When software is updated, it often results in unwanted icons being added to the desktop. Is there any way to avoid this?
Solved
Avoiding desktop icon creation
Best answer by RobertE-Automox
Leveraging a Worklet to remove unwanted icons might be the best solution. In this example, I’ve created a shortcut that will launch when the device is started.
Evaluation Code
Exit 1Remediation Code
Copy-Item -Path ".\Remediation-RemoveDesktopIcons.ps1" -Destination "C:\temp\"
$WshShell = New-Object -comObject WScript.Shell
$Shortcut = $WshShell.CreateShortcut("C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\RemoveDesktopIcons.lnk")
$Shortcut.TargetPath = "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
$Shortcut.Arguments = '-WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\temp\Remediation-RemoveDesktopIcons.ps1"'
$Shortcut.Save()
Payload Code (PowerShell Script)
<#
.SYNOPSIS
Removes Icons from Desktop
OS Support: Windows 8/10/11
Required modules: NONE
.DESCRIPTION
This script uses a list of names to remove icons from users desktop.
.REQUIREMENTS
PowerShell 2.0
.EXAMPLE
.NOTES
Author :Martin Bengtsson
Modified By :Robert Eickleberry
Prerequisite :PowerShell V2 and up over Win 8/10/11
Date :12 Aug 2022
#>
#List of icons to search for
$shortCutNames = @(
"*Google Chrome*"
"*Microsoft Teams*"
"*Zoom*"
)
#Start Logging
Start-Transcript -Append C:\Temp\Logs\PSScriptLog.txt
#Getting the current user's username by querying the explorer.exe process
function Get-CurrentUser() {
try {
$currentUser = Get-WMIObject -class Win32_ComputerSystem | select username
$currentUser = "$currentUser" -replace "[{}]"
$currentUser = "$currentUser".split("\")[1] }
catch {
Write-Output "Failed to get current user."
}
if (-NOT[string]::IsNullOrEmpty($currentUser)) {
Write-Output $currentUser
}
}
#Getting the current user's SID by using the user's username
function Get-UserSID([string]$currentUser) {
try {
$user = New-Object System.Security.Principal.NTAccount($currentUser)
$sid = $user.Translate([System.Security.Principal.SecurityIdentifier])
}
catch {
Write-Output "Failed to get current user SID."
}
if (-NOT[string]::IsNullOrEmpty($sid)) {
Write-Output $sid.Value
}
}
#Getting the current user's desktop path by querying registry with the user's SID
function Get-CurrentUserDesktop([string]$fUserRegistryPath) {
try {
if (Test-Path -Path $fUserRegistryPath) {
$currentUserDesktop = (Get-ItemProperty -Path $fUserRegistryPath -Name Desktop -ErrorAction Ignore).Desktop
}
}
catch {
Write-Output "Failed to get current user's desktop"
}
if (-NOT[string]::IsNullOrEmpty($currentUserDesktop)) {
Write-Output $currentUserDesktop
}
}
try {
#Create empty array for shortcutsFound
$shortcutsFound = @()
#Retrieving current user and current user's SID
$currentUser = Get-CurrentUser
$currentUserSID = Get-UserSID $currentUser
# Getting the AllUsers desktop path
$allUsersDesktop = [Environment]::GetFolderPath("CommonDesktopDirectory")
$userRegistryPath = "Registry::HKEY_USERS\$($currentUserSID)\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"
$currentUserDesktop = Get-CurrentUserDesktop $userRegistryPath
if (Test-Path -Path $allUsersDesktop) {
foreach ($ShortcutName in $shortCutNames) {
$shortCutsFound += Get-ChildItem -Path $allUsersDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}
}
}
if (Test-Path -Path $currentUserDesktop) {
foreach ($ShortcutName in $shortCutNames) {
$shortCutsFound += Get-ChildItem -Path $currentUserDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}
}
}
if (-NOT[string]::IsNullOrEmpty($shortcutsFound)) {
Write-Output "Desktop shortcuts found. Returning True"
$shortcutsFoundStatus = $true
}
elseif ([string]::IsNullOrEmpty($shortcutsFound)) {
Write-Output "Desktop shortcuts NOT found. Returning False"
$shortcutsFoundStatus = $false
}
}
catch {
Write-Output "Something went wrong during running of the script. Variable values are: $currentUser,$currentUserSID,$allUsersDesktop,$currentUserDesktop"
}
finally {
if ($shortcutsFoundStatus -eq $true) {
Write-Output "shortcutsFoundStatus equals True. Removing shortcuts..."
foreach ($shortcut in $shortcutsFound) {
try {
Remove-Item -Path $shortcut.FullName
}
catch {
Write-Output "Failed to remove shortcut: $($shortcut.Name)"
}
}
}
elseif ($shortcutsFoundStatus -eq $false) {
Write-Output "shortcutsFoundStatus equals False. Doing nothing"
}
}
#Refreshes the desktop after icons have been removed
$code = @'
[System.Runtime.InteropServices.DllImport("Shell32.dll")]
private static extern int SHChangeNotify(int eventId, int flags, IntPtr item1, IntPtr item2);
public static void Refresh() {
SHChangeNotify(0x8000000, 0x1000, IntPtr.Zero, IntPtr.Zero);
}
'@
Add-Type -MemberDefinition $code -Namespace WinAPI -Name Explorer
[WinAPI.Explorer]::Refresh()
#Stop Logging
Stop-Transcript
Note: All code is provided as is, and is just one example of how this might be accomplished.
Leveraging a Worklet to remove unwanted icons might be the best solution. In this example, I’ve created a shortcut that will launch when the device is started.
Evaluation Code
Exit 1Remediation Code
Copy-Item -Path ".\Remediation-RemoveDesktopIcons.ps1" -Destination "C:\temp\"
$WshShell = New-Object -comObject WScript.Shell
$Shortcut = $WshShell.CreateShortcut("C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\RemoveDesktopIcons.lnk")
$Shortcut.TargetPath = "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe"
$Shortcut.Arguments = '-WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\temp\Remediation-RemoveDesktopIcons.ps1"'
$Shortcut.Save()
Payload Code (PowerShell Script)
<#
.SYNOPSIS
Removes Icons from Desktop
OS Support: Windows 8/10/11
Required modules: NONE
.DESCRIPTION
This script uses a list of names to remove icons from users desktop.
.REQUIREMENTS
PowerShell 2.0
.EXAMPLE
.NOTES
Author :Martin Bengtsson
Modified By :Robert Eickleberry
Prerequisite :PowerShell V2 and up over Win 8/10/11
Date :12 Aug 2022
#>
#List of icons to search for
$shortCutNames = @(
"*Google Chrome*"
"*Microsoft Teams*"
"*Zoom*"
)
#Start Logging
Start-Transcript -Append C:\Temp\Logs\PSScriptLog.txt
#Getting the current user's username by querying the explorer.exe process
function Get-CurrentUser() {
try {
$currentUser = Get-WMIObject -class Win32_ComputerSystem | select username
$currentUser = "$currentUser" -replace "[{}]"
$currentUser = "$currentUser".split("\")[1] }
catch {
Write-Output "Failed to get current user."
}
if (-NOT[string]::IsNullOrEmpty($currentUser)) {
Write-Output $currentUser
}
}
#Getting the current user's SID by using the user's username
function Get-UserSID([string]$currentUser) {
try {
$user = New-Object System.Security.Principal.NTAccount($currentUser)
$sid = $user.Translate([System.Security.Principal.SecurityIdentifier])
}
catch {
Write-Output "Failed to get current user SID."
}
if (-NOT[string]::IsNullOrEmpty($sid)) {
Write-Output $sid.Value
}
}
#Getting the current user's desktop path by querying registry with the user's SID
function Get-CurrentUserDesktop([string]$fUserRegistryPath) {
try {
if (Test-Path -Path $fUserRegistryPath) {
$currentUserDesktop = (Get-ItemProperty -Path $fUserRegistryPath -Name Desktop -ErrorAction Ignore).Desktop
}
}
catch {
Write-Output "Failed to get current user's desktop"
}
if (-NOT[string]::IsNullOrEmpty($currentUserDesktop)) {
Write-Output $currentUserDesktop
}
}
try {
#Create empty array for shortcutsFound
$shortcutsFound = @()
#Retrieving current user and current user's SID
$currentUser = Get-CurrentUser
$currentUserSID = Get-UserSID $currentUser
# Getting the AllUsers desktop path
$allUsersDesktop = [Environment]::GetFolderPath("CommonDesktopDirectory")
$userRegistryPath = "Registry::HKEY_USERS\$($currentUserSID)\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders"
$currentUserDesktop = Get-CurrentUserDesktop $userRegistryPath
if (Test-Path -Path $allUsersDesktop) {
foreach ($ShortcutName in $shortCutNames) {
$shortCutsFound += Get-ChildItem -Path $allUsersDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}
}
}
if (Test-Path -Path $currentUserDesktop) {
foreach ($ShortcutName in $shortCutNames) {
$shortCutsFound += Get-ChildItem -Path $currentUserDesktop -Filter *.lnk | Where-Object {$_.Name -like $shortCutName}
}
}
if (-NOT[string]::IsNullOrEmpty($shortcutsFound)) {
Write-Output "Desktop shortcuts found. Returning True"
$shortcutsFoundStatus = $true
}
elseif ([string]::IsNullOrEmpty($shortcutsFound)) {
Write-Output "Desktop shortcuts NOT found. Returning False"
$shortcutsFoundStatus = $false
}
}
catch {
Write-Output "Something went wrong during running of the script. Variable values are: $currentUser,$currentUserSID,$allUsersDesktop,$currentUserDesktop"
}
finally {
if ($shortcutsFoundStatus -eq $true) {
Write-Output "shortcutsFoundStatus equals True. Removing shortcuts..."
foreach ($shortcut in $shortcutsFound) {
try {
Remove-Item -Path $shortcut.FullName
}
catch {
Write-Output "Failed to remove shortcut: $($shortcut.Name)"
}
}
}
elseif ($shortcutsFoundStatus -eq $false) {
Write-Output "shortcutsFoundStatus equals False. Doing nothing"
}
}
#Refreshes the desktop after icons have been removed
$code = @'
[System.Runtime.InteropServices.DllImport("Shell32.dll")]
private static extern int SHChangeNotify(int eventId, int flags, IntPtr item1, IntPtr item2);
public static void Refresh() {
SHChangeNotify(0x8000000, 0x1000, IntPtr.Zero, IntPtr.Zero);
}
'@
Add-Type -MemberDefinition $code -Namespace WinAPI -Name Explorer
[WinAPI.Explorer]::Refresh()
#Stop Logging
Stop-Transcript
Note: All code is provided as is, and is just one example of how this might be accomplished.
Does this only work for applications that are installed in to C:\Users\AppData?
I’ve tested this out on 2 computers where Google Chrome is installed system wide (C:\Program Files\Google\Chrome\Application) and the desktop icon isn’t being removed.
The difference would be C:\Users\%USERNAME$\Desktop vs C:\Users\Public\Desktop
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.