diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index 01fb13f300..eb931487b3 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -1,13 +1,17 @@ name: Bug report description: Create a bug report to help us improve Atlas. labels: bug -title: "[BUG REPORT] - " +title: "[BUG] - " body: - type: markdown attributes: value: | - A clear and brief description of what the bug is. + Before submitting an issue, please ensure you have completed the following steps: + - Searched our [documentation](https://docs.atlasos.net) + - Searched our [issue tracker](https://github.com/Atlas-OS/Atlas/issues?q=is%3Aissue) to verify that the issue hasn't been reported already + - Confirmed that you are on the latest version of Atlas + Please note, by submitting an issue, you acknowledge that if the above steps have not been followed, the maintainers reserve the right to close and lock your issue without further response. - type: textarea attributes: label: Description @@ -17,7 +21,8 @@ body: - type: textarea attributes: - label: Steps to reproduce (add screenshots if applicable) + label: Steps to reproduce + description: The steps required to reproduce this bug (add screenshots if applicable). placeholder: | 1. [First step] (Screenshot 1) 2. [Second step] (Screenshot 2) @@ -28,22 +33,23 @@ body: - type: textarea attributes: label: Expected behavior - description: What you expected to happen. + description: What you expect to happen (add screenshots if applicable). validations: required: true - type: textarea attributes: - label: Actual behavior (add screenshots if applicable) - description: What happened. + label: Actual behavior + description: What actually happened (add screenshots if applicable). validations: required: true - type: dropdown attributes: - label: Atlas Version + label: Atlas Edition options: - - Atlas 10 22H2 + - Atlas for Windows 10 22H2 + - Atlas for Windows 11 23H2 validations: required: true @@ -52,28 +58,13 @@ body: label: Desktop information description: Your hardware specification is needed for us to define the problem. placeholder: | - - Processor [include brand and specifics] - - RAM amount - - Storage [include brand and type] - - Graphics card [include driver version] + - Processor [include brand and specs] + - RAM [include size and generation] + - Storage [include size, brand, and type] + - GPU [include brand, specs, driver version] validations: required: true - - type: checkboxes - attributes: - label: Requisites - description: | - To rule out invalid issues, confirm and check each one of the checkboxes. - options: - - label: This is not a support issue or a question. For any support, questions or help, join our [Discord server](https://discord.atlasos.net). - required: true - - label: I performed a [cursory search of the issue tracker](https://github.com/Atlas-OS/Atlas/issues?q=is%3Aissue) to avoid opening a duplicate issue. - required: true - - label: I checked the [documentation](https://docs.atlasos.net) to understand that the issue I am reporting is not normal behavior. - required: true - - label: I understand that not filling out this template correctly will lead to the issue being closed. - required: true - - type: textarea attributes: label: Additional content diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml index d60c0c420f..caf81569d2 100644 --- a/.github/ISSUE_TEMPLATE/config.yml +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -1,14 +1,8 @@ blank_issues_enabled: false contact_links: - - name: General discussions - url: https://discord.atlasos.net - about: Please join our Discord server for general discussions. - - name: General discussions (if you do not use Discord) - url: https://forum.atlasos.net - about: Use our forum for general discussions. - - name: Contribute to Atlas Documentation - url: https://github.com/Atlas-OS/docs - about: Contribute to Atlas Documentation in this repository. + - name: Report Issue about Atlas Documentation + url: https://github.com/Atlas-OS/docs/issues/ + about: Report all Documentation issues in our Documentation repository issue tracker. - name: Report an issue (non-Atlas related issue) - url: https://forum.atlasos.net - about: Please report any non-Atlas related issue in our ``Bug Report`` section on our Forum (Website, Discord bot, etc.). + url: https://forum.atlasos.net/t/atlas-bug-report + about: Please report any non-Atlas Playbook related issue in the ``Bug Report`` section on our Forum (Website, Discord bot, etc.). diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml index c6380176c7..5a0b73b1e5 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -1,37 +1,32 @@ name: Feature request description: Create a feature request to help us improve Atlas. labels: enhancement -title: "[FEATURE REQUEST] - " +title: "[FEATURE] - " body: - type: markdown attributes: value: | - A clear and brief description of your feature request. + Before submitting an feature request, please ensure you have completed the following steps: + - The request you submit is related to the Atlas Playbook. If not, request it in our [forum](https://forum.atlasos.net/t/general) + - Searched our [issue tracker](https://github.com/Atlas-OS/Atlas/issues?q=is%3Aissue) to verify that the issue hasn't been reported already + - Confirmed that your issue is not a support request + - Confirmed that your idea is not already in the latest version of Atlas + Please note, by submitting an issue, you acknowledge that if the above steps have not been followed, the maintainers reserve the right to close and lock your issue without further response. - type: dropdown attributes: label: What is your feature request regarding to? options: - - AtlasOS - - README - - Documentation - - Other, specify below + - Atlas Playbook + - Other (submit it in https://forum.atlasos.net) validations: required: true - - type: input - attributes: - label: Other - description: Only enter if you chose "Other" - placeholder: | - e.g. the... - validations: - - type: textarea attributes: label: Is your feature request related to a problem? Please describe. placeholder: | - A clear and brief description of what the problem is. + e.g. I always wanted Atlas to... validations: required: true @@ -39,7 +34,7 @@ body: attributes: label: Describe the solution you would like. placeholder: | - A clear and brief description of what you want to happen. + e.g. I would like Atlas to add... validations: required: true @@ -50,19 +45,6 @@ body: validations: required: true - - type: checkboxes - attributes: - label: Requisites - description: | - To rule out invalid issues, confirm and check each one of the checkboxes. - options: - - label: This is not a support issue or a question. For any support, questions or help, join our [Discord server](https://discord.atlasos.net). - required: true - - label: I performed a [cursory search of the issue tracker](https://github.com/Atlas-OS/Atlas/issues?q=is%3Aissue) to avoid opening a duplicate issue. - required: true - - label: I understand that not filling out this template will lead to the issue being closed. - required: true - - type: textarea attributes: label: Additional context. diff --git a/.github/PULL_REQUEST_TEMPLATE/Bugfix.md b/.github/PULL_REQUEST_TEMPLATE/Bugfix.md deleted file mode 100644 index 3102650255..0000000000 --- a/.github/PULL_REQUEST_TEMPLATE/Bugfix.md +++ /dev/null @@ -1,9 +0,0 @@ -# Bugfix Pull Request - -#### Describe the bug being fixed - - - -#### Anything we need to know about this fix? diff --git a/.github/PULL_REQUEST_TEMPLATE/Enhancement.md b/.github/PULL_REQUEST_TEMPLATE/Enhancement.md deleted file mode 100644 index d751686931..0000000000 --- a/.github/PULL_REQUEST_TEMPLATE/Enhancement.md +++ /dev/null @@ -1,15 +0,0 @@ -# Enhancement - -#### Describe the enhancement - - - -#### Does this enhancement affect existing functionality? - - - - -- [ ] Yes -- [ ] No diff --git a/.github/PULL_REQUEST_TEMPLATE/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE/PULL_REQUEST_TEMPLATE.md deleted file mode 100644 index 5bbdb32dd2..0000000000 --- a/.github/PULL_REQUEST_TEMPLATE/PULL_REQUEST_TEMPLATE.md +++ /dev/null @@ -1,6 +0,0 @@ -### Type - -- [ ] Bug fix -- [ ] Enhancement - -### Description of changes diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 987cb1f548..16600303d3 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -3,6 +3,5 @@ - [ ] Did you read and follow the [Atlas Contribution Guidelines](https://docs.atlasos.net/contributions/)? - [ ] Did you commit to the [`dev`](https://github.com/Atlas-OS/Atlas/tree/dev) branch and not [`main`](https://github.com/Atlas-OS/Atlas)? -**Note:** You should commit directly to `main` for translations of the `README.md`. - ### Describe your pull request + diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000000..fc9860a8c3 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1 @@ +Contribution Guidelines is on our [Documentation](https://docs.atlasos.net/contributions/). diff --git a/README.md b/README.md index d21815cb7c..dbaa802cdb 100644 --- a/README.md +++ b/README.md @@ -61,4 +61,4 @@ Playbooks are renamed **.zip** archives (with the password [`malte`](https://doc As Atlas doesn't redistrbute a modified Windows ISO, Atlas fully complies with [Microsoft's Terms of Service](https://www.microsoft.com/en-us/Useterms/Retail/Windows/10/UseTerms_Retail_Windows_10_English.htm). In addition, activation in Windows is not modified. ## 🎨 Brand kit -Want to create your own Atlas wallpaper with some original creative designs? Download our brand kit [here](https://github.com/Atlas-OS/branding/archive/refs/heads/main.zip) and share your creations on our [forum](https://forum.atlasos.net/t/art-showcase). +Want to create your own Atlas wallpaper with some original creative designs? Download our brand kit [here](https://github.com/Atlas-OS/branding/archive/refs/heads/main.zip) and share your creations on our [forum](https://forum.atlasos.net/t/art-showcase). \ No newline at end of file diff --git a/src/playbook/Configuration/atlas/appx.yml b/src/playbook/Configuration/atlas/appx.yml index 200b213995..0b3c4b456a 100644 --- a/src/playbook/Configuration/atlas/appx.yml +++ b/src/playbook/Configuration/atlas/appx.yml @@ -82,10 +82,10 @@ actions: - !appx: {name: '*Global.IrisService*', type: app, unregister: true} - !appx: {name: '*Global.ValueBanner*', type: app, unregister: true} - - !run: - exe: 'powershell.exe' - args: '-NoP -File CLIENTCBS.ps1' + - !powerShell: + command: '.\CLIENTCBS.ps1' exeDir: true + wait: true # Family App, Quick Assist - !appx: {name: '*MicrosoftCorporationII.QuickAssist*', type: family} @@ -126,8 +126,7 @@ actions: command: '$a = """$env:windir\AtlasModules\AtlasPackagesOld.txt"""; (diff (gc $a) ((Get-AppxPackage).PackageFamilyName)).InputObject | Foreach-Object { New-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned" -Name $_ -Force }; Remove-Item $a -Force' runas: currentUserElevated - # Clear caches of Start menu and more + # Clear caches of Client.CBS and more - !appx: {operation: clearCache, name: '*Client.CBS*'} - - !appx: {operation: clearCache, name: '*StartMenuExperienceHost*'} - !appx: {operation: clearCache, name: '*Windows.Search*'} - !appx: {operation: clearCache, name: '*Microsoft.Windows.SecHealthUI'} diff --git a/src/playbook/Configuration/atlas/components.yml b/src/playbook/Configuration/atlas/components.yml index be43c4e61e..dbd2e76e7e 100644 --- a/src/playbook/Configuration/atlas/components.yml +++ b/src/playbook/Configuration/atlas/components.yml @@ -16,11 +16,12 @@ actions: # Microsoft Edge - !writeStatus: {status: 'Removing Microsoft Edge', option: 'uninstall-edge'} - - !cmd: - command: 'powershell.exe -NoP -EP Unrestricted -File "%windir%\AtlasDesktop\1. Software\Remove Edge.ps1" -UninstallEdge -KeepAppX -Exit' - wait: true + - !powerShell: + command: '& """.\AtlasModules\Scripts\ScriptWrappers\RemoveEdge.ps1""" -UninstallEdge -KeepAppX -Exit' runas: currentUserElevated option: 'uninstall-edge' + wait: true + exeDir: true # AppX uninstallation in the script seems to fail, therefore it's not used and AME Wizard is used instead - !appx: {name: '*Microsoft.MicrosoftEdge.Stable*', type: family, option: 'uninstall-edge'} - !appx: {name: '*Microsoft.MicrosoftEdge*', type: family, option: 'uninstall-edge'} @@ -35,26 +36,23 @@ actions: - !run: {exeDir: true, exe: 'ONED.cmd'} - !writeStatus: {status: 'Removing components'} - - !run: - exe: 'powershell' - args: '& """$env:windir\AtlasModules\PackagesEnvironment\centralScript.ps1""" -PlaybookInstall' + - !powerShell: + command: '& """.\AtlasModules\PackagesEnvironment\centralScript.ps1""" -PlaybookInstall' option: 'defender-disable' - - !run: - exe: 'powershell' - args: '& """$env:windir\AtlasModules\PackagesEnvironment\centralScript.ps1""" -PlaybookInstall -EverythingButDefender' + wait: true + exeDir: true + - !powerShell: + command: '& """.\AtlasModules\PackagesEnvironment\centralScript.ps1""" -PlaybookInstall -EverythingButDefender' option: 'defender-enable' + wait: true + exeDir: true # Update Health Tools - !writeStatus: {status: 'Removing Update Health'} - - !powerShell: {command: 'Import-Module -Name """$env:windir\AtlasModules\Scripts\Modules\Uninstall-MsiexecAppByName\Uninstall-MsiexecAppByName.psm1"""; Uninstall-MsiexecAppByName -Name ''Microsoft Update Health Tools'''} + - !powerShell: {command: 'Import-Module -Name """.\AtlasModules\Scripts\Modules\Uninstall-MsiexecAppByName\Uninstall-MsiexecAppByName.psm1"""; Uninstall-MsiexecAppByName -Name ''Microsoft Update Health Tools''', exeDir: true} # PC Health Check - !writeStatus: {status: 'Removing PC Health Check'} - - !powerShell: {command: 'Import-Module -Name """$env:windir\AtlasModules\Scripts\Modules\Uninstall-MsiexecAppByName\Uninstall-MsiexecAppByName.psm1"""; Uninstall-MsiexecAppByName -Name ''Windows PC Health Check'''} + - !powerShell: {command: 'Import-Module -Name """.\AtlasModules\Scripts\Modules\Uninstall-MsiexecAppByName\Uninstall-MsiexecAppByName.psm1"""; Uninstall-MsiexecAppByName -Name ''Windows PC Health Check''', exeDir: true} # The Microsoft Update Health Service stays, which is a Windows bug - !service: {name: 'uhssvc', deleteUsingRegistry: true} - - # Converts all Microsoft user accounts to local accounts - - !run: - exeDir: true - exe: 'CONVERTUSERS.cmd' diff --git a/src/playbook/Configuration/atlas/services.yml b/src/playbook/Configuration/atlas/services.yml index df544069b1..3736b96bf7 100644 --- a/src/playbook/Configuration/atlas/services.yml +++ b/src/playbook/Configuration/atlas/services.yml @@ -1,141 +1,69 @@ --- -title: Services -description: Configures services +title: Configure Services and Drivers +description: Configures services and drivers to reduce background system resource utilisation privilege: TrustedInstaller actions: + # ---------------------------------- + # - Potential references - + # - Mostly upon IoT recommandation - + # ---------------------------------- + # https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/rds-vdi-recommendations-2004 + # https://learn.microsoft.com/en-us/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server + # https://learn.microsoft.com/en-us/windows/iot/iot-enterprise/optimize/services + - !writeStatus: {status: 'Configuring services'} # Backup default Windows serivces & drivers - !cmd: - command: 'powershell -NoP -EP Unrestricted -File "BACKUP.ps1" "%windir%\AtlasModules\Other\winServices.reg"' + command: 'powershell -NoP -EP Unrestricted -File BACKUP.ps1 "%windir%\AtlasModules\Other\winServices.reg"' wait: true exeDir: true - # ------------------------ Services ------------------------ + ############################################################################################## + ## SERVICES ## + ############################################################################################## - - !run: - exe: 'Disable Bluetooth.cmd' - path: '%windir%\AtlasDesktop\3. Configuration\Bluetooth' - args: '/silent' + - !cmd: + command: '"AtlasDesktop\3. Configuration\Bluetooth\Disable Bluetooth.cmd" /silent' option: 'disable-bluetooth' - - !run: - exe: 'Disable Printing (default).cmd' - path: '%windir%\AtlasDesktop\3. Configuration\Printing' - args: '/silent' - - !run: - exe: 'Disable Notifications (default).cmd' - path: '%windir%\AtlasDesktop\3. Configuration\Notifications' - args: '/silent' + exeDir: true + wait: true + - !cmd: + command: '"AtlasDesktop\3. Configuration\Printing\Disable Printing (default).cmd" /silent' + exeDir: true + wait: true + - !cmd: + command: '"AtlasDesktop\3. Configuration\Notifications\Disable Notifications (default).cmd" /silent' + exeDir: true + wait: true - - !service: {name: 'diagnosticshub.standardcollector.service', operation: change, startup: 4} - - !service: {name: 'diagsvc', operation: change, startup: 4} - - !service: {name: 'DiagTrack', operation: change, startup: 4} - - !service: {name: 'DispBrokerDesktopSvc', operation: change, startup: 4} + # ------ Microsoft recommendation - 'OK to disable' ------ - !service: {name: 'lfsvc', operation: change, startup: 4} - !service: {name: 'MapsBroker', operation: change, startup: 4} - !service: {name: 'OneSyncSvc', operation: change, startup: 4} - - !service: {name: 'PcaSvc', operation: change, startup: 4} - !service: {name: 'TrkWks', operation: change, startup: 4} - - !service: {name: 'WdiServiceHost', operation: change, startup: 4} - - !service: {name: 'WdiSystemHost', operation: change, startup: 4} - - !service: {name: 'wercplsupport', operation: change, startup: 4} - - !service: {name: 'WerSvc', operation: change, startup: 4} + - !service: {name: 'PcaSvc', operation: change, startup: 4} + - !service: {name: 'DiagTrack', operation: change, startup: 4} - !service: {name: 'WSearch', operation: change, startup: 4} - # Set to manual from automatic - # Might not be all too beneficial, as services starting and always being ready is probably ideal - # Commented as these will be automatic for a reason - sppsvc is needed for things like Store & activation - # - !service: {name: 'CryptSvc', operation: change, startup: 3} - # - !service: {name: 'sppsvc', operation: change, startup: 3} - - # These services are commented as they're manual - # They will only be uncommented once there's a proven benefit - # - !service: {name: 'AarSvc', operation: change, startup: 4} - # - !service: {name: 'AJRouter', operation: change, startup: 4} - # - !service: {name: 'AppIDSvc', operation: change, startup: 4} - # - !service: {name: 'autotimesvc', operation: change, startup: 4} - # - !service: {name: 'embeddedmode', operation: change, startup: 4} - # - !service: {name: 'fhsvc', operation: change, startup: 4} - # - !service: {name: 'GraphicsPerfSvc', operation: change, startup: 4} - # - !service: {name: 'IpxlatCfgSvc', operation: change, startup: 4} - # - !service: {name: 'KtmRm', operation: change, startup: 4} - # - !service: {name: 'MessagingService', operation: change, startup: 4} - # - !service: {name: 'MSDTC', operation: change, startup: 4} - # - !service: {name: 'PeerDistSvc', operation: change, startup: 4} - # - !service: {name: 'PhoneSvc', operation: change, startup: 4} - # - !service: {name: 'RasMan', operation: change, startup: 4} - # - !service: {name: 'SEMgrSvc', operation: change, startup: 4} - # - !service: {name: 'Smartcard', operation: change, startup: 4} - # - !service: {name: 'SmsRouter', operation: change, startup: 4} - # - !service: {name: 'SstpSvc', operation: change, startup: 4} - # - !service: {name: 'W32Time', operation: change, startup: 4} - # - !service: {name: 'WarpJITSvc', operation: change, startup: 4} - # - !service: {name: 'wbengine', operation: change, startup: 4} - # - !service: {name: 'WEPHOSTSVC', operation: change, startup: 4} - # - !service: {name: 'wlpasvc', operation: change, startup: 4} - # - !service: {name: 'WMPNetworkSvc', operation: change, startup: 4} - # - !service: {name: 'WPDBusEnum', operation: change, startup: 4} - # - !service: {name: 'wisvc', operation: change, startup: 4} + # ------ Microsoft recommendation - 'Do not disable' ----- + - !service: {name: 'diagnosticshub.standardcollector.service', operation: change, startup: 4} + - !service: {name: 'diagsvc', operation: change, startup: 4} + - !service: {name: 'WdiServiceHost', operation: change, startup: 4} + - !service: {name: 'WdiSystemHost', operation: change, startup: 4} + - !service: {name: 'WerSvc', operation: change, startup: 4} + - !service: {name: 'DispBrokerDesktopSvc', operation: change, startup: 4} - # DPS 4 < breaks Data Usage - # DsSvc 4 < can cause issues with Snip & Sketch - # icssvc 4 < breaks mobile/Wi-Fi hotspot - # IKEEXT 4 < causes Teredo not to work - # iphlpsvc 4 < causes Teredo not to work - # KeyIso 4 < causes issues with NVCleanstall's driver telemetry tweak - # SharedAccess 4 < breaks mobile/Wi-Fi hotspot - # ShellHWDetection 4 < breaks bitlocker + # ------- Microsoft recommendation - 'No guideance' ------ + - !service: {name: 'wercplsupport', operation: change, startup: 4} - # ---------------------- Services END ---------------------- + ############################################################################################## + ## DRIVERS ## + ############################################################################################## - # ------------------------- Drivers ------------------------ + - !writeStatus: {status: 'Configuring drivers'} # NetBios support can be enabled with the file sharing script - !service: {name: 'GpuEnergyDrv', operation: change, startup: 4} - !service: {name: 'NetBT', operation: change, startup: 4} - !service: {name: 'Telemetry', operation: change, startup: 4} - - # These drivers are mostly needed for compatiblity - # They shouldn't be disabled unless proven to have an effect - # - !service: {name: 'Beep', operation: change, startup: 4} - # - !service: {name: 'bindflt', operation: change, startup: 4} - # - !service: {name: 'CimFS', operation: change, startup: 4} - # - !service: {name: 'Dfsc', operation: change, startup: 4} - # - !service: {name: 'tcpipreg', operation: change, startup: 4} - # - !service: {name: 'WindowsTrustedRTProxy', operation: change, startup: 4} - - # These drivers are commented as they're manual - # They will only be uncommented once there's a proven benefit - # - !service: {name: 'flpydisk', operation: change, startup: 4} - # - !service: {name: '3ware', operation: change, startup: 4} - # - !service: {name: 'ADP80XX', operation: change, startup: 4} - # - !service: {name: 'AmdK8', operation: change, startup: 4} - # - !service: {name: 'arcsas', operation: change, startup: 4} - # - !service: {name: 'AsyncMac', operation: change, startup: 4} - # - !service: {name: 'buttonconverter', operation: change, startup: 4} - # - !service: {name: 'CAD', operation: change, startup: 4} - # - !service: {name: 'nvraid', operation: change, startup: 4} - # - !service: {name: 'sfloppy', operation: change, startup: 4} - # - !service: {name: 'SiSRaid2', operation: change, startup: 4} - # - !service: {name: 'SiSRaid4', operation: change, startup: 4} - # - !service: {name: 'VerifierExt', operation: change, startup: 4} - # - !service: {name: 'vsmraid', operation: change, startup: 4} - # - !service: {name: 'VSTXRAID', operation: change, startup: 4} - # - !service: {name: 'ErrDev', operation: change, startup: 4} - # - !service: {name: 'fdc', operation: change, startup: 4} - # - !service: {name: 'circlass', operation: change, startup: 4} - # - !service: {name: 'CompositeBus', operation: change, startup: 4} - # - !service: {name: 'wcnfs', operation: change, startup: 4} - - # rdbss 3 < Commented as we're not sure if it functions normally set to manual - # FileInfo 4 < Breaks installing Microsoft Store applications to different disk - # FileCrypt 4 < Breaks installing Microsoft Store applications to different disk - # PEAUTH 4 < breaks UWP streaming applications such as netflix, manual mode does not fix - # NdisVirtualBus 4 < breaks network bridges - # umbus 4 < breaks Hyper-V Enhanced Session - # volmgrx 4 < breaks dynamic disks - # wcifs 4 < breaks various Microsoft Store games, erroring with "filter not found" - # bam 4 < stopped by default, needed for modern standby - # dam 4 < stopped by default, needed for modern standby - - # ----------------------- Drivers END ---------------------- diff --git a/src/playbook/Configuration/atlas/start.yml b/src/playbook/Configuration/atlas/start.yml index 00bc61a769..68858b612b 100644 --- a/src/playbook/Configuration/atlas/start.yml +++ b/src/playbook/Configuration/atlas/start.yml @@ -36,7 +36,6 @@ actions: # - !run: {exeDir: true, exe: 'REFRESHENV.cmd'} - !writeStatus: {status: 'Configuring Optional Features'} - - !run: {exe: 'DISM.exe', args: '/Online /Cleanup-Image /StartComponentCleanup', weight: 30} - !run: {exe: 'DISM.exe', args: '/Online /Enable-Feature /FeatureName:"DirectPlay" /NoRestart /All', weight: 30} - !run: {exe: 'DISM.exe', args: '/Online /Disable-Feature /FeatureName:"Internet-Explorer-Optional-amd64" /NoRestart', weight: 30, builds: [ '!>=22000' ]} - !run: {exe: 'DISM.exe', args: '/Online /Disable-Feature /FeatureName:"Printing-Foundation-Features" /NoRestart', weight: 30} @@ -47,35 +46,91 @@ actions: ################ NO LOCAL BUILD ################ - !writeStatus: {status: 'Installing software'} - - !run: - exe: 'powershell.exe' - args: '-NoP -File "SOFTWARE.ps1"' + + # Initial software (7-Zip & Visual C++ runtimes) + - !powerShell: + command: '.\SOFTWARE.ps1' exeDir: true + wait: true weight: 150 runas: currentUserElevated + + # Browsers - !writeStatus: {status: 'Installing Google Chrome', option: 'browser-chrome'} - - !run: - exe: 'powershell.exe' - args: '-NoP -File "SOFTWARE.ps1" -Chrome' + - !powerShell: + command: '.\SOFTWARE.ps1 -Chrome' exeDir: true - weight: 150 + wait: true + weight: 120 option: 'browser-chrome' runas: currentUserElevated - !writeStatus: {status: 'Installing Brave', option: 'browser-brave'} - - !run: - exe: 'powershell.exe' - args: '-NoP -File "SOFTWARE.ps1" -Brave' + - !powerShell: + command: '.\SOFTWARE.ps1 -Brave' exeDir: true - weight: 150 + wait: true + weight: 120 option: 'browser-brave' runas: currentUserElevated - - !writeStatus: {status: 'Installing Waterfox', option: 'browser-waterfox'} - - !run: - exe: 'powershell.exe' - args: '-NoP -File "SOFTWARE.ps1" -Waterfox' + - !writeStatus: {status: 'Installing Firefox', option: 'browser-firefox'} + - !powerShell: + command: '.\SOFTWARE.ps1 -Firefox' exeDir: true - weight: 150 - option: 'browser-waterfox' + wait: true + weight: 120 + option: 'browser-firefox' + runas: currentUserElevated + + # Media players + - !writeStatus: {status: 'Installing mpv', option: 'player-mpv'} + - !powerShell: + command: '.\SOFTWARE.ps1 -mpv' + exeDir: true + wait: true + weight: 90 + option: 'player-mpv' + runas: currentUserElevated + - !writeStatus: {status: 'Installing MPC-HC', option: 'player-mpchc'} + - !powerShell: + command: '.\SOFTWARE.ps1 -mpchc' + exeDir: true + wait: true + weight: 90 + option: 'player-mpchc' + runas: currentUserElevated + - !writeStatus: {status: 'Installing VLC', option: 'player-vlc'} + - !powerShell: + command: '.\SOFTWARE.ps1 -vlc' + exeDir: true + wait: true + weight: 90 + option: 'player-vlc' + runas: currentUserElevated + + # Text editors + - !writeStatus: {status: 'Installing Notepad++', option: 'editor-npp'} + - !powerShell: + command: '.\SOFTWARE.ps1 -npp' + exeDir: true + wait: true + weight: 90 + option: 'editor-npp' + runas: currentUserElevated + - !writeStatus: {status: 'Installing VSCode', option: 'editor-vscode'} + - !powerShell: + command: '.\SOFTWARE.ps1 -vscode' + exeDir: true + wait: true + weight: 120 + option: 'editor-vscode' + runas: currentUserElevated + - !writeStatus: {status: 'Installing VLC', option: 'editor-vscodium'} + - !powerShell: + command: '.\SOFTWARE.ps1 -vscodium' + exeDir: true + wait: true + weight: 120 + option: 'editor-vscodium' runas: currentUserElevated ################ END NO LOCAL BUILD ################ diff --git a/src/playbook/Configuration/tweaks/misc/create-shortcuts.yml b/src/playbook/Configuration/tweaks/misc/create-shortcuts.yml index 7a2e84a934..4d554de3ab 100644 --- a/src/playbook/Configuration/tweaks/misc/create-shortcuts.yml +++ b/src/playbook/Configuration/tweaks/misc/create-shortcuts.yml @@ -3,7 +3,7 @@ title: Create Shortcuts description: Creates shortcuts for the desktop and more privilege: TrustedInstaller actions: - - !run: - exe: 'powershell.exe' - args: '-NoP -EP Unrestricted -File "SHORTCUTS.ps1"' + - !powerShell: + command: '.\SHORTCUTS.ps1' exeDir: true + wait: true diff --git a/src/playbook/Configuration/tweaks/misc/delete-windows-specific-files.yml b/src/playbook/Configuration/tweaks/misc/delete-windows-specific-files.yml index 78916819ce..deaa727643 100644 --- a/src/playbook/Configuration/tweaks/misc/delete-windows-specific-files.yml +++ b/src/playbook/Configuration/tweaks/misc/delete-windows-specific-files.yml @@ -1,6 +1,6 @@ --- title: Delete Windows-version Specific Tweaks -description: Deletes Windows 10 or Windows 11-only tweaks in the Atlas folder, depending on the current version +description: Deletes Windows 10 or Windows 11-only tweaks in the Atlas folder, depending on the current version privilege: TrustedInstaller actions: # Windows 11-only @@ -10,6 +10,7 @@ actions: - !file: {path: '%windir%\AtlasDesktop\4. Optional Tweaks\File Explorer Customization\Gallery', builds: [ '!>=22000' ]} - !file: {path: '%windir%\AtlasDesktop\4. Optional Tweaks\File Explorer Customization\Folders in This PC\Win11', builds: [ '!>=22000' ]} - !file: {path: '%windir%\AtlasDesktop\4. Optional Tweaks\Windows 11 Context Menu', builds: [ '!>=22000' ]} + - !file: {path: '%windir%\AtlasDesktop\4. Optional Tweaks\Windows Copilot', builds: [ '!>=22000' ]} - !file: {path: '%windir%\AtlasModules\Tools\TimerResolution.exe', builds: [ '!>=22000' ]} # Windows 10-only diff --git a/src/playbook/Configuration/tweaks/performance/disable-fth.yml b/src/playbook/Configuration/tweaks/performance/disable-fth.yml index 9e9627c570..3e8b2dbde4 100644 --- a/src/playbook/Configuration/tweaks/performance/disable-fth.yml +++ b/src/playbook/Configuration/tweaks/performance/disable-fth.yml @@ -14,6 +14,9 @@ actions: data: '0' type: REG_DWORD cpuArch: 'X64' + # Reset FTH entries - !run: {exe: 'rundll32.exe', args: 'fthsvc.dll,FthSysprepSpecialize', cpuArch: 'X64', wait: false} + + # Don't run on Arm64 - FTH doesn't exist - !file: {path: '%windir%\AtlasDesktop\7. Security\Mitigations\Fault Tolerant Heap', cpuArch: 'Arm64'} diff --git a/src/playbook/Configuration/tweaks/qol/appearance/atlas-theme.yml b/src/playbook/Configuration/tweaks/qol/appearance/atlas-theme.yml index ea4014486f..91897cb5a4 100644 --- a/src/playbook/Configuration/tweaks/qol/appearance/atlas-theme.yml +++ b/src/playbook/Configuration/tweaks/qol/appearance/atlas-theme.yml @@ -10,10 +10,10 @@ actions: wait: true # Set lockscreen - - !run: - exe: 'powershell.exe' - args: '-NoP -EP Unrestricted & """LOCKSCREEN.ps1"""' + - !powerShell: + command: '.\LOCKSCREEN.ps1' exeDir: true + wait: true runas: currentUserElevated - !taskKill: {name: 'SystemSettings', ignoreErrors: true} - !taskKill: {name: 'control', ignoreErrors: true} diff --git a/src/playbook/Configuration/tweaks/qol/config-powershell.yml b/src/playbook/Configuration/tweaks/qol/config-powershell.yml index 85edc2a6be..0b994ba37e 100644 --- a/src/playbook/Configuration/tweaks/qol/config-powershell.yml +++ b/src/playbook/Configuration/tweaks/qol/config-powershell.yml @@ -1,6 +1,6 @@ --- title: Configure PowerShell -description: Configures PowerShell for the optimal privacy, performance and usability +description: Configures PowerShell for the optimal privacy and usability privilege: TrustedInstaller actions: # Disable PowerShell Core telemetry diff --git a/src/playbook/Configuration/tweaks/qol/config-start-menu.yml b/src/playbook/Configuration/tweaks/qol/config-start-menu.yml index ec0b926c39..7226f7fcf8 100644 --- a/src/playbook/Configuration/tweaks/qol/config-start-menu.yml +++ b/src/playbook/Configuration/tweaks/qol/config-start-menu.yml @@ -3,7 +3,7 @@ title: Configure Start Menu description: Configures the Start Menu's settings for QoL privilege: TrustedInstaller actions: - # Configure Windows 11 pins + # Configure default Windows 11 pins - !registryValue: path: 'HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Start' value: 'ConfigureStartPins' @@ -32,7 +32,10 @@ actions: data: '2' type: REG_DWORD + # Set Windows 10 & 11 start menu pins + - !taskKill: {name: 'StartMenuExperienceHost', ignoreErrors: true} - !run: exeDir: true exe: 'STARTMENU.cmd' weight: 20 + - !appx: {operation: clearCache, name: '*StartMenuExperienceHost*'} diff --git a/src/playbook/Configuration/tweaks/qol/explorer/remove-context-menus/new-bitmap.yml b/src/playbook/Configuration/tweaks/qol/explorer/remove-context-menus/new-bitmap.yml index ed6409d676..6793b6832d 100644 --- a/src/playbook/Configuration/tweaks/qol/explorer/remove-context-menus/new-bitmap.yml +++ b/src/playbook/Configuration/tweaks/qol/explorer/remove-context-menus/new-bitmap.yml @@ -4,9 +4,8 @@ description: Removes bitmap image from the 'New' context menu privilege: TrustedInstaller actions: - !registryKey: {path: 'HKCR\.bmp\ShellNew'} - # Commented due to being an unreliable solution - # - !run: - # exe: 'powershell.exe' - # args: '-NoP -EP Unrestricted & "REMOVEBITMAP.ps1"' + # - !powerShell: + # command: '& REMOVEBITMAP.ps1' # exeDir: true # wait: true + # runas: currentUserElevated diff --git a/src/playbook/Configuration/tweaks/qol/taskbar/config-pins.yml b/src/playbook/Configuration/tweaks/qol/taskbar/config-pins.yml index 742ed3fb47..de7aef6534 100644 --- a/src/playbook/Configuration/tweaks/qol/taskbar/config-pins.yml +++ b/src/playbook/Configuration/tweaks/qol/taskbar/config-pins.yml @@ -17,8 +17,8 @@ actions: exeDir: true - !run: exe: 'TASKBARPINS.cmd' - args: '"Waterfox"' - option: 'browser-waterfox' + args: '"Firefox"' + option: 'browser-firefox' exeDir: true - !run: exe: 'TASKBARPINS.cmd' diff --git a/src/playbook/Configuration/tweaks/qol/taskbar/disable-copilot.yml b/src/playbook/Configuration/tweaks/qol/taskbar/disable-copilot.yml index c3d86105a6..53ad5666bf 100644 --- a/src/playbook/Configuration/tweaks/qol/taskbar/disable-copilot.yml +++ b/src/playbook/Configuration/tweaks/qol/taskbar/disable-copilot.yml @@ -4,8 +4,9 @@ description: Disables Windows Copilot as it depends on Edge, as well it collecti privilege: TrustedInstaller builds: [ '>=22000' ] actions: + # Doesn't work with HKLM - !registryValue: - path: 'HKLM\Software\Policies\Microsoft\Windows\WindowsCopilot' + path: 'HKCU\Software\Policies\Microsoft\Windows\WindowsCopilot' value: 'TurnOffWindowsCopilot' data: '1' type: REG_DWORD diff --git a/src/playbook/Configuration/tweaks/qol/taskbar/disable-news-and-interests.yml b/src/playbook/Configuration/tweaks/qol/taskbar/disable-news-and-interests.yml index b3d7ac2eba..60f9df9a2e 100644 --- a/src/playbook/Configuration/tweaks/qol/taskbar/disable-news-and-interests.yml +++ b/src/playbook/Configuration/tweaks/qol/taskbar/disable-news-and-interests.yml @@ -3,11 +3,13 @@ title: Disable News and Interests description: Disables News and Interests on the taskbar for privacy (lots of third party connections) and QoL privilege: TrustedInstaller actions: + - !taskKill: {name: 'explorer'} - !registryValue: path: 'HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Feeds' value: 'ShellFeedsTaskbarViewMode' data: '2' type: REG_DWORD + - !run: {exe: 'explorer.exe', runas: 'currentUser', wait: false} - !registryValue: path: 'HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds' value: 'EnableFeeds' diff --git a/src/playbook/Configuration/tweaks/qol/windows-update/disable-auto-updates.yml b/src/playbook/Configuration/tweaks/qol/windows-update/disable-auto-updates.yml index b555dfebe2..b62045c29f 100644 --- a/src/playbook/Configuration/tweaks/qol/windows-update/disable-auto-updates.yml +++ b/src/playbook/Configuration/tweaks/qol/windows-update/disable-auto-updates.yml @@ -21,8 +21,11 @@ actions: - !registryValue: {path: 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell\Update\Packages\Components', value: 'SystemSettingsExtensions', operation: delete} - !registryValue: {path: 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell\Update\Packages\Components', value: 'WebExperienceHost', operation: delete} - !registryValue: {path: 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell\Update\Packages\Components', value: 'WindowsBackup', operation: delete} + - !registryValue: {path: 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\LastOnlineScanTimeForAppCategory\855E8A7C-ECB4-4CA3-B045-1DFA50104289', value: 'EA6A8EC8-24BF-48A3-B0F0-A86A6447C0E2', operation: delete} + - !registryValue: {path: 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RequestedAppCategories\855E8A7C-ECB4-4CA3-B045-1DFA50104289', value: 'EA6A8EC8-24BF-48A3-B0F0-A86A6447C0E2', operation: delete} - !registryValue: {path: 'HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices\AppIso\FirewallRules', value: '{5D2C72C6-969D-4C1E-8484-41ED53782351}', data: 'v2.32|Action=Block|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|RA42=IntErnet|RA62=IntErnet|Name=Windows Web Experience Pack|Desc=Windows Web Experience Pack|LUAuth=O:LSD:(A;;CC;;;S-1-15-3-1)(A;;CC;;;WD)(A;;CC;;;AN)|LUOwn=S-1-5-21-1752034362-1788923297-4099944-1001|AppPkgId=S-1-15-2-1312876954-3728250218-3694470604-4188764552-3197360367-780678243-3229644300|EmbedCtxt=Windows Web Experience Pack|'} - !registryValue: {path: 'HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules', value: '{26037439-AD8B-4A56-AF2E-F6CDDB59F6BE}', data: 'v2.32|Action=Block|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Windows Web Experience Pack|Desc=Windows Web Experience Pack|LUOwn=S-1-5-21-1752034362-1788923297-4099944-1001|AppPkgId=S-1-15-2-1312876954-3728250218-3694470604-4188764552-3197360367-780678243-3229644300|EmbedCtxt=Windows Web Experience Pack|Platform=2:6:2|Platform2=GTEQ|'} + - !registryValue: {path: 'HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules', value: '{44000509-BE9E-419B-A60B-54E62CF41203}', data: 'v2.32|Action=Block|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Windows Web Experience Pack|Desc=Windows Web Experience Pack|LUOwn=S-1-5-21-2784447539-1655915103-1638202157-1001|AppPkgId=S-1-15-2-1312876954-3728250218-3694470604-4188764552-3197360367-780678243-3229644300|EmbedCtxt=Windows Web Experience Pack|'} # Prevent Microsoft Teams installation - !registryValue: {path: 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Communications', value: 'ConfigureChatAutoInstall', data: '0', type: REG_DWORD} diff --git a/src/playbook/Configuration/tweaks/scripts/script-backup2.yml b/src/playbook/Configuration/tweaks/scripts/script-backup2.yml index 637e897bfb..6e72245317 100644 --- a/src/playbook/Configuration/tweaks/scripts/script-backup2.yml +++ b/src/playbook/Configuration/tweaks/scripts/script-backup2.yml @@ -4,6 +4,6 @@ description: Backs up default Atlas services and drivers, after all the tweaks a privilege: TrustedInstaller actions: - !cmd: - command: 'powershell -NoP -EP Unrestricted -File "BACKUP.ps1" "%windir%\AtlasModules\Other\atlasServices.reg"' + command: 'powershell -NoP -EP Unrestricted -File BACKUP.ps1 "%windir%\AtlasModules\Other\atlasServices.reg"' wait: true exeDir: true diff --git a/src/playbook/Configuration/tweaks/scripts/script-cleanup.yml b/src/playbook/Configuration/tweaks/scripts/script-cleanup.yml index d790c23799..1b92d061f6 100644 --- a/src/playbook/Configuration/tweaks/scripts/script-cleanup.yml +++ b/src/playbook/Configuration/tweaks/scripts/script-cleanup.yml @@ -3,8 +3,8 @@ title: Cleanup Temporary Files description: Cleans up temporary files using Disk Cleanup (if no other installs of Windows are found) privilege: TrustedInstaller actions: - - !run: - exe: 'powershell.exe' - args: '-NoP -File CLEANUP.ps1' + - !powerShell: + command: '.\CLEANUP.ps1' exeDir: true + wait: true runas: currentUserElevated diff --git a/src/playbook/Configuration/tweaks/scripts/script-core-isolation.yml b/src/playbook/Configuration/tweaks/scripts/script-core-isolation.yml index bdf440aa82..055caaa7b1 100644 --- a/src/playbook/Configuration/tweaks/scripts/script-core-isolation.yml +++ b/src/playbook/Configuration/tweaks/scripts/script-core-isolation.yml @@ -5,6 +5,6 @@ privilege: TrustedInstaller option: 'vbs-disable' actions: - !powerShell: - command: '& """$env:windir\AtlasDesktop\7. Security\Core Isolation (VBS)\Current Configuration.ps1""" -DisableAllVBS' - exeDir: true + command: '& """.\AtlasModules\Scripts\ScriptWrappers\ConfigVBS.ps1""" -DisableAllVBS' wait: true + exeDir: true diff --git a/src/playbook/Configuration/tweaks/scripts/script-devices.yml b/src/playbook/Configuration/tweaks/scripts/script-devices.yml index f073dced1d..8c18aec8ee 100644 --- a/src/playbook/Configuration/tweaks/scripts/script-devices.yml +++ b/src/playbook/Configuration/tweaks/scripts/script-devices.yml @@ -4,7 +4,7 @@ description: Disables devices that users would not typically need to reduce any privilege: TrustedInstaller actions: - !powerShell: {command: 'Disable-NetAdapterBinding -Name "*" -ComponentID ms_msclient, ms_server, ms_lldp, ms_lltdio, ms_rspndr'} - - !run: - exe: 'powershell.exe' - args: '-NoP -File DISABLEPNP.ps1' + - !powerShell: + command: '.\DISABLEPNP.ps1' exeDir: true + wait: true diff --git a/src/playbook/Configuration/tweaks/scripts/script-file-associations.yml b/src/playbook/Configuration/tweaks/scripts/script-file-associations.yml index 4c39b2eba3..b86791a041 100644 --- a/src/playbook/Configuration/tweaks/scripts/script-file-associations.yml +++ b/src/playbook/Configuration/tweaks/scripts/script-file-associations.yml @@ -14,11 +14,26 @@ actions: exeDir: true - !run: exe: 'FILEASSOC.cmd' - args: '"WaterFox"' - option: 'browser-waterfox' + args: '"Firefox"' + option: 'browser-firefox' exeDir: true - !run: exe: 'FILEASSOC.cmd' args: '"Google Chrome"' option: 'browser-chrome' exeDir: true + - !run: + exe: 'FILEASSOC.cmd' + args: '"mpv"' + option: 'player-mpv' + exeDir: true + - !run: + exe: 'FILEASSOC.cmd' + args: '"MPC-HC"' + option: 'player-mpchc' + exeDir: true + - !run: + exe: 'FILEASSOC.cmd' + args: '"VLC"' + option: 'player-vlc' + exeDir: true diff --git a/src/playbook/Configuration/tweaks/scripts/script-mitigations.yml b/src/playbook/Configuration/tweaks/scripts/script-mitigations.yml index 34216f3990..0261cb5d33 100644 --- a/src/playbook/Configuration/tweaks/scripts/script-mitigations.yml +++ b/src/playbook/Configuration/tweaks/scripts/script-mitigations.yml @@ -4,7 +4,7 @@ description: Disables mitigations in Windows dependant on the user's options privilege: TrustedInstaller option: 'mitigations-disable' actions: - - !run: - exe: 'Disable All Mitigations.cmd' - path: '%windir%\AtlasDesktop\7. Security\Mitigations' - args: '/silent' + - !cmd: + command: '"AtlasDesktop\7. Security\Mitigations\Disable All Mitigations.cmd" /silent' + exeDir: true + wait: true diff --git a/src/playbook/Configuration/tweaks/scripts/script-ngen.yml b/src/playbook/Configuration/tweaks/scripts/script-ngen.yml index 867abfbc61..5bc9ddb5f7 100644 --- a/src/playbook/Configuration/tweaks/scripts/script-ngen.yml +++ b/src/playbook/Configuration/tweaks/scripts/script-ngen.yml @@ -3,7 +3,7 @@ title: Runs NGEN on PowerShell libraries description: Optimizes PowerShell startup time by compiling the .NET libraries privilege: TrustedInstaller actions: - - !run: - exe: 'powershell.exe' - args: '-NoP -EP Unrestricted -File NGEN.ps1' + - !powerShell: + command: '.\NGEN.ps1' exeDir: true + wait: true diff --git a/src/playbook/Configuration/tweaks/scripts/script-pfp.yml b/src/playbook/Configuration/tweaks/scripts/script-pfp.yml index dabea2a767..1d4e317eab 100644 --- a/src/playbook/Configuration/tweaks/scripts/script-pfp.yml +++ b/src/playbook/Configuration/tweaks/scripts/script-pfp.yml @@ -3,7 +3,7 @@ title: Set Profile Pictures description: Sets the default Atlas profile pictures privilege: TrustedInstaller actions: - - !run: - exe: 'powershell.exe' - args: '-NoP -File "PFP.ps1"' + - !powerShell: + command: '.\PFP.ps1' exeDir: true + wait: true diff --git a/src/playbook/Configuration/tweaks/scripts/script-power.yml b/src/playbook/Configuration/tweaks/scripts/script-power.yml index 3ee06154c5..cd1d6d4c64 100644 --- a/src/playbook/Configuration/tweaks/scripts/script-power.yml +++ b/src/playbook/Configuration/tweaks/scripts/script-power.yml @@ -4,17 +4,17 @@ description: Executes script to configure power settings for the best performanc privilege: TrustedInstaller actions: # Disable Power Saving features - - !run: - exe: 'Disable Power Saving.cmd' - path: '%windir%\AtlasDesktop\3. Configuration\Power\Power Saving' - args: '/silent' + - !cmd: + command: '"AtlasDesktop\3. Configuration\Power\Power Saving\Disable Power Saving.cmd" /silent' + exeDir: true + wait: true weight: 20 option: 'disable-power-saving' # Disable Hibernation & Fast Startup # Disabling makes NTFS accessible outside of Windows - - !run: - exe: 'Disable Hibernation (default).cmd' - path: '%windir%\AtlasDesktop\3. Configuration\Power\Hibernation' - args: '/silent' + - !cmd: + command: '"AtlasDesktop\3. Configuration\Power\Hibernation\Disable Hibernation (default).cmd" /silent' + exeDir: true + wait: true weight: 20 diff --git a/src/playbook/Configuration/tweaks/security/delete-defaultuser0.yml b/src/playbook/Configuration/tweaks/security/delete-defaultuser0.yml index e25ac577d6..ec06c4ec18 100644 --- a/src/playbook/Configuration/tweaks/security/delete-defaultuser0.yml +++ b/src/playbook/Configuration/tweaks/security/delete-defaultuser0.yml @@ -3,4 +3,4 @@ title: Delete 'defaultuser0' Account Used During OOBE description: Deletes the hidden 'defaultuser0' account used during OOBE (Out of Box Experience) privilege: TrustedInstaller actions: - - !run: {exe: 'net', args: 'user defaultuser0 /delete'} + - !run: {exe: 'net', args: 'user defaultuser0 /delete', ignoreErrors: true} diff --git a/src/playbook/Executables/AtlasDesktop/1. Software/Install Software.cmd b/src/playbook/Executables/AtlasDesktop/1. Software/Install Software.cmd new file mode 100644 index 0000000000..80bc176313 --- /dev/null +++ b/src/playbook/Executables/AtlasDesktop/1. Software/Install Software.cmd @@ -0,0 +1,8 @@ +@echo off +set "script=%windir%\AtlasModules\Scripts\ScriptWrappers\InstallSoftware.ps1" +if not exist "%script%" ( + echo Script not found. + echo %script% + exit /b 1 +) +powershell -EP Bypass -NoP Unblock-File -Path """$env:script""" -EA 0; ^& """$env:script""" %* \ No newline at end of file diff --git a/src/playbook/Executables/AtlasDesktop/1. Software/Remove Edge.cmd b/src/playbook/Executables/AtlasDesktop/1. Software/Remove Edge.cmd new file mode 100644 index 0000000000..c2c64f1e80 --- /dev/null +++ b/src/playbook/Executables/AtlasDesktop/1. Software/Remove Edge.cmd @@ -0,0 +1,8 @@ +@echo off +set "script=%windir%\AtlasModules\Scripts\ScriptWrappers\RemoveEdge.ps1" +if not exist "%script%" ( + echo Script not found. + echo %script% + exit /b 1 +) +powershell -EP Bypass -NoP Unblock-File -Path """$env:script""" -EA 0; ^& """$env:script""" %* \ No newline at end of file diff --git a/src/playbook/Executables/AtlasDesktop/3. Configuration/Network Discovery/File Sharing/Disable File Sharing (default).cmd b/src/playbook/Executables/AtlasDesktop/3. Configuration/Network Discovery/File Sharing/Disable File Sharing (default).cmd index e85d1a67b4..97993255cb 100644 --- a/src/playbook/Executables/AtlasDesktop/3. Configuration/Network Discovery/File Sharing/Disable File Sharing (default).cmd +++ b/src/playbook/Executables/AtlasDesktop/3. Configuration/Network Discovery/File Sharing/Disable File Sharing (default).cmd @@ -9,7 +9,7 @@ if "%*" == "" ( set args= & set "args1=%*" if defined args1 set "args=%args1:"='%" -powershell -nop "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" +PowerShell -NoP "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" exit /b %ERRORLEVEL% : end batch / begin PowerShell #> diff --git a/src/playbook/Executables/AtlasDesktop/3. Configuration/Network Discovery/File Sharing/Enable File Sharing.cmd b/src/playbook/Executables/AtlasDesktop/3. Configuration/Network Discovery/File Sharing/Enable File Sharing.cmd index f11188433c..7d495ac18f 100644 --- a/src/playbook/Executables/AtlasDesktop/3. Configuration/Network Discovery/File Sharing/Enable File Sharing.cmd +++ b/src/playbook/Executables/AtlasDesktop/3. Configuration/Network Discovery/File Sharing/Enable File Sharing.cmd @@ -9,7 +9,7 @@ if "%*" == "" ( set args= & set "args1=%*" if defined args1 set "args=%args1:"='%" -powershell -nop "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" +PowerShell -NoP "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" exit /b %ERRORLEVEL% : end batch / begin PowerShell #> diff --git a/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/CPU Idle/Context Menu/Remove Idle toggle in context menu (default).reg b/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/CPU Idle/Context Menu/Remove Idle toggle in context menu (default).reg index f3c8e6345c..35d76b3bd2 100644 --- a/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/CPU Idle/Context Menu/Remove Idle toggle in context menu (default).reg +++ b/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/CPU Idle/Context Menu/Remove Idle toggle in context menu (default).reg @@ -1,3 +1,3 @@ Windows Registry Editor Version 5.00 -[-HKEY_CLASSES_ROOT\DesktopBackground\Shell\Idle] \ No newline at end of file +[-HKEY_CLASSES_ROOT\DesktopBackground\Shell\CpuIdle] \ No newline at end of file diff --git a/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Hibernation/Disable Hibernation (default).cmd b/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Hibernation/Disable Hibernation (default).cmd index a9c821a9fa..9eadcf4973 100644 --- a/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Hibernation/Disable Hibernation (default).cmd +++ b/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Hibernation/Disable Hibernation (default).cmd @@ -1,6 +1,6 @@ @echo off -if "%~1" == "/setup" goto main +if "%~1" == "/silent" goto main whoami /user | find /i "S-1-5-18" > nul 2>&1 || ( call RunAsTI.cmd "%~f0" %* diff --git a/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Hibernation/Enable Hibernation.cmd b/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Hibernation/Enable Hibernation.cmd index 327d75244e..03622d7522 100644 --- a/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Hibernation/Enable Hibernation.cmd +++ b/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Hibernation/Enable Hibernation.cmd @@ -1,5 +1,7 @@ @echo off +if "%~1" == "/silent" goto main + whoami /user | find /i "S-1-5-18" > nul 2>&1 || ( call RunAsTI.cmd "%~f0" %* exit /b diff --git a/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Sleep/Disable Sleep.cmd b/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Sleep/Disable Sleep.cmd index 6f6bdac6ac..b7daeca87d 100644 --- a/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Sleep/Disable Sleep.cmd +++ b/src/playbook/Executables/AtlasDesktop/3. Configuration/Power/Sleep/Disable Sleep.cmd @@ -25,9 +25,9 @@ if "%~1" == "/silent" exit /b choice /n /c:yn /m "Would you like to disable hibernation? [Y/N]" if %errorlevel%==1 ( - start "Disabling Hibernation" "%windir%\AtlasDesktop\3. Configuration\Power\Hibernation\Disable Hibernation (default).cmd" + call "%windir%\AtlasDesktop\3. Configuration\Power\Hibernation\Disable Hibernation (default).cmd" /silent ) else ( - start "Enabling Hibernation" "%windir%\AtlasDesktop\3. Configuration\Power\Hibernation\Enable Hibernation.cmd" + call "%windir%\AtlasDesktop\3. Configuration\Power\Hibernation\Enable Hibernation.cmd" /silent ) echo Finished, changes have been applied. diff --git a/src/playbook/Executables/AtlasDesktop/3. Configuration/Start Menu/Install Open-Shell.cmd b/src/playbook/Executables/AtlasDesktop/3. Configuration/Start Menu/Install Open-Shell.cmd index 411e2c8421..99e4891bd9 100644 --- a/src/playbook/Executables/AtlasDesktop/3. Configuration/Start Menu/Install Open-Shell.cmd +++ b/src/playbook/Executables/AtlasDesktop/3. Configuration/Start Menu/Install Open-Shell.cmd @@ -10,6 +10,7 @@ fltmc > nul 2>&1 || ( ) :: Check if WinGet is functional or not +echo Checking if WinGet exists... call "%windir%\AtlasModules\Scripts\wingetCheck.cmd" if %ERRORLEVEL% NEQ 0 exit /b 1 @@ -30,7 +31,7 @@ for /f tokens^=^4^ delims^=^" %%a in ('curl -L# -m 60 "https://api.github.com/re ) curl -L -m 60 --output "%TEMP%\skin.zip" %fluentMetro% > nul 2>&1 || goto fluentError -powershell -NoP -C "Expand-Archive '%TEMP%\skin.zip' -DestinationPath '%ProgramFiles%\Open-Shell\Skins'" > nul 2>&1 || goto fluentError +PowerShell -NoP -C "Expand-Archive '%TEMP%\skin.zip' -DestinationPath '%ProgramFiles%\Open-Shell\Skins'" > nul 2>&1 || goto fluentError :finish del /f /q %TEMP%\Open-Shell.exe > nul 2>&1 diff --git a/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows 11 Taskbar/Disable News and Interests.reg b/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows 11 Taskbar/Disable News and Interests.reg new file mode 100644 index 0000000000..9bc20787c1 --- /dev/null +++ b/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows 11 Taskbar/Disable News and Interests.reg @@ -0,0 +1,17 @@ +Windows Registry Editor Version 5.00 +; Atlas default + +[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Feeds] +"ShellFeedsTaskbarViewMode"=dword:00000002 + +[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds] +"EnableFeeds"=dword:00000000 + +[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Dsh] +"AllowNewsAndInterests"=dword:00000000 + +[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests] +"value"=dword:00000000 + +[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] +"TaskbarDa"=dword:00000000 diff --git a/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows 11 Taskbar/Enable News and Interests.reg b/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows 11 Taskbar/Enable News and Interests.reg new file mode 100644 index 0000000000..1773b99906 --- /dev/null +++ b/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows 11 Taskbar/Enable News and Interests.reg @@ -0,0 +1,16 @@ +Windows Registry Editor Version 5.00 +; Windows default + +[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Feeds] +"ShellFeedsTaskbarViewMode"=dword:00000000 + +[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Feeds] +"EnableFeeds"=dword:00000001 + +[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Dsh] + +[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\default\NewsAndInterests\AllowNewsAndInterests] +"value"=dword:00000001 + +[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] +"TaskbarDa"=dword:00000001 diff --git a/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows Copilot/Disable Windows Copilot (default).reg b/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows Copilot/Disable Windows Copilot (default).reg new file mode 100644 index 0000000000..ff7ca231f9 --- /dev/null +++ b/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows Copilot/Disable Windows Copilot (default).reg @@ -0,0 +1,4 @@ +Windows Registry Editor Version 5.00 + +[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\WindowsCopilot] +"TurnOffWindowsCopilot"=dword:00000001 diff --git a/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows Copilot/Enable Windows Copilot.cmd b/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows Copilot/Enable Windows Copilot.cmd new file mode 100644 index 0000000000..8de1a35bc7 --- /dev/null +++ b/src/playbook/Executables/AtlasDesktop/4. Optional Tweaks/Windows Copilot/Enable Windows Copilot.cmd @@ -0,0 +1,68 @@ +@echo off + +fltmc > nul 2>&1 || ( + echo Administrator privileges are required. + PowerShell Start -Verb RunAs '%0' 2> nul || ( + echo You must run this script as admin. + exit /b 1 + ) + exit /b +) + +if not exist "%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge.exe" goto msedgeInstall + +:main +taskkill /f /im explorer.exe > nul 2>&1 +reg delete "HKCU\Software\Policies\Microsoft\Windows\WindowsCopilot" /v "TurnOffWindowsCopilot" /f > nul 2>&1 +reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCopilotButton" /t REG_DWORD /d "1" /f > nul +start explorer.exe + +echo Finished, changes are applied. +echo Press any key to exit... +pause > nul +exit /b + +:::::::::::::::::: +:: Edge install :: +:::::::::::::::::: + +:msedgeInstall +echo Microsoft Edge is requried to be installed for Windows Copilot. +choice /c:yn /n /m "Would you like to install it now? [Y/N]" +if %errorlevel%==2 ( + cls + echo You must have Edge installed to enable Copilot. + echo Press any key to exit... + pause > nul + exit /b 1 +) + +cls + +:: Check if WinGet is functional or not +:: If not, go to download page for Edge instead of using WinGet +echo Checking for WinGet... +call "%windir%\AtlasModules\Scripts\wingetCheck.cmd" /silent +if %ERRORLEVEL% NEQ 0 goto edgeFail + +:: Install Edge with WinGet +echo Installing Microsoft Edge with WinGet... +echo] +winget install -e --id Microsoft.Edge -h --accept-source-agreements --accept-package-agreements --force +if %ERRORLEVEL% NEQ 0 ( + echo Edge install with WinGet failed. + echo] + goto edgeFail +) + +echo] +echo Edge installed successfully! Enabling Copilot... +timeout /t 3 /nobreak > nul +goto main + +:edgeFail +start https://www.microsoft.com/en-us/edge/download +echo You must download Edge manually before you enable Copilot. +echo Press any key to exit... +pause > nul +exit /b 2 \ No newline at end of file diff --git a/src/playbook/Executables/AtlasDesktop/6. Advanced Configuration/NVIDIA Display Container/Context Menu/Disable Container Context Menu.cmd b/src/playbook/Executables/AtlasDesktop/6. Advanced Configuration/NVIDIA Display Container/Context Menu/Disable Container Context Menu.cmd index cf20128934..df8c6cf567 100644 --- a/src/playbook/Executables/AtlasDesktop/6. Advanced Configuration/NVIDIA Display Container/Context Menu/Disable Container Context Menu.cmd +++ b/src/playbook/Executables/AtlasDesktop/6. Advanced Configuration/NVIDIA Display Container/Context Menu/Disable Container Context Menu.cmd @@ -10,7 +10,7 @@ fltmc > nul 2>&1 || ( ) :: check if the service exists -reg query "HKCR\DesktopBackground\shell\NVIDIAContainer" > nul 2>&1 || +reg query "HKCR\DesktopBackground\shell\NVIDIAContainer" > nul 2>&1 || ( echo The context menu does not exist, thus you cannot continue. echo] pause diff --git a/src/playbook/Executables/AtlasDesktop/7. Security/Core Isolation (VBS)/Current Configuration.cmd b/src/playbook/Executables/AtlasDesktop/7. Security/Core Isolation (VBS)/Current Configuration.cmd new file mode 100644 index 0000000000..62f88a572f --- /dev/null +++ b/src/playbook/Executables/AtlasDesktop/7. Security/Core Isolation (VBS)/Current Configuration.cmd @@ -0,0 +1,8 @@ +@echo off +set "script=%windir%\AtlasModules\Scripts\ScriptWrappers\ConfigVBS.ps1" +if not exist "%script%" ( + echo Script not found. + echo %script% + exit /b 1 +) +powershell -EP Bypass -NoP Unblock-File -Path """$env:script""" -EA 0; ^& """$env:script""" %* \ No newline at end of file diff --git a/src/playbook/Executables/AtlasDesktop/7. Security/Defender/Toggle Defender.cmd b/src/playbook/Executables/AtlasDesktop/7. Security/Defender/Toggle Defender.cmd index dd26db0771..b2d92c0632 100644 --- a/src/playbook/Executables/AtlasDesktop/7. Security/Defender/Toggle Defender.cmd +++ b/src/playbook/Executables/AtlasDesktop/7. Security/Defender/Toggle Defender.cmd @@ -8,7 +8,7 @@ whoami /user | find /i "S-1-5-18" > nul 2>&1 || ( set args= & set "args1=%*" if defined args1 set "args=%args1:"='%" -powershell -nop "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" +PowerShell -NoP "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" exit /b %ERRORLEVEL% : end batch / begin PowerShell #> @@ -93,7 +93,7 @@ function Menu { } $arguments = '/c title Finalizing installation - Atlas & echo Do not close this window. & schtasks /delete /tn "AtlasDefenderConfigurationPrompt" /f > nul & ' ` - + 'powershell -NoP -EP Unrestricted -WindowStyle Hidden -C "& $(Join-Path $env:windir ''\AtlasDesktop\5. Security\Defender\Toggle Defender.cmd'') -NextStartup ' + + 'PowerShell -NoP -EP Bypass -WindowStyle Hidden -C "& $(Join-Path $env:windir ''\AtlasDesktop\5. Security\Defender\Toggle Defender.cmd'') -NextStartup ' $action = New-ScheduledTaskAction -Execute 'cmd' -Argument $arguments Register-ScheduledTask -TaskName 'AtlasDefenderConfigurationPrompt' -Action $action @taskArgs | Out-Null diff --git a/src/playbook/Executables/AtlasDesktop/8. Troubleshooting/Telemetry Components.cmd b/src/playbook/Executables/AtlasDesktop/8. Troubleshooting/Telemetry Components.cmd index afdaf9aa01..3ab6d97f82 100644 --- a/src/playbook/Executables/AtlasDesktop/8. Troubleshooting/Telemetry Components.cmd +++ b/src/playbook/Executables/AtlasDesktop/8. Troubleshooting/Telemetry Components.cmd @@ -8,7 +8,7 @@ whoami /user | find /i "S-1-5-18" > nul 2>&1 || ( set args= & set "args1=%*" if defined args1 set "args=%args1:"='%" -powershell -nop "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" +PowerShell -NoP "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" exit /b %ERRORLEVEL% : end batch / begin PowerShell #> diff --git a/src/playbook/Executables/AtlasModules/PackagesEnvironment/centralScript.ps1 b/src/playbook/Executables/AtlasModules/PackagesEnvironment/centralScript.ps1 index fcfc5fadf4..dca7a11b56 100644 --- a/src/playbook/Executables/AtlasModules/PackagesEnvironment/centralScript.ps1 +++ b/src/playbook/Executables/AtlasModules/PackagesEnvironment/centralScript.ps1 @@ -26,7 +26,7 @@ function SafeMode { if ($Enable) { $bcdeditArgs = '/set {current} safeboot minimal' - $shellValue = "powershell -NoP -EP Unrestricted -File `"$envPath\centralScript.ps1`" $arguments" + $shellValue = "PowerShell -NoP -EP Bypass -File `"$envPath\centralScript.ps1`" $arguments" } else { $bcdeditArgs = '/deletevalue {current} safeboot' $shellValue = 'explorer.exe' @@ -173,7 +173,7 @@ if ($failedPackages.Count -ne 0) { 'Force' = $true } $arguments = "/c title Finalizing installation - Atlas & echo Do not close this window. & echo Atlas is setting up component removal in Windows Recovery... & echo Your computer will automatically restart. & echo] & schtasks /delete /tn `"$safeModeStartupTitle`" /f > nul & " ` - + "powershell -NoP -EP Unrestricted -C `"& '$envPath\centralScript.ps1' -WinRE`" & pause" + + "PowerShell -NoP -EP Bypass -C `"& '$envPath\centralScript.ps1' -WinRE`" & pause" $action = New-ScheduledTaskAction -Execute 'cmd' -Argument $arguments Register-ScheduledTask -TaskName $safeModeStartupTitle -Action $action @taskArgs | Out-Null } diff --git a/src/playbook/Executables/AtlasModules/PackagesEnvironment/winrePackages.ps1 b/src/playbook/Executables/AtlasModules/PackagesEnvironment/winrePackages.ps1 index ee8725b594..819a976bb3 100644 --- a/src/playbook/Executables/AtlasModules/PackagesEnvironment/winrePackages.ps1 +++ b/src/playbook/Executables/AtlasModules/PackagesEnvironment/winrePackages.ps1 @@ -130,7 +130,7 @@ $atlasTeamOnGit function StartupTask { $arguments = '/c title Finalizing installation - Atlas & echo Do not close this window. & schtasks /delete /tn "RecoveryFailureCheck" /f > nul & ' ` - + 'powershell -NoP -EP Unrestricted -WindowStyle Hidden -C "& $(Join-Path $env:windir ''\AtlasModules\PackagesEnvironment\winrePackages.ps1'') -NextStartup"' + + 'PowerShell -NoP -EP Bypass -WindowStyle Hidden -C "& $(Join-Path $env:windir ''\AtlasModules\PackagesEnvironment\winrePackages.ps1'') -NextStartup"' $action = New-ScheduledTaskAction -Execute 'cmd' -Argument $arguments Register-ScheduledTask -TaskName $failCheck -Action $action @taskArgs | Out-Null } @@ -257,7 +257,7 @@ $atlasTeamOnGit Write-Info -Text 'Writing BitLocker key to WinRE partition...' [IO.File]::WriteAllLines($bitlockerRecoveryKeyTxt, $bitlockerRecoveryKey) $action = New-ScheduledTaskAction -Execute 'cmd' ` - -Argument '/c schtasks /delete /tn "AtlasBitlockerRemovalTask" /f > nul & powershell -EP Unrestricted -WindowStyle Hidden -NoP & $(Join-Path $env:windir ''\AtlasModules\PackagesEnvironment\winrePackages.ps1'') -DeleteBitLockerPassword' + -Argument '/c schtasks /delete /tn "AtlasBitlockerRemovalTask" /f > nul & PowerShell -NoP -EP Bypass -WindowStyle Hidden & $(Join-Path $env:windir ''\AtlasModules\PackagesEnvironment\winrePackages.ps1'') -DeleteBitLockerPassword' Register-ScheduledTask -TaskName $bitlockerTaskName -Action $action @taskArgs | Out-Null } else { if (!$?) { diff --git a/src/playbook/Executables/AtlasModules/Scripts/Modules/Uninstall-MsiexecAppByName/Uninstall-MsiexecAppByName.psm1 b/src/playbook/Executables/AtlasModules/Scripts/Modules/Uninstall-MsiexecAppByName/Uninstall-MsiexecAppByName.psm1 index d0bb46591a..68a2454290 100644 --- a/src/playbook/Executables/AtlasModules/Scripts/Modules/Uninstall-MsiexecAppByName/Uninstall-MsiexecAppByName.psm1 +++ b/src/playbook/Executables/AtlasModules/Scripts/Modules/Uninstall-MsiexecAppByName/Uninstall-MsiexecAppByName.psm1 @@ -16,34 +16,35 @@ #> function Uninstall-MsiexecAppByName { - param( - [Parameter(Mandatory = $true)] - [ValidateNotNullOrEmpty()] - [string]$Name - ) - - if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)) { - throw "Uninstall-MsiexecAppByName: Not running as an administrator!" - } - - $uninstallKeyPath = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall" - $uninstallKeys = Get-ChildItem -Path $uninstallKeyPath -EA SilentlyContinue - - foreach ($key in $uninstallKeys.PSPath) { - $displayName = (Get-ItemProperty -Path "$key").DisplayName - if ($displayName -like "*$Name*") { - $uninstallString = (Get-ItemProperty -Path "$key").UninstallString - if ($uninstallString -like "*MsiExec.exe*") { - $foundKey = $key | Split-Path -Leaf - Write-Warning "Uninstalling $displayName..." - Start-Process -FilePath "msiexec.exe" -ArgumentList "/qn /X$foundKey REBOOT=ReallySuppress /norestart" 2>&1 | Out-Null - } - } - } - - if ($null -eq $foundKey) { - throw "Uninstall-MsiexecAppByName: No app found with an MSIExec uninstaller with the display name containing '$Name'." - } + param( + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [string]$Name + ) + + if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)) { + throw "Uninstall-MsiexecAppByName: Not running as an administrator!" + } + + $uninstallKeyPath = "Microsoft\Windows\CurrentVersion\Uninstall" + $uninstallKeys = (Get-ChildItem -Path @( + "HKLM:\SOFTWARE\$uninstallKeyPath", + "HKLM:\SOFTWARE\WOW6432Node\$uninstallKeyPath", + "HKCU:\SOFTWARE\$uninstallKeyPath", + "HKCU:\SOFTWARE\WOW6432Node\$uninstallKeyPath" + ) -EA SilentlyContinue) -match "\{\b[A-Fa-f0-9]{8}(?:-[A-Fa-f0-9]{4}){3}-[A-Fa-f0-9]{12}\b\}" + + foreach ($key in $uninstallKeys.PSPath) { + $displayName = (Get-ItemProperty -Path $key).DisplayName + if (($displayName -like "*$Name*") -and ((Get-ItemProperty -Path $key).UninstallString -like "*MsiExec.exe*")) { + Write-Output "Uninstalling $displayName..." + Start-Process -FilePath "msiexec.exe" -ArgumentList "/qn /X$(Split-Path -Path $key -Leaf) REBOOT=ReallySuppress /norestart" 2>&1 | Out-Null + } + } + + if ($null -eq $foundKey) { + throw "Uninstall-MsiexecAppByName: No app found with an MSIExec uninstaller with the display name containing '$Name'." + } } Export-ModuleMember -Function Uninstall-MsiexecAppByName diff --git a/src/playbook/Executables/AtlasModules/Scripts/RunAsTI.cmd b/src/playbook/Executables/AtlasModules/Scripts/RunAsTI.cmd index 4698af5766..b5a768a4c0 100644 --- a/src/playbook/Executables/AtlasModules/Scripts/RunAsTI.cmd +++ b/src/playbook/Executables/AtlasModules/Scripts/RunAsTI.cmd @@ -62,7 +62,7 @@ goto RunAsTI-Elevate :RunAsTI set "0=%~f0" set "1=%*" -powershell -nop -c iex(gc """$env:0""" -Raw) +PowerShell -NoP -c iex(gc """$env:0""" -Raw) set "RunAsTI_Errorlevel=%ERRORLEVEL%" if "%RunAsTI_Errorlevel%" == "1" ( goto RunAsTI-Fail diff --git a/src/playbook/Executables/AtlasDesktop/7. Security/Core Isolation (VBS)/Current Configuration.ps1 b/src/playbook/Executables/AtlasModules/Scripts/ScriptWrappers/ConfigVBS.ps1 similarity index 100% rename from src/playbook/Executables/AtlasDesktop/7. Security/Core Isolation (VBS)/Current Configuration.ps1 rename to src/playbook/Executables/AtlasModules/Scripts/ScriptWrappers/ConfigVBS.ps1 diff --git a/src/playbook/Executables/AtlasDesktop/1. Software/Install Software.ps1 b/src/playbook/Executables/AtlasModules/Scripts/ScriptWrappers/InstallSoftware.ps1 similarity index 100% rename from src/playbook/Executables/AtlasDesktop/1. Software/Install Software.ps1 rename to src/playbook/Executables/AtlasModules/Scripts/ScriptWrappers/InstallSoftware.ps1 diff --git a/src/playbook/Executables/AtlasDesktop/1. Software/Remove Edge.ps1 b/src/playbook/Executables/AtlasModules/Scripts/ScriptWrappers/RemoveEdge.ps1 similarity index 70% rename from src/playbook/Executables/AtlasDesktop/1. Software/Remove Edge.ps1 rename to src/playbook/Executables/AtlasModules/Scripts/ScriptWrappers/RemoveEdge.ps1 index 5e693278ac..cae7c4a3ed 100644 --- a/src/playbook/Executables/AtlasDesktop/1. Software/Remove Edge.ps1 +++ b/src/playbook/Executables/AtlasModules/Scripts/ScriptWrappers/RemoveEdge.ps1 @@ -31,8 +31,8 @@ param ( [switch]$KeepAppX ) -$version = '1.6' -$host.UI.RawUI.WindowTitle = "EdgeRemover $version" +$version = '1.7' +$host.UI.RawUI.WindowTitle = "EdgeRemover $version | made by @he3als" # credit to ave9858 for Edge removal method: https://gist.github.com/ave9858/c3451d9f452389ac7607c99d45edecc6 $ProgressPreference = "SilentlyContinue" @@ -41,7 +41,7 @@ $SID = (New-Object System.Security.Principal.NTAccount($user)).Translate([Securi $EdgeRemoverReg = 'HKLM:\SOFTWARE\EdgeRemover' if ($Exit -and ((-not $UninstallAll) -and (-not $UninstallEdge))) { - $Exit = $false + $Exit = $false } function PauseNul ($message = "Press any key to continue... ") { @@ -49,6 +49,28 @@ function PauseNul ($message = "Press any key to continue... ") { $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown') | Out-Null } +function Uninstall-MsiexecAppByName { + param( + [Parameter(Mandatory = $true)] + [ValidateNotNullOrEmpty()] + [string]$Name + ) + + $uninstallKeyPath = "Microsoft\Windows\CurrentVersion\Uninstall" + $uninstallKeys = (Get-ChildItem -Path @( + "HKLM:\SOFTWARE\$uninstallKeyPath", + "HKLM:\SOFTWARE\WOW6432Node\$uninstallKeyPath", + "HKCU:\SOFTWARE\$uninstallKeyPath", + "HKCU:\SOFTWARE\WOW6432Node\$uninstallKeyPath" + ) -EA SilentlyContinue) -match "\{\b[A-Fa-f0-9]{8}(?:-[A-Fa-f0-9]{4}){3}-[A-Fa-f0-9]{12}\b\}" + + foreach ($key in $uninstallKeys.PSPath) { + if (((Get-ItemProperty -Path $key).DisplayName -like "*$Name*") -and ((Get-ItemProperty -Path $key).UninstallString -like "*MsiExec.exe*")) { + Start-Process -FilePath "msiexec.exe" -ArgumentList "/qn /X$(Split-Path -Path $key -Leaf) REBOOT=ReallySuppress /norestart" 2>&1 | Out-Null + } + } +} + function BlockEdgeInstallandUpdates { # lots of these will only apply when domain joined and such # further research is needed generally @@ -85,10 +107,10 @@ function BlockEdgeInstallandUpdates { "UpdatesSuppressedDurationMin" = 1440 } - New-Item -Path $EdgeRemoverReg -Force -EA SilentlyContinue | Out-Null - $EdgeUpdateDisabled = 'HKLM:\SOFTWARE\EdgeRemover\EdgeUpdateDisabled' + $EdgeUpdateDisabled = "$EdgeRemoverReg\EdgeUpdateDisabled" $EdgeUpdateOrchestrator = 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Orchestrator\UScheduler\EdgeUpdate' if ($blockEdge) { + New-Item -Path $EdgeRemoverReg -Force -EA SilentlyContinue | Out-Null foreach ($a in $completeBlockPolicies.Keys) { Set-ItemProperty -Path $EdgeUpdatePolicyKey -Name $a -Value $completeBlockPolicies.$a -Type Dword -Force } @@ -131,6 +153,9 @@ function RemoveEdgeChromium { $baseKey = "HKLM:\SOFTWARE\WOW6432Node\Microsoft" $ErrorActionPreference = 'SilentlyContinue' + # check for copilot + $copilot = (Get-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name "ShowCopilotButton" -EA 0)."ShowCopilotButton" -eq 1 + # terminate Edge processes $services = (Get-Service -Name "*edge*" | Where-Object {$_.DisplayName -like "*Microsoft Edge*"}).Name $processes = (Get-Process | Where-Object {($_.Path -like "$env:SystemDrive\Program Files (x86)\Microsoft\*") -or ($_.Name -like "*msedge*")}).Id @@ -163,8 +188,20 @@ function RemoveEdgeChromium { if (Test-Path $uninstallKeyPath) { $uninstallString = (Get-ItemProperty -Path $uninstallKeyPath).UninstallString + " --force-uninstall" Start-Process cmd.exe "/c $uninstallString" -WindowStyle Hidden 2>&1 | Out-Null + } else { + $edges = @(); 'LocalApplicationData','ProgramFilesX86','ProgramFiles' | ForEach-Object { + $folder = [Environment]::GetFolderPath($_) + $edges += Get-ChildItem "$folder\Microsoft\Edge*\setup.exe" -Recurse -EA SilentlyContinue | Where-Object {($_ -like '*Edge\Application*') -or ($_ -like '*SxS\Application*')} + } + foreach ($setup in $edges) { + $sulevel = ('--system-level','--user-level')[$setup -like '*\AppData\Local\*'] + Start-Process -Wait $setup -ArgumentList "--uninstall --msedge $sulevel --channel=stable --verbose-logging --force-uninstall" + } } + # uninstall Edge with MsiExec (e.g. WinGet installs) + Uninstall-MsiexecAppByName -Name "Microsoft Edge" + # remove user data if ($removeData) { $path = "$env:LOCALAPPDATA\Microsoft\Edge" @@ -177,6 +214,12 @@ function RemoveEdgeChromium { if (Test-Path $shortcutPath) { Remove-Item $shortcutPath -Force } + + # restart explorer if Copilot is enabled + # this will hide the Copilot button + if ($copilot) { + Stop-Process -Name explorer -Force -ErrorAction SilentlyContinue + } } function RemoveEdgeAppX { @@ -193,17 +236,36 @@ function RemoveEdgeAppX { } function RemoveWebView { - $edges = @(); $bho = @(); $edgeupdates = @(); 'LocalApplicationData','ProgramFilesX86','ProgramFiles' | foreach { - $folder = [Environment]::GetFolderPath($_) - $edges += dir "$folder\Microsoft\Edge*\setup.exe" -rec -ea 0 | where {$_ -like '*EdgeWebView*'} - } - - foreach ($setup in $edges) { - $target = "--msedgewebview" - $sulevel = ('--system-level','--user-level')[$setup -like '*\AppData\Local\*'] - $removal = "--uninstall $target $sulevel --verbose-logging --force-uninstall" - start -wait $setup -args $removal - } + $webviewUninstallKey = @() + $webviewKey = "Microsoft\Windows\CurrentVersion\Uninstall\Microsoft EdgeWebView" + + foreach ($key in @( + "HKCU:\SOFTWARE\$webviewKey" + "HKLM:\SOFTWARE\WOW6432Node\$webviewKey" + )) { + $webviewUninstallKey += $key + } + + if ($key.Count -eq 0) { + $webViews = @(); 'LocalApplicationData','ProgramFilesX86','ProgramFiles' | ForEach-Object { + $folder = [Environment]::GetFolderPath($_) + $webViews += Get-ChildItem "$folder\Microsoft\Edge*\setup.exe" -Recurse -EA SilentlyContinue | Where-Object {$_ -like '*EdgeWebView*'} + } + + foreach ($setup in $webViews) { + $sulevel = ('--system-level','--user-level')[$setup -like '*\AppData\Local\*'] + Start-Process -Wait $setup -ArgumentList "--uninstall --msedgewebview $sulevel --verbose-logging --force-uninstall" + } + } else { + foreach ($key in $webviewUninstallKey) { + $webviewUninstallString = (Get-ItemProperty -Path $key -EA 0).UninstallString + if ($null -ne $webviewUninstallString) { + Start-Process cmd.exe $("/c $webviewUninstallString" + " --force-uninstall") -WindowStyle Hidden 2>&1 | Out-Null + } + } + } + + Uninstall-MsiexecAppByName -Name "Microsoft Edge WebView2 Runtime" } function UninstallAll { @@ -220,13 +282,26 @@ function UninstallAll { RemoveWebView } if ($removeEdge -and $removeWebView) { - Write-Warning "Uninstalling Edge Update..." + Write-Warning "Deleting Edge Update..." DeleteEdgeUpdate } Write-Warning "Applying EdgeUpdate policies..." BlockEdgeInstallandUpdates } +function ReinstallWarning { + Clear-Host + Write-Host "It's highly recommended to remove the install/update blocks to reinstall Edge." -ForegroundColor Yellow + choice /c:yn /n /m "Would you like to remove the blocks? [Y/N]" + if ($LASTEXITCODE -eq 1) { + $global:removeEdge = $false + $global:removeWebView = $false + $global:removeData = $false + $global:blockEdge = $false + BlockEdgeInstallandUpdates + } +} + function Completed { Write-Host "`nCompleted." -ForegroundColor Green if (!$Exit) { @@ -242,7 +317,7 @@ Please relaunch this script under a regular admin account.`n" -ForegroundColor Y exit 1 } else { if (-not ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)) { - Start-Process cmd "/c powershell -NoP -EP Unrestricted -File `"$PSCommandPath`"" -Verb RunAs; exit + Start-Process cmd "/c PowerShell -NoP -EP Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit } } @@ -285,6 +360,11 @@ while (!($continue)) { Write-Host "[2] Remove Edge WebView ($textWeb)" -ForegroundColor $colourWeb Write-Host "[3] Remove Edge User Data ($textData)" -ForegroundColor $colourData Write-Host "[4] Block WebView install & Edge updates ($textBlock)" -ForegroundColor $colourBlock + + Write-Host "`nReinstall Edge links:" + Write-Host "[5] Install Edge" -ForegroundColor Magenta + Write-Host "[6] Install WebView" -ForegroundColor Magenta + Write-Host "`nPress enter to continue or use numbers to select options... " -NoNewLine $userInput = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown') @@ -302,6 +382,14 @@ while (!($continue)) { 52 { # num 4 $blockEdge = !$blockEdge } + 53 { # num 5 + ReinstallWarning + Start-Process "https://www.microsoft.com/en-us/edge/download" + } + 54 { # num 6 + ReinstallWarning + Start-Process "https://go.microsoft.com/fwlink/?linkid=2124701" + } 13 { # enter $continue = $true } @@ -310,4 +398,4 @@ while (!($continue)) { Clear-Host UninstallAll -Completed +Completed \ No newline at end of file diff --git a/src/playbook/Executables/AtlasModules/Scripts/toggleDev.cmd b/src/playbook/Executables/AtlasModules/Scripts/toggleDev.cmd index 078465de12..32da0c11a3 100644 --- a/src/playbook/Executables/AtlasModules/Scripts/toggleDev.cmd +++ b/src/playbook/Executables/AtlasModules/Scripts/toggleDev.cmd @@ -41,7 +41,7 @@ fltmc > nul 2>&1 || ( set args= & set "args1=%*" if defined args1 set "args=%args1:"='%" -powershell -noni -nop "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" +PowerShell -NonI -NoP "& ([Scriptblock]::Create((Get-Content '%~f0' -Raw))) %args%" exit /b %ERRORLEVEL% : end batch / begin PowerShell #> diff --git a/src/playbook/Executables/CLEANUP.ps1 b/src/playbook/Executables/CLEANUP.ps1 index b20f5e32e6..d65956e7fd 100644 --- a/src/playbook/Executables/CLEANUP.ps1 +++ b/src/playbook/Executables/CLEANUP.ps1 @@ -56,6 +56,8 @@ Get-ChildItem -Path "$env:TEMP" | Where-Object { $_.Name -ne 'AME' } | Remove-It Remove-Item -Path "$env:windir\Temp\*" -Force -Recurse # Delete all system restore points +# This is so that users can't revert back from Atlas to stock with Restore Points +# It's very unsupported to do so, and will cause breakage vssadmin delete shadows /all /quiet # Clear Event Logs diff --git a/src/playbook/Executables/CONVERTUSERS.cmd b/src/playbook/Executables/CONVERTUSERS.cmd deleted file mode 100644 index fe317b2f29..0000000000 --- a/src/playbook/Executables/CONVERTUSERS.cmd +++ /dev/null @@ -1,32 +0,0 @@ -@echo off - -:: make passwords never expire -net accounts /maxpwage:unlimited > nul - -for /f "usebackq delims=" %%a in (`PowerShell -NoP -C "(Get-LocalUser | Where {$_.PrincipalSource -eq 'MicrosoftAccount'}).Name"`) do call :CONVERTUSER "%%a" -for /f "usebackq delims=" %%a in (`reg query "HKLM\SOFTWARE\Microsoft\IdentityStore\LogonCache\Name2Sid" 2^>nul ^| findstr /i /c:"Name2Sid" 2^>nul`) do reg delete "%%a" /f > nul 2>&1 -for /f "usebackq delims=" %%a in (`reg query "HKLM\SOFTWARE\Microsoft\IdentityStore\LogonCache\Sid2Name" 2^>nul ^| findstr /i /c:"Sid2Name" 2^>nul`) do reg delete "%%a" /f > nul 2>&1 - -rmdir /q /s "%windir%\System32\config\systemprofile\AppData\Local\Microsoft\Windows\CloudAPCache" > nul 2>&1 - -exit /b - -:CONVERTUSER -for /f "usebackq delims=" %%a in (`reg query "HKLM\SAM\SAM\Domains\Account\Users" ^| findstr /i /c:"Account\Users"`) do ( - for /f "usebackq tokens=1 delims= " %%c in (`reg query "%%a" ^| findstr /r /c:"[]*Internet" /c:"GivenName" /c:"Surname"`) do reg delete "%%a" /v "%%c" /f > nul -) - -for /f "usebackq delims=" %%a in (`PowerShell -NoP -C "(New-Object -ComObject Microsoft.DiskQuota).TranslateLogonNameToSID('%~1')"`) do set "userSID=%%a" -reg add "HKU\%userSID%\SOFTWARE\Microsoft\Windows\CurrentVersion\AccountState" /v "ExplicitLocal" /t REG_DWORD /d "1" /f > nul -reg delete "HKU\%userSID%\SOFTWARE\Microsoft\IdentityCRL" /f > nul 2>&1 -for /f "usebackq delims=" %%a in (`reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" /s /f "%userSID%" ^| findstr /c:"%userSID%"`) do reg delete "%%a" /f > nul 2>&1 - -:: make it so the user isn't locked out -net accounts /lockoutthreshold:0 - -net user "%~1" /fullname:"" > nul -net user "%~1" "" > nul -wmic UserAccount where name='%~1' set Passwordexpires=true > nul -net user "%~1" /logonpasswordchg:yes > nul - -net accounts /lockoutthreshold:10 > nul diff --git a/src/playbook/Executables/FILEASSOC.cmd b/src/playbook/Executables/FILEASSOC.cmd index de4bcd0a3f..629e8a10a4 100644 --- a/src/playbook/Executables/FILEASSOC.cmd +++ b/src/playbook/Executables/FILEASSOC.cmd @@ -20,12 +20,12 @@ set braveAssociations="Proto:https:BraveHTML"^ ".pdf:BraveFile"^ ".shtml:BraveHTML" -set waterfoxAssociations="Proto:https:WaterfoxURL-6F940AC27A98DD61"^ - "Proto:http:WaterfoxURL-6F940AC27A98DD61"^ - ".htm:WaterfoxHTML-6F940AC27A98DD61"^ - ".html:WaterfoxHTML-6F940AC27A98DD61"^ - ".pdf:WaterfoxHTML-6F940AC27A98DD61"^ - ".shtml:WaterfoxHTML-6F940AC27A98DD61" +set firefoxAssociations="Proto:https:FirefoxURL-308046B0AF4A39CB"^ + "Proto:http:FirefoxURL-308046B0AF4A39CB"^ + ".htm:FirefoxHTML-308046B0AF4A39CB"^ + ".html:FirefoxHTML-308046B0AF4A39CB"^ + ".pdf:FirefoxPDF-308046B0AF4A39CB"^ + ".shtml:FirefoxHTML-308046B0AF4A39CB" set chromeAssociations="Proto:https:ChromeHTML"^ "Proto:http:ChromeHTML"^ @@ -37,7 +37,7 @@ set chromeAssociations="Proto:https:ChromeHTML"^ if "%~1" == "" set "associations=%baseAssociations%" if "%~1" == "Microsoft Edge" set "associations=%baseAssociations%" if "%~1" == "Brave" set "associations=%baseAssociations% %braveAssociations%" -if "%~1" == "WaterFox" set "associations=%baseAssociations% %waterfoxAssociations%" +if "%~1" == "Firefox" set "associations=%baseAssociations% %firefoxAssociations%" if "%~1" == "Google Chrome" set "associations=%baseAssociations% %chromeAssociations%" :: Set 7-Zip assocations @@ -48,7 +48,7 @@ for /f "usebackq tokens=2 delims=\" %%a in (`reg query HKU ^| findstr /r /x /c:" reg query "HKU\%%a" | findstr /c:"Volatile Environment" /c:"AME_UserHive_" > nul && ( echo Setting associations for "%%a"... call :7ZIPUSER "%%a" - powershell -NoP -EP Unrestricted -File ASSOC.ps1 "Placeholder" "%%a" %associations% + PowerShell -NoP -EP Bypass -File ASSOC.ps1 "Placeholder" "%%a" %associations% ) ) exit /b diff --git a/src/playbook/Executables/FINALIZE.cmd b/src/playbook/Executables/FINALIZE.cmd index a06f21fb4f..dc980e53b1 100644 --- a/src/playbook/Executables/FINALIZE.cmd +++ b/src/playbook/Executables/FINALIZE.cmd @@ -148,7 +148,7 @@ for %%a in ( :: Set RunOnce login script :: This is the script that will be ran on login for new users -reg add "HKU\AME_UserHive_Default\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v "RunScript" /t REG_SZ /d "powershell -EP Unrestricted -NoP & \"$env:windir\AtlasModules\Scripts\newUsers.ps1\"" /f +reg add "HKU\AME_UserHive_Default\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" /v "RunScript" /t REG_SZ /d "powershell -EP Bypass -NoP & \"$env:windir\AtlasModules\Scripts\newUsers.ps1\"" /f :: Remove Fax Recipient from the 'Send to' context menu as Fax feature is removed del /f /q "%APPDATA%\Microsoft\Windows\SendTo\Fax Recipient.lnk" > nul 2>&1 @@ -208,12 +208,10 @@ if "%diskDrive%" == "SSD" ( reg add "HKLM\SYSTEM\CurrentControlSet\Services\SysMain" /v "Start" /t REG_DWORD /d "4" /f > nul ) -:: Detect if user uses laptop device or personal computer -for /f "delims=:{}" %%a in ('wmic path Win32_SystemEnclosure get ChassisTypes ^| findstr [0-9]') do set "CHASSIS=%%a" -set "DEVICE_TYPE=PC" -for %%a in (8 9 10 11 12 13 14 18 21 30 31 32) do if "%CHASSIS%" == "%%a" (set "DEVICE_TYPE=LAPTOP") - -:: Disable laptop-related services on PC -if "%DEVICE_TYPE%" == "PC" ( - call %windir%\AtlasModules\Scripts\setSvc.cmd DisplayEnhancementService 4 -) \ No newline at end of file +:: Disable brightness slider service if it's not supported on the current display +powershell -nop -c "if ((Get-Computerinfo).CsPCSystemType -eq 'Desktop') { exit 532 }" +if errorlevel 532 set disableBright=true +powershell -nop -c "Get-WmiObject -Namespace root/WMI -Class WmiMonitorBrightnessMethods -EA 0; if (!$?) {exit 533}" +if errorlevel 533 set disableBright=true +if "%disableBright%"=="true" (set brightStartup=4) else (set brightStartup=2) +call %windir%\AtlasModules\Scripts\setSvc.cmd DisplayEnhancementService %brightStartup% \ No newline at end of file diff --git a/src/playbook/Executables/Layout.xml b/src/playbook/Executables/Layout.xml index 1fa8515795..b83cb2a8cb 100644 --- a/src/playbook/Executables/Layout.xml +++ b/src/playbook/Executables/Layout.xml @@ -1,12 +1,11 @@ - - - - - - \ No newline at end of file + + + + + + + + \ No newline at end of file diff --git a/src/playbook/Executables/ONED.cmd b/src/playbook/Executables/ONED.cmd index 42a66dc7d2..cfbd6239ce 100644 --- a/src/playbook/Executables/ONED.cmd +++ b/src/playbook/Executables/ONED.cmd @@ -1,12 +1,21 @@ @echo off -taskkill /f /im OneDrive*.exe > nul 2>&1 +for /f "usebackq delims=" %%a in (`dir /b /a:d "%SystemDrive%\Users"`) do ( + if exist "%SystemDrive%\Users\%%a\OneDrive" ( + dir "%SystemDrive%\Users\%%a\OneDrive" /b | findstr "." > nul 2>&1 && ( + echo Not stripping OneDrive as OneDrive files exist, exiting... + exit 6000 + ) + ) +) + +taskkill /f /im OneDrive.exe > nul 2>&1 for %%a in ( "%windir%\System32\OneDriveSetup.exe" "%windir%\SysWOW64\OneDriveSetup.exe" ) do ( if exist "%%a" ( - "%%a" /uninstall > nul 2>nul + "%%a" /uninstall > nul 2>&1 ) ) @@ -49,5 +58,9 @@ for /f "usebackq delims=" %%a in (`reg query "HKU\%~1\SOFTWARE\Microsoft\Windows reg delete "%%a" /f > nul 2>&1 ) +reg add "HKU\%~1\SOFTWARE\Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f > nul 2>&1 +reg add "HKU\%~1\SOFTWARE\Classes\WOW6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f > nul 2>&1 +reg delete "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /f > nul 2>&1 + reg delete "HKU\%~1\Environment" /v "OneDrive" /f > nul 2>&1 reg delete "HKU\%~1\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OneDriveSetup" /f > nul 2>&1 \ No newline at end of file diff --git a/src/playbook/Executables/SOFTWARE.ps1 b/src/playbook/Executables/SOFTWARE.ps1 index c9bb9c3e5f..2242cf3c5f 100644 --- a/src/playbook/Executables/SOFTWARE.ps1 +++ b/src/playbook/Executables/SOFTWARE.ps1 @@ -1,7 +1,13 @@ param ( [switch]$Chrome, [switch]$Brave, - [switch]$Waterfox + [switch]$Firefox, + [switch]$MPV, + [switch]$MPCHC, + [switch]$VLC, + [switch]$NotepadPlusPlus, + [switch]$VisualStudioCode, + [switch]$VSCodium ) # ----------------------------------------------------------------------------------------------------------- # @@ -38,11 +44,11 @@ if ($Brave) { exit } -# Waterfox -if ($Waterfox) { - Write-Host "Installing Waterfox..." - & curl.exe -LSs "https://cdn1.waterfox.net/waterfox/releases/latest/windows" -o "$tempDir\waterfox.exe" - Start-Process -FilePath "$tempDir\waterfox.exe" -WindowStyle Hidden -ArgumentList '/S /ALLUSERS=1' -Wait 2>&1 | Out-Null +# Firefox +if ($Firefox) { + Write-Host "Installing Firefox..." + & curl.exe -LSs "https://download.mozilla.org/?product=firefox-latest-ssl&os=win64&lang=en-US" -o "$tempDir\firefox.exe" + Start-Process -FilePath "$tempDir\firefox.exe" -WindowStyle Hidden -ArgumentList '/S /ALLUSERS=1' -Wait 2>&1 | Out-Null exit } @@ -54,13 +60,73 @@ if ($Chrome) { exit } +################# +## MEDIA ## +################# + +# mpv +# if ($mpv) { +# Write-Host "Installing mpv..." +# & curl.exe -LSs "https://dl.google.com/dl/chrome/install/googlechromestandaloneenterprise64.msi" -o "$tempDir\chrome.msi" +# Start-Process -FilePath "$tempDir\chrome.msi" -WindowStyle Hidden -ArgumentList '/qn' -Wait 2>&1 | Out-Null +# exit +#} + +# MPC-HC +if ($mpchc) { + Write-Host "Installing MPC-HC..." + $latestRelease = Invoke-RestMethod -Uri "https://api.github.com/repos/clsid2/mpc-hc/releases/latest" + $link = $latestRelease.assets | Where-Object { $_.browser_download_url -like "*x64.exe" } | Select-Object -ExpandProperty browser_download_url + & curl.exe -LSs "$link" -o "$tempDir\mpc-hc.exe" + Start-Process -FilePath "$tempDir\mpc-hc.exe" -WindowStyle Hidden -ArgumentList '/VERYSILENT /NORESTART' -Wait 2>&1 | Out-Null + exit +} + +# VLC +if ($vlc) { + Write-Host "Installing VLC..." + $baseUrl = "https://get.videolan.org/vlc/last/win64/" + $fileName = $((Invoke-WebRequest -Uri $baseUrl -UseBasicParsing).Links | Where-Object { $_.Href -like 'vlc*.exe' } | Select-Object -First 1 -ExpandProperty Href) + & curl.exe -LSs "$baseUrl$fileName" -o "$tempDir\vlc.exe" + Start-Process -FilePath "$tempDir\vlc.exe" -WindowStyle Hidden -ArgumentList '/S' -Wait 2>&1 | Out-Null + exit +} + +# Notepad++ +if ($npp) { + Write-Host "Installing Notepad++..." + $latestRelease = Invoke-RestMethod -Uri "https://api.github.com/repos/notepad-plus-plus/notepad-plus-plus/releases/latest" + $link = $latestRelease.assets | Where-Object { $_.browser_download_url -like "*x64.exe" } | Select-Object -ExpandProperty browser_download_url + & curl.exe -LSs "$link" -o "$tempDir\npp.exe" + Start-Process -FilePath "$tempDir\npp.exe" -WindowStyle Hidden -ArgumentList '/S' -Wait 2>&1 | Out-Null + exit +} + +# VSCode +if ($vscode) { + Write-Host "Installing VSCode..." + & curl.exe -LSs "https://code.visualstudio.com/sha/download?build=stable&os=win32-x64" -o "$tempDir\vscode.exe" + Start-Process -FilePath "$tempDir\vscode.exe" -WindowStyle Hidden -ArgumentList '/VERYSILENT /NORESTART /MERGETASKS=!runcode' -Wait 2>&1 | Out-Null + exit +} + +# VSCodium +if ($vscodium) { + Write-Host "Installing VSCodium..." + $latestRelease = Invoke-RestMethod -Uri "https://api.github.com/repos/VSCodium/vscodium/releases/latest" + $link = $latestRelease.assets | Where-Object { $_.browser_download_url -like "*VSCodiumSetup-x64*" -and $_.browser_download_url -like "*.exe" } | Select-Object -ExpandProperty browser_download_url + & curl.exe -LSs "$link" -o "$tempDir\vscodium.exe" + Start-Process -FilePath "$tempDir\vscodium.exe" -WindowStyle Hidden -ArgumentList '/VERYSILENT /NORESTART /MERGETASKS=!runcode' -Wait 2>&1 | Out-Null + exit +} + #################### ## Software ## #################### # Visual C++ Runtimes (referred to as vcredists for short) # https://learn.microsoft.com/en-US/cpp/windows/latest-supported-vc-redist -$legacyArgs1 = '/q' +$legacyArgs1 = '/Q' $legacyArgs2 = '/q /norestart' $modernArgs = "/install /quiet /norestart" diff --git a/src/playbook/Executables/Shortcuts/Firefox.lnk b/src/playbook/Executables/Shortcuts/Firefox.lnk new file mode 100644 index 0000000000..e6e9ebce28 Binary files /dev/null and b/src/playbook/Executables/Shortcuts/Firefox.lnk differ diff --git a/src/playbook/Executables/Shortcuts/Waterfox.lnk b/src/playbook/Executables/Shortcuts/Waterfox.lnk deleted file mode 100644 index e2d388ccbf..0000000000 Binary files a/src/playbook/Executables/Shortcuts/Waterfox.lnk and /dev/null differ diff --git a/src/playbook/Images/firefox.png b/src/playbook/Images/firefox.png new file mode 100644 index 0000000000..9321a12e0d Binary files /dev/null and b/src/playbook/Images/firefox.png differ diff --git a/src/playbook/Images/mpc-hc.png b/src/playbook/Images/mpc-hc.png new file mode 100644 index 0000000000..5e023ddab7 Binary files /dev/null and b/src/playbook/Images/mpc-hc.png differ diff --git a/src/playbook/Images/mpv.png b/src/playbook/Images/mpv.png new file mode 100644 index 0000000000..7de06d2f42 Binary files /dev/null and b/src/playbook/Images/mpv.png differ diff --git a/src/playbook/Images/npp.png b/src/playbook/Images/npp.png new file mode 100644 index 0000000000..c94cd118ce Binary files /dev/null and b/src/playbook/Images/npp.png differ diff --git a/src/playbook/Images/vlc.png b/src/playbook/Images/vlc.png new file mode 100644 index 0000000000..f768fec664 Binary files /dev/null and b/src/playbook/Images/vlc.png differ diff --git a/src/playbook/Images/vscode.png b/src/playbook/Images/vscode.png new file mode 100644 index 0000000000..37a084767a Binary files /dev/null and b/src/playbook/Images/vscode.png differ diff --git a/src/playbook/Images/vscodium.png b/src/playbook/Images/vscodium.png new file mode 100644 index 0000000000..237307ce2a Binary files /dev/null and b/src/playbook/Images/vscodium.png differ diff --git a/src/playbook/Images/waterfox.png b/src/playbook/Images/waterfox.png deleted file mode 100644 index aad4bead83..0000000000 Binary files a/src/playbook/Images/waterfox.png and /dev/null differ diff --git a/src/playbook/local-build.cmd b/src/playbook/local-build.cmd index 185b142282..967820672b 100644 --- a/src/playbook/local-build.cmd +++ b/src/playbook/local-build.cmd @@ -1,5 +1,5 @@ <# : batch portion -@echo off & powershell -nop Get-Content """%~f0""" -Raw ^| iex & exit /b +@echo off & PowerShell -NoP Get-Content """%~f0""" -Raw ^| iex & exit /b : end batch / begin PowerShell #> # Do not change anything here, this is simply for reference diff --git a/src/playbook/playbook.conf b/src/playbook/playbook.conf index e1ce45172d..e664f9ca91 100644 --- a/src/playbook/playbook.conf +++ b/src/playbook/playbook.conf @@ -88,9 +88,15 @@ - + + Firefox + browser-firefox + firefox + #4676ed + #acf5fe + Brave browser-brave @@ -98,13 +104,6 @@ #131524 #3b3e4f - - Waterfox - browser-waterfox - waterfox - #4676ed - #acf5fe - Chrome browser-chrome @@ -115,5 +114,59 @@ + + + + + mpv + player-mpv + mpv + #4676ed + #acf5fe + + + MPC-HC + player-mpchc + mpc-hc + #131524 + #3b3e4f + + + VLC + player-vlc + vlc + #e33b2e + #E38A84 + + + + + + + + + Notepad++ + editor-npp + npp + #4676ed + #acf5fe + + + Visual Studio Code + editor-vscode + VSCode + #131524 + #3b3e4f + + + VSCodium + editor-vscodium + VSCodium + #e33b2e + #E38A84 + + + +