SerialNumber.txt" (
|
|
echo C:\windows\SerialNumber.txt exists
|
|
) else (
|
|
echo C:\windows\SerialNumber.txt does not exist
|
|
)
|
|
if exist "C:\unattend.xml" (
|
|
echo C:\unattend.xml exists
|
|
) else (
|
|
echo C:\unattend.xml does not exist
|
|
)
|
|
if exist "C:\Windows\Setup\Scripts\SetupComplete.cmd" (
|
|
echo C:\Windows\Setup\Scripts\SetupComplete.cmd exists
|
|
) else (
|
|
echo C:\Windows\Setup\Scripts\SetupComplete.cmd does not exist
|
|
)
|
|
if exist "C:\Windows\Panther\unattend.xml" (
|
|
echo C:\Windows\Panther\unattend.xml exists
|
|
) else (
|
|
echo C:\Windows\Panther\unattend.xml does not exist
|
|
)
|
|
if exist "C:\Windows\System32\Sysprep\unattend.xml" (
|
|
echo C:\Windows\System32\Sysprep\unattend.xml exists
|
|
) else (
|
|
echo C:\Windows\System32\Sysprep\unattend.xml does not exist
|
|
)
|
|
if exist "C:\Windows\FirstStartup.ps1" (
|
|
echo C:\Windows\FirstStartup.ps1 exists
|
|
) else (
|
|
echo C:\Windows\FirstStartup.ps1 does not exist
|
|
)
|
|
if exist "C:\Windows\winutil.ps1" (
|
|
echo C:\Windows\winutil.ps1 exists
|
|
) else (
|
|
echo C:\Windows\winutil.ps1 does not exist
|
|
)
|
|
if exist "C:\Windows\LogSpecialize.txt" (
|
|
echo C:\Windows\LogSpecialize.txt exists
|
|
) else (
|
|
echo C:\Windows\LogSpecialize.txt does not exist
|
|
)
|
|
if exist "C:\Windows\LogAuditUser.txt" (
|
|
echo C:\Windows\LogAuditUser.txt exists
|
|
) else (
|
|
echo C:\Windows\LogAuditUser.txt does not exist
|
|
)
|
|
if exist "C:\Windows\LogOobeSystem.txt" (
|
|
echo C:\Windows\LogOobeSystem.txt exists
|
|
) else (
|
|
echo C:\Windows\LogOobeSystem.txt does not exist
|
|
)
|
|
if exist "c:\windows\csup.txt" (
|
|
echo c:\windows\csup.txt exists
|
|
) else (
|
|
echo c:\windows\csup.txt does not exist
|
|
)
|
|
if exist "c:\windows\LogFirstRun.txt" (
|
|
echo c:\windows\LogFirstRun.txt exists
|
|
) else (
|
|
echo c:\windows\LogFirstRun.txt does not exist
|
|
)
|
|
'@
|
|
$checkInstall | Out-File -FilePath "$env:temp\checkinstall.cmd" -Force -Encoding Ascii
|
|
}
|
|
|
|
function New-FirstRun {
|
|
|
|
# using here string to embedd firstrun
|
|
$firstRun = @'
|
|
# Set the global error action preference to continue
|
|
$ErrorActionPreference = "Continue"
|
|
function Remove-RegistryValue
|
|
{
|
|
param (
|
|
[Parameter(Mandatory = $true)]
|
|
[string]$RegistryPath,
|
|
|
|
[Parameter(Mandatory = $true)]
|
|
[string]$ValueName
|
|
)
|
|
|
|
# Check if the registry path exists
|
|
if (Test-Path -Path $RegistryPath)
|
|
{
|
|
$registryValue = Get-ItemProperty -Path $RegistryPath -Name $ValueName -ErrorAction SilentlyContinue
|
|
|
|
# Check if the registry value exists
|
|
if ($registryValue)
|
|
{
|
|
# Remove the registry value
|
|
Remove-ItemProperty -Path $RegistryPath -Name $ValueName -Force
|
|
Write-Host "Registry value '$ValueName' removed from '$RegistryPath'."
|
|
}
|
|
else
|
|
{
|
|
Write-Host "Registry value '$ValueName' not found in '$RegistryPath'."
|
|
}
|
|
}
|
|
else
|
|
{
|
|
Write-Host "Registry path '$RegistryPath' not found."
|
|
}
|
|
}
|
|
|
|
function Stop-UnnecessaryServices
|
|
{
|
|
$servicesToExclude = @(
|
|
"AudioSrv",
|
|
"AudioEndpointBuilder",
|
|
"BFE",
|
|
"BITS",
|
|
"BrokerInfrastructure",
|
|
"CDPSvc",
|
|
"CDPUserSvc_dc2a4",
|
|
"CoreMessagingRegistrar",
|
|
"CryptSvc",
|
|
"DPS",
|
|
"DcomLaunch",
|
|
"Dhcp",
|
|
"DispBrokerDesktopSvc",
|
|
"Dnscache",
|
|
"DoSvc",
|
|
"DusmSvc",
|
|
"EventLog",
|
|
"EventSystem",
|
|
"FontCache",
|
|
"LSM",
|
|
"LanmanServer",
|
|
"LanmanWorkstation",
|
|
"MapsBroker",
|
|
"MpsSvc",
|
|
"OneSyncSvc_dc2a4",
|
|
"Power",
|
|
"ProfSvc",
|
|
"RpcEptMapper",
|
|
"RpcSs",
|
|
"SCardSvr",
|
|
"SENS",
|
|
"SamSs",
|
|
"Schedule",
|
|
"SgrmBroker",
|
|
"ShellHWDetection",
|
|
"Spooler",
|
|
"SysMain",
|
|
"SystemEventsBroker",
|
|
"TextInputManagementService",
|
|
"Themes",
|
|
"TrkWks",
|
|
"UserManager",
|
|
"VGAuthService",
|
|
"VMTools",
|
|
"WSearch",
|
|
"Wcmsvc",
|
|
"WinDefend",
|
|
"Winmgmt",
|
|
"WlanSvc",
|
|
"WpnService",
|
|
"WpnUserService_dc2a4",
|
|
"cbdhsvc_dc2a4",
|
|
"edgeupdate",
|
|
"gpsvc",
|
|
"iphlpsvc",
|
|
"mpssvc",
|
|
"nsi",
|
|
"sppsvc",
|
|
"tiledatamodelsvc",
|
|
"vm3dservice",
|
|
"webthreatdefusersvc_dc2a4",
|
|
"wscsvc"
|
|
)
|
|
|
|
$runningServices = Get-Service | Where-Object { $servicesToExclude -notcontains $_.Name }
|
|
foreach($service in $runningServices)
|
|
{
|
|
Stop-Service -Name $service.Name -PassThru
|
|
Set-Service $service.Name -StartupType Manual
|
|
"Stopping service $($service.Name)" | Out-File -FilePath c:\windows\LogFirstRun.txt -Append -NoClobber
|
|
}
|
|
}
|
|
|
|
"FirstStartup has worked" | Out-File -FilePath c:\windows\LogFirstRun.txt -Append -NoClobber
|
|
|
|
$Theme = "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize"
|
|
Set-ItemProperty -Path $Theme -Name AppsUseLightTheme -Value 1
|
|
Set-ItemProperty -Path $Theme -Name SystemUsesLightTheme -Value 1
|
|
|
|
# figure this out later how to set updates to security only
|
|
#Import-Module -Name PSWindowsUpdate;
|
|
#Stop-Service -Name wuauserv
|
|
#Set-WUSettings -MicrosoftUpdateEnabled -AutoUpdateOption 'Never'
|
|
#Start-Service -Name wuauserv
|
|
|
|
Stop-UnnecessaryServices
|
|
|
|
$taskbarPath = "$env:AppData\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar"
|
|
# Delete all files on the Taskbar
|
|
Get-ChildItem -Path $taskbarPath -File | Remove-Item -Force
|
|
Remove-RegistryValue -RegistryPath "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband" -ValueName "FavoritesRemovedChanges"
|
|
Remove-RegistryValue -RegistryPath "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband" -ValueName "FavoritesChanges"
|
|
Remove-RegistryValue -RegistryPath "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband" -ValueName "Favorites"
|
|
|
|
# Stop-Process -Name explorer -Force
|
|
|
|
$process = Get-Process -Name "explorer"
|
|
Stop-Process -InputObject $process
|
|
# Wait for the process to exit
|
|
Wait-Process -InputObject $process
|
|
Start-Sleep -Seconds 3
|
|
|
|
# Delete Edge Icon from the desktop
|
|
$edgeShortcutFiles = Get-ChildItem -Path $desktopPath -Filter "*Edge*.lnk"
|
|
# Check if Edge shortcuts exist on the desktop
|
|
if ($edgeShortcutFiles)
|
|
{
|
|
foreach ($shortcutFile in $edgeShortcutFiles)
|
|
{
|
|
# Remove each Edge shortcut
|
|
Remove-Item -Path $shortcutFile.FullName -Force
|
|
Write-Host "Edge shortcut '$($shortcutFile.Name)' removed from the desktop."
|
|
}
|
|
}
|
|
Remove-Item -Path "$env:USERPROFILE\Desktop\*.lnk"
|
|
Remove-Item -Path "C:\Users\Default\Desktop\*.lnk"
|
|
|
|
# ************************************************
|
|
# Create WinUtil shortcut on the desktop
|
|
#
|
|
$desktopPath = "$($env:USERPROFILE)\Desktop"
|
|
# Specify the target PowerShell command
|
|
$command = "powershell.exe -NoProfile -ExecutionPolicy Bypass -Command 'irm https://christitus.com/win | iex'"
|
|
# Specify the path for the shortcut
|
|
$shortcutPath = Join-Path $desktopPath 'winutil.lnk'
|
|
# Create a shell object
|
|
$shell = New-Object -ComObject WScript.Shell
|
|
|
|
# Create a shortcut object
|
|
$shortcut = $shell.CreateShortcut($shortcutPath)
|
|
|
|
if (Test-Path -Path "c:\Windows\cttlogo.png")
|
|
{
|
|
$shortcut.IconLocation = "c:\Windows\cttlogo.png"
|
|
}
|
|
|
|
# Set properties of the shortcut
|
|
$shortcut.TargetPath = "powershell.exe"
|
|
$shortcut.Arguments = "-NoProfile -ExecutionPolicy Bypass -Command `"$command`""
|
|
# Save the shortcut
|
|
$shortcut.Save()
|
|
|
|
# Make the shortcut have 'Run as administrator' property on
|
|
$bytes = [System.IO.File]::ReadAllBytes($shortcutPath)
|
|
# Set byte value at position 0x15 in hex, or 21 in decimal, from the value 0x00 to 0x20 in hex
|
|
$bytes[0x15] = $bytes[0x15] -bor 0x20
|
|
[System.IO.File]::WriteAllBytes($shortcutPath, $bytes)
|
|
|
|
Write-Host "Shortcut created at: $shortcutPath"
|
|
#
|
|
# Done create WinUtil shortcut on the desktop
|
|
# ************************************************
|
|
|
|
Start-Process explorer
|
|
|
|
'@
|
|
$firstRun | Out-File -FilePath "$env:temp\FirstStartup.ps1" -Force
|
|
}
|