Skip to content

Instantly share code, notes, and snippets.

@paulmallon

paulmallon/Windows 10 post install script

Last active December 29, 2022 23:38
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save paulmallon/2d5e080e392a26a4772f881cb835bc96 to your computer and use it in GitHub Desktop.
Save paulmallon/2d5e080e392a26a4772f881cb835bc96 to your computer and use it in GitHub Desktop.
Download ZIP
Post windows 10 install script to fix UI stuff and privacy settings.
Raw
post_install_part1.ps1
#
# Windows 10 post install script - Part 1
#
# Created by PM 2019-01-21
#
# Run the following command:
# PS> Set-ExecutionPolicy Bypass -Scope Process -Force; iex .\post_instal_part1.ps1
#-----------------------------------------------------------------------------------------------------------------------
#
# Self-elevate the script if required
#
if (-Not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] 'Administrator')) {
Write-Warning "This script needs to be run As Admin - Starting new elevated powershell process";
$CommandLine = $MyInvocation.MyCommand.Path
Start-Process -wait -FilePath PowerShell.exe -Verb Runas -ArgumentList "-noexit -command `"Set-ExecutionPolicy Bypass -Scope Process -Force; &'$CommandLine'"
break
}
#
# Halt execution on eny error
#
$ErrorActionPreference = "Stop"
#
# Gray Windows theme
#
function Update-WindowsTheme {
write-host 'Setting windows theme....' -NoNewline
# Change background to solid color
set-ItemProperty -Path "HKCU:\Control Panel\Colors" -name Background -type String -value "74 84 89"
set-itemproperty -path "HKCU:\Control Panel\Desktop" -name WallPaper -type String -value ""
# sett dark theme
set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize -name AppsUseLightTheme -type dword -value 0
# enable colors on start, task, and title bar
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\DWM ColorPrevalence -Type DWord -Value 1
set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize -name ColorPrevalence -type dword -value 1
set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize -name EnableTransparency -type dword -value 1
set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize -name SpecialColor -type dword -value 12235947
# add color accent
set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Accent -Name AccentPalette -Type Binary -Value ([byte[]](0x98, 0xab, 0xb6, 0x00, 0x7d, 0x8d, 0x96, 0x00, 0x63, 0x70, 0x77, 0x00, 0x4a, 0x54, 0x59, 0x00, 0x37, 0x3f, 0x42, 0x00, 0x2c, 0x32, 0x35, 0x00, 0x1f, 0x23, 0x25, 0x00, 0x00, 0xb7, 0xc3, 0x00))
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Accent -name StartColorMenu -Type DWord -Value 4284044362
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Accent -name AccentColorMenu -Type DWord -Value 4282531639
# disable background image on logon screen
set-itemproperty -path HKLM:\SOFTWARE\Policies\Microsoft\Windows\System -name DisableLogonBackgroundImage -Type DWord -Value 1
write-host 'Done'
}
#
# Explorer settings
#
function Update-ExplorerSettings {
write-host 'Updating explorer settings....' -NoNewline
If (-Not (Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced")) {
New-Item -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced -Force | Out-Null
}
# Set task bar to never combine and show small icons
$key = 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer'
$advancedKey = "$key\Advanced"
$cabinetStateKey = "$key\CabinetState"
If (-Not (Test-Path $cabinetStateKey)) {
New-Item -Path $cabinetStateKey -Force | Out-Null
}
Set-ItemProperty $advancedKey TaskbarSmallIcons 1
Set-ItemProperty $advancedKey TaskbarGlomLevel 2
set-ItemProperty $advancedKey HideFileExt 0
Set-ItemProperty $advancedKey NavPaneExpandToCurrentFolder 1
Set-ItemProperty $advancedKey NavPaneShowAllFolders 1
Set-ItemProperty $advancedKey SnapAssist 0
Set-ItemProperty $advancedKey MMTaskbarMode 2
Set-ItemProperty $advancedKey LaunchTo 1
Set-ItemProperty $cabinetStateKey FullPath 1
Set-ItemProperty $advancedKey Hidden 1
Set-ItemProperty $advancedKey DontUsePowerShellOnWinX 0
# Remove ribbon
If (-Not (Test-Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Ribbon")) {
New-Item -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Ribbon -Force | Out-Null
}
set-itemproperty -path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Ribbon -name MinimizedStateTabletModeOff -value 1
set-itemproperty -path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Ribbon -name QatItems -value -
# Disable Quick Access: Recent Files
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Name ShowRecent -Type DWord -Value 0
# Disable Quick Access: Frequent Folders
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer -Name ShowFrequent -Type DWord -Value 0
# Disable the Lock Screen (the one before password prompt - to prevent dropping the first character)
If (-Not (Test-Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization)) {
New-Item -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows -Name Personalization | Out-Null
}
Set-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization -Name NoLockScreen -Type DWord -Value 1
# Use the Windows 7-8.1 Style Volume Mixer
If (-Not (Test-Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MTCUVC")) {
New-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion" -Name MTCUVC | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MTCUVC" -Name EnableMtcUvc -Type DWord -Value 0
write-host 'Done'
}
#
# Privacy settings
#
function Update-PrivacySettings {
write-host 'Updating privacy settings....' -NoNewline
# Privacy: SmartScreen Filter for Store Apps: Disable
If (-Not (Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost")) {
New-Item -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost -Force | Out-Null
}
Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost -Name EnableWebContentEvaluation -Type DWord -Value 0
If (-Not (Test-Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost")) {
New-Item -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost -Force | Out-Null
}
Set-ItemProperty -Path HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost -Name EnableWebContentEvaluation -Type DWord -Value 0
# WiFi Sense: HotSpot Sharing: Disable
If (-Not (Test-Path "HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting")) {
New-Item -Path HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting -Force | Out-Null
}
Set-ItemProperty -Path HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting -Name value -Type DWord -Value 0
If (-Not (Test-Path "HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting")) {
New-Item -Path HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting -Force | Out-Null
}
Set-ItemProperty -Path HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting -Name value -Type DWord -Value 0
# WiFi Sense: Shared HotSpot Auto-Connect: Disable
If (-Not (Test-Path "HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots")) {
New-Item -Path HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots -Force | Out-Null
}
Set-ItemProperty -Path HKLM:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots -Name value -Type DWord -Value 0
If (-Not (Test-Path "HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots")) {
New-Item -Path HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots -Force | Out-Null
}
Set-ItemProperty -Path HKCU:\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots -Name value -Type DWord -Value 0
# Disable Telemetry (requires a reboot to take effect)
If (-Not (Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection")) {
New-Item -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection -Force | Out-Null
}
Set-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection -Name AllowTelemetry -Type DWord -Value 0
If (-Not (Test-Path "HKCU:\SOFTWARE\Policies\Microsoft\Windows\DataCollection")) {
New-Item -Path HKCU:\SOFTWARE\Policies\Microsoft\Windows\DataCollection -Force | Out-Null
}
Set-ItemProperty -Path HKCU:\SOFTWARE\Policies\Microsoft\Windows\DataCollection -Name AllowTelemetry -Type DWord -Value 0
Get-Service DiagTrack, Dmwappushservice | Stop-Service | Set-Service -StartupType Disabled
write-host 'Done'
}
#
# Disable Windows Update automatic restart
# Note: This doesn't disable the need for the restart but rather tries to ensure that the restart doesn't happen in the least expected moment.
Function Disable-UpdateRestart {
Write-host "Disabling Windows Update automatic restart...." -NoNewline
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU")) {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Force | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "NoAutoRebootWithLoggedOnUsers" -Type DWord -Value 1
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "AUPowerManagement" -Type DWord -Value 0
write-host "Done"
}
#
# Disable Windows Defender
#
Function Disable-Defender {
Write-Host "Disabling Windows Defender...." -NoNewline
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender")) {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender" -Force | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender" -Name "DisableAntiSpyware" -Type DWord -Value 1
If ([System.Environment]::OSVersion.Version.Build -eq 14393) {
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" -Name "WindowsDefender" -ErrorAction SilentlyContinue
}
ElseIf ([System.Environment]::OSVersion.Version.Build -ge 15063) {
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" -Name "SecurityHealth" -ErrorAction SilentlyContinue
}
write-host 'Done'
Write-Host "Disabling Windows Defender Cloud..." -nonew
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet")) {
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" -Force | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" -Name "SpynetReporting" -Type DWord -Value 0
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" -Name "SubmitSamplesC
onsent" -Type DWord -Value 2
write-host 'Done'
}
#
# Install Winsdows linux subsystem
#
function Install-WindowsSubsystemForLinux {
param ([string]$dist = "debian")
if ((Get-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux).State -eq "Enabled") {
Write-host "Windows feature Microsoft-Windows-Subsystem-Linux is already enabled"
}
else {
Write-host "Installing windows feature Microsoft-Windows-Subsystem-Linux"
Write-host "Restart your system after the feature is installed and rerun the script"
Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux
}
if (test-path (join-path "C:\distros\" $dist)) {
write-host (join-path "C:\distros\" $dist) " already exists. " -nonew
read-host Press enter to overwrite installation
Remove-Item (join-path "C:\distros\" $dist) -rec -force
}
write-host "Installing $dist ....." -NoNewline
# hide progress bar to speed up invoke-webrequest
$ProgressPreference = 'SilentlyContinue'
if ($dist -like "ubuntu") {
$env:Path += ";C:\distros\ubuntu\;"
Invoke-WebRequest -Uri https://aka.ms/wsl-ubuntu-1604 -OutFile $env:temp\ubuntu.zip -UseBasicParsing
expand-Archive $env:temp\ubuntu.zip C:\Distros\ubuntu -force
Remove-Item $env:temp\ubuntu.zip
write-host "Ubuntu first run - Create a user. Exit ubuntu when done."
start-process ubuntu -Wait -nonew
ubuntu config --default-user root
}
elseif ($dist -like "kali") {
$env:Path += ";C:\distros\debian\;"
Invoke-WebRequest -Uri https://aka.ms/wsl-kali-linux -OutFile $env:temp\kali.zip -UseBasicParsing
Expand-Archive $env:temp\kali.zip $env:temp\kalitmp -force
Rename-Item $env:temp\kalitmp\DistroLauncher-Appx_1.1.4.0_x64.appx DistroLauncher-Appx_1.1.4.0_x64.zip
Expand-Archive $env:temp\kalitmp\DistroLauncher-Appx_1.1.4.0_x64.zip C:\distros\kali\ -force
Remove-Item $env:temp\kalitmp\ -recurse
Remove-Item $env:temp\kali.zip
write-host "Kali first run - Create a user. Exit kali when done."
start-process ubuntu -Wait -nonew
kali config --default-user root
}
elseif ($dist -like "debian") {
$env:Path += ";C:\distros\debian\;"
Invoke-WebRequest -Uri https://aka.ms/wsl-debian-gnulinux -OutFile $env:temp\debian.zip -UseBasicParsing
Expand-Archive $env:temp\debian.zip C:\Distros\debian -force
debian install --root
#debian.exe -c "apt-get update; apt-get install zsh -y, apt-get install git -y"
}
else {
write-warning "Unknown dist $dist. Function Install-Wsl handles ubuntu, kali and debian";
}
wslconfig.exe /setdefault $dist
# reset progress bar
$ProgressPreference = 'Continue'
write-host 'Done'
}
#
# Set User access control level to lowest possible
#
Function Disable-UAC {
Write-host 'Lowering UAC level...' -NoNewline
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" -Name "ConsentPromptBehaviorAdmin" -Type DWord -Value 0
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" -Name "PromptOnSecureDesktop" -Type DWord -Value 0
write-host 'Done'
}
#
# Disable auto play for all devices
#
Function Disable-Autoplay {
Write-host "Disabling Autoplay...." -NoNewline
Set-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers" -Name "DisableAutoplay" -Type DWord -Value 1
write-host 'Done'
Write-host "Disabling Autorun for all drives..." -NoNewline
If (!(Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer")) {
New-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" | Out-Null
}
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" -Name "NoDriveTypeAutoRun" -Type DWord -Value 255
write-host 'Done'
}
Function Disable-LockscreenPolicies {
$key = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization"
If (!(Test-Path $key)) {
write-host "No personalization policies found"
} else {
Write-host 'Setting policies for personalization...' -NoNewline
Set-ItemProperty -Path $key -Name NoLockScreen -Type DWord -Value 1
Set-ItemProperty -Path $key -Name PersonalColors_Background -Type DWord -Value 4284044362
Set-ItemProperty -Path $key -name PersonalColors_Accent -Type DWord -Value 4282531639
Set-ItemProperty -Path $key -name LockScreenOverlaysDisabled -Type DWord -Value 1
write-host 'Done'
}
}
Function Disable-OemSystemPolicies {
$key ="HKLM:\SOFTWARE\Policies\Microsoft\Windows\System"
If (!(Test-Path $key)) {
write-host "No System policies found"
} else {
Write-host 'Setting policies for System...' -NoNewline
Set-ItemProperty -Path $key -Name DisableLogonBackgroundImage -Type DWord -Value 0
Set-ItemProperty -Path $key -Name UseOEMBackground -Type DWord -Value 0
Set-ItemProperty -Path $key -Name UserPolicyMode -Type DWord -Value 1
Set-ItemProperty -Path $key -Name GroupPolicyMinTransferRate -Type DWord -Value 0
Set-ItemProperty -Path $key -Name EnableSmartScreen -Type DWord -Value 0
write-host 'Done'
}
}
Function Disable-SearchPolicies {
$key ="HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search"
If (!(Test-Path $key)) {
write-host "No Windows search policies found"
} else {
Write-host 'Setting policies for Windows search ...' -NoNewline
Set-ItemProperty -Path $key -Name AllowCortana -Type DWord -Value 0
Set-ItemProperty -Path $key -Name AllowCortanaAboveLock -Type DWord -Value 0
Set-ItemProperty -Path $key -Name AllowSearchToUseLocation -Type DWord -Value 0
write-host 'Done'
}
}
Disable-UAC
Disable-UpdateRestart
Disable-Autoplay
Update-ExplorerSettings
Update-WindowsTheme
Disable-Defender
Update-PrivacySettings
Disable-LockscreenPolicies
Disable-SearchPolicies
Disable-OemSystemPolicies
if((read-host "Install linux subsystem (y/n)") -eq "y") {
Install-WindowsSubsystemForLinux
}
Write-host "Part 1 done!"
Raw
post_install_part2.ps1
#
# Windows 10 post install script - Part 2
#
# Created by PM 2019-01-21
#
# Run the following command:
# PS> Set-ExecutionPolicy Bypass -Scope Process -Force; iex .\post_instal_part2.ps1
#-----------------------------------------------------------------------------------------------------------------------
#
# Self-elevate the script if required
#
if (-Not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] 'Administrator')) {
Write-Warning "This script needs to be run As Admin - Starting new elevated powershell process";
$CommandLine = $MyInvocation.MyCommand.Path
$directory = split-path $CommandLine
Start-Process -wait -FilePath PowerShell.exe -Verb Runas -ArgumentList "-noexit -command `"Set-ExecutionPolicy Bypass -Scope Process -Force; cd $directory ; &'$CommandLine'"
break
}
#
# Halt execution on eny error
#
$ErrorActionPreference = "Stop"
#
# Install Chocolatey
#
function Install-Chocolatey {
if (-not $env:ChocolateyInstall -or -not (Test-Path "$env:ChocolateyInstall\bin\choco.exe")) {
write-host "Installing Chocolatey..."
set-ExecutionPolicy Bypass -Scope Process -Force; Invoke-Expression ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
write-host "Chocolatey installation complete."
}
}
#
# Update Classic Shell Start Menu settings
#
function Update-ClassicStartMenuSettings {
param([switch]$useSettingsFile)
if (-not (Test-Path "$env:ProgramFiles\Classic Shell\ClassicStartMenu.exe")) {
write-warning 'It looks like Classic shell is not installed. Please run: cinst -y classic-shell -installArgs ADDLOCAL=ClassicStartMenu'
break
}
write-host "Installing new layout for Classic Shell start menu..." -NoNewline
if ($useSettingsFile) {
if (test-path .\startmenu.xml) {
Start-Process -FilePath "$env:ProgramFiles\Classic Shell\ClassicStartMenu.exe" -ArgumentList ("-xml " + (get-item .\startmenu.xml).FullName) -wait
}
else { Write-Warning "Could not find Classic Shell settings startmenu.xml"}
}
else {
'<?xml version="1.0"?>
<Settings component="StartMenu" version="4.3.1">
<MenuStyle value="Classic1"/>
<HideProgramsMetro value="1"/>
<PinnedPrograms value="PinnedItems"/>
<RecentPrograms value="None"/>
<RecentProgsTop value="1"/>
<EnableJumplists value="1"/>
<StartScreenShortcut value="0"/>
<SearchBox value="Normal"/>
<SearchPrograms value="1"/>
<SearchMetroApps value="0"/>
<SearchFiles value="0"/>
<SearchContents value="0"/>
<SearchInternet value="0"/>
<SkinC1 value="Metro"/>
<SkinVariationC1 value=""/>
<SkinOptionsC1>
<Line>CAPTION=0</Line>
<Line>USER_IMAGE=0</Line>
<Line>USER_NAME=0</Line>
<Line>CENTER_NAME=0</Line>
<Line>SMALL_ICONS=1</Line>
<Line>LARGE_FONT=0</Line>
<Line>ICON_FRAMES=1</Line>
<Line>OPAQUE=0</Line>
</SkinOptionsC1>
<SkipMetro value="1"/>
</Settings>' | out-file $env:temp\startmenu.xml
Start-Process -FilePath "$env:ProgramFiles\Classic Shell\ClassicStartMenu.exe" -ArgumentList "-xml $env:temp\startmenu.xml" -wait
Remove-Item $env:temp\startmenu.xml
}
write-host Done
}
#
# Install extensions and settings for Visual Studio Code
#
function Install-VisualStudioCodeextensions {
param([switch]$useSettingsFile)
if (-not ($env:path -like "*Microsoft VS Code*" ) -or -not (Test-Path "$env:programfiles\Microsoft VS Code\code.exe")) {
write-warning 'It looks like Microsoft VS Code is not installed. Please run: cinst -y visualstudiocode'
break
}
write-host "Installing extensions for Visual Studio Code..."
code --install-extension gerane.theme-zenburn
code --install-extension ms-vscode.powershell
code --install-extension donjayamanne.githistory
code --install-extension hookyqr.beautify
code --install-extension rintoj.blank-line-organizer
write-host "Updating settings for Visual Studio Code..."
if ($useSettingsFile) {
if (test-path .\vscode_settings.json) {
get-content .\vscode_settings.json | out-file $env:APPDATA\Code\User\settings.json -force -Encoding UTF8
}
else { Write-Warning "Could not find VS Code settings file settings.json"}
}
else {
'{
"editor.mouseWheelZoom": true,
"editor.minimap.enabled": false,
"workbench.colorTheme": "Zenburn",
"editor.formatOnPaste": true,
"editor.formatOnSave": true,
"files.autoGuessEncoding": true,
"files.trimTrailingWhitespace": true,
"files.insertFinalNewline": true,
"files.trimFinalNewlines": true,
"blankLine.keepOneEmptyLine": true,
"blankLine.triggerOnSave": true,
"blankLine.languageIds": [
"powershell",
"java"
],
"files.autoSave": "off",
"editor.renderIndentGuides": true
}' | out-file $env:APPDATA\Code\User\settings.json -force -Encoding UTF8
}
Write-host "Visual Studio Code extensions and settings done."
}
#
# Base application packages
#
function Install-BaseApps {
cinst -y git.install
cinst -y googlechrome
cinst -y visualstudiocode
cinst -y classic-shell -installArgs ADDLOCAL=ClassicStartMenu
cinst -y cmder
cinst -y winrar
cinst -y 7zip
Install-VisualStudioCodeextensions -useSettingsFile
Update-ClassicStartMenuSettings -useSettingsFile
}
#
# Install dev application packages
#
function Install-DevApps {
cinst -y linqpad
cinst -y intellijidea-community
cinst -y visualstudio2017community
cinst -y sql-server-management-studio
cinst -y resharper-platform
cinst -y postman
cinst -y poshgit
cinst -y dotpeek
}
function install-awscli {
cinst -y awscli
cinst -y aws.powershell
cinst -y awstools.powershell
}
#
# Install tool application packages
#
function install-Tools {
cinst -y spotify
cinst -y windirstat
cinst -y filezilla
cinst -y teracopy
cinst -y wireshark
cinst -y sysinternals
cinst -y adobereader
cinst -y virtualbox
cinst -y ccleaner
cinst -y slack
cinst -y rufus
cinst -y vlc
cinst -y chocolateygui
cinst -y k-litecodecpackfull
cinst -y winmerge
cinst -y mremoteng
}
Install-Chocolatey
Install-BaseApps
#install-awscli
#Install-DevApps
#install-Tools
#EOF
Raw
startmenu.xml
<?xml version="1.0"?>
<Settings component="StartMenu" version="4.3.1">
<MenuStyle value="Classic1"/>
<HideProgramsMetro value="1"/>
<PinnedPrograms value="PinnedItems"/>
<RecentPrograms value="None"/>
<RecentProgsTop value="1"/>
<EnableJumplists value="1"/>
<StartScreenShortcut value="0"/>
<SearchBox value="Normal"/>
<SearchPrograms value="1"/>
<SearchMetroApps value="0"/>
<SearchFiles value="0"/>
<SearchContents value="0"/>
<SearchInternet value="0"/>
<SkinC1 value="Metro"/>
<SkinVariationC1 value=""/>
<SkinOptionsC1>
<Line>CAPTION=0</Line>
<Line>USER_IMAGE=0</Line>
<Line>USER_NAME=0</Line>
<Line>CENTER_NAME=0</Line>
<Line>SMALL_ICONS=1</Line>
<Line>LARGE_FONT=0</Line>
<Line>ICON_FRAMES=1</Line>
<Line>OPAQUE=0</Line>
</SkinOptionsC1>
<SkipMetro value="1"/>
<MenuItems1>
<Line>Items=ProgramsMenu,SettingsMenu,SEPARATOR,CustomItem,SEPARATOR,LogOffItem,ShutdownBoxItem,SEPARATOR,SearchBoxItem</Line>
<Line>ProgramsMenu.Command=programs</Line>
<Line>ProgramsMenu.Label=$Menu.Programs</Line>
<Line>ProgramsMenu.Tip=$Menu.ProgramsTip</Line>
<Line>ProgramsMenu.Icon=shell32.dll,326</Line>
<Line>ProgramsMenu.Settings=TRACK_RECENT</Line>
<Line>SettingsMenu.Items=PCSettingsItem,ControlPanelItem</Line>
<Line>SettingsMenu.Command=settings</Line>
<Line>SettingsMenu.Label=$Menu.Settings</Line>
<Line>SettingsMenu.Icon=shell32.dll,330</Line>
<Line>PCSettingsItem.Command=pc_settings</Line>
<Line>PCSettingsItem.Label=$Menu.PCSettings</Line>
<Line>PCSettingsItem.Icon=%windir%\ImmersiveControlPanel\SystemSettings.exe,10</Line>
<Line>PCSettingsItem.Settings=TRACK_RECENT</Line>
<Line>ControlPanelItem.Command=control_panel</Line>
<Line>ControlPanelItem.Label=$Menu.ControlPanel</Line>
<Line>ControlPanelItem.Tip=$Menu.ControlPanelTip</Line>
<Line>ControlPanelItem.Icon=shell32.dll,137</Line>
<Line>ControlPanelItem.Settings=TRACK_RECENT</Line>
<Line>CustomItem.Command=powershell -Command "Start-Process PowerShell -Verb RunAs"</Line>
<Line>CustomItem.Label=Powershell (admin)</Line>
<Line>CustomItem.Icon=shell32.dll, 25</Line>
<Line>LogOffItem.Command=logoff</Line>
<Line>LogOffItem.Label=$Menu.Logoff</Line>
<Line>LogOffItem.Tip=$Menu.LogOffTip</Line>
<Line>LogOffItem.Icon=shell32.dll,325</Line>
<Line>ShutdownBoxItem.Command=shutdown_box</Line>
<Line>ShutdownBoxItem.Label=$Menu.ShutdownBox</Line>
<Line>ShutdownBoxItem.Icon=shell32.dll,329</Line>
<Line>ShutdownBoxItem.Settings=SPLIT</Line>
<Line>SearchBoxItem.Command=search_box</Line>
<Line>SearchBoxItem.Label=$Menu.SearchBox</Line>
<Line>SearchBoxItem.Icon=none</Line>
<Line>SearchBoxItem.Settings=OPEN_UP|TRACK_RECENT</Line>
</MenuItems1>
</Settings>
Raw
vscode_settings.json
{
"editor.mouseWheelZoom": true,
"editor.minimap.enabled": false,
"workbench.colorTheme": "Zenburn",
"editor.formatOnPaste": true,
"editor.formatOnSave": true,
"files.autoGuessEncoding": true,
"files.trimTrailingWhitespace": true,
"files.insertFinalNewline": true,
"files.trimFinalNewlines": true,
"blankLine.keepOneEmptyLine": true,
"blankLine.triggerOnSave": true,
"blankLine.languageIds": [
"powershell",
"java"
],
"files.autoSave": "off",
"editor.renderIndentGuides": true
}
Raw
Windows 10 post install script
Windows 10 post install script
Please see post_install_part1.ps1 and post_install_part2.ps1 for details
Part 1 - Fix Privacy, Explorer, Logon and misc windows settings
----------------------------------------------------------------------------------------------------------
Disable-UAC
Disable-UpdateRestart
Disable-Autoplay
Update-ExplorerSettings
Update-WindowsTheme
Disable-Defender
Update-PrivacySettings
Disable-LockscreenPolicies
Disable-SearchPolicies
Disable-OemSystemPolicies
Part 2 - Install apps and utils via Chocolatey
------------------------------------------------
Install-Chocolatey
Install-BaseApps
Install-DevApps
Install-Tools
Install-awscli
@akaleeroy
Copy link

Over the course of a single week the amount of retinal damage from the visual dirt that is the Windows Ribbon UI is enough to fill a cup of coffee with petrified rage.

Cheers for the fix!

@paulmallon
Copy link
Author

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SystemProtectedUserData<accountid>\AnyoneRead\LockScreen]
"HideLogonBackgroundImage"=dword:00000001

@paulmallon
Copy link
Author

Remove folders from "This pc"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment