Windows VMs Clean-up to Create OMIs

This topic lists the elements of a Windows virtual machine (VM) you can clean up before creating an OMI, especially if you mean to share it with other users or to make it public.

An OMI created from a VM or a snapshot has the same characteristics as this VM or the VM the snapshot is created from. Moreover, a VM can contain sensitive information that you do not want to share.

We therefore strongly recommend cleaning up these elements from your VM, or the VM the snapshot is created from, before creating the OMI.

Overview

Creating multiple VMs from an OMI that has not been cleaned up beforehand will make those VMs unstable in a Windows environment as they will share the same UUID that is supposed to be unique.

You need to clean up your VM before executing the OMI Creating Launcher script or a sysprep.

The sections below list the elements you can clean up before creating an OMI:

Accounts Configuration

Guest Account

Disable the guest account by going to Computer Management > System Tools > Local Users and Group > Users and clicking Disable guest.

Profile Usage Information

In a PowerShell prompt, delete previous sysprep log files and clean the AppData folder, history of registry, and history of PowerShell ISE:

Remove-Item -Path "C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\*" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue
Remove-Item -Path "C:\Users\Administrator\AppData\Local\Temp\*" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue
Remove-Item -path "C:\Windows\System32\sysprep\Panther\setupact.log" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue
Remove-Item -path "C:\Windows\System32\sysprep\Panther\setuperr.log" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue
Remove-Item -Path "C:\Windows\System32\sysprep\Panther\IE\setupact.log" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue
remove-item -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\*" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths" -Name * -Confirm:$false -ErrorAction SilentlyContinue
remove-item -Path "C:\Documents and Settings\Administrator\Recent\*" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue
remove-item -Path "C:\Documents and Settings\Administrator\Local Settings\Temp\*" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue
remove-item -Path "C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Recent\*" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\" -Name "LastKey" -ErrorAction SilentlyContinue
Remove-Item -Path "C:\Users\Administrator\AppData\Local\microsoft_corporation\powershell_ise.exe_StrongName_lw2v2vm3wmtzzpebq33gybmeoxukb04w\3.0.0.0\user.config" -Force -Confirm:$false -ErrorAction SilentlyContinue

Start Menu Run History

In a PowerShell prompt, clean the execute/run dialog box:

foreach ($item in (Get-ChildItem -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist)){Clear-Item -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\$($item.PSChildName)\Count}

Explorer Run History

In a PowerShell prompt, clean the Windows Explorer history:

Clear-Item -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU  -Force -Confirm:$false -ErrorAction SilentlyContinue

Internet Explorer History

In a PowerShell prompt, clean the Internet Explorer history:

RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 255
RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 1
RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 2
RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8
RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 16
RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 32

File Shares

Disable file share points that are accessible by unauthenticated users by going to Computer Management > System Tools > Shared Folders > Shares.

We recommend disabling file shares completely.

Windows Domain

Ensure that your VM is not connected to any Windows domain, by going to Control Panel > System and Security > System and checking that your VM is on a workgroup and not on a domain.

VM Configuration on OUTSCALE Cloud

OUTSCALE Logs

In a PowerShell prompt, clean the OUTSCALE logs located in C:\Windows\Outscale\logs\*:

remove-item -Path "C:\Windows\Outscale\logs\*" -Force -Confirm:$false -ErrorAction SilentlyContinue

OUTSCALE Temporary Files

In a PowerShell prompt, clean the OUTSCALE temporary files in C:\Windows\Outscale\tmp\*:

Remove-Item -Path "C:\Windows\Outscale\tmp\*" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue

User Data

In a PowerShell prompt, clean the user data you specified for the VM, in C:\Windows\Outscale\userdata\*:

Remove-Item -Path "C:\Windows\Outscale\userdata\*" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue

For more information about user data, see Configuring a VM with User Data and OUTSCALE Tags.

Logs

Temporary Files

In a PowerShell prompt, clean the temporary files on your VM:

remove-item -Path "C:\Windows\Temp\*" -Force -Recurse -Confirm:$false -ErrorAction SilentlyContinue

Windows Event Logs

In a PowerShell prompt, clear the Windows event logs:

Clear-EventLog Application
Clear-EventLog System
Clear-EventLog Security

These logs must be the last element you clean.

Related Pages

Export to PDF