@ -0,0 +1,17 @@ | |||
--- | |||
title: Custom | |||
description: Custom AME configuration | |||
privilege: Admin | |||
actions: [] | |||
features: | |||
- features/base/base.yml | |||
- features/base/components.yml | |||
- features/base/files.yml | |||
- features/base/login.yml | |||
- features/base/shortcuts.yml | |||
- features/base/windowsterminal.yml | |||
- features/base/choco.yml | |||
- features/base/silent.yml | |||
- features/base/wallpaper.yml | |||
- features/base/permission.yml | |||
- features/base/admin.yml |
@ -0,0 +1,9 @@ | |||
--- | |||
title: Admin | |||
description: Remove user from admin group, enable administrator account | |||
privilege: Admin | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "ADMIN.bat" | |||
weight: 10 |
@ -0,0 +1,24 @@ | |||
--- | |||
title: Base | |||
description: Base AME configuration | |||
privilege: Admin | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "DNET.bat" | |||
weight: 60 | |||
- !run: | |||
exeDir: true | |||
exe: "REGI.bat" | |||
weight: 30 | |||
- !run: | |||
exeDir: true | |||
exe: "SFCDEPLOY.bat" | |||
weight: 5 | |||
- !run: | |||
exeDir: true | |||
exe: "TILE.bat" | |||
weight: 15 | |||
- !run: | |||
exeDir: true | |||
exe: "BANN.bat" |
@ -0,0 +1,17 @@ | |||
--- | |||
title: Chocolatey | |||
description: Chocolatey configuration | |||
privilege: Admin | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "CHOC.bat" | |||
weight: 250 | |||
- !run: | |||
exeDir: true | |||
exe: "FIREFOXCONF.bat" | |||
weight: 20 | |||
- !run: | |||
exeDir: true | |||
exe: "FILEASSOC.bat" | |||
weight: 50 |
@ -0,0 +1,24 @@ | |||
title: Components | |||
description: Remove certain windows components | |||
privilege: TrustedInstaller | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "EDGE.bat" | |||
weight: 20 | |||
- !run: | |||
exeDir: true | |||
exe: "EDGEX.bat" | |||
weight: 10 | |||
- !run: | |||
exeDir: true | |||
exe: "ONED.bat" | |||
weight: 20 | |||
- !run: | |||
exeDir: true | |||
exe: "APPX.bat" | |||
weight: 120 | |||
- !run: | |||
exeDir: true | |||
exe: "CONVERT.bat" | |||
weight: 10 |
@ -0,0 +1,715 @@ | |||
title: Files | |||
description: delete files | |||
privilege: TrustedInstaller | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "SERV.bat" | |||
weight: 50 | |||
- !cmd: | |||
command: "taskkill /f /im explorer.exe" | |||
- !cmd: | |||
command: "taskkill /f /im msedge.exe" | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Customer Experience Improvement Program\\Consolidator" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Customer Experience Improvement Program\\KernelCeipTask" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Customer Experience Improvement Program\\UsbCeip" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Application Experience\\Microsoft Compatibility Appraiser" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Application Experience\\ProgramDataUpdater" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Application Experience\\StartupAppTask" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Clip\\License Validation" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Customer Experience Improvement Program\\UsbCeip" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\HelloFace\\FODCleanupTask" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Maps\\MapsToastTask" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Maps\\MapsUpdateTask" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\UpdateOrchestrator\\Schedule Scan" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\UpdateOrchestrator\\Schedule Scan Static Task" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\UpdateOrchestrator\\UpdateModelTask" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\UpdateOrchestrator\\USO_UxBroker" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Windows Defender\\Windows Defender Cache Maintenance" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Windows Defender\\Windows Defender Cleanup" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Windows Defender\\Windows Defender Scheduled Scan" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\Windows Defender\\Windows Defender Verification" | |||
state: absent | |||
- !task: | |||
path: "\\Microsoft\\Windows\\WindowsUpdate\\Scheduled Start" | |||
state: absent | |||
- !taskkill: | |||
name: "NisSrv" | |||
- !taskkill: | |||
name: "MicrosoftEdgeUpdate" | |||
- !taskkill: | |||
name: "SecurityHealthService" | |||
- !taskkill: | |||
name: "SecurityHealthSystray" | |||
- !taskkill: | |||
name: "SkypeBackgroundHost" | |||
- !taskkill: | |||
name: "OneDrive" | |||
- !taskkill: | |||
name: "MsMpEng" | |||
- !taskkill: | |||
name: "msiexec" | |||
- !file: | |||
path: "%windir%\\System32\\smartscreen.exe" | |||
- !file: | |||
path: "%windir%\\System32\\SecurityHealthSystray.exe" | |||
- !file: | |||
path: "%windir%\\System32\\SecurityHealthService.exe" | |||
- !file: | |||
path: "%windir%\\System32\\SecurityHealthAgent.dll" | |||
- !file: | |||
path: "%windir%\\System32\\SecurityHealthHost.exe" | |||
- !file: | |||
path: "%windir%\\System32\\SecurityHealthSSO.dll" | |||
- !file: | |||
path: "%windir%\\System32\\smartscreenps.dll" | |||
- !file: | |||
path: "%ProgramFiles(x86)%\\Windows Media Player" | |||
- !file: | |||
path: "%ProgramW6432%\\Windows Media Player" | |||
- !file: | |||
path: "%ProgramFiles(x86)%\\Windows Mail" | |||
- !file: | |||
path: "%ProgramW6432%\\Windows Mail" | |||
- !file: | |||
path: "%windir%\\System32\\SecurityHealthSystray.exe" | |||
- !file: | |||
path: "%windir%\\System32\\SecurityHealthService.exe" | |||
- !file: | |||
path: "%windir%\\System32\\SecurityHealthHost.exe" | |||
- !file: | |||
path: "%windir%\\System32\\SecurityHealthAgent.dll" | |||
- !file: | |||
path: "%windir%\\System32\\wscsvc.dll" | |||
- !file: | |||
path: "%ProgramW6432%\\Windows Defender" | |||
weight: 10 | |||
- !file: | |||
path: "%ProgramData%\\Microsoft\\Windows Defender" | |||
weight: 10 | |||
- !file: | |||
path: "%ProgramFiles(x86)%\\Windows Defender" | |||
weight: 10 | |||
- !file: | |||
path: "%ProgramData%\\Microsoft OneDrive" | |||
- !file: | |||
path: "%ProgramW6432%\\Microsoft Update Health Tools" | |||
- !file: | |||
path: "%ProgramFiles(x86)%\\Internet Explorer" | |||
- !file: | |||
path: "%ProgramW6432%\\Internet Explorer" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\Apps" | |||
- !file: | |||
path: "%windir%\\SystemApps\\Microsoft.XboxIdentityProvider*" | |||
- !file: | |||
path: "%windir%\\SystemApps\\Microsoft.XboxGameCallableUI*" | |||
- !file: | |||
path: "%windir%\\SystemApps\\Microsoft.Windows.Cortana*" | |||
- !file: | |||
path: "%windir%\\SystemApps\\Microsoft.MicrosoftEdge*" | |||
- !file: | |||
path: "%windir%\\SystemApps\\*ContentDeliveryManager*" | |||
- !file: | |||
path: "%windir%\\SystemApps\\*CloudExperienceHost*" | |||
- !file: | |||
path: "%ProgramW6432%\\PCHealthCheck" | |||
- !file: | |||
path: "%ProgramW6432%\\Windows Defender Advanced Threat Protection" | |||
- !file: | |||
path: "C:\\ProgramData\\Microsoft\\Windows Defender Advanced Threat Protection" | |||
- !file: | |||
path: "%windir%\\System32\\MoNotificationUx.exe" | |||
- !file: | |||
path: "%windir%\\System32\\MusNotifyIcon.exe" | |||
- !file: | |||
path: "%windir%\\System32\\MusNotificationUx.exe" | |||
- !file: | |||
path: "%windir%\\System32\\MoNotifyIconHandler.dll" | |||
- !file: | |||
path: "%windir%\\System32\\MusUpdateHandlers.dll" | |||
- !file: | |||
path: "%windir%\\System32\\MusDialogHandlers.dll" | |||
- !file: | |||
path: "%windir%\\System32\\MusUxToastHandler.dll" | |||
- !file: | |||
path: "%windir%\\UUS" | |||
# - !file: | |||
# path: "%windir%\\SoftwareDistribution" | |||
- !file: | |||
path: "%windir%\\System32\\OOBE" | |||
# - !file: | |||
# path: "%windir%\\System32\\SgrmBroker.exe" | |||
# - !file: | |||
# path: "%windir%\\System32\\SgrmEnclave.dll" | |||
# - !file: | |||
# path: "%windir%\\System32\\SgrmEnclave_secure.dll" | |||
# - !file: | |||
# path: "%windir%\\System32\\SgrmLpac.exe" | |||
- !file: | |||
path: "%ProgramW6432%\\Windows Security" | |||
- !file: | |||
path: "%windir%\\System32\\wuapi.dll" | |||
- !file: | |||
path: "%windir%\\System32\\wuapihost.exe" | |||
- !file: | |||
path: "%windir%\\System32\\wuauclt.exe" | |||
- !file: | |||
path: "%windir%\\System32\\wuaueng.dll" | |||
- !file: | |||
path: "%ProgramFiles(x86)%\\Microsoft" | |||
- !file: | |||
path: "%windir%\\System32\\AppLockerCSP.dll" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\AppLockerCSP.dll" | |||
- !file: | |||
path: "%windir%\\System32\\drivers\\applockerfltr.sys" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\applockercsp.dll.mui" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\AppLocker\\AppLocker.psd1" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\AppLocker\\AppLocker.psd1" | |||
- !file: | |||
path: "C:\\ProgramData\\Microsoft\\Diagnosis\\ETLLogs\\Autologger\\AutoLogger-Diagtrack-Listener.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\Microsoft\\Diagnosis\\ETLLogs\\Autologger\\AutoLogger-Diagtrack-Listener.etl" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\EventTracingManagement\\MSFT_AutologgerConfig_v1.0.cdxml" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\EventTracingManagement\\MSFT_AutologgerConfig_v1.0.cdxml" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\Microsoft\\Diagnosis\\ETLLogs\\Autologger\\AutoLogger-Diagtrack-Listener.etl" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\EventTracingManagement\\MSFT_AutologgerConfig_v1.0.format.ps1xml" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\EventTracingManagement\\MSFT_AutologgerConfig_v1.0.format.ps1xml" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\Provisioning\\provautologger_add.reg" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\Provisioning\\provautologger_del.reg" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\Provisioning\\provautologger_add.reg" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\Provisioning\\provautologger_del.reg" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\OneDriveSetup.exe" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\OneDriveSettingSyncProvider.dll" | |||
#- !file: | |||
# path: "%windir%\\System32\\ClipSVC.dll" | |||
#- !file: | |||
# path: "%windir%\\System32\\en-US\\clipsvc.dll.mui" | |||
- !file: | |||
path: "C:\\ProgramData\\Microsoft\\Windows\\ClipSVC\\tokens.dat" | |||
- !file: | |||
path: "C:\\Users\\All Users\\Microsoft\\Windows\\ClipSVC\\tokens.dat" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\Microsoft\\Windows\\ClipSVC\\tokens.dat" | |||
- !file: | |||
path: "C:\\ProgramData\\Microsoft\\Windows\\ClipSVC" | |||
- !file: | |||
path: "C:\\Users\\All Users\\Microsoft\\Windows\\ClipSVC" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\Microsoft\\Windows\\ClipSVC" | |||
- !file: | |||
path: "%windir%\\System32\\ClipUp.exe" | |||
- !file: | |||
path: "%windir%\\System32\\DeliveryOptimizationMIProv.mof" | |||
- !file: | |||
path: "%windir%\\PolicyDefinitions\\DeliveryOptimization.admx" | |||
- !file: | |||
path: "%windir%\\System32\\DeliveryOptimizationMIProvUninstall.mof" | |||
- !file: | |||
path: "%windir%\\PolicyDefinitions\\en-US\\DeliveryOptimization.adml" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\DeliveryOptimization\\DeliveryOptimization.psd1" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\DeliveryOptimization\\DeliveryOptimization.psd1" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\DeliveryOptimization\\DeliveryOptimizationStatus.psm1" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\DeliveryOptimization\\DeliveryOptimizationStatus.psm1" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\DeliveryOptimization\\DeliveryOptimizationVerboseLogs.psm1" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\DeliveryOptimization\\DeliveryOptimizationVerboseLogs.psm1" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\State\\migration.dat" | |||
- !taskkill: | |||
name: "LogonUI" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\State\\dosvcState.dat" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\State\\migration.dat.LOG1" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\State\\migration.dat.LOG2" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\State\\dosvcState.dat.LOG1" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\State\\dosvcState.dat.LOG2" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\DeliveryOptimization\\Microsoft.Windows.DeliveryOptimization.AdminCommands.dll" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\DeliveryOptimization\\Microsoft.Windows.DeliveryOptimization.AdminCommands.dll" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20201119_074736_959.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20210317_230544_126.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20210331_194932_086.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20210401_010837_018.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20210401_011649_049.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20210401_014000_025.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20210401_021554_184.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20210401_023127_689.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20210424_231742_182.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\dosvc.20210424_232559_356.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\domgmt.20210317_230400_085.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\domgmt.20210401_011537_705.etl" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization\\Logs\\domgmt.20210424_232442_384.etl" | |||
- !file: | |||
path: "%windir%\\System32\\DeviceCensus.exe" | |||
- !file: | |||
path: "%windir%\\System32\\diagtrack.dll" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\utc.allow.diffbase" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\analyticsevents.dat" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\utc.privacy.diffbase" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\Settings\\utc.app.json" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\diagtrack.dll.mui" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\Settings\\utc.tracing.json" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\RunExeActionAllowedList.dat" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\GetFileActionAllowedList.dat" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\GetFileInfoActionAllowedList.dat" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\Scenarios\\windows.uif_ondemand.xml" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\Settings\\windows.uif_ondemand.json" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\RemoteAggregatorTriggerCriteria.dat" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\Scenarios\\windows.diag_ondemand.xml" | |||
- !file: | |||
path: "%windir%\\System32\\LogFiles\\WMI\\Diagtrack-Listener.etl.004" | |||
- !file: | |||
path: "%windir%\\DiagTrack\\Settings\\telemetry.ASM-WindowsDefault.json" | |||
- !file: | |||
path: "C:\\ProgramData\\Microsoft\\Diagnosis\\ETLLogs\\ShutdownLogger\\Diagtrack-Listener.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\Microsoft\\Diagnosis\\ETLLogs\\ShutdownLogger\\Diagtrack-Listener.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\Microsoft\\Diagnosis\\ETLLogs\\Autologger\\AutoLogger-Diagtrack-Listener.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\Microsoft\\Diagnosis\\ETLLogs\\Autologger\\AutoLogger-Diagtrack-Listener.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\Microsoft\\Diagnosis\\ETLLogs\\ShutdownLogger\\Diagtrack-Listener.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\Microsoft\\Diagnosis\\ETLLogs\\Autologger\\AutoLogger-Diagtrack-Listener.etl" | |||
- !file: | |||
path: "%windir%\\System32\\dmclient.exe" | |||
- !file: | |||
path: "%windir%\\System32\\DDFs\\DMClient_DDF.xml" | |||
- !file: | |||
path: "%windir%\\System32\\Tasks\\Microsoft\\Windows\\Feedback\\Siuf\\DmClient" | |||
- !file: | |||
path: "%windir%\\System32\\Tasks\\Microsoft\\Windows\\Feedback\\Siuf\\DmClientOnScenarioDownload" | |||
- !file: | |||
path: "%windir%\\System32\\omadmclient.exe" | |||
- !file: | |||
path: "%windir%\\System32\\dosvc.dll" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\dosvc.dll.mui" | |||
- !file: | |||
path: "%windir%\\ServiceProfiles\\NetworkService\\AppData\\Local\\Microsoft\\Windows\\DeliveryOptimization" | |||
- !file: | |||
path: "%windir%\\PolicyDefinitions\\EnhancedStorage.admx" | |||
- !file: | |||
path: "%windir%\\PolicyDefinitions\\en-US\\EnhancedStorage.adml" | |||
- !file: | |||
path: "%windir%\\PolicyDefinitions\\hotspotauth.admx" | |||
- !file: | |||
path: "%windir%\\PolicyDefinitions\\en-US\\hotspotauth.adml" | |||
- !file: | |||
path: "%windir%\\schemas\\Provisioning\\hotspotprofile_v1.xsd" | |||
- !file: | |||
path: "%windir%\\System32\\Windows.Networking.NetworkOperators.HotspotAuthentication.dll" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\Windows.Networking.NetworkOperators.HotspotAuthentication.dll" | |||
- !file: | |||
path: "%windir%\\System32\\invagent.dll" | |||
- !file: | |||
path: "%windir%\\System32\\msra.exe" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\msra.exe" | |||
- !file: | |||
path: "%windir%\\System32\\msrahc.dll" | |||
- !file: | |||
path: "%windir%\\System32\\MsraLegacy.tlb" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\MsraLegacy.tlb" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\msra.exe.mui" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\msrahc.dll.mui" | |||
- !file: | |||
path: "%windir%\\System32\\SIHClient.exe" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\sihclient.exe.mui" | |||
- !file: | |||
path: "%windir%\\Prefetch\\SIHCLIENT.EXE-A872A8BF.pf" | |||
- !file: | |||
path: "%windir%\\System32\\slui.exe" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\slui.exe.mui" | |||
- !file: | |||
path: "%windir%\\Prefetch\\SLUI.EXE-724E99D9.pf" | |||
- !file: | |||
path: "%windir%\\System32\\Startupscan.dll" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\Startupscan.dll" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\Startupscan.dll.mui" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\en-US\\Startupscan.dll.mui" | |||
- !file: | |||
path: "%windir%\\System32\\StorSvc.dll" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\StorSvc.dll.mui" | |||
- !file: | |||
path: "%windir%\\System32\\usoapi.dll" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\usoapi.dll" | |||
- !file: | |||
path: "%windir%\\System32\\UsoClient.exe" | |||
- !file: | |||
path: "%windir%\\System32\\usocoreps.dll" | |||
- !file: | |||
path: "%windir%\\System32\\usocoreworker.exe" | |||
- !file: | |||
path: "%windir%\\System32\\MoUsoCoreWorker.exe" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.2bdb351a-82b4-4f2c-bc55-ec328ca677be.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.4a695923-0852-4c25-9999-60bc09954fbe.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.5e2840a3-5955-481c-83b8-ddd64cdaa7ae.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.761c6d23-f36c-46be-bf3f-26ba35c4dcca.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.80c59111-3f67-46a5-9fd1-379f4b7c2f7d.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.86ba5ad4-3ec9-43cf-997e-568832e6e2b8.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.ab8bb825-292c-450d-ac06-03e39e89d684.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.2bdb351a-82b4-4f2c-bc55-ec328ca677be.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.4a695923-0852-4c25-9999-60bc09954fbe.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.5e2840a3-5955-481c-83b8-ddd64cdaa7ae.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.761c6d23-f36c-46be-bf3f-26ba35c4dcca.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.80c59111-3f67-46a5-9fd1-379f4b7c2f7d.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.86ba5ad4-3ec9-43cf-997e-568832e6e2b8.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.ab8bb825-292c-450d-ac06-03e39e89d684.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.2bdb351a-82b4-4f2c-bc55-ec328ca677be.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.4a695923-0852-4c25-9999-60bc09954fbe.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.5e2840a3-5955-481c-83b8-ddd64cdaa7ae.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.761c6d23-f36c-46be-bf3f-26ba35c4dcca.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.80c59111-3f67-46a5-9fd1-379f4b7c2f7d.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.86ba5ad4-3ec9-43cf-997e-568832e6e2b8.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.ab8bb825-292c-450d-ac06-03e39e89d684.1.etl" | |||
- !file: | |||
path: "%windir%\\Prefetch\\MOUSOCOREWORKER.EXE-681A8FEE.pf" | |||
- !file: | |||
path: "%windir%\\System32\\usocoreworker.exe" | |||
- !file: | |||
path: "%windir%\\System32\\MoUsoCoreWorker.exe" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.2bdb351a-82b4-4f2c-bc55-ec328ca677be.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.4a695923-0852-4c25-9999-60bc09954fbe.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.5e2840a3-5955-481c-83b8-ddd64cdaa7ae.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.761c6d23-f36c-46be-bf3f-26ba35c4dcca.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.80c59111-3f67-46a5-9fd1-379f4b7c2f7d.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.86ba5ad4-3ec9-43cf-997e-568832e6e2b8.1.etl" | |||
- !file: | |||
path: "C:\\ProgramData\\USOShared\\Logs\\System\\MoUsoCoreWorker.ab8bb825-292c-450d-ac06-03e39e89d684.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.2bdb351a-82b4-4f2c-bc55-ec328ca677be.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.4a695923-0852-4c25-9999-60bc09954fbe.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.5e2840a3-5955-481c-83b8-ddd64cdaa7ae.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.761c6d23-f36c-46be-bf3f-26ba35c4dcca.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.80c59111-3f67-46a5-9fd1-379f4b7c2f7d.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.86ba5ad4-3ec9-43cf-997e-568832e6e2b8.1.etl" | |||
- !file: | |||
path: "C:\\Users\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.ab8bb825-292c-450d-ac06-03e39e89d684.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.2bdb351a-82b4-4f2c-bc55-ec328ca677be.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.4a695923-0852-4c25-9999-60bc09954fbe.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.5e2840a3-5955-481c-83b8-ddd64cdaa7ae.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.761c6d23-f36c-46be-bf3f-26ba35c4dcca.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.80c59111-3f67-46a5-9fd1-379f4b7c2f7d.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.86ba5ad4-3ec9-43cf-997e-568832e6e2b8.1.etl" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\USOShared\\Logs\\System\\MoUsoCoreWorker.ab8bb825-292c-450d-ac06-03e39e89d684.1.etl" | |||
- !file: | |||
path: "%windir%\\Prefetch\\MOUSOCOREWORKER.EXE-681A8FEE.pf" | |||
- !file: | |||
path: "%windir%\\System32\\usosvc.dll" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\usosvc.dll.mui" | |||
- !file: | |||
path: "%windir%\\System32\\WaaSMedicPS.dll" | |||
- !file: | |||
path: "%windir%\\System32\\WaaSMedicSvc.dll" | |||
- !file: | |||
path: "%windir%\\System32\\WaaSAssessment.dll" | |||
- !file: | |||
path: "%windir%\\System32\\WaaSMedicAgent.exe" | |||
- !file: | |||
path: "%windir%\\System32\\WaaSMedicCapsule.dll" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\WaaSMedicSvc.dll.mui" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RC_WaaSMedic.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RS_WaaSMedic.ps1" | |||
- !file: | |||
path: "%windir%\\WaaS\\tasks\\17499b8d805e9480903b0df0326a3d231841049e.xml" | |||
- !file: | |||
path: "%windir%\\WaaS\\tasks\\5ffea6126f02e78b9099eb4614d2d339f03ca5a8.xml" | |||
- !file: | |||
path: "%windir%\\WaaS\\services\\14a3f9e824793931d34f7f786a538bbc9ef1f0d6.xml" | |||
- !file: | |||
path: "%windir%\\WaaS\\services\\20bbcadaff3e0543ef358ba4dd8b74bfe8e747c8.xml" | |||
- !file: | |||
path: "%windir%\\WaaS\\services\\2213703c9c64cc61ba900531652e23c84728d2a2.xml" | |||
- !file: | |||
path: "%windir%\\WaaS\\services\\315818c03ccc2b10070df2d4ebd09eb6c4c66e58.xml" | |||
- !file: | |||
path: "%windir%\\WaaS\\services\\43ee7b2a373632f9a701249fd96d0edec2ff1279.xml" | |||
- !file: | |||
path: "%windir%\\WaaS\\services\\ceb497ee0184aaa4681d2fb2ef242a5b8551eea8.xml" | |||
- !file: | |||
path: "%windir%\\System32\\Tasks\\Microsoft\\Windows\\WaaSMedic\\PerformRemediation" | |||
- !file: | |||
path: "C:\\ProgramData\\Microsoft\\Windows\\AppRepository\\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe.xml" | |||
- !file: | |||
path: "C:\\Users\\All Users\\Microsoft\\Windows\\AppRepository\\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe.xml" | |||
- !file: | |||
path: "%ProgramW6432%\\WindowsApps\\DeletedAllUserPackages\\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\\resources.pri" | |||
- !file: | |||
path: "%ProgramW6432%\\WindowsApps\\DeletedAllUserPackages\\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\\AppxBlockMap.xml" | |||
- !file: | |||
path: "%ProgramW6432%\\WindowsApps\\DeletedAllUserPackages\\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\\AppxManifest.xml" | |||
- !file: | |||
path: "%ProgramW6432%\\WindowsApps\\DeletedAllUserPackages\\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe\\AppxSignature.p7x" | |||
- !file: | |||
path: "C:\\Documents and Settings\\All Users\\Microsoft\\Windows\\AppRepository\\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe.xml" | |||
- !file: | |||
path: "%ProgramW6432%\\WindowsApps\\DeletedAllUserPackages\\Microsoft.WindowsMaps*" | |||
- !file: | |||
path: "%ProgramW6432%\\WindowsApps\\DeletedAllUserPackages\\Microsoft.WindowsMaps_5.1906.1972.0_neutral_split.scale-125_8wekyb3d8bbwe" | |||
- !file: | |||
path: "%windir%\\WindowsUpdate.log" | |||
- !file: | |||
path: "%windir%\\PolicyDefinitions\\WindowsUpdate.admx" | |||
- !file: | |||
path: "%windir%\\System32\\@WindowsUpdateToastIcon.png" | |||
- !file: | |||
path: "%windir%\\PolicyDefinitions\\en-US\\WindowsUpdate.adml" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsUpdateElevatedInstaller.exe" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\TS_Main.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\index\\WindowsUpdateDiagnostic.xml" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\cl_Service.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\CL_Utility.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RC_appdata.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RS_AppData.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\CL_SetupEnv.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\DiagPackage.dll" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RC_DateTime.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RS_DateTime.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RC_DataStore.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RC_WaaSMedic.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RS_DataStore.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RS_WaaSMedic.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\VF_DataStore.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\rc_genwuerror.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RS_GENWUError.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\VF_GenWUError.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\DiagPackage.diagpkg" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\cl_windowsupdate.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\cl_windowsversion.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RC_Pendingrestart.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RC_Pendingupdates.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RS_Pendingrestart.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\RS_Pendingupdates.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\VF_Pendingupdates.ps1" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\en-US\\DiagPackage.dll.mui" | |||
- !file: | |||
path: "%windir%\\System32\\Tasks\\Microsoft\\Windows\\WindowsUpdate\\Scheduled Start" | |||
- !file: | |||
path: "%windir%\\diagnostics\\system\\WindowsUpdate\\en-US\\CL_LocalizationData.psd1" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\WindowsUpdate\\WindowsUpdate.psd1" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\WindowsUpdate\\WindowsUpdate.psd1" | |||
- !file: | |||
path: "%windir%\\System32\\WindowsPowerShell\\v1.0\\Modules\\WindowsUpdate\\WindowsUpdateLog.psm1" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\WindowsPowerShell\\v1.0\\Modules\\WindowsUpdate\\WindowsUpdateLog.psm1" | |||
- !file: | |||
path: "C:\\Users\\Public\\Desktop\\Microsoft Edge.lnk" | |||
- !file: | |||
path: "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Microsoft Edge.lnk" | |||
- !file: | |||
path: "%APPDATA%\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\Microsoft Edge.lnk" | |||
- !file: | |||
path: "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\PC Health Check.lnk" | |||
- !file: | |||
path: "%windir%\\System32\\wsqmcons.exe" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\wsqmcons.exe.mui" | |||
- !file: | |||
path: "%windir%\\System32\\wuapi.dll" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\wuapi.dll" | |||
- !file: | |||
path: "%windir%\\System32\\wuauclt.exe" | |||
- !file: | |||
path: "%windir%\\System32\\wuapihost.exe" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\wuapi.dll.mui" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\en-US\\wuapi.dll.mui" | |||
- !file: | |||
path: "%windir%\\SystemResources\\wuapi.dll.mun" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\wuaueng.dll.mui" | |||
- !file: | |||
path: "%windir%\\System32\\storewuauth.dll" | |||
- !file: | |||
path: "%windir%\\System32\\wusa.exe" | |||
- !file: | |||
path: "%windir%\\SysWOW64\\wusa.exe" | |||
- !file: | |||
path: "%windir%\\System32\\en-US\\wusa.exe.mui" | |||
- !file: | |||
path: "%windir%\\System32\\wups.dll" | |||
- !file: | |||
path: "%windir%\\System32\\wups2.dll" | |||
- !file: | |||
path: "%windir%\\System32\\wuaueng.dll" | |||
- !file: | |||
path: "%windir%\\System32\\calc.exe" |
@ -0,0 +1,8 @@ | |||
--- | |||
title: Login | |||
description: Modifies login screen | |||
privilege: TrustedInstaller | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "LOGIN.bat" |
@ -0,0 +1,9 @@ | |||
--- | |||
title: Permission | |||
description: Sets UAC level and user permissions | |||
privilege: Admin | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "PERM.bat" | |||
weight: 10 |
@ -0,0 +1,79 @@ | |||
title: services | |||
description: services | |||
privilege: Admin | |||
actions: | |||
- !service: | |||
name: "DoSvc" | |||
state: stop | |||
- !service: | |||
name: "iphlpsvc" | |||
state: stop | |||
- !service: | |||
name: "Winmgmt" | |||
state: stop | |||
- !service: | |||
name: "ClipSVC" | |||
state: stop | |||
- !service: | |||
name: "DiagTrack" | |||
state: stop | |||
- !service: | |||
name: "RetailDemo" | |||
state: stop | |||
- !service: | |||
name: "diagnosticshub.standardcollector.service" | |||
state: stop | |||
- !service: | |||
name: "dmwappushservice" | |||
state: stop | |||
- !service: | |||
name: "InstallService" | |||
state: stop | |||
- !service: | |||
name: "LicenseManager" | |||
state: stop | |||
- !service: | |||
name: "lfsvc" | |||
state: stop | |||
- !service: | |||
name: "MapsBroker" | |||
state: stop | |||
- !service: | |||
name: "NetTcpPortSharing" | |||
state: stop | |||
- !service: | |||
name: "RemoteAccess" | |||
state: stop | |||
- !service: | |||
name: "RemoteRegistry" | |||
state: stop | |||
- !service: | |||
name: "SharedAccess" | |||
state: stop | |||
- !service: | |||
name: "StorSvc" | |||
state: stop | |||
- !service: | |||
name: "TrkWks" | |||
state: stop | |||
- !service: | |||
name: "UsoSvc" | |||
state: stop | |||
- !service: | |||
name: "WbioSrvc" | |||
state: stop | |||
- !service: | |||
name: "WMPNetworkSvc" | |||
state: stop | |||
- !service: | |||
name: "XblAuthManager" | |||
state: stop | |||
- !service: | |||
name: "XblGameSave" | |||
state: stop | |||
- !service: | |||
name: "XboxNetApiSvc" | |||
state: stop | |||
- !service: | |||
name: "wlidsvc" | |||
state: stop |
@ -0,0 +1,9 @@ | |||
--- | |||
title: Shortcuts | |||
description: Remove and add shortcuts | |||
privilege: Admin | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "SHRT.bat" | |||
weight: 5 |
@ -0,0 +1,9 @@ | |||
--- | |||
title: Silent Installers | |||
description: Silent Installers for Windows 7 Calculator | |||
privilege: Admin | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "SLNT.bat" | |||
weight: 30 |
@ -0,0 +1,9 @@ | |||
--- | |||
title: Malte Wallpapers | |||
description: Installs Malte Wallpapers | |||
privilege: Admin | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "WALLPAPER.bat" | |||
weight: 20 |
@ -0,0 +1,9 @@ | |||
--- | |||
title: Windows Terminal | |||
description: Installs Windows Terminal | |||
privilege: Admin | |||
actions: | |||
- !run: | |||
exeDir: true | |||
exe: "WINTERM.bat" | |||
weight: 120 |
@ -0,0 +1,97 @@ | |||
!UTask | |||
title: Language installation | |||
description: Installs the files for the languages selected in the GUI | |||
minVersion: | |||
maxVersion: | |||
status: ToDo | |||
actions: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/basic_de-de.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/speech_de-de.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/tts_de-de.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/ocr_de-de.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/hw_de-de.cab | |||
standardError: | |||
standardOutput: | |||
- !powershell | |||
command: $OldList = Get-WinUserLanguageList; $OldList.Add(de-DE); Set-WinUserLanguageList -LanguageList $OldList -Force | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/basic_en-us.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/speech_en-us.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/tts_en-us.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/ocr_en-us.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/hw_en-us.cab | |||
standardError: | |||
standardOutput: | |||
- !powershell | |||
command: $OldList = Get-WinUserLanguageList; $OldList.Add(en-US); Set-WinUserLanguageList -LanguageList $OldList -Force | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/basic_es-es.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/speech_es-es.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/tts_es-es.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/ocr_es-es.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/hw_es-es.cab | |||
standardError: | |||
standardOutput: | |||
- !powershell | |||
command: $OldList = Get-WinUserLanguageList; $OldList.Add(es-ES); Set-WinUserLanguageList -LanguageList $OldList -Force | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/basic_fi-fi.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/speech_fi-fi.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/tts_fi-fi.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/ocr_fi-fi.cab | |||
standardError: | |||
standardOutput: | |||
- !cmd | |||
command: Dism /online /Add-Package /PackagePath:%temp%/AME/Languages/hw_fi-fi.cab | |||
standardError: | |||
standardOutput: | |||
- !powershell | |||
command: $OldList = Get-WinUserLanguageList; $OldList.Add(fi-FI); Set-WinUserLanguageList -LanguageList $OldList -Force | |||
priority: 1 | |||
features: [] |
@ -0,0 +1,4 @@ | |||
de-DE | |||
en-US | |||
es-ES | |||
fi-FI |
@ -0,0 +1,13 @@ | |||
net user Administrator /active:yes | |||
net user Administrator malte | |||
@echo OFF | |||
for /f "usebackq delims=" %%A in (`net localgroup administrators ^| findstr /V /X /I /R /c:"Alias name[ ].*" /c:"Comment[ ].*" /c:"Members" /c:"-*" /c:"The command completed.*" /c:"Administrator"`) do ( | |||
echo net localgroup administrators "%%A" /delete | |||
net localgroup administrators "%%A" /delete | |||
) | |||
@echo ON | |||
schtasks /create /tn "AME Admin Log-off" /tr "CMD /C 'SCHTASKS /run /tn 'AME Admin Log-off Msg' & Logoff'" /ru "Administrator" /sc ONLOGON /it /rl HIGHEST /f > NUL | |||
PowerShell -NoP -C "$TaskSet = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries; Set-ScheduledTask -TaskName 'AME Admin Log-off Msg' -Settings $TaskSet" > NUL | |||
schtasks /create /tn "AME Admin Log-off Msg" /tr "PowerShell -NoP -C 'While($lim -lt 20){WMIC computersystem get username|findstr /c:'\Administrator ';if(!$?){Break};$lim++;Sleep 1};'''Logging in as the Administrator user is not supported on AME.`nPlease login using a different account.'''|Msg *'" /sc MONTHLY /f /rl HIGHEST /ru "SYSTEM" > NUL | |||
PowerShell -NoP -C "$TaskSet = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries; Set-ScheduledTask -TaskName 'AME Admin Log-off Msg' -Settings $TaskSet; $serv = New-Object -ComObject Schedule.Service; $serv.Connect($env:COMPUTERNAME); $folder = $serv.GetFolder('\'); $task = $folder.GetTask('AME Admin Log-off Msg'); $item = $task.Definition; $item.Triggers.Remove(1); $folder.RegisterTaskDefinition($task.Name, $item, 4, $null, $null, $null)" > NUL |
@ -0,0 +1,83 @@ | |||
cd Executables\ame-assassin | |||
ame-assassin -Family *Microsoft.549981C3F5F10* | |||
ame-assassin -Family *3DViewer* | |||
ame-assassin -Family *AssignedAccessLockApp* | |||
ame-assassin -Family *PinningConfirmationDialog* | |||
ame-assassin -Family *SecureAssessmentBrowser* | |||
ame-assassin -Family *FeedbackHub* | |||
ame-assassin -Family *MixedReality* | |||
ame-assassin -Family *Microsoft.Calculator* | |||
ame-assassin -Family *Microsoft.WindowsAlarms* | |||
ame-assassin -Family *Microsoft.GetHelp* | |||
ame-assassin -Family *Getstarted* | |||
ame-assassin -Family *disney* | |||
ame-assassin -Family *Microsoft.OneConnect* | |||
ame-assassin -Family *WindowsCamera* | |||
ame-assassin -Family *bing* | |||
ame-assassin -Family *Sticky* | |||
ame-assassin -Family *Microsoft.WindowsStore* | |||
ame-assassin -Family *StorePurchaseApp* | |||
ame-assassin -Family *MicrosoftOfficeHub* | |||
ame-assassin -Family *Paint* | |||
ame-assassin -Family *wallet* | |||
ame-assassin -Family *OneNote* | |||
ame-assassin -Family *Microsoft.People* | |||
ame-assassin -Family *WindowsPhone* | |||
ame-assassin -Family *YourPhone* | |||
ame-assassin -Family *photos* | |||
ame-assassin -Family *SkypeApp* | |||
ame-assassin -Family *solit* | |||
ame-assassin -Family *spotify* | |||
ame-assassin -Family *WindowsSoundRecorder* | |||
ame-assassin -Family *windowscommunicationsapps* | |||
ame-assassin -Family *zune* | |||
ame-assassin -Family *WindowsCalculator* | |||
ame-assassin -Family *WindowsMaps* | |||
ame-assassin -Family *Sway* | |||
ame-assassin -Family *CommsPhone* | |||
ame-assassin -Family *ConnectivityStore* | |||
ame-assassin -Family *Microsoft.Messaging* | |||
ame-assassin -Family *Microsoft.WindowsStore* | |||
ame-assassin -Family *XboxApp* | |||
ame-assassin -Family *GamingApp* | |||
ame-assassin -Family *XboxSpeechToTextOverlay* | |||
ame-assassin -Family *XboxGamingOverlay* | |||
ame-assassin -App *WebExperienceHost* -Verbose | |||
ame-assassin -Family *XboxGameOverlay* | |||
ame-assassin -Family *Xbox.TCUI* | |||
ame-assassin -Family *Xbox.XboxGameCallableUI* | |||
ame-assassin -Family *Xbox.XboxIdenitity* | |||
ame-assassin -Family *SecHealthUI* | |||
ame-assassin -Family *Microsoft.Todos* | |||
ame-assassin -Family *PowerAutomate* | |||
ame-assassin -Family *MicrosoftEdge* | |||
ame-assassin -Family *OneDrive* | |||
::ame-assassin -Family *DesktopAppInstaller* | |||
ame-assassin -Family *PeopleExperienceHost* | |||
ame-assassin -Family *Parental* | |||
ame-assassin -Family *CloudExperienceHost* | |||
ame-assassin -Family *ContentDeliveryManager* | |||
ame-assassin -Family *Client.WebExperience* | |||
ame-assassin -Family *Apprep.Chx* | |||
ame-assassin -Family *OOBENetwork* | |||
ame-assassin -Family *MicrosoftTeams* | |||
ame-assassin -Family *Clipchamp* | |||
ame-assassin -App *Global.IrisService* -Verbose | |||
ame-assassin -App *Global.Accounts* -Verbose | |||
ame-assassin -ClearCache *Client.CBS* | |||
ame-assassin -ClearCache *StartMenuExperienceHost* | |||
ame-assassin -ClearCache *Windows.Search* |
@ -0,0 +1,4 @@ | |||
cd Executables | |||
ViVeTool addconfig 18299130 1 | |||
ViVeTool addconfig 31950543 1 |
@ -0,0 +1,101 @@ | |||
cd Executables | |||
reg query "HKLM\SOFTWARE\Clients\StartMenuInternet" /k /f "Firefox-" > "%TEMP%\Firefox-Reg-Output.txt" | |||
:: Load tile layout from before | |||
PowerShell -NoP -C "(New-Object -ComObject wscript.shell).SendKeys('^{ESCAPE}')" | |||
timeout /t 3 > NUL | |||
PowerShell -NoP -C "(New-Object -ComObject wscript.shell).SendKeys('^{ESCAPE}')" | |||
@echo OFF | |||
for /f "usebackq tokens=2 delims=\" %%A in (`reg query "HKEY_USERS" ^| findstr /c:"S-" /c:"AME_UserHive_"`) do ( | |||
reg query "HKU\%%A" | findstr /c:"Volatile Environment" /c:"AME_UserHive_" > NUL 2>&1 | |||
if not errorlevel 1 call :CHOCCALL "%%A" | |||
) | |||
@PowerShell -NoP -ExecutionPolicy Bypass -C "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" && set "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin" | |||
@PowerShell -NoP -ExecutionPolicy Bypass -C "choco install -y --force --allow-empty-checksums firefox thunderbird open-shell vlc 7zip jpegview vcredist-all directx onlyoffice cascadiamono" | |||
::@PowerShell -NoP -ExecutionPolicy Bypass -C "choco install -y --force --allow-empty-checksums -n eartrumpet" | |||
::if exist "%ALLUSERSPROFILE%\chocolatey\lib\eartrumpet\tools\release.zip" ( | |||
:: echo PowerShell -NoP -C "Expand-Archive -Path '%ALLUSERSPROFILE%\chocolatey\lib\eartrumpet\tools\release.zip' -DestinationPath '%ALLUSERSPROFILE%\EarTrumpet'" | |||
:: PowerShell -NoP -C "Expand-Archive -Path '%ALLUSERSPROFILE%\chocolatey\lib\eartrumpet\tools\release.zip' -DestinationPath '%ALLUSERSPROFILE%\EarTrumpet'" | |||
:: echo rmdir /q /s "%ALLUSERSPROFILE%\chocolatey\lib\eartrumpet" | |||
:: rmdir /q /s "%ALLUSERSPROFILE%\chocolatey\lib\eartrumpet" | |||
:: echo mkdir "%SYSTEMDRIVE%\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" | |||
:: mkdir "%SYSTEMDRIVE%\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" | |||
:: echo PowerShell -NoP -C "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('%SYSTEMDRIVE%\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EarTrumpet.lnk'); $S.TargetPath = '%ALLUSERSPROFILE%\EarTrumpet\EarTrumpet.exe'; $S.Save()" | |||
:: PowerShell -NoP -C "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('%SYSTEMDRIVE%\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EarTrumpet.lnk'); $S.TargetPath = '%ALLUSERSPROFILE%\EarTrumpet\EarTrumpet.exe'; $S.Save()" | |||
::) | |||
@echo ON | |||
copy /y Fluent-Metro.skin "%PROGRAMFILES%\Open-Shell\Skins" | |||
copy /y Fluent-Metro.skin7 "%PROGRAMFILES%\Open-Shell\Skins" | |||
:: Load new Open-Shell menu | |||
PowerShell -NoP -C "(New-Object -ComObject wscript.shell).SendKeys('^{ESCAPE}')" | |||
timeout /t 3 > NUL | |||
PowerShell -NoP -C "(New-Object -ComObject wscript.shell).SendKeys('^{ESCAPE}')" | |||
@exit /b 0 | |||
:CHOCCALL | |||
@echo ON | |||
reg add "HKU\%~1\SOFTWARE\OpenShell" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\OpenShell" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\OpenShell\Settings" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\ClassicExplorer" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\ClassicExplorer\Settings" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\ClassicExplorer" /v "CSettingsDlg" /t REG_BINARY /d a8030000d00100000000000000000000aa0f00000100010100000000 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\ClassicExplorer" /v "ShowedToolbar" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\ClassicExplorer" /v "NewLine" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\ClassicExplorer\Settings" /v "ShowStatusBar" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu" /v "ShowedStyle2" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu" /v "CSettingsDlg" /t REG_BINARY /d c80100001a0100000000000000000000360d00000100000000000000 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu" /v "OldItems" /t REG_BINARY /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu" /v "ItemRanks" /t REG_BINARY /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\MRU" /v "0" /t REG_SZ /d "C:\Windows\regedit.exe" /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "Version" /t REG_DWORD /d 04040098 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "AllProgramsMetro" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "RecentMetroApps" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "StartScreenShortcut" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "SearchInternet" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "GlassOverride" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "GlassColor" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "SkinW7" /t REG_SZ /d "Fluent-Metro" /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "SkinVariationW7" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "ShiftWin" /t REG_SZ /d "Nothing" /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "SkinOptionsW7" /t REG_MULTI_SZ /d "DARK_MAIN=0"\0"METRO_MAIN=0"\0"LIGHT_MAIN=0"\0"AUTOMODE_MAIN=1"\0"DARK_SUBMENU=0"\0"METRO_SUBMENU="\0"LIGHT_SUBMENU=0"\0"AUTOMODE_SUBMENU=1"\0"SUBMENU_SEPARATORS=1"\0"DARK_SEARCH=0"\0"METRO_SEARCH="\0"LIGHT_SEARCH=0"\0"AUTOMODE_SEARCH=1"\0"SEARCH_FRAME=1"\0"SEARCH_COLOR=0"\0"SMALL_SEARCH=0"\0"MOERN_SEARCH=1"\0"SEARCH_ITALICS=0"\0"NONE=0"\0"SEPARATOR=0"\0"TWO_TONE=1"\0"CLASSIC_SELECTOR=1"\0"HAF_SELECTOR=0"\0"CURVED_MENUSEL=1"\0"CURVED_SUBMENU=0"\0"SELECTOR_REVEAL=1"\0"TRANSPARENT=0"\0"OPAQU_SUBMENU=1"\0"OPAQUE_MENU=0"\0"OPAQUE=0"\0"STANDARD=0"\0"SMALL_MAIN2=1"\0"SMALL_ICONS=0"\0"COMPACT_UBMENU=0"\0"PRESERVE_MAIN2=0"\0"LESS_PADDING=0"\0"EXTRA_PADDING=1"\0"24_PADDING=0"\0"LARGE_PROGRAMS0"\0"TRANSPARENT_SHUTDOWN=0"\0"OUTLINE_SHUTDOWN=0"\0"BUTTON_SHUTDOWN=1"\0"EXPERIMENTAL_SHUTDOWN=0"\"LARGE_FONT=0"\0"CONNECTED_BORDER=1"\0"FLOATING_BORDER=0"\0"LARGE_SUBMENU=0"\0"LARGE_LISTS=0"\0"THI_MAIN2=0"\0"EXPERIMENTAL_MAIN2=1"\0"USER_IMAGE=1"\0"USER_OUTSIDE=0"\0"SCALING_USER=1"\0"56=0"\0"64="\0"TRANSPARENT_USER=0"\0"UWP_SCROLLBAR=0"\0"MODERN_SCROLLBAR=1"\0"SMALL_ARROWS=0"\0"ARROW_BACKGROUD=1"\0"ICON_FRAME=0"\0"SEARCH_SEPARATOR=0"\0"NO_PROGRAMS_BUTTON=0" /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "SkipMetro" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "MenuItems7" /t REG_MULTI_SZ /d "Item1.Command=user_files\0Item1.Settings=NOEXPAND\0Item2.Command=user_documents\0Item2.Settings=NOEXPAND\0Item3.Command=user_pictures\0Item3.Settings=NOEXPAND\0Item4.Command=user_music\0Item4.Settings=NOEXPAND\0Item5.Command=user_videos\0Item5.Settings=NOEXPAND\0Item6.Command=downloads\0Item6.Settings=NOEXPAND\0Item7.Command=homegroup\0Item7.Settings=ITEM_DISABLED\0Item8.Command=separator\0Item9.Command=games\0Item9.Settings=TRACK_RECENT|NOEXPAND|ITEM_DISABLED\0Item10.Command=favorites\0Item10.Settings=ITEM_DISABLED\0Item11.Command=recent_documents\0Item12.Command=computer\0Item12.Settings=NOEXPAND\0Item13.Command=network\0Item13.Settings=ITEM_DISABLED\0Item14.Command=network_connections\0Item14.Settings=ITEM_DISABLED\0Item15.Command=separator\0Item16.Command=control_panel\0Item16.Settings=TRACK_RECENT\0Item17.Command=pc_settings\0Item17.Settings=TRACK_RECENT\0Item18.Command=admin\0Item18.Settings=TRACK_RECENT|ITEM_DISABLED\0Item19.Command=devices\0Item19.Settings=ITEM_DISABLED\0Item20.Command=defaults\0Item20.Settings=ITEM_DISABLED\0Item21.Command=help\0Item21.Settings=ITEM_DISABLED\0Item22.Command=run\0Item23.Command=apps\0Item23.Settings=ITEM_DISABLED\0Item24.Command=windows_security\0Item24.Settings=ITEM_DISABLED\0" /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\OpenShell\Settings" /v "Update" /d 0 /t REG_DWORD /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "CheckWinUpdates" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "HighlightNew" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Internet Explorer\Toolbar\ShellBrowser" /v "ITBar7Layout" /t REG_BINARY /d 13000000000000000000000020000000100000000000000001000000010700005e01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 /f | |||
@echo OFF | |||
::if "%~1"=="AME_UserHive_Default" ( | |||
:: echo reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "MenuItems7" /t REG_MULTI_SZ /d "Item1.Command=user_files\0Item1.Settings=NOEXPAND\0Item2.Command=user_documents\0Item2.Settings=NOEXPAND\0Item3.Command=user_pictures\0Item3.Settings=NOEXPAND\0Item4.Command=user_music\0Item4.Settings=NOEXPAND\0Item5.Command=user_videos\0Item5.Settings=NOEXPAND\0Item6.Command=downloads\0Item6.Settings=NOEXPAND\0Item7.Command=homegroup\0Item7.Settings=ITEM_DISABLED\0Item8.Command=separator\0Item9.Command=games\0Item9.Settings=TRACK_RECENT|NOEXPAND|ITEM_DISABLED\0Item10.Command=favorites\0Item10.Settings=ITEM_DISABLED\0Item11.Command=recent_documents\0Item12.Command=computer\0Item12.Settings=NOEXPAND\0Item13.Command=network\0Item13.Settings=ITEM_DISABLED\0Item14.Command=network_connections\0Item14.Settings=ITEM_DISABLED\0Item15.Command=separator\0Item16.Command=control_panel\0Item16.Settings=TRACK_RECENT\0Item17.Command=ITEM_DISABLED\0Item17.Settings=TRACK_RECENT\0Item18.Command=admin\0Item18.Settings=TRACK_RECENT|ITEM_DISABLED\0Item19.Command=devices\0Item19.Settings=ITEM_DISABLED\0Item20.Command=defaults\0Item20.Settings=ITEM_DISABLED\0Item21.Command=help\0Item21.Settings=ITEM_DISABLED\0Item22.Command=run\0Item23.Command=apps\0Item23.Settings=ITEM_DISABLED\0Item24.Command=windows_security\0Item24.Settings=ITEM_DISABLED\0" /f | |||
:: reg add "HKU\%~1\SOFTWARE\OpenShell\StartMenu\Settings" /v "MenuItems7" /t REG_MULTI_SZ /d "Item1.Command=user_files\0Item1.Settings=NOEXPAND\0Item2.Command=user_documents\0Item2.Settings=NOEXPAND\0Item3.Command=user_pictures\0Item3.Settings=NOEXPAND\0Item4.Command=user_music\0Item4.Settings=NOEXPAND\0Item5.Command=user_videos\0Item5.Settings=NOEXPAND\0Item6.Command=downloads\0Item6.Settings=NOEXPAND\0Item7.Command=homegroup\0Item7.Settings=ITEM_DISABLED\0Item8.Command=separator\0Item9.Command=games\0Item9.Settings=TRACK_RECENT|NOEXPAND|ITEM_DISABLED\0Item10.Command=favorites\0Item10.Settings=ITEM_DISABLED\0Item11.Command=recent_documents\0Item12.Command=computer\0Item12.Settings=NOEXPAND\0Item13.Command=network\0Item13.Settings=ITEM_DISABLED\0Item14.Command=network_connections\0Item14.Settings=ITEM_DISABLED\0Item15.Command=separator\0Item16.Command=control_panel\0Item16.Settings=TRACK_RECENT\0Item17.Command=pc_settings\0Item17.Settings=ITEM_DISABLED\0Item18.Command=admin\0Item18.Settings=TRACK_RECENT|ITEM_DISABLED\0Item19.Command=devices\0Item19.Settings=ITEM_DISABLED\0Item20.Command=defaults\0Item20.Settings=ITEM_DISABLED\0Item21.Command=help\0Item21.Settings=ITEM_DISABLED\0Item22.Command=run\0Item23.Command=apps\0Item23.Settings=ITEM_DISABLED\0Item24.Command=windows_security\0Item24.Settings=ITEM_DISABLED\0" /f | |||
:: echo reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCAVolume" /t REG_DWORD /d 1 /f | |||
:: reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCAVolume" /t REG_DWORD /d 1 /f | |||
:: reg add "HKU\%~1\SOFTWARE\EarTrumpet" /v "hasShownFirstRun" /t REG_SZ /d "<?xml version=""""1.0"""" encoding=""""utf-16""""?><boolean>true</boolean>" /f | |||
:: reg add "HKU\%~1\SOFTWARE\EarTrumpet" /v "IsTelemetryEnabled" /t REG_SZ /d "<?xml version=""""1.0"""" encoding=""""utf-16""""?><boolean>false</boolean>" /f | |||
:: copy /y "UsrClass.dat" "%SYSTEMDRIVE%\Users\Default\AppData\Local\Microsoft\Windows" | |||
::) | |||
for /f "usebackq tokens=2* delims= " %%B in (`reg query "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "AppData" 2^>^&1 ^| findstr /R /X /C:".*AppData[ ]*REG_SZ[ ].*"`) do ( | |||
echo del "%%C\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk" /q /f | |||
del "%%C\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk" /q /f | |||
echo del "%%C\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk" /q /f | |||
del "%%C\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk" /q /f | |||
echo del "%%C\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk" /q /f | |||
del "%%C\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk" /q /f | |||
) | |||
exit /b 0 |
@ -0,0 +1,37 @@ | |||
cd Executables | |||
for /f "usebackq delims=" %%E in (`PowerShell -NoP -C "(Get-LocalUser | Where {$_.PrincipalSource -eq 'MicrosoftAccount'}).Name"`) do call :CONVERTUSER "%%E" | |||
for /f "usebackq delims=" %%E in (`reg query "HKLM\SOFTWARE\Microsoft\IdentityStore\LogonCache\Name2Sid" ^| findstr /i /c:"Name2Sid"`) do reg delete "%%E" /f | |||
for /f "usebackq delims=" %%E in (`reg query "HKLM\SOFTWARE\Microsoft\IdentityStore\LogonCache\Sid2Name" ^| findstr /i /c:"Sid2Name"`) do reg delete "%%E" /f | |||
rmdir /q /s "%WINDIR%\System32\config\systemprofile\AppData\Local\Microsoft\Windows\CloudAPCache" | |||
rmdir /q /s "%WINDIR%\ServiceProfiles\LocalService\AppData\Local\Microsoft\Ngc" | |||
for /f "usebackq delims=" %%E in (`reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" /s /f "NGC Credential Provider" ^| findstr /c:"Credential Providers\\"`) do reg delete "%%E" /f | |||
for /f "usebackq delims=" %%E in (`reg query "HKLM\SOFTWARE\Microsoft\IdentityStore\Providers" /s /f "MicrosoftAccount" ^| findstr /c:"Providers\\"`) do reg delete "%%E" /f | |||
exit /b 0 | |||
:CONVERTUSER | |||
for /f "usebackq delims=" %%E in (`reg query "HKLM\SAM\SAM\Domains\Account\Users" ^| findstr /i /c:"Account\Users"`) do ( | |||
for /f "usebackq tokens=1 delims= " %%F in (`reg query "%%E" ^| findstr /r /c:"[]*Internet" /c:"GivenName" /c:"Surname"`) do reg delete "%%E" /v "%%F" /f | |||
) | |||
for /f "usebackq delims=" %%E in (`PowerShell -NoP -C "(New-Object -ComObject Microsoft.DiskQuota).TranslateLogonNameToSID('%~1')"`) do set "userSID=%%E" | |||
reg add "HKU\%userSID%\SOFTWARE\Microsoft\Windows\CurrentVersion\AccountState" /v "ExplicitLocal" /t REG_DWORD /d 1 /f | |||
reg delete "HKU\%userSID%\SOFTWARE\Microsoft\IdentityCRL" /f | |||
for /f "usebackq delims=" %%E in (`reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" /s /f "%userSID%" ^| findstr /c:"%userSID%"`) do reg delete "%%E" /f | |||
net user "%~1" /fullname:"" | |||
net user "%~1" malte |
@ -0,0 +1 @@ | |||
dism /online /enable-feature /featurename:NetFX3 /All /Source:Executables /LimitAccess |
@ -0,0 +1,169 @@ | |||
taskkill /im msedge.exe /f | |||
@echo OFF | |||
::for /f "usebackq delims=" %%A in (`dir /b /s "%PROGRAMFILES(x86)%\Microsoft\Edge\Application\*setup.exe" ^| findstr /c:"Installer\\setup.exe"`) do ( | |||
:: echo PowerShell -NoP -C "Start-Process '%%A' -ArgumentList '--uninstall','--system-level','--verbose-logging','--force-uninstall' -NoNewWindow -Wait" | |||
:: PowerShell -NoP -C "Start-Process '%%A' -ArgumentList '--uninstall','--system-level','--verbose-logging','--force-uninstall' -NoNewWindow -Wait" | |||
::) | |||
taskkill /f /im "msedge.exe" | |||
for /f "usebackq tokens=2 delims=\" %%A in (`reg query "HKEY_USERS" ^| findstr /c:"S-"`) do ( | |||
reg query "HKU\%%A" | findstr /c:"Volatile Environment" /c:"AME_UserHive_" > NUL 2>&1 | |||
if not errorlevel 1 ( | |||
CALL :USERREG "%%A" | |||
) | |||
) | |||
@echo ON | |||
for /f "usebackq tokens=1 delims= " %%E in (`reg query "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" ^| findstr /i /c:"MicrosoftEdge" /c:"msedge"`) do reg delete "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "%%E" /f | |||
reg delete "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarMigratedBrowserPin" /f | |||
del /q /f "%ProgramData%\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk" | |||
for /f "usebackq delims=" %%E in (`reg query "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall" ^| findstr /i /r /c:"Microsoft[ ]*Edge" /c:"msedge"`) do reg delete "%%E" /f | |||
reg delete "HKLM\SOFTWARE\WOW6432Node\Microsoft\EdgeUpdate" /f | |||
reg delete "HKCR\CLSID\{1FCBE96C-1697-43AF-9140-2897C7C69767}" /f | |||
reg delete "HKCR\AppID\{1FCBE96C-1697-43AF-9140-2897C7C69767}" /f | |||
reg delete "HKCR\Interface\{C9C2B807-7731-4F34-81B7-44FF7779522B}" /f | |||
reg delete "HKCR\TypeLib\{C9C2B807-7731-4F34-81B7-44FF7779522B}" /f | |||
reg delete "HKCR\MSEdgeHTM" /f | |||
reg delete "HKCR\MSEdgePDF" /f | |||
reg delete "HKCR\MSEdgeMHT" /f | |||
reg delete "HKCR\AppID\{628ACE20-B77A-456F-A88D-547DB6CEEDD5}" /f | |||
reg delete "HKLM\SOFTWARE\Clients\StartMenuInternet\Microsoft Edge" /f | |||
reg delete "HKLM\SOFTWARE\RegisteredApplications" /v "Microsoft Edge" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\msedge.exe" /f | |||
reg delete "HKCR\.htm\OpenWithProgIds" /v "MSEdgeHTM" /f | |||
reg delete "HKCR\.html\OpenWithProgIds" /v "MSEdgeHTM" /f | |||
reg delete "HKCR\.shtml\OpenWithProgids" /v "MSEdgeHTM" /f | |||
reg delete "HKCR\.svg\OpenWithProgIds" /v "MSEdgeHTM" /f | |||
reg delete "HKCR\.xht\OpenWithProgIds" /v "MSEdgeHTM" /f | |||
reg delete "HKCR\.xhtml\OpenWithProgIds" /v "MSEdgeHTM" /f | |||
reg delete "HKCR\.webp\OpenWithProgids" /v "MSEdgeHTM" /f | |||
reg delete "HKCR\.xml\OpenWithProgIds" /v "MSEdgeHTM" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts" /v "MSEdgeHTM_microsoft-edge" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\EnterpriseMode" /v "MSEdgePath" /f | |||
reg delete "HKCR\AppID\ie_to_edge_bho.dll" /f | |||
reg delete "HKCR\AppID\{31575964-95F7-414B-85E4-0E9A93699E13}" /f | |||
reg delete "HKCR\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}" /f | |||
reg delete "HKCR\WOW6432Node\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}" /f | |||
reg delete "HKCR\ie_to_edge_bho.IEToEdgeBHO" /f | |||
reg delete "HKCR\ie_to_edge_bho.IEToEdgeBHO.1" /f | |||
:: | |||
reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer" /f | |||
reg delete "HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}" /f | |||
reg delete "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}" /f | |||
reg delete "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID" /v "{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Edge" /f | |||
reg delete "HKLM\SOFTWARE\WOW6432Node\Microsoft\Edge" /f | |||
reg delete "HKCR\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}" /f | |||
reg delete "HKCR\WOW6432Node\CLSID\{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\PreviewHandlers" /v "{3A84F9C2-6164-485C-A7D9-4B27F8AC009E}" /f | |||
reg delete "HKCR\.pdf\ShellEx\{8895b1c6-b41f-4c1c-a562-0d564250836f}" /v "(Default)" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}" /f | |||
reg delete "HKU\S-1-5-21-3476428458-2503407758-626446112-1002\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}" /f | |||
reg delete "HKLM\System\CurrentControlSet\Services\EventLog\Application\Edge" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\msedge.exe" /f | |||
rmdir /q /s "%ProgramFiles(x86)%\Microsoft\EdgeCore" | |||
reg delete "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge Update" /f | |||
::WebView | |||
reg delete "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft EdgeWebView" /f | |||
rmdir /q /s "%ProgramFiles(x86)%\Microsoft\EdgeWebView" | |||
@echo OFF | |||
for /f "usebackq delims=" %%A in (`dir /b /a:d "%SYSTEMDRIVE%\Users"`) do ( | |||
::WebView | |||
echo rmdir /q /s "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\EdgeWebView" | |||
rmdir /q /s "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\EdgeWebView" | |||
echo rmdir /q /s "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\Edge" | |||
rmdir /q /s "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\Edge" | |||
) | |||
exit /b 0 | |||
:USERREG | |||
@echo ON | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Taskband" /v "FavoritesResolve" /t REG_BINARY /d 320300004C0000000114020000000000C0000000000000468300800020000000549E39A5246AD8012B113CA5246AD801A8B6C6DADDACD501970100000000000001000000000000000000000000000000A0013A001F80C827341F105C1042AA032EE45287D668260001002600EFBE1200000056F21270246AD8010F37A185246AD8012B113CA5246AD80114005600310000000000B154E29B11005461736B42617200400009000400EFBEB154C69BB154E29B2E000000F4940100000001000000000000000000000000000000D5BA89005400610073006B00420061007200000016000E01320097010000874F0749200046494C4545587E312E4C4E4B00007C0009000400EFBEB154E29BB154E29B2E00000097900100000002000000000000000000520000000000589C4400460069006C00650020004500780070006C006F007200650072002E006C006E006B00000040007300680065006C006C00330032002E0064006C006C002C002D003200320030003600370000001C00220000001E00EFBE02005500730065007200500069006E006E006500640000001C00120000002B00EFBE2B113CA5246AD8011C00420000001D00EFBE02004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E004500780070006C006F0072006500720000001C0000009B0000001C000000010000001C0000002D000000000000009A0000001100000003000000E4A63B761000000000433A5C55736572735C757365725C417070446174615C526F616D696E675C4D6963726F736F66745C496E7465726E6574204578706C6F7265725C517569636B204C61756E63685C557365722050696E6E65645C5461736B4261725C46696C65204578706C6F7265722E6C6E6B000060000000030000A058000000000000006465736B746F702D62356E36683339006E1A1EE27BFFA94ABB0361D86F25337E500764DB17D6EC11A598000C2907D6A06E1A1EE27BFFA94ABB0361D86F25337E500764DB17D6EC11A598000C2907D6A045000000090000A03900000031535053B1166D44AD8D7048A748402EA43D788C1D000000680000000048000000CE2181FCD4BF31408F25FF009E4345CA000000000000000000000000 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Taskband" /v Favorites /t REG_BINARY /d 00A40100003A001F80C827341F105C1042AA032EE45287D668260001002600EFBE1200000056F21270246AD8010F37A185246AD8012B113CA5246AD80114005600310000000000B154E29B11005461736B42617200400009000400EFBEB154C69BB154E29B2E000000F4940100000001000000000000000000000000000000D5BA89005400610073006B00420061007200000016001201320097010000874F0749200046494C4545587E312E4C4E4B00007C0009000400EFBEB154E29BB154E29B2E00000097900100000002000000000000000000520000000000589C4400460069006C00650020004500780070006C006F007200650072002E006C006E006B00000040007300680065006C006C00330032002E0064006C006C002C002D003200320030003600370000001C00120000002B00EFBE2B113CA5246AD8011C00420000001D00EFBE02004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E004500780070006C006F0072006500720000001C00260000001E00EFBE0200530079007300740065006D00500069006E006E006500640000001C000000FF /f | |||
reg delete "HKU\%~1\SOFTWARE\RegisteredApplications" /v "Microsoft Edge" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.htm\OpenWithProgids" /v "MSEdgeHTM" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.html\OpenWithProgids" /v "MSEdgeHTM" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.shtml\OpenWithProgids" /v "MSEdgeHTM" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.svg\OpenWithProgids" /v "MSEdgeHTM" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.xht\OpenWithProgids" /v "MSEdgeHTM" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.xhtml\OpenWithProgids" /v "MSEdgeHTM" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.webp\OpenWithProgids" /v "MSEdgeHTM" /f | |||
reg delete "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts" /v "MSEdgeHTM_microsoft-edge" /f | |||
reg delete "HKU\%~1\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Microsoft\Edge" /f | |||
::WebView | |||
reg delete "HKU\%~1\SOFTWARE\Microsoft\EdgeWebView" /f | |||
@echo OFF |
@ -0,0 +1,16 @@ | |||
cd Executables | |||
start /b /wait install_wim_tweak.exe /o /l | |||
start /b /wait install_wim_tweak.exe /o /c Microsoft-Windows-Internet-Browser-Package /r | |||
start /b /wait install_wim_tweak.exe /h /o /l | |||
:: Removes ActiveX item in open with menu | |||
reg delete "HKCR\Applications\iexplore.exe" /f | |||
:: Removes ActiveX item in open with menu for XML files | |||
reg delete "HKCR\xmlfile" /f | |||
:: Removes internet explorer option when setting default browser in settings | |||
reg delete "HKLM\SOFTWARE\Microsoft\Internet Explorer" /f | |||
reg delete "HKLM\SOFTWARE\RegisteredApplications" /v "Internet Explorer" /f | |||
reg delete "HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE" /f |
@ -0,0 +1,13 @@ | |||
cd Executables | |||
copy /y "Associations.dll" "%WINDIR%\System32\OEMDefaultAssociations.dll" | |||
del /q /f "%WINDIR%\System32\OEMDefaultAssociations.xml" | |||
@echo OFF | |||
for /f "usebackq tokens=2 delims=\" %%A in (`reg query "HKEY_USERS" ^| findstr /c:"S-" /c:"AME_UserHive_"`) do ( | |||
REM If the "Volatile Environment" key exists, that means it is a proper user. Built in accounts/SIDs don't have this key. | |||
reg query "HKU\%%A" | findstr /c:"Volatile Environment" /c:"AME_UserHive_" > NUL 2>&1 | |||
if not errorlevel 1 ( | |||
PowerShell -NoP -ExecutionPolicy Bypass -File assoc.ps1 "Placeholder" "%%A" ".html:FirefoxHTML-308046B0AF4A39CB" ".htm:FirefoxHTML-308046B0AF4A39CB" ".url:FirefoxURL-308046B0AF4A39CB" "Proto:https:FirefoxURL-308046B0AF4A39CB" "Proto:http:FirefoxURL-308046B0AF4A39CB" "Proto:mailto:Thunderbird.Url.mailto" ".3g2:VLC.3g2" ".3gp:VLC.3gp" ".3gp2:VLC.3gp2" ".3gpp:VLC.3gpp" ".aac:VLC.aac" ".adts:VLC.adts" ".aif:VLC.aif" ".aifc:VLC.aifc" ".aiff:VLC.aiff" ".amr:VLC.amr" ".asf:VLC.asf" ".asx:VLC.asx" ".au:VLC.au" ".avi:VLC.avi" ".bmp:JPEGView.exe" ".cda:VLC.cda" ".flac:VLC.flac" ".jpeg:JPEGView.exe" ".jpg:JPEGView.exe" ".m1v:VLC.m1v" ".m2t:VLC.m2t" ".m2ts:VLC.m2ts" ".m3u:VLC.m3u" ".m4a:VLC.m4a" ".m4p:VLC.m4p" ".m4v:VLC.m4v" ".mid:VLC.mid" ".mka:VLC.mka" ".mkv:VLC.mkv" ".mov:VLC.mov" ".MP2:VLC.mp2" ".mp2v:VLC.mp2v" ".mp3:VLC.mp3" ".mp4:VLC.mp4" ".mp4v:VLC.mp4v" ".mpa:VLC.mpa" ".MPE:VLC.mpe" ".mpeg:VLC.mpeg" ".mpg:VLC.mpg" ".mpv2:VLC.mpv2" ".mts:VLC.mts" ".png:JPEGView.exe" ".ra:VLC.ra" ".ram:VLC.ram" ".rmi:VLC.rmi" ".s3m:VLC.s3m" ".snd:VLC.snd" ".TS:VLC.ts" ".TTS:VLC.tts" ".voc:VLC.voc" ".wav:VLC.wav" ".webp:JPEGView.exe" ".wma:VLC.wma" ".wmv:VLC.wmv" ".WPL:VLC.wpl" ".wvx:VLC.wvx" ".xm:VLC.xm" ".zpl:VLC.zpl" ".xml:txtfilelegacy" | |||
) | |||
) |
@ -0,0 +1,202 @@ | |||
@echo OFF | |||
if not exist "%~dp0\AME-Firefox-Injection" ( | |||
echo. & echo No supplied AME-Firefox-Injection folder detected. | |||
exit /b 4 | |||
) | |||
:ENTRIES | |||
echo. & echo Grabbing previous Firefox entries... | |||
if not exist "%TEMP%\Firefox-Reg-Output.txt" echo No input entries detected & echo. & echo Generating random string... & goto GenRND | |||
setlocal EnableDelayedExpansion | |||
set /a "count1=0" | |||
for /f "usebackq tokens=2 delims=-" %%A in (`findstr /c:"Firefox-" "%TEMP%\Firefox-Reg-Output.txt"`) do ( | |||
set /a "count1=!count1!+1" | |||
set "ffBef!count1!=%%A" | |||
set "par=!par!)" | |||
set "arg=!arg!if not "%%D"=="%%A" (" | |||
) | |||
del /q /f "%TEMP%\Firefox-Reg-Output.txt" > NUL 2>&1 | |||
echo. & echo Comparing Firefox entries... | |||
set /a "count2=0" | |||
for /f "usebackq tokens=2 delims=-" %%D in (`reg query "HKLM\SOFTWARE\Clients\StartMenuInternet" /f "Firefox-"`) do ( | |||
set /a "count2=!count2!+1" | |||
%arg%set "NewCode=%%D"%par% | |||
) | |||
if "%count1%"=="0" (if "%count2%"=="0" (set "NewCode=NULL")) | |||
endlocal & set "NewCode=%NewCode%" | |||
:CHECKS | |||
set "RunEC=10" | |||
set /a "count0=1" | |||
for /f "usebackq tokens=2 delims=\" %%A in (`reg query "HKEY_USERS" ^| findstr /c:"S-" /c:"AME_UserHive_"`) do ( | |||
if "%%A"=="AME_UserHive_Default" ( | |||
call :AFISCALL "%SYSTEMDRIVE%\Users\Default\AppData\Roaming" | |||
if errorlevel 2 set "RunEC=2" | |||
if errorlevel 1 set "RunEC=1" | |||
if errorlevel 0 set "RunEC=0" | |||
) else ( | |||
for /f "usebackq tokens=2* delims= " %%B in (`reg query "HKU\%%A\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "AppData" 2^>^&1 ^| findstr /R /X /C:".*AppData[ ]*REG_SZ[ ].*"`) do ( | |||
call :AFISCALL "%%C" | |||
if errorlevel 2 set "RunEC=2" | |||
if errorlevel 1 set "RunEC=1" | |||
if errorlevel 0 set "RunEC=0" | |||
) | |||
) | |||
) | |||
exit /b %RunEC% | |||
:AFISCALL | |||
setlocal | |||
echo. & echo Generating random string... | |||
:GenRND | |||
setlocal EnableDelayedExpansion | |||
set "RNDConsist=abcdefghijklmnopqrstuvwxyz0123456789" | |||
set /a "RND=%RANDOM% %% 36" | |||
set "RNDStr=!RNDStr!!RNDConsist:~%RND%,1!" | |||
if "%RNDStr:~7%"=="" (goto GenRND) | |||
endlocal & set "RNDStr=%RNDStr%" | |||
:: Redundancy, incase the original Firefox installed check fails | |||
if "%NewCode%"=="NULL" echo. & echo No Firefox install detected & goto PREFSONLY | |||
if "%NewCode%"=="" echo. & echo Firefox version already installed & goto PREFSONLY | |||
if not EXIST "%PROGRAMFILES%\Mozilla Firefox\firefox.exe" echo. & echo Can't find Firefox.exe & goto PREFSONLY | |||
if exist "%~1\Mozilla\Firefox\profiles.ini" ( | |||
findstr /c:"%NewCode%" "%~1\Mozilla\Firefox\profiles.ini" > NUL 2>&1 | |||
if not errorlevel 1 echo. & echo Firefox version already in profiles.ini & goto PREFSONLY | |||
) | |||
:PROFILENAME | |||
if %count0% GTR 50 echo. & echo Default-release count exceeded 50 & goto PREFSONLY | |||
if exist "%~1\Mozilla\Firefox\profiles.ini" ( | |||
findstr /c:"Name=default-release" "%~1\Mozilla\Firefox\profiles.ini" > NUL 2>&1 | |||
if not errorlevel 1 ( | |||
findstr /c:"Name=default-release-%count0%" "%~1\Mozilla\Firefox\profiles.ini" | |||
if not errorlevel 1 ( | |||
set /a "count0=%count0%+1" | |||
goto PROFILENAME | |||
) else ( | |||
set "profileName=default-release-%count0%" | |||
) | |||
) else ( | |||
set "profileName=default-release" | |||
) | |||
) else ( | |||
set "profileName=default-release" | |||
) | |||
echo. & echo Injecting profile... | |||
@echo ON | |||
:: This could also be set manually in the profiles.ini file | |||
mkdir "%~1\Mozilla\Firefox\Profiles\%RNDStr%.%profileName%" | |||
robocopy "%~dp0\AME-Firefox-Injection" "%~1\Mozilla\Firefox\Profiles\%RNDStr%.%profileName%" /E > NUL | |||
:: Sets profile as the default | |||
echo [Install%NewCode%]>> "%~1\Mozilla\Firefox\profiles.ini" | |||
echo Default=Profiles/%RNDStr%.%profileName%>> "%~1\Mozilla\Firefox\profiles.ini" | |||
echo Locked=^1>> "%~1\Mozilla\Firefox\profiles.ini" | |||
echo.>> "%~1\Mozilla\Firefox\profiles.ini" | |||
echo [Profile0]>> "%~1\Mozilla\Firefox\profiles.ini" | |||
echo Name=%profileName%>> "%~1\Mozilla\Firefox\profiles.ini" | |||
echo IsRelative=^1>> "%~1\Mozilla\Firefox\profiles.ini" | |||
echo Path=Profiles/%RNDStr%.%profileName%>> "%~1\Mozilla\Firefox\profiles.ini" | |||
:: Add prefs to any other Firefox profiles in all users | |||
@echo OFF | |||
for /f "usebackq delims=" %%B in (`dir /B /A:d "%~1\Mozilla\Firefox\Profiles" ^| findstr /v /x /c:"%RNDStr%.%profileName%"`) do ( | |||
if exist "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js" ( | |||
:: Removes lines containing these entries from the profiles prefs.js. This way any old prefs don't overlap with the new prefs | |||
echo findstr /V /C:""""app.shield.optoutstudies.enabled"""" /C:""""browser.aboutwelcome.enabled"""" /C:""""browser.disableResetPrompt"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features"""" /C:""""browser.newtabpage.activity-stream.feeds.section.topstories"""" /C:""""browser.newtabpage.activity-stream.feeds.topsites"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includePocket"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includeVisited"""" /C:""""browser.newtabpage.activity-stream.showSponsored"""" /C:""""browser.newtabpage.activity-stream.showSponsoredTopSites"""" /C:""""browser.urlbar.placeholderNam"""" /C:""""browser.urlbar.suggest.quicksuggest.nonsponsored"""" /C:""""browser.urlbar.suggest.quicksuggest.sponsored"""" /C:""""browser.urlbar.suggest.topsites"""" /C:""""datareporting.healthreport.uploadEnabled"""" /C:""""dom.security.https_only_mode"""" /C:""""dom.security.https_only_mode_ever_enabled"""" "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js "^>^> "%TEMP%\prefs.js.tmp" | |||
findstr /V /C:""""app.shield.optoutstudies.enabled"""" /C:""""browser.aboutwelcome.enabled"""" /C:""""browser.disableResetPrompt"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features"""" /C:""""browser.newtabpage.activity-stream.feeds.section.topstories"""" /C:""""browser.newtabpage.activity-stream.feeds.topsites"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includePocket"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includeVisited"""" /C:""""browser.newtabpage.activity-stream.showSponsored"""" /C:""""browser.newtabpage.activity-stream.showSponsoredTopSites"""" /C:""""browser.urlbar.placeholderNam"""" /C:""""browser.urlbar.suggest.quicksuggest.nonsponsored"""" /C:""""browser.urlbar.suggest.quicksuggest.sponsored"""" /C:""""browser.urlbar.suggest.topsites"""" /C:""""datareporting.healthreport.uploadEnabled"""" /C:""""dom.security.https_only_mode"""" /C:""""dom.security.https_only_mode_ever_enabled"""" "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js ">> "%TEMP%\prefs.js.tmp" | |||
) | |||
:: Filters out a few prefs from AME-Firefox-Injectiont\prefs.js and adds them to prefs.js.tmp | |||
echo findstr /V /C:""""browser.toolbars.bookmarks.visibility"""" /C:""""extensions.webextensions.uuids"""" /C:""""extensions.webextensions.uuids"""" "%~dp0\AME-Firefox-Injection\prefs.js"^>^> "%TEMP%\prefs.js.tmp" | |||
findstr /V /C:""""browser.toolbars.bookmarks.visibility"""" /C:""""extensions.webextensions.uuids"""" /C:""""extensions.webextensions.uuids"""" "%~dp0\AME-Firefox-Injection\prefs.js">> "%TEMP%\prefs.js.tmp" | |||
echo move /y "%TEMP%\prefs.js.tmp" "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js" | |||
move /y "%TEMP%\prefs.js.tmp" "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js" | |||
if exist "%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4" echo del /Q /F "%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4" & del /Q /F "%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4" | |||
echo robocopy "%~dp0\AME-Firefox-Injection" "%~1\Mozilla\Firefox\Profiles\%%B" search.json.mozlz4 /E ^> NUL | |||
robocopy "%~dp0\AME-Firefox-Injection" "%~1\Mozilla\Firefox\Profiles\%%B" search.json.mozlz4 /E > NUL | |||
echo PowerShell -NoP -C "%~1\Mozilla\Firefox\Profiles' | Set-Acl '%~1\Mozilla\Firefox\Profiles\%%B\prefs.js'" ^> NUL 2^>^&1 | |||
PowerShell -NoP -C "%~1\Mozilla\Firefox\Profiles' | Set-Acl '%~1\Mozilla\Firefox\Profiles\%%B\prefs.js'" > NUL 2>&1 | |||
echo PowerShell -NoP -C "Get-Acl '%~1\Mozilla\Firefox\Profiles' | Set-Acl '%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4'" ^> NUL 2^>^&1 | |||
PowerShell -NoP -C "Get-Acl '%~1\Mozilla\Firefox\Profiles' | Set-Acl '%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4'" > NUL 2>&1 | |||
) | |||
echo. & echo Successfully injected custom Firefox configs. | |||
endlocal & exit /b 0 | |||
:PREFSONLY | |||
:: uBlock Origin could be installed automatically here, however that would involve overwriting the old extension.json etc | |||
:: files, which, if the user had previous extensions, could cause issues. | |||
@echo. & echo Injecting config files... | |||
if exist "%TEMP%\prefs.js.tmp" del /q /f "%TEMP%\prefs.js.tmp" > NUL | |||
set /a "count3=0" | |||
@echo OFF | |||
for /f "usebackq delims=" %%A in (`dir /B /A:d "%~1\Mozilla\Firefox\Profiles"`) do ( | |||
set /a "count3=%count3%+1" | |||
if exist "%~1\Mozilla\Firefox\Profiles\%%A\prefs.js" ( | |||
:: Removes lines containing these entries from the profiles prefs.js. This way any old prefs don't overlap with the new prefs | |||
echo findstr /V /C:""""app.shield.optoutstudies.enabled"""" /C:""""browser.aboutwelcome.enabled"""" /C:""""browser.disableResetPrompt"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features"""" /C:""""browser.newtabpage.activity-stream.feeds.section.topstories"""" /C:""""browser.newtabpage.activity-stream.feeds.topsites"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includePocket"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includeVisited"""" /C:""""browser.newtabpage.activity-stream.showSponsored"""" /C:""""browser.newtabpage.activity-stream.showSponsoredTopSites"""" /C:""""browser.urlbar.placeholderNam"""" /C:""""browser.urlbar.suggest.quicksuggest.nonsponsored"""" /C:""""browser.urlbar.suggest.quicksuggest.sponsored"""" /C:""""browser.urlbar.suggest.topsites"""" /C:""""datareporting.healthreport.uploadEnabled"""" /C:""""dom.security.https_only_mode"""" /C:""""dom.security.https_only_mode_ever_enabled"""" "%~1\Mozilla\Firefox\Profiles\%%A\prefs.js "^>^> "%TEMP%\prefs.js.tmp" | |||
findstr /V /C:""""app.shield.optoutstudies.enabled"""" /C:""""browser.aboutwelcome.enabled"""" /C:""""browser.disableResetPrompt"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features"""" /C:""""browser.newtabpage.activity-stream.feeds.section.topstories"""" /C:""""browser.newtabpage.activity-stream.feeds.topsites"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includePocket"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includeVisited"""" /C:""""browser.newtabpage.activity-stream.showSponsored"""" /C:""""browser.newtabpage.activity-stream.showSponsoredTopSites"""" /C:""""browser.urlbar.placeholderNam"""" /C:""""browser.urlbar.suggest.quicksuggest.nonsponsored"""" /C:""""browser.urlbar.suggest.quicksuggest.sponsored"""" /C:""""browser.urlbar.suggest.topsites"""" /C:""""datareporting.healthreport.uploadEnabled"""" /C:""""dom.security.https_only_mode"""" /C:""""dom.security.https_only_mode_ever_enabled"""" "%~1\Mozilla\Firefox\Profiles\%%A\prefs.js ">> "%TEMP%\prefs.js.tmp" | |||
) | |||
:: Filters out a few prefs from AME-Firefox-Injectiont\prefs.js and adds them to prefs.js.tmp | |||
echo findstr /V /C:""""browser.toolbars.bookmarks.visibility"""" /C:""""extensions.webextensions.uuids"""" /C:""""extensions.webextensions.uuids"""" "%~dp0\AME-Firefox-Injection\prefs.js"^>^> "%TEMP%\prefs.js.tmp" | |||
findstr /V /C:""""browser.toolbars.bookmarks.visibility"""" /C:""""extensions.webextensions.uuids"""" /C:""""extensions.webextensions.uuids"""" "%~dp0\AME-Firefox-Injection\prefs.js">> "%TEMP%\prefs.js.tmp" | |||
echo move /y "%TEMP%\prefs.js.tmp" "%~1\Mozilla\Firefox\Profiles\%%A\prefs.js" | |||
move /y "%TEMP%\prefs.js.tmp" "%~1\Mozilla\Firefox\Profiles\%%A\prefs.js" | |||
if exist "%~1\Mozilla\Firefox\Profiles\%%A\search.json.mozlz4" echo del /Q /F "%~1\Mozilla\Firefox\Profiles\%%A\search.json.mozlz4" & del /Q /F "%~1\Mozilla\Firefox\Profiles\%%A\search.json.mozlz4" | |||
echo robocopy "%~dp0\AME-Firefox-Injection" "%~1\Mozilla\Firefox\Profiles\%%A" search.json.mozlz4 /E ^> NUL | |||
robocopy "%~dp0\AME-Firefox-Injection" "%~1\Mozilla\Firefox\Profiles\%%A" search.json.mozlz4 /E > NUL | |||
) | |||
for /f "usebackq delims=" %%A in (`dir /B /A:d "%SYSTEMDRIVE%\Users"`) do ( | |||
if exist "%~1\Mozilla\Firefox\Profiles" ( | |||
for /f "usebackq delims=" %%B in (`dir /B /A:d "%~1\Mozilla\Firefox\Profiles"`) do ( | |||
set /a "count3=%count3%+1" | |||
if exist "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js" ( | |||
:: Removes lines containing these entries from the profiles prefs.js. This way any old prefs don't overlap with the new prefs | |||
echo findstr /V /C:""""app.shield.optoutstudies.enabled"""" /C:""""browser.aboutwelcome.enabled"""" /C:""""browser.disableResetPrompt"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features"""" /C:""""browser.newtabpage.activity-stream.feeds.section.topstories"""" /C:""""browser.newtabpage.activity-stream.feeds.topsites"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includePocket"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includeVisited"""" /C:""""browser.newtabpage.activity-stream.showSponsored"""" /C:""""browser.newtabpage.activity-stream.showSponsoredTopSites"""" /C:""""browser.urlbar.placeholderNam"""" /C:""""browser.urlbar.suggest.quicksuggest.nonsponsored"""" /C:""""browser.urlbar.suggest.quicksuggest.sponsored"""" /C:""""browser.urlbar.suggest.topsites"""" /C:""""datareporting.healthreport.uploadEnabled"""" /C:""""dom.security.https_only_mode"""" /C:""""dom.security.https_only_mode_ever_enabled"""" "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js "^>^> "%TEMP%\prefs.js.tmp" | |||
findstr /V /C:""""app.shield.optoutstudies.enabled"""" /C:""""browser.aboutwelcome.enabled"""" /C:""""browser.disableResetPrompt"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons"""" /C:""""browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features"""" /C:""""browser.newtabpage.activity-stream.feeds.section.topstories"""" /C:""""browser.newtabpage.activity-stream.feeds.topsites"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includePocket"""" /C:""""browser.newtabpage.activity-stream.section.highlights.includeVisited"""" /C:""""browser.newtabpage.activity-stream.showSponsored"""" /C:""""browser.newtabpage.activity-stream.showSponsoredTopSites"""" /C:""""browser.urlbar.placeholderNam"""" /C:""""browser.urlbar.suggest.quicksuggest.nonsponsored"""" /C:""""browser.urlbar.suggest.quicksuggest.sponsored"""" /C:""""browser.urlbar.suggest.topsites"""" /C:""""datareporting.healthreport.uploadEnabled"""" /C:""""dom.security.https_only_mode"""" /C:""""dom.security.https_only_mode_ever_enabled"""" "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js ">> "%TEMP%\prefs.js.tmp" | |||
) | |||
:: Filters out a few prefs from AME-Firefox-Injectiont\prefs.js and adds them to prefs.js.tmp | |||
echo findstr /V /C:""""browser.toolbars.bookmarks.visibility"""" /C:""""extensions.webextensions.uuids"""" /C:""""extensions.webextensions.uuids"""" "%~dp0\AME-Firefox-Injection\prefs.js"^>^> "%TEMP%\prefs.js.tmp" | |||
findstr /V /C:""""browser.toolbars.bookmarks.visibility"""" /C:""""extensions.webextensions.uuids"""" /C:""""extensions.webextensions.uuids"""" "%~dp0\AME-Firefox-Injection\prefs.js">> "%TEMP%\prefs.js.tmp" | |||
echo move /y "%TEMP%\prefs.js.tmp" "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js" | |||
move /y "%TEMP%\prefs.js.tmp" "%~1\Mozilla\Firefox\Profiles\%%B\prefs.js" | |||
if exist "%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4" echo del /Q /F "%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4" & del /Q /F "%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4" | |||
echo robocopy "%~dp0\AME-Firefox-Injection" "%~1\Mozilla\Firefox\Profiles\%%B" search.json.mozlz4 /E ^> NUL | |||
robocopy "%~dp0\AME-Firefox-Injection" "%~1\Mozilla\Firefox\Profiles\%%B" search.json.mozlz4 /E > NUL | |||
echo PowerShell -NoP -C "Get-Acl '%~1\Mozilla\Firefox\Profiles' | Set-Acl '%~1\Mozilla\Firefox\Profiles\%%B\prefs.js'" ^> NUL 2^>^&1 | |||
PowerShell -NoP -C "Get-Acl '%~1\Mozilla\Firefox\Profiles' | Set-Acl '%~1\Mozilla\Firefox\Profiles\%%B\prefs.js'" > NUL 2>&1 | |||
echo PowerShell -NoP -C "Get-Acl '%~1\Mozilla\Firefox\Profiles' | Set-Acl '%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4'" ^> NUL 2^>^&1 | |||
PowerShell -NoP -C "Get-Acl '%~1\Mozilla\Firefox\Profiles' | Set-Acl '%~1\Mozilla\Firefox\Profiles\%%B\search.json.mozlz4'" > NUL 2>&1 | |||
) | |||
) | |||
) | |||
if %count3% EQU 0 ( | |||
echo. & echo Failed! No profiles detected | |||
endlocal & exit /b 2 | |||
) else ( | |||
echo. & echo Successfully injected custom Firefox configs. | |||
endlocal & exit /b 1 | |||
) |
@ -0,0 +1,18 @@ | |||
cd Executables | |||
@tasklist /fi "IMAGENAME eq Explorer.exe" /fi "USERNAME ne SYSTEM" /v | findstr /I /c:"explorer.exe" > NUL | |||
@if %errorlevel% neq 0 echo start explorer.exe & start explorer.exe | |||
:: Make output just after file deletion look nicer | |||
@timeout /t 5 /nobreak > nul | |||
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v AutoAdminLogon /t REG_SZ /d 0 /f | |||
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultUserName /t REG_SZ /d "" /f | |||
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v DefaultPassword /t REG_SZ /d "" /f | |||
for /f "usebackq delims=" %%E in (`reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" /s /f "WLIDCredentialProvider" ^| findstr /c:"Credential Providers\\"`) do reg delete "%%E" /f | |||
REM takeown /f "%WINDIR%\System32\en-US\credprovhost.dll.mui" | |||
REM icacls "%WINDIR%\System32\en-US\credprovhost.dll.mui" /reset | |||
REM certutil -hashfile "%WINDIR%\System32\en-US\credprovhost.dll.mui" md5 | findstr /i /c:"7AED5636DB4388798718F09C53348F49" /c:"36320488BF78869BD369013CBE93C22A" || EXIT /B 1 | |||
ame-hexer "%WINDIR%\System32\en-US\credprovhost.dll.mui" "4F 00 74 00 68 00 65 00 72 00 20 00 75 00 73 00 65 00 72" "4C 00 6F 00 67 00 69 00 6E 00 00 00 00 00 00 00 00 00 00" |
@ -0,0 +1,443 @@ | |||
cd Executables | |||
@echo OFF | |||
for /f "usebackq tokens=2 delims=\" %%E in (`reg query "HKEY_USERS" ^| findstr /c:"S-" /c:"AME_UserHive_"`) do ( | |||
REM If the "Volatile Environment" key exists, that means it is a proper user. Built in accounts/SIDs don't have this key. | |||
reg query "HKU\%%E" | findstr /c:"Volatile Environment" /c:"AME_UserHive_" > NUL 2>&1 | |||
if not errorlevel 1 ( | |||
call :USERREG "%%E" | |||
) | |||
) | |||
taskkill /f /im "OneDrive.exe" | |||
for /f "usebackq delims=" %%A in (`dir /b /a:d "%SYSTEMDRIVE%\Users"`) do ( | |||
echo rmdir /q /s "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\OneDrive" | |||
rmdir /q /s "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\OneDrive" | |||
echo rmdir /q /s "%SYSTEMDRIVE%\Users\%%A\OneDrive" | |||
rmdir /q /s "%SYSTEMDRIVE%\Users\%%A\OneDrive" | |||
echo del /q /f "%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk" | |||
del /q /f "%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk" | |||
) | |||
for /f "usebackq delims=" %%E in (`reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SyncRootManager" ^| findstr /i /c:"OneDrive"`) do echo reg delete "%%E" /f & reg delete "%%E" /f | |||
exit /b 0 | |||
:USERREG | |||
@echo ON | |||
reg delete "HKU\%~1\SOFTWARE\Microsoft\OneDrive" /f | |||
for /f "usebackq delims=" %%E in (`reg query "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BannerStore" ^| findstr /i /c:"OneDrive"`) do reg delete "%%E" /f | |||
for /f "usebackq delims=" %%E in (`reg query "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers" ^| findstr /i /c:"OneDrive"`) do reg delete "%%E" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.fluid" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.note" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.whiteboard" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\.loop" /f | |||
for /f "usebackq delims=" %%E in (`reg query "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths" ^| findstr /i /c:"OneDrive"`) do reg delete "%%E" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\TypeLib\{F904F88C-E60D-4327-9FA2-865AD075B400}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{A87958FF-B414-7748-9183-DBF183A25905}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{A87958FF-B414-7748-9183-DBF183A25905}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\NucleusNativeMessaging.NucleusNativeMessaging.1" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\NucleusNativeMessaging.NucleusNativeMessaging" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\NucleusToastActivator.NucleusToastActivator.1" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\NucleusToastActivator.NucleusToastActivator" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\mssharepointclient" /f | |||
reg delete "HKU\%~1\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.microsoft.onedrive.nucleus.auth.provider" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\AppID\{EEABD3A3-784D-4334-AAFC-BB13234F17CF}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\AppID\OneDrive.EXE" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{6bb93b4e-44d8-40e2-bd97-42dbcf18a40f}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{1EDD003E-C446-43C5-8BA0-3778CC4792CC}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{1EDD003E-C446-43C5-8BA0-3778CC4792CC}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\TypeLib\{4B1C80DA-FA45-468F-B42B-46496BDBE0C5}\1.0" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\SyncEngineStorageProviderHandlerProxy.SyncEngineStorageProviderHandlerProxy" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\TypeLib\{638805C3-4BA3-4AC8-8AAC-71A0BA2BC284}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\FileSyncClient.FileSyncClient.1" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\FileSyncClient.FileSyncClient" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\FileSyncClient.AutoPlayHandler.1" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\FileSyncClient.AutoPlayHandler" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{5999E1EE-711E-48D2-9884-851A709F543D}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\BannerNotificationHandler.BannerNotificationHandler" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{2e7c0a19-0438-41e9-81e3-3ad3d64f55ba}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{F0AF7C30-EAE4-4644-961D-54E6E28708D6}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{F0AF7C30-EAE4-4644-961D-54E6E28708D6}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{9D613F8A-B30E-4938-8490-CB5677701EBF}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{9D613F8A-B30E-4938-8490-CB5677701EBF}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{79A2A54C-3916-41FD-9FAB-F26ED0BBA755}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{79A2A54C-3916-41FD-9FAB-F26ED0BBA755}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{0299ECA9-80B6-43C8-A79A-FB1C5F19E7D8}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{0299ECA9-80B6-43C8-A79A-FB1C5F19E7D8}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{0f872661-c863-47a4-863f-c065c182858a}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{0f872661-c863-47a4-863f-c065c182858a}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{da82e55e-fa2f-45b3-aec3-e7294106ef52}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{da82e55e-fa2f-45b3-aec3-e7294106ef52}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{e9de26a1-51b2-47b4-b1bf-c87059cc02a7}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{e9de26a1-51b2-47b4-b1bf-c87059cc02a7}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{2692D1F2-2C7C-4AE0-8E73-8F37736C912D}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{2692D1F2-2C7C-4AE0-8E73-8F37736C912D}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{5D5DD08F-A10E-4FEF-BCA7-E73E666FC66C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{5D5DD08F-A10E-4FEF-BCA7-E73E666FC66C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{EE15BBBB-9E60-4C52-ABCB-7540FF3DF6B3}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{EE15BBBB-9E60-4C52-ABCB-7540FF3DF6B3}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{8D3F8F15-1DE1-4662-BF93-762EABE988B2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{8D3F8F15-1DE1-4662-BF93-762EABE988B2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{2B865677-AC3A-43BD-B9E7-BF6FCD3F0596}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{2B865677-AC3A-43BD-B9E7-BF6FCD3F0596}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{50487D09-FFA9-45E1-8DF5-D457F646CD83}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{50487D09-FFA9-45E1-8DF5-D457F646CD83}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{D32F7B3A-DEC8-4F44-AF28-E9B7FEB62118}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{D32F7B3A-DEC8-4F44-AF28-E9B7FEB62118}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{ACDB5DB0-C9D5-461C-BAAA-5DCE0B980E40}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{ACDB5DB0-C9D5-461C-BAAA-5DCE0B980E40}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\TypeLib\{909A6CCD-6810-46C4-89DF-05BE7EB61E6C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{10C9242E-D604-49B5-99E4-BF87945EF86C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{10C9242E-D604-49B5-99E4-BF87945EF86C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{F062BA81-ADFE-4A92-886A-23FD851D6406}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{F062BA81-ADFE-4A92-886A-23FD851D6406}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{3A4E62AE-45D9-41D5-85F5-A45B77AB44E5}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{390AF5A7-1390-4255-9BC9-935BFCFA5D57}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{390AF5A7-1390-4255-9BC9-935BFCFA5D57}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{1196AE48-D92B-4BC7-85DE-664EC3F761F1}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{1196AE48-D92B-4BC7-85DE-664EC3F761F1}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{D0ED5C72-6197-4AAD-9B16-53FE461DD85C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{D0ED5C72-6197-4AAD-9B16-53FE461DD85C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{AF60000F-661D-472A-9588-F062F6DB7A0E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{AF60000F-661D-472A-9588-F062F6DB7A0E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{5d65dd0d-81bf-4ff4-aeea-6effb445cb3f}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{5d65dd0d-81bf-4ff4-aeea-6effb445cb3f}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{b5c25645-7426-433f-8a5f-42b7ff27a7b2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{b5c25645-7426-433f-8a5f-42b7ff27a7b2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{f0440f4e-4884-4a8F-8a45-ba89c00f96f2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{f0440f4e-4884-4a8F-8a45-ba89c00f96f2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{0776ae27-5ab9-4e18-9063-1836da63117a}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{0776ae27-5ab9-4e18-9063-1836da63117a}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{1b7aed4f-fcaf-4da4-8795-c03e635d8edc}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{1b7aed4f-fcaf-4da4-8795-c03e635d8edc}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{0d4e4444-cb20-4c2b-b8b2-94e5656ecae8}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{0d4e4444-cb20-4c2b-b8b2-94e5656ecae8}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{d8c80ebb-099c-4208-afa3-fbc4d11f8a3c}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{d8c80ebb-099c-4208-afa3-fbc4d11f8a3c}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{C2FE84F5-E036-4A07-950C-9BFD3EAB983A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{C2FE84F5-E036-4A07-950C-9BFD3EAB983A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{8B9F14F4-9559-4A3F-B7D0-312E992B6D98}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{8B9F14F4-9559-4A3F-B7D0-312E992B6D98}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{22A68885-0FD9-42F6-9DED-4FB174DC7344}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{22A68885-0FD9-42F6-9DED-4FB174DC7344}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{a7126d4c-f492-4eb9-8a2a-f673dbdd3334}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{a7126d4c-f492-4eb9-8a2a-f673dbdd3334}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{c1439245-96b4-47fc-b391-679386c5d40f}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{c1439245-96b4-47fc-b391-679386c5d40f}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{944903E8-B03F-43A0-8341-872200D2DA9C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{944903E8-B03F-43A0-8341-872200D2DA9C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{B54E7079-90C9-4C62-A6B8-B2834C33A04A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{B54E7079-90C9-4C62-A6B8-B2834C33A04A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{1B71F23B-E61F-45C9-83BA-235D55F50CF9}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{1B71F23B-E61F-45C9-83BA-235D55F50CF9}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{049FED7E-C3EA-4B66-9D92-10E8085D60FB}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{049FED7E-C3EA-4B66-9D92-10E8085D60FB}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{2387C6BD-9A36-41A2-88ED-FF731E529384}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{2387C6BD-9A36-41A2-88ED-FF731E529384}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{EA23A664-A558-4548-A8FE-A6B94D37C3CF}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{EA23A664-A558-4548-A8FE-A6B94D37C3CF}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{2F12C599-7AA5-407A-B898-09E6E4ED2D1E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{2EB31403-EBE0-41EA-AE91-A1953104EA55}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{2EB31403-EBE0-41EA-AE91-A1953104EA55}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{AEEBAD4E-3E0A-415B-9B94-19C499CD7B6A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{AEEBAD4E-3E0A-415B-9B94-19C499CD7B6A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{fac14b75-7862-4ceb-be41-f53945a61c17}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{fac14b75-7862-4ceb-be41-f53945a61c17}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\TypeLib\{BAE13F6C-0E2A-4DEB-AA46-B8F55319347C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{466F31F7-9892-477E-B189-FA5C59DE3603}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{466F31F7-9892-477E-B189-FA5C59DE3603}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{869BDA08-7ACF-42B8-91AE-4D8D597C0B33}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{869BDA08-7ACF-42B8-91AE-4D8D597C0B33}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{679EC955-75AA-4FB2-A7ED-8C0152ECF409}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{679EC955-75AA-4FB2-A7ED-8C0152ECF409}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{0827D883-485C-4D62-BA2C-A332DBF3D4B0}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ FileSyncEx" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\ FileSyncEx" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\ FileSyncEx" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\IE.AssocFile.URL\shellex\ContextMenuHandlers\ FileSyncEx" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\ FileSyncEx" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{021E4F06-9DCC-49AD-88CF-ECC2DA314C8A}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{31508CC7-9BC7-494B-9D0F-7B1C7F144182}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{31508CC7-9BC7-494B-9D0F-7B1C7F144182}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\TypeLib\{C9F3F6BB-3172-4CD8-9EB7-37C9BE601C87}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\SyncEngineFileInfoProvider.SyncEngineFileInfoProvider.1" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\SyncEngineFileInfoProvider.SyncEngineFileInfoProvider" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\OOBERequestHandler.OOBERequestHandler.1" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\OOBERequestHandler.OOBERequestHandler" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{94269C4E-071A-4116-90E6-52E557067E4E}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\TypeLib\{082D3FEC-D0D0-4DF6-A988-053FECE7B884}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{389510b7-9e58-40d7-98bf-60b911cb0ea9}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{B05D37A9-03A2-45CF-8850-F660DF0CBF07}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{B05D37A9-03A2-45CF-8850-F660DF0CBF07}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{53de12aa-df96-413d-a25e-c75b6528abf2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{53de12aa-df96-413d-a25e-c75b6528abf2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{A926714B-7BFC-4D08-A035-80021395FFA8}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{6A821279-AB49-48F8-9A27-F6C59B4FF024}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{A91EFACB-8B83-4B84-B797-1C8CF3AB3DCB}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{A91EFACB-8B83-4B84-B797-1C8CF3AB3DCB}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\Interface\{C47B67D4-BA96-44BC-AB9E-1CAC8EEA9E93}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\Interface\{C47B67D4-BA96-44BC-AB9E-1CAC8EEA9E93}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}" /f | |||
reg delete "HKU\%~1\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION" /v "OneDrive.exe" /f | |||
reg delete "HKU\%~1\SOFTWARE\Classes\odopen" /f | |||
reg delete "HKU\%~1\SOFTWARE\Microsoft\SkyDrive" /f | |||
reg delete "HKU\%~1\SOFTWARE\SyncEngines\Providers\OneDrive" /f | |||
for /f "usebackq delims=" %%E in (`reg query "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" ^| findstr /i /c:"OneDrive"`) do reg delete "%%E" /f | |||
::reg delete "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OneDriveSetup.exe" /f | |||
@echo OFF |
@ -0,0 +1,8 @@ | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v ConsentPromptBehaviorAdmin /t REG_DWORD /d 00000005 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v ConsentPromptBehaviorUser /t REG_DWORD /d 00000003 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableInstallerDetection /t REG_DWORD /d 00000001 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableLUA /t REG_DWORD /d 00000001 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableVirtualization /t REG_DWORD /d 00000001 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v PromptOnSecureDesktop /t REG_DWORD /d 00000001 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v ValidateAdminCodeSignatures /t REG_DWORD /d 00000000 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v FilterAdministratorToken /t REG_DWORD /d 00000000 /f |
@ -0,0 +1,420 @@ | |||
@echo OFF | |||
for /f "usebackq delims=" %%A in (`dir /b /a:d "%SYSTEMDRIVE%\Users" ^| findstr /V /I /X /c:"Public" /c:"Default User" /c:"All Users"`) do ( | |||
for /f "usebackq tokens=2 delims=\" %%B in (`reg query "HKEY_USERS" ^| findstr /c:"S-"`) do ( | |||
for /f "usebackq tokens=2* delims= " %%C in (`reg query "HKU\%%B\Volatile Environment" /v "USERPROFILE" 2^>^&1 ^| findstr /R /X /C:".*USERPROFILE[ ]*REG_SZ[ ].*"`) do ( | |||
REM IF errorlevel 5 CMD /C "exit /b 5" | |||
if /i "%SYSTEMDRIVE%\Users\%%A"=="%%D" cmd /c "exit /b 5" | |||
) | |||
) | |||
if not errorlevel 5 ( | |||
reg query "HKEY_USERS" | findstr /c:"AME_UserHive_" | |||
if not errorlevel 1 ( | |||
for /f "usebackq tokens=1 delims=:" %%D in (`echo :^>NUL ^& ^(reg query "HKEY_USERS" ^| findstr /c:"AME_UserHive_" ^& echo AME-Placeholder^) ^| findstr /N /c:"AME-Placeholder"`) do ( | |||
if exist "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" ( | |||
if /i "%%A"=="Default" ( | |||
echo reg load "HKU\AME_UserHive_Default" "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" | |||
reg load "HKU\AME_UserHive_Default" "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" | |||
) else ( | |||
echo reg load "HKU\AME_UserHive_%%D" "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" | |||
reg load "HKU\AME_UserHive_%%D" "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" | |||
if exist "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\Windows\UsrClass.dat" ( | |||
echo reg load "HKU\AME_UserClassesHive_%%D" "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\Windows\UsrClass.dat" | |||
reg load "HKU\AME_UserClassesHive_%%D" "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\Windows\UsrClass.dat" | |||
) | |||
) | |||
) | |||
) | |||
) else ( | |||
if exist "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" ( | |||
if /i "%%A"=="Default" ( | |||
echo reg load "HKU\AME_UserHive_Default" "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" | |||
reg load "HKU\AME_UserHive_Default" "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" | |||
) else ( | |||
echo reg load "HKU\AME_UserHive_1" "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" | |||
reg load "HKU\AME_UserHive_1" "%SYSTEMDRIVE%\Users\%%A\NTUSER.DAT" | |||
if exist "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\Windows\UsrClass.dat" ( | |||
echo reg load "HKU\AME_UserClassesHive_1" "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\Windows\UsrClass.dat" | |||
reg load "HKU\AME_UserClassesHive_1" "%SYSTEMDRIVE%\Users\%%A\AppData\Local\Microsoft\Windows\UsrClass.dat" | |||
) | |||
) | |||
) | |||
) | |||
) else ( | |||
cmd /c "exit /b 0" | |||
) | |||
) | |||
for /f "usebackq tokens=2 delims=\" %%E in (`reg query "HKEY_USERS" ^| findstr /c:"S-" /c:"AME_UserHive_"`) do ( | |||
REM If the "Volatile Environment" key exists, that means it is a proper user. Built in accounts/SIDs don't have this key. | |||
reg query "HKU\%%E" | findstr /c:"Volatile Environment" /c:"AME_UserHive_" > NUL 2>&1 | |||
if not errorlevel 1 ( | |||
call :REGICALL "%%E" | |||
) | |||
) | |||
@echo ON | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\AutoLogger\AutoLogger-Diagtrack-Listener" /v "Start" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\AutoLogger\SQMLogger" /v "Start" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" /v DownloadMode /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\SettingSync" /v DisableSettingSync /t REG_DWORD /d 2 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\SettingSync" /v DisableSettingSyncUserOverride /t REG_DWORD /d 1 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo" /v DisabledByGroupPolicy /t REG_DWORD /d 1 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\EnhancedStorageDevices" /v TCGSecurityActivationDisabled /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\OneDrive" /v DisableFileSyncNGSC /t REG_DWORD /d 1 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\safer\codeidentifiers" /v authenticodeenabled /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Error Reporting" /v DontSendAdditionalData /t REG_DWORD /d 1 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting" /v value /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots" /v value /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform" /v NoGenTicket /t REG_DWORD /d 1 /f | |||
:: Remove SecurityHealth from startup | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "SecurityHealth" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run" /v "SecurityHealth" /f | |||
:: Turns off Windows blocking installation of files downloaded from the internet | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments" /v SaveZoneInformation /t REG_DWORD /d 1 /f | |||
:: Disables SmartScreen | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v SmartScreenEnabled /t REG_SZ /d "Off" /f | |||
:: Remove Metadata Tracking | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Device Metadata" /f | |||
:: New Control Panel cleanup - List of commands: https://winaero.com/ms-settings-commands-in-windows-10/ | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v SettingsPageVisibility /t REG_SZ /d "showonly:display;nightlight;sound;notifications;quiethours;powersleep;batterysaver;tabletmode;multitasking;clipboard;remote-desktop;about;bluetooth;connecteddevices;printers;mousetouchpad;devices-touchpad;typing;pen;autoplay;usb;network-status;network-cellular;network-wifi;network-wificalling;network-wifisettings;network-ethernet;network-dialup;network-vpn;network-airplanemode;network-mobilehotspot;datausage;network-proxy;personalization-background;personalization-start;fonts;colors;lockscreen;themes;taskbar;defaultapps;videoplayback;startupapps;dateandtime;regionformatting;gaming;gamemode;easeofaccess-display;easeofaccess-colorfilter;easeofaccess-audio;easeofaccess-easeofaccess-narrator;easeofaccess-magnifier;easeofaccess-highcontrast;easeofaccess-closedcaptioning;easeofaccess-speechrecognition;easeofaccess-eyecontrol;easeofaccess-keyboard;easeofaccess-mouse;cortana-windowssearch;search-moredetails" /f | |||
:: Decrease shutdown time | |||
reg add "HKLM\SYSTEM\CurrentControlSet\Control" /v WaitToKillServiceTimeout /t REG_SZ /d 2000 /f | |||
reg add "HKLM\SYSTEM\CurrentControlSet\Control" /v HungAppTimeout /t REG_SZ /d 2000 /f | |||
reg add "HKLM\SYSTEM\CurrentControlSet\Control" /v AutoEndTasks /t REG_SZ /d 1 /f | |||
:: Clean up the This PC Icon Selection | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{0DB7E03F-FC29-4DC6-9020-FF41B59E513A}" /f | |||
:: Disable Windows Error Reporting | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d /1 /f | |||
:: Enables full drive indexing (Enhanced Search) | |||
cd Executables | |||
NSudoLC -U:S -P:E -M:S -Priority:RealTime -UseCurrentConsole -Wait reg add "HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex" /v "EnableFindMyFiles" /t REG_DWORD /d 1 /f | |||
:: Search | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "DisableWebSearch" /t REG_DWORD /d 1 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWeb" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowIndexingEncryptedStoresOrItems" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AlwaysUseAutoLangDetection" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "DisableWebSearch" /t REG_DWORD /d 1 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWeb" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWebOverMeteredConnections" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCloudSearch" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Speech_OneCore\Preferences" /v "VoiceActivationDefaultOn" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Speech_OneCore\Preferences" /v "VoiceActivationEnableAboveLockscreen" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Speech_OneCore\Preferences" /v "ModelDownloadAllowed" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE" /v "DisableVoice" /t REG_DWORD /d 1 /f | |||
:: Firewall rules to prevent the startmenu from talking | |||
reg add "HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v "Block Search SearchApp.exe" /t REG_SZ /d "v2.30|Action=Block|Active=TRUE|Dir=Out|RA42=IntErnet|RA62=IntErnet|App=C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe|Name=Block Search SearchUI.exe|Desc=Block Cortana Outbound UDP/TCP Traffic|" /f | |||
::reg add "HKLM\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /v "Block Search Package" /t REG_SZ /d "v2.30|Action=Block|Active=TRUE|Dir=Out|RA42=IntErnet|RA62=IntErnet|Name=Block Search Package|Desc=Block Search Outbound UDP/TCP Traffic|AppPkgId=S-1-15-2-536077884-713174666-1066051701-3219990555-339840825-1966734348-1611281757|Platform=2:6:2|Platform2=GTEQ|" /f | |||
:: Disable Timeline | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableActivityFeed" /t REG_DWORD /d 0 /f | |||
:: Setup Windows Explorer | |||
reg delete "HKEY_CLASSES_ROOT\CABFolder\CLSID" /f | |||
reg delete "HKEY_CLASSES_ROOT\SystemFileAssociations\.cab\CLSID" /f | |||
reg delete "HKEY_CLASSES_ROOT\CompressedFolder\CLSID" /f | |||
reg delete "HKEY_CLASSES_ROOT\SystemFileAssociations\.zip\CLSID" /f | |||
:: Taskbar | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ImmersiveShell" /v UseActionCenterExperience /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v HideSCAHealth /t REG_DWORD /d 0x1 /f | |||
:: Remove the Open with Paint 3D from the explorer context menu | |||
reg delete "HKLM\SOFTWARE\Classes\SystemFileAssociations\.bmp\Shell\3D Edit" /f | |||
reg delete "HKLM\SOFTWARE\Classes\SystemFileAssociations\.jpeg\Shell\3D Edit" /f | |||
reg delete "HKLM\SOFTWARE\Classes\SystemFileAssociations\.jpe\Shell\3D Edit" /f | |||
reg delete "HKLM\SOFTWARE\Classes\SystemFileAssociations\.jpg\Shell\3D Edit" /f | |||
reg delete "HKLM\SOFTWARE\Classes\SystemFileAssociations\.jpg\Shell\3D Edit" /f | |||
reg delete "HKLM\SOFTWARE\Classes\SystemFileAssociations\.png\Shell\3D Edit" /f | |||
reg delete "HKLM\SOFTWARE\Classes\SystemFileAssociations\.gif\Shell\3D Edit" /f | |||
reg delete "HKLM\SOFTWARE\Classes\SystemFileAssociations\.tif\Shell\3D Edit" /f | |||
reg delete "HKLM\SOFTWARE\Classes\SystemFileAssociations\.tiff\Shell\3D Edit" /f | |||
:: Remove OneDrive from the Explorer Side Panel | |||
reg delete "HKEY_CLASSES_ROOT\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /f | |||
reg delete "HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /f | |||
:: Disable ActiveProbing/NCSI | |||
:: reg add "HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet" /v EnableActiveProbing /t REG_DWORD /d 0 /f | |||
:: smb config | |||
sc config lanmanworkstation depend= bowser/mrxsmb20/nsi | |||
:: Set Time reference to UTC | |||
reg add "HKLM\SYSTEM\CurrentControlSet\Control\TimeZoneInformation" /v RealTimeIsUniversal /t REG_DWORD /d 1 /f | |||
:: Disable Users On Login Screen | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v dontdisplaylastusername /t REG_DWORD /d 1 /f | |||
:: Disable The Lock Screen | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /v NoLockScreen /t REG_DWORD /d 1 /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f | |||
:: Prevent NVCP not found message after installing NVIDIA drivers | |||
reg add "HKLM\System\CurrentControlSet\Services\nvlddmkm" /f | |||
reg add "HKLM\System\CurrentControlSet\Services\nvlddmkm\Global" /f | |||
reg add "HKLM\System\CurrentControlSet\Services\nvlddmkm\Global\NVTweak" /f | |||
reg add "HKLM\System\CurrentControlSet\Services\nvlddmkm\Global\NVTweak" /v "DisableStoreNvCplNotifications" /t REG_DWORD /d 1 /f | |||
:: Improve new user login experience | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\OOBE" /v DisablePrivacyExperience /t REG_DWORD /d 1 /f > NUL 2>&1 | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableFirstLogonAnimation /t REG_DWORD /d 0 /f > NUL 2>&1 | |||
:: Remove Windows Contacts showing up in default apps in W11 | |||
reg delete "HKCR\certificate_wab_auto_file" /f | |||
reg delete "HKCR\wab_auto_file" /f | |||
NSudoLC -U:T -P:E -M:S -Priority:RealTime -Wait reg delete "HKCR\contact_wab_auto_file" /f | |||
NSudoLC -U:T -P:E -M:S -Priority:RealTime -Wait reg delete "HKCR\WAB.AssocProtocol.LDAP" /f | |||
NSudoLC -U:T -P:E -M:S -Priority:RealTime -Wait reg delete "HKCR\TIFImage.Document" /f | |||
NSudoLC -U:T -P:E -M:S -Priority:RealTime -Wait reg delete "HKCR\PhotoViewer.FileAssoc.Tiff" /f | |||
:: Remove Windows Media Player from default apps list | |||
NSudoLC -U:T -P:E -M:S -Priority:RealTime -UseCurrentConsole -Wait CMD /c "for /f "usebackq delims=" %%A in (`reg query "HKCR" /f "WMP11*" ^| findstr /c:"WMP11"`) do reg delete "%%A" /f" | |||
:: Make Ti explorer nicer | |||
reg add "HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f | |||
reg add "HKU\S-1-5-18\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v DisableNotificationCenter /t REG_DWORD /d 1 /f | |||
reg add "HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowCortanaButton /t REG_DWORD /d 0 /f | |||
reg add "HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowTaskViewButton /t REG_DWORD /d 0 /f | |||
:: Disable News and Interests | |||
reg add "HKLM\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests" /v AllowNewsAndInterests /t REG_DWORD /d 0 | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v AllowNewsAndInterests /t REG_DWORD /d 0 | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds" /v EnableFeeds /t REG_DWORD /d 0 | |||
:: Fix black screen issue with new users | |||
:: start NSudoLC -U:T -P:E -M:S -Priority:RealTime -Wait reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore" /f | |||
:: Enable Legacy F8 Bootmenu | |||
bcdedit /set {default} bootmenupolicy legacy | |||
:: Disable Recovery | |||
bcdedit /set {current} recoveryenabled no | |||
:: Disable Hibernation to make NTFS accessable outside of Windows | |||
powercfg /h off | |||
:: Set Performance Plan to High Performance and display to never turn off | |||
powercfg /S 8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c | |||
powercfg /change monitor-timeout-ac 0 | |||
@exit /b 0 | |||
:REGICALL | |||
@echo ON | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v Enabled /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v EnableWebContentEvaluation /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\Control Panel\International\User Profile" /v HttpAcceptLanguageOptOut /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\GameDVR" /v AppCaptureEnabled /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\System\GameConfigStore" /v GameDVR_Enabled /t REG_DWORD /d 0 /f | |||
:: Autorun | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoDriveTypeAutoRun /t REG_DWORD /d 181 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers" /v DisableAutoplay /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v NoAutorun /t REG_DWORD /d 1 /f | |||
:: Adobe Security Improvements | |||
reg add "HKU\%~1\SOFTWARE\Adobe" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\JSPrefs" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\JSPrefs" /v "bEnableJS" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\Originals" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\Originals" /v "bAllowOpenFile" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\Originals" /v "bSecureOpenFile" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\Privileged" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\Privileged" /v "bProtectedMode" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\TrustManager" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\TrustManager" /v "iProtectedView" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\TrustManager" /v "bEnhancedSecurityInBrowser" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\DC\TrustManager" /v "bEnhancedSecurityStandalone" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\JSPrefs" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\JSPrefs" /v "bEnableJS" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\Originals" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\Originals" /v "bAllowOpenFile" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\Originals" /v "bSecureOpenFile" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\Privileged" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\Privileged" /v "bProtectedMode" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\TrustManager" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\TrustManager" /v "iProtectedView" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\TrustManager" /v "bEnhancedSecurityInBrowser" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Adobe\Acrobat Reader\XI\TrustManager" /v "bEnhancedSecurityStandalone" /t REG_DWORD /d 1 /f | |||
:: Office Security Improvements | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Excel" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Excel\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Excel\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Excel\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Excel\Security" /v "WorkbookLinkWarnings" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\PowerPoint" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\PowerPoint\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\PowerPoint\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\PowerPoint\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Word" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Word\Options" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Word\Options\vpref" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Word\Options\vpref" /v "fNoCalclinksOnopen_90_1" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Word\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Word\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\12.0\Word\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Excel" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Excel\Options" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Excel\Options" /v "DontUpdateLinks" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Excel\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Excel\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Excel\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Excel\Security" /v "WorkbookLinkWarnings" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\PowerPoint" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\PowerPoint\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\PowerPoint\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\PowerPoint\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Word" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Word\Options" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Word\Options" /v "DontUpdateLinks" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Word\Options\WordMail" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Word\Options\WordMail" /v "DontUpdateLinks" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Word\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Word\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Word\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\14.0\Word\Security" /v "AllowDDE" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Excel" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Excel\Options" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Excel\Options" /v "DontUpdateLinks" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Excel\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Excel\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Excel\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Excel\Security" /v "WorkbookLinkWarnings" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\PowerPoint" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\PowerPoint\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\PowerPoint\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\PowerPoint\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Word" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Word\Options" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Word\Options" /v "DontUpdateLinks" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Word\Options\WordMail" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Word\Options\WordMail" /v "DontUpdateLinks" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Word\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Word\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Word\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\15.0\Word\Security" /v "AllowDDE" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Excel" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Excel\Options" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Excel\Options" /v "DontUpdateLinks" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Excel\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Excel\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Excel\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Excel\Security" /v "WorkbookLinkWarnings" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\PowerPoint" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\PowerPoint\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\PowerPoint\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\PowerPoint\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Word" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Word\Options" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Word\Options" /v "DontUpdateLinks" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Word\Options\WordMail" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Word\Options\WordMail" /v "DontUpdateLinks" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Word\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Word\Security" /v "PackagerPrompt" /t REG_DWORD /d 2 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Word\Security" /v "VBAWarnings" /t REG_DWORD /d 4 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\16.0\Word\Security" /v "AllowDDE" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\Common" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\Common\Security" /t REG_SZ /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Office\Common\Security" /v "DisableAllActiveX" /t REG_DWORD /d 1 /f | |||
:: Turns off Windows blocking installation of files downloaded from the internet | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Attachments" /v SaveZoneInformation /t REG_DWORD /d 1 /f | |||
:: Disables SmartScreen | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v ContentEvaluation /t REG_DWORD /d 0 /f | |||
:: Decrease shutdown time | |||
reg add "HKU\%~1\Control Panel\Desktop" /v WaitToKillAppTimeOut /t REG_SZ /d 2000 /f | |||
:: Disable Storage Sense | |||
reg delete "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\StorageSense" /f | |||
:: Search | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "BingSearchEnabled" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "CortanaConsent" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "CortanaInAmbientMode" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "HistoryViewEnabled" /t REG_DWORD 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "HasAboveLockTips" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\SearchSettings" /v "SafeSearchMode" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v "DisableSearchBoxSuggestions" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore" /v "AcceptedPrivacyPolicy" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore" /v "HarvestContacts" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Personalization\Settings" /v "AcceptedPrivacyPolicy" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v "DisableSearchBoxSuggestions" /t REG_DWORD /d 1 /f | |||
:: Setup Windows Explorer | |||
:: Removes the shake to minimze all other windows gesture | |||
::reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "DisallowShaking" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "NavPaneShowAllFolders" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v LaunchTo /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v HideFileExt /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Hidden /t REG_DWORD /d 1 /f | |||
:: TBD | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /V TaskbarGlomLevel /T REG_DWORD /D 2 /F | |||
:: Taskbar | |||
reg add "HKU\%~1\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v DisableNotificationCenter /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowCortanaButton /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowTaskViewButton /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v EnableAutoTray /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v HideSCAMeetNow /t REG_DWORD /d 1 /f | |||
:: Disable Security and Maintenance notifications | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.SecurityAndMaintenance" /v "Enabled" /t REG_DWORD /d 0 /f | |||
:: Disable configue backup notifications | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.BackupReminder" /v "Enabled" /t REG_DWORD /d 0 /f | |||
:: Disable "Let's Finish Setting Up Your Device" OOBE screen | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f | |||
@echo OFF | |||
::if "%~1"=="AME_UserHive_Default" ( | |||
:: echo reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v "AME New User Msg" /t REG_EXPAND_SZ /d "msg """"%%username%%"""" Warning: Creating a new user after amelioration is not fully supported. The settings app will not work and certain UI elements will be broken." /f | |||
:: reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v "AME New User Msg" /t REG_EXPAND_SZ /d "msg """"%%username%%"""" Warning: Creating a new user after amelioration is not fully supported. The settings app will not work and certain UI elements will be broken." /f | |||
::) | |||
@exit /b 0 |
@ -0,0 +1,40 @@ | |||
cd Executables\ProcessHacker\x64 | |||
::ProcessHacker.exe -elevate -s -c -ctype service -cobject AppReadiness -caction stop | |||
::timeout /t 8 > NUL | |||
::ProcessHacker.exe -elevate -s -c -ctype service -cobject AppReadiness -caction delete | |||
::timeout /t 2 > NUL | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject wuauserv -caction stop | |||
timeout /t 8 > NUL | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject wuauserv -caction delete | |||
timeout /t 8 > NUL | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject wuauserv -caction stop | |||
timeout /t 8 > NUL | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject BITS -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject DoSvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject iphlpsvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject Winmgmt -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject ClipSVC -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject DiagTrack -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject RetailDemo -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject diagnosticshub.standardcollector.service -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject dmwappushservice -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject InstallService -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject LicenseManager -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject lfsvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject MapsBroker -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject NetTcpPortSharing -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject RemoteAccess -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject RemoteRegistry -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject SharedAccess -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject StorSvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject TrkWks -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject UsoSvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject WbioSrvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject WMPNetworkSvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject XblAuthManager -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject XblGameSave -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject XboxNetApiSvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject wlidsvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject DoSvc -caction stop | |||
ProcessHacker.exe -elevate -s -c -ctype service -cobject ClipSVC -caction stop |
@ -0,0 +1,23 @@ | |||
cd Executables | |||
@echo OFF | |||
for /f "usebackq delims=" %%A in (`dir /b /a:d "%SYSTEMDRIVE%\Users" ^| findstr /v /i /x /c:"Public" /c:"Default User" /c:"All Users"`) do ( | |||
echo mkdir "%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell" | |||
mkdir "%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell" | |||
echo mkdir "%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell\Pinned" | |||
mkdir "%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell\Pinned" | |||
echo PowerShell -NoP -C "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell\Pinned\Windows Terminal.lnk'); $S.TargetPath = '%PROGRAMFILES%\Scoop\GlobalScoopApps\apps\windows-terminal\current\WindowsTerminal.exe'; $S.Save(); $s = $ws.CreateShortcut('%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell\Pinned\Mozilla Thunderbird.lnk'); $S.TargetPath = '%HOMEDRIVE%\Program Files\Mozilla Thunderbird\thunderbird.exe'; $S.WorkingDirectory = 'C:\Program Files\Mozilla Thunderbird'; $S.Save(); $s = $ws.CreateShortcut('%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell\Pinned\Firefox.lnk'); $S.TargetPath = '%HOMEDRIVE%\Program Files\Mozilla Firefox\firefox.exe'; $S.WorkingDirectory = 'C:\Program Files\Mozilla Firefox'; $S.Save()" | |||
PowerShell -NoP -C "$ws = New-Object -ComObject WScript.Shell; $s = $ws.CreateShortcut('%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell\Pinned\Windows Terminal.lnk'); $S.TargetPath = '%PROGRAMFILES%\Scoop\GlobalScoopApps\apps\windows-terminal\current\WindowsTerminal.exe'; $S.Save(); $s = $ws.CreateShortcut('%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell\Pinned\Mozilla Thunderbird.lnk'); $S.TargetPath = '%HOMEDRIVE%\Program Files\Mozilla Thunderbird\thunderbird.exe'; $S.WorkingDirectory = 'C:\Program Files\Mozilla Thunderbird'; $S.Save(); $s = $ws.CreateShortcut('%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\OpenShell\Pinned\Firefox.lnk'); $S.TargetPath = '%HOMEDRIVE%\Program Files\Mozilla Firefox\firefox.exe'; $S.WorkingDirectory = 'C:\Program Files\Mozilla Firefox'; $S.Save()" | |||
echo del /q /f "%SYSTEMDRIVE%\Users\%%A\Desktop\Microsoft Edge.lnk" | |||
del /q /f "%SYSTEMDRIVE%\Users\%%A\Desktop\Microsoft Edge.lnk" | |||
echo del /q /f "%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk" | |||
del /q /f "%SYSTEMDRIVE%\Users\%%A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk" | |||
) | |||
@echo ON | |||
del /q /f "%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk" | |||
copy /y "amecs.cmd" "%WINDIR%\System32" |
@ -0,0 +1,42 @@ | |||
cd Executables | |||
rmdir /q /s "silent_installers" | |||
7za.exe x silent_installers.7z -pwizard | |||
mkdir "%ALLUSERSPROFILE%\OldNewExplorer" | |||
robocopy "silent_installers\OldNewExplorerCfg" "%ALLUSERSPROFILE%\OldNewExplorer" /e | |||
icacls "%ALLUSERSPROFILE%\OldNewExplorer" /reset /t | |||
PowerShell -NoP -C "Invoke-WMIMethod -Class Win32_Process -Name Create -ArgumentList '%ALLUSERSPROFILE%\OldNewExplorer\OldNewExplorerCfg.exe' | Wait-Process" | |||
del /q /f "%ALLUSERSPROFILE%\OldNewExplorer\*" | |||
PowerShell -NoP -C "Invoke-WMIMethod -Class Win32_Process -Name Create -ArgumentList '%~dp0\silent_installers\OldCalculatorforWindows10Cfg.exe' | Wait-Process" | |||
rename "%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\Programs\Accessories\Old Calculator.lnk" "Calculator.lnk" | |||
@echo OFF | |||
for /f "usebackq tokens=2 delims=\" %%A in (`reg query "HKEY_USERS" ^| findstr /c:"S-" /c:"AME_UserHive_"`) do ( | |||
REM If the "Volatile Environment" key exists, that means it is a proper user. Built in accounts/SIDs don't have this key. | |||
reg query "HKU\%%A" | findstr /c:"Volatile Environment" /c:"AME_UserHive_" > NUL 2>&1 | |||
if not errorlevel 1 call :SLNTCALL "%%A" | |||
) | |||
exit /b 0 | |||
:SLNTCALL | |||
@echo ON | |||
::Configure OldNewExplorer" | |||
reg add "HKU\%~1\SOFTWARE\Tihiy" /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /v "Details" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /v "DriveGrouping" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /v "HideFolders" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /v "IEButtons" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /v "NavBarGlass" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /v "NoCaption" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /v "NoIcon" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /v "NoRibbon" /t REG_DWORD /d 1 /f | |||
reg add "HKU\%~1\SOFTWARE\Tihiy\OldNewExplorer" /v "NoUpButton" /t REG_DWORD /d 0 /f | |||
@echo OFF | |||
exit /b 0 |
@ -0,0 +1,33 @@ | |||
cd Executables | |||
@if exist "%SYSTEMDRIVE%\Windows\StartMenuLayout.xml" echo del /q /f "%SYSTEMDRIVE%\Windows\StartMenuLayout.xml" & del /q /f "%SYSTEMDRIVE%\Windows\StartMenuLayout.xml" | |||
copy /y "Layout.xml" "%SYSTEMDRIVE%\Windows\StartMenuLayout.xml" | |||
@echo OFF | |||
for /f "usebackq tokens=2 delims=\" %%A in (`reg query "HKEY_USERS" ^| findstr /c:"S-" /c:"AME_UserHive_"`) do ( | |||
REM If the "Volatile Environment" key exists, that means it is a proper user. Built in accounts/SIDs don't have this key. | |||
reg query "HKEY_USERS\%%A" | findstr /c:"Volatile Environment" /c:"AME_UserHive_" > NUL 2>&1 | |||
if not errorlevel 1 ( | |||
for /f "usebackq tokens=3* delims= " %%B in (`reg query "HKU\%%A\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "Local AppData" 2^>^&1 ^| findstr /R /X /C:".*Local AppData[ ]*REG_SZ[ ].*"`) do ( | |||
echo copy /y "Layout.xml" "%%C\Microsoft\Windows\Shell\LayoutModification.xml" | |||
copy /y "Layout.xml" "%%C\Microsoft\Windows\Shell\LayoutModification.xml" | |||
) | |||
echo reg add "HKU\%%A\SOFTWARE\Policies\Microsoft\Windows\Explorer" /f | |||
reg add "HKU\%%A\SOFTWARE\Policies\Microsoft\Windows\Explorer" /f | |||
echo reg add "HKU\%%A\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v "LockedStartLayout" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%%A\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v "LockedStartLayout" /t REG_DWORD /d 0 /f | |||
echo reg add "HKU\%%A\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v "StartLayoutFile" /t REG_SZ /d "C:\Windows\StartMenuLayout.xml" /f | |||
reg add "HKU\%%A\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v "StartLayoutFile" /t REG_SZ /d "C:\Windows\StartMenuLayout.xml" /f | |||
for /f "usebackq delims=" %%C in (`reg query "HKU\%%A\SOFTWARE\Microsoft\Windows\CurrentVersion\CloudStore\Store\Cache\DefaultAccount" ^| findstr /c:"start.tilegrid"`) do ( | |||
echo reg delete "%%C" /f | |||
reg delete "%%C" /f | |||
) | |||
) | |||
) | |||
@echo ON | |||
PowerShell -NoP -C "Import-StartLayout -LayoutPath '%SYSTEMDRIVE%\Windows\StartMenuLayout.xml' -MountPath $env:SystemDrive\\" | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Explorer" /f | |||
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Explorer" /v "StartLayoutFile" /t REG_SZ /d "%SYSTEMDRIVE%\Windows\StartMenuLayout.xml" /f |
@ -0,0 +1,4 @@ | |||
DISM.exe /Online /Remove-Package /PackageName:Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1645.1.11 /quiet /norestart | |||
DISM.exe /Online /Remove-Package /PackageName:Package_for_RollupFix~31bf3856ad364e35~amd64~~19041.1586.1.7 /quiet /norestart | |||
sc config wuauserv start= disabled | |||
sc stop wuauserv |
@ -0,0 +1,128 @@ | |||
cd Executables | |||
NSudoLC -U:T -P:E -M:S -Priority:RealTime -UseCurrentConsole -Wait icacls "%WINDIR%\Resources\Themes\aero.theme" /reset /t | |||
PowerShell -NoP -C "(Get-Content '%WINDIR%\Resources\Themes\aero.theme') -replace 'Wallpaper=%%SystemRoot%%.*', 'Wallpaper=%%SystemRoot%%\web\wallpaper\Windows\ame_wallpaper_1440.bmp' | Set-Content '%WINDIR%\Resources\Themes\aero.theme'" | |||
@echo OFF | |||
if exist "ame_wallpaper_1440.bmp" ( | |||
echo move /y "ame_wallpaper_1440.bmp" "%WINDIR%\Web\Wallpaper\Windows" | |||
move /y "ame_wallpaper_1440.bmp" "%WINDIR%\Web\Wallpaper\Windows" | |||
echo icacls "%WINDIR%\Web\Wallpaper\Windows\ame_wallpaper_1440.bmp" /reset | |||
icacls "%WINDIR%\Web\Wallpaper\Windows\ame_wallpaper_1440.bmp" /reset | |||
) | |||
set "RunEC=10" | |||
for /f "usebackq tokens=2 delims=\" %%A in (`reg query "HKEY_USERS" ^| findstr /c:"S-" /c:"AME_UserHive_"`) do ( | |||
if "%%A"=="AME_UserHive_Default" ( | |||
call :WALLRUN "%%A" "%SYSTEMDRIVE%\Users\Default" | |||
IF errorlevel 5 set "RunEC=5" | |||
IF errorlevel 4 set "RunEC=4" | |||
IF errorlevel 3 set "RunEC=3" | |||
IF errorlevel 2 set "RunEC=2" | |||
IF errorlevel 1 set "RunEC=1" | |||
IF errorlevel 0 set "RunEC=0" | |||
) else ( | |||
for /f "usebackq tokens=2* delims= " %%B in (`reg query "HKU\%%A\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "AppData" 2^>^&1 ^| findstr /R /X /C:".*AppData[ ]*REG_SZ[ ].*"`) do ( | |||
call :WALLRUN "%%A" "%%C" | |||
IF errorlevel 5 set "RunEC=5" | |||
IF errorlevel 4 set "RunEC=4" | |||
IF errorlevel 3 set "RunEC=3" | |||
IF errorlevel 2 set "RunEC=2" | |||
IF errorlevel 1 set "RunEC=1" | |||
IF errorlevel 0 set "RunEC=0" | |||
) | |||
) | |||
) | |||
for /f "usebackq tokens=2 delims=\" %%A in (`reg query "HKEY_USERS" ^| findstr /c:"AME_UserHive_" /c:"AME_UserClassHive_"`) do echo reg unload "HKU\%%A" & reg unload "HKU\%%A" | |||
exit /b %RunEC% | |||
:WALLRUN | |||
if not exist "%WINDIR%\Web\Wallpaper\Windows" echo mkdir "%WINDIR%\Web\Wallpaper\Windows" & mkdir "%WINDIR%\Web\Wallpaper\Windows" | |||
if exist "%~2\Microsoft\Windows\Themes\Transcoded_000" set "wallChanged=true" & goto lockScreen | |||
echo PowerShell -NoP -C "Add-Type -AssemblyName System.Drawing; $img = New-Object System.Drawing.Bitmap '%~2\Microsoft\Windows\Themes\TranscodedWallpaper'; if ($img.Flags -ne 77840) {exit 1}; if ($img.HorizontalResolution -ne 96) {exit 1}; if ($img.VerticalResolution -ne 96) {exit 1}; if ($img.PropertyIdList -notcontains 40961) {exit 1}; if ($img.PropertyIdList -notcontains 20624) {exit 1}; if ($img.PropertyIdList -notcontains 20625) {exit 1}" | |||
PowerShell -NoP -C "Add-Type -AssemblyName System.Drawing; $img = New-Object System.Drawing.Bitmap '%~2\Microsoft\Windows\Themes\TranscodedWallpaper'; if ($img.Flags -ne 77840) {exit 1}; if ($img.HorizontalResolution -ne 96) {exit 1}; if ($img.VerticalResolution -ne 96) {exit 1}; if ($img.PropertyIdList -notcontains 40961) {exit 1}; if ($img.PropertyIdList -notcontains 20624) {exit 1}; if ($img.PropertyIdList -notcontains 20625) {exit 1}" | |||
if %errorlevel% NEQ 0 set "wallChanged=true" & goto lockScreen | |||
if exist "img0_*" ( | |||
echo takeown /f "%WINDIR%\Web\4K\Wallpaper\Windows\*.jpg" | |||
takeown /f "%WINDIR%\Web\4K\Wallpaper\Windows\*.jpg" | |||
echo icacls "%WINDIR%\Web\4K\Wallpaper\Windows\*.jpg" /reset | |||
icacls "%WINDIR%\Web\4K\Wallpaper\Windows\*.jpg" /reset | |||
echo move /y img0_*.jpg "%WINDIR%\Web\4K\Wallpaper\Windows" | |||
move /y img0_*.jpg "%WINDIR%\Web\4K\Wallpaper\Windows" | |||
) | |||
if exist "img0.jpg" ( | |||
echo takeown /f "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" | |||
takeown /f "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" | |||
echo icacls "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" /reset | |||
icacls "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" /reset | |||
echo move /y "img0.jpg" "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" | |||
move /y "img0.jpg" "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" | |||
) | |||
if not exist "%WINDIR%\Web\Wallpaper\Windows\ame_wallpaper_1440.bmp" set "wallFail=true" & goto lockScreen | |||
echo reg add "HKEY_USERS\%~1\Control Panel\Desktop" /v WallPaper /t REG_SZ /d "%WINDIR%\Web\Wallpaper\Windows\ame_wallpaper_1440.bmp" /f | |||
reg add "HKEY_USERS\%~1\Control Panel\Desktop" /v WallPaper /t REG_SZ /d "%WINDIR%\Web\Wallpaper\Windows\ame_wallpaper_1440.bmp" /f | |||
if %errorlevel% NEQ 0 set "wallFail=true" & goto lockScreen | |||
:lockScreen | |||
reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Creative\%~1" /v "RotatingLockScreen*" > NUL 2>&1 | |||
if %errorlevel% NEQ 0 ( | |||
echo "%~1" | findstr /c:"S-" > NUL | |||
if not errorlevel 1 ( | |||
echo reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Creative\%~1" /v "RotatingLockScreenEnabled" /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Creative\%~1" /v "RotatingLockScreenEnabled" /t REG_DWORD /d 0 /f | |||
) | |||
echo reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "RotatingLockScreenEnabled" /t REG_DWORD /d 0 /f | |||
reg add "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "RotatingLockScreenEnabled" /t REG_DWORD /d 0 /f | |||
if exist "img100.jpg" ( | |||
echo takeown /f "%WINDIR%\Web\Screen\img100.jpg" | |||
takeown /f "%WINDIR%\Web\Screen\img100.jpg" | |||
echo icacls "%WINDIR%\Web\Screen\img100.jpg" /reset | |||
icacls "%WINDIR%\Web\Screen\img100.jpg" /reset | |||
echo copy "img100.jpg" "%WINDIR%\Web\Screen\img100.jpg" /Y | |||
copy "img100.jpg" "%WINDIR%\Web\Screen\img100.jpg" /Y | |||
) | |||
if exist "img103.png" ( | |||
echo takeown /f "%WINDIR%\Web\Screen\img103.png" | |||
takeown /f "%WINDIR%\Web\Screen\img103.png" | |||
echo icacls "%WINDIR%\Web\Screen\img103.png" /reset | |||
icacls "%WINDIR%\Web\Screen\img103.png" /reset | |||
echo copy "img103.png" "%WINDIR%\Web\Screen\img103.png" /Y | |||
copy "img103.png" "%WINDIR%\Web\Screen\img103.png" /Y | |||
) | |||
if exist "img0.jpg" ( | |||
echo takeown /f "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" | |||
takeown /f "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" | |||
echo icacls "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" /reset | |||
icacls "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" /reset | |||
echo copy "img0.jpg" "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" /Y | |||
copy "img0.jpg" "%WINDIR%\Web\Wallpaper\Windows\img0.jpg" /Y | |||
) | |||
REM Clear cache | |||
echo takeown /R /D Y /F "%PROGRAMDATA%\Microsoft\Windows\SystemData" | |||
takeown /R /D Y /F "%PROGRAMDATA%\Microsoft\Windows\SystemData" | |||
echo icacls "%PROGRAMDATA%\Microsoft\Windows\SystemData" /reset /t | |||
icacls "%PROGRAMDATA%\Microsoft\Windows\SystemData" /reset /t | |||
for /d %%A in ("%PROGRAMDATA%\Microsoft\Windows\SystemData\*") do ( | |||
for /d %%B in ("%%A\ReadOnly\LockScreen_*") do echo rmdir /q /s "%%B" & rmdir /q /s "%%B" | |||
) | |||
if "%wallChanged%"=="true" exit /b 1 | |||
if "%wallFail%"=="true" exit /b 4 | |||
) else ( | |||
if "%wallChanged%"=="true" exit /b 3 | |||
if "%wallFail%"=="true" exit /b 5 | |||
exit /b 2 | |||
) | |||
exit /b 0 |
@ -0,0 +1,3 @@ | |||
cd Executables | |||
@PowerShell -NoP -ExecutionPolicy Bypass -File scoop.ps1 |