From d3bf3e3749b1518fad8e181fdd4a673233ded0c4 Mon Sep 17 00:00:00 2001 From: Alex Hirsch Date: Sat, 22 Apr 2017 23:46:17 +0200 Subject: [PATCH] Fix lineendings ref #109 --- .gitattributes | 1 + lib/take-own.psm1 | 212 +++++++-------- scripts/experimental_unfuckery.ps1 | 94 +++---- utils/boot-advanced-startup.bat | 6 +- utils/dark-theme.reg | 14 +- utils/disable-scheduled-tasks.ps1 | 414 ++++++++++++++--------------- utils/enable-god-mode.ps1 | 38 +-- 7 files changed, 390 insertions(+), 389 deletions(-) diff --git a/.gitattributes b/.gitattributes index 21107f3..a021040 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,4 +1,5 @@ * text=auto +*.bat text eol=crlf *.ps1 text eol=crlf *.psm1 text eol=crlf *.reg text eol=crlf diff --git a/lib/take-own.psm1 b/lib/take-own.psm1 index 6509188..a4b9a9b 100644 --- a/lib/take-own.psm1 +++ b/lib/take-own.psm1 @@ -1,106 +1,106 @@ -function Takeown-Registry($key) { - # TODO does not work for all root keys yet - switch ($key.split('\')[0]) { - "HKEY_CLASSES_ROOT" { - $reg = [Microsoft.Win32.Registry]::ClassesRoot - $key = $key.substring(18) - } - "HKEY_CURRENT_USER" { - $reg = [Microsoft.Win32.Registry]::CurrentUser - $key = $key.substring(18) - } - "HKEY_LOCAL_MACHINE" { - $reg = [Microsoft.Win32.Registry]::LocalMachine - $key = $key.substring(19) - } - } - - # get administraor group - $admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") - $admins = $admins.Translate([System.Security.Principal.NTAccount]) - - # set owner - $key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership") - $acl = $key.GetAccessControl() - $acl.SetOwner($admins) - $key.SetAccessControl($acl) - - # set FullControl - $acl = $key.GetAccessControl() - $rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow") - $acl.SetAccessRule($rule) - $key.SetAccessControl($acl) -} - -function Takeown-File($path) { - takeown.exe /A /F $path - $acl = Get-Acl $path - - # get administraor group - $admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") - $admins = $admins.Translate([System.Security.Principal.NTAccount]) - - # add NT Authority\SYSTEM - $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow") - $acl.AddAccessRule($rule) - - Set-Acl -Path $path -AclObject $acl -} - -function Takeown-Folder($path) { - Takeown-File $path - foreach ($item in Get-ChildItem $path) { - if (Test-Path $item -PathType Container) { - Takeown-Folder $item.FullName - } else { - Takeown-File $item.FullName - } - } -} - -function Elevate-Privileges { - param($Privilege) - $Definition = @" - using System; - using System.Runtime.InteropServices; - - public class AdjPriv { - [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] - internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele); - - [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] - internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok); - - [DllImport("advapi32.dll", SetLastError = true)] - internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid); - - [StructLayout(LayoutKind.Sequential, Pack = 1)] - internal struct TokPriv1Luid { - public int Count; - public long Luid; - public int Attr; - } - - internal const int SE_PRIVILEGE_ENABLED = 0x00000002; - internal const int TOKEN_QUERY = 0x00000008; - internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020; - - public static bool EnablePrivilege(long processHandle, string privilege) { - bool retVal; - TokPriv1Luid tp; - IntPtr hproc = new IntPtr(processHandle); - IntPtr htok = IntPtr.Zero; - retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok); - tp.Count = 1; - tp.Luid = 0; - tp.Attr = SE_PRIVILEGE_ENABLED; - retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid); - retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero); - return retVal; - } - } -"@ - $ProcessHandle = (Get-Process -id $pid).Handle - $type = Add-Type $definition -PassThru - $type[0]::EnablePrivilege($processHandle, $Privilege) -} +function Takeown-Registry($key) { + # TODO does not work for all root keys yet + switch ($key.split('\')[0]) { + "HKEY_CLASSES_ROOT" { + $reg = [Microsoft.Win32.Registry]::ClassesRoot + $key = $key.substring(18) + } + "HKEY_CURRENT_USER" { + $reg = [Microsoft.Win32.Registry]::CurrentUser + $key = $key.substring(18) + } + "HKEY_LOCAL_MACHINE" { + $reg = [Microsoft.Win32.Registry]::LocalMachine + $key = $key.substring(19) + } + } + + # get administraor group + $admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") + $admins = $admins.Translate([System.Security.Principal.NTAccount]) + + # set owner + $key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership") + $acl = $key.GetAccessControl() + $acl.SetOwner($admins) + $key.SetAccessControl($acl) + + # set FullControl + $acl = $key.GetAccessControl() + $rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow") + $acl.SetAccessRule($rule) + $key.SetAccessControl($acl) +} + +function Takeown-File($path) { + takeown.exe /A /F $path + $acl = Get-Acl $path + + # get administraor group + $admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") + $admins = $admins.Translate([System.Security.Principal.NTAccount]) + + # add NT Authority\SYSTEM + $rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow") + $acl.AddAccessRule($rule) + + Set-Acl -Path $path -AclObject $acl +} + +function Takeown-Folder($path) { + Takeown-File $path + foreach ($item in Get-ChildItem $path) { + if (Test-Path $item -PathType Container) { + Takeown-Folder $item.FullName + } else { + Takeown-File $item.FullName + } + } +} + +function Elevate-Privileges { + param($Privilege) + $Definition = @" + using System; + using System.Runtime.InteropServices; + + public class AdjPriv { + [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] + internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele); + + [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] + internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok); + + [DllImport("advapi32.dll", SetLastError = true)] + internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid); + + [StructLayout(LayoutKind.Sequential, Pack = 1)] + internal struct TokPriv1Luid { + public int Count; + public long Luid; + public int Attr; + } + + internal const int SE_PRIVILEGE_ENABLED = 0x00000002; + internal const int TOKEN_QUERY = 0x00000008; + internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020; + + public static bool EnablePrivilege(long processHandle, string privilege) { + bool retVal; + TokPriv1Luid tp; + IntPtr hproc = new IntPtr(processHandle); + IntPtr htok = IntPtr.Zero; + retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok); + tp.Count = 1; + tp.Luid = 0; + tp.Attr = SE_PRIVILEGE_ENABLED; + retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid); + retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero); + return retVal; + } + } +"@ + $ProcessHandle = (Get-Process -id $pid).Handle + $type = Add-Type $definition -PassThru + $type[0]::EnablePrivilege($processHandle, $Privilege) +} diff --git a/scripts/experimental_unfuckery.ps1 b/scripts/experimental_unfuckery.ps1 index e8ff8cb..3761fc4 100644 --- a/scripts/experimental_unfuckery.ps1 +++ b/scripts/experimental_unfuckery.ps1 @@ -1,47 +1,47 @@ -# Description: -# This script remove strang looking stuff which will probably result in a break -# of your system. It should not be used unless you want to test out a few -# things. It is named `experimental_unfuckery.ps1` for a reason. - -Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1 - -echo "Elevating priviledges for this process" -do {} until (Elevate-Privileges SeTakeOwnershipPrivilege) - -echo "Force removing system apps" -$needles = @( - #"Anytime" - "BioEnrollment" - #"Browser" - "ContactSupport" - #"Cortana" # This will disable startmenu search. - #"Defender" - "Feedback" - "Flash" - "Gaming" - #"InternetExplorer" - #"Maps" - "OneDrive" - #"Wallet" - #"Xbox" # This will result in a bootloop since upgrade 1511 -) - -foreach ($needle in $needles) { - echo "Trying to remove all packages containing $needle" - - $pkgs = (ls "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" | - where Name -Like "*$needle*") - - foreach ($pkg in $pkgs) { - $pkgname = $pkg.Name.split('\')[-1] - - Takeown-Registry($pkg.Name) - Takeown-Registry($pkg.Name + "\Owners") - - Set-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name Visibility -Value 1 - New-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name DefVis -PropertyType DWord -Value 2 - Remove-Item -Path ("HKLM:" + $pkg.Name.Substring(18) + "\Owners") - - dism.exe /Online /Remove-Package /PackageName:$pkgname /NoRestart - } -} +# Description: +# This script remove strang looking stuff which will probably result in a break +# of your system. It should not be used unless you want to test out a few +# things. It is named `experimental_unfuckery.ps1` for a reason. + +Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1 + +echo "Elevating priviledges for this process" +do {} until (Elevate-Privileges SeTakeOwnershipPrivilege) + +echo "Force removing system apps" +$needles = @( + #"Anytime" + "BioEnrollment" + #"Browser" + "ContactSupport" + #"Cortana" # This will disable startmenu search. + #"Defender" + "Feedback" + "Flash" + "Gaming" + #"InternetExplorer" + #"Maps" + "OneDrive" + #"Wallet" + #"Xbox" # This will result in a bootloop since upgrade 1511 +) + +foreach ($needle in $needles) { + echo "Trying to remove all packages containing $needle" + + $pkgs = (ls "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" | + where Name -Like "*$needle*") + + foreach ($pkg in $pkgs) { + $pkgname = $pkg.Name.split('\')[-1] + + Takeown-Registry($pkg.Name) + Takeown-Registry($pkg.Name + "\Owners") + + Set-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name Visibility -Value 1 + New-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name DefVis -PropertyType DWord -Value 2 + Remove-Item -Path ("HKLM:" + $pkg.Name.Substring(18) + "\Owners") + + dism.exe /Online /Remove-Package /PackageName:$pkgname /NoRestart + } +} diff --git a/utils/boot-advanced-startup.bat b/utils/boot-advanced-startup.bat index aa268d0..e35e9f6 100644 --- a/utils/boot-advanced-startup.bat +++ b/utils/boot-advanced-startup.bat @@ -1,3 +1,3 @@ -@echo off - -shutdown /o /r /t 00 +@echo off + +shutdown /o /r /t 00 diff --git a/utils/dark-theme.reg b/utils/dark-theme.reg index 323a4d9..0232c91 100644 --- a/utils/dark-theme.reg +++ b/utils/dark-theme.reg @@ -1,7 +1,7 @@ -Windows Registry Editor Version 5.00 - -[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize] -"AppsUseLightTheme"=dword:00000000 - -[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize] -"AppsUseLightTheme"=dword:00000000 +Windows Registry Editor Version 5.00 + +[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize] +"AppsUseLightTheme"=dword:00000000 + +[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize] +"AppsUseLightTheme"=dword:00000000 diff --git a/utils/disable-scheduled-tasks.ps1 b/utils/disable-scheduled-tasks.ps1 index 29879ea..30d599b 100644 --- a/utils/disable-scheduled-tasks.ps1 +++ b/utils/disable-scheduled-tasks.ps1 @@ -1,207 +1,207 @@ -# Description: -# This script will disable certain scheduled tasks. Work in progress! - -$tasks = @( - # Windows base scheduled tasks - "\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319" - "\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64" - "\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical" - "\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical" - - #"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)" - #"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)" - - #"\Microsoft\Windows\AppID\EDP Policy Manager" - #"\Microsoft\Windows\AppID\PolicyConverter" - "\Microsoft\Windows\AppID\SmartScreenSpecific" - #"\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck" - - "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" - "\Microsoft\Windows\Application Experience\ProgramDataUpdater" - #"\Microsoft\Windows\Application Experience\StartupAppTask" - - #"\Microsoft\Windows\ApplicationData\CleanupTemporaryState" - #"\Microsoft\Windows\ApplicationData\DsSvcCleanup" - - #"\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup" - - "\Microsoft\Windows\Autochk\Proxy" - - #"\Microsoft\Windows\Bluetooth\UninstallDeviceTask" - - #"\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask" - #"\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask" - #"\Microsoft\Windows\CertificateServicesClient\SystemTask" - #"\Microsoft\Windows\CertificateServicesClient\UserTask" - #"\Microsoft\Windows\CertificateServicesClient\UserTask-Roam" - - #"\Microsoft\Windows\Chkdsk\ProactiveScan" - - #"\Microsoft\Windows\Clip\License Validation" - - "\Microsoft\Windows\CloudExperienceHost\CreateObjectTask" - - "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" - "\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" - "\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" - - #"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan" - #"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery" - - #"\Microsoft\Windows\Defrag\ScheduledDefrag" - - #"\Microsoft\Windows\Diagnosis\Scheduled" - - #"\Microsoft\Windows\DiskCleanup\SilentCleanup" - - "\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" - #"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver" - - #"\Microsoft\Windows\DiskFootprint\Diagnostics" - - "\Microsoft\Windows\Feedback\Siuf\DmClient" - - #"\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" - - #"\Microsoft\Windows\FileHistory\File History (maintenance mode)" - - #"\Microsoft\Windows\LanguageComponentsInstaller\Installation" - #"\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation" - - #"\Microsoft\Windows\Location\Notifications" - #"\Microsoft\Windows\Location\WindowsActionDialog" - - #"\Microsoft\Windows\Maintenance\WinSAT" - - #"\Microsoft\Windows\Maps\MapsToastTask" - #"\Microsoft\Windows\Maps\MapsUpdateTask" - - #"\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents" - #"\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic" - - "\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" - - #"\Microsoft\Windows\MUI\LPRemove" - - #"\Microsoft\Windows\Multimedia\SystemSoundsService" - - #"\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler" - - #"\Microsoft\Windows\NetTrace\GatherNetworkInfo" - - #"\Microsoft\Windows\Offline Files\Background Synchronization" - #"\Microsoft\Windows\Offline Files\Logon Synchronization" - - #"\Microsoft\Windows\PI\Secure-Boot-Update" - #"\Microsoft\Windows\PI\Sqm-Tasks" - - #"\Microsoft\Windows\Plug and Play\Device Install Group Policy" - #"\Microsoft\Windows\Plug and Play\Device Install Reboot Required" - #"\Microsoft\Windows\Plug and Play\Plug and Play Cleanup" - #"\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers" - - #"\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" - - #"\Microsoft\Windows\Ras\MobilityManager" - - #"\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE" - - #"\Microsoft\Windows\Registry\RegIdleBackup" - - #"\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" - - #"\Microsoft\Windows\RemovalTools\MRT_HB" - - #"\Microsoft\Windows\Servicing\StartComponentCleanup" - - #"\Microsoft\Windows\SettingSync\NetworkStateChangeTask" - - #"\Microsoft\Windows\Shell\CreateObjectTask" - #"\Microsoft\Windows\Shell\FamilySafetyMonitor" - #"\Microsoft\Windows\Shell\FamilySafetyRefresh" - #"\Microsoft\Windows\Shell\IndexerAutomaticMaintenance" - - #"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask" - #"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon" - #"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork" - - #"\Microsoft\Windows\SpacePort\SpaceAgentTask" - - #"\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate" - #"\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance" - #"\Microsoft\Windows\Sysmain\ResPriStaticDbSync" - #"\Microsoft\Windows\Sysmain\WsSwapAssessmentTask" - - #"\Microsoft\Windows\SystemRestore\SR" - - #"\Microsoft\Windows\Task Manager\Interactive" - - #"\Microsoft\Windows\TextServicesFramework\MsCtfMonitor" - - #"\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime" - #"\Microsoft\Windows\Time Synchronization\SynchronizeTime" - - #"\Microsoft\Windows\Time Zone\SynchronizeTimeZone" - - #"\Microsoft\Windows\TPM\Tpm-HASCertRetr" - #"\Microsoft\Windows\TPM\Tpm-Maintenance" - - #"\Microsoft\Windows\UpdateOrchestrator\Maintenance Install" - #"\Microsoft\Windows\UpdateOrchestrator\Policy Install" - #"\Microsoft\Windows\UpdateOrchestrator\Reboot" - #"\Microsoft\Windows\UpdateOrchestrator\Resume On Boot" - #"\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" - #"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display" - #"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot" - - #"\Microsoft\Windows\UPnP\UPnPHostConfig" - - #"\Microsoft\Windows\User Profile Service\HiveUploadTask" - - #"\Microsoft\Windows\WCM\WiFiTask" - - #"\Microsoft\Windows\WDI\ResolutionHost" - - "\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" - "\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" - "\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" - "\Microsoft\Windows\Windows Defender\Windows Defender Verification" - - "\Microsoft\Windows\Windows Error Reporting\QueueReporting" - - #"\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" - - #"\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" - - #"\Microsoft\Windows\WindowsColorSystem\Calibration Loader" - - #"\Microsoft\Windows\WindowsUpdate\Automatic App Update" - #"\Microsoft\Windows\WindowsUpdate\Scheduled Start" - #"\Microsoft\Windows\WindowsUpdate\sih" - #"\Microsoft\Windows\WindowsUpdate\sihboot" - - #"\Microsoft\Windows\Wininet\CacheTask" - - #"\Microsoft\Windows\WOF\WIM-Hash-Management" - #"\Microsoft\Windows\WOF\WIM-Hash-Validation" - - #"\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization" - #"\Microsoft\Windows\Work Folders\Work Folders Maintenance Work" - - #"\Microsoft\Windows\Workplace Join\Automatic-Device-Join" - - #"\Microsoft\Windows\WS\License Validation" - #"\Microsoft\Windows\WS\WSTask" - - # Scheduled tasks which cannot be disabled - #"\Microsoft\Windows\Device Setup\Metadata Refresh" - #"\Microsoft\Windows\SettingSync\BackgroundUploadTask" -) - -foreach ($task in $tasks) { - $parts = $task.split('\') - $name = $parts[-1] - $path = $parts[0..($parts.length-2)] -join '\' - - Disable-ScheduledTask -TaskName "$name" -TaskPath "$path" -} +# Description: +# This script will disable certain scheduled tasks. Work in progress! + +$tasks = @( + # Windows base scheduled tasks + "\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319" + "\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64" + "\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical" + "\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical" + + #"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)" + #"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)" + + #"\Microsoft\Windows\AppID\EDP Policy Manager" + #"\Microsoft\Windows\AppID\PolicyConverter" + "\Microsoft\Windows\AppID\SmartScreenSpecific" + #"\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck" + + "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" + "\Microsoft\Windows\Application Experience\ProgramDataUpdater" + #"\Microsoft\Windows\Application Experience\StartupAppTask" + + #"\Microsoft\Windows\ApplicationData\CleanupTemporaryState" + #"\Microsoft\Windows\ApplicationData\DsSvcCleanup" + + #"\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup" + + "\Microsoft\Windows\Autochk\Proxy" + + #"\Microsoft\Windows\Bluetooth\UninstallDeviceTask" + + #"\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask" + #"\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask" + #"\Microsoft\Windows\CertificateServicesClient\SystemTask" + #"\Microsoft\Windows\CertificateServicesClient\UserTask" + #"\Microsoft\Windows\CertificateServicesClient\UserTask-Roam" + + #"\Microsoft\Windows\Chkdsk\ProactiveScan" + + #"\Microsoft\Windows\Clip\License Validation" + + "\Microsoft\Windows\CloudExperienceHost\CreateObjectTask" + + "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator" + "\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" + "\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" + + #"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan" + #"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery" + + #"\Microsoft\Windows\Defrag\ScheduledDefrag" + + #"\Microsoft\Windows\Diagnosis\Scheduled" + + #"\Microsoft\Windows\DiskCleanup\SilentCleanup" + + "\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" + #"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver" + + #"\Microsoft\Windows\DiskFootprint\Diagnostics" + + "\Microsoft\Windows\Feedback\Siuf\DmClient" + + #"\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" + + #"\Microsoft\Windows\FileHistory\File History (maintenance mode)" + + #"\Microsoft\Windows\LanguageComponentsInstaller\Installation" + #"\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation" + + #"\Microsoft\Windows\Location\Notifications" + #"\Microsoft\Windows\Location\WindowsActionDialog" + + #"\Microsoft\Windows\Maintenance\WinSAT" + + #"\Microsoft\Windows\Maps\MapsToastTask" + #"\Microsoft\Windows\Maps\MapsUpdateTask" + + #"\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents" + #"\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic" + + "\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" + + #"\Microsoft\Windows\MUI\LPRemove" + + #"\Microsoft\Windows\Multimedia\SystemSoundsService" + + #"\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler" + + #"\Microsoft\Windows\NetTrace\GatherNetworkInfo" + + #"\Microsoft\Windows\Offline Files\Background Synchronization" + #"\Microsoft\Windows\Offline Files\Logon Synchronization" + + #"\Microsoft\Windows\PI\Secure-Boot-Update" + #"\Microsoft\Windows\PI\Sqm-Tasks" + + #"\Microsoft\Windows\Plug and Play\Device Install Group Policy" + #"\Microsoft\Windows\Plug and Play\Device Install Reboot Required" + #"\Microsoft\Windows\Plug and Play\Plug and Play Cleanup" + #"\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers" + + #"\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" + + #"\Microsoft\Windows\Ras\MobilityManager" + + #"\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE" + + #"\Microsoft\Windows\Registry\RegIdleBackup" + + #"\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" + + #"\Microsoft\Windows\RemovalTools\MRT_HB" + + #"\Microsoft\Windows\Servicing\StartComponentCleanup" + + #"\Microsoft\Windows\SettingSync\NetworkStateChangeTask" + + #"\Microsoft\Windows\Shell\CreateObjectTask" + #"\Microsoft\Windows\Shell\FamilySafetyMonitor" + #"\Microsoft\Windows\Shell\FamilySafetyRefresh" + #"\Microsoft\Windows\Shell\IndexerAutomaticMaintenance" + + #"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask" + #"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon" + #"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork" + + #"\Microsoft\Windows\SpacePort\SpaceAgentTask" + + #"\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate" + #"\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance" + #"\Microsoft\Windows\Sysmain\ResPriStaticDbSync" + #"\Microsoft\Windows\Sysmain\WsSwapAssessmentTask" + + #"\Microsoft\Windows\SystemRestore\SR" + + #"\Microsoft\Windows\Task Manager\Interactive" + + #"\Microsoft\Windows\TextServicesFramework\MsCtfMonitor" + + #"\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime" + #"\Microsoft\Windows\Time Synchronization\SynchronizeTime" + + #"\Microsoft\Windows\Time Zone\SynchronizeTimeZone" + + #"\Microsoft\Windows\TPM\Tpm-HASCertRetr" + #"\Microsoft\Windows\TPM\Tpm-Maintenance" + + #"\Microsoft\Windows\UpdateOrchestrator\Maintenance Install" + #"\Microsoft\Windows\UpdateOrchestrator\Policy Install" + #"\Microsoft\Windows\UpdateOrchestrator\Reboot" + #"\Microsoft\Windows\UpdateOrchestrator\Resume On Boot" + #"\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" + #"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display" + #"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot" + + #"\Microsoft\Windows\UPnP\UPnPHostConfig" + + #"\Microsoft\Windows\User Profile Service\HiveUploadTask" + + #"\Microsoft\Windows\WCM\WiFiTask" + + #"\Microsoft\Windows\WDI\ResolutionHost" + + "\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" + "\Microsoft\Windows\Windows Defender\Windows Defender Cleanup" + "\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" + "\Microsoft\Windows\Windows Defender\Windows Defender Verification" + + "\Microsoft\Windows\Windows Error Reporting\QueueReporting" + + #"\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" + + #"\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" + + #"\Microsoft\Windows\WindowsColorSystem\Calibration Loader" + + #"\Microsoft\Windows\WindowsUpdate\Automatic App Update" + #"\Microsoft\Windows\WindowsUpdate\Scheduled Start" + #"\Microsoft\Windows\WindowsUpdate\sih" + #"\Microsoft\Windows\WindowsUpdate\sihboot" + + #"\Microsoft\Windows\Wininet\CacheTask" + + #"\Microsoft\Windows\WOF\WIM-Hash-Management" + #"\Microsoft\Windows\WOF\WIM-Hash-Validation" + + #"\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization" + #"\Microsoft\Windows\Work Folders\Work Folders Maintenance Work" + + #"\Microsoft\Windows\Workplace Join\Automatic-Device-Join" + + #"\Microsoft\Windows\WS\License Validation" + #"\Microsoft\Windows\WS\WSTask" + + # Scheduled tasks which cannot be disabled + #"\Microsoft\Windows\Device Setup\Metadata Refresh" + #"\Microsoft\Windows\SettingSync\BackgroundUploadTask" +) + +foreach ($task in $tasks) { + $parts = $task.split('\') + $name = $parts[-1] + $path = $parts[0..($parts.length-2)] -join '\' + + Disable-ScheduledTask -TaskName "$name" -TaskPath "$path" +} diff --git a/utils/enable-god-mode.ps1 b/utils/enable-god-mode.ps1 index 8a1d1d8..4e5a2ac 100644 --- a/utils/enable-god-mode.ps1 +++ b/utils/enable-god-mode.ps1 @@ -1,19 +1,19 @@ -# Description: -# This scripts places the "God Mode" folder on the current user's desktop. - -echo @" -############################################################################### -# _______ _______ ______ __ __ _______ ______ _______ # -# | || || | | |_| || || | | | # -# | ___|| _ || _ | | || _ || _ || ___| # -# | | __ | | | || | | | | || | | || | | || |___ # -# | || || |_| || |_| | | || |_| || |_| || ___| # -# | |_| || || | | ||_|| || || || |___ # -# |_______||_______||______| |_| |_||_______||______| |_______| # -# # -# God Mode has been enabled, check out the new link on your Desktop # -# # -############################################################################### -"@ -$DesktopPath = [Environment]::GetFolderPath("Desktop"); -mkdir "$DesktopPath\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}" +# Description: +# This scripts places the "God Mode" folder on the current user's desktop. + +echo @" +############################################################################### +# _______ _______ ______ __ __ _______ ______ _______ # +# | || || | | |_| || || | | | # +# | ___|| _ || _ | | || _ || _ || ___| # +# | | __ | | | || | | | | || | | || | | || |___ # +# | || || |_| || |_| | | || |_| || |_| || ___| # +# | |_| || || | | ||_|| || || || |___ # +# |_______||_______||______| |_| |_||_______||______| |_______| # +# # +# God Mode has been enabled, check out the new link on your Desktop # +# # +############################################################################### +"@ +$DesktopPath = [Environment]::GetFolderPath("Desktop"); +mkdir "$DesktopPath\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}"