User Tools

Site Tools


windows:10

Table of Contents

Information

  • Microsoft Windows 10
  • 2004
  • 1809 LTSC
  • 1607 LTSB

Notes

  • On a Ryzen 2700X system, 2004 performs consistently better on Geekbench than 1809/LTSC and 1607/LTSB
  • :!: Enabling Secure Boot prevents non-WHQL drivers from working 1)

Download

Updates

Slipstream

Information

YYYY-MM Update for Windows 10 Version 2004 for x64-based Systems (KB#######)

Prevent Driver Changes

Notes

  • To be done after a proper driver is manually installed
  • This ensures Windows Update nor anything else can replace installed drivers for specific devices unattended
  • Additional entries need to add a new number (the value after /v)
  • The device ID can be acquired from Device Manager and should be pasted as-is (no extra slashes)

Base Policies

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions" /v "DenyDeviceIDs" /t "REG_DWORD" /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions" /v "DenyDeviceIDsRetroactive" /t "REG_DWORD" /d "0" /f

Format

  • Do not copy/paste these as-is; only here for reference
  • Adjust to specific devices as-needed

Add Prevent Policy

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceIDs" /v "#" /t "REG_SZ" /d "PCI\VEN_XXXX&DEV_XXXX&SUBSYS_XXXXXXXX&REV_XX" /f

Remove Prevent Policy

reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeviceInstall\Restrictions\DenyDeviceIDs" /v "#" /f

Tweaks

Disable Clipboard History

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d "0" /f

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d "0" /f

Disable CPU Mitigations

reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v "FeatureSettingsOverride" /t "REG_DWORD" /d "3" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v "FeatureSettingsOverrideMask" /t "REG_DWORD" /d "3" /f

Disable Game DVR

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\GameDVR" /v "AllowgameDVR" /t "REG_DWORD" /d "0" /f

Disable Hibernation and Fast Start

powercfg /H off

Disable Last Access Time File Updates

fsutil behavior set disablelastaccess 1

Disable Online Speech Recognition

reg add "HKLM\SOFTWARE\Policies\Microsoft\InputPersonalization" /v "AllowInputPersonalization" /t REG_DWORD /d "0" /f

Disable Remote Desktop

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services" /v "fDenyTSConnections" /t REG_DWORD /d "1" /f

Disable Shared Experiences

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableCdp" /t REG_DWORD /d "0" /f

Disable SmartScreen

  • General
  • Windows Store Apps
  • Microsoft EDGE
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t "REG_SZ" /d "Off" /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t "REG_DWORD" /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t "REG_DWORD" /d "0" /f

Disable Startup Delay

reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Serialize" /v "StartupDelayInMSec" /t "REG_DWORD" /d "0" /f

Disable System Restore

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableSR " /t "REG_DWORD" /d "1" /f

Disable Telemetry Features

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t "REG_DWORD" /d "0" /f

Disable User Account Control

reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t "REG_DWORD" /d "0" /f

Disable Windows Defender

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t "REG_DWORD" /d "1" /f

Open Pictures With Windows Photo Viewer

reg add "HKCU\Software\Classes\.jpg" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.jpeg" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.gif" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.png" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.bmp" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.tiff" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f
reg add "HKCU\Software\Classes\.ico" /ve /t "REG_SZ" /d "PhotoViewer.FileAssoc.Tiff" /f

Remove Quick Access

reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v "HubMode" /t "REG_DWORD" /d "1" /f

Dism /online /Disable-Feature /FeatureName:"SearchEngine-Client-Package" /Remove

ScriptTiger Hosts File

  • Powershell Script *.ps1
[Net.ServicePointManager]::SecurityProtocol = "tls12, tls11, tls"
Invoke-WebRequest "https://scripttiger.github.io/alts/compressed/blacklist-fg.txt" -OutFile "C:\Windows\System32\drivers\etc\hosts"
ipconfig /flushdns

Show All Folders in File Explorer Pane

reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "NavPaneShowAllFolders" /t "REG_DWORD" /d "1" /f

NetFX3 From Install Media

  • Change D:\ to install media drive if necessary
Dism /online /enable-feature /featurename:"NetFX3" /All /Source:"D:\sources\sxs" /LimitAccess

1607

Disable HomeGroup

reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\HomeGroup" /v "DisableHomeGroup" /t "REG_DWORD" /d "1" /f

Remove Most Modern UI Apps

  • Powershell Script *.ps1
  • Tested fine on 2004/20H1
  • :!: Apparently this broke the start menu on 1809
Get-AppxPackage -allusers | Remove-AppxPackage

Remove OneDrive

taskkill /IM "OneDrive.exe" /F
%windir%\SysWOW64\OneDriveSetup.exe /uninstall
rmdir "%UserProfile%\OneDrive" "%ProgramData%\Microsoft OneDrive" "%LocalAppData%\Microsoft\OneDrive" "C:\OneDriveTemp" /S /Q
reg delete "HKCR\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /f
reg delete "HKCR\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /f

Maintenance

  • Last updated: 2020/10/02
:: .NET Framework 4
"%windir%\microsoft.net\Framework\v4.0.30319\ngen.exe" update /force /queue
"%windir%\microsoft.net\Framework64\v4.0.30319\ngen.exe" update /force /queue
"%windir%\microsoft.net\Framework\v4.0.30319\ngen.exe" executequeueditems
"%windir%\microsoft.net\Framework64\v4.0.30319\ngen.exe" executequeueditems

:: System File Check, Cleanup, and Repair
"%windir%\system32\Dism.exe" /online /Cleanup-Image /StartComponentCleanup /ResetBase /RestoreHealth
"%windir%\system32\sfc.exe" /scannow

:: Classic Disk Cleanup
"%windir%\system32\cleanmgr.exe" /sageset:65535
"%windir%\system32\cleanmgr.exe" /sagerun:65535

:: Defrag/Trim
"%windir%\system32\dfrgui.exe"

Auto Login

control userpasswords2

Add Hardware Wizard

%SYSTEMROOT%\System32\hdwwiz.exe

GodMode Folder

GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}

Settings

Lock screen Background

  • Hero
C:\Windows\Web\Wallpaper\Windows\img0.jpg

Verbose Shutdown

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v "VerboseStatus" /t REG_DWORD /d "1" /f

Remove Power Plans

  • For whatever reason, Windows likes to revert to High Performance (or another program switches it) instead of keeping a custom power plan
  • The solution to this is to simply remove all power plans that aren't the custom one…

Show Plans

powercfg /list

Ultimate Power Plan

powercfg -duplicatescheme e9a42b02-d5df-448d-aa00-03f14749eb61

Remove Plans

  • Replace x with the GUID of the plan listed with the above command
powercfg -delete x
powercfg -delete 381b4222-f694-41f0-9685-ff5bb260df2e

Hardware Utilities

CPU-Z

GPU-Z

HWMonitor

prime95

HWiNFO

poclmembench

Driver Store Explorer

DRAM Calculator for Ryzen

Display Driver Uninstaller (DDU)

AMD Ryzen Master

CrystalDiskInfo

MSI Kombustor

memtestCL

LatencyMon

OCCT

InSpectre

FurMark

Intel PDT

Programs

7-Zip-zstd

Android Tools

aria2

SETX /M path "%path%;C:\Program Files\aria2c"

BleachBit

Calculator

  • Only available on LTSB/LTSC
win32calc

DirectX End-User Runtimes

FileZilla

Firefox

Download

Settings

Default Profile

rd "%appdata%\Mozilla" /s /q
md "%appdata%\Mozilla\Firefox\Profiles\espionage724"
profiles.ini
notepad "%appdata%\Mozilla\Firefox\profiles.ini"
[General]
StartWithLastProfile=1

[Profile0]
Name=default
IsRelative=1
Path=Profiles/espionage724
Default=1

user.js

  • Last updated: 2020/07/14
  • :!: Remove VPN section if not using a VPN
notepad "%appdata%\Mozilla\Firefox\Profiles\espionage724\user.js"
/***********
 * General *
 ***********/

user_pref("extensions.screenshots.disabled", true);
user_pref("reader.parse-on-load.enabled", false);

user_pref("media.mediasource.experimental.enabled", true);
user_pref("media.mediasource.ignore_codecs", true);
user_pref("media.autoplay.enabled", false);
user_pref("media.av1.enabled", false);
user_pref("media.hardware-video-decoding.force-enabled", true);
user_pref("widget.wayland-dmabuf-vaapi.enabled", true);

user_pref("webgl.disabled", true);
user_pref("webgl.enable-webgl2", false);
user_pref("accessibility.force_disabled", 1);
user_pref("mousewheel.min_line_scroll_amount", 40);
user_pref("browser.tabs.drawInTitlebar", true);
user_pref("network.standard-url.escape-utf8", false);

/***********
 * Privacy *
 ***********/

user_pref("security.tls.version.min", 2);
user_pref("security.ssl.require_safe_negotiation", true);
user_pref("security.ssl.treat_unsafe_negotiation_as_broken", true);
user_pref("security.OCSP.require", true);
user_pref("security.cert_pinning.enforcement_level", 2);
user_pref("security.ssl3.rsa_des_ede3_sha", false);
user_pref("security.ssl.enable_false_start", false);

user_pref("geo.enabled", false);
user_pref("network.http.sendRefererHeader", false);
user_pref("privacy.donottrackheader.enabled", true);

user_pref("browser.safebrowsing.malware.enabled", false);
user_pref("browser.safebrowsing.phishing.enabled", false);
user_pref("browser.safebrowsing.downloads.enabled", false);

user_pref("network.security.esni.enabled", true);

user_pref("privacy.resistFingerprinting", true);
user_pref("privacy.trackingprotection.enabled", true);
user_pref("toolkit.telemetry.enabled", false);

/*******
 * U2F *
 *******/

user_pref("security.webauth.u2f", true);

/**********
 * Tweaks *
 **********/

user_pref("browser.cache.disk.enable", false);
user_pref("browser.cache.memory.enable", true);
user_pref("browser.cache.memory.enable", true);

/*******
 * VPN *
 *******/

user_pref("network.dns.disableIPv6", true);
user_pref("media.peerconnection.enabled", false);

/*******
 * END *
 *******/

Apply Settings

  • :!: Firefox must be started for the first time with the -p flag for the profile above to be used
"%ProgramFiles%\Mozilla Firefox\firefox.exe" -p default

Remove Features

rd "%ProgramFiles%\Mozilla Firefox\browser\features" /s /q

Extensions

  • Clean-up everything
  • Disable notifications

uBlock Origin

Settings
  • [x] Prevent WebRTC from leaking local IP addresses
Filter lists
  • [ ] Ads → EasyList 2)
  • [ ] Privacy → EasyPrivacy 3)
  • Multipurpose → [x] Dan Pollock's hosts file
  • Multipurpose → [x] hpHost's Ad and tracking servers
  • Multipurpose → [x] MVPS HOSTS
  • Custom → [x] Import
Custom 3rd-party filters
  • Last updated: 2018/11/23
  • Last verified: 2020/09/17
https://www.fanboy.co.nz/fanboy-problematic-sites.txt
https://www.fanboy.co.nz/r/fanboy-ultimate.txt
https://www.fanboy.co.nz/fanboy-antifacebook.txt
https://www.fanboy.co.nz/fanboy-antifonts.txt
https://www.fanboy.co.nz/fanboy-cookiemonster.txt
https://raw.githubusercontent.com/ryanbr/fanboy-adblock/master/popads-domains-list.txt
https://raw.githubusercontent.com/ryanbr/fanboy-adblock/master/fake-news.txt
My filters
Facebook
  • Last updated: 2020/09/13
!Facebook filters
!old Facebook; https://www.reddit.com/r/uBlockOrigin/comments/fnkwa4/facebook_ads/fla7alm/?sort=new
facebook.com##div[id^=hyperfeed_story_id_]:has(a[role^=button]:has(> span:matches-css(position: relative):has-text(S):not(:has-text(1)):not(:has-text(2)):not(:has-text(3)):not(:has-text(4)):not(:has-text(5)):not(:has-text(6)):not(:has-text(7)):not(:has-text(8)):not(:has-text(9)):not(:has-text(w))))

!Merged: new Facebook + "Suggested for you"
facebook.com##div[data-pagelet^="FeedUnit"]:has(a[role^=button]:has(> span > span:matches-css(position: relative):has-text(S))|div[role^=button]:has(> span > span:matches-css(position: relative):has-text(S))|div[role=button]:has(> span > b > b:matches-css(display: inline):has-text(S))|div[role="article"]:has(span:has-text(Suggested for you)))

!Remove timeline red number notification bubbles; https://www.reddit.com/r/uBlockOrigin/comments/ii7jrp/make_the_new_facebook_slightly_more_bearable_by/?sort=new
facebook.com##[aria-label*="Pages"] span span
facebook.com##[aria-label*="Groups"] span span
facebook.com##[aria-label*="Watch"] span span
facebook.com##[aria-label*="Gaming"] span span

!Remove Rooms
facebook.com##div[data-pagelet^="VideoChatHomeUnit"]

!Remove Stories
facebook.com##div[data-pagelet^="Stories"]

www.facebook.com##div[role="article"]:has([aria-label="Sponsored"])
facebook.com##div[data-pagelet^="FeedUnit"]:has([role^=button]:has(> span:has-text(S)):not(:has-text(1)):not(:has-text(2)):not(:has-text(3)):not(:has-text(4)):not(:has-text(5)):not(:has-text(6)):not(:has-text(7)):not(:has-text(8)):not(span:has-text(9)):not(span:has-text(w)))
facebook.com##div[data-pagelet^="FeedUnit"]:has(div:has-text(/^Suggested for You$/i))
facebook.com##div[data-pagelet^="FeedUnit"]:has(div:has-text(/^Events you may like$/i))
facebook.com##div[data-pagelet^="FeedUnit"]:has(div:has-text(/^Friend Requests$/i))
facebook.com##div[data-pagelet^="FeedUnit_"]:has(div:has-text(/^Suggested Groups$/i))

Testing Sites

GIMP

Google Chrome

iTunes

KeePassXC

Keybase

KMS-VL-ALL

LibreOffice

MarkC Mouse Acceleration Fix

mpv

Notepad++

OBS

Oculus

ADB

Disable SPUD

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Oculus" /v "UseSpud" /t REG_DWORD /d "0" /f

Backup/Restore

  • Let Oculus download its 5GB+ installer
  • While it is installing, backup the C:\OculusSetup-DownloadCache folder
  • If restoring, copy C:\OculusSetup-DownloadCache and start the Oculus installer
  • :!: If an updated Oculus client is available, it will download instead of restoring

OBS Mirror

--Size 1280 1280 --FovTanAngleMultiplier 1.3 1.3 --DisableTimewarp --SymmetricFov --RightEyeOnly --DisableFovStencil --IncludeSystemGui --IncludeNotifications

Rufus

Thunderbird

  • :!: There is a 64-bit version of Thunderbird for Windows

Transmission

http://john.bitsurge.net/public/biglist.p2p.gz

Visual C++ Redistributable Runtimes

Vulkan Runtime

WireGuard

  • :!: If kill switch is enabled, all local network resources can't be accessed

VPN.AC

Games

Battle.net App

Path of Exile

Steam

Origin

Diablo II

Glide Wrapper

Guild Wars 2

Drivers

Nightwane

Motherboard

Audio

Chipset

Graphics

USB

  • :!: Do not install any special driver for the AMD USB controller/hub as it seemingly breaks support for Oculus devices

Ethernet

1)
this is particularly bad with Intel RST; if it's signed by Intel, it won't allow booting; there is no warning of this when loading the RST driver during Windows set-up
2) , 3)
uncheck; included in Fanboy Ultimate List
windows/10.txt · Last modified: 2020/10/20 10:02 by Sean Rhone