Skip to content

Improve error handling and logging in common.vm and fix registry errors in debloat.vm #1482

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
emtuls wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Improve error handling and logging in common.vm and fix registry errors in debloat.vm #1482

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9871739
Refactor: Create function to handle start menu cleanup
emtuls Aug 1, 2025
f247720
Fix: Improve error handling and prevent script from halting
emtuls Aug 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion packages/common.vm/common.vm.nuspec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
<metadata>
<id>common.vm</id>
<version>0.0.0.20250509</version>
<version>0.0.0.20250801</version>
<description>Common libraries for VM-packages</description>
<authors>Mandiant</authors>
</metadata>
Expand Down
94 changes: 66 additions & 28 deletions packages/common.vm/tools/vm.common/vm.common.psm1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1281,17 +1281,17 @@ function VM-Set-Service-Manual-Start {
$service = Get-Service -Name $serviceName -ErrorAction SilentlyContinue
if ($service) {
if ($service.Status -eq "Running") {
Write-Output "INFO" "Stopping service $serviceName..."
VM-Write-Log "INFO" "Stopping service $serviceName..."
Stop-Service -Name $service.Name -Force -ErrorAction Stop
Write-Output "INFO" "Service $serviceName has been stopped."
VM-Write-Log "INFO" "Service $serviceName has been stopped."
}
Set-Service -Name $service.Name -StartupType Manual
Write-Output "INFO" "Service $serviceName has been set to manual startup."
VM-Write-Log "INFO" "Service $serviceName has been set to manual startup."
} else {
Write-Output "WARN" "Service $serviceName not found."
VM-Write-Log "WARN" "Service $serviceName not found."
}
} catch {
Write-Output "ERROR" "An error occurred: $_"
VM-Write-Log "ERROR" "An error occurred: $_"
}
}

Expand Down Expand Up @@ -1517,6 +1517,8 @@ function VM-Configure-PS-Logging {
# Main function for debloater and configuration changes
# Expects an XML file
function VM-Apply-Configurations {
# Main function for debloater and configuration changes
# Expects an XML file
param(
[Parameter(Position = 0)]
[string]$configFile
Expand All @@ -1526,73 +1528,109 @@ function VM-Apply-Configurations {
# Load and parse the XML config file
VM-Assert-Path $configFile
$config = [xml](Get-Content $configFile)
} catch {
VM-Write-Log "ERROR" "An error occurred while loading or parsing the config file. Error: $_"
return # Exit the function if the file cannot be loaded.
}

# Process the apps
if ($config.config.apps.app) {
$config.config.apps.app | ForEach-Object {
# Process the apps
if ($config.config.apps.app) {
VM-Write-Log "INFO" "Processing Appx Packages..."
$config.config.apps.app | ForEach-Object {
try {
$appName = $_.name
VM-Remove-Appx-Package -appName $appName
} catch {
VM-Write-Log "ERROR" "Failed to remove app '$appName'. Error: $($_.Exception.Message)"
}
}
}

# Process the services
if ($config.config.services.service) {
$config.config.services.service | ForEach-Object {
# Process the services
if ($config.config.services.service) {
VM-Write-Log "INFO" "Processing services..."
$config.config.services.service | ForEach-Object {
try {
$serviceName = $_.name
VM-Set-Service-Manual-Start -serviceName $serviceName
} catch {
VM-Write-Log "ERROR" "Failed to set service '$serviceName' to manual start. Error: $($_.Exception.Message)"
}
}
}

# Process the tasks
if ($config.config.tasks.task) {
$config.config.tasks.task | ForEach-Object {
# Process the tasks
if ($config.config.tasks.task) {
VM-Write-Log "INFO" "Processing scheduled tasks..."
$config.config.tasks.task | ForEach-Object {
try {
$descName = $_.name
$taskName = $_.value
VM-Disable-Scheduled-Task -name $descName -value $taskName
} catch {
VM-Write-Log "ERROR" "Failed to disable task '$taskName'. Error: $($_.Exception.Message)"
}
}
}

# Process the registry items
if ($config.config."registry-items"."registry-item") {
$config.config."registry-items"."registry-item" | ForEach-Object {
# Process the registry items
if ($config.config."registry-items"."registry-item") {
VM-Write-Log "INFO" "Processing registry items..."
$config.config."registry-items"."registry-item" | ForEach-Object {
try {
Copy link
Member

@Ana06 Ana06 Aug 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't like the try-catch duplication, as we have a try-catch already inside the function, that can cause the Failed to update registry item error message to be duplicated. The try-catch inside the called function does not apply if the arguments for the function are wrong (as it happened with the provided type argument). Should we remove the try-catch inside the function and leave it here?

Also, I think VM-Update-Registry-Value continues to fail in Windows 11 here is because Set-ItemProperty does not have a Type argument.The extra argument was ignored in Windows 10, but causes an error in Windows 11.

Set-ItemProperty -Path $path -Name $value -Value $validatedData -Type $type -Force | Out-Null

$name = $_.name
$path = $_.path
$value = $_.value
$type = $_.type
$data = $_.data
VM-Update-Registry-Value -name $name -path $path -value $value -type $type -data $data
} catch {
VM-Write-Log "ERROR" "Failed to update registry item '$name'. Error: $($_.Exception.Message)"
}
}
}

# Process the path items
if ($config.config."path-items"."path-item") {
$config.config."path-items"."path-item" | ForEach-Object {
# Process the path items
if ($config.config."path-items"."path-item") {
VM-Write-Log "INFO" "Processing path items..."
$config.config."path-items"."path-item" | ForEach-Object {
try {
$name = $_.name
$type = $_.type
$path = $_.path
VM-Remove-Path -name $name -type $type -path $path
} catch {
VM-Write-Log "ERROR" "Failed to remove path item '$name'. Error: $($_.Exception.Message)"
}
}
}

# Process the locales
if ($config.config."locales"."locale") {
$config.config."locales"."locale" | ForEach-Object {
# Process the locales
if ($config.config."locales"."locale") {
VM-Write-Log "INFO" "Processing locales..."
$config.config."locales"."locale" | ForEach-Object {
try {
$name = $_.name
$lang = $_.lang
VM-Install-Locale -name $name -lang $lang
} catch {
VM-Write-Log "ERROR" "Failed to install locale '$name'. Error: $($_.Exception.Message)"
}
}
}

# Process the custom items
if ($config.config."custom-items"."custom-item") {
$config.config."custom-items"."custom-item" | ForEach-Object {
# Process the custom items
if ($config.config."custom-items"."custom-item") {
VM-Write-Log "INFO" "Processing custom commands..."
$config.config."custom-items"."custom-item" | ForEach-Object {
try {
$name = $_.name
$cmds = @($_.cmd | ForEach-Object { $_.value })
VM-Execute-Custom-Command -name $name -cmds $cmds
} catch {
VM-Write-Log "ERROR" "Failed to execute custom commands for '$name'. Error: $($_.Exception.Message)"
}
}
} catch {
VM-Write-Log "ERROR" "An error occurred while applying config. Error: $_"
}
}

Expand Down
4 changes: 2 additions & 2 deletions packages/debloat.vm/debloat.vm.nuspec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@
<package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
<metadata>
<id>debloat.vm</id>
<version>0.0.0.20250731</version>
<version>0.0.0.20250801</version>
<description>Debloat and performance configurations for Windows OS</description>
<authors>Mandiant</authors>
<dependencies>
<dependency id="common.vm" version="0.0.0.20250407" />
<dependency id="common.vm" version="0.0.0.20250801" />
</dependencies>
</metadata>
</package>
46 changes: 35 additions & 11 deletions packages/debloat.vm/tools/chocolateyinstall.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,33 @@ function Fix-AppxPackageDeployment {
}
}

function Clean-Win11StartMenu {
<#
.SYNOPSIS
Cleans up the start menu by copying a predefined binary file.

.DESCRIPTION
This function handles the logic for cleaning up the Windows 11 start menu
by replacing the default configuration files. It uses a predefined
'start2.bin' file to ensure a consistent, clean start menu layout.
This is a shared function called by both 'Win11' and 'Win11ARM' sections
to avoid code duplication.
#>
[CmdletBinding()]
param(
[Parameter(Mandatory = $true)]
[string]$PackageStartDir
)

VM-Write-Log "INFO" "Cleaning up start menu in Windows 11."

# Cleanest solution possible given lack of relative path and infinite paths for user download location
Copy-Item -Path (Join-Path $PackageStartDir "start2.bin") -Destination (Join-Path ${Env:UserProfile} "Appdata\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState\")

# Cover case in older win11 versions where the config file is still start.bin
Copy-Item -Path (Join-Path $PackageStartDir "start2.bin") -Destination (Join-Path ${Env:UserProfile} "Appdata\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState\start.bin")
}

try {
# Determine OS Version
$osVersion = VM-Get-WindowsVersion
Expand All @@ -62,24 +89,21 @@ try {
$packageStartDir = Join-Path $packageToolsDir "start" -Resolve

switch ($osVersion) {
"Win10" { $config = Join-Path $packageToolsDir "win10.xml" }
"Win10" {
$config = Join-Path $packageToolsDir "win10.xml"
}
"Win11" {
$config = Join-Path $packageToolsDir "win11.xml"
VM-Write-Log "INFO" "Cleaning up start menu in Windows 11."
# Clean up start menu. Cleanest solution possible given lack
# of relative path and inifinite paths for user download location
Copy-Item -Path (Join-Path $packageStartDir "start2.bin") -Destination (Join-Path ${Env:UserProfile} "Appdata\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState\")
# cover case in older win11 versions where the config file is still start.bin
Copy-Item -Path (Join-Path $packageStartDir "start2.bin") -Destination (Join-Path ${Env:UserProfile} "Appdata\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState\start.bin")
# Call the new function to clean the start menu
Clean-Win11StartMenu -PackageStartDir $packageStartDir

# Call the function to apply the AppxPackage fix for Windows 11
Fix-AppxPackageDeployment
}
"Win11ARM" {
$config = Join-Path $packageToolsDir "win11arm.xml"
VM-Write-Log "INFO" "Cleaning up start menu in Windows 11."
Copy-Item -Path (Join-Path $packageStartDir "start2.bin") -Destination (Join-Path ${Env:UserProfile} "Appdata\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState\")
Copy-Item -Path (Join-Path $packageStartDir "start2.bin") -Destination (Join-Path ${Env:UserProfile} "Appdata\Local\Packages\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\LocalState\start.bin")
# Call the new function to clean the start menu
Clean-Win11StartMenu -PackageStartDir $packageStartDir
}
default {
VM-Write-Log "WARN" "Debloater unable to determine Windows version, defaulting to Windows 10."
Expand All @@ -92,4 +116,4 @@ try {
}
catch {
VM-Write-Log-Exception $_
}
}
Loading