diff --git a/src/Sophia_Script_for_Windows_10/Localizations/de-DE/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/de-DE/Sophia.psd1 index 09f5e591..4a601634 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/de-DE/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/de-DE/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nIm Ordner "bin" befinden sich kein RebootPending = \nDer PC wartet darauf, neu gestartet zu werden UnsupportedRelease = \nNeue Version gefunden CustomizationWarning = \nHaben Sie alle Funktionen in der voreingestellten Datei {0} angepasst, bevor Sie Sophia Script ausführen? -DefenderBroken = \nMicrosoft Defender defekt oder aus dem Betriebssystem entfernt +WindowsComponentBroken = \n{0} defekt oder aus dem Betriebssystem entfernt UpdateDefender = \nDie Microsoft Defender-Definitionen sind veraltet. Führen Sie Windows Update aus und versuchen Sie es erneut. ControlledFolderAccessDisabled = Kontrollierter Ordnerzugriff deaktiviert ScheduledTasks = Geplante Aufgaben diff --git a/src/Sophia_Script_for_Windows_10/Localizations/en-US/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/en-US/Sophia.psd1 index 2d4c748f..e0bca316 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/en-US/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/en-US/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nThere are no files in the bin fold RebootPending = \nThe PC is waiting to be restarted UnsupportedRelease = \nA new version found CustomizationWarning = \nHave you customized every function in the {0} preset file before running Sophia Script? -DefenderBroken = \nMicrosoft Defender broken or removed from the OS +WindowsComponentBroken = \n{0} broken or removed from the OS UpdateDefender = \nMicrosoft Defender definitions are out-of-date. Run Windows Update and try again ControlledFolderAccessDisabled = Controlled folder access disabled ScheduledTasks = Scheduled tasks diff --git a/src/Sophia_Script_for_Windows_10/Localizations/es-ES/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/es-ES/Sophia.psd1 index 5e139c49..861de4e8 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/es-ES/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/es-ES/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nNo hay archivos en la carpeta bin. RebootPending = \nEl PC está esperando a ser reiniciado UnsupportedRelease = \nUna nueva versión encontrada CustomizationWarning = \n¿Ha personalizado todas las funciones del archivo predeterminado {0} antes de ejecutar Sophia Script? -DefenderBroken = \nMicrosoft Defender dañado o eliminado del sistema operativo +WindowsComponentBroken = \n{0} dañado o eliminado del sistema operativo UpdateDefender = \nLas definiciones de Microsoft Defender no están actualizadas. Ejecute Windows Update y vuelva a intentarlo ControlledFolderAccessDisabled = Acceso a la carpeta controlada deshabilitado ScheduledTasks = Tareas programadas diff --git a/src/Sophia_Script_for_Windows_10/Localizations/fr-FR/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/fr-FR/Sophia.psd1 index 1de65e82..be9c1c0b 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/fr-FR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/fr-FR/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nIl n'y a pas de fichiers dans le d RebootPending = \nLe PC attend d'être redémarré UnsupportedRelease = \nNouvelle version trouvée CustomizationWarning = \nAvez-vous personnalisé chaque fonction du fichier de préréglage {0} avant d'exécuter Sophia Script? -DefenderBroken = \nMicrosoft Defender cassé ou supprimé du système d'exploitation +WindowsComponentBroken = \n{0} cassé ou supprimé du système d'exploitation UpdateDefender = \nLes définitions de Microsoft Defender ne sont pas à jour. Exécutez Windows Update et réessayez ControlledFolderAccessDisabled = Contrôle d'accès aux dossiers désactivé ScheduledTasks = Tâches planifiées diff --git a/src/Sophia_Script_for_Windows_10/Localizations/hu-HU/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/hu-HU/Sophia.psd1 index 9ee941bb..31aeea85 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/hu-HU/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/hu-HU/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nA bin mappában nincsenek fájlok. RebootPending = \nA számítógép újraindításra vár UnsupportedRelease = \nÚj verzió érhető el CustomizationWarning = \nSzemélyre szabott minden opciót a {0} preset fájlban, mielőtt futtatni kívánja a Sophia szkriptet? -DefenderBroken = \nA Microsoft Defender elromlott vagy eltávolították az operációs rendszerből +WindowsComponentBroken = \nA {0} elromlott vagy eltávolították az operációs rendszerből UpdateDefender = \nA Microsoft Defender definíciói elavultak. Futtassa a Windows Update programot, és próbálja meg újra ControlledFolderAccessDisabled = Vezérelt mappához való hozzáférés kikapcsolva ScheduledTasks = Ütemezett feladatok diff --git a/src/Sophia_Script_for_Windows_10/Localizations/it-IT/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/it-IT/Sophia.psd1 index 0f36f31b..18cf26f2 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/it-IT/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/it-IT/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nNon ci sono file nella cartella bi RebootPending = \nIl PC è in attesa di essere riavviato UnsupportedRelease = \nNuova versione trovata CustomizationWarning = \nSono state personalizzate tutte le funzioni nel file di configurazione {0} prima di eseguire Sophia Script? -DefenderBroken = \nMicrosoft Defender rimosso dal sistema +WindowsComponentBroken = \n{0} rimosso dal sistema UpdateDefender = \nLe definizioni di Microsoft Defender non sono aggiornate. Eseguire Windows Update e riprovare ControlledFolderAccessDisabled = l'accesso alle cartelle controllata disattivata ScheduledTasks = Attività pianificate diff --git a/src/Sophia_Script_for_Windows_10/Localizations/pl-PL/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/pl-PL/Sophia.psd1 index dd98beec..daaaf171 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/pl-PL/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/pl-PL/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nW folderze bin nie ma żadnych pli RebootPending = \nKomputer oczekuje na ponowne uruchomienie UnsupportedRelease = \nZnaleziono nową wersję CustomizationWarning = \nCzy dostosowałeś funkcje w predefiniowanym pliku {0} przed uruchomieniem Sophia Script? -DefenderBroken = \nMicrosoft Defender jest uszkodzony lub usunięty z systemu operacyjnego +WindowsComponentBroken = \n{0} jest uszkodzony lub usunięty z systemu operacyjnego UpdateDefender = \nDefinicje programu Microsoft Defender są nieaktualne. Uruchom aktualizację systemu Windows i spróbuj ponownie. ControlledFolderAccessDisabled = Kontrolowany dostęp do folderów został wyłączony ScheduledTasks = Zaplanowane zadania diff --git a/src/Sophia_Script_for_Windows_10/Localizations/pt-BR/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/pt-BR/Sophia.psd1 index a86fd07f..146e59ca 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/pt-BR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/pt-BR/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nNão existem ficheiros na pasta bi RebootPending = \nO PC está esperando para ser reiniciado UnsupportedRelease = \nNova versão encontrada CustomizationWarning = \nVocê personalizou todas as funções no arquivo de predefinição {0} antes de executar o Sophia Script? -DefenderBroken = \nMicrosoft Defender quebrado ou removido do sistema operativo +WindowsComponentBroken = \n{0} quebrado ou removido do sistema operativo UpdateDefender = \nAs definições do Microsoft Defender estão desatualizadas. Execute o Windows Update e tente novamente ControlledFolderAccessDisabled = Acesso controlado a pasta desativada ScheduledTasks = Tarefas agendadas diff --git a/src/Sophia_Script_for_Windows_10/Localizations/ru-RU/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/ru-RU/Sophia.psd1 index 9ed5bd8b..88538ce4 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/ru-RU/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/ru-RU/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nВ папке bin отсутств RebootPending = \nКомпьютер ожидает перезагрузки UnsupportedRelease = \nОбнаружена новая версия CustomizationWarning = \nВы настроили все функции в пресет-файле {0} перед запуском Sophia Script? -DefenderBroken = \nMicrosoft Defender сломан или удален из ОС +WindowsComponentBroken = \n{0} сломан или удален из ОС UpdateDefender = \nОпределения Microsoft Defender устарели. Запустите обновление Windows ControlledFolderAccessDisabled = Контролируемый доступ к папкам выключен ScheduledTasks = Запланированные задания diff --git a/src/Sophia_Script_for_Windows_10/Localizations/tr-TR/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/tr-TR/Sophia.psd1 index 223e2ab5..93b544b1 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/tr-TR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/tr-TR/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nbin klasöründe dosya yok. Lütfe RebootPending = \nPC yeniden başlatılmayı bekliyor UnsupportedRelease = \nYeni sürüm bulundu CustomizationWarning = \nSophia Script'i çalıştırmadan önce {0} ön ayar dosyasındaki her işlevi özelleştirdiniz mi? -DefenderBroken = \nMicrosoft Defender bozuk veya işletim sisteminden kaldırıldı +WindowsComponentBroken = \n{0} bozuk veya işletim sisteminden kaldırıldı UpdateDefender = \nMicrosoft Defender tanımları güncel değil. Windows Update'i çalıştırın ve tekrar deneyin ControlledFolderAccessDisabled = Kontrollü klasör erişimi devre dışı bırakıldı ScheduledTasks = Zamanlanan görevler diff --git a/src/Sophia_Script_for_Windows_10/Localizations/uk-UA/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/uk-UA/Sophia.psd1 index 14126821..880342ba 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/uk-UA/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/uk-UA/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nУ папці bin відсутні RebootPending = \nКомп'ютер очікує на перезавантаження UnsupportedRelease = \nВиявлено нову версію CustomizationWarning = \nВи налаштували всі функції в пресет-файлі {0} перед запуском Sophia Script? -DefenderBroken = \nMicrosoft Defender пошкоджено або видалено з ОС +WindowsComponentBroken = \n{0} пошкоджено або видалено з ОС UpdateDefender = \nВизначення Microsoft Defender застаріли. Запустіть Windows Update і повторіть спробу ControlledFolderAccessDisabled = Контрольований доступ до папок вимкнений ScheduledTasks = Заплановані задачі diff --git a/src/Sophia_Script_for_Windows_10/Localizations/zh-CN/Sophia.psd1 b/src/Sophia_Script_for_Windows_10/Localizations/zh-CN/Sophia.psd1 index 890c2eae..ce44299d 100644 --- a/src/Sophia_Script_for_Windows_10/Localizations/zh-CN/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10/Localizations/zh-CN/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nbin文件夹中没有文件。请 RebootPending = \n计算机正在等待重新启动 UnsupportedRelease = \n找到新版本 CustomizationWarning = \n在运行Sophia Script之前,您是否已自定义{0}预设文件中的每个函数? -DefenderBroken = \nMicrosoft Defender 损坏或从操作系统中删除 +WindowsComponentBroken = \n{0} 损坏或从操作系统中删除 UpdateDefender = \nMicrosoft Defender的定义已经过期。运行Windows Update并再次尝试 ControlledFolderAccessDisabled = "受控文件夹访问"已禁用 ScheduledTasks = 计划任务 diff --git a/src/Sophia_Script_for_Windows_10/Module/Sophia.psm1 b/src/Sophia_Script_for_Windows_10/Module/Sophia.psm1 index 5eeeb9b5..ad25e213 100644 --- a/src/Sophia_Script_for_Windows_10/Module/Sophia.psm1 +++ b/src/Sophia_Script_for_Windows_10/Module/Sophia.psm1 @@ -56,6 +56,114 @@ function Checks # Unblock all files in the script folder by removing the Zone.Identifier alternate data stream with a value of "3" Get-ChildItem -Path $PSScriptRoot\..\ -File -Recurse -Force | Unblock-File + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + + # Extract strings from %SystemRoot%\System32\shell32.dll using its' number + $Signature = @{ + Namespace = "WinAPI" + Name = "GetStr" + Language = "CSharp" + UsingNamespace = "System.Text" + MemberDefinition = @" +[DllImport("kernel32.dll", CharSet = CharSet.Auto)] +public static extern IntPtr GetModuleHandle(string lpModuleName); + +[DllImport("user32.dll", CharSet = CharSet.Auto)] +internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); + +public static string GetString(uint strId) +{ + IntPtr intPtr = GetModuleHandle("shell32.dll"); + StringBuilder sb = new StringBuilder(255); + LoadString(intPtr, strId, sb, sb.Capacity); + return sb.ToString(); +} +"@ + } + if (-not ("WinAPI.GetStr" -as [type])) + { + Add-Type @Signature + } + + # Check if Microsoft Edge as being a system component was removed by harmful tweakers + if (-not (Test-Path -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe")) + { + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + try + { + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } + + try + { + # Download Microsoft Edge Stable x64 + $DownloadsFolder = Get-ItemPropertyValue -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" -Name "{374DE290-123F-4565-9164-39C4925E467B}" + $Parameters = @{ + Uri = "https://c2rsetup.officeapps.live.com/c2r/downloadEdge.aspx?platform=Default&source=EdgeStablePage&Channel=Stable&language=$((Get-WinSystemLocale).TwoLetterISOLanguageName)" + OutFile = "$DownloadsFolder\MicrosoftEdgeSetup.exe" + UseBasicParsing = $true + Verbose = $true + } + Invoke-Webrequest @Parameters + + # Install Microsoft Edge Stable x64 + Start-Process -FilePath "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Wait + + Get-Process -Name msedge | Stop-Process -Force -ErrorAction Ignore + Start-Sleep -Seconds 5 + + try + { + & "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe" --no-first-run --noerrdialogs --no-default-browser-check --start-maximized + } + catch [System.InvalidOperationException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Edge" + + "https://t.me/sophia_chat" + "https://discord.gg/sSryhaEv79" + + exit + } + catch [System.Management.Automation.ApplicationFailedException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Edge" + + "https://t.me/sophia_chat" + "https://discord.gg/sSryhaEv79" + + exit + } + + Stop-Process -Name msedge -Force -ErrorAction Ignore + + Remove-Item -Path "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Force + } + catch [System.Net.WebException] + { + Write-Warning -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") + Write-Error -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") -ErrorAction SilentlyContinue + } + } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + } + } + # Detect the OS bitness if (-not [System.Environment]::Is64BitOperatingSystem) { @@ -106,9 +214,11 @@ function Checks {($_ -lt 19045) -or ($_ -gt 19048)} { Write-Warning -Message $Localization.UnsupportedOSBuild + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows#system-requirements" + exit } } @@ -117,9 +227,11 @@ function Checks if ($ExecutionContext.SessionState.LanguageMode -ne "FullLanguage") { Write-Warning -Message $Localization.UnsupportedLanguageMode + Start-Process -FilePath "https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_language_modes" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -131,8 +243,10 @@ function Checks if ($CurrentUserName -ne $LoginUserName) { Write-Warning -Message $Localization.LoggedInUserNotAdmin + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -140,8 +254,10 @@ function Checks if ($PSVersionTable.PSVersion.Major -ne 5) { Write-Warning -Message ($Localization.UnsupportedPowerShell -f $PSVersionTable.PSVersion.Major, $PSVersionTable.PSVersion.Minor) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -149,12 +265,14 @@ function Checks if (($Host.Name -match "ISE") -or ($env:TERM_PROGRAM -eq "vscode")) { Write-Warning -Message ($Localization.UnsupportedHost -f $Host.Name.replace("Host", "")) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } - # Check whether Windows was broken by 3rd party tweakers and trojans + # Check whether Windows was broken by 3rd party harmful tweakers and trojans $Tweakers = @{ # https://github.com/Sycnex/Windows10Debloater Windows10Debloater = "$env:SystemDrive\Temp\Windows10Debloater" @@ -169,7 +287,7 @@ function Checks # https://win10tweaker.ru "Win 10 Tweaker" = "HKCU:\Software\Win 10 Tweaker" # https://forum.ru-board.com/topic.cgi?forum=5&topic=50519 - "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\.exts\shell\open\command" + "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\Modern Cleaner" # https://boosterx.ru BoosterX = "$env:ProgramFiles\GameModeX\GameModeX.exe" # https://forum.ru-board.com/topic.cgi?forum=5&topic=14285&start=400#11 @@ -178,6 +296,10 @@ function Checks "Defender Switch" = "$env:ProgramData\DSW" # https://revi.cc/revios/download "Revision Tool" = "${env:ProgramFiles(x86)}\Revision Tool" + # https://www.youtube.com/watch?v=L0cj_I6OF2o + "WinterOS Tweaker" = "$env:SystemRoot\WinterOS*" + # https://github.com/ThePCDuke/WinCry + WinCry = "$env:SystemRoot\TempCleaner.exe" } foreach ($Tweaker in $Tweakers.Keys) { @@ -186,16 +308,20 @@ function Checks if ($Tweakers[$Tweaker] -eq "HKCU:\Software\Win 10 Tweaker") { Write-Warning -Message $Localization.Win10TweakerWarning + Start-Process -FilePath "https://youtu.be/na93MS-1EkM" Start-Process -FilePath "https://pikabu.ru/story/byekdor_v_win_10_tweaker_ili_sovremennyie_metodyi_borbyi_s_piratstvom_8227558" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } Write-Warning -Message ($Localization.TweakerWarning -f $Tweaker) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -204,8 +330,10 @@ function Checks if (Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\.NETFramework\Performance -Name *flibustier) { Write-Warning -Message ($Localization.TweakerWarning -f "flblauncher") + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -213,10 +341,11 @@ function Checks if (-not (Test-Path -Path "$PSScriptRoot\..\bin\LGPO.exe")) { Write-Warning -Message $Localization.Bin - Start-Sleep -Seconds 5 + Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -233,16 +362,16 @@ function Checks if (($PendingActions | Test-Path) -contains $true) { Write-Warning -Message $Localization.RebootPending + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } # Check if the current module version is the latest one try { - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - # Check the internet connection $Parameters = @{ Uri = "https://www.google.com" @@ -269,11 +398,10 @@ function Checks { Write-Warning -Message $Localization.UnsupportedRelease - Start-Sleep -Seconds 5 - Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -302,7 +430,7 @@ function Checks { # Provider Load Failure exception Write-Warning -Message $Global:Error.Exception.Message | Select-Object -First 1 - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" @@ -311,20 +439,6 @@ function Checks } } - # Checking services - try - { - $Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop - } - catch [Microsoft.PowerShell.Commands.ServiceCommandException] - { - Write-Warning -Message $Localization.DefenderBroken - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" - exit - } - $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count - # Check Microsoft Defender state # The Enterprise G edition doesn't has a built-in Defender if ((Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Microsoft\Windows nt\CurrentVersion" -Name EditionID) -ne "EnterpriseG") @@ -332,9 +446,11 @@ function Checks # Check Microsoft Defender state if ($null -eq (Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntiVirusProduct -ErrorAction Ignore)) { - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" ### + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -355,6 +471,22 @@ function Checks $Script:DefenderproductState = $false } + # Checking services + try + { + $Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop + } + catch [Microsoft.PowerShell.Commands.ServiceCommandException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } + $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count + # Specify whether Antispyware protection is enabled if ((Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Microsoft\Windows nt\CurrentVersion" -Name EditionID) -ne "EnterpriseG") { @@ -513,33 +645,6 @@ function Checks } #endregion Defender checks - # Extract strings from %SystemRoot%\System32\shell32.dll using its' number - $Signature = @{ - Namespace = "WinAPI" - Name = "GetStr" - Language = "CSharp" - UsingNamespace = "System.Text" - MemberDefinition = @" -[DllImport("kernel32.dll", CharSet = CharSet.Auto)] -public static extern IntPtr GetModuleHandle(string lpModuleName); - -[DllImport("user32.dll", CharSet = CharSet.Auto)] -internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); - -public static string GetString(uint strId) -{ - IntPtr intPtr = GetModuleHandle("shell32.dll"); - StringBuilder sb = new StringBuilder(255); - LoadString(intPtr, strId, sb, sb.Capacity); - return sb.ToString(); -} -"@ - } - if (-not ("WinAPI.GetStr" -as [type])) - { - Add-Type @Signature - } - # Enable back the SysMain service if it was disabled by harmful tweakers if ((Get-Service -Name SysMain).Status -eq "Stopped") { @@ -555,18 +660,35 @@ public static string GetString(uint strId) Get-CimInstance -ClassName CIM_ComputerSystem | Set-CimInstance -Property @{AutomaticManagedPageFile = $true} } - # Check if Microsoft Edge as being a system component was removed by harmful tweakers - if (-not (Test-Path -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe")) + # Remove firewalled IP addresses that block Microsoft recourses added by harmful tweakers + # https://wpd.app + Get-NetFirewallRule | Where-Object -FilterScript {($_.DisplayName -match "Blocker MicrosoftTelemetry") -or ($_.DisplayName -match "Blocker MicrosoftExtra") -or ($_.DisplayName -match "windowsSpyBlocker")} | Remove-NetFirewallRule + + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + # Remove IP addresses from hosts file that block Microsoft recourses added by WindowsSpyBlocker + # https://github.com/crazy-max/WindowsSpyBlocker + try { - Write-Information -MessageData "" -InformationAction Continue - # Extract the localized "Please wait..." string from shell32.dll - Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } try { - # Check the internet connection + # Check whether https://github.com is alive $Parameters = @{ - Uri = "https://www.google.com" + Uri = "https://github.com" Method = "Head" DisableKeepAlive = $true UseBasicParsing = $true @@ -576,43 +698,92 @@ public static string GetString(uint strId) return } - try - { - # Download Microsoft Edge Stable x64 - $DownloadsFolder = Get-ItemPropertyValue -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" -Name "{374DE290-123F-4565-9164-39C4925E467B}" - $Parameters = @{ - Uri = "https://c2rsetup.officeapps.live.com/c2r/downloadEdge.aspx?platform=Default&source=EdgeStablePage&Channel=Stable&language=$((Get-WinSystemLocale).TwoLetterISOLanguageName)" - OutFile = "$DownloadsFolder\MicrosoftEdgeSetup.exe" - UseBasicParsing = $true - Verbose = $true - } - Invoke-Webrequest @Parameters + Clear-Variable -Name Array -ErrorAction Ignore - # Install Microsoft Edge Stable x64 - Start-Process -FilePath "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Wait + # https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/hosts + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra = (Invoke-WebRequest @Parameters).Content - Get-Process -Name msedge | Stop-Process -Force -ErrorAction Ignore - Start-Sleep -Seconds 5 + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra_v6 = (Invoke-WebRequest @Parameters).Content - & "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe" --no-first-run --noerrdialogs --no-default-browser-check --start-maximized + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy = (Invoke-WebRequest @Parameters).Content - Remove-Item -Path "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Force + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy_v6 = (Invoke-WebRequest @Parameters).Content - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt" + UseBasicParsing = $true + Verbose = $true } - catch [System.Net.WebException] - { - Write-Warning -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") - Write-Error -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") -ErrorAction SilentlyContinue + $update =(Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update_v6.txt" + UseBasicParsing = $true + Verbose = $true } + $update_v6 = (Invoke-WebRequest @Parameters).Content + + $IPArray += $extra, $extra_v6, $spy, $spy_v6, $update, $update_v6 + # Split the Array variable content + $IPArray = $IPArray -split "`r?`n" | Where-Object -FilterScript {$_ -notmatch "#"} + + # Clear hosts file + $hosts = Get-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force + $hosts | ForEach-Object -Process { + if (($_ -ne "") -and (-not $_.StartsWith("#")) -and ($IPArray -split "`r?`n" | Select-String -Pattern $_)) + { + $UiData = $_ + $hosts = $hosts | Where-Object -FilterScript {$_ -notmatch $UiData} + } + } + $hosts | Set-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force } catch [System.Net.WebException] { - Write-Warning -Message $Localization.NoInternetConnection - Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + Write-Warning -Message ($Localization.NoResponse -f "https://github.com") + Write-Error -Message ($Localization.NoResponse -f "https://github.com") -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue } } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue + } + + # Check if Microsoft Store as being an important system component was removed + if (-not (Get-AppxPackage -Name Microsoft.WindowsStore)) + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Store" + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } # PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word Get-ChildItem -Path "$env:TEMP\Computer.txt", "$env:TEMP\User.txt" -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore @@ -3401,6 +3572,7 @@ function UnpinTaskbarShortcuts { Start-Job -ScriptBlock { $Apps = (New-Object -ComObject Shell.Application).NameSpace("shell:::{4234d49b-0245-4df3-b780-3893943456e1}").Items() + # Extract the localized "Unpin from taskbar" string from shell32.dll ($Apps | Where-Object -FilterScript {$_.Name -eq "Microsoft Store"}).Verbs() | Where-Object -FilterScript {$_.Name -eq $using:LocalizedString} | ForEach-Object -Process {$_.DoIt()} } | Receive-Job -Wait -AutoRemoveJob } @@ -11010,6 +11182,14 @@ function RestoreUWPApps # You cannot retrieve packages using -PackageTypeFilter Bundle, otherwise you won't get the InstallLocation attribute. It can be retrieved only by comparing with $Bundles $Bundles = (Get-AppXPackage -PackageTypeFilter Bundle -AllUsers).Name $AppxPackages = @(Get-AppxPackage -AllUsers | Where-Object -FilterScript {$_.PackageUserInformation -match "Staged"} | Where-Object -FilterScript {$_.Name -in $Bundles}) + + # The Bundle packages contains no Spotify + if (Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers) + { + # Temporarily hack: due to the fact that there are actually two Spotify packages, we need to choose the first one to display + $AppxPackages += Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers | Where-Object -FilterScript {$_.PackageUserInformation -match "Staged"} | Select-Object -Index 0 + } + $PackagesIds = [Windows.Management.Deployment.PackageManager, Windows.Web, ContentType = WindowsRuntime]::new().FindPackages() | Select-Object -Property DisplayName -ExpandProperty Id | Select-Object -Property Name, DisplayName foreach ($AppxPackage in $AppxPackages) @@ -13143,8 +13323,8 @@ function EventViewerCustomView New-Item -Path "$env:ProgramData\Microsoft\Event Viewer\Views" -ItemType Directory -Force } - # Save ProcessCreation.xml in the UTF-8 with BOM encoding - Set-Content -Path "$env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml" -Value $XML -Encoding UTF8 -Force + # Save ProcessCreation.xml in the UTF-8 without BOM encoding + Set-Content -Path "$env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml" -Value $XML -Encoding Default -NoNewline -Force } "Disable" { @@ -14817,6 +14997,7 @@ public static void PostMessage() Start-Process -FilePath taskschd.msc } + # ### if ($Script:MeetNow) { MeetNow -Show diff --git a/src/Sophia_Script_for_Windows_10_LTSC_2019/Module/Sophia.psm1 b/src/Sophia_Script_for_Windows_10_LTSC_2019/Module/Sophia.psm1 index 7d2f5813..966b5e11 100644 --- a/src/Sophia_Script_for_Windows_10_LTSC_2019/Module/Sophia.psm1 +++ b/src/Sophia_Script_for_Windows_10_LTSC_2019/Module/Sophia.psm1 @@ -56,12 +56,43 @@ function Checks # Unblock all files in the script folder by removing the Zone.Identifier alternate data stream with a value of "3" Get-ChildItem -Path $PSScriptRoot\..\ -File -Recurse -Force | Unblock-File + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + + # Extract strings from %SystemRoot%\System32\shell32.dll using its' number + $Signature = @{ + Namespace = "WinAPI" + Name = "GetStr" + Language = "CSharp" + UsingNamespace = "System.Text" + MemberDefinition = @" +[DllImport("kernel32.dll", CharSet = CharSet.Auto)] +public static extern IntPtr GetModuleHandle(string lpModuleName); + +[DllImport("user32.dll", CharSet = CharSet.Auto)] +internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); + +public static string GetString(uint strId) +{ + IntPtr intPtr = GetModuleHandle("shell32.dll"); + StringBuilder sb = new StringBuilder(255); + LoadString(intPtr, strId, sb, sb.Capacity); + return sb.ToString(); +} +"@ + } + if (-not ("WinAPI.GetStr" -as [type])) + { + Add-Type @Signature + } + # Detect the OS bitness if (-not [System.Environment]::Is64BitOperatingSystem) { Write-Warning -Message $Localization.UnsupportedOSBitness + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -100,9 +131,11 @@ function Checks $false { Write-Warning -Message $Localization.UnsupportedOSBuild + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows#system-requirements" + exit } } @@ -111,9 +144,11 @@ function Checks if ($ExecutionContext.SessionState.LanguageMode -ne "FullLanguage") { Write-Warning -Message $Localization.UnsupportedLanguageMode + Start-Process -FilePath "https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_language_modes" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -125,8 +160,10 @@ function Checks if ($CurrentUserName -ne $LoginUserName) { Write-Warning -Message $Localization.LoggedInUserNotAdmin + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -134,8 +171,10 @@ function Checks if ($PSVersionTable.PSVersion.Major -ne 5) { Write-Warning -Message ($Localization.UnsupportedPowerShell -f $PSVersionTable.PSVersion.Major, $PSVersionTable.PSVersion.Minor) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -143,12 +182,14 @@ function Checks if (($Host.Name -match "ISE") -or ($env:TERM_PROGRAM -eq "vscode")) { Write-Warning -Message ($Localization.UnsupportedHost -f $Host.Name.replace("Host", "")) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } - # Check whether Windows was broken by 3rd party tweakers and trojans + # Check whether Windows was broken by 3rd party harmful tweakers and trojans $Tweakers = @{ # https://github.com/Sycnex/Windows10Debloater Windows10Debloater = "$env:SystemDrive\Temp\Windows10Debloater" @@ -163,7 +204,7 @@ function Checks # https://win10tweaker.ru "Win 10 Tweaker" = "HKCU:\Software\Win 10 Tweaker" # https://forum.ru-board.com/topic.cgi?forum=5&topic=50519 - "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\.exts\shell\open\command" + "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\Modern Cleaner" # https://boosterx.ru BoosterX = "$env:ProgramFiles\GameModeX\GameModeX.exe" # https://forum.ru-board.com/topic.cgi?forum=5&topic=14285&start=400#11 @@ -172,6 +213,10 @@ function Checks "Defender Switch" = "$env:ProgramData\DSW" # https://revi.cc/revios/download "Revision Tool" = "${env:ProgramFiles(x86)}\Revision Tool" + # https://www.youtube.com/watch?v=L0cj_I6OF2o + "WinterOS Tweaker" = "$env:SystemRoot\WinterOS*" + # https://github.com/ThePCDuke/WinCry + WinCry = "$env:SystemRoot\TempCleaner.exe" } foreach ($Tweaker in $Tweakers.Keys) { @@ -180,16 +225,20 @@ function Checks if ($Tweakers[$Tweaker] -eq "HKCU:\Software\Win 10 Tweaker") { Write-Warning -Message $Localization.Win10TweakerWarning + Start-Process -FilePath "https://youtu.be/na93MS-1EkM" Start-Process -FilePath "https://pikabu.ru/story/byekdor_v_win_10_tweaker_ili_sovremennyie_metodyi_borbyi_s_piratstvom_8227558" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } Write-Warning -Message ($Localization.TweakerWarning -f $Tweaker) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -198,8 +247,10 @@ function Checks if (Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\.NETFramework\Performance -Name *flibustier) { Write-Warning -Message ($Localization.TweakerWarning -f "flblauncher") + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -207,10 +258,11 @@ function Checks if (-not (Test-Path -Path "$PSScriptRoot\..\bin\LGPO.exe")) { Write-Warning -Message $Localization.Bin - Start-Sleep -Seconds 5 + Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -227,16 +279,16 @@ function Checks if (($PendingActions | Test-Path) -contains $true) { Write-Warning -Message $Localization.RebootPending + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } # Check if the current module version is the latest one try { - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - # Check the internet connection $Parameters = @{ Uri = "https://www.google.com" @@ -263,11 +315,10 @@ function Checks { Write-Warning -Message $Localization.UnsupportedRelease - Start-Sleep -Seconds 5 - Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -293,7 +344,7 @@ function Checks { # Provider Load Failure exception Write-Warning -Message $Global:Error.Exception.Message | Select-Object -First 1 - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.DefenderBroken -f "Microsoft Defender" ### Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" @@ -301,26 +352,14 @@ function Checks exit } - # Checking services - try - { - $Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop - } - catch [Microsoft.PowerShell.Commands.ServiceCommandException] - { - Write-Warning -Message $Localization.DefenderBroken - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" - exit - } - $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count - # Check Microsoft Defender state if ($null -eq (Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntiVirusProduct -ErrorAction Ignore)) { - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.DefenderBroken -f "Microsoft Defender" ### + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -335,6 +374,21 @@ function Checks { $Script:DefenderproductState = $false } + # Checking services + try + { + $Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop + } + catch [Microsoft.PowerShell.Commands.ServiceCommandException] + { + Write-Warning -Message $Localization.DefenderBroken -f "Microsoft Defender" + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } + $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count # Specify whether Antispyware protection is enabled if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/Microsoft/Windows/Defender).AntispywareEnabled) @@ -473,32 +527,141 @@ function Checks } #endregion Defender checks - # Extract strings from %SystemRoot%\System32\shell32.dll using its' number - $Signature = @{ - Namespace = "WinAPI" - Name = "GetStr" - Language = "CSharp" - UsingNamespace = "System.Text" - MemberDefinition = @" -[DllImport("kernel32.dll", CharSet = CharSet.Auto)] -public static extern IntPtr GetModuleHandle(string lpModuleName); + # Enable back the SysMain service if it was disabled by harmful tweakers + if ((Get-Service -Name SysMain).Status -eq "Stopped") + { + Get-Service -Name SysMain | Set-Service -StartupType Automatic + Get-Service -Name SysMain | Start-Service -[DllImport("user32.dll", CharSet = CharSet.Auto)] -internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); + Start-Process -FilePath "https://www.outsidethebox.ms/19318/" + } -public static string GetString(uint strId) -{ - IntPtr intPtr = GetModuleHandle("shell32.dll"); - StringBuilder sb = new StringBuilder(255); - LoadString(intPtr, strId, sb, sb.Capacity); - return sb.ToString(); -} -"@ + # Automatically manage paging file size for all drives + if (-not (Get-CimInstance -ClassName CIM_ComputerSystem).AutomaticManagedPageFile) + { + Get-CimInstance -ClassName CIM_ComputerSystem | Set-CimInstance -Property @{AutomaticManagedPageFile = $true} } - if (-not ("WinAPI.GetStr" -as [type])) + + # Remove firewalled IP addresses that block Microsoft recourses added by harmful tweakers + # https://wpd.app + Get-NetFirewallRule | Where-Object -FilterScript {($_.DisplayName -match "Blocker MicrosoftTelemetry") -or ($_.DisplayName -match "Blocker MicrosoftExtra") -or ($_.DisplayName -match "windowsSpyBlocker")} | Remove-NetFirewallRule + + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + # Remove IP addresses from hosts file that block Microsoft recourses added by WindowsSpyBlocker + # https://github.com/crazy-max/WindowsSpyBlocker + try { - Add-Type @Signature + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } + + try + { + # Check whether https://github.com is alive + $Parameters = @{ + Uri = "https://github.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } + + Clear-Variable -Name Array -ErrorAction Ignore + + # https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/hosts + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra = (Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra_v6 = (Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy = (Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy_v6 = (Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt" + UseBasicParsing = $true + Verbose = $true + } + $update =(Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $update_v6 = (Invoke-WebRequest @Parameters).Content + + $IPArray += $extra, $extra_v6, $spy, $spy_v6, $update, $update_v6 + # Split the Array variable content + $IPArray = $IPArray -split "`r?`n" | Where-Object -FilterScript {$_ -notmatch "#"} + + # Clear hosts file + $hosts = Get-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force + $hosts | ForEach-Object -Process { + if (($_ -ne "") -and (-not $_.StartsWith("#")) -and ($IPArray -split "`r?`n" | Select-String -Pattern $_)) + { + $UiData = $_ + $hosts = $hosts | Where-Object -FilterScript {$_ -notmatch $UiData} + } + } + $hosts | Set-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force + } + catch [System.Net.WebException] + { + Write-Warning -Message ($Localization.NoResponse -f "https://github.com") + Write-Error -Message ($Localization.NoResponse -f "https://github.com") -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue + } } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue + } + + + # PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word + Get-ChildItem -Path "$env:TEMP\Computer.txt", "$env:TEMP\User.txt" -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore + + # Save all opened folders in order to restore them after File Explorer restart + $Script:OpenedFolders = {(New-Object -ComObject Shell.Application).Windows() | ForEach-Object -Process {$_.Document.Folder.Self.Path}}.Invoke() # Display a warning message about whether a user has customized the preset file if ($Warning) @@ -536,27 +699,6 @@ public static string GetString(uint strId) } } } - - # Enable back the SysMain service if it was disabled by harmful tweakers - if ((Get-Service -Name SysMain).Status -eq "Stopped") - { - Get-Service -Name SysMain | Set-Service -StartupType Automatic - Get-Service -Name SysMain | Start-Service - - Start-Process -FilePath "https://www.outsidethebox.ms/19318/" - } - - # Automatically manage paging file size for all drives - if (-not (Get-CimInstance -ClassName CIM_ComputerSystem).AutomaticManagedPageFile) - { - Get-CimInstance -ClassName CIM_ComputerSystem | Set-CimInstance -Property @{AutomaticManagedPageFile = $true} - } - - # PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word - Get-ChildItem -Path "$env:TEMP\Computer.txt", "$env:TEMP\User.txt" -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore - - # Save all opened folders in order to restore them after File Explorer restart - $Script:OpenedFolders = {(New-Object -ComObject Shell.Application).Windows() | ForEach-Object -Process {$_.Document.Folder.Self.Path}}.Invoke() } #endregion Checks diff --git a/src/Sophia_Script_for_Windows_10_LTSC_2021/Module/Sophia.psm1 b/src/Sophia_Script_for_Windows_10_LTSC_2021/Module/Sophia.psm1 index 6a0a048b..71c2d282 100644 --- a/src/Sophia_Script_for_Windows_10_LTSC_2021/Module/Sophia.psm1 +++ b/src/Sophia_Script_for_Windows_10_LTSC_2021/Module/Sophia.psm1 @@ -56,12 +56,43 @@ function Checks # Unblock all files in the script folder by removing the Zone.Identifier alternate data stream with a value of "3" Get-ChildItem -Path $PSScriptRoot\..\ -File -Recurse -Force | Unblock-File + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + + # Extract strings from %SystemRoot%\System32\shell32.dll using its' number + $Signature = @{ + Namespace = "WinAPI" + Name = "GetStr" + Language = "CSharp" + UsingNamespace = "System.Text" + MemberDefinition = @" +[DllImport("kernel32.dll", CharSet = CharSet.Auto)] +public static extern IntPtr GetModuleHandle(string lpModuleName); + +[DllImport("user32.dll", CharSet = CharSet.Auto)] +internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); + +public static string GetString(uint strId) +{ + IntPtr intPtr = GetModuleHandle("shell32.dll"); + StringBuilder sb = new StringBuilder(255); + LoadString(intPtr, strId, sb, sb.Capacity); + return sb.ToString(); +} +"@ + } + if (-not ("WinAPI.GetStr" -as [type])) + { + Add-Type @Signature + } + # Detect the OS bitness if (-not [System.Environment]::Is64BitOperatingSystem) { Write-Warning -Message $Localization.UnsupportedOSBitness + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -100,9 +131,11 @@ function Checks $false { Write-Warning -Message $Localization.UnsupportedOSBuild + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows#system-requirements" + exit } } @@ -111,9 +144,11 @@ function Checks if ($ExecutionContext.SessionState.LanguageMode -ne "FullLanguage") { Write-Warning -Message $Localization.UnsupportedLanguageMode + Start-Process -FilePath "https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_language_modes" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -125,8 +160,10 @@ function Checks if ($CurrentUserName -ne $LoginUserName) { Write-Warning -Message $Localization.LoggedInUserNotAdmin + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -134,8 +171,10 @@ function Checks if ($PSVersionTable.PSVersion.Major -ne 5) { Write-Warning -Message ($Localization.UnsupportedPowerShell -f $PSVersionTable.PSVersion.Major, $PSVersionTable.PSVersion.Minor) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -143,12 +182,14 @@ function Checks if (($Host.Name -match "ISE") -or ($env:TERM_PROGRAM -eq "vscode")) { Write-Warning -Message ($Localization.UnsupportedHost -f $Host.Name.replace("Host", "")) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } - # Check whether Windows was broken by 3rd party tweakers and trojans + # Check whether Windows was broken by 3rd party harmful tweakers and trojans $Tweakers = @{ # https://github.com/Sycnex/Windows10Debloater Windows10Debloater = "$env:SystemDrive\Temp\Windows10Debloater" @@ -163,7 +204,7 @@ function Checks # https://win10tweaker.ru "Win 10 Tweaker" = "HKCU:\Software\Win 10 Tweaker" # https://forum.ru-board.com/topic.cgi?forum=5&topic=50519 - "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\.exts\shell\open\command" + "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\Modern Cleaner" # https://boosterx.ru BoosterX = "$env:ProgramFiles\GameModeX\GameModeX.exe" # https://forum.ru-board.com/topic.cgi?forum=5&topic=14285&start=400#11 @@ -172,6 +213,10 @@ function Checks "Defender Switch" = "$env:ProgramData\DSW" # https://revi.cc/revios/download "Revision Tool" = "${env:ProgramFiles(x86)}\Revision Tool" + # https://www.youtube.com/watch?v=L0cj_I6OF2o + "WinterOS Tweaker" = "$env:SystemRoot\WinterOS*" + # https://github.com/ThePCDuke/WinCry + WinCry = "$env:SystemRoot\TempCleaner.exe" } foreach ($Tweaker in $Tweakers.Keys) { @@ -180,16 +225,20 @@ function Checks if ($Tweakers[$Tweaker] -eq "HKCU:\Software\Win 10 Tweaker") { Write-Warning -Message $Localization.Win10TweakerWarning + Start-Process -FilePath "https://youtu.be/na93MS-1EkM" Start-Process -FilePath "https://pikabu.ru/story/byekdor_v_win_10_tweaker_ili_sovremennyie_metodyi_borbyi_s_piratstvom_8227558" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } Write-Warning -Message ($Localization.TweakerWarning -f $Tweaker) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -198,8 +247,10 @@ function Checks if (Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\.NETFramework\Performance -Name *flibustier) { Write-Warning -Message ($Localization.TweakerWarning -f "flblauncher") + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -207,10 +258,11 @@ function Checks if (-not (Test-Path -Path "$PSScriptRoot\..\bin\LGPO.exe")) { Write-Warning -Message $Localization.Bin - Start-Sleep -Seconds 5 + Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -227,16 +279,16 @@ function Checks if (($PendingActions | Test-Path) -contains $true) { Write-Warning -Message $Localization.RebootPending + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } # Check if the current module version is the latest one try { - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - # Check the internet connection $Parameters = @{ Uri = "https://www.google.com" @@ -263,11 +315,10 @@ function Checks { Write-Warning -Message $Localization.UnsupportedRelease - Start-Sleep -Seconds 5 - Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -293,7 +344,7 @@ function Checks { # Provider Load Failure exception Write-Warning -Message $Global:Error.Exception.Message | Select-Object -First 1 - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.DefenderBroken -f "Microsoft Defender" ### Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" @@ -301,26 +352,14 @@ function Checks exit } - # Checking services - try - { - $Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop - } - catch [Microsoft.PowerShell.Commands.ServiceCommandException] - { - Write-Warning -Message $Localization.DefenderBroken - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" - exit - } - $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count - # Check Microsoft Defender state if ($null -eq (Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntiVirusProduct -ErrorAction Ignore)) { - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.DefenderBroken -f "Microsoft Defender" ### + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -336,6 +375,22 @@ function Checks $Script:DefenderproductState = $false } + # Checking services ### + try + { + $Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop + } + catch [Microsoft.PowerShell.Commands.ServiceCommandException] + { + Write-Warning -Message $Localization.DefenderBroken -f "Microsoft Defender" + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } + $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count + # Specify whether Antispyware protection is enabled if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/Microsoft/Windows/Defender).AntispywareEnabled) { @@ -473,32 +528,141 @@ function Checks } #endregion Defender checks - # Extract strings from %SystemRoot%\System32\shell32.dll using its' number - $Signature = @{ - Namespace = "WinAPI" - Name = "GetStr" - Language = "CSharp" - UsingNamespace = "System.Text" - MemberDefinition = @" -[DllImport("kernel32.dll", CharSet = CharSet.Auto)] -public static extern IntPtr GetModuleHandle(string lpModuleName); + # Enable back the SysMain service if it was disabled by harmful tweakers + if ((Get-Service -Name SysMain).Status -eq "Stopped") + { + Get-Service -Name SysMain | Set-Service -StartupType Automatic + Get-Service -Name SysMain | Start-Service -[DllImport("user32.dll", CharSet = CharSet.Auto)] -internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); + Start-Process -FilePath "https://www.outsidethebox.ms/19318/" + } -public static string GetString(uint strId) -{ - IntPtr intPtr = GetModuleHandle("shell32.dll"); - StringBuilder sb = new StringBuilder(255); - LoadString(intPtr, strId, sb, sb.Capacity); - return sb.ToString(); -} -"@ + # Automatically manage paging file size for all drives + if (-not (Get-CimInstance -ClassName CIM_ComputerSystem).AutomaticManagedPageFile) + { + Get-CimInstance -ClassName CIM_ComputerSystem | Set-CimInstance -Property @{AutomaticManagedPageFile = $true} } - if (-not ("WinAPI.GetStr" -as [type])) + + # Remove firewalled IP addresses that block Microsoft recourses added by harmful tweakers + # https://wpd.app + Get-NetFirewallRule | Where-Object -FilterScript {($_.DisplayName -match "Blocker MicrosoftTelemetry") -or ($_.DisplayName -match "Blocker MicrosoftExtra") -or ($_.DisplayName -match "windowsSpyBlocker")} | Remove-NetFirewallRule + + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + # Remove IP addresses from hosts file that block Microsoft recourses added by WindowsSpyBlocker + # https://github.com/crazy-max/WindowsSpyBlocker + try { - Add-Type @Signature + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } + + try + { + # Check whether https://github.com is alive + $Parameters = @{ + Uri = "https://github.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } + + Clear-Variable -Name Array -ErrorAction Ignore + + # https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/hosts + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra = (Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra_v6 = (Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy = (Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy_v6 = (Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt" + UseBasicParsing = $true + Verbose = $true + } + $update =(Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $update_v6 = (Invoke-WebRequest @Parameters).Content + + $IPArray += $extra, $extra_v6, $spy, $spy_v6, $update, $update_v6 + # Split the Array variable content + $IPArray = $IPArray -split "`r?`n" | Where-Object -FilterScript {$_ -notmatch "#"} + + # Clear hosts file + $hosts = Get-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force + $hosts | ForEach-Object -Process { + if (($_ -ne "") -and (-not $_.StartsWith("#")) -and ($IPArray -split "`r?`n" | Select-String -Pattern $_)) + { + $UiData = $_ + $hosts = $hosts | Where-Object -FilterScript {$_ -notmatch $UiData} + } + } + $hosts | Set-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force + } + catch [System.Net.WebException] + { + Write-Warning -Message ($Localization.NoResponse -f "https://github.com") + Write-Error -Message ($Localization.NoResponse -f "https://github.com") -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue + } } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue + } + + + # PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word + Get-ChildItem -Path "$env:TEMP\Computer.txt", "$env:TEMP\User.txt" -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore + + # Save all opened folders in order to restore them after File Explorer restart + $Script:OpenedFolders = {(New-Object -ComObject Shell.Application).Windows() | ForEach-Object -Process {$_.Document.Folder.Self.Path}}.Invoke() # Display a warning message about whether a user has customized the preset file if ($Warning) @@ -536,27 +700,6 @@ public static string GetString(uint strId) } } } - - # Enable back the SysMain service if it was disabled by harmful tweakers - if ((Get-Service -Name SysMain).Status -eq "Stopped") - { - Get-Service -Name SysMain | Set-Service -StartupType Automatic - Get-Service -Name SysMain | Start-Service - - Start-Process -FilePath "https://www.outsidethebox.ms/19318/" - } - - # Automatically manage paging file size for all drives - if (-not (Get-CimInstance -ClassName CIM_ComputerSystem).AutomaticManagedPageFile) - { - Get-CimInstance -ClassName CIM_ComputerSystem | Set-CimInstance -Property @{AutomaticManagedPageFile = $true} - } - - # PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word - Get-ChildItem -Path "$env:TEMP\Computer.txt", "$env:TEMP\User.txt" -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore - - # Save all opened folders in order to restore them after File Explorer restart - $Script:OpenedFolders = {(New-Object -ComObject Shell.Application).Windows() | ForEach-Object -Process {$_.Document.Folder.Self.Path}}.Invoke() } #endregion Checks diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/de-DE/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/de-DE/Sophia.psd1 index 09f5e591..4a601634 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/de-DE/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/de-DE/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nIm Ordner "bin" befinden sich kein RebootPending = \nDer PC wartet darauf, neu gestartet zu werden UnsupportedRelease = \nNeue Version gefunden CustomizationWarning = \nHaben Sie alle Funktionen in der voreingestellten Datei {0} angepasst, bevor Sie Sophia Script ausführen? -DefenderBroken = \nMicrosoft Defender defekt oder aus dem Betriebssystem entfernt +WindowsComponentBroken = \n{0} defekt oder aus dem Betriebssystem entfernt UpdateDefender = \nDie Microsoft Defender-Definitionen sind veraltet. Führen Sie Windows Update aus und versuchen Sie es erneut. ControlledFolderAccessDisabled = Kontrollierter Ordnerzugriff deaktiviert ScheduledTasks = Geplante Aufgaben diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/en-US/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/en-US/Sophia.psd1 index 2d4c748f..e0bca316 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/en-US/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/en-US/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nThere are no files in the bin fold RebootPending = \nThe PC is waiting to be restarted UnsupportedRelease = \nA new version found CustomizationWarning = \nHave you customized every function in the {0} preset file before running Sophia Script? -DefenderBroken = \nMicrosoft Defender broken or removed from the OS +WindowsComponentBroken = \n{0} broken or removed from the OS UpdateDefender = \nMicrosoft Defender definitions are out-of-date. Run Windows Update and try again ControlledFolderAccessDisabled = Controlled folder access disabled ScheduledTasks = Scheduled tasks diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/es-ES/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/es-ES/Sophia.psd1 index 5e139c49..861de4e8 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/es-ES/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/es-ES/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nNo hay archivos en la carpeta bin. RebootPending = \nEl PC está esperando a ser reiniciado UnsupportedRelease = \nUna nueva versión encontrada CustomizationWarning = \n¿Ha personalizado todas las funciones del archivo predeterminado {0} antes de ejecutar Sophia Script? -DefenderBroken = \nMicrosoft Defender dañado o eliminado del sistema operativo +WindowsComponentBroken = \n{0} dañado o eliminado del sistema operativo UpdateDefender = \nLas definiciones de Microsoft Defender no están actualizadas. Ejecute Windows Update y vuelva a intentarlo ControlledFolderAccessDisabled = Acceso a la carpeta controlada deshabilitado ScheduledTasks = Tareas programadas diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/fr-FR/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/fr-FR/Sophia.psd1 index 1de65e82..be9c1c0b 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/fr-FR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/fr-FR/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nIl n'y a pas de fichiers dans le d RebootPending = \nLe PC attend d'être redémarré UnsupportedRelease = \nNouvelle version trouvée CustomizationWarning = \nAvez-vous personnalisé chaque fonction du fichier de préréglage {0} avant d'exécuter Sophia Script? -DefenderBroken = \nMicrosoft Defender cassé ou supprimé du système d'exploitation +WindowsComponentBroken = \n{0} cassé ou supprimé du système d'exploitation UpdateDefender = \nLes définitions de Microsoft Defender ne sont pas à jour. Exécutez Windows Update et réessayez ControlledFolderAccessDisabled = Contrôle d'accès aux dossiers désactivé ScheduledTasks = Tâches planifiées diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/hu-HU/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/hu-HU/Sophia.psd1 index 9ee941bb..31aeea85 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/hu-HU/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/hu-HU/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nA bin mappában nincsenek fájlok. RebootPending = \nA számítógép újraindításra vár UnsupportedRelease = \nÚj verzió érhető el CustomizationWarning = \nSzemélyre szabott minden opciót a {0} preset fájlban, mielőtt futtatni kívánja a Sophia szkriptet? -DefenderBroken = \nA Microsoft Defender elromlott vagy eltávolították az operációs rendszerből +WindowsComponentBroken = \nA {0} elromlott vagy eltávolították az operációs rendszerből UpdateDefender = \nA Microsoft Defender definíciói elavultak. Futtassa a Windows Update programot, és próbálja meg újra ControlledFolderAccessDisabled = Vezérelt mappához való hozzáférés kikapcsolva ScheduledTasks = Ütemezett feladatok diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/it-IT/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/it-IT/Sophia.psd1 index 0f36f31b..18cf26f2 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/it-IT/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/it-IT/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nNon ci sono file nella cartella bi RebootPending = \nIl PC è in attesa di essere riavviato UnsupportedRelease = \nNuova versione trovata CustomizationWarning = \nSono state personalizzate tutte le funzioni nel file di configurazione {0} prima di eseguire Sophia Script? -DefenderBroken = \nMicrosoft Defender rimosso dal sistema +WindowsComponentBroken = \n{0} rimosso dal sistema UpdateDefender = \nLe definizioni di Microsoft Defender non sono aggiornate. Eseguire Windows Update e riprovare ControlledFolderAccessDisabled = l'accesso alle cartelle controllata disattivata ScheduledTasks = Attività pianificate diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pl-PL/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pl-PL/Sophia.psd1 index dd98beec..daaaf171 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pl-PL/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pl-PL/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nW folderze bin nie ma żadnych pli RebootPending = \nKomputer oczekuje na ponowne uruchomienie UnsupportedRelease = \nZnaleziono nową wersję CustomizationWarning = \nCzy dostosowałeś funkcje w predefiniowanym pliku {0} przed uruchomieniem Sophia Script? -DefenderBroken = \nMicrosoft Defender jest uszkodzony lub usunięty z systemu operacyjnego +WindowsComponentBroken = \n{0} jest uszkodzony lub usunięty z systemu operacyjnego UpdateDefender = \nDefinicje programu Microsoft Defender są nieaktualne. Uruchom aktualizację systemu Windows i spróbuj ponownie. ControlledFolderAccessDisabled = Kontrolowany dostęp do folderów został wyłączony ScheduledTasks = Zaplanowane zadania diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pt-BR/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pt-BR/Sophia.psd1 index a86fd07f..146e59ca 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pt-BR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/pt-BR/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nNão existem ficheiros na pasta bi RebootPending = \nO PC está esperando para ser reiniciado UnsupportedRelease = \nNova versão encontrada CustomizationWarning = \nVocê personalizou todas as funções no arquivo de predefinição {0} antes de executar o Sophia Script? -DefenderBroken = \nMicrosoft Defender quebrado ou removido do sistema operativo +WindowsComponentBroken = \n{0} quebrado ou removido do sistema operativo UpdateDefender = \nAs definições do Microsoft Defender estão desatualizadas. Execute o Windows Update e tente novamente ControlledFolderAccessDisabled = Acesso controlado a pasta desativada ScheduledTasks = Tarefas agendadas diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/ru-RU/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/ru-RU/Sophia.psd1 index 97ee6302..83a903c0 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/ru-RU/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/ru-RU/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nВ папке bin отсутств RebootPending = \nКомпьютер ожидает перезагрузки UnsupportedRelease = \nОбнаружена новая версия CustomizationWarning = \nВы настроили все функции в пресет-файле {0} перед запуском Sophia Script? -DefenderBroken = \nMicrosoft Defender сломан или удален из ОС +WindowsComponentBroken = \n{0} сломан или удален из ОС UpdateDefender = \nОпределения Microsoft Defender устарели. Запустите обновление Windows ControlledFolderAccessDisabled = Контролируемый доступ к папкам выключен ScheduledTasks = Запланированные задания diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/tr-TR/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/tr-TR/Sophia.psd1 index 223e2ab5..93b544b1 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/tr-TR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/tr-TR/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nbin klasöründe dosya yok. Lütfe RebootPending = \nPC yeniden başlatılmayı bekliyor UnsupportedRelease = \nYeni sürüm bulundu CustomizationWarning = \nSophia Script'i çalıştırmadan önce {0} ön ayar dosyasındaki her işlevi özelleştirdiniz mi? -DefenderBroken = \nMicrosoft Defender bozuk veya işletim sisteminden kaldırıldı +WindowsComponentBroken = \n{0} bozuk veya işletim sisteminden kaldırıldı UpdateDefender = \nMicrosoft Defender tanımları güncel değil. Windows Update'i çalıştırın ve tekrar deneyin ControlledFolderAccessDisabled = Kontrollü klasör erişimi devre dışı bırakıldı ScheduledTasks = Zamanlanan görevler diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/uk-UA/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/uk-UA/Sophia.psd1 index 14126821..880342ba 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/uk-UA/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/uk-UA/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nУ папці bin відсутні RebootPending = \nКомп'ютер очікує на перезавантаження UnsupportedRelease = \nВиявлено нову версію CustomizationWarning = \nВи налаштували всі функції в пресет-файлі {0} перед запуском Sophia Script? -DefenderBroken = \nMicrosoft Defender пошкоджено або видалено з ОС +WindowsComponentBroken = \n{0} пошкоджено або видалено з ОС UpdateDefender = \nВизначення Microsoft Defender застаріли. Запустіть Windows Update і повторіть спробу ControlledFolderAccessDisabled = Контрольований доступ до папок вимкнений ScheduledTasks = Заплановані задачі diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/zh-CN/Sophia.psd1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/zh-CN/Sophia.psd1 index 890c2eae..ce44299d 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/zh-CN/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Localizations/zh-CN/Sophia.psd1 @@ -12,7 +12,7 @@ bin = \nbin文件夹中没有文件。请 RebootPending = \n计算机正在等待重新启动 UnsupportedRelease = \n找到新版本 CustomizationWarning = \n在运行Sophia Script之前,您是否已自定义{0}预设文件中的每个函数? -DefenderBroken = \nMicrosoft Defender 损坏或从操作系统中删除 +WindowsComponentBroken = \n{0} 损坏或从操作系统中删除 UpdateDefender = \nMicrosoft Defender的定义已经过期。运行Windows Update并再次尝试 ControlledFolderAccessDisabled = "受控文件夹访问"已禁用 ScheduledTasks = 计划任务 diff --git a/src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1 b/src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1 index d7eb71ba..4b6c86b6 100644 --- a/src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1 +++ b/src/Sophia_Script_for_Windows_10_PowerShell_7/Module/Sophia.psm1 @@ -56,6 +56,114 @@ function Checks # Unblock all files in the script folder by removing the Zone.Identifier alternate data stream with a value of "3" Get-ChildItem -Path $PSScriptRoot\..\ -File -Recurse -Force | Unblock-File + [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + + # Extract strings from %SystemRoot%\System32\shell32.dll using its' number + $Signature = @{ + Namespace = "WinAPI" + Name = "GetStr" + Language = "CSharp" + UsingNamespace = "System.Text" + MemberDefinition = @" +[DllImport("kernel32.dll", CharSet = CharSet.Auto)] +public static extern IntPtr GetModuleHandle(string lpModuleName); + +[DllImport("user32.dll", CharSet = CharSet.Auto)] +internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); + +public static string GetString(uint strId) +{ + IntPtr intPtr = GetModuleHandle("shell32.dll"); + StringBuilder sb = new StringBuilder(255); + LoadString(intPtr, strId, sb, sb.Capacity); + return sb.ToString(); +} +"@ + } + if (-not ("WinAPI.GetStr" -as [type])) + { + Add-Type @Signature + } + + # Check if Microsoft Edge as being a system component was removed by harmful tweakers + if (-not (Test-Path -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe")) + { + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + try + { + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } + + try + { + # Download Microsoft Edge Stable x64 + $DownloadsFolder = Get-ItemPropertyValue -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" -Name "{374DE290-123F-4565-9164-39C4925E467B}" + $Parameters = @{ + Uri = "https://c2rsetup.officeapps.live.com/c2r/downloadEdge.aspx?platform=Default&source=EdgeStablePage&Channel=Stable&language=$((Get-WinSystemLocale).TwoLetterISOLanguageName)" + OutFile = "$DownloadsFolder\MicrosoftEdgeSetup.exe" + UseBasicParsing = $true + Verbose = $true + } + Invoke-Webrequest @Parameters + + # Install Microsoft Edge Stable x64 + Start-Process -FilePath "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Wait + + Get-Process -Name msedge | Stop-Process -Force -ErrorAction Ignore + Start-Sleep -Seconds 5 + + try + { + & "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe" --no-first-run --noerrdialogs --no-default-browser-check --start-maximized + } + catch [System.InvalidOperationException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Edge" + + "https://t.me/sophia_chat" + "https://discord.gg/sSryhaEv79" + + exit + } + catch [System.Management.Automation.ApplicationFailedException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Edge" + + "https://t.me/sophia_chat" + "https://discord.gg/sSryhaEv79" + + exit + } + + Stop-Process -Name msedge -Force -ErrorAction Ignore + + Remove-Item -Path "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Force + } + catch [System.Net.WebException] + { + Write-Warning -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") + Write-Error -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") -ErrorAction SilentlyContinue + } + } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + } + } + # Detect the OS bitness if (-not [System.Environment]::Is64BitOperatingSystem) { @@ -106,9 +214,11 @@ function Checks {($_ -lt 19045) -or ($_ -gt 19048)} { Write-Warning -Message $Localization.UnsupportedOSBuild + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows#system-requirements" + exit } } @@ -117,9 +227,11 @@ function Checks if ($ExecutionContext.SessionState.LanguageMode -ne "FullLanguage") { Write-Warning -Message $Localization.UnsupportedLanguageMode + Start-Process -FilePath "https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_language_modes" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -131,8 +243,10 @@ function Checks if ($CurrentUserName -ne $LoginUserName) { Write-Warning -Message $Localization.LoggedInUserNotAdmin + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -140,8 +254,10 @@ function Checks if ($PSVersionTable.PSVersion.Major -ne 7) { Write-Warning -Message ($Localization.UnsupportedPowerShell -f $PSVersionTable.PSVersion.Major, $PSVersionTable.PSVersion.Minor) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -149,12 +265,14 @@ function Checks if (($Host.Name -match "ISE") -or ($env:TERM_PROGRAM -eq "vscode")) { Write-Warning -Message ($Localization.UnsupportedHost -f $Host.Name.replace("Host", "")) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } - # Check whether Windows was broken by 3rd party tweakers and trojans + # Check whether Windows was broken by 3rd party harmful tweakers and trojans $Tweakers = @{ # https://github.com/Sycnex/Windows10Debloater Windows10Debloater = "$env:SystemDrive\Temp\Windows10Debloater" @@ -169,7 +287,7 @@ function Checks # https://win10tweaker.ru "Win 10 Tweaker" = "HKCU:\Software\Win 10 Tweaker" # https://forum.ru-board.com/topic.cgi?forum=5&topic=50519 - "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\.exts\shell\open\command" + "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\Modern Cleaner" # https://boosterx.ru BoosterX = "$env:ProgramFiles\GameModeX\GameModeX.exe" # https://forum.ru-board.com/topic.cgi?forum=5&topic=14285&start=400#11 @@ -178,6 +296,10 @@ function Checks "Defender Switch" = "$env:ProgramData\DSW" # https://revi.cc/revios/download "Revision Tool" = "${env:ProgramFiles(x86)}\Revision Tool" + # https://www.youtube.com/watch?v=L0cj_I6OF2o + "WinterOS Tweaker" = "$env:SystemRoot\WinterOS*" + # https://github.com/ThePCDuke/WinCry + WinCry = "$env:SystemRoot\TempCleaner.exe" } foreach ($Tweaker in $Tweakers.Keys) { @@ -186,16 +308,20 @@ function Checks if ($Tweakers[$Tweaker] -eq "HKCU:\Software\Win 10 Tweaker") { Write-Warning -Message $Localization.Win10TweakerWarning + Start-Process -FilePath "https://youtu.be/na93MS-1EkM" Start-Process -FilePath "https://pikabu.ru/story/byekdor_v_win_10_tweaker_ili_sovremennyie_metodyi_borbyi_s_piratstvom_8227558" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } Write-Warning -Message ($Localization.TweakerWarning -f $Tweaker) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -204,12 +330,13 @@ function Checks if (Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\.NETFramework\Performance -Name *flibustier) { Write-Warning -Message ($Localization.TweakerWarning -f "flblauncher") + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } - # Check whether LGPO.exe exists in the bin folder # Check whether all necessary files exist in the bin folder $Files = @( "$PSScriptRoot\..\bin\LGPO.exe", @@ -219,10 +346,11 @@ function Checks if (($Files | Test-Path) -contains $false) { Write-Warning -Message $Localization.Bin - Start-Sleep -Seconds 5 + Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -239,16 +367,16 @@ function Checks if (($PendingActions | Test-Path) -contains $true) { Write-Warning -Message $Localization.RebootPending + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } # Check if the current module version is the latest one try { - [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - # Check the internet connection $Parameters = @{ Uri = "https://www.google.com" @@ -275,11 +403,10 @@ function Checks { Write-Warning -Message $Localization.UnsupportedRelease - Start-Sleep -Seconds 5 - Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -308,7 +435,7 @@ function Checks { # Provider Load Failure exception Write-Warning -Message $Global:Error.Exception.Message | Select-Object -First 1 - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" @@ -317,20 +444,6 @@ function Checks } } - # Checking services - try - { - $Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop - } - catch [Microsoft.PowerShell.Commands.ServiceCommandException] - { - Write-Warning -Message $Localization.DefenderBroken - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" - exit - } - $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count - # Check Microsoft Defender state # The Enterprise G edition doesn't has a built-in Defender if ((Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Microsoft\Windows nt\CurrentVersion" -Name EditionID) -ne "EnterpriseG") @@ -338,9 +451,11 @@ function Checks # Check Microsoft Defender state if ($null -eq (Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntiVirusProduct -ErrorAction Ignore)) { - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" ### + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -361,6 +476,22 @@ function Checks $Script:DefenderproductState = $false } + # Checking services + try + { + $Services = Get-Service -Name Windefend, SecurityHealthService, wscsvc -ErrorAction Stop + } + catch [Microsoft.PowerShell.Commands.ServiceCommandException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } + $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count + # Specify whether Antispyware protection is enabled if ((Get-ItemPropertyValue -Path "HKLM:\SOFTWARE\Microsoft\Windows nt\CurrentVersion" -Name EditionID) -ne "EnterpriseG") { @@ -519,33 +650,6 @@ function Checks } #endregion Defender checks - # Extract strings from %SystemRoot%\System32\shell32.dll using its' number - $Signature = @{ - Namespace = "WinAPI" - Name = "GetStr" - Language = "CSharp" - UsingNamespace = "System.Text" - MemberDefinition = @" -[DllImport("kernel32.dll", CharSet = CharSet.Auto)] -public static extern IntPtr GetModuleHandle(string lpModuleName); - -[DllImport("user32.dll", CharSet = CharSet.Auto)] -internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); - -public static string GetString(uint strId) -{ - IntPtr intPtr = GetModuleHandle("shell32.dll"); - StringBuilder sb = new StringBuilder(255); - LoadString(intPtr, strId, sb, sb.Capacity); - return sb.ToString(); -} -"@ - } - if (-not ("WinAPI.GetStr" -as [type])) - { - Add-Type @Signature - } - # Enable back the SysMain service if it was disabled by harmful tweakers if ((Get-Service -Name SysMain).Status -eq "Stopped") { @@ -561,18 +665,35 @@ public static string GetString(uint strId) Get-CimInstance -ClassName CIM_ComputerSystem | Set-CimInstance -Property @{AutomaticManagedPageFile = $true} } - # Check if Microsoft Edge as being a system component was removed by harmful tweakers - if (-not (Test-Path -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe")) + # Remove firewalled IP addresses that block Microsoft recourses added by harmful tweakers + # https://wpd.app + Get-NetFirewallRule | Where-Object -FilterScript {($_.DisplayName -match "Blocker MicrosoftTelemetry") -or ($_.DisplayName -match "Blocker MicrosoftExtra") -or ($_.DisplayName -match "windowsSpyBlocker")} | Remove-NetFirewallRule + + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + # Remove IP addresses from hosts file that block Microsoft recourses added by WindowsSpyBlocker + # https://github.com/crazy-max/WindowsSpyBlocker + try { - Write-Information -MessageData "" -InformationAction Continue - # Extract the localized "Please wait..." string from shell32.dll - Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } try { - # Check the internet connection + # Check whether https://github.com is alive $Parameters = @{ - Uri = "https://www.google.com" + Uri = "https://github.com" Method = "Head" DisableKeepAlive = $true UseBasicParsing = $true @@ -582,43 +703,92 @@ public static string GetString(uint strId) return } - try - { - # Download Microsoft Edge Stable x64 - $DownloadsFolder = Get-ItemPropertyValue -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" -Name "{374DE290-123F-4565-9164-39C4925E467B}" - $Parameters = @{ - Uri = "https://c2rsetup.officeapps.live.com/c2r/downloadEdge.aspx?platform=Default&source=EdgeStablePage&Channel=Stable&language=$((Get-WinSystemLocale).TwoLetterISOLanguageName)" - OutFile = "$DownloadsFolder\MicrosoftEdgeSetup.exe" - UseBasicParsing = $true - Verbose = $true - } - Invoke-Webrequest @Parameters + Clear-Variable -Name Array -ErrorAction Ignore - # Install Microsoft Edge Stable x64 - Start-Process -FilePath "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Wait + # https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/hosts + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra = (Invoke-WebRequest @Parameters).Content - Get-Process -Name msedge | Stop-Process -Force -ErrorAction Ignore - Start-Sleep -Seconds 5 + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra_v6 = (Invoke-WebRequest @Parameters).Content - & "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe" --no-first-run --noerrdialogs --no-default-browser-check --start-maximized + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy = (Invoke-WebRequest @Parameters).Content - Remove-Item -Path "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Force + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy_v6 = (Invoke-WebRequest @Parameters).Content - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt" + UseBasicParsing = $true + Verbose = $true } - catch [System.Net.WebException] - { - Write-Warning -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") - Write-Error -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") -ErrorAction SilentlyContinue + $update =(Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update_v6.txt" + UseBasicParsing = $true + Verbose = $true } + $update_v6 = (Invoke-WebRequest @Parameters).Content + + $IPArray += $extra, $extra_v6, $spy, $spy_v6, $update, $update_v6 + # Split the Array variable content + $IPArray = $IPArray -split "`r?`n" | Where-Object -FilterScript {$_ -notmatch "#"} + + # Clear hosts file + $hosts = Get-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force + $hosts | ForEach-Object -Process { + if (($_ -ne "") -and (-not $_.StartsWith("#")) -and ($IPArray -split "`r?`n" | Select-String -Pattern $_)) + { + $UiData = $_ + $hosts = $hosts | Where-Object -FilterScript {$_ -notmatch $UiData} + } + } + $hosts | Set-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force } catch [System.Net.WebException] { - Write-Warning -Message $Localization.NoInternetConnection - Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + Write-Warning -Message ($Localization.NoResponse -f "https://github.com") + Write-Error -Message ($Localization.NoResponse -f "https://github.com") -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue } } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue + } + + # Check if Microsoft Store as being an important system component was removed + if (-not (Get-AppxPackage -Name Microsoft.WindowsStore)) + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Store" + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } # PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word Get-ChildItem -Path "$env:TEMP\Computer.txt", "$env:TEMP\User.txt" -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore @@ -3410,6 +3580,7 @@ function UnpinTaskbarShortcuts { Start-Job -ScriptBlock { $Apps = (New-Object -ComObject Shell.Application).NameSpace("shell:::{4234d49b-0245-4df3-b780-3893943456e1}").Items() + # Extract the localized "Unpin from taskbar" string from shell32.dll ($Apps | Where-Object -FilterScript {$_.Name -eq "Microsoft Store"}).Verbs() | Where-Object -FilterScript {$_.Name -eq $using:LocalizedString} | ForEach-Object -Process {$_.DoIt()} } | Receive-Job -Wait -AutoRemoveJob } @@ -8974,73 +9145,6 @@ public static int UnloadHive(RegistryHives hive, string subKey) Add-Type @Signature } - - function Set-Icon - { - Param - ( - [Parameter( - Mandatory = $true, - Position = 0 - - )] - [string] - $ProgId, - - [Parameter( - Mandatory = $true, - Position = 1 - )] - [string] - $Icon - ) - - if (-not (Test-Path -Path "HKCU:\Software\Classes\$ProgId\DefaultIcon")) - { - New-Item -Path "HKCU:\Software\Classes\$ProgId\DefaultIcon" -Force - } - New-ItemProperty -Path "HKCU:\Software\Classes\$ProgId\DefaultIcon" -Name "(default)" -PropertyType String -Value $Icon -Force - } - - function Remove-UserChoiceKey - { - Param - ( - [Parameter( - Mandatory = $true, - Position = 0 - )] - [string] - $SubKey - ) - - [WinAPI.Action]::DeleteKey([Microsoft.Win32.RegistryHive]::CurrentUser,$SubKey) - } - - function Set-UserAccessKey - { - Param - ( - [Parameter( - Mandatory = $true, - Position = 0 - )] - [string] - $SubKey - ) - - $OpenSubKey = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey($SubKey,'ReadWriteSubTree','TakeOwnership') - if ($OpenSubKey) - { - $Acl = [System.Security.AccessControl.RegistrySecurity]::new() - # Get current user SID - $UserSID = (Get-CimInstance -ClassName Win32_UserAccount | Where-Object -FilterScript {$_.Name -eq $env:USERNAME}).SID - $Acl.SetSecurityDescriptorSddlForm("O:$UserSID`G:$UserSID`D:AI(D;;DC;;;$UserSID)") - $OpenSubKey.SetAccessControl($Acl) - $OpenSubKey.Close() - } - } - function Write-ExtensionKeys { Param @@ -9080,7 +9184,7 @@ public static int UnloadHive(RegistryHives hive, string subKey) # If ProgId doesn't exist set the specified ProgId for the extensions # Due to "Set-StrictMode -Version Latest" we have to check everything - if (-not (Get-Variable -Name OrigProgID -ErrorAction Ignore)) + if (-not (Get-Variable -Name ProgId -ErrorAction Ignore)) { if (-not (Test-Path -Path "HKCU:\Software\Classes\$Extension")) { @@ -9114,7 +9218,7 @@ public static int UnloadHive(RegistryHives hive, string subKey) New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\OpenWithProgids" -Name $ProgID -PropertyType None -Value ([byte[]]@()) -Force # Removing the UserChoice key - Remove-UserChoiceKey -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" + [WinAPI.Action]::DeleteKey([Microsoft.Win32.RegistryHive]::CurrentUser, "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice") # Setting parameters in UserChoice. The key is being autocreated if (-not (Test-Path -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice")) @@ -9132,8 +9236,17 @@ public static int UnloadHive(RegistryHives hive, string subKey) } New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" -Name Hash -PropertyType String -Value $ProgHash -Force - # Setting a ban on changing the UserChoice section - Set-UserAccessKey -SubKey "Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice" + # Setting a block on changing the UserChoice section + $OpenSubKey = [Microsoft.Win32.Registry]::CurrentUser.OpenSubKey("Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\$Extension\UserChoice", "ReadWriteSubTree", "TakeOwnership") + if ($OpenSubKey) + { + $Acl = [System.Security.AccessControl.RegistrySecurity]::new() + # Get current user SID + $UserSID = (Get-CimInstance -ClassName Win32_UserAccount | Where-Object -FilterScript {$_.Name -eq $env:USERNAME}).SID + $Acl.SetSecurityDescriptorSddlForm("O:$UserSID`G:$UserSID`D:AI(D;;DC;;;$UserSID)") + $OpenSubKey.SetAccessControl($Acl) + $OpenSubKey.Close() + } } function Write-AdditionalKeys @@ -9444,7 +9557,11 @@ public static long MakeLong(uint left, uint right) if ($Icon) { - Set-Icon -ProgId $ProgId -Icon $Icon + if (-not (Test-Path -Path "HKCU:\Software\Classes\$ProgId\DefaultIcon")) + { + New-Item -Path "HKCU:\Software\Classes\$ProgId\DefaultIcon" -Force + } + New-ItemProperty -Path "HKCU:\Software\Classes\$ProgId\DefaultIcon" -Name "(default)" -PropertyType String -Value $Icon -Force } Write-Information -MessageData "" -InformationAction Continue @@ -11094,6 +11211,13 @@ function RestoreUWPApps # You cannot retrieve packages using -PackageTypeFilter Bundle, otherwise you won't get the InstallLocation attribute. It can be retrieved only by comparing with $Bundles $Bundles = (Get-AppXPackage -PackageTypeFilter Bundle -AllUsers).Name $AppxPackages = @(Get-AppxPackage -AllUsers | Where-Object -FilterScript {$_.PackageUserInformation -match "Staged"} | Where-Object -FilterScript {$_.Name -in $Bundles}) + + # The Bundle packages contains no Spotify + if (Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers) + { + # Temporarily hack: due to the fact that there are actually two Spotify packages, we need to choose the first one to display + $AppxPackages += Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers | Where-Object -FilterScript {$_.PackageUserInformation -match "Staged"} | Select-Object -Index 0 + } $PackagesIds = [Windows.Management.Deployment.PackageManager]::new().FindPackages() | Select-Object -Property DisplayName -ExpandProperty Id | Select-Object -Property Name, DisplayName foreach ($AppxPackage in $AppxPackages) @@ -14903,6 +15027,7 @@ public static void PostMessage() Start-Process -FilePath taskschd.msc } + # ### if ($Script:MeetNow) { MeetNow -Show diff --git a/src/Sophia_Script_for_Windows_11/Localizations/de-DE/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/de-DE/Sophia.psd1 index 9451951d..d09e00d2 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/de-DE/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/de-DE/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nIm Ordner "bin" befinden sich kein RebootPending = \nDer PC wartet darauf, neu gestartet zu werden UnsupportedRelease = \nNeue Version gefunden CustomizationWarning = \nHaben Sie alle Funktionen in der voreingestellten Datei {0} angepasst, bevor Sie Sophia Script ausführen? -DefenderBroken = \nMicrosoft Defender defekt oder aus dem Betriebssystem entfernt +WindowsComponentBroken = \n{0} defekt oder aus dem Betriebssystem entfernt UpdateDefender = \nDie Microsoft Defender-Definitionen sind veraltet. Führen Sie Windows Update aus und versuchen Sie es erneut. ControlledFolderAccessDisabled = Kontrollierter Ordnerzugriff deaktiviert ScheduledTasks = Geplante Aufgaben diff --git a/src/Sophia_Script_for_Windows_11/Localizations/en-US/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/en-US/Sophia.psd1 index a8a61ad8..9817cf0d 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/en-US/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/en-US/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nThere are no files in the bin fold RebootPending = \nThe PC is waiting to be restarted UnsupportedRelease = \nA new version found CustomizationWarning = \nHave you customized every function in the {0} preset file before running Sophia Script? -DefenderBroken = \nMicrosoft Defender broken or removed from the OS +WindowsComponentBroken = \n{0} broken or removed from the OS UpdateDefender = \nMicrosoft Defender definitions are out-of-date. Run Windows Update and try again ControlledFolderAccessDisabled = Controlled folder access disabled ScheduledTasks = Scheduled tasks diff --git a/src/Sophia_Script_for_Windows_11/Localizations/es-ES/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/es-ES/Sophia.psd1 index 6c896dc3..65ffbe8c 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/es-ES/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/es-ES/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nNo hay archivos en la carpeta bin. RebootPending = \nEl PC está esperando a ser reiniciado UnsupportedRelease = \nUna nueva versión encontrada CustomizationWarning = \n¿Ha personalizado todas las funciones del archivo predeterminado {0} antes de ejecutar Sophia Script? -DefenderBroken = \nMicrosoft Defender dañado o eliminado del sistema operativo +WindowsComponentBroken = \n{0} dañado o eliminado del sistema operativo UpdateDefender = \nLas definiciones de Microsoft Defender no están actualizadas. Ejecute Windows Update y vuelva a intentarlo ControlledFolderAccessDisabled = Acceso a la carpeta controlada deshabilitado ScheduledTasks = Tareas programadas diff --git a/src/Sophia_Script_for_Windows_11/Localizations/fr-FR/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/fr-FR/Sophia.psd1 index d586d004..0366f3cb 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/fr-FR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/fr-FR/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nIl n'y a pas de fichiers dans le d RebootPending = \nLe PC attend d'être redémarré UnsupportedRelease = \nNouvelle version trouvée CustomizationWarning = \nAvez-vous personnalisé chaque fonction du fichier de préréglage {0} avant d'exécuter Sophia Script? -DefenderBroken = \nMicrosoft Defender cassé ou supprimé du système d'exploitation +WindowsComponentBroken = \n{0} cassé ou supprimé du système d'exploitation UpdateDefender = \nLes définitions de Microsoft Defender ne sont pas à jour. Exécutez Windows Update et réessayez ControlledFolderAccessDisabled = Contrôle d'accès aux dossiers désactivé ScheduledTasks = Tâches planifiées diff --git a/src/Sophia_Script_for_Windows_11/Localizations/hu-HU/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/hu-HU/Sophia.psd1 index 9096fefe..082cee4b 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/hu-HU/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/hu-HU/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nA bin mappában nincsenek fájlok. RebootPending = \nA számítógép újraindításra vár UnsupportedRelease = \nÚj verzió érhető el CustomizationWarning = \nSzemélyre szabott minden opciót a {0} preset fájlban, mielőtt futtatni kívánja a Sophia szkriptet? -DefenderBroken = \nA Microsoft Defender elromlott vagy eltávolították az operációs rendszerből +WindowsComponentBroken = \nA {0} elromlott vagy eltávolították az operációs rendszerből UpdateDefender = \nA Microsoft Defender definíciói elavultak. Futtassa a Windows Update programot, és próbálja meg újra ControlledFolderAccessDisabled = Vezérelt mappához való hozzáférés kikapcsolva ScheduledTasks = Ütemezett feladatok diff --git a/src/Sophia_Script_for_Windows_11/Localizations/it-IT/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/it-IT/Sophia.psd1 index a80ab161..f11798a7 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/it-IT/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/it-IT/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nNon ci sono file nella cartella bi RebootPending = \nIl PC è in attesa di essere riavviato UnsupportedRelease = \nNuova versione trovata CustomizationWarning = \nSono state personalizzate tutte le funzioni nel file di configurazione {0} prima di eseguire Sophia Script? -DefenderBroken = \nMicrosoft Defender rimosso dal sistema +WindowsComponentBroken = \n{0} rimosso dal sistema UpdateDefender = \nLe definizioni di Microsoft Defender non sono aggiornate. Eseguire Windows Update e riprovare ControlledFolderAccessDisabled = l'accesso alle cartelle controllata disattivata ScheduledTasks = Attività pianificate diff --git a/src/Sophia_Script_for_Windows_11/Localizations/pl-PL/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/pl-PL/Sophia.psd1 index e4b6b0ad..ea517bec 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/pl-PL/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/pl-PL/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nW folderze bin nie ma żadnych pli RebootPending = \nKomputer oczekuje na ponowne uruchomienie UnsupportedRelease = \nZnaleziono nową wersję CustomizationWarning = \nCzy dostosowałeś funkcje w predefiniowanym pliku {0} przed uruchomieniem Sophia Script? -DefenderBroken = \nMicrosoft Defender jest uszkodzony lub usunięty z systemu operacyjnego +WindowsComponentBroken = \n{0} jest uszkodzony lub usunięty z systemu operacyjnego UpdateDefender = \nDefinicje programu Microsoft Defender są nieaktualne. Uruchom aktualizację systemu Windows i spróbuj ponownie. ControlledFolderAccessDisabled = Kontrolowany dostęp do folderów został wyłączony ScheduledTasks = Zaplanowane zadania diff --git a/src/Sophia_Script_for_Windows_11/Localizations/pt-BR/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/pt-BR/Sophia.psd1 index 17cb250c..63297567 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/pt-BR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/pt-BR/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nNão existem ficheiros na pasta bi RebootPending = \nO PC está esperando para ser reiniciado UnsupportedRelease = \nNova versão encontrada CustomizationWarning = \nVocê personalizou todas as funções no arquivo de predefinição {0} antes de executar o Sophia Script? -DefenderBroken = \nMicrosoft Defender quebrado ou removido do sistema operativo +WindowsComponentBroken = \n{0} quebrado ou removido do sistema operativo UpdateDefender = \nAs definições do Microsoft Defender estão desatualizadas. Execute o Windows Update e tente novamente ControlledFolderAccessDisabled = Acesso controlado a pasta desativada ScheduledTasks = Tarefas agendadas diff --git a/src/Sophia_Script_for_Windows_11/Localizations/ru-RU/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/ru-RU/Sophia.psd1 index b6a355da..cbc3569c 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/ru-RU/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/ru-RU/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nВ папке bin отсутств RebootPending = \nКомпьютер ожидает перезагрузки UnsupportedRelease = \nОбнаружена новая версия CustomizationWarning = \nВы настроили все функции в пресет-файле {0} перед запуском Sophia Script? -DefenderBroken = \nMicrosoft Defender сломан или удален из ОС +WindowsComponentBroken = \n{0} сломан или удален из ОС UpdateDefender = \nОпределения Microsoft Defender устарели. Запустите обновление Windows ControlledFolderAccessDisabled = Контролируемый доступ к папкам выключен ScheduledTasks = Запланированные задания diff --git a/src/Sophia_Script_for_Windows_11/Localizations/tr-TR/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/tr-TR/Sophia.psd1 index 632ca30c..87aa27e9 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/tr-TR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/tr-TR/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nbin klasöründe dosya yok. Lütfe RebootPending = \nPC yeniden başlatılmayı bekliyor UnsupportedRelease = \nYeni sürüm bulundu CustomizationWarning = \nSophia Script'i çalıştırmadan önce {0} ön ayar dosyasındaki her işlevi özelleştirdiniz mi? -DefenderBroken = \nMicrosoft Defender bozuk veya işletim sisteminden kaldırıldı +WindowsComponentBroken = \n{0} bozuk veya işletim sisteminden kaldırıldı UpdateDefender = \nMicrosoft Defender tanımları güncel değil. Windows Update'i çalıştırın ve tekrar deneyin ControlledFolderAccessDisabled = Kontrollü klasör erişimi devre dışı bırakıldı ScheduledTasks = Zamanlanan görevler diff --git a/src/Sophia_Script_for_Windows_11/Localizations/uk-UA/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/uk-UA/Sophia.psd1 index dc2412f7..0937b753 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/uk-UA/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/uk-UA/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nУ папці bin відсутні RebootPending = \nКомп'ютер очікує на перезавантаження UnsupportedRelease = \nВиявлено нову версію CustomizationWarning = \nВи налаштували всі функції в пресет-файлі {0} перед запуском Sophia Script? -DefenderBroken = \nMicrosoft Defender пошкоджено або видалено з ОС +WindowsComponentBroken = \n{0} пошкоджено або видалено з ОС UpdateDefender = \nВизначення Microsoft Defender застаріли. Запустіть Windows Update і повторіть спробу ControlledFolderAccessDisabled = Контрольований доступ до папок вимкнений ScheduledTasks = Заплановані задачі diff --git a/src/Sophia_Script_for_Windows_11/Localizations/zh-CN/Sophia.psd1 b/src/Sophia_Script_for_Windows_11/Localizations/zh-CN/Sophia.psd1 index 3124f55e..eb4f2ead 100644 --- a/src/Sophia_Script_for_Windows_11/Localizations/zh-CN/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11/Localizations/zh-CN/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nbin文件夹中没有文件。请 RebootPending = \n计算机正在等待重新启动 UnsupportedRelease = \n找到新版本 CustomizationWarning = \n在运行Sophia Script之前,您是否已自定义{0}预设文件中的每个函数? -DefenderBroken = \nMicrosoft Defender 损坏或从操作系统中删除 +WindowsComponentBroken = \n{0} 损坏或从操作系统中删除 UpdateDefender = \nMicrosoft Defender的定义已经过期。运行Windows Update并再次尝试 ControlledFolderAccessDisabled = "受控文件夹访问"已禁用 ScheduledTasks = 计划任务 diff --git a/src/Sophia_Script_for_Windows_11/Module/Sophia.psm1 b/src/Sophia_Script_for_Windows_11/Module/Sophia.psm1 index 17fcec6f..f2dd66ee 100644 --- a/src/Sophia_Script_for_Windows_11/Module/Sophia.psm1 +++ b/src/Sophia_Script_for_Windows_11/Module/Sophia.psm1 @@ -57,6 +57,112 @@ function Checks [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + # Extract strings from %SystemRoot%\System32\shell32.dll using its' number + $Signature = @{ + Namespace = "WinAPI" + Name = "GetStr" + Language = "CSharp" + UsingNamespace = "System.Text" + MemberDefinition = @" +[DllImport("kernel32.dll", CharSet = CharSet.Auto)] +public static extern IntPtr GetModuleHandle(string lpModuleName); + +[DllImport("user32.dll", CharSet = CharSet.Auto)] +internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); + +public static string GetString(uint strId) +{ + IntPtr intPtr = GetModuleHandle("shell32.dll"); + StringBuilder sb = new StringBuilder(255); + LoadString(intPtr, strId, sb, sb.Capacity); + return sb.ToString(); +} +"@ + } + if (-not ("WinAPI.GetStr" -as [type])) + { + Add-Type @Signature + } + + # Check if Microsoft Edge as being a system component was removed by harmful tweakers + if (-not (Test-Path -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe")) + { + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + try + { + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } + + try + { + # Download Microsoft Edge Stable x64 + $DownloadsFolder = Get-ItemPropertyValue -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" -Name "{374DE290-123F-4565-9164-39C4925E467B}" + $Parameters = @{ + Uri = "https://c2rsetup.officeapps.live.com/c2r/downloadEdge.aspx?platform=Default&source=EdgeStablePage&Channel=Stable&language=$((Get-WinSystemLocale).TwoLetterISOLanguageName)" + OutFile = "$DownloadsFolder\MicrosoftEdgeSetup.exe" + UseBasicParsing = $true + Verbose = $true + } + Invoke-Webrequest @Parameters + + # Install Microsoft Edge Stable x64 + Start-Process -FilePath "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Wait + + Get-Process -Name msedge | Stop-Process -Force -ErrorAction Ignore + Start-Sleep -Seconds 5 + + try + { + & "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe" --no-first-run --noerrdialogs --no-default-browser-check --start-maximized + } + catch [System.InvalidOperationException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Edge" + + "https://t.me/sophia_chat" + "https://discord.gg/sSryhaEv79" + + exit + } + catch [System.Management.Automation.ApplicationFailedException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Edge" + + "https://t.me/sophia_chat" + "https://discord.gg/sSryhaEv79" + + exit + } + + Stop-Process -Name msedge -Force -ErrorAction Ignore + + Remove-Item -Path "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Force + } + catch [System.Net.WebException] + { + Write-Warning -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") + Write-Error -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") -ErrorAction SilentlyContinue + } + } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + } + } + # Detect the OS build version switch ((Get-CimInstance -ClassName CIM_OperatingSystem).BuildNumber) { @@ -196,9 +302,11 @@ function Checks {$_ -lt 22000} { Write-Warning -Message $Localization.UnsupportedOSBuild + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows#system-requirements" + exit } } @@ -207,9 +315,11 @@ function Checks if ($ExecutionContext.SessionState.LanguageMode -ne "FullLanguage") { Write-Warning -Message $Localization.UnsupportedLanguageMode + Start-Process -FilePath "https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_language_modes" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -221,8 +331,10 @@ function Checks if ($CurrentUserName -ne $LoginUserName) { Write-Warning -Message $Localization.LoggedInUserNotAdmin + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -230,8 +342,10 @@ function Checks if ($PSVersionTable.PSVersion.Major -ne 5) { Write-Warning -Message ($Localization.UnsupportedPowerShell -f $PSVersionTable.PSVersion.Major, $PSVersionTable.PSVersion.Minor) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -239,12 +353,14 @@ function Checks if (($Host.Name -match "ISE") -or ($env:TERM_PROGRAM -eq "vscode")) { Write-Warning -Message ($Localization.UnsupportedHost -f $Host.Name.replace("Host", "")) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } - # Check whether Windows was broken by 3rd party tweakers and trojans + # Check whether Windows was broken by 3rd party harmful tweakers and trojans $Tweakers = @{ # https://github.com/Sycnex/Windows10Debloater Windows10Debloater = "$env:SystemDrive\Temp\Windows10Debloater" @@ -259,7 +375,7 @@ function Checks # https://win10tweaker.ru "Win 10 Tweaker" = "HKCU:\Software\Win 10 Tweaker" # https://forum.ru-board.com/topic.cgi?forum=5&topic=50519 - "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\.exts\shell\open\command" + "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\Modern Cleaner" # https://boosterx.ru BoosterX = "$env:ProgramFiles\GameModeX\GameModeX.exe" # https://forum.ru-board.com/topic.cgi?forum=5&topic=14285&start=400#11 @@ -268,6 +384,10 @@ function Checks "Defender Switch" = "$env:ProgramData\DSW" # https://revi.cc/revios/download "Revision Tool" = "${env:ProgramFiles(x86)}\Revision Tool" + # https://www.youtube.com/watch?v=L0cj_I6OF2o + "WinterOS Tweaker" = "$env:SystemRoot\WinterOS*" + # https://github.com/ThePCDuke/WinCry + WinCry = "$env:SystemRoot\TempCleaner.exe" } foreach ($Tweaker in $Tweakers.Keys) { @@ -276,16 +396,20 @@ function Checks if ($Tweakers[$Tweaker] -eq "HKCU:\Software\Win 10 Tweaker") { Write-Warning -Message $Localization.Win10TweakerWarning + Start-Process -FilePath "https://youtu.be/na93MS-1EkM" Start-Process -FilePath "https://pikabu.ru/story/byekdor_v_win_10_tweaker_ili_sovremennyie_metodyi_borbyi_s_piratstvom_8227558" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } Write-Warning -Message ($Localization.TweakerWarning -f $Tweaker) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -294,8 +418,10 @@ function Checks if (Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\.NETFramework\Performance -Name *flibustier) { Write-Warning -Message ($Localization.TweakerWarning -f "flblauncher") + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -303,10 +429,11 @@ function Checks if (-not (Test-Path -Path "$PSScriptRoot\..\bin\LGPO.exe")) { Write-Warning -Message $Localization.Bin - Start-Sleep -Seconds 5 + Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -323,8 +450,10 @@ function Checks if (($PendingActions | Test-Path) -contains $true) { Write-Warning -Message $Localization.RebootPending + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -357,11 +486,10 @@ function Checks { Write-Warning -Message $Localization.UnsupportedRelease - Start-Sleep -Seconds 5 - Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -387,7 +515,7 @@ function Checks { # Provider Load Failure exception Write-Warning -Message $Global:Error.Exception.Message | Select-Object -First 1 - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" @@ -398,9 +526,11 @@ function Checks # Check Microsoft Defender state if ($null -eq (Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntiVirusProduct -ErrorAction Ignore)) { - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -411,9 +541,11 @@ function Checks } catch [Microsoft.PowerShell.Commands.ServiceCommandException] { - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count @@ -567,33 +699,6 @@ function Checks } #endregion Defender checks - # Extract strings from %SystemRoot%\System32\shell32.dll using its' number - $Signature = @{ - Namespace = "WinAPI" - Name = "GetStr" - Language = "CSharp" - UsingNamespace = "System.Text" - MemberDefinition = @" -[DllImport("kernel32.dll", CharSet = CharSet.Auto)] -public static extern IntPtr GetModuleHandle(string lpModuleName); - -[DllImport("user32.dll", CharSet = CharSet.Auto)] -internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); - -public static string GetString(uint strId) -{ - IntPtr intPtr = GetModuleHandle("shell32.dll"); - StringBuilder sb = new StringBuilder(255); - LoadString(intPtr, strId, sb, sb.Capacity); - return sb.ToString(); -} -"@ - } - if (-not ("WinAPI.GetStr" -as [type])) - { - Add-Type @Signature - } - # Enable back the SysMain service if it was disabled by harmful tweakers if ((Get-Service -Name SysMain).Status -eq "Stopped") { @@ -609,18 +714,35 @@ public static string GetString(uint strId) Get-CimInstance -ClassName CIM_ComputerSystem | Set-CimInstance -Property @{AutomaticManagedPageFile = $true} } - # Check if Microsoft Edge as being a system component was removed by harmful tweakers - if (-not (Test-Path -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe")) + # Remove firewalled IP addresses that block Microsoft recourses added by harmful tweakers + # https://wpd.app + Get-NetFirewallRule | Where-Object -FilterScript {($_.DisplayName -match "Blocker MicrosoftTelemetry") -or ($_.DisplayName -match "Blocker MicrosoftExtra") -or ($_.DisplayName -match "windowsSpyBlocker")} | Remove-NetFirewallRule + + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + # Remove IP addresses from hosts file that block Microsoft recourses added by WindowsSpyBlocker + # https://github.com/crazy-max/WindowsSpyBlocker + try { - Write-Information -MessageData "" -InformationAction Continue - # Extract the localized "Please wait..." string from shell32.dll - Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } try { - # Check the internet connection + # Check whether https://github.com is alive $Parameters = @{ - Uri = "https://www.google.com" + Uri = "https://github.com" Method = "Head" DisableKeepAlive = $true UseBasicParsing = $true @@ -630,43 +752,92 @@ public static string GetString(uint strId) return } - try - { - # Download Microsoft Edge Stable x64 - $DownloadsFolder = Get-ItemPropertyValue -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" -Name "{374DE290-123F-4565-9164-39C4925E467B}" - $Parameters = @{ - Uri = "https://c2rsetup.officeapps.live.com/c2r/downloadEdge.aspx?platform=Default&source=EdgeStablePage&Channel=Stable&language=$((Get-WinSystemLocale).TwoLetterISOLanguageName)" - OutFile = "$DownloadsFolder\MicrosoftEdgeSetup.exe" - UseBasicParsing = $true - Verbose = $true - } - Invoke-Webrequest @Parameters + Clear-Variable -Name Array -ErrorAction Ignore - # Install Microsoft Edge Stable x64 - Start-Process -FilePath "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Wait + # https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/hosts + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra = (Invoke-WebRequest @Parameters).Content - Get-Process -Name msedge | Stop-Process -Force -ErrorAction Ignore - Start-Sleep -Seconds 5 + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra_v6 = (Invoke-WebRequest @Parameters).Content - & "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe" --no-first-run --noerrdialogs --no-default-browser-check --start-maximized + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy = (Invoke-WebRequest @Parameters).Content - Remove-Item -Path "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Force + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy_v6 = (Invoke-WebRequest @Parameters).Content - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt" + UseBasicParsing = $true + Verbose = $true } - catch [System.Net.WebException] - { - Write-Warning -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") - Write-Error -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") -ErrorAction SilentlyContinue + $update =(Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $update_v6 = (Invoke-WebRequest @Parameters).Content + + $IPArray += $extra, $extra_v6, $spy, $spy_v6, $update, $update_v6 + # Split the Array variable content + $IPArray = $IPArray -split "`r?`n" | Where-Object -FilterScript {$_ -notmatch "#"} + + # Clear hosts file + $hosts = Get-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force + $hosts | ForEach-Object -Process { + if (($_ -ne "") -and (-not $_.StartsWith("#")) -and ($IPArray -split "`r?`n" | Select-String -Pattern $_)) + { + $UiData = $_ + $hosts = $hosts | Where-Object -FilterScript {$_ -notmatch $UiData} + } } + $hosts | Set-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding Default -Force } catch [System.Net.WebException] { - Write-Warning -Message $Localization.NoInternetConnection - Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + Write-Warning -Message ($Localization.NoResponse -f "https://github.com") + Write-Error -Message ($Localization.NoResponse -f "https://github.com") -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue } } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue + } + + # Check if Microsoft Store as being an important system component was removed + if (-not (Get-AppxPackage -Name Microsoft.WindowsStore)) + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Store" + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } # PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word Get-ChildItem -Path "$env:TEMP\Computer.txt", "$env:TEMP\User.txt" -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore @@ -766,7 +937,7 @@ function CreateRestorePoint .NOTES Machine-wide user #> -function script:Set-Policy +function script:Set-Policy ### { [CmdletBinding()] param @@ -10092,8 +10263,13 @@ function UninstallUWPApps # The Bundle packages contains no Spotify if (Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers:$AllUsers) { - # Temporarily hack: due to the fact that there are actually two Microsoft Teams packages, we need to choose the first one to display - $AppxPackages += Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers:$AllUsers | Select-Object -Index 0 + $AppxPackages += Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers:$AllUsers + } + + # The Bundle packages contains no Disney+ + if (Get-AppxPackage -Name Disney.37853FC22B2CE -AllUsers:$AllUsers) + { + $AppxPackages += Get-AppxPackage -Name Disney.37853FC22B2CE -AllUsers:$AllUsers } $PackagesIds = [Windows.Management.Deployment.PackageManager, Windows.Web, ContentType = WindowsRuntime]::new().FindPackages() | Select-Object -Property DisplayName -ExpandProperty Id | Select-Object -Property Name, DisplayName @@ -10447,7 +10623,7 @@ function RestoreUWPApps $AppxPackages += Get-AppxPackage -Name MicrosoftTeams -AllUsers | Where-Object -FilterScript {$_.PackageUserInformation -match "Staged"} | Select-Object -Index 0 } - # The Bundle packages contains no Microsoft Teams + # The Bundle packages contains no Spotify if (Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers) { # Temporarily hack: due to the fact that there are actually two Spotify packages, we need to choose the first one to display @@ -12509,8 +12685,8 @@ function EventViewerCustomView New-Item -Path "$env:ProgramData\Microsoft\Event Viewer\Views" -ItemType Directory -Force } - # Save ProcessCreation.xml in the UTF-8 with BOM encoding - Set-Content -Path "$env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml" -Value $XML -Encoding UTF8 -Force + # Save ProcessCreation.xml in the UTF-8 without BOM encoding + Set-Content -Path "$env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml" -Value $XML -Encoding Default -NoNewline -Force } "Disable" { diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/de-DE/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/de-DE/Sophia.psd1 index 9451951d..d09e00d2 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/de-DE/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/de-DE/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nIm Ordner "bin" befinden sich kein RebootPending = \nDer PC wartet darauf, neu gestartet zu werden UnsupportedRelease = \nNeue Version gefunden CustomizationWarning = \nHaben Sie alle Funktionen in der voreingestellten Datei {0} angepasst, bevor Sie Sophia Script ausführen? -DefenderBroken = \nMicrosoft Defender defekt oder aus dem Betriebssystem entfernt +WindowsComponentBroken = \n{0} defekt oder aus dem Betriebssystem entfernt UpdateDefender = \nDie Microsoft Defender-Definitionen sind veraltet. Führen Sie Windows Update aus und versuchen Sie es erneut. ControlledFolderAccessDisabled = Kontrollierter Ordnerzugriff deaktiviert ScheduledTasks = Geplante Aufgaben diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/en-US/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/en-US/Sophia.psd1 index 1da9a51b..d8ab2d6b 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/en-US/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/en-US/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nThere are no files in the bin fold RebootPending = \nThe PC is waiting to be restarted UnsupportedRelease = \nA new version found CustomizationWarning = \nHave you customized every function in the {0} preset file before running Sophia Script? -DefenderBroken = \nMicrosoft Defender broken or removed from the OS +WindowsComponentBroken = \n{0} broken or removed from the OS UpdateDefender = \nMicrosoft Defender definitions are out-of-date. Run Windows Update and try again ControlledFolderAccessDisabled = Controlled folder access disabled ScheduledTasks = Scheduled tasks diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/es-ES/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/es-ES/Sophia.psd1 index 6c896dc3..65ffbe8c 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/es-ES/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/es-ES/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nNo hay archivos en la carpeta bin. RebootPending = \nEl PC está esperando a ser reiniciado UnsupportedRelease = \nUna nueva versión encontrada CustomizationWarning = \n¿Ha personalizado todas las funciones del archivo predeterminado {0} antes de ejecutar Sophia Script? -DefenderBroken = \nMicrosoft Defender dañado o eliminado del sistema operativo +WindowsComponentBroken = \n{0} dañado o eliminado del sistema operativo UpdateDefender = \nLas definiciones de Microsoft Defender no están actualizadas. Ejecute Windows Update y vuelva a intentarlo ControlledFolderAccessDisabled = Acceso a la carpeta controlada deshabilitado ScheduledTasks = Tareas programadas diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/fr-FR/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/fr-FR/Sophia.psd1 index d586d004..0366f3cb 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/fr-FR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/fr-FR/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nIl n'y a pas de fichiers dans le d RebootPending = \nLe PC attend d'être redémarré UnsupportedRelease = \nNouvelle version trouvée CustomizationWarning = \nAvez-vous personnalisé chaque fonction du fichier de préréglage {0} avant d'exécuter Sophia Script? -DefenderBroken = \nMicrosoft Defender cassé ou supprimé du système d'exploitation +WindowsComponentBroken = \n{0} cassé ou supprimé du système d'exploitation UpdateDefender = \nLes définitions de Microsoft Defender ne sont pas à jour. Exécutez Windows Update et réessayez ControlledFolderAccessDisabled = Contrôle d'accès aux dossiers désactivé ScheduledTasks = Tâches planifiées diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/hu-HU/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/hu-HU/Sophia.psd1 index 9096fefe..082cee4b 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/hu-HU/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/hu-HU/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nA bin mappában nincsenek fájlok. RebootPending = \nA számítógép újraindításra vár UnsupportedRelease = \nÚj verzió érhető el CustomizationWarning = \nSzemélyre szabott minden opciót a {0} preset fájlban, mielőtt futtatni kívánja a Sophia szkriptet? -DefenderBroken = \nA Microsoft Defender elromlott vagy eltávolították az operációs rendszerből +WindowsComponentBroken = \nA {0} elromlott vagy eltávolították az operációs rendszerből UpdateDefender = \nA Microsoft Defender definíciói elavultak. Futtassa a Windows Update programot, és próbálja meg újra ControlledFolderAccessDisabled = Vezérelt mappához való hozzáférés kikapcsolva ScheduledTasks = Ütemezett feladatok diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/it-IT/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/it-IT/Sophia.psd1 index a80ab161..f11798a7 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/it-IT/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/it-IT/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nNon ci sono file nella cartella bi RebootPending = \nIl PC è in attesa di essere riavviato UnsupportedRelease = \nNuova versione trovata CustomizationWarning = \nSono state personalizzate tutte le funzioni nel file di configurazione {0} prima di eseguire Sophia Script? -DefenderBroken = \nMicrosoft Defender rimosso dal sistema +WindowsComponentBroken = \n{0} rimosso dal sistema UpdateDefender = \nLe definizioni di Microsoft Defender non sono aggiornate. Eseguire Windows Update e riprovare ControlledFolderAccessDisabled = l'accesso alle cartelle controllata disattivata ScheduledTasks = Attività pianificate diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pl-PL/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pl-PL/Sophia.psd1 index e4b6b0ad..ea517bec 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pl-PL/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pl-PL/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nW folderze bin nie ma żadnych pli RebootPending = \nKomputer oczekuje na ponowne uruchomienie UnsupportedRelease = \nZnaleziono nową wersję CustomizationWarning = \nCzy dostosowałeś funkcje w predefiniowanym pliku {0} przed uruchomieniem Sophia Script? -DefenderBroken = \nMicrosoft Defender jest uszkodzony lub usunięty z systemu operacyjnego +WindowsComponentBroken = \n{0} jest uszkodzony lub usunięty z systemu operacyjnego UpdateDefender = \nDefinicje programu Microsoft Defender są nieaktualne. Uruchom aktualizację systemu Windows i spróbuj ponownie. ControlledFolderAccessDisabled = Kontrolowany dostęp do folderów został wyłączony ScheduledTasks = Zaplanowane zadania diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pt-BR/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pt-BR/Sophia.psd1 index 17cb250c..63297567 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pt-BR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/pt-BR/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nNão existem ficheiros na pasta bi RebootPending = \nO PC está esperando para ser reiniciado UnsupportedRelease = \nNova versão encontrada CustomizationWarning = \nVocê personalizou todas as funções no arquivo de predefinição {0} antes de executar o Sophia Script? -DefenderBroken = \nMicrosoft Defender quebrado ou removido do sistema operativo +WindowsComponentBroken = \n{0} quebrado ou removido do sistema operativo UpdateDefender = \nAs definições do Microsoft Defender estão desatualizadas. Execute o Windows Update e tente novamente ControlledFolderAccessDisabled = Acesso controlado a pasta desativada ScheduledTasks = Tarefas agendadas diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/ru-RU/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/ru-RU/Sophia.psd1 index b6a355da..cbc3569c 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/ru-RU/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/ru-RU/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nВ папке bin отсутств RebootPending = \nКомпьютер ожидает перезагрузки UnsupportedRelease = \nОбнаружена новая версия CustomizationWarning = \nВы настроили все функции в пресет-файле {0} перед запуском Sophia Script? -DefenderBroken = \nMicrosoft Defender сломан или удален из ОС +WindowsComponentBroken = \n{0} сломан или удален из ОС UpdateDefender = \nОпределения Microsoft Defender устарели. Запустите обновление Windows ControlledFolderAccessDisabled = Контролируемый доступ к папкам выключен ScheduledTasks = Запланированные задания diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/tr-TR/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/tr-TR/Sophia.psd1 index 632ca30c..87aa27e9 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/tr-TR/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/tr-TR/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nbin klasöründe dosya yok. Lütfe RebootPending = \nPC yeniden başlatılmayı bekliyor UnsupportedRelease = \nYeni sürüm bulundu CustomizationWarning = \nSophia Script'i çalıştırmadan önce {0} ön ayar dosyasındaki her işlevi özelleştirdiniz mi? -DefenderBroken = \nMicrosoft Defender bozuk veya işletim sisteminden kaldırıldı +WindowsComponentBroken = \n{0} bozuk veya işletim sisteminden kaldırıldı UpdateDefender = \nMicrosoft Defender tanımları güncel değil. Windows Update'i çalıştırın ve tekrar deneyin ControlledFolderAccessDisabled = Kontrollü klasör erişimi devre dışı bırakıldı ScheduledTasks = Zamanlanan görevler diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/uk-UA/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/uk-UA/Sophia.psd1 index dc2412f7..0937b753 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/uk-UA/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/uk-UA/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nУ папці bin відсутні RebootPending = \nКомп'ютер очікує на перезавантаження UnsupportedRelease = \nВиявлено нову версію CustomizationWarning = \nВи налаштували всі функції в пресет-файлі {0} перед запуском Sophia Script? -DefenderBroken = \nMicrosoft Defender пошкоджено або видалено з ОС +WindowsComponentBroken = \n{0} пошкоджено або видалено з ОС UpdateDefender = \nВизначення Microsoft Defender застаріли. Запустіть Windows Update і повторіть спробу ControlledFolderAccessDisabled = Контрольований доступ до папок вимкнений ScheduledTasks = Заплановані задачі diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/zh-CN/Sophia.psd1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/zh-CN/Sophia.psd1 index 3124f55e..eb4f2ead 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/zh-CN/Sophia.psd1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Localizations/zh-CN/Sophia.psd1 @@ -11,7 +11,7 @@ bin = \nbin文件夹中没有文件。请 RebootPending = \n计算机正在等待重新启动 UnsupportedRelease = \n找到新版本 CustomizationWarning = \n在运行Sophia Script之前,您是否已自定义{0}预设文件中的每个函数? -DefenderBroken = \nMicrosoft Defender 损坏或从操作系统中删除 +WindowsComponentBroken = \n{0} 损坏或从操作系统中删除 UpdateDefender = \nMicrosoft Defender的定义已经过期。运行Windows Update并再次尝试 ControlledFolderAccessDisabled = "受控文件夹访问"已禁用 ScheduledTasks = 计划任务 diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1 index 2a43abf4..a2a69b61 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1 @@ -57,6 +57,112 @@ function Checks [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 + # Extract strings from %SystemRoot%\System32\shell32.dll using its' number + $Signature = @{ + Namespace = "WinAPI" + Name = "GetStr" + Language = "CSharp" + UsingNamespace = "System.Text" + MemberDefinition = @" +[DllImport("kernel32.dll", CharSet = CharSet.Auto)] +public static extern IntPtr GetModuleHandle(string lpModuleName); + +[DllImport("user32.dll", CharSet = CharSet.Auto)] +internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); + +public static string GetString(uint strId) +{ + IntPtr intPtr = GetModuleHandle("shell32.dll"); + StringBuilder sb = new StringBuilder(255); + LoadString(intPtr, strId, sb, sb.Capacity); + return sb.ToString(); +} +"@ + } + if (-not ("WinAPI.GetStr" -as [type])) + { + Add-Type @Signature + } + + # Check if Microsoft Edge as being a system component was removed by harmful tweakers + if (-not (Test-Path -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe")) + { + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + try + { + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } + + try + { + # Download Microsoft Edge Stable x64 + $DownloadsFolder = Get-ItemPropertyValue -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" -Name "{374DE290-123F-4565-9164-39C4925E467B}" + $Parameters = @{ + Uri = "https://c2rsetup.officeapps.live.com/c2r/downloadEdge.aspx?platform=Default&source=EdgeStablePage&Channel=Stable&language=$((Get-WinSystemLocale).TwoLetterISOLanguageName)" + OutFile = "$DownloadsFolder\MicrosoftEdgeSetup.exe" + UseBasicParsing = $true + Verbose = $true + } + Invoke-Webrequest @Parameters + + # Install Microsoft Edge Stable x64 + Start-Process -FilePath "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Wait + + Get-Process -Name msedge | Stop-Process -Force -ErrorAction Ignore + Start-Sleep -Seconds 5 + + try + { + & "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe" --no-first-run --noerrdialogs --no-default-browser-check --start-maximized + } + catch [System.InvalidOperationException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Edge" + + "https://t.me/sophia_chat" + "https://discord.gg/sSryhaEv79" + + exit + } + catch [System.Management.Automation.ApplicationFailedException] + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Edge" + + "https://t.me/sophia_chat" + "https://discord.gg/sSryhaEv79" + + exit + } + + Stop-Process -Name msedge -Force -ErrorAction Ignore + + Remove-Item -Path "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Force + } + catch [System.Net.WebException] + { + Write-Warning -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") + Write-Error -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") -ErrorAction SilentlyContinue + } + } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + } + } + # Detect the OS build version switch ((Get-CimInstance -ClassName CIM_OperatingSystem).BuildNumber) { @@ -196,9 +302,11 @@ function Checks {$_ -lt 22000} { Write-Warning -Message $Localization.UnsupportedOSBuild + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows#system-requirements" + exit } } @@ -207,9 +315,11 @@ function Checks if ($ExecutionContext.SessionState.LanguageMode -ne "FullLanguage") { Write-Warning -Message $Localization.UnsupportedLanguageMode + Start-Process -FilePath "https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_language_modes" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -221,8 +331,10 @@ function Checks if ($CurrentUserName -ne $LoginUserName) { Write-Warning -Message $Localization.LoggedInUserNotAdmin + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -230,8 +342,10 @@ function Checks if ($PSVersionTable.PSVersion.Major -ne 7) { Write-Warning -Message ($Localization.UnsupportedPowerShell -f $PSVersionTable.PSVersion.Major, $PSVersionTable.PSVersion.Minor) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -239,12 +353,14 @@ function Checks if (($Host.Name -match "ISE") -or ($env:TERM_PROGRAM -eq "vscode")) { Write-Warning -Message ($Localization.UnsupportedHost -f $Host.Name.replace("Host", "")) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } - # Check whether Windows was broken by 3rd party tweakers and trojans + # Check whether Windows was broken by 3rd party harmful tweakers and trojans $Tweakers = @{ # https://github.com/Sycnex/Windows10Debloater Windows10Debloater = "$env:SystemDrive\Temp\Windows10Debloater" @@ -259,7 +375,7 @@ function Checks # https://win10tweaker.ru "Win 10 Tweaker" = "HKCU:\Software\Win 10 Tweaker" # https://forum.ru-board.com/topic.cgi?forum=5&topic=50519 - "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\.exts\shell\open\command" + "Modern Tweaker" = "Registry::HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\Modern Cleaner" # https://boosterx.ru BoosterX = "$env:ProgramFiles\GameModeX\GameModeX.exe" # https://forum.ru-board.com/topic.cgi?forum=5&topic=14285&start=400#11 @@ -268,6 +384,10 @@ function Checks "Defender Switch" = "$env:ProgramData\DSW" # https://revi.cc/revios/download "Revision Tool" = "${env:ProgramFiles(x86)}\Revision Tool" + # https://www.youtube.com/watch?v=L0cj_I6OF2o + "WinterOS Tweaker" = "$env:SystemRoot\WinterOS*" + # https://github.com/ThePCDuke/WinCry + WinCry = "$env:SystemRoot\TempCleaner.exe" } foreach ($Tweaker in $Tweakers.Keys) { @@ -276,16 +396,20 @@ function Checks if ($Tweakers[$Tweaker] -eq "HKCU:\Software\Win 10 Tweaker") { Write-Warning -Message $Localization.Win10TweakerWarning + Start-Process -FilePath "https://youtu.be/na93MS-1EkM" Start-Process -FilePath "https://pikabu.ru/story/byekdor_v_win_10_tweaker_ili_sovremennyie_metodyi_borbyi_s_piratstvom_8227558" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } Write-Warning -Message ($Localization.TweakerWarning -f $Tweaker) + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -294,8 +418,10 @@ function Checks if (Get-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\.NETFramework\Performance -Name *flibustier) { Write-Warning -Message ($Localization.TweakerWarning -f "flblauncher") + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -308,10 +434,11 @@ function Checks if (($Files | Test-Path) -contains $false) { Write-Warning -Message $Localization.Bin - Start-Sleep -Seconds 5 + Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -328,8 +455,10 @@ function Checks if (($PendingActions | Test-Path) -contains $true) { Write-Warning -Message $Localization.RebootPending + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -362,11 +491,10 @@ function Checks { Write-Warning -Message $Localization.UnsupportedRelease - Start-Sleep -Seconds 5 - Start-Process -FilePath "https://github.com/farag2/Sophia-Script-for-Windows/releases/latest" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } } @@ -392,7 +520,7 @@ function Checks { # Provider Load Failure exception Write-Warning -Message $Global:Error.Exception.Message | Select-Object -First 1 - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" @@ -403,9 +531,11 @@ function Checks # Check Microsoft Defender state if ($null -eq (Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntiVirusProduct -ErrorAction Ignore)) { - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } @@ -416,9 +546,11 @@ function Checks } catch [Microsoft.PowerShell.Commands.ServiceCommandException] { - Write-Warning -Message $Localization.DefenderBroken + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Defender" + Start-Process -FilePath "https://t.me/sophia_chat" Start-Process -FilePath "https://discord.gg/sSryhaEv79" + exit } $Script:DefenderServices = ($Services | Where-Object -FilterScript {$_.Status -ne "running"} | Measure-Object).Count -lt $Services.Count @@ -572,33 +704,6 @@ function Checks } #endregion Defender checks - # Extract strings from %SystemRoot%\System32\shell32.dll using its' number - $Signature = @{ - Namespace = "WinAPI" - Name = "GetStr" - Language = "CSharp" - UsingNamespace = "System.Text" - MemberDefinition = @" -[DllImport("kernel32.dll", CharSet = CharSet.Auto)] -public static extern IntPtr GetModuleHandle(string lpModuleName); - -[DllImport("user32.dll", CharSet = CharSet.Auto)] -internal static extern int LoadString(IntPtr hInstance, uint uID, StringBuilder lpBuffer, int nBufferMax); - -public static string GetString(uint strId) -{ - IntPtr intPtr = GetModuleHandle("shell32.dll"); - StringBuilder sb = new StringBuilder(255); - LoadString(intPtr, strId, sb, sb.Capacity); - return sb.ToString(); -} -"@ - } - if (-not ("WinAPI.GetStr" -as [type])) - { - Add-Type @Signature - } - # Enable back the SysMain service if it was disabled by harmful tweakers if ((Get-Service -Name SysMain).Status -eq "Stopped") { @@ -614,18 +719,35 @@ public static string GetString(uint strId) Get-CimInstance -ClassName CIM_ComputerSystem | Set-CimInstance -Property @{AutomaticManagedPageFile = $true} } - # Check if Microsoft Edge as being a system component was removed by harmful tweakers - if (-not (Test-Path -Path "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe")) + # Remove firewalled IP addresses that block Microsoft recourses added by harmful tweakers + # https://wpd.app + Get-NetFirewallRule | Where-Object -FilterScript {($_.DisplayName -match "Blocker MicrosoftTelemetry") -or ($_.DisplayName -match "Blocker MicrosoftExtra") -or ($_.DisplayName -match "windowsSpyBlocker")} | Remove-NetFirewallRule + + Write-Information -MessageData "" -InformationAction Continue + # Extract the localized "Please wait..." string from shell32.dll + Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + + # Remove IP addresses from hosts file that block Microsoft recourses added by WindowsSpyBlocker + # https://github.com/crazy-max/WindowsSpyBlocker + try { - Write-Information -MessageData "" -InformationAction Continue - # Extract the localized "Please wait..." string from shell32.dll - Write-Verbose -Message ([WinAPI.GetStr]::GetString(12612)) -Verbose + # Check the internet connection + $Parameters = @{ + Uri = "https://www.google.com" + Method = "Head" + DisableKeepAlive = $true + UseBasicParsing = $true + } + if (-not (Invoke-WebRequest @Parameters).StatusDescription) + { + return + } try { - # Check the internet connection + # Check whether https://github.com is alive $Parameters = @{ - Uri = "https://www.google.com" + Uri = "https://github.com" Method = "Head" DisableKeepAlive = $true UseBasicParsing = $true @@ -635,43 +757,92 @@ public static string GetString(uint strId) return } - try - { - # Download Microsoft Edge Stable x64 - $DownloadsFolder = Get-ItemPropertyValue -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" -Name "{374DE290-123F-4565-9164-39C4925E467B}" - $Parameters = @{ - Uri = "https://c2rsetup.officeapps.live.com/c2r/downloadEdge.aspx?platform=Default&source=EdgeStablePage&Channel=Stable&language=$((Get-WinSystemLocale).TwoLetterISOLanguageName)" - OutFile = "$DownloadsFolder\MicrosoftEdgeSetup.exe" - UseBasicParsing = $true - Verbose = $true - } - Invoke-Webrequest @Parameters + Clear-Variable -Name IPArray -ErrorAction Ignore - # Install Microsoft Edge Stable x64 - Start-Process -FilePath "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Wait + # https://github.com/crazy-max/WindowsSpyBlocker/tree/master/data/hosts + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra = (Invoke-WebRequest @Parameters).Content - Get-Process -Name msedge | Stop-Process -Force -ErrorAction Ignore - Start-Sleep -Seconds 5 + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/extra_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $extra_v6 = (Invoke-WebRequest @Parameters).Content - & "${env:ProgramFiles(x86)}\Microsoft\Edge\Application\msedge.exe" --no-first-run --noerrdialogs --no-default-browser-check --start-maximized + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy = (Invoke-WebRequest @Parameters).Content - Remove-Item -Path "$DownloadsFolder\MicrosoftEdgeSetup.exe" -Force + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy_v6.txt" + UseBasicParsing = $true + Verbose = $true + } + $spy_v6 = (Invoke-WebRequest @Parameters).Content - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update.txt" + UseBasicParsing = $true + Verbose = $true } - catch [System.Net.WebException] - { - Write-Warning -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") - Write-Error -Message ($Localization.NoResponse -f "https://c2rsetup.officeapps.live.com") -ErrorAction SilentlyContinue + $update =(Invoke-WebRequest @Parameters).Content + + $Parameters = @{ + Uri = "https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/update_v6.txt" + UseBasicParsing = $true + Verbose = $true } + $update_v6 = (Invoke-WebRequest @Parameters).Content + + $IPArray += $extra, $extra_v6, $spy, $spy_v6, $update, $update_v6 + # Split the Array variable content + $IPArray = $IPArray -split "`r?`n" | Where-Object -FilterScript {$_ -notmatch "#"} + + # Clear hosts file + $hosts = Get-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding utf8 -Force + $hosts | ForEach-Object -Process { + if (($_ -ne "") -and (-not $_.StartsWith("#")) -and ($IPArray -split "`r?`n" | Select-String -Pattern $_)) + { + $UiData = $_ + $hosts = $hosts | Where-Object -FilterScript {$_ -notmatch $UiData} + } + } + $hosts | Set-Content -Path "$env:SystemRoot\System32\drivers\etc\hosts" -Encoding utf8 -Force } catch [System.Net.WebException] { - Write-Warning -Message $Localization.NoInternetConnection - Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + Write-Warning -Message ($Localization.NoResponse -f "https://github.com") + Write-Error -Message ($Localization.NoResponse -f "https://github.com") -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue } } + catch [System.Net.WebException] + { + Write-Warning -Message $Localization.NoInternetConnection + Write-Error -Message $Localization.NoInternetConnection -ErrorAction SilentlyContinue + + Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue + } + + # Check if Microsoft Store as being an important system component was removed + if (-not (Get-AppxPackage -Name Microsoft.WindowsStore)) + { + Write-Warning -Message $Localization.WindowsComponentBroken -f "Microsoft Store" + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } # PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word Get-ChildItem -Path "$env:TEMP\Computer.txt", "$env:TEMP\User.txt" -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore @@ -10110,11 +10281,16 @@ function UninstallUWPApps # The Bundle packages contains no Spotify if (Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers:$AllUsers) { - # Temporarily hack: due to the fact that there are actually two Microsoft Teams packages, we need to choose the first one to display - $AppxPackages += Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers:$AllUsers | Select-Object -Index 0 + $AppxPackages += Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers:$AllUsers } - $PackagesIds = [Windows.Management.Deployment.PackageManager]::new().FindPackages() | Select-Object -Property DisplayName -ExpandProperty Id | Select-Object -Property Name, DisplayName + # The Bundle packages contains no Disney+ + if (Get-AppxPackage -Name Disney.37853FC22B2CE -AllUsers:$AllUsers) + { + $AppxPackages += Get-AppxPackage -Name Disney.37853FC22B2CE -AllUsers:$AllUsers + } + + $PackagesIds = [Windows.Management.Deployment.PackageManager, Windows.Web, ContentType = WindowsRuntime]::new().FindPackages() | Select-Object -Property DisplayName -ExpandProperty Id | Select-Object -Property Name, DisplayName foreach ($AppxPackage in $AppxPackages) { @@ -10475,7 +10651,7 @@ function RestoreUWPApps $AppxPackages += Get-AppxPackage -Name MicrosoftTeams -AllUsers | Where-Object -FilterScript {$_.PackageUserInformation -match "Staged"} | Select-Object -Index 0 } - # The Bundle packages contains no Microsoft Teams + # The Bundle packages contains no Spotify if (Get-AppxPackage -Name SpotifyAB.SpotifyMusic -AllUsers) { # Temporarily hack: due to the fact that there are actually two Spotify packages, we need to choose the first one to display