diff --git a/README.md b/README.md index 0c7df0bf..e892d09d 100644 --- a/README.md +++ b/README.md @@ -113,16 +113,17 @@ | Version | Marketing name | Build | Arch | Editions | |:-------------------------------------|--------------------:|:-----------:|:----:|:-------------------:| -| Windows 11 Insider Preview 23H2 | 2023 Update | 22509+ | | Home/Pro/Enterprise | -| Windows 11 22H2 | 2022 Update | 22621.1928+ | | Home/Pro/Enterprise | -| Windows 10 22H2 | 2022 Update | 19045.3155+ | x64 | Home/Pro/Enterprise | -| Windows 10 21H2 Enterprise LTSC 2021 | October 2021 Update | 19044.3155+ | x64 | Enterprise | -| Windows 10 1809 Enterprise LTSC 2019 | October 2018 Update | 17763.4499+ | x64 | Enterprise | +| Windows 11 Insider Preview 24H2 | 2024 Update | 22509+ | | Home/Pro/Enterprise | +| Windows 11 23H2 | 2023 Update | 22631.2715+ | | Home/Pro/Enterprise | +| Windows 11 22H2 | 2022 Update | 22621.2428+ | | Home/Pro/Enterprise | +| Windows 10 22H2 | 2022 Update | 19045.3570+ | x64 | Home/Pro/Enterprise | +| Windows 10 21H2 Enterprise LTSC 2021 | October 2021 Update | 19044.3570+ | x64 | Enterprise | +| Windows 10 1809 Enterprise LTSC 2019 | October 2018 Update | 17763.4974+ | x64 | Enterprise | ### Warning * It's allowed to be logged in as one admin user only during application startup. -* 🔥🔥🔥`Sophia Script for Windows` may not work on a homebrew Windows. Especially, if the homebrew image was created by OS makers being all thumbs who break Microsoft Defender and disable OS telemetry by purposely uprooting system components +* 🔥🔥🔥 `Sophia Script for Windows` may not work on a homebrew Windows. Especially, if the homebrew image was created by OS makers being all thumbs who break Microsoft Defender and disable OS telemetry by purposely uprooting system components ## Key features diff --git a/README_de-de.md b/README_de-de.md index 0be4f82f..4b990359 100644 --- a/README_de-de.md +++ b/README_de-de.md @@ -113,16 +113,17 @@ | Version | Marketing name | Build | Arch | Editions | |:-------------------------------------|--------------------:|:-----------:|:----:|:-------------------:| -| Windows 11 Insider Preview 23H2 | 2023 Update | 22509+ | | Home/Pro/Enterprise | -| Windows 11 22H2 | 2022 Update | 22621.1928+ | | Home/Pro/Enterprise | -| Windows 10 22H2 | 2022 Update | 19045.3155+ | x64 | Home/Pro/Enterprise | -| Windows 10 21H2 Enterprise LTSC 2021 | October 2021 Update | 19044.3155+ | x64 | Enterprise | -| Windows 10 1809 Enterprise LTSC 2019 | October 2018 Update | 17763.4499+ | x64 | Enterprise | +| Windows 11 Insider Preview 24H2 | 2024 Update | 22509+ | | Home/Pro/Enterprise | +| Windows 11 23H2 | 2023 Update | 22631.2715+ | | Home/Pro/Enterprise | +| Windows 11 22H2 | 2022 Update | 22621.2428+ | | Home/Pro/Enterprise | +| Windows 10 22H2 | 2022 Update | 19045.3570+ | x64 | Home/Pro/Enterprise | +| Windows 10 21H2 Enterprise LTSC 2021 | October 2021 Update | 19044.3570+ | x64 | Enterprise | +| Windows 10 1809 Enterprise LTSC 2019 | October 2018 Update | 17763.4974+ | x64 | Enterprise | ### Warnung * Es darf nur ein Admin-Benutzer während des Starts der Anwendung angemeldet sein. -* 🔥🔥🔥`Sophia Script for Windows` funktioniert möglicherweise nicht auf einem selbstgebauten Windows. Insbesondere, wenn das Homebrew-Image von Betriebssystemherstellern erstellt wurde, die Microsoft Defender zerstören und die Telemetrie des Betriebssystems deaktivieren, indem sie absichtlich Systemkomponenten "uprooten". +* 🔥🔥🔥 `Sophia Script for Windows` funktioniert möglicherweise nicht auf einem selbstgebauten Windows. Insbesondere, wenn das Homebrew-Image von Betriebssystemherstellern erstellt wurde, die Microsoft Defender zerstören und die Telemetrie des Betriebssystems deaktivieren, indem sie absichtlich Systemkomponenten "uprooten". ## Haupt-Features diff --git a/README_uk-ua.md b/README_uk-ua.md index eb38ffee..79fe074d 100644 --- a/README_uk-ua.md +++ b/README_uk-ua.md @@ -113,11 +113,12 @@ | Версія | Маркетингова назва | Збіркa | Архітектура | Видання | |:-------------------------------------|--------------------:|:-----------:|:-----------:|:-------------------:| -| Windows 11 Insider Preview 23H2 | 2023 Update | 22509+ | | Home/Pro/Enterprise | -| Windows 11 22H2 | 2022 Update | 22621.1928+ | | Home/Pro/Enterprise | -| Windows 10 22H2 | 2022 Update | 19045.3155+ | x64 | Home/Pro/Enterprise | -| Windows 10 21H2 Enterprise LTSC 2021 | October 2021 Update | 19044.3155+ | x64 | Enterprise | -| Windows 10 1809 Enterprise LTSC 2019 | October 2018 Update | 17763.4499+ | x64 | Enterprise | +| Windows 11 Insider Preview 24H2 | 2024 Update | 22509+ | | Home/Pro/Enterprise | +| Windows 11 23H2 | 2023 Update | 22631.2715+ | | Home/Pro/Enterprise | +| Windows 11 22H2 | 2022 Update | 22621.2428+ | | Home/Pro/Enterprise | +| Windows 10 22H2 | 2022 Update | 19045.3570+ | x64 | Home/Pro/Enterprise | +| Windows 10 21H2 Enterprise LTSC 2021 | October 2021 Update | 19044.3570+ | x64 | Enterprise | +| Windows 10 1809 Enterprise LTSC 2019 | October 2018 Update | 17763.4974+ | x64 | Enterprise | ### Увага diff --git a/src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1 b/src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1 index 72bc0b6e..eb8df80e 100644 --- a/src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1 +++ b/src/Sophia_Script_for_Windows_11_PowerShell_7/Module/Sophia.psm1 @@ -472,6 +472,17 @@ public static string GetString(uint strId) exit } + # Check if Microsoft Store being an important system component was removed + if (-not (Get-AppxPackage -Name Microsoft.WindowsStore)) + { + Write-Warning -Message ($Localization.WindowsComponentBroken -f "Microsoft Store") + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } + # Check if the current module version is the latest one try { @@ -542,6 +553,17 @@ public static string GetString(uint strId) } } + # Checking whether Windows Security Settings page was hidden from UI + # Due to "Set-StrictMode -Version Latest" we have to use GetValue() + if ([Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer", "SettingsPageVisibility", $null) -match "hide:windowsdefender") + { + $Script:DefenderSettingsPageDisplayed = $false + } + else + { + $Script:DefenderSettingsPageDisplayed = $true + } + # Checking whether WMI is corrupted try { @@ -570,6 +592,17 @@ public static string GetString(uint strId) exit } + # Checking whether Windows Security Settings page was hidden from UI + if ([Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer", "SettingsPageVisibility", $null) -match "hide:windowsdefender") + { + Write-Warning -Message ($Localization.WindowsComponentBroken -f "Microsoft Defender") + + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" + + exit + } + # Checking services try { @@ -591,28 +624,22 @@ public static string GetString(uint strId) $DefenderState = ('0x{0:x}' -f $productState).Substring(3, 2) if ($DefenderState -notmatch "00|01") { - $Script:DefenderproductState = $true - } - else - { - $Script:DefenderproductState = $false - } + # Defender is a currently used AV. Continue... + $Script:DefenderProductState = $true - # Specify whether Antispyware protection is enabled - if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/Microsoft/Windows/Defender).AntispywareEnabled) - { - $Script:DefenderAntispywareEnabled = $true - } - else - { - $Script:DefenderAntispywareEnabled = $false - } + # Specify whether Antispyware protection is enabled + if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/Microsoft/Windows/Defender).AntispywareEnabled) + { + $Script:DefenderAntispywareEnabled = $true + } + else + { + $Script:DefenderAntispywareEnabled = $false + } - # https://docs.microsoft.com/en-us/graph/api/resources/intune-devices-windowsdefenderproductstatus?view=graph-rest-beta - # Due to "Set-StrictMode -Version Latest" we have to call Get-Member first to check whether ProductStatus property exists - if (Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/Microsoft/Windows/Defender | Get-Member | Where-Object -FilterScript {$_.Name -eq "ProductStatus"}) - { - if ($Script:DefenderproductState) + # https://docs.microsoft.com/en-us/graph/api/resources/intune-devices-windowsdefenderproductstatus?view=graph-rest-beta + # Due to "Set-StrictMode -Version Latest" we have to call Get-Member first to check whether ProductStatus property exists + if (Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/Microsoft/Windows/Defender | Get-Member | Where-Object -FilterScript {$_.Name -eq "ProductStatus"}) { if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/Microsoft/Windows/Defender).ProductStatus -eq 1) { @@ -625,76 +652,75 @@ public static string GetString(uint strId) } else { - $Script:DefenderProductState = $false - } - } - else - { - Write-Warning -Message $Localization.UpdateDefender + Write-Warning -Message $Localization.UpdateDefender - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" + Start-Process -FilePath "https://t.me/sophia_chat" + Start-Process -FilePath "https://discord.gg/sSryhaEv79" - # Receive updates for other Microsoft products when you update Windows - (New-Object -ComObject Microsoft.Update.ServiceManager).AddService2("7971f918-a847-4430-9279-4a52d1efe18d", 7, "") + # Receive updates for other Microsoft products when you update Windows + (New-Object -ComObject Microsoft.Update.ServiceManager).AddService2("7971f918-a847-4430-9279-4a52d1efe18d", 7, "") - # Check for UWP apps updates - Get-CimInstance -Namespace root/CIMV2/mdm/dmmap -ClassName MDM_EnterpriseModernAppManagement_AppManagement01 | Invoke-CimMethod -MethodName UpdateScanMethod + # Check for UWP apps updates + Get-CimInstance -Namespace root/CIMV2/mdm/dmmap -ClassName MDM_EnterpriseModernAppManagement_AppManagement01 | Invoke-CimMethod -MethodName UpdateScanMethod - # Check for updates - Start-Process -FilePath "$env:SystemRoot\System32\UsoClient.exe" -ArgumentList StartInteractiveScan + # Check for updates + Start-Process -FilePath "$env:SystemRoot\System32\UsoClient.exe" -ArgumentList StartInteractiveScan - # Open the "Windows Update" page - Start-Process -FilePath "ms-settings:windowsupdate" + # Open the "Windows Update" page + Start-Process -FilePath "ms-settings:windowsupdate" - exit - } + exit + } - # https://docs.microsoft.com/en-us/graph/api/resources/intune-devices-windowsdefenderproductstatus?view=graph-rest-beta - if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/Microsoft/Windows/Defender).AMEngineVersion -eq "0.0.0.0") - { - $Script:DefenderAMEngineVersion = $false - } - else - { - $Script:DefenderAMEngineVersion = $true - } + # https://docs.microsoft.com/en-us/graph/api/resources/intune-devices-windowsdefenderproductstatus?view=graph-rest-beta + if ((Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root/Microsoft/Windows/Defender).AMEngineVersion -eq "0.0.0.0") + { + $Script:DefenderAMEngineVersion = $false + } + else + { + $Script:DefenderAMEngineVersion = $true + } - # Check whether Microsoft Defender was turned off - # Due to "Set-StrictMode -Version Latest" we have to use GetValue() - if ([Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender", "DisableAntiSpyware", $null) -eq 1) - { - $Script:DisableAntiSpyware = $true - } - else - { - $Script:DisableAntiSpyware = $false - } + # Check whether Microsoft Defender was turned off + # Due to "Set-StrictMode -Version Latest" we have to use GetValue() + if ([Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender", "DisableAntiSpyware", $null) -eq 1) + { + $Script:AntiSpywareEnabled = $false + } + else + { + $Script:AntiSpywareEnabled = $true + } - # Check whether real-time protection prompts for known malware detection - # Due to "Set-StrictMode -Version Latest" we have to use GetValue() - if ([Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection", "DisableRealtimeMonitoring", $null) -eq 1) - { - $Script:DisableRealtimeMonitoring = $true - } - else - { - $Script:DisableRealtimeMonitoring = $false - } + # Check whether real-time protection prompts for known malware detection + # Due to "Set-StrictMode -Version Latest" we have to use GetValue() + if ([Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection", "DisableRealtimeMonitoring", $null) -eq 1) + { + $Script:RealtimeMonitoringEnabled = $false + } + else + { + $Script:RealtimeMonitoringEnabled = $true + } - # Check whether behavior monitoring was disabled - # Due to "Set-StrictMode -Version Latest" we have to use GetValue() - if ([Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection", "DisableBehaviorMonitoring", $null) -eq 1) - { - $Script:DisableBehaviorMonitoring = $true + # Check whether behavior monitoring was disabled + # Due to "Set-StrictMode -Version Latest" we have to use GetValue() + if ([Microsoft.Win32.Registry]::GetValue("HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection", "DisableBehaviorMonitoring", $null) -eq 1) + { + $Script:BehaviorMonitoringEnabled = $false + } + else + { + $Script:BehaviorMonitoringEnabled = $true + } } else { - $Script:DisableBehaviorMonitoring = $false + $Script:DefenderProductState = $false } - if ($Script:DefenderproductState -and $Script:DefenderServices -and $Script:DefenderAntispywareEnabled -and $Script:DefenderAMEngineVersion -and - (-not $Script:DisableAntiSpyware) -and (-not $Script:DisableRealtimeMonitoring) -and (-not $Script:DisableBehaviorMonitoring)) + if ($Script:DefenderServices -and $Script:DefenderproductState -and $Script:DefenderAntispywareEnabled -and $Script:DefenderAMEngineVersion -and $Script:AntiSpywareEnabled -and $Script:RealtimeMonitoringEnabled -and $Script:BehaviorMonitoringEnabled) { # Defender is enabled $Script:DefenderEnabled = $true @@ -863,17 +889,6 @@ public static string GetString(uint strId) Write-Error -Message ($Localization.RestartFunction -f $MyInvocation.Line.Trim()) -ErrorAction SilentlyContinue } - # Check if Microsoft Store as being an important system component was removed - if (-not (Get-AppxPackage -Name Microsoft.WindowsStore)) - { - Write-Warning -Message ($Localization.WindowsComponentBroken -f "Microsoft Store") - - Start-Process -FilePath "https://t.me/sophia_chat" - Start-Process -FilePath "https://discord.gg/sSryhaEv79" - - exit - } - # PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word Get-ChildItem -Path "$env:TEMP\Computer.txt", "$env:TEMP\User.txt" -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore