Alex Hirsch
8 years ago
7 changed files with 390 additions and 389 deletions
@ -1,4 +1,5 @@ |
|||
* text=auto |
|||
*.bat text eol=crlf |
|||
*.ps1 text eol=crlf |
|||
*.psm1 text eol=crlf |
|||
*.reg text eol=crlf |
|||
|
|||
@ -1,106 +1,106 @@ |
|||
function Takeown-Registry($key) { |
|||
# TODO does not work for all root keys yet |
|||
switch ($key.split('\')[0]) { |
|||
"HKEY_CLASSES_ROOT" { |
|||
$reg = [Microsoft.Win32.Registry]::ClassesRoot |
|||
$key = $key.substring(18) |
|||
} |
|||
"HKEY_CURRENT_USER" { |
|||
$reg = [Microsoft.Win32.Registry]::CurrentUser |
|||
$key = $key.substring(18) |
|||
} |
|||
"HKEY_LOCAL_MACHINE" { |
|||
$reg = [Microsoft.Win32.Registry]::LocalMachine |
|||
$key = $key.substring(19) |
|||
} |
|||
} |
|||
|
|||
# get administraor group |
|||
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") |
|||
$admins = $admins.Translate([System.Security.Principal.NTAccount]) |
|||
|
|||
# set owner |
|||
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership") |
|||
$acl = $key.GetAccessControl() |
|||
$acl.SetOwner($admins) |
|||
$key.SetAccessControl($acl) |
|||
|
|||
# set FullControl |
|||
$acl = $key.GetAccessControl() |
|||
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow") |
|||
$acl.SetAccessRule($rule) |
|||
$key.SetAccessControl($acl) |
|||
} |
|||
|
|||
function Takeown-File($path) { |
|||
takeown.exe /A /F $path |
|||
$acl = Get-Acl $path |
|||
|
|||
# get administraor group |
|||
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") |
|||
$admins = $admins.Translate([System.Security.Principal.NTAccount]) |
|||
|
|||
# add NT Authority\SYSTEM |
|||
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow") |
|||
$acl.AddAccessRule($rule) |
|||
|
|||
Set-Acl -Path $path -AclObject $acl |
|||
} |
|||
|
|||
function Takeown-Folder($path) { |
|||
Takeown-File $path |
|||
foreach ($item in Get-ChildItem $path) { |
|||
if (Test-Path $item -PathType Container) { |
|||
Takeown-Folder $item.FullName |
|||
} else { |
|||
Takeown-File $item.FullName |
|||
} |
|||
} |
|||
} |
|||
|
|||
function Elevate-Privileges { |
|||
param($Privilege) |
|||
$Definition = @" |
|||
using System; |
|||
using System.Runtime.InteropServices; |
|||
|
|||
public class AdjPriv { |
|||
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] |
|||
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele); |
|||
|
|||
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] |
|||
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok); |
|||
|
|||
[DllImport("advapi32.dll", SetLastError = true)] |
|||
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid); |
|||
|
|||
[StructLayout(LayoutKind.Sequential, Pack = 1)] |
|||
internal struct TokPriv1Luid { |
|||
public int Count; |
|||
public long Luid; |
|||
public int Attr; |
|||
} |
|||
|
|||
internal const int SE_PRIVILEGE_ENABLED = 0x00000002; |
|||
internal const int TOKEN_QUERY = 0x00000008; |
|||
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020; |
|||
|
|||
public static bool EnablePrivilege(long processHandle, string privilege) { |
|||
bool retVal; |
|||
TokPriv1Luid tp; |
|||
IntPtr hproc = new IntPtr(processHandle); |
|||
IntPtr htok = IntPtr.Zero; |
|||
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok); |
|||
tp.Count = 1; |
|||
tp.Luid = 0; |
|||
tp.Attr = SE_PRIVILEGE_ENABLED; |
|||
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid); |
|||
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero); |
|||
return retVal; |
|||
} |
|||
} |
|||
"@ |
|||
$ProcessHandle = (Get-Process -id $pid).Handle |
|||
$type = Add-Type $definition -PassThru |
|||
$type[0]::EnablePrivilege($processHandle, $Privilege) |
|||
} |
|||
function Takeown-Registry($key) { |
|||
# TODO does not work for all root keys yet |
|||
switch ($key.split('\')[0]) { |
|||
"HKEY_CLASSES_ROOT" { |
|||
$reg = [Microsoft.Win32.Registry]::ClassesRoot |
|||
$key = $key.substring(18) |
|||
} |
|||
"HKEY_CURRENT_USER" { |
|||
$reg = [Microsoft.Win32.Registry]::CurrentUser |
|||
$key = $key.substring(18) |
|||
} |
|||
"HKEY_LOCAL_MACHINE" { |
|||
$reg = [Microsoft.Win32.Registry]::LocalMachine |
|||
$key = $key.substring(19) |
|||
} |
|||
} |
|||
|
|||
# get administraor group |
|||
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") |
|||
$admins = $admins.Translate([System.Security.Principal.NTAccount]) |
|||
|
|||
# set owner |
|||
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership") |
|||
$acl = $key.GetAccessControl() |
|||
$acl.SetOwner($admins) |
|||
$key.SetAccessControl($acl) |
|||
|
|||
# set FullControl |
|||
$acl = $key.GetAccessControl() |
|||
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow") |
|||
$acl.SetAccessRule($rule) |
|||
$key.SetAccessControl($acl) |
|||
} |
|||
|
|||
function Takeown-File($path) { |
|||
takeown.exe /A /F $path |
|||
$acl = Get-Acl $path |
|||
|
|||
# get administraor group |
|||
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") |
|||
$admins = $admins.Translate([System.Security.Principal.NTAccount]) |
|||
|
|||
# add NT Authority\SYSTEM |
|||
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow") |
|||
$acl.AddAccessRule($rule) |
|||
|
|||
Set-Acl -Path $path -AclObject $acl |
|||
} |
|||
|
|||
function Takeown-Folder($path) { |
|||
Takeown-File $path |
|||
foreach ($item in Get-ChildItem $path) { |
|||
if (Test-Path $item -PathType Container) { |
|||
Takeown-Folder $item.FullName |
|||
} else { |
|||
Takeown-File $item.FullName |
|||
} |
|||
} |
|||
} |
|||
|
|||
function Elevate-Privileges { |
|||
param($Privilege) |
|||
$Definition = @" |
|||
using System; |
|||
using System.Runtime.InteropServices; |
|||
|
|||
public class AdjPriv { |
|||
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] |
|||
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele); |
|||
|
|||
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] |
|||
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok); |
|||
|
|||
[DllImport("advapi32.dll", SetLastError = true)] |
|||
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid); |
|||
|
|||
[StructLayout(LayoutKind.Sequential, Pack = 1)] |
|||
internal struct TokPriv1Luid { |
|||
public int Count; |
|||
public long Luid; |
|||
public int Attr; |
|||
} |
|||
|
|||
internal const int SE_PRIVILEGE_ENABLED = 0x00000002; |
|||
internal const int TOKEN_QUERY = 0x00000008; |
|||
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020; |
|||
|
|||
public static bool EnablePrivilege(long processHandle, string privilege) { |
|||
bool retVal; |
|||
TokPriv1Luid tp; |
|||
IntPtr hproc = new IntPtr(processHandle); |
|||
IntPtr htok = IntPtr.Zero; |
|||
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok); |
|||
tp.Count = 1; |
|||
tp.Luid = 0; |
|||
tp.Attr = SE_PRIVILEGE_ENABLED; |
|||
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid); |
|||
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero); |
|||
return retVal; |
|||
} |
|||
} |
|||
"@ |
|||
$ProcessHandle = (Get-Process -id $pid).Handle |
|||
$type = Add-Type $definition -PassThru |
|||
$type[0]::EnablePrivilege($processHandle, $Privilege) |
|||
} |
|||
|
|||
@ -1,47 +1,47 @@ |
|||
# Description: |
|||
# This script remove strang looking stuff which will probably result in a break |
|||
# of your system. It should not be used unless you want to test out a few |
|||
# things. It is named `experimental_unfuckery.ps1` for a reason. |
|||
|
|||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1 |
|||
|
|||
echo "Elevating priviledges for this process" |
|||
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege) |
|||
|
|||
echo "Force removing system apps" |
|||
$needles = @( |
|||
#"Anytime" |
|||
"BioEnrollment" |
|||
#"Browser" |
|||
"ContactSupport" |
|||
#"Cortana" # This will disable startmenu search. |
|||
#"Defender" |
|||
"Feedback" |
|||
"Flash" |
|||
"Gaming" |
|||
#"InternetExplorer" |
|||
#"Maps" |
|||
"OneDrive" |
|||
#"Wallet" |
|||
#"Xbox" # This will result in a bootloop since upgrade 1511 |
|||
) |
|||
|
|||
foreach ($needle in $needles) { |
|||
echo "Trying to remove all packages containing $needle" |
|||
|
|||
$pkgs = (ls "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" | |
|||
where Name -Like "*$needle*") |
|||
|
|||
foreach ($pkg in $pkgs) { |
|||
$pkgname = $pkg.Name.split('\')[-1] |
|||
|
|||
Takeown-Registry($pkg.Name) |
|||
Takeown-Registry($pkg.Name + "\Owners") |
|||
|
|||
Set-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name Visibility -Value 1 |
|||
New-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name DefVis -PropertyType DWord -Value 2 |
|||
Remove-Item -Path ("HKLM:" + $pkg.Name.Substring(18) + "\Owners") |
|||
|
|||
dism.exe /Online /Remove-Package /PackageName:$pkgname /NoRestart |
|||
} |
|||
} |
|||
# Description: |
|||
# This script remove strang looking stuff which will probably result in a break |
|||
# of your system. It should not be used unless you want to test out a few |
|||
# things. It is named `experimental_unfuckery.ps1` for a reason. |
|||
|
|||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1 |
|||
|
|||
echo "Elevating priviledges for this process" |
|||
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege) |
|||
|
|||
echo "Force removing system apps" |
|||
$needles = @( |
|||
#"Anytime" |
|||
"BioEnrollment" |
|||
#"Browser" |
|||
"ContactSupport" |
|||
#"Cortana" # This will disable startmenu search. |
|||
#"Defender" |
|||
"Feedback" |
|||
"Flash" |
|||
"Gaming" |
|||
#"InternetExplorer" |
|||
#"Maps" |
|||
"OneDrive" |
|||
#"Wallet" |
|||
#"Xbox" # This will result in a bootloop since upgrade 1511 |
|||
) |
|||
|
|||
foreach ($needle in $needles) { |
|||
echo "Trying to remove all packages containing $needle" |
|||
|
|||
$pkgs = (ls "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" | |
|||
where Name -Like "*$needle*") |
|||
|
|||
foreach ($pkg in $pkgs) { |
|||
$pkgname = $pkg.Name.split('\')[-1] |
|||
|
|||
Takeown-Registry($pkg.Name) |
|||
Takeown-Registry($pkg.Name + "\Owners") |
|||
|
|||
Set-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name Visibility -Value 1 |
|||
New-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name DefVis -PropertyType DWord -Value 2 |
|||
Remove-Item -Path ("HKLM:" + $pkg.Name.Substring(18) + "\Owners") |
|||
|
|||
dism.exe /Online /Remove-Package /PackageName:$pkgname /NoRestart |
|||
} |
|||
} |
|||
|
|||
@ -1,3 +1,3 @@ |
|||
@echo off |
|||
|
|||
shutdown /o /r /t 00 |
|||
@echo off |
|||
|
|||
shutdown /o /r /t 00 |
|||
|
|||
@ -1,7 +1,7 @@ |
|||
Windows Registry Editor Version 5.00 |
|||
|
|||
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize] |
|||
"AppsUseLightTheme"=dword:00000000 |
|||
|
|||
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize] |
|||
"AppsUseLightTheme"=dword:00000000 |
|||
Windows Registry Editor Version 5.00 |
|||
|
|||
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize] |
|||
"AppsUseLightTheme"=dword:00000000 |
|||
|
|||
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize] |
|||
"AppsUseLightTheme"=dword:00000000 |
|||
|
|||
@ -1,207 +1,207 @@ |
|||
# Description: |
|||
# This script will disable certain scheduled tasks. Work in progress! |
|||
|
|||
$tasks = @( |
|||
# Windows base scheduled tasks |
|||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319" |
|||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64" |
|||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical" |
|||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical" |
|||
|
|||
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)" |
|||
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)" |
|||
|
|||
#"\Microsoft\Windows\AppID\EDP Policy Manager" |
|||
#"\Microsoft\Windows\AppID\PolicyConverter" |
|||
"\Microsoft\Windows\AppID\SmartScreenSpecific" |
|||
#"\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck" |
|||
|
|||
"\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" |
|||
"\Microsoft\Windows\Application Experience\ProgramDataUpdater" |
|||
#"\Microsoft\Windows\Application Experience\StartupAppTask" |
|||
|
|||
#"\Microsoft\Windows\ApplicationData\CleanupTemporaryState" |
|||
#"\Microsoft\Windows\ApplicationData\DsSvcCleanup" |
|||
|
|||
#"\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup" |
|||
|
|||
"\Microsoft\Windows\Autochk\Proxy" |
|||
|
|||
#"\Microsoft\Windows\Bluetooth\UninstallDeviceTask" |
|||
|
|||
#"\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask" |
|||
#"\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask" |
|||
#"\Microsoft\Windows\CertificateServicesClient\SystemTask" |
|||
#"\Microsoft\Windows\CertificateServicesClient\UserTask" |
|||
#"\Microsoft\Windows\CertificateServicesClient\UserTask-Roam" |
|||
|
|||
#"\Microsoft\Windows\Chkdsk\ProactiveScan" |
|||
|
|||
#"\Microsoft\Windows\Clip\License Validation" |
|||
|
|||
"\Microsoft\Windows\CloudExperienceHost\CreateObjectTask" |
|||
|
|||
"\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" |
|||
"\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" |
|||
"\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" |
|||
|
|||
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan" |
|||
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery" |
|||
|
|||
#"\Microsoft\Windows\Defrag\ScheduledDefrag" |
|||
|
|||
#"\Microsoft\Windows\Diagnosis\Scheduled" |
|||
|
|||
#"\Microsoft\Windows\DiskCleanup\SilentCleanup" |
|||
|
|||
"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" |
|||
#"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver" |
|||
|
|||
#"\Microsoft\Windows\DiskFootprint\Diagnostics" |
|||
|
|||
"\Microsoft\Windows\Feedback\Siuf\DmClient" |
|||
|
|||
#"\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" |
|||
|
|||
#"\Microsoft\Windows\FileHistory\File History (maintenance mode)" |
|||
|
|||
#"\Microsoft\Windows\LanguageComponentsInstaller\Installation" |
|||
#"\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation" |
|||
|
|||
#"\Microsoft\Windows\Location\Notifications" |
|||
#"\Microsoft\Windows\Location\WindowsActionDialog" |
|||
|
|||
#"\Microsoft\Windows\Maintenance\WinSAT" |
|||
|
|||
#"\Microsoft\Windows\Maps\MapsToastTask" |
|||
#"\Microsoft\Windows\Maps\MapsUpdateTask" |
|||
|
|||
#"\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents" |
|||
#"\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic" |
|||
|
|||
"\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" |
|||
|
|||
#"\Microsoft\Windows\MUI\LPRemove" |
|||
|
|||
#"\Microsoft\Windows\Multimedia\SystemSoundsService" |
|||
|
|||
#"\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler" |
|||
|
|||
#"\Microsoft\Windows\NetTrace\GatherNetworkInfo" |
|||
|
|||
#"\Microsoft\Windows\Offline Files\Background Synchronization" |
|||
#"\Microsoft\Windows\Offline Files\Logon Synchronization" |
|||
|
|||
#"\Microsoft\Windows\PI\Secure-Boot-Update" |
|||
#"\Microsoft\Windows\PI\Sqm-Tasks" |
|||
|
|||
#"\Microsoft\Windows\Plug and Play\Device Install Group Policy" |
|||
#"\Microsoft\Windows\Plug and Play\Device Install Reboot Required" |
|||
#"\Microsoft\Windows\Plug and Play\Plug and Play Cleanup" |
|||
#"\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers" |
|||
|
|||
#"\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" |
|||
|
|||
#"\Microsoft\Windows\Ras\MobilityManager" |
|||
|
|||
#"\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE" |
|||
|
|||
#"\Microsoft\Windows\Registry\RegIdleBackup" |
|||
|
|||
#"\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" |
|||
|
|||
#"\Microsoft\Windows\RemovalTools\MRT_HB" |
|||
|
|||
#"\Microsoft\Windows\Servicing\StartComponentCleanup" |
|||
|
|||
#"\Microsoft\Windows\SettingSync\NetworkStateChangeTask" |
|||
|
|||
#"\Microsoft\Windows\Shell\CreateObjectTask" |
|||
#"\Microsoft\Windows\Shell\FamilySafetyMonitor" |
|||
#"\Microsoft\Windows\Shell\FamilySafetyRefresh" |
|||
#"\Microsoft\Windows\Shell\IndexerAutomaticMaintenance" |
|||
|
|||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask" |
|||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon" |
|||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork" |
|||
|
|||
#"\Microsoft\Windows\SpacePort\SpaceAgentTask" |
|||
|
|||
#"\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate" |
|||
#"\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance" |
|||
#"\Microsoft\Windows\Sysmain\ResPriStaticDbSync" |
|||
#"\Microsoft\Windows\Sysmain\WsSwapAssessmentTask" |
|||
|
|||
#"\Microsoft\Windows\SystemRestore\SR" |
|||
|
|||
#"\Microsoft\Windows\Task Manager\Interactive" |
|||
|
|||
#"\Microsoft\Windows\TextServicesFramework\MsCtfMonitor" |
|||
|
|||
#"\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime" |
|||
#"\Microsoft\Windows\Time Synchronization\SynchronizeTime" |
|||
|
|||
#"\Microsoft\Windows\Time Zone\SynchronizeTimeZone" |
|||
|
|||
#"\Microsoft\Windows\TPM\Tpm-HASCertRetr" |
|||
#"\Microsoft\Windows\TPM\Tpm-Maintenance" |
|||
|
|||
#"\Microsoft\Windows\UpdateOrchestrator\Maintenance Install" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\Policy Install" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\Reboot" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\Resume On Boot" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot" |
|||
|
|||
#"\Microsoft\Windows\UPnP\UPnPHostConfig" |
|||
|
|||
#"\Microsoft\Windows\User Profile Service\HiveUploadTask" |
|||
|
|||
#"\Microsoft\Windows\WCM\WiFiTask" |
|||
|
|||
#"\Microsoft\Windows\WDI\ResolutionHost" |
|||
|
|||
"\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" |
|||
"\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" |
|||
"\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" |
|||
"\Microsoft\Windows\Windows Defender\Windows Defender Verification" |
|||
|
|||
"\Microsoft\Windows\Windows Error Reporting\QueueReporting" |
|||
|
|||
#"\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" |
|||
|
|||
#"\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" |
|||
|
|||
#"\Microsoft\Windows\WindowsColorSystem\Calibration Loader" |
|||
|
|||
#"\Microsoft\Windows\WindowsUpdate\Automatic App Update" |
|||
#"\Microsoft\Windows\WindowsUpdate\Scheduled Start" |
|||
#"\Microsoft\Windows\WindowsUpdate\sih" |
|||
#"\Microsoft\Windows\WindowsUpdate\sihboot" |
|||
|
|||
#"\Microsoft\Windows\Wininet\CacheTask" |
|||
|
|||
#"\Microsoft\Windows\WOF\WIM-Hash-Management" |
|||
#"\Microsoft\Windows\WOF\WIM-Hash-Validation" |
|||
|
|||
#"\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization" |
|||
#"\Microsoft\Windows\Work Folders\Work Folders Maintenance Work" |
|||
|
|||
#"\Microsoft\Windows\Workplace Join\Automatic-Device-Join" |
|||
|
|||
#"\Microsoft\Windows\WS\License Validation" |
|||
#"\Microsoft\Windows\WS\WSTask" |
|||
|
|||
# Scheduled tasks which cannot be disabled |
|||
#"\Microsoft\Windows\Device Setup\Metadata Refresh" |
|||
#"\Microsoft\Windows\SettingSync\BackgroundUploadTask" |
|||
) |
|||
|
|||
foreach ($task in $tasks) { |
|||
$parts = $task.split('\') |
|||
$name = $parts[-1] |
|||
$path = $parts[0..($parts.length-2)] -join '\' |
|||
|
|||
Disable-ScheduledTask -TaskName "$name" -TaskPath "$path" |
|||
} |
|||
# Description: |
|||
# This script will disable certain scheduled tasks. Work in progress! |
|||
|
|||
$tasks = @( |
|||
# Windows base scheduled tasks |
|||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319" |
|||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64" |
|||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical" |
|||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical" |
|||
|
|||
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)" |
|||
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)" |
|||
|
|||
#"\Microsoft\Windows\AppID\EDP Policy Manager" |
|||
#"\Microsoft\Windows\AppID\PolicyConverter" |
|||
"\Microsoft\Windows\AppID\SmartScreenSpecific" |
|||
#"\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck" |
|||
|
|||
"\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" |
|||
"\Microsoft\Windows\Application Experience\ProgramDataUpdater" |
|||
#"\Microsoft\Windows\Application Experience\StartupAppTask" |
|||
|
|||
#"\Microsoft\Windows\ApplicationData\CleanupTemporaryState" |
|||
#"\Microsoft\Windows\ApplicationData\DsSvcCleanup" |
|||
|
|||
#"\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup" |
|||
|
|||
"\Microsoft\Windows\Autochk\Proxy" |
|||
|
|||
#"\Microsoft\Windows\Bluetooth\UninstallDeviceTask" |
|||
|
|||
#"\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask" |
|||
#"\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask" |
|||
#"\Microsoft\Windows\CertificateServicesClient\SystemTask" |
|||
#"\Microsoft\Windows\CertificateServicesClient\UserTask" |
|||
#"\Microsoft\Windows\CertificateServicesClient\UserTask-Roam" |
|||
|
|||
#"\Microsoft\Windows\Chkdsk\ProactiveScan" |
|||
|
|||
#"\Microsoft\Windows\Clip\License Validation" |
|||
|
|||
"\Microsoft\Windows\CloudExperienceHost\CreateObjectTask" |
|||
|
|||
"\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" |
|||
"\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" |
|||
"\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" |
|||
|
|||
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan" |
|||
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery" |
|||
|
|||
#"\Microsoft\Windows\Defrag\ScheduledDefrag" |
|||
|
|||
#"\Microsoft\Windows\Diagnosis\Scheduled" |
|||
|
|||
#"\Microsoft\Windows\DiskCleanup\SilentCleanup" |
|||
|
|||
"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" |
|||
#"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver" |
|||
|
|||
#"\Microsoft\Windows\DiskFootprint\Diagnostics" |
|||
|
|||
"\Microsoft\Windows\Feedback\Siuf\DmClient" |
|||
|
|||
#"\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" |
|||
|
|||
#"\Microsoft\Windows\FileHistory\File History (maintenance mode)" |
|||
|
|||
#"\Microsoft\Windows\LanguageComponentsInstaller\Installation" |
|||
#"\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation" |
|||
|
|||
#"\Microsoft\Windows\Location\Notifications" |
|||
#"\Microsoft\Windows\Location\WindowsActionDialog" |
|||
|
|||
#"\Microsoft\Windows\Maintenance\WinSAT" |
|||
|
|||
#"\Microsoft\Windows\Maps\MapsToastTask" |
|||
#"\Microsoft\Windows\Maps\MapsUpdateTask" |
|||
|
|||
#"\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents" |
|||
#"\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic" |
|||
|
|||
"\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" |
|||
|
|||
#"\Microsoft\Windows\MUI\LPRemove" |
|||
|
|||
#"\Microsoft\Windows\Multimedia\SystemSoundsService" |
|||
|
|||
#"\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler" |
|||
|
|||
#"\Microsoft\Windows\NetTrace\GatherNetworkInfo" |
|||
|
|||
#"\Microsoft\Windows\Offline Files\Background Synchronization" |
|||
#"\Microsoft\Windows\Offline Files\Logon Synchronization" |
|||
|
|||
#"\Microsoft\Windows\PI\Secure-Boot-Update" |
|||
#"\Microsoft\Windows\PI\Sqm-Tasks" |
|||
|
|||
#"\Microsoft\Windows\Plug and Play\Device Install Group Policy" |
|||
#"\Microsoft\Windows\Plug and Play\Device Install Reboot Required" |
|||
#"\Microsoft\Windows\Plug and Play\Plug and Play Cleanup" |
|||
#"\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers" |
|||
|
|||
#"\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" |
|||
|
|||
#"\Microsoft\Windows\Ras\MobilityManager" |
|||
|
|||
#"\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE" |
|||
|
|||
#"\Microsoft\Windows\Registry\RegIdleBackup" |
|||
|
|||
#"\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" |
|||
|
|||
#"\Microsoft\Windows\RemovalTools\MRT_HB" |
|||
|
|||
#"\Microsoft\Windows\Servicing\StartComponentCleanup" |
|||
|
|||
#"\Microsoft\Windows\SettingSync\NetworkStateChangeTask" |
|||
|
|||
#"\Microsoft\Windows\Shell\CreateObjectTask" |
|||
#"\Microsoft\Windows\Shell\FamilySafetyMonitor" |
|||
#"\Microsoft\Windows\Shell\FamilySafetyRefresh" |
|||
#"\Microsoft\Windows\Shell\IndexerAutomaticMaintenance" |
|||
|
|||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask" |
|||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon" |
|||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork" |
|||
|
|||
#"\Microsoft\Windows\SpacePort\SpaceAgentTask" |
|||
|
|||
#"\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate" |
|||
#"\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance" |
|||
#"\Microsoft\Windows\Sysmain\ResPriStaticDbSync" |
|||
#"\Microsoft\Windows\Sysmain\WsSwapAssessmentTask" |
|||
|
|||
#"\Microsoft\Windows\SystemRestore\SR" |
|||
|
|||
#"\Microsoft\Windows\Task Manager\Interactive" |
|||
|
|||
#"\Microsoft\Windows\TextServicesFramework\MsCtfMonitor" |
|||
|
|||
#"\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime" |
|||
#"\Microsoft\Windows\Time Synchronization\SynchronizeTime" |
|||
|
|||
#"\Microsoft\Windows\Time Zone\SynchronizeTimeZone" |
|||
|
|||
#"\Microsoft\Windows\TPM\Tpm-HASCertRetr" |
|||
#"\Microsoft\Windows\TPM\Tpm-Maintenance" |
|||
|
|||
#"\Microsoft\Windows\UpdateOrchestrator\Maintenance Install" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\Policy Install" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\Reboot" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\Resume On Boot" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display" |
|||
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot" |
|||
|
|||
#"\Microsoft\Windows\UPnP\UPnPHostConfig" |
|||
|
|||
#"\Microsoft\Windows\User Profile Service\HiveUploadTask" |
|||
|
|||
#"\Microsoft\Windows\WCM\WiFiTask" |
|||
|
|||
#"\Microsoft\Windows\WDI\ResolutionHost" |
|||
|
|||
"\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" |
|||
"\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" |
|||
"\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" |
|||
"\Microsoft\Windows\Windows Defender\Windows Defender Verification" |
|||
|
|||
"\Microsoft\Windows\Windows Error Reporting\QueueReporting" |
|||
|
|||
#"\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" |
|||
|
|||
#"\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" |
|||
|
|||
#"\Microsoft\Windows\WindowsColorSystem\Calibration Loader" |
|||
|
|||
#"\Microsoft\Windows\WindowsUpdate\Automatic App Update" |
|||
#"\Microsoft\Windows\WindowsUpdate\Scheduled Start" |
|||
#"\Microsoft\Windows\WindowsUpdate\sih" |
|||
#"\Microsoft\Windows\WindowsUpdate\sihboot" |
|||
|
|||
#"\Microsoft\Windows\Wininet\CacheTask" |
|||
|
|||
#"\Microsoft\Windows\WOF\WIM-Hash-Management" |
|||
#"\Microsoft\Windows\WOF\WIM-Hash-Validation" |
|||
|
|||
#"\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization" |
|||
#"\Microsoft\Windows\Work Folders\Work Folders Maintenance Work" |
|||
|
|||
#"\Microsoft\Windows\Workplace Join\Automatic-Device-Join" |
|||
|
|||
#"\Microsoft\Windows\WS\License Validation" |
|||
#"\Microsoft\Windows\WS\WSTask" |
|||
|
|||
# Scheduled tasks which cannot be disabled |
|||
#"\Microsoft\Windows\Device Setup\Metadata Refresh" |
|||
#"\Microsoft\Windows\SettingSync\BackgroundUploadTask" |
|||
) |
|||
|
|||
foreach ($task in $tasks) { |
|||
$parts = $task.split('\') |
|||
$name = $parts[-1] |
|||
$path = $parts[0..($parts.length-2)] -join '\' |
|||
|
|||
Disable-ScheduledTask -TaskName "$name" -TaskPath "$path" |
|||
} |
|||
|
|||
@ -1,19 +1,19 @@ |
|||
# Description: |
|||
# This scripts places the "God Mode" folder on the current user's desktop. |
|||
|
|||
echo @" |
|||
############################################################################### |
|||
# _______ _______ ______ __ __ _______ ______ _______ # |
|||
# | || || | | |_| || || | | | # |
|||
# | ___|| _ || _ | | || _ || _ || ___| # |
|||
# | | __ | | | || | | | | || | | || | | || |___ # |
|||
# | || || |_| || |_| | | || |_| || |_| || ___| # |
|||
# | |_| || || | | ||_|| || || || |___ # |
|||
# |_______||_______||______| |_| |_||_______||______| |_______| # |
|||
# # |
|||
# God Mode has been enabled, check out the new link on your Desktop # |
|||
# # |
|||
############################################################################### |
|||
"@ |
|||
$DesktopPath = [Environment]::GetFolderPath("Desktop"); |
|||
mkdir "$DesktopPath\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}" |
|||
# Description: |
|||
# This scripts places the "God Mode" folder on the current user's desktop. |
|||
|
|||
echo @" |
|||
############################################################################### |
|||
# _______ _______ ______ __ __ _______ ______ _______ # |
|||
# | || || | | |_| || || | | | # |
|||
# | ___|| _ || _ | | || _ || _ || ___| # |
|||
# | | __ | | | || | | | | || | | || | | || |___ # |
|||
# | || || |_| || |_| | | || |_| || |_| || ___| # |
|||
# | |_| || || | | ||_|| || || || |___ # |
|||
# |_______||_______||______| |_| |_||_______||______| |_______| # |
|||
# # |
|||
# God Mode has been enabled, check out the new link on your Desktop # |
|||
# # |
|||
############################################################################### |
|||
"@ |
|||
$DesktopPath = [Environment]::GetFolderPath("Desktop"); |
|||
mkdir "$DesktopPath\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}" |
|||
|
|||
Loading…
Reference in new issue