Pages

Monday, April 8, 2013

Reversing VMware View Optimization Guide for Windows 7 Configuration

I was recently asked by a colleague whether I had prewritten scripts to reverse the configuration changes that the VMware View Optimization Guide for Windows 7 performed on a master image and while I didn’t have exactly what he asked for, I did have scripts to reverse a subset of those settings.  The reason why my scripts only reverse a subset of those settings is because I don’t use all of the optimizations provided by VMware and the reasons can be found in one of my previous posts here:

Suggested changes to VMware View Optimization Guide for Windows 7
http://terenceluk.blogspot.com/2013/03/suggested-changes-to-vmware-view.html

With that being said, the changes I make to the VMware provided optimization scripts isn’t too far off so if I thought I’d provide my script here which could serve as a starting point to reverse all the changes made by the original scripts:

rem Setting Default HKCU values by loading and modifying the default user registry hive

reg load "hku\temp" "%USERPROFILE%\..\Default User\NTUSER.DAT"

reg DELETE "hku\temp\Software\Policies\Microsoft\Windows\Control Panel\Desktop" /v SCRNSAVE.EXE /f

reg DELETE "hku\temp\Software\Policies\Microsoft\Windows\Control Panel\Desktop" /v ScreenSaveTimeOut /f

reg DELETE "hku\temp\Software\Policies\Microsoft\Windows\Control Panel\Desktop" /v ScreenSaverIsSecure /f

reg DELETE "hku\temp\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache" /v Persistent /f

reg DELETE "hku\temp\Software\Microsoft\Feeds" /v SyncStatus /f

reg DELETE "hku\temp\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v HideSCAHealth /f

reg unload "hku\temp"

rem Making modifications to the HKLM hive

reg DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Main" /v DisableFirstRunCustomize /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v EnableSuperfetch /t REG_DWORD /d 3 /f

reg ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /t REG_DWORD /d 0x0 /f

reg DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore" /v DisableSR /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Disk" /v TimeOutValue /t REG_DWORD /d 60 /f

reg DELETE "HKEY_LOCAL_MACHINE\SOFTWARE\Image" /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application" /v MaxSize /t REG_DWORD /d 0x6e00000 /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application" /v Retention /t REG_DWORD /d 0x0 /f

reg DELETE "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Network\NewNetworkWindowOff" /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\System" /v MaxSize /t REG_DWORD /d 0x6e00000 /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\System" /v Retention /t REG_DWORD /d 0x0 /f 

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Security" /v MaxSize /t REG_DWORD /d 0x6e00000 /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Security" /v Retention /t REG_DWORD /d 0x0 /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl" /v CrashDumpEnabled /t REG_DWORD /d 0x2 /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0x1 /f

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0x0 /f

reg ADD "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\policies\system" /v EnableLUA /t REG_DWORD /d 0x1 /f

reg DELETE "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Sideshow" /f

rem Using Powershell to perform Windows Services modifications

Powershell Set-Service 'BDESVC' -startuptype "manual"

Powershell Set-Service 'wbengine' -startuptype "manual"

Powershell Set-Service 'DPS' -startuptype "automatic"

Powershell Set-Service 'UxSms' -startuptype "automatic"

Powershell Set-Service 'Defragsvc' -startuptype "manual"

Powershell Set-Service 'HomeGroupListener' -startuptype "manual"

Powershell Set-Service 'HomeGroupProvider' -startuptype "manual"

Powershell Set-Service 'iphlpsvc' -startuptype "automatic"

Powershell Set-Service 'MSiSCSI' -startuptype "manual"

Powershell Set-Service 'swprv' -startuptype "manual"

Powershell Set-Service 'CscService' -startuptype "automatic"

Powershell Set-Service 'SstpSvc' -startuptype "manual"

rem Powershell Set-Service 'wscsvc' -startuptype "disabled" <-- no Delayed Start

reg ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\wscsvc" /v Start /t REG_DWORD /d 0x2 /f

net stop wscsvc

Powershell Set-Service 'SSDPSRV' -startuptype "manual"

Powershell Set-Service 'SysMain' -startuptype "automatic"

Powershell Set-Service 'TabletInputService' -startuptype "manual"

Powershell Set-Service 'upnphost' -startuptype "manual"

Powershell Set-Service 'SDRSVC' -startuptype "manual"

Powershell Set-Service 'WerSvc' -startuptype "manual"

Powershell Set-Service 'MpsSvc' -startuptype "automatic"

Powershell Set-Service 'ehRecvr' -startuptype "manual"

Powershell Set-Service 'ehSched' -startuptype "manual"

Powershell Set-Service 'Wlansvc' -startuptype "manual"

Powershell Set-Service 'WwanSvc' -startuptype "manual"

rem Making miscellaneous modifications

Powershell enable-computerrestore -drive c:\

net start MpsSvc

netsh advfirewall set allprofiles state on

powercfg -H ON

net start "sysmain"

fsutil behavior set DisableLastAccess 0

rem Making modifications to Scheduled Tasks

schtasks /change /TN "\Microsoft\Windows\Defrag\ScheduledDefrag" /Enable

schtasks /change /TN "\Microsoft\Windows\SystemRestore\SR" /Enable

schtasks /change /TN "\Microsoft\Windows\Registry\RegIdleBackup" /Enable 

schtasks /change /TN "\Microsoft\Windows Defender\MPIdleTask" /Enable

schtasks /change /TN "\Microsoft\Windows Defender\MP Scheduled Scan" /Enable 

schtasks /change /TN "\Microsoft\Windows\Maintenance\WinSAT" /Enable 

No comments: