@ -472,6 +472,17 @@ public static string GetString(uint strId)
exit
exit
}
}
# Check if Microsoft Store being an important system component was removed
if ( -not ( Get-AppxPackage -Name Microsoft . WindowsStore ) )
{
Write-Warning -Message ( $Localization . WindowsComponentBroken -f " Microsoft Store " )
Start-Process -FilePath " https://t.me/sophia_chat "
Start-Process -FilePath " https://discord.gg/sSryhaEv79 "
exit
}
# Check if the current module version is the latest one
# Check if the current module version is the latest one
try
try
{
{
@ -542,6 +553,17 @@ public static string GetString(uint strId)
}
}
}
}
# Checking whether Windows Security Settings page was hidden from UI
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
if ( [Microsoft.Win32.Registry] :: GetValue ( " HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer " , " SettingsPageVisibility " , $null ) -match " hide:windowsdefender " )
{
$Script:DefenderSettingsPageDisplayed = $false
}
else
{
$Script:DefenderSettingsPageDisplayed = $true
}
# Checking whether WMI is corrupted
# Checking whether WMI is corrupted
try
try
{
{
@ -570,6 +592,17 @@ public static string GetString(uint strId)
exit
exit
}
}
# Checking whether Windows Security Settings page was hidden from UI
if ( [Microsoft.Win32.Registry] :: GetValue ( " HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer " , " SettingsPageVisibility " , $null ) -match " hide:windowsdefender " )
{
Write-Warning -Message ( $Localization . WindowsComponentBroken -f " Microsoft Defender " )
Start-Process -FilePath " https://t.me/sophia_chat "
Start-Process -FilePath " https://discord.gg/sSryhaEv79 "
exit
}
# Checking services
# Checking services
try
try
{
{
@ -591,28 +624,22 @@ public static string GetString(uint strId)
$DefenderState = ( '0x{0:x}' -f $productState ) . Substring ( 3 , 2 )
$DefenderState = ( '0x{0:x}' -f $productState ) . Substring ( 3 , 2 )
if ( $DefenderState -notmatch " 00|01 " )
if ( $DefenderState -notmatch " 00|01 " )
{
{
$Script:DefenderproductState = $true
# Defender is a currently used AV. Continue...
}
$Script:DefenderProductState = $true
else
{
$Script:DefenderproductState = $false
}
# Specify whether Antispyware protection is enabled
# Specify whether Antispyware protection is enabled
if ( ( Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root / Microsoft / Windows / Defender ) . AntispywareEnabled )
if ( ( Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root / Microsoft / Windows / Defender ) . AntispywareEnabled )
{
{
$Script:DefenderAntispywareEnabled = $true
$Script:DefenderAntispywareEnabled = $true
}
}
else
else
{
{
$Script:DefenderAntispywareEnabled = $false
$Script:DefenderAntispywareEnabled = $false
}
}
# https://docs.microsoft.com/en-us/graph/api/resources/intune-devices-windowsdefenderproductstatus?view=graph-rest-beta
# https://docs.microsoft.com/en-us/graph/api/resources/intune-devices-windowsdefenderproductstatus?view=graph-rest-beta
# Due to "Set-StrictMode -Version Latest" we have to call Get-Member first to check whether ProductStatus property exists
# Due to "Set-StrictMode -Version Latest" we have to call Get-Member first to check whether ProductStatus property exists
if ( Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root / Microsoft / Windows / Defender | Get-Member | Where-Object -FilterScript { $_ . Name -eq " ProductStatus " } )
if ( Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root / Microsoft / Windows / Defender | Get-Member | Where-Object -FilterScript { $_ . Name -eq " ProductStatus " } )
{
if ( $Script:DefenderproductState )
{
{
if ( ( Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root / Microsoft / Windows / Defender ) . ProductStatus -eq 1 )
if ( ( Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root / Microsoft / Windows / Defender ) . ProductStatus -eq 1 )
{
{
@ -625,76 +652,75 @@ public static string GetString(uint strId)
}
}
else
else
{
{
$Script:DefenderProductState = $false
Write-Warning -Message $Localization . UpdateDefender
}
}
else
{
Write-Warning -Message $Localization . UpdateDefender
Start-Process -FilePath " https://t.me/sophia_chat "
Start-Process -FilePath " https://t.me/sophia_chat "
Start-Process -FilePath " https://discord.gg/sSryhaEv79 "
Start-Process -FilePath " https://discord.gg/sSryhaEv79 "
# Receive updates for other Microsoft products when you update Windows
# Receive updates for other Microsoft products when you update Windows
( New-Object -ComObject Microsoft . Update . ServiceManager ) . AddService2 ( " 7971f918-a847-4430-9279-4a52d1efe18d " , 7 , " " )
( New-Object -ComObject Microsoft . Update . ServiceManager ) . AddService2 ( " 7971f918-a847-4430-9279-4a52d1efe18d " , 7 , " " )
# Check for UWP apps updates
# Check for UWP apps updates
Get-CimInstance -Namespace root / CIMV2 / mdm / dmmap -ClassName MDM_EnterpriseModernAppManagement_AppManagement01 | Invoke-CimMethod -MethodName UpdateScanMethod
Get-CimInstance -Namespace root / CIMV2 / mdm / dmmap -ClassName MDM_EnterpriseModernAppManagement_AppManagement01 | Invoke-CimMethod -MethodName UpdateScanMethod
# Check for updates
# Check for updates
Start-Process -FilePath " $ env:SystemRoot\System32\UsoClient.exe " -ArgumentList StartInteractiveScan
Start-Process -FilePath " $ env:SystemRoot\System32\UsoClient.exe " -ArgumentList StartInteractiveScan
# Open the "Windows Update" page
# Open the "Windows Update" page
Start-Process -FilePath " ms-settings:windowsupdate "
Start-Process -FilePath " ms-settings:windowsupdate "
exit
exit
}
}
# https://docs.microsoft.com/en-us/graph/api/resources/intune-devices-windowsdefenderproductstatus?view=graph-rest-beta
# https://docs.microsoft.com/en-us/graph/api/resources/intune-devices-windowsdefenderproductstatus?view=graph-rest-beta
if ( ( Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root / Microsoft / Windows / Defender ) . AMEngineVersion -eq " 0.0.0.0 " )
if ( ( Get-CimInstance -ClassName MSFT_MpComputerStatus -Namespace root / Microsoft / Windows / Defender ) . AMEngineVersion -eq " 0.0.0.0 " )
{
{
$Script:DefenderAMEngineVersion = $false
$Script:DefenderAMEngineVersion = $false
}
}
else
else
{
{
$Script:DefenderAMEngineVersion = $true
$Script:DefenderAMEngineVersion = $true
}
}
# Check whether Microsoft Defender was turned off
# Check whether Microsoft Defender was turned off
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
if ( [Microsoft.Win32.Registry] :: GetValue ( " HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender " , " DisableAntiSpyware " , $null ) -eq 1 )
if ( [Microsoft.Win32.Registry] :: GetValue ( " HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender " , " DisableAntiSpyware " , $null ) -eq 1 )
{
{
$Script:Disable AntiSpyware = $tru e
$Script:AntiSpywareEnabled = $fals e
}
}
else
else
{
{
$Script:Disable AntiSpyware = $fals e
$Script:AntiSpywareEnabled = $tru e
}
}
# Check whether real-time protection prompts for known malware detection
# Check whether real-time protection prompts for known malware detection
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
if ( [Microsoft.Win32.Registry] :: GetValue ( " HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection " , " DisableRealtimeMonitoring " , $null ) -eq 1 )
if ( [Microsoft.Win32.Registry] :: GetValue ( " HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection " , " DisableRealtimeMonitoring " , $null ) -eq 1 )
{
{
$Script:Disable RealtimeMonitoring = $tru e
$Script:RealtimeMonitoringEnabled = $fals e
}
}
else
else
{
{
$Script:Disable RealtimeMonitoring = $fals e
$Script:RealtimeMonitoringEnabled = $tru e
}
}
# Check whether behavior monitoring was disabled
# Check whether behavior monitoring was disabled
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
# Due to "Set-StrictMode -Version Latest" we have to use GetValue()
if ( [Microsoft.Win32.Registry] :: GetValue ( " HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection " , " DisableBehaviorMonitoring " , $null ) -eq 1 )
if ( [Microsoft.Win32.Registry] :: GetValue ( " HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection " , " DisableBehaviorMonitoring " , $null ) -eq 1 )
{
{
$Script:DisableBehaviorMonitoring = $true
$Script:BehaviorMonitoringEnabled = $false
}
else
{
$Script:BehaviorMonitoringEnabled = $true
}
}
}
else
else
{
{
$Script:DisableBehaviorMonitoring = $false
$Script:DefenderProductState = $false
}
}
if ( $Script:DefenderproductState -and $Script:DefenderServices -and $Script:DefenderAntispywareEnabled -and $Script:DefenderAMEngineVersion -and
if ( $Script:DefenderServices -and $Script:DefenderproductState -and $Script:DefenderAntispywareEnabled -and $Script:DefenderAMEngineVersion -and $Script:AntiSpywareEnabled -and $Script:RealtimeMonitoringEnabled -and $Script:BehaviorMonitoringEnabled )
( -not $Script:DisableAntiSpyware ) -and ( -not $Script:DisableRealtimeMonitoring ) -and ( -not $Script:DisableBehaviorMonitoring ) )
{
{
# Defender is enabled
# Defender is enabled
$Script:DefenderEnabled = $true
$Script:DefenderEnabled = $true
@ -863,17 +889,6 @@ public static string GetString(uint strId)
Write-Error -Message ( $Localization . RestartFunction -f $MyInvocation . Line . Trim ( ) ) -ErrorAction SilentlyContinue
Write-Error -Message ( $Localization . RestartFunction -f $MyInvocation . Line . Trim ( ) ) -ErrorAction SilentlyContinue
}
}
# Check if Microsoft Store as being an important system component was removed
if ( -not ( Get-AppxPackage -Name Microsoft . WindowsStore ) )
{
Write-Warning -Message ( $Localization . WindowsComponentBroken -f " Microsoft Store " )
Start-Process -FilePath " https://t.me/sophia_chat "
Start-Process -FilePath " https://discord.gg/sSryhaEv79 "
exit
}
# PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word
# PowerShell 5.1 (7.3 too) interprets 8.3 file name literally, if an environment variable contains a non-latin word
Get-ChildItem -Path " $ env:TEMP\Computer.txt " , " $ env:TEMP\User.txt " -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore
Get-ChildItem -Path " $ env:TEMP\Computer.txt " , " $ env:TEMP\User.txt " -Force -ErrorAction Ignore | Remove-Item -Recurse -Force -ErrorAction Ignore