@ -1,12 +1,24 @@
<#
. SYNOPSIS
" Windows 10 Setup Script " is a set of tweaks for OS fine-tuning and automating the routine tasks
Version : v4 . 4 . 3
Date : 23 . 06 . 2020
Copyright ( c ) 2020 farag & oZ-Zo
Thanks to all http : / / forum . ru-board . com members involved
. DESCRIPTION
Supported Windows 10 version : 2004 ( 20H1 ) , 19041 build , x64
Most of functions can be run also on LTSB / LTSC
Tested on Home / Pro / Enterprise editions
Due to the fact that the script includes about 150 functions ,
you should read the entire script and comment out those sections that you do not want to be execute
Running the script is best done on a fresh install because running the script on tweaked system may result in occurring errors
Check whether the . ps1 file is encoded in UTF - 8 with BOM
The script can not be executed via PowerShell ISE
PowerShell must be run with elevated privileges
@ -14,15 +26,10 @@
Set execution policy to be able to run scripts only in the current PowerShell session :
Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process -Force
Running the script is best done on a fresh install
. EXAMPLE
PS C: \ > & '.\Win 10.ps1'
. NOTES
Version : v4 . 4 . 3
Date : 19 . 06 . 2020
Written by : farag & oZ-Zo
Thanks to all http : / / forum . ru-board . com members involved
PS C: \ > & '.\Win 10 2004.ps1'
. NOTES
Ask a question on
http : / / forum . ru-board . com / topic . cgi ? forum = 62 & topic = 30617 #15
https : / / habr . com / en / post / 465365 /
@ -30,7 +37,6 @@
https : / / forums . mydigitallife . net / threads / powershell-script -setup -windows - 10 . 81675 /
https : / / www . reddit . com / r / PowerShell / comments / go2n5v / powershell_script_setup_windows_10 /
Copyright ( c ) 2020 farag & oZ-Zo
. LINK
https : / / github . com / farag2 / Windows - 10 -Setup -Script
#>
@ -1954,7 +1960,7 @@ switch ($Result)
" @
$StartMenuLayoutPath = " $ env:TEMP\StartMenuLayout.xml "
# Saving StartMenuLayout.xml in UTF-8 encoding
# Сохраняем StartMenuLayout.xml в кодирв оке UTF-8
# Сохраняем StartMenuLayout.xml в кодиров ке UTF-8
Set-Content -Value ( New-Object System . Text . UTF8Encoding ) . GetBytes ( $StartMenuLayout ) -Encoding Byte -Path $StartMenuLayoutPath -Force
# Temporarily disable changing Start layout
@ -2910,18 +2916,18 @@ if ((Get-MpPreference).EnableControlledFolderAccess -eq 1)
}
}
# Add exclusion folder from Microsoft Defender Antivirus scanning
# Добавить папку в список исключений сканирования Microsoft Defender
# Add exclusion folder from Windows Defender Antivirus scanning
# Добавить папку в список исключений сканирования Windows Defender
if ( $RU )
{
$Title = " Microsoft Defender"
$Message = " Чтобы исключить папку из списка сканирования антивредоносной программы Microsoft Defender, введите необходимую букву "
$Title = " Windows Defender"
$Message = " Чтобы исключить папку из списка сканирования антивредоносной программы Windows Defender, введите необходимую букву "
$Options = " &Исключить папку " , " &Пропустить "
}
else
{
$Title = " Microsoft Defender"
$Message = " To exclude folder from Microsoft Defender Antivirus Scan enter the required letter "
$Title = " Windows Defender"
$Message = " To exclude folder from Windows Defender Antivirus Scan enter the required letter "
$Options = " &Exclude folder " , " &Skip "
}
$DefaultChoice = 1
@ -2965,18 +2971,18 @@ switch ($Result)
}
}
# Add exclusion file from Microsoft Defender Antivirus scanning
# Добавить файл в список исключений сканирования Microsoft Defender
# Add exclusion file from Windows Defender Antivirus scanning
# Добавить файл в список исключений сканирования Windows Defender
if ( $RU )
{
$Title = " Windows Defender "
$Message = " Чтобы исключить файл из списка сканирования антивредоносной программы Microsoft Defender, введите необходимую букву "
$Message = " Чтобы исключить файл из списка сканирования антивредоносной программы Windows Defender, введите необходимую букву "
$Options = " &Исключить файл " , " &Пропустить "
}
else
{
$Title = " Windows Defender "
$Message = " To exclude file from Microsoft Defender Antivirus Scan enter the required letter "
$Message = " To exclude file from Windows Defender Antivirus Scan enter the required letter "
$Options = " &Exclude file " , " &Skip "
}
$DefaultChoice = 1
@ -3038,7 +3044,7 @@ setx /M MP_FORCE_USE_SANDBOX 1
New-ItemProperty -Path " HKCU:\Software\Microsoft\Windows Security Health\State " -Name AccountProtection_MicrosoftAccount_Disconnected -PropertyType DWord -Value 1 -Force
# Dismiss Windows Defender offer in the Windows Security about to turn on the SmartScreen filter for Microsoft Edge
# Отклонить предложение Microsoft Defender в "Безопасность Windows" включить фильтр SmartScreen для Microsoft Edge
# Отклонить предложение Windows Defender в "Безопасность Windows" включить фильтр SmartScreen для Microsoft Edge
New-ItemProperty -Path " HKCU:\Software\Microsoft\Windows Security Health\State " -Name AppAndBrowser_EdgeSmartScreenOff -PropertyType DWord -Value 0 -Force
# Turn on events auditing generated when a process is created or starts
@ -3057,6 +3063,52 @@ if ($ProcessCreation -ne "No Auditing")
New-ItemProperty -Path HKLM : \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System \ Audit -Name ProcessCreationIncludeCmdLine_Enabled -PropertyType DWord -Value 1 -Force
}
# Create "Process Creation" Event Viewer Custom View
# Создать настаиваемое представление "Создание процесса" в Настраиваемых представлениях
if ( $RU )
{
$OutputEncoding = [System.Console] :: OutputEncoding = [System.Console] :: InputEncoding = [System.Text.Encoding] :: UTF8
}
$ProcessCreation = auditpol / get / subcategory : " {0CCE922B-69AE-11D9-BED3-505054503030} " / r | ConvertFrom-Csv | Select-Object -ExpandProperty " Inclusion Setting "
if ( Get-ItemProperty -Path HKLM : \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System \ Audit -Name ProcessCreationIncludeCmdLine_Enabled -ErrorAction Ignore )
{
$ProcessCreationIncludeCmdLine_Enabled = $true
}
if ( ( $ProcessCreation -ne " No Auditing " ) -and ( $ProcessCreationIncludeCmdLine_Enabled -eq $true ) )
{
$XMLfile = @ "
< ViewerConfig >
< QueryConfig >
< QueryParams >
< UserQuery / >
< / QueryParams >
< QueryNode >
< Name > Process Creation < / Name >
< Description > Process Creation and Command-line Auditing Events < / Description >
< QueryList >
< Query Id = " 0 " Path = " Security " >
< Select Path = " Security " > * [ System [ ( EventID = 4688 ) ] ] < / Select >
< / Query >
< / QueryList >
< / QueryNode >
< / QueryConfig >
< / ViewerConfig >
" @
$ProcessCreationPath = " $ env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml "
# Saving ProcessCreation.xml in UTF-8 encoding
# Сохраняем ProcessCreation.xml в кодировке UTF-8
Set-Content -Value ( New-Object System . Text . UTF8Encoding ) . GetBytes ( $XMLfile ) -Encoding Byte -Path $ProcessCreationPath -Force
if ( $RU )
{
[xml] $XML = Get-Content -Path $ProcessCreationPath
$XML . ViewerConfig . QueryConfig . QueryNode . Name = " Создание процесса "
$XML . ViewerConfig . QueryConfig . QueryNode . Description = " События содания нового процесса и аудит командной строки "
$xml . Save ( " $ env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml " )
}
}
# Turn on logging for all Windows PowerShell modules
# Включить ведение журнала для всех модулей Windows PowerShell
if ( -not ( Test-Path -Path HKLM : \ SOFTWARE \ Policies \ Microsoft \ Windows \ PowerShell \ ModuleLogging \ ModuleNames ) )
Dmitry Nefedov
4 years ago