jlammi/winutil
1
0
Fork 0
mirror of https://github.com/ChrisTitusTech/winutil synced 2026-04-05 22:28:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

cleanup and iso improvements

Browse Source
This commit is contained in:
Chris Titus Tech
2026-02-23 12:36:32 -06:00
parent df75cd8c6f
commit 7abb4ae5fe
5 changed files with 686 additions and 223 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
functions/private/Invoke-WinUtilISO.ps1
View File

@@ -269,6 +269,17 @@ function Invoke-WinUtilISOModify {
$sync["WPFWin11ISOModifySection"].Visibility = "Collapsed" $sync["WPFWin11ISOModifySection"].Visibility = "Collapsed"
$expandedHeight = [Math]::Max(400, $sync.Window.ActualHeight - 100) $expandedHeight = [Math]::Max(400, $sync.Window.ActualHeight - 100)
$sync["WPFWin11ISOStatusLog"].Height = $expandedHeight $sync["WPFWin11ISOStatusLog"].Height = $expandedHeight
$sync["Win11ISOLogExpanded"] = $true
# Register the resize handler once so the log tracks window resizes
if (-not $sync["Win11ISOResizeHandlerAdded"]) {
$sync.Window.add_SizeChanged({
if ($sync["Win11ISOLogExpanded"]) {
$sync["WPFWin11ISOStatusLog"].Height = [Math]::Max(400, $sync.Window.ActualHeight - 100)
$sync["WPFWin11ISOStatusLog"].ScrollToEnd()
}
})
$sync["Win11ISOResizeHandlerAdded"] = $true
}
}) })
# ── 1. Create working directory structure ── # ── 1. Create working directory structure ──
@@ -303,11 +314,38 @@ function Invoke-WinUtilISOModify {
Log "Applying WinUtil modifications to install.wim..." Log "Applying WinUtil modifications to install.wim..."
Invoke-WinUtilISOScript -ScratchDir $mountDir -ISOContentsDir $isoContents -AutoUnattendXml $autounattendContent -Log { param($m) Log $m } Invoke-WinUtilISOScript -ScratchDir $mountDir -ISOContentsDir $isoContents -AutoUnattendXml $autounattendContent -Log { param($m) Log $m }
# ── 4b. DISM component store cleanup ──
# /ResetBase removes all superseded component versions from WinSxS,
# which is the single largest space saving possible (typically 300800 MB).
# This must be done while the image is still mounted.
SetProgress "Cleaning up component store (WinSxS)..." 56
Log "Running DISM component store cleanup (/ResetBase)..."
& dism /English "/image:$mountDir" /Cleanup-Image /StartComponentCleanup /ResetBase | ForEach-Object { Log $_ }
Log "Component store cleanup complete."
# ── 5. Save and dismount the WIM ── # ── 5. Save and dismount the WIM ──
SetProgress "Saving modified install.wim..." 65 SetProgress "Saving modified install.wim..." 65
Log "Dismounting and saving install.wim..." Log "Dismounting and saving install.wim. This will take several minutes..."
Dismount-WindowsImage -Path $mountDir -Save -ErrorAction Stop | Out-Null Dismount-WindowsImage -Path $mountDir -Save -ErrorAction Stop | Out-Null
Log "install.wim saved." Log "install.wim saved."
# ── 5b. Strip unused editions — export only the selected index ──
# A standard multi-edition install.wim can be 45 GB; exporting a
# single index typically drops it to ~3 GB, saving 12 GB in the ISO.
SetProgress "Removing unused editions from install.wim..." 70
Log "Exporting edition '$selectedEditionName' (Index $selectedWimIndex) to a single-edition install.wim..."
$exportWim = Join-Path $isoContents "sources\install_export.wim"
Export-WindowsImage `
-SourceImagePath $localWim `
-SourceIndex $selectedWimIndex `
-DestinationImagePath $exportWim `
-ErrorAction Stop | Out-Null
Remove-Item -Path $localWim -Force
Rename-Item -Path $exportWim -NewName "install.wim" -Force
# Update local path so later steps (e.g. ISO build) reference the new file
$localWim = Join-Path $isoContents "sources\install.wim"
Log "Unused editions removed. install.wim now contains only '$selectedEditionName'."
SetProgress "Dismounting source ISO..." 80 SetProgress "Dismounting source ISO..." 80
# ── 6. Dismount the original ISO ── # ── 6. Dismount the original ISO ──
@@ -388,6 +426,7 @@ function Invoke-WinUtilISOModify {
$sync["WPFWin11ISOMountSection"].Visibility = "Visible" $sync["WPFWin11ISOMountSection"].Visibility = "Visible"
$sync["WPFWin11ISOModifySection"].Visibility = "Visible" $sync["WPFWin11ISOModifySection"].Visibility = "Visible"
} }
$sync["Win11ISOLogExpanded"] = $false
$sync["WPFWin11ISOStatusLog"].Height = 140 $sync["WPFWin11ISOStatusLog"].Height = 140
}) })
} }

14
functions/private/Invoke-WinUtilISOScript.ps1
View File

@@ -255,6 +255,10 @@ function Invoke-WinUtilISOScript {
_ISOScript-SetReg 'HKLM\zSOFTWARE\Policies\Microsoft\Edge' 'HubsSidebarEnabled' 'REG_DWORD' '0' _ISOScript-SetReg 'HKLM\zSOFTWARE\Policies\Microsoft\Edge' 'HubsSidebarEnabled' 'REG_DWORD' '0'
_ISOScript-SetReg 'HKLM\zSOFTWARE\Policies\Microsoft\Windows\Explorer' 'DisableSearchBoxSuggestions' 'REG_DWORD' '1' _ISOScript-SetReg 'HKLM\zSOFTWARE\Policies\Microsoft\Windows\Explorer' 'DisableSearchBoxSuggestions' 'REG_DWORD' '1'
& $Log "Disabling Windows Update during OOBE (re-enabled on first logon via FirstLogon.ps1)..."
_ISOScript-SetReg 'HKLM\zSOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU' 'NoAutoUpdate' 'REG_DWORD' '1'
_ISOScript-SetReg 'HKLM\zSOFTWARE\Policies\Microsoft\Windows\WindowsUpdate' 'DisableWindowsUpdateAccess' 'REG_DWORD' '1'
& $Log "Preventing installation of Teams..." & $Log "Preventing installation of Teams..."
_ISOScript-SetReg 'HKLM\zSOFTWARE\Policies\Microsoft\Teams' 'DisableInstallation' 'REG_DWORD' '1' _ISOScript-SetReg 'HKLM\zSOFTWARE\Policies\Microsoft\Teams' 'DisableInstallation' 'REG_DWORD' '1'
@@ -281,5 +285,13 @@ function Invoke-WinUtilISOScript {
Remove-Item "$tasksPath\Microsoft\Windows\Windows Error Reporting\QueueReporting" -Force -ErrorAction SilentlyContinue Remove-Item "$tasksPath\Microsoft\Windows\Windows Error Reporting\QueueReporting" -Force -ErrorAction SilentlyContinue
& $Log "Scheduled task files deleted." & $Log "Scheduled task files deleted."
}
# ═════════════════════════════════════════════════════════════════════════
# 6. Remove ISO support folder (fresh-install only; not needed)
# ═════════════════════════════════════════════════════════════════════════
if ($ISOContentsDir -and (Test-Path $ISOContentsDir)) {
& $Log "Removing ISO support\ folder..."
Remove-Item -Path (Join-Path $ISOContentsDir "support") -Recurse -Force -ErrorAction SilentlyContinue
& $Log "ISO support\ folder removed."
}
}

700
tools/autounattend.xml
View File

@@ -1,239 +1,499 @@
<?xml version="1.0" encoding="utf-8"?> <?xml version="1.0" encoding="utf-8"?>
<!-- <unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State">
Windows 11 Unattended Installation Answer File <!--https://schneegans.de/windows/unattend-generator/?LanguageMode=Interactive&ProcessorArchitecture=amd64&BypassRequirementsCheck=true&ComputerNameMode=Random&CompactOsMode=Default&TimeZoneMode=Implicit&PartitionMode=Interactive&DiskAssertionMode=Skip&WindowsEditionMode=Interactive&InstallFromMode=Automatic&PEMode=Default&UserAccountMode=InteractiveLocal&PasswordExpirationMode=Unlimited&LockoutMode=Default&HideFiles=Hidden&ClassicContextMenu=true&LaunchToThisPC=true&ShowEndTask=true&TaskbarSearch=Hide&TaskbarIconsMode=Empty&DisableWidgets=true&LeftTaskbar=true&HideTaskViewButton=true&StartTilesMode=Default&StartPinsMode=Empty&EnableLongPaths=true&HideEdgeFre=true&DisableEdgeStartupBoost=true&DeleteWindowsOld=true&EffectsMode=Default&DeleteEdgeDesktopIcon=true&DesktopIconsMode=Default&StartFoldersMode=Default&WifiMode=Skip&ExpressSettings=DisableAll&LockKeysMode=Configure&CapsLockInitial=Off&CapsLockBehavior=Toggle&NumLockInitial=On&NumLockBehavior=Toggle&ScrollLockInitial=Off&ScrollLockBehavior=Toggle&StickyKeysMode=Disabled&ColorMode=Custom&SystemColorTheme=Dark&AppsColorTheme=Dark&AccentColor=%230078d4&WallpaperMode=Default&LockScreenMode=Default&WdacMode=Skip&AppLockerMode=Skip-->
================================================ <settings pass="offlineServicing"></settings>
UNIVERSAL — no modification required before use.
What this file does automatically:
• Installs "Windows 11 Pro" from any standard Microsoft ISO
• Bypasses the Microsoft-account OOBE requirement (local account)
• Skips the EULA, wireless, and privacy nag screens
• Leaves timezone, language, region, and user account to the user
at the two short OOBE screens that remain
What the user is prompted for during first-run (OOBE):
1. Region / Language / Keyboard (one screen)
2. Who will use this PC? (local account name + password)
Timezone is set to UTC and can be adjusted after login.
Computer name is auto-generated; rename at any time.
Tested against: Windows 11 Home / Pro / Home Single Language (amd64)
Pass order: windowsPE → specialize → oobeSystem
-->
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<!-- ═══════════════════════════════════════════════════════════════════
PASS 1 — windowsPE
Runs inside the installer environment before the OS is laid down.
Handles disk layout and image selection only.
Locale is intentionally omitted so the installer inherits the
language of whichever ISO is being used.
═══════════════════════════════════════════════════════════════════════ -->
<settings pass="windowsPE"> <settings pass="windowsPE">
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<!-- Setup / image selection -->
<component name="Microsoft-Windows-Setup"
processorArchitecture="amd64"
publicKeyToken="31bf3856ad364e35"
language="neutral"
versionScope="nonSxS"
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- Disable dynamic updates during setup (keeps installation offline/fast) -->
<DynamicUpdate>
<Enable>false</Enable>
</DynamicUpdate>
<ImageInstall>
<OSImage>
<!-- CompactOS saves ~1.5 GB but is slower on spinning drives -->
<Compact>false</Compact>
<WillShowUI>OnError</WillShowUI>
<InstallFrom>
<!--
Select the edition by NAME rather than by index number.
Index numbers vary between ISO builds; the name is stable.
Change "Windows 11 Pro" to "Windows 11 Home" etc. if your
ISO only contains that edition. To choose interactively,
delete this entire <InstallFrom> block.
-->
<MetaData wcm:action="add">
<Key>/IMAGE/NAME</Key>
<Value>Windows 11 Pro</Value>
</MetaData>
</InstallFrom>
<!-- InstallTo is omitted — the Windows installer will prompt
the user to select the destination disk and partition. -->
</OSImage>
</ImageInstall>
<UserData> <UserData>
<AcceptEula>true</AcceptEula>
<ProductKey> <ProductKey>
<!-- <Key>00000-00000-00000-00000-00000</Key>
Leave <Key> absent to use an existing digital licence or <WillShowUI>Always</WillShowUI>
to be prompted for one after setup.
Generic setup keys (allow setup to proceed; do NOT activate):
Home : YTMG3-N6DKC-DKB77-7M9GH-8HVX7
Home Single Language : 7HNRX-D7KGG-3K4RQ-4WPJ4-YTDFH
Pro : VK7JG-NPHTM-C97JM-9MPGT-3V66T
Education : YNMGQ-8RYV3-4PGQ3-C8XTP-7CFBY
Enterprise : XGVPP-NMH47-7TTHJ-W3FW7-8HV2C
-->
<WillShowUI>OnError</WillShowUI>
</ProductKey> </ProductKey>
<AcceptEula>true</AcceptEula>
</UserData> </UserData>
<UseConfigurationSet>false</UseConfigurationSet>
<RunSynchronous>
<RunSynchronousCommand wcm:action="add">
<Order>1</Order>
<Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassTPMCheck /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>2</Order>
<Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassSecureBootCheck /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
<RunSynchronousCommand wcm:action="add">
<Order>3</Order>
<Path>reg.exe add "HKLM\SYSTEM\Setup\LabConfig" /v BypassRAMCheck /t REG_DWORD /d 1 /f</Path>
</RunSynchronousCommand>
</RunSynchronous>
</component> </component>
</settings> </settings>
<settings pass="generalize"></settings>
<!-- ═══════════════════════════════════════════════════════════════════
PASS 2 — specialize
First boot into the installed OS.
Machine-level settings that do not vary by user or region.
═══════════════════════════════════════════════════════════════════════ -->
<settings pass="specialize"> <settings pass="specialize">
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<component name="Microsoft-Windows-Shell-Setup" <RunSynchronous>
processorArchitecture="amd64" <RunSynchronousCommand wcm:action="add">
publicKeyToken="31bf3856ad364e35" <Order>1</Order>
language="neutral" <Path>powershell.exe -WindowStyle "Normal" -NoProfile -Command "$xml = [xml]::new(); $xml.Load('C:\Windows\Panther\unattend.xml'); $sb = [scriptblock]::Create( $xml.unattend.Extensions.ExtractScript ); Invoke-Command -ScriptBlock $sb -ArgumentList $xml;"</Path>
versionScope="nonSxS" </RunSynchronousCommand>
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" <RunSynchronousCommand wcm:action="add">
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <Order>2</Order>
<Path>powershell.exe -WindowStyle "Normal" -ExecutionPolicy "Unrestricted" -NoProfile -File "C:\Windows\Setup\Scripts\Specialize.ps1"</Path>
<!-- Auto-generate a unique computer name. Rename anytime: </RunSynchronousCommand>
Settings System About Rename this PC --> <RunSynchronousCommand wcm:action="add">
<ComputerName>*</ComputerName> <Order>3</Order>
<Path>reg.exe load "HKU\DefaultUser" "C:\Users\Default\NTUSER.DAT"</Path>
<!-- </RunSynchronousCommand>
UTC is the only timezone that is correct everywhere on Earth <RunSynchronousCommand wcm:action="add">
without knowing where the machine will be used. <Order>4</Order>
Windows will auto-adjust to local time once the user sets their <Path>powershell.exe -WindowStyle "Normal" -ExecutionPolicy "Unrestricted" -NoProfile -File "C:\Windows\Setup\Scripts\DefaultUser.ps1"</Path>
region, or they can change it in Settings Time & Language. </RunSynchronousCommand>
--> <RunSynchronousCommand wcm:action="add">
<TimeZone>UTC</TimeZone> <Order>5</Order>
<Path>reg.exe unload "HKU\DefaultUser"</Path>
<!-- Suppress the Teams/Chat auto-install prompt during setup --> </RunSynchronousCommand>
<ConfigureChatAutoInstall>false</ConfigureChatAutoInstall> </RunSynchronous>
</component> </component>
<!-- Reduce telemetry to the minimum permitted by the licence.
0 = Security (Enterprise/Education only; treated as 1 on other SKUs)
1 = Basic / Required diagnostic data ← effective minimum for Home/Pro -->
<component name="Microsoft-Windows-SQMAPI"
processorArchitecture="amd64"
publicKeyToken="31bf3856ad364e35"
language="neutral"
versionScope="nonSxS"
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<CEIPEnabled>0</CEIPEnabled>
</component>
</settings> </settings>
<settings pass="auditSystem"></settings>
<!-- ═══════════════════════════════════════════════════════════════════ <settings pass="auditUser"></settings>
PASS 3 — oobeSystem
Out-of-Box Experience (first-run wizard).
Screens shown to the user (everything else is suppressed):
① Region / Language / Keyboard layout — user picks their locale
② Create a local account — user picks name + password
Screens suppressed automatically:
• EULA
• "Sign in with Microsoft" / online account
• Wi-Fi selection (can be done after login)
• "Let Microsoft and apps use your location", Cortana, etc.
Locale settings are intentionally omitted here so that Windows
applies whatever the user selects on screen ①.
═══════════════════════════════════════════════════════════════════════ -->
<settings pass="oobeSystem"> <settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS">
<component name="Microsoft-Windows-Shell-Setup"
processorArchitecture="amd64"
publicKeyToken="31bf3856ad364e35"
language="neutral"
versionScope="nonSxS"
xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<OOBE> <OOBE>
<!-- Suppress the licence agreement — already accepted in windowsPE -->
<HideEULAPage>true</HideEULAPage>
<!-- KEEP false — this is the screen where the user creates -->
<!-- their local account (name + password). Setting it true -->
<!-- would skip account creation entirely, leaving only the -->
<!-- built-in Administrator account. -->
<HideLocalAccountScreen>false</HideLocalAccountScreen>
<!-- Suppress "Sign in with Microsoft" screens.
The user goes straight to local account creation. -->
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<!-- Skip Wi-Fi setup — can be connected after first login -->
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<!-- Suppress the privacy / recommended-settings nag screen -->
<ProtectYourPC>3</ProtectYourPC> <ProtectYourPC>3</ProtectYourPC>
<HideEULAPage>true</HideEULAPage>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
</OOBE> </OOBE>
<FirstLogonCommands>
<!-- <SynchronousCommand wcm:action="add">
UserAccounts and AutoLogon are intentionally absent. <Order>1</Order>
The user creates their own account on the OOBE screen above. <CommandLine>powershell.exe -WindowStyle "Normal" -ExecutionPolicy "Unrestricted" -NoProfile -File "C:\Windows\Setup\Scripts\FirstLogon.ps1"</CommandLine>
This is the safest and most universally applicable approach: </SynchronousCommand>
no hardcoded credentials ship inside the answer file. </FirstLogonCommands>
If you want to pre-create an account instead, add:
<UserAccounts>
<LocalAccounts>
<LocalAccount wcm:action="add">
<Name>YourUsername</Name>
<Password>
<Value>YourPassword</Value>
<PlainText>true</PlainText>
</Password>
<DisplayName>Your Full Name</DisplayName>
<Group>Administrators</Group>
</LocalAccount>
</LocalAccounts>
</UserAccounts>
<AutoLogon>
<Enabled>true</Enabled>
<LogonCount>1</LogonCount>
<Username>YourUsername</Username>
<Password>
<Value>YourPassword</Value>
<PlainText>true</PlainText>
</Password>
</AutoLogon>
And set HideLocalAccountScreen to true above.
-->
<!--
Optional: run a script on first logon.
Uncomment and adjust the path/command as needed.
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<Order>1</Order>
<CommandLine>powershell -NoProfile -ExecutionPolicy Bypass -Command "irm https://christitus.com/win | iex"</CommandLine>
<Description>Launch WinUtil post-install</Description>
<RequiresUserInput>false</RequiresUserInput>
</SynchronousCommand>
</FirstLogonCommands>
-->
</component> </component>
</settings> </settings>
<Extensions xmlns="https://schneegans.de/windows/unattend-generator/">
<ExtractScript>
param(
[xml]$Document
);
foreach( $file in $Document.unattend.Extensions.File ) {
$path = [System.Environment]::ExpandEnvironmentVariables( $file.GetAttribute( 'path' ) );
mkdir -Path( $path | Split-Path -Parent ) -ErrorAction 'SilentlyContinue';
$encoding = switch( [System.IO.Path]::GetExtension( $path ) ) {
{ $_ -in '.ps1', '.xml' } { [System.Text.Encoding]::UTF8; }
{ $_ -in '.reg', '.vbs', '.js' } { [System.Text.UnicodeEncoding]::new( $false, $true ); }
default { [System.Text.Encoding]::Default; }
};
$bytes = $encoding.GetPreamble() + $encoding.GetBytes( $file.InnerText.Trim() );
[System.IO.File]::WriteAllBytes( $path, $bytes );
}
</ExtractScript>
<File path="C:\Windows\Setup\Scripts\TaskbarLayoutModification.xml">
&lt;LayoutModificationTemplate xmlns="http://schemas.microsoft.com/Start/2014/LayoutModification" xmlns:defaultlayout="http://schemas.microsoft.com/Start/2014/FullDefaultLayout" xmlns:start="http://schemas.microsoft.com/Start/2014/StartLayout" xmlns:taskbar="http://schemas.microsoft.com/Start/2014/TaskbarLayout" Version="1"&gt;
&lt;CustomTaskbarLayoutCollection PinListPlacement="Replace"&gt;
&lt;defaultlayout:TaskbarLayout&gt;
&lt;taskbar:TaskbarPinList&gt;
&lt;taskbar:DesktopApp DesktopApplicationLinkPath="#leaveempty" /&gt;
&lt;/taskbar:TaskbarPinList&gt;
&lt;/defaultlayout:TaskbarLayout&gt;
&lt;/CustomTaskbarLayoutCollection&gt;
&lt;/LayoutModificationTemplate&gt;
</File>
<File path="C:\Windows\Setup\Scripts\UnlockStartLayout.vbs">
HKU = &amp;H80000003
Set reg = GetObject("winmgmts://./root/default:StdRegProv")
Set fso = CreateObject("Scripting.FileSystemObject")
If reg.EnumKey(HKU, "", sids) = 0 Then
If Not IsNull(sids) Then
For Each sid In sids
key = sid + "\Software\Policies\Microsoft\Windows\Explorer"
name = "LockedStartLayout"
If reg.GetDWORDValue(HKU, key, name, existing) = 0 Then
reg.SetDWORDValue HKU, key, name, 0
End If
Next
End If
End If
</File>
<File path="C:\Windows\Setup\Scripts\UnlockStartLayout.xml">
&lt;Task version="1.2" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task"&gt;
&lt;Triggers&gt;
&lt;EventTrigger&gt;
&lt;Enabled&gt;true&lt;/Enabled&gt;
&lt;Subscription&gt;&amp;lt;QueryList&amp;gt;&amp;lt;Query Id="0" Path="Application"&amp;gt;&amp;lt;Select Path="Application"&amp;gt;*[System[Provider[@Name='UnattendGenerator'] and EventID=1]]&amp;lt;/Select&amp;gt;&amp;lt;/Query&amp;gt;&amp;lt;/QueryList&amp;gt;&lt;/Subscription&gt;
&lt;/EventTrigger&gt;
&lt;/Triggers&gt;
&lt;Principals&gt;
&lt;Principal id="Author"&gt;
&lt;UserId&gt;S-1-5-18&lt;/UserId&gt;
&lt;RunLevel&gt;LeastPrivilege&lt;/RunLevel&gt;
&lt;/Principal&gt;
&lt;/Principals&gt;
&lt;Settings&gt;
&lt;MultipleInstancesPolicy&gt;IgnoreNew&lt;/MultipleInstancesPolicy&gt;
&lt;DisallowStartIfOnBatteries&gt;false&lt;/DisallowStartIfOnBatteries&gt;
&lt;StopIfGoingOnBatteries&gt;false&lt;/StopIfGoingOnBatteries&gt;
&lt;AllowHardTerminate&gt;true&lt;/AllowHardTerminate&gt;
&lt;StartWhenAvailable&gt;false&lt;/StartWhenAvailable&gt;
&lt;RunOnlyIfNetworkAvailable&gt;false&lt;/RunOnlyIfNetworkAvailable&gt;
&lt;IdleSettings&gt;
&lt;StopOnIdleEnd&gt;true&lt;/StopOnIdleEnd&gt;
&lt;RestartOnIdle&gt;false&lt;/RestartOnIdle&gt;
&lt;/IdleSettings&gt;
&lt;AllowStartOnDemand&gt;true&lt;/AllowStartOnDemand&gt;
&lt;Enabled&gt;true&lt;/Enabled&gt;
&lt;Hidden&gt;false&lt;/Hidden&gt;
&lt;RunOnlyIfIdle&gt;false&lt;/RunOnlyIfIdle&gt;
&lt;WakeToRun&gt;false&lt;/WakeToRun&gt;
&lt;ExecutionTimeLimit&gt;PT72H&lt;/ExecutionTimeLimit&gt;
&lt;Priority&gt;7&lt;/Priority&gt;
&lt;/Settings&gt;
&lt;Actions Context="Author"&gt;
&lt;Exec&gt;
&lt;Command&gt;C:\Windows\System32\wscript.exe&lt;/Command&gt;
&lt;Arguments&gt;C:\Windows\Setup\Scripts\UnlockStartLayout.vbs&lt;/Arguments&gt;
&lt;/Exec&gt;
&lt;/Actions&gt;
&lt;/Task&gt;
</File>
<File path="C:\Windows\Setup\Scripts\SetStartPins.ps1">
$json = '{"pinnedList":[]}';
if( [System.Environment]::OSVersion.Version.Build -lt 20000 ) {
return;
}
$key = 'Registry::HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Start';
New-Item -Path $key -ItemType 'Directory' -ErrorAction 'SilentlyContinue';
Set-ItemProperty -LiteralPath $key -Name 'ConfigureStartPins' -Value $json -Type 'String';
</File>
<File path="C:\Windows\Setup\Scripts\SetColorTheme.ps1">
$lightThemeSystem = 0;
$lightThemeApps = 0;
$accentColorOnStart = 0;
$enableTransparency = 0;
$htmlAccentColor = '#0078D4';
&amp; {
$params = @{
LiteralPath = 'Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize';
Force = $true;
Type = 'DWord';
};
Set-ItemProperty @params -Name 'SystemUsesLightTheme' -Value $lightThemeSystem;
Set-ItemProperty @params -Name 'AppsUseLightTheme' -Value $lightThemeApps;
Set-ItemProperty @params -Name 'ColorPrevalence' -Value $accentColorOnStart;
Set-ItemProperty @params -Name 'EnableTransparency' -Value $enableTransparency;
};
&amp; {
Add-Type -AssemblyName 'System.Drawing';
$accentColor = [System.Drawing.ColorTranslator]::FromHtml( $htmlAccentColor );
function ConvertTo-DWord {
param(
[System.Drawing.Color]
$Color
);
[byte[]]$bytes = @(
$Color.R;
$Color.G;
$Color.B;
$Color.A;
);
return [System.BitConverter]::ToUInt32( $bytes, 0);
}
$startColor = [System.Drawing.Color]::FromArgb( 0xD2, $accentColor );
Set-ItemProperty -LiteralPath 'Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent' -Name 'StartColorMenu' -Value( ConvertTo-DWord -Color $accentColor ) -Type 'DWord' -Force;
Set-ItemProperty -LiteralPath 'Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent' -Name 'AccentColorMenu' -Value( ConvertTo-DWord -Color $accentColor ) -Type 'DWord' -Force;
Set-ItemProperty -LiteralPath 'Registry::HKCU\Software\Microsoft\Windows\DWM' -Name 'AccentColor' -Value( ConvertTo-DWord -Color $accentColor ) -Type 'DWord' -Force;
$params = @{
LiteralPath = 'Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent';
Name = 'AccentPalette';
};
$palette = Get-ItemPropertyValue @params;
$index = 20;
$palette[ $index++ ] = $accentColor.R;
$palette[ $index++ ] = $accentColor.G;
$palette[ $index++ ] = $accentColor.B;
$palette[ $index++ ] = $accentColor.A;
Set-ItemProperty @params -Value $palette -Type 'Binary' -Force;
};
</File>
<File path="C:\Windows\Setup\Scripts\Specialize.ps1">
$scripts = @(
{
reg.exe add "HKLM\SYSTEM\Setup\MoSetup" /v AllowUpgradesWithUnsupportedTPMOrCPU /t REG_DWORD /d 1 /f;
};
{
net.exe accounts /maxpwage:UNLIMITED;
};
{
reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d 1 /f;
[System.Diagnostics.EventLog]::CreateEventSource( 'UnattendGenerator', 'Application' );
};
{
Register-ScheduledTask -TaskName 'UnlockStartLayout' -Xml $( Get-Content -LiteralPath 'C:\Windows\Setup\Scripts\UnlockStartLayout.xml' -Raw );
};
{
reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\FileSystem" /v LongPathsEnabled /t REG_DWORD /d 1 /f
};
{
Remove-Item -LiteralPath 'C:\Users\Public\Desktop\Microsoft Edge.lnk' -ErrorAction 'SilentlyContinue' -Verbose;
};
{
reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Dsh" /v AllowNewsAndInterests /t REG_DWORD /d 0 /f;
};
{
reg.exe add "HKLM\Software\Policies\Microsoft\Edge" /v HideFirstRunExperience /t REG_DWORD /d 1 /f;
};
{
reg.exe add "HKLM\Software\Policies\Microsoft\Edge\Recommended" /v BackgroundModeEnabled /t REG_DWORD /d 0 /f;
reg.exe add "HKLM\Software\Policies\Microsoft\Edge\Recommended" /v StartupBoostEnabled /t REG_DWORD /d 0 /f;
};
{
&amp; 'C:\Windows\Setup\Scripts\SetStartPins.ps1';
};
{
reg.exe add "HKU\.DEFAULT\Control Panel\Accessibility\StickyKeys" /v Flags /t REG_SZ /d 10 /f;
};
{
reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /t REG_DWORD /d 1 /f;
reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v DisableWindowsUpdateAccess /t REG_DWORD /d 1 /f;
};
);
&amp; {
[float]$complete = 0;
[float]$increment = 100 / $scripts.Count;
foreach( $script in $scripts ) {
Write-Progress -Id 0 -Activity 'Running scripts to customize your Windows installation. Do not close this window.' -PercentComplete $complete;
'*** Will now execute command &#xAB;{0}&#xBB;.' -f $(
$str = $script.ToString().Trim() -replace '\s+', ' ';
$max = 100;
if( $str.Length -le $max ) {
$str;
} else {
$str.Substring( 0, $max - 1 ) + '&#x2026;';
}
);
$start = [datetime]::Now;
&amp; $script;
'*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds;
"`r`n" * 3;
$complete += $increment;
}
} *&gt;&amp;1 | Out-String -Width 1KB -Stream &gt;&gt; "C:\Windows\Setup\Scripts\Specialize.log";
</File>
<File path="C:\Windows\Setup\Scripts\UserOnce.ps1">
$scripts = @(
{
[System.Diagnostics.EventLog]::WriteEntry( 'UnattendGenerator', "User '$env:USERNAME' has requested to unlock the Start menu layout.", [System.Diagnostics.EventLogEntryType]::Information, 1 );
};
{
Remove-Item -Path "${env:USERPROFILE}\Desktop\*.lnk" -Force -ErrorAction 'SilentlyContinue';
Remove-Item -Path "$env:HOMEDRIVE\Users\Default\Desktop\*.lnk" -Force -ErrorAction 'SilentlyContinue';
};
{
$taskbarPath = "$env:AppData\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar";
if( Test-Path $taskbarPath ) {
Get-ChildItem -Path $taskbarPath -File | Remove-Item -Force;
}
Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband' -Name 'FavoritesRemovedChanges' -Force -ErrorAction 'SilentlyContinue';
Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband' -Name 'FavoritesChanges' -Force -ErrorAction 'SilentlyContinue';
Remove-ItemProperty -Path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband' -Name 'Favorites' -Force -ErrorAction 'SilentlyContinue';
};
{
reg.exe add "HKCU\Software\Classes\CLSID\{86ca1aa0-34aa-4e8b-a509-50c905bae2a2}\InprocServer32" /ve /f;
};
{
Set-ItemProperty -LiteralPath 'Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced' -Name 'LaunchTo' -Type 'DWord' -Value 1;
};
{
Set-ItemProperty -LiteralPath 'Registry::HKCU\Software\Microsoft\Windows\CurrentVersion\Search' -Name 'SearchboxTaskbarMode' -Type 'DWord' -Value 0;
};
{
&amp; 'C:\Windows\Setup\Scripts\SetColorTheme.ps1';
};
{
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.Suggested" /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.Suggested" /v Enabled /t REG_DWORD /d 0 /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.StartupApp" /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.StartupApp" /v Enabled /t REG_DWORD /d 0 /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Microsoft.SkyDrive.Desktop" /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Microsoft.SkyDrive.Desktop" /v Enabled /t REG_DWORD /d 0 /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.AccountHealth" /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.AccountHealth" /v Enabled /t REG_DWORD /d 0 /f;
};
{
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Start" /v AllAppsViewMode /t REG_DWORD /d 2 /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Start_IrisRecommendations /t REG_DWORD /d 0 /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Start_AccountNotifications /t REG_DWORD /d 0 /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Start" /v ShowAllPinsList /t REG_DWORD /d 0 /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Start" /v ShowFrequentList /t REG_DWORD /d 0 /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Start" /v ShowRecentList /t REG_DWORD /d 0 /f;
reg.exe add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Start_TrackDocs /t REG_DWORD /d 0 /f;
};
{
Add-Type -TypeDefinition @"
using System;
using System.Runtime.InteropServices;
public class Win32Broadcast {
[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = false)]
public static extern IntPtr SendMessageTimeout(
IntPtr hWnd,
uint Msg,
IntPtr wParam,
string lParam,
uint fuFlags,
uint uTimeout,
out IntPtr lpdwResult);
}
"@;
[Win32Broadcast]::SendMessageTimeout( [IntPtr]0xffff, 0x1A, [IntPtr]::Zero, 'ImmersiveColorSet', 0x2, 100, [ref]([IntPtr]::Zero) );
};
{
Get-Process -Name 'explorer' -ErrorAction 'SilentlyContinue' | Where-Object -FilterScript {
$_.SessionId -eq ( Get-Process -Id $PID ).SessionId;
} | Stop-Process -Force;
};
);
&amp; {
[float]$complete = 0;
[float]$increment = 100 / $scripts.Count;
foreach( $script in $scripts ) {
Write-Progress -Id 0 -Activity 'Running scripts to configure this user account. Do not close this window.' -PercentComplete $complete;
'*** Will now execute command &#xAB;{0}&#xBB;.' -f $(
$str = $script.ToString().Trim() -replace '\s+', ' ';
$max = 100;
if( $str.Length -le $max ) {
$str;
} else {
$str.Substring( 0, $max - 1 ) + '&#x2026;';
}
);
$start = [datetime]::Now;
&amp; $script;
'*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds;
"`r`n" * 3;
$complete += $increment;
}
} *&gt;&amp;1 | Out-String -Width 1KB -Stream &gt;&gt; "$env:TEMP\UserOnce.log";
</File>
<File path="C:\Windows\Setup\Scripts\DefaultUser.ps1">
$scripts = @(
{
reg.exe add "HKU\DefaultUser\Software\Policies\Microsoft\Windows\Explorer" /v "StartLayoutFile" /t REG_SZ /d "C:\Windows\Setup\Scripts\TaskbarLayoutModification.xml" /f;
reg.exe add "HKU\DefaultUser\Software\Policies\Microsoft\Windows\Explorer" /v "LockedStartLayout" /t REG_DWORD /d 1 /f;
};
{
reg.exe add "HKU\DefaultUser\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v ShowTaskViewButton /t REG_DWORD /d 0 /f;
};
{
reg.exe add "HKU\DefaultUser\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v TaskbarAl /t REG_DWORD /d 0 /f;
};
{
foreach( $root in 'Registry::HKU\.DEFAULT', 'Registry::HKU\DefaultUser' ) {
Set-ItemProperty -LiteralPath "$root\Control Panel\Keyboard" -Name 'InitialKeyboardIndicators' -Type 'String' -Value 2 -Force;
}
};
{
reg.exe add "HKU\DefaultUser\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\TaskbarDeveloperSettings" /v TaskbarEndTask /t REG_DWORD /d 1 /f;
};
{
reg.exe add "HKU\DefaultUser\Control Panel\Accessibility\StickyKeys" /v Flags /t REG_SZ /d 10 /f;
};
{
reg.exe add "HKU\DefaultUser\Software\Microsoft\Windows\DWM" /v ColorPrevalence /t REG_DWORD /d 0 /f;
};
{
reg.exe add "HKU\DefaultUser\Software\Microsoft\Windows\CurrentVersion\RunOnce" /v "UnattendedSetup" /t REG_SZ /d "powershell.exe -WindowStyle \""Normal\"" -ExecutionPolicy \""Unrestricted\"" -NoProfile -File \""C:\Windows\Setup\Scripts\UserOnce.ps1\""" /f;
};
);
&amp; {
[float]$complete = 0;
[float]$increment = 100 / $scripts.Count;
foreach( $script in $scripts ) {
Write-Progress -Id 0 -Activity 'Running scripts to modify the default user&#x2019;&#x2019;s registry hive. Do not close this window.' -PercentComplete $complete;
'*** Will now execute command &#xAB;{0}&#xBB;.' -f $(
$str = $script.ToString().Trim() -replace '\s+', ' ';
$max = 100;
if( $str.Length -le $max ) {
$str;
} else {
$str.Substring( 0, $max - 1 ) + '&#x2026;';
}
);
$start = [datetime]::Now;
&amp; $script;
'*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds;
"`r`n" * 3;
$complete += $increment;
}
} *&gt;&amp;1 | Out-String -Width 1KB -Stream &gt;&gt; "C:\Windows\Setup\Scripts\DefaultUser.log";
</File>
<File path="C:\Windows\Setup\Scripts\FirstLogon.ps1">
$scripts = @(
{
cmd.exe /c "rmdir C:\Windows.old";
};
{
Remove-Item -LiteralPath @(
'C:\Windows\Panther\unattend.xml';
'C:\Windows\Panther\unattend-original.xml';
'C:\Windows\Setup\Scripts\Wifi.xml';
) -Force -ErrorAction 'SilentlyContinue' -Verbose;
};
{
reg.exe delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /f;
reg.exe delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v DisableWindowsUpdateAccess /f;
};
{
try {
if( (Get-WindowsOptionalFeature -Online | Where-Object { $_.State -eq 'Enabled' -and $_.FeatureName -like 'Recall' }).Count -gt 0 ) {
Disable-WindowsOptionalFeature -Online -FeatureName 'Recall' -Remove;
}
} catch {}
};
{
if( (Get-BitLockerVolume -MountPoint $Env:SystemDrive).ProtectionStatus -eq 'On' ) {
Disable-BitLocker -MountPoint $Env:SystemDrive;
}
};
{
try {
if( (bcdedit | Select-String 'path').Count -eq 2 ) {
bcdedit /set `{bootmgr`} timeout 0;
}
} catch {}
};
);
&amp; {
[float]$complete = 0;
[float]$increment = 100 / $scripts.Count;
foreach( $script in $scripts ) {
Write-Progress -Id 0 -Activity 'Running scripts to finalize your Windows installation. Do not close this window.' -PercentComplete $complete;
'*** Will now execute command &#xAB;{0}&#xBB;.' -f $(
$str = $script.ToString().Trim() -replace '\s+', ' ';
$max = 100;
if( $str.Length -le $max ) {
$str;
} else {
$str.Substring( 0, $max - 1 ) + '&#x2026;';
}
);
$start = [datetime]::Now;
&amp; $script;
'*** Finished executing command after {0:0} ms.' -f [datetime]::Now.Subtract( $start ).TotalMilliseconds;
"`r`n" * 3;
$complete += $increment;
}
} *&gt;&amp;1 | Out-String -Width 1KB -Stream &gt;&gt; "C:\Windows\Setup\Scripts\FirstLogon.log";
</File>
</Extensions>
</unattend> </unattend>

152
tools/first-startup.ps1 Normal file
View File

@@ -0,0 +1,152 @@
# Set the global error action preference to continue
$ErrorActionPreference = "Continue"
function Remove-RegistryValue {
param (
[Parameter(Mandatory = $true)]
[string]$RegistryPath,
[Parameter(Mandatory = $true)]
[string]$ValueName
)
# Check if the registry path exists
if (Test-Path -Path $RegistryPath) {
$registryValue = Get-ItemProperty -Path $RegistryPath -Name $ValueName -ErrorAction SilentlyContinue
# Check if the registry value exists
if ($registryValue) {
# Remove the registry value
Remove-ItemProperty -Path $RegistryPath -Name $ValueName -Force
Write-Host "Registry value '$ValueName' removed from '$RegistryPath'."
} else {
Write-Host "Registry value '$ValueName' not found in '$RegistryPath'."
}
} else {
Write-Host "Registry path '$RegistryPath' not found."
}
}
"FirstStartup has worked" | Out-File -FilePath "$env:HOMEDRIVE\windows\LogFirstRun.txt" -Append -NoClobber
# Remove Windows.old if it exists
cmd.exe /c "rmdir /s /q C:\Windows.old" 2>$null
# Remove unattend and setup script files
Remove-Item -LiteralPath @(
'C:\Windows\Panther\unattend.xml'
'C:\Windows\Panther\unattend-original.xml'
'C:\Windows\Setup\Scripts\Wifi.xml'
) -Force -ErrorAction 'SilentlyContinue'
# Re-enable Windows Update (was disabled during OOBE to prevent interruptions)
reg.exe delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /f 2>$null
reg.exe delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v DisableWindowsUpdateAccess /f 2>$null
$taskbarPath = "$env:AppData\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar"
# Delete all files on the Taskbar
if (Test-Path "$taskbarPath") {
Get-ChildItem -Path $taskbarPath -File | Remove-Item -Force
}
Remove-RegistryValue -RegistryPath "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband" -ValueName "FavoritesRemovedChanges"
Remove-RegistryValue -RegistryPath "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband" -ValueName "FavoritesChanges"
Remove-RegistryValue -RegistryPath "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Taskband" -ValueName "Favorites"
# Delete Edge Icon from the desktop
$edgeShortcutFiles = Get-ChildItem -Path $desktopPath -Filter "*Edge*.lnk"
# Check if Edge shortcuts exist on the desktop
if ($edgeShortcutFiles) {
foreach ($shortcutFile in $edgeShortcutFiles) {
# Remove each Edge shortcut
Remove-Item -Path $shortcutFile.FullName -Force
Write-Host "Edge shortcut '$($shortcutFile.Name)' removed from the desktop."
}
}
Remove-Item -Path "$env:USERPROFILE\Desktop\*.lnk"
Remove-Item -Path "$env:HOMEDRIVE\Users\Default\Desktop\*.lnk"
try
{
if ((Get-WindowsOptionalFeature -Online | Where-Object { $_.State -eq 'Enabled' -and $_.FeatureName -like "Recall" }).Count -gt 0)
{
Disable-WindowsOptionalFeature -Online -FeatureName "Recall" -Remove
}
}
catch
{
}
if ((Get-BitLockerVolume -MountPoint $Env:SystemDrive).ProtectionStatus -eq 'On') {
Write-Host "Disabling BitLocker..."
Disable-BitLocker -MountPoint $Env:SystemDrive
}
# Get BCD entries and set bootmgr timeout accordingly
try
{
# Check if the number of occurrences of "path" is 2 - this fixes the Boot Manager screen issue (#2562)
if ((bcdedit | Select-String "path").Count -eq 2)
{
# Set bootmgr timeout to 0
bcdedit /set `{bootmgr`} timeout 0
}
}
catch
{
}
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.Suggested" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.Suggested" /v Enabled /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.StartupApp" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.StartupApp" /v Enabled /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Microsoft.SkyDrive.Desktop" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Microsoft.SkyDrive.Desktop" /v Enabled /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.AccountHealth" /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Windows.SystemToast.AccountHealth" /v Enabled /t REG_DWORD /d 0 /f
# This will set List view in Start menu on Win11 25H2. This will not do anything in 24H2 and older
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Start" /v AllAppsViewMode /t REG_DWORD /d 2 /f
# This will disable the Recommendations in 25H2. This is much simpler than the method used in 24H2 that requires the Education Environment policy
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Start_IrisRecommendations /t REG_DWORD /d 0 /f
# Other Start Menu settings
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Start_AccountNotifications /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Start" /v ShowAllPinsList /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Start" /v ShowFrequentList /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Start" /v ShowRecentList /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Start_TrackDocs /t REG_DWORD /d 0 /f
# Color Modes -- requires sending messages to apply to everything
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "AppsUseLightTheme" /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "SystemUsesLightTheme" /t REG_DWORD /d 0 /f
# Send the WM_SETTINGCHANGE message to all windows
Add-Type -TypeDefinition @"
using System;
using System.Runtime.InteropServices;
public class Win32 {
[DllImport("user32.dll", CharSet = CharSet.Auto, SetLastError = false)]
public static extern IntPtr SendMessageTimeout(
IntPtr hWnd,
uint Msg,
IntPtr wParam,
string lParam,
uint fuFlags,
uint uTimeout,
out IntPtr lpdwResult);
}
"@
$HWND_BROADCAST = [IntPtr]0xffff
$WM_SETTINGCHANGE = 0x1A
$SMTO_ABORTIFHUNG = 0x2
$timeout = 100
# Send the broadcast message to all windows
[Win32]::SendMessageTimeout($HWND_BROADCAST, $WM_SETTINGCHANGE, [IntPtr]::Zero, "ImmersiveColorSet", $SMTO_ABORTIFHUNG, $timeout, [ref]([IntPtr]::Zero))
Clear-Host
Write-Host "The taskbar will take around a minute to show up, but you can start using your computer now. Try pressing the Windows key to open the Start menu, or Windows + E to launch File Explorer."
Start-Sleep -Seconds 10

2
xaml/inputXML.xaml
View File

@@ -1554,7 +1554,7 @@
</TextBlock> </TextBlock>
<Button Grid.Column="1" <Button Grid.Column="1"
Name="WPFWin11ISOCleanResetButton" Name="WPFWin11ISOCleanResetButton"
Content="🗑 Clean &amp; Reset" Content="Clean &amp; Reset"
Foreground="OrangeRed" Foreground="OrangeRed"
Width="Auto" Padding="12,0" Width="Auto" Padding="12,0"
Height="{DynamicResource ButtonHeight}" Height="{DynamicResource ButtonHeight}"