search

TairikuOokami / Windows

Windows
309 stars 50 forks source link

"Windows Cleanup.bat" - Some possible additions from abbodi1406's "specialize.cmd" #13

Closed espanafly closed 2 weeks ago

espanafly commented 2 weeks ago 
rem Additions from "specialize.cmd" inside "22000.zip" posted by abbodi1406 on thread https://forums.mydigitallife.net/threads/which-windows-10-services-you-guys-disable.75202/page-6#post-1742386

reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "DisableWerReporting" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "PreserveFileCompressionState" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "NTFSCompressPayload" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "LCUReoffer" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "ReofferUpdate" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "CompressBackups" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "CompressMutables" /t REG_DWORD /d "0" /f
TairikuOokami commented 2 weeks ago

Thanks

super-lurker commented 2 weeks ago

found some explanations on some of these tweaks

::do not NTFS compress drivers and staged components
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "CompressBackups" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "CompressMutables" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "NTFSCompressPayload" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "PreserveFileCompressionState" /t REG_DWORD /d "00000001" /f

::LCU - Last Cummulative Update
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "LCUReoffer" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "ReofferUpdate" /t REG_DWORD /d "0" /f

::get rid of C:\Windows\WinSxS\Backup folder
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "SupersededActions" /t REG_DWORD /d "00000003" /f
::get rid of C:\Windows\WinSxS\ManifestCache\ files
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "DisableComponentBackups" /t REG_DWORD /d "00000001" /f
::get rid of C:\Windows\WinSxS\ManifestCache\ files
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "TransientManifestCache" /t REG_DWORD /d "00000001" /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "DisableManifestCache" /t REG_DWORD /d "00000001" /f

source: https://forums.mydigitallife.net/threads/discussion-windows-10-final-build-19041-19045-pc-20h1-22h2-vb_release.80763/page-74

espanafly commented 2 weeks ago

based on @super-lurker MDL link

== Note differences with settings used in Mar 11, 2023 "Windows Cleanup.bat" == "allow or prevent /ResetBase" (abbodi1406 sets it to "0") reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "DisableResetbase" /t REG_DWORD /d "1" /f "control superseded components, 1 = remove, 3 = delta compress" (abbodi1406 sets it to "1") reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "SupersededActions" /t REG_DWORD /d "3" /f

rem .... applying tweaks to the SideBySide configuration ....
rem https://forums.mydigitallife.net/threads/discussion-windows-10-final-build-19041-19045-pc-20h1-22h2-vb_release.80763/page-74#post-1588384
rem NTFS compress C:\Windows\Logs\CBS\ files
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "CBSLogCompress" /t REG_DWORD /d "1" /f
rem disable updating C:\Windows\WinSxS\Backup folder; on v1809 and later, the folder is removed with StartComponentCleanup
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "DisableComponentBackups" /t REG_DWORD /d "1" /f
rem allow or prevent /ResetBase 
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "DisableResetbase" /t REG_DWORD /d "0" /f
rem limit or disable CBSPersist_*.log
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "NumCBSPersistLogs" /t REG_DWORD /d "0" /f
rem control superseded components, 1 = remove, 3 = delta compress
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "SupersededActions" /t REG_DWORD /d "1" /f
rem old one from Win7, not sure if it still have effect
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "DisableWerReporting" /t REG_DWORD /d "1" /f
rem LCU - Last Cummulative Update
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "LCUReoffer" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "ReofferUpdate" /t REG_DWORD /d "0" /f
rem do not NTFS compress drivers and staged components
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "CompressBackups" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "CompressMutables" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "NTFSCompressPayload" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "PreserveFileCompressionState" /t REG_DWORD /d "1" /f
rem get rid of C:\Windows\WinSxS\ManifestCache\ files
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "TransientManifestCache" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "DisableManifestCache" /t REG_DWORD /d "1" /f
rem inbox value since v1803 or v1809, no idea what it do
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "CreateNewWindowsVersion" /t REG_DWORD /d "1" /f
rem control LDR and staged components, 1 = delta compress
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "LatentActions" /t REG_DWORD /d "1" /f
rem control disabled features components, 1 = delta compress
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\SideBySide\Configuration" /v "OptionalFeatureActions" /t REG_DWORD /d "1" /f
TairikuOokami commented 2 weeks ago

Yes, I started to disable resetbase after it started to break updates, but it is supposedly fixed now.

espanafly commented 2 weeks ago

I see you just changed the command to include "ResetBase" DISM /Online /Cleanup-Image /StartComponentCleanup /ResetBase Fingers crossed it works!

Ibamezz commented 2 weeks ago

Doesn't disabling especially the firewall breaks, WSUS, MS Sore, Start Menu an UWP apps, i tested something similar to this some years ago, to stop both Defender Antivirus and Defender Firewall (mpssvc, WDFilterDriver), and after like some days MS Store and Start Menu stopped working completly, and then UWP apps like calculator also stopped. And it wa because firewall (mpssvc and filterdriver) was stopped. I ma just asking if this method of stopping tamper, firewall and i assume these services that i mentioned doesn't break updates and UWP (Start Menu and Store, Apps) that was the case when i tested doing it. Thanks in advance And thanks for sharing this.

super-lurker commented 2 weeks ago

Doesn't disabling especially the firewall breaks, WSUS, MS Sore, Start Menu an UWP apps, i tested something similar to this some years ago, to stop both Defender Antivirus and Defender Firewall (mpssvc, WDFilterDriver), and after like some days MS Store and Start Menu stopped working completly, and then UWP apps like calculator also stopped. And it wa because firewall (mpssvc and filterdriver) was stopped. I ma just asking if this method of stopping tamper, firewall and i assume these services that i mentioned doesn't break updates and UWP (Start Menu and Store, Apps) that was the case when i tested doing it. Thanks in advance And thanks for sharing this.

windows 10 IOT 2021 LTSC, have mpssvc disabled, but calc, ms store and starmenu still works. i cant find WDFilterDriver in the service list.

TairikuOokami commented 2 weeks ago

Doesn't disabling especially the firewall breaks, WSUS, MS Sore, Start Menu an UWP apps, i tested something similar to this some years ago, to stop both Defender Antivirus and Defender Firewall (mpssvc, WDFilterDriver), and after like some days MS Store and Start Menu stopped working completly, and then UWP apps like calculator also stopped. And it wa because firewall (mpssvc and filterdriver) was stopped. I ma just asking if this method of stopping tamper, firewall and i assume these services that i mentioned doesn't break updates and UWP (Start Menu and Store, Apps) that was the case when i tested doing it.

I do not disable mpssvc, just Defender AV. I use MSA, onedrive, store apps and WFC. But I remove Start and Search, since they are no use to me and they are annoying.

capture_10132024_133101

Sedstromen commented 2 weeks ago

Tamper protection is baked into wdfilter.sys (kernel mode minidriver) I send an link if that is allowed, on how to disable tamper if that also i wanted. https://www.alteredsecurity.com/post/disabling-tamper-protection-and-other-defender-mde-componentelse I have only disabled what i have could via gpo, and used the tiny little program disabledefender 2.1, it persist during restsrts. And for what i know amtimaleware executable is not runnimg. But i can have wrong, as the article describes, it's almost impossible do disable MS Antivirus and Tamper. Thanks for your answers