windows:10
Table of Contents
Information
- Microsoft Windows 10 IoT Enterprise LTSC
- Version 21H2 (OS Build 19044.5859)
Resources
- http://redeem.microsoft.com/ (TODO: Put somewhere else)
TODOs
- All game save start shortcuts to batch files instead of through
cmd
Updates
KB5014032 2022-05 SSU is required before the latest CU
Shortcuts
Desktop
Maintenance
"notepad.exe" "%UserProfile%\Desktop\Maintenance.bat"
:: .NET Framework 4 "%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\ngen.exe" update /force /queue "%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" update /force /queue "%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\ngen.exe" executequeueditems "%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\ngen.exe" executequeueditems :: System File Check, Cleanup, and Repair "%SystemRoot%\System32\Dism.exe" /online /Cleanup-Image /StartComponentCleanup /ResetBase /RestoreHealth "%SystemRoot%\System32\sfc.exe" /scannow :: Classic Disk Cleanup "%SystemRoot%\System32\cleanmgr.exe" /sageset:65535 "%SystemRoot%\System32\cleanmgr.exe" /sagerun:65535 :: Volume Shadow Copy "%SystemRoot%\System32\vssadmin.exe" Delete Shadows /All PAUSE :: Defrag/Trim "%SystemRoot%\System32\Defrag.exe" /AllVolumes /Defrag /TierOptimize /SlabConsolidate /Retrim /Optimize /PrintProgress /Verbose /NormalPriority PAUSE :: End
Downloads
Reset Icon Cache
"notepad.exe" "%UserProfile%\Downloads\Reset Icon Cache.bat"
TASKKILL /F /IM "explorer.exe" TIMEOUT /NOBREAK /T "2" DEL /F /Q "%LocalAppData%\Microsoft\Windows\Explorer\"*".db" DEL /F /Q "%UserProfile%\AppData\Local\IconCache.db" TIMEOUT /NOBREAK /T "2" START explorer.exe :: End
"%UserProfile%\Downloads\Reset Icon Cache.bat"
Edge Vsync Test
"%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge_proxy.exe" --kiosk --edge-kiosk-type="public-browsing" --new-window --window-size="1240,860" --app="https://www.vsynctester.com/"
Edge Vsync Test
Start Menu
RDP
"notepad.exe" "%UserProfile%\Documents\Alira (LAN).rdp"
full address:s:192.168.1.152 redirectprinters:i:0 redirectcomports:i:0 redirectsmartcards:i:0 redirectwebauthn:i:0 redirectclipboard:i:1 redirectposdevices:i:0
Start Menu
"explorer.exe" "%AppData%\Microsoft\Windows\Start Menu\Programs\Accessories"
"%UserProfile%\Documents\Alira (LAN).rdp"
Alira
Settings
Explorer
Separate Processes
REG ADD "HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "SeparateProcess" /t REG_DWORD /d "1" /f
Microsoft Edge
Power
Disable Hibernation and Fast Start
"powercfg.exe" /HIBERNATE "OFF"
Enable Ultimate Performance Power Plan
"powercfg.exe" /DUPLICATESCHEME "e9a42b02-d5df-448d-aa00-03f14749eb61"
Disable CPU Idle States
- Results in notably higher idle temps
- Task Manager shows 100% core usage all the time
"powercfg.exe" /SETACVALUEINDEX "SCHEME_CURRENT" "SUB_PROCESSOR" "IdleDisable" "1" & "powercfg.exe" /SETACTIVE "SCHEME_CURRENT"
Undo
"powercfg.exe" /SETACVALUEINDEX "SCHEME_CURRENT" "SUB_PROCESSOR" "IdleDisable" "0" & "powercfg.exe" /SETACTIVE "SCHEME_CURRENT"
More Settings
"powercfg.exe" /Qh
Disable Clipboard History
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d "0" /f
Disable Cortana and Web Search
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d "0" /f
Disable Game DVR
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\GameDVR" /v "AllowgameDVR" /t "REG_DWORD" /d "0" /f
Disable Last Access Time File Updates
fsutil behavior set disablelastaccess 1
Disable Online Speech Recognition
reg add "HKLM\SOFTWARE\Policies\Microsoft\InputPersonalization" /v "AllowInputPersonalization" /t REG_DWORD /d "0" /f
Open Pictures With Windows Photo Viewer
reg add "HKCU\Software\Classes\.jpg" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.jpeg" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.gif" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.png" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.bmp" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.tiff" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.ico" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
Disable Remote Desktop
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fDenyTSConnections" /t REG_DWORD /d "1" /f
Disable Shared Experiences
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableCdp" /t REG_DWORD /d "0" /f
Disable System Restore
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableSR " /t "REG_DWORD" /d "1" /f
Disable Telemetry Features
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t "REG_DWORD" /d "0" /f
Disable User Account Control
REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t "REG_DWORD" /d "0" /f
Enable FIPS Mode
REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy" /v "Enabled" /t "REG_DWORD" /d "1" /f
"powershell.exe" -Command "$md5 = New-Object -TypeName 'System.Security.Cryptography.MD5CryptoServiceProvider'"
Disable
REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy" /v "Enabled" /t "REG_DWORD" /d "0" /f
Remove Quick Access
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v "HubMode" /t "REG_DWORD" /d "1" /f
Remove Windows Search
"sc.exe" stop "WSearch" & "sc.exe" config "WSearch" "start=disabled"
"DISM.exe" /Online /Disable-Feature /FeatureName:"SearchEngine-Client-Package" /Remove
Show All Folders in File Explorer Pane
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "NavPaneShowAllFolders" /t "REG_DWORD" /d "1" /f
Verbose Shutdown
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "VerboseStatus" /t REG_DWORD /d "1" /f
Other
Microsoft Store
"WSReset.exe" -i
"WSReset.exe" -i TIMEOUT /T "20" /NOBREAK "WSReset.exe" -i EXIT /B :: End
WinSAT
"WinSAT.exe" forgethistory
"WinSAT.exe" "formal" -restart "clean"
"WinSAT.exe" query
NetFX3 From Install Media
- Change
D:\to install media drive if necessary
Dism /online /enable-feature /featurename:"NetFX3" /All /Source:"D:\sources\sxs" /LimitAccess
Prevent Driver Changes
Notes
- To be done after a proper driver is manually installed
- This ensures Windows Update nor anything else can replace installed drivers for specific devices unattended
- Additional entries need to add a new number (the value after
/v) - The device ID can be acquired from Device Manager and should be pasted as-is (no extra slashes)
Base Policies
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions" /v "DenyDeviceIDs" /t "REG_DWORD" /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions" /v "DenyDeviceIDsRetroactive" /t "REG_DWORD" /d "0" /f
Format
- Do not copy/paste these as-is; only here for reference
- Adjust to specific devices as-needed
Add Prevent Policy
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceIDs" /v "#" /t "REG_SZ" /d "PCI\VEN_XXXX&DEV_XXXX&SUBSYS_XXXXXXXX&REV_XX" /f
Remove Prevent Policy
reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceIDs" /v "#" /f
Services
- TODO: Separate page, individual batches
"sc.exe" stop "DPS" & "sc.exe" config "DPS" "start=disabled"
"sc.exe" stop "SysMain" & "sc.exe" config "SysMain" "start=disabled"
Spinesnap
"sc.exe" stop "esifsvc" & "sc.exe" config "esifsvc" "start=disabled"
"sc.exe" stop "ApHidMonitorService" & "sc.exe" config "ApHidMonitorService" "start=disabled"
"sc.exe" stop "RstMwService" & "sc.exe" config "RstMwService" "start=disabled"
Programs
7-Zip
Android Tools
aria2
Brain Workshop
Calculator
- Only available on LTSB/LTSC
win32calc
DirectX End-User Runtime
Firefox
Thunderbird
- Last tested:
Thunderbird Setup 128.10.0esr.msi
GIMP
KeePassXC
LibreOffice
[ ]Use Skia[ ]Use a Java runtime
MuPDF
- https://mupdf.com/releases/index.html (Ctrl + F →
Win) - Last tested:
mupdf-1.25.2-windows.zip
Notepad++
- Last tested:
npp.8.7.9.Installer.x64.exe
OBS
qBittorrent
VC++ Redist
"%UserProfile%\Downloads\VisualCppRedist_AIO_x86_x64.exe" /ai
"%UserProfile%\Downloads\VisualCppRedist_AIO_x86_x64.exe" /aiR
foobar2000
VLC media player
Vulkan Runtime
Games
Battle.net App
Steam
Shortcut
- Disable: Settings → Interface → Enable GPU accelerated rendering in web views
"%ProgramFiles(x86)%\Steam\steam.exe" -silent -nocrashmonitor -cef-single-process -cef-disable-breakpad
Steam (min)
Drivers
- See Drivers for more URLs
Boulderback
Chipset
Graphics
Spinesnap
- Last tested:
Latitude_5X91_Precision_3530_1.38.0.exe
Keyboard
- EPOMAKER x LEOBOG Hi75
Mouse
- ATTACK SHARK R6
"%ProgramFiles(x86)%\Microsoft\Edge\Application\msedge_proxy.exe" --app="https://cn.attackshark.pro/WebDriven/index.html#/project/items"
SATA/RST
Last tested version: 17.11.3.1010
Ethernet
- I219-LM Gigabit
- Intel Corporation Ethernet Connection (7) I219-LM (rev 10) 1)
- Last tested:
Wired_driver_30.0.1_x64.zip
Wireless
- Wireless-AC 9560
- Intel Corporation Cannon Lake PCH CNVi WiFi (rev 10)
- Intel Download Center (IT Administrators
) - Last tested:
WiFi-23.110.0-Driver64-Win10-Win11.zip
Bluetooth
- Last tested:
BT-23.100.1-64UWD-Win10-Win11.zip
Graphics
- Intel UHD Graphics 630
- Intel Corporation CoffeeLake-H GT2 [UHD Graphics 630]
- Last tested:
gfx_win_101.2135.exe
1)
rev 10 drivers, not rev 18+
C:/www/wiki/data/pages/windows/10.txt · Last modified: by Sean Rhone