|
|
@ -2,8 +2,8 @@ |
|
|
.SYNOPSIS |
|
|
.SYNOPSIS |
|
|
"Windows 10 Setup Script" is a set of tweaks for OS fine-tuning and automating the routine tasks |
|
|
"Windows 10 Setup Script" is a set of tweaks for OS fine-tuning and automating the routine tasks |
|
|
|
|
|
|
|
|
Version: v4.4.5 |
|
|
Version: v4.4.6 |
|
|
Date: 29.06.2020 |
|
|
Date: 07.07.2020 |
|
|
Copyright (c) 2020 farag & oZ-Zo |
|
|
Copyright (c) 2020 farag & oZ-Zo |
|
|
|
|
|
|
|
|
Thanks to all http://forum.ru-board.com members involved |
|
|
Thanks to all http://forum.ru-board.com members involved |
|
|
@ -20,6 +20,10 @@ |
|
|
|
|
|
|
|
|
Running the script is best done on a fresh install because running it on tweaked system may result in errors occurring |
|
|
Running the script is best done on a fresh install because running it on tweaked system may result in errors occurring |
|
|
|
|
|
|
|
|
|
|
|
Some third-party antiviruses flag this script or its' part as malicious one. This is a false positive due to $EncodedScript variable |
|
|
|
|
|
You can read more on section "Create a Windows cleaning up task in the Task Scheduler" |
|
|
|
|
|
You might need to disable tamper protection from your antivirus settings,re-enable it after running the script, and reboot |
|
|
|
|
|
|
|
|
Check whether the .ps1 file is encoded in UTF-8 with BOM |
|
|
Check whether the .ps1 file is encoded in UTF-8 with BOM |
|
|
The script can not be executed via PowerShell ISE |
|
|
The script can not be executed via PowerShell ISE |
|
|
PowerShell must be run with elevated privileges |
|
|
PowerShell must be run with elevated privileges |
|
|
@ -2444,33 +2448,6 @@ New-ItemProperty -Path HKCU:\System\GameConfigStore -Name GameDVR_Enabled -Prope |
|
|
# Отключить советы Xbox Game Bar |
|
|
# Отключить советы Xbox Game Bar |
|
|
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force |
|
|
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force |
|
|
|
|
|
|
|
|
<# |
|
|
|
|
|
Uninstall all Xbox related UWP apps from all accounts |
|
|
|
|
|
App packages will not be installed when new user accounts are created |
|
|
|
|
|
|
|
|
|
|
|
Удалить все UWP-приложения, связанные с Xbox, из всех учетных записей |
|
|
|
|
|
Приложения не будут установлены при создании новых учетных записей |
|
|
|
|
|
#> |
|
|
|
|
|
$XboxAppxPackages = @( |
|
|
|
|
|
# Xbox Identity Provider |
|
|
|
|
|
# Поставщик удостоверений Xbox |
|
|
|
|
|
"Microsoft.XboxIdentityProvider" |
|
|
|
|
|
# Xbox |
|
|
|
|
|
# Компаньон консоли Xbox |
|
|
|
|
|
"Microsoft.XboxApp" |
|
|
|
|
|
# Xbox TCUI |
|
|
|
|
|
"Microsoft.Xbox.TCUI" |
|
|
|
|
|
# Xbox Speech To Text Overlay |
|
|
|
|
|
"Microsoft.XboxSpeechToTextOverlay" |
|
|
|
|
|
# Xbox Game Bar |
|
|
|
|
|
"Microsoft.XboxGamingOverlay" |
|
|
|
|
|
# Xbox Game Bar Plugin |
|
|
|
|
|
"Microsoft.XboxGameOverlay" |
|
|
|
|
|
) |
|
|
|
|
|
$OFS = "|" |
|
|
|
|
|
Get-AppxPackage -PackageTypeFilter Bundle -AllUsers | Where-Object -FilterScript {$_.Name -cmatch $XboxAppxPackages} | Remove-AppxPackage -AllUsers -Verbose |
|
|
|
|
|
$OFS = " " |
|
|
|
|
|
|
|
|
|
|
|
# Set "High performance" in graphics performance preference for apps |
|
|
# Set "High performance" in graphics performance preference for apps |
|
|
# Установить параметры производительности графики для отдельных приложений на "Высокая производительность" |
|
|
# Установить параметры производительности графики для отдельных приложений на "Высокая производительность" |
|
|
if (Get-CimInstance -ClassName Win32_VideoController | Where-Object -FilterScript {$_.AdapterDACType -ne "Internal" -and $null -ne $_.AdapterDACType}) |
|
|
if (Get-CimInstance -ClassName Win32_VideoController | Where-Object -FilterScript {$_.AdapterDACType -ne "Internal" -and $null -ne $_.AdapterDACType}) |
|
|
@ -2488,51 +2465,55 @@ if (Get-CimInstance -ClassName Win32_VideoController | Where-Object -FilterScrip |
|
|
$Options = "&Add", "&Skip" |
|
|
$Options = "&Add", "&Skip" |
|
|
} |
|
|
} |
|
|
$DefaultChoice = 1 |
|
|
$DefaultChoice = 1 |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
|
|
|
|
switch ($Result) |
|
|
do |
|
|
{ |
|
|
{ |
|
|
"0" |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
switch ($Result) |
|
|
{ |
|
|
{ |
|
|
if (-not (Test-Path -Path HKCU:\Software\Microsoft\DirectX\UserGpuPreferences)) |
|
|
"0" |
|
|
{ |
|
|
{ |
|
|
New-Item -Path HKCU:\Software\Microsoft\DirectX\UserGpuPreferences -Force |
|
|
if (-not (Test-Path -Path HKCU:\Software\Microsoft\DirectX\UserGpuPreferences)) |
|
|
} |
|
|
{ |
|
|
|
|
|
New-Item -Path HKCU:\Software\Microsoft\DirectX\UserGpuPreferences -Force |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
$OpenFileDialog = New-Object -TypeName System.Windows.Forms.OpenFileDialog |
|
|
$OpenFileDialog = New-Object -TypeName System.Windows.Forms.OpenFileDialog |
|
|
if ($RU) |
|
|
if ($RU) |
|
|
{ |
|
|
{ |
|
|
$OpenFileDialog.Filter = "*.exe|*.exe|Все файлы (*.*)|*.*" |
|
|
$OpenFileDialog.Filter = "*.exe|*.exe|Все файлы (*.*)|*.*" |
|
|
} |
|
|
} |
|
|
else |
|
|
else |
|
|
{ |
|
|
{ |
|
|
$OpenFileDialog.Filter = "*.exe|*.exe|All Files (*.*)|*.*" |
|
|
$OpenFileDialog.Filter = "*.exe|*.exe|All Files (*.*)|*.*" |
|
|
} |
|
|
} |
|
|
$OpenFileDialog.InitialDirectory = "${env:ProgramFiles(x86)}" |
|
|
$OpenFileDialog.InitialDirectory = "${env:ProgramFiles(x86)}" |
|
|
$OpenFileDialog.Multiselect = $false |
|
|
$OpenFileDialog.Multiselect = $false |
|
|
# Focus on open file dialog |
|
|
# Focus on open file dialog |
|
|
# Перевести фокус на диалог открытия файла |
|
|
# Перевести фокус на диалог открытия файла |
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
$OpenFileDialog.ShowDialog($tmp) |
|
|
$OpenFileDialog.ShowDialog($tmp) |
|
|
if ($OpenFileDialog.FileName) |
|
|
if ($OpenFileDialog.FileName) |
|
|
{ |
|
|
{ |
|
|
New-ItemProperty -Path HKCU:\Software\Microsoft\DirectX\UserGpuPreferences -Name $OpenFileDialog.FileName -PropertyType String -Value "GpuPreference=2;" -Force |
|
|
New-ItemProperty -Path HKCU:\Software\Microsoft\DirectX\UserGpuPreferences -Name $OpenFileDialog.FileName -PropertyType String -Value "GpuPreference=2;" -Force |
|
|
} |
|
|
} |
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
} |
|
|
|
|
|
"1" |
|
|
|
|
|
{ |
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
|
|
|
} |
|
|
} |
|
|
else |
|
|
"1" |
|
|
{ |
|
|
{ |
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
until ($Result -eq 1) |
|
|
} |
|
|
} |
|
|
#endregion Gaming |
|
|
#endregion Gaming |
|
|
|
|
|
|
|
|
@ -2802,46 +2783,49 @@ else |
|
|
$Options = "&Add a protected folder", "&Skip" |
|
|
$Options = "&Add a protected folder", "&Skip" |
|
|
} |
|
|
} |
|
|
$DefaultChoice = 1 |
|
|
$DefaultChoice = 1 |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
|
|
|
|
switch ($Result) |
|
|
do |
|
|
{ |
|
|
{ |
|
|
"0" |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
{ |
|
|
switch ($Result) |
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
|
|
|
$FolderBrowserDialog = New-Object -TypeName System.Windows.Forms.FolderBrowserDialog |
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
$FolderBrowserDialog.Description = "Выберите папку" |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
$FolderBrowserDialog.Description = "Select a folder" |
|
|
|
|
|
} |
|
|
|
|
|
$FolderBrowserDialog.RootFolder = "MyComputer" |
|
|
|
|
|
# Focus on open file dialog |
|
|
|
|
|
# Перевести фокус на диалог открытия файла |
|
|
|
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
|
|
|
$FolderBrowserDialog.ShowDialog($tmp) |
|
|
|
|
|
if ($FolderBrowserDialog.SelectedPath) |
|
|
|
|
|
{ |
|
|
|
|
|
Set-MpPreference -EnableControlledFolderAccess Enabled |
|
|
|
|
|
Add-MpPreference -ControlledFolderAccessProtectedFolders $FolderBrowserDialog.SelectedPath -Force |
|
|
|
|
|
} |
|
|
|
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
} |
|
|
|
|
|
"1" |
|
|
|
|
|
{ |
|
|
{ |
|
|
if ($RU) |
|
|
"0" |
|
|
{ |
|
|
{ |
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
|
|
|
$FolderBrowserDialog = New-Object -TypeName System.Windows.Forms.FolderBrowserDialog |
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
$FolderBrowserDialog.Description = "Выберите папку" |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
$FolderBrowserDialog.Description = "Select a folder" |
|
|
|
|
|
} |
|
|
|
|
|
$FolderBrowserDialog.RootFolder = "MyComputer" |
|
|
|
|
|
# Focus on open file dialog |
|
|
|
|
|
# Перевести фокус на диалог открытия файла |
|
|
|
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
|
|
|
$FolderBrowserDialog.ShowDialog($tmp) |
|
|
|
|
|
if ($FolderBrowserDialog.SelectedPath) |
|
|
|
|
|
{ |
|
|
|
|
|
Set-MpPreference -EnableControlledFolderAccess Enabled |
|
|
|
|
|
Add-MpPreference -ControlledFolderAccessProtectedFolders $FolderBrowserDialog.SelectedPath -Force |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
else |
|
|
"1" |
|
|
{ |
|
|
{ |
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
until ($Result -eq 1) |
|
|
|
|
|
|
|
|
# Allow an app through Controlled folder access |
|
|
# Allow an app through Controlled folder access |
|
|
# Разрешить работу приложения через контролируемый доступ к папкам |
|
|
# Разрешить работу приложения через контролируемый доступ к папкам |
|
|
@ -2860,46 +2844,49 @@ if ((Get-MpPreference).EnableControlledFolderAccess -eq 1) |
|
|
$Options = "&Add a protected folder", "&Skip" |
|
|
$Options = "&Add a protected folder", "&Skip" |
|
|
} |
|
|
} |
|
|
$DefaultChoice = 1 |
|
|
$DefaultChoice = 1 |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
|
|
|
|
switch ($Result) |
|
|
do |
|
|
{ |
|
|
{ |
|
|
"0" |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
{ |
|
|
switch ($Result) |
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
|
|
|
$OpenFileDialog = New-Object -TypeName System.Windows.Forms.OpenFileDialog |
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
$OpenFileDialog.Filter = "*.exe|*.exe|Все файлы (*.*)|*.*" |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
$OpenFileDialog.Filter = "*.exe|*.exe|All Files (*.*)|*.*" |
|
|
|
|
|
} |
|
|
|
|
|
$OpenFileDialog.InitialDirectory = "::{20D04FE0-3AEA-1069-A2D8-08002B30309D}" |
|
|
|
|
|
$OpenFileDialog.Multiselect = $false |
|
|
|
|
|
# Focus on open file dialog |
|
|
|
|
|
# Перевести фокус на диалог открытия файла |
|
|
|
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
|
|
|
$OpenFileDialog.ShowDialog($tmp) |
|
|
|
|
|
if ($OpenFileDialog.FileName) |
|
|
|
|
|
{ |
|
|
|
|
|
Add-MpPreference -ControlledFolderAccessAllowedApplications $OpenFileDialog.FileName -Force |
|
|
|
|
|
} |
|
|
|
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
} |
|
|
|
|
|
"1" |
|
|
|
|
|
{ |
|
|
{ |
|
|
if ($RU) |
|
|
"0" |
|
|
{ |
|
|
{ |
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
|
|
|
$OpenFileDialog = New-Object -TypeName System.Windows.Forms.OpenFileDialog |
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
$OpenFileDialog.Filter = "*.exe|*.exe|Все файлы (*.*)|*.*" |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
$OpenFileDialog.Filter = "*.exe|*.exe|All Files (*.*)|*.*" |
|
|
|
|
|
} |
|
|
|
|
|
$OpenFileDialog.InitialDirectory = "::{20D04FE0-3AEA-1069-A2D8-08002B30309D}" |
|
|
|
|
|
$OpenFileDialog.Multiselect = $false |
|
|
|
|
|
# Focus on open file dialog |
|
|
|
|
|
# Перевести фокус на диалог открытия файла |
|
|
|
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
|
|
|
$OpenFileDialog.ShowDialog($tmp) |
|
|
|
|
|
if ($OpenFileDialog.FileName) |
|
|
|
|
|
{ |
|
|
|
|
|
Add-MpPreference -ControlledFolderAccessAllowedApplications $OpenFileDialog.FileName -Force |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
else |
|
|
"1" |
|
|
{ |
|
|
{ |
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
until ($Result -eq 1) |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
# Add exclusion folder from Windows Defender Antivirus scanning |
|
|
# Add exclusion folder from Windows Defender Antivirus scanning |
|
|
@ -2917,45 +2904,48 @@ else |
|
|
$Options = "&Exclude folder", "&Skip" |
|
|
$Options = "&Exclude folder", "&Skip" |
|
|
} |
|
|
} |
|
|
$DefaultChoice = 1 |
|
|
$DefaultChoice = 1 |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
|
|
|
|
switch ($Result) |
|
|
do |
|
|
{ |
|
|
{ |
|
|
"0" |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
{ |
|
|
switch ($Result) |
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
|
|
|
$FolderBrowserDialog = New-Object -TypeName System.Windows.Forms.FolderBrowserDialog |
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
$FolderBrowserDialog.Description = "Выберите папку" |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
$FolderBrowserDialog.Description = "Select a folder" |
|
|
|
|
|
} |
|
|
|
|
|
$FolderBrowserDialog.RootFolder = "MyComputer" |
|
|
|
|
|
# Focus on open file dialog |
|
|
|
|
|
# Перевести фокус на диалог открытия файла |
|
|
|
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
|
|
|
$FolderBrowserDialog.ShowDialog($tmp) |
|
|
|
|
|
if ($FolderBrowserDialog.SelectedPath) |
|
|
|
|
|
{ |
|
|
|
|
|
Add-MpPreference -ExclusionPath $FolderBrowserDialog.SelectedPath -Force |
|
|
|
|
|
} |
|
|
|
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
} |
|
|
|
|
|
"1" |
|
|
|
|
|
{ |
|
|
{ |
|
|
if ($RU) |
|
|
"0" |
|
|
{ |
|
|
{ |
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
|
|
|
$FolderBrowserDialog = New-Object -TypeName System.Windows.Forms.FolderBrowserDialog |
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
$FolderBrowserDialog.Description = "Выберите папку" |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
$FolderBrowserDialog.Description = "Select a folder" |
|
|
|
|
|
} |
|
|
|
|
|
$FolderBrowserDialog.RootFolder = "MyComputer" |
|
|
|
|
|
# Focus on open file dialog |
|
|
|
|
|
# Перевести фокус на диалог открытия файла |
|
|
|
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
|
|
|
$FolderBrowserDialog.ShowDialog($tmp) |
|
|
|
|
|
if ($FolderBrowserDialog.SelectedPath) |
|
|
|
|
|
{ |
|
|
|
|
|
Add-MpPreference -ExclusionPath $FolderBrowserDialog.SelectedPath -Force |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
else |
|
|
"1" |
|
|
{ |
|
|
{ |
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
until ($Result -eq 1) |
|
|
|
|
|
|
|
|
# Add exclusion file from Windows Defender Antivirus scanning |
|
|
# Add exclusion file from Windows Defender Antivirus scanning |
|
|
# Добавить файл в список исключений сканирования Windows Defender |
|
|
# Добавить файл в список исключений сканирования Windows Defender |
|
|
@ -2972,46 +2962,49 @@ else |
|
|
$Options = "&Exclude file", "&Skip" |
|
|
$Options = "&Exclude file", "&Skip" |
|
|
} |
|
|
} |
|
|
$DefaultChoice = 1 |
|
|
$DefaultChoice = 1 |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
|
|
|
|
switch ($Result) |
|
|
do |
|
|
{ |
|
|
{ |
|
|
"0" |
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
{ |
|
|
switch ($Result) |
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
|
|
|
$OpenFileDialog = New-Object -TypeName System.Windows.Forms.OpenFileDialog |
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
$OpenFileDialog.Filter = "Все файлы (*.*)|*.*" |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
$OpenFileDialog.Filter = "All Files (*.*)|*.*" |
|
|
|
|
|
} |
|
|
|
|
|
$OpenFileDialog.InitialDirectory = "::{20D04FE0-3AEA-1069-A2D8-08002B30309D}" |
|
|
|
|
|
$OpenFileDialog.Multiselect = $false |
|
|
|
|
|
# Focus on open file dialog |
|
|
|
|
|
# Перевести фокус на диалог открытия файла |
|
|
|
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
|
|
|
$OpenFileDialog.ShowDialog($tmp) |
|
|
|
|
|
if ($OpenFileDialog.FileName) |
|
|
|
|
|
{ |
|
|
|
|
|
Add-MpPreference -ExclusionPath $OpenFileDialog.FileName -Force |
|
|
|
|
|
} |
|
|
|
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
} |
|
|
|
|
|
"1" |
|
|
|
|
|
{ |
|
|
{ |
|
|
if ($RU) |
|
|
"0" |
|
|
{ |
|
|
{ |
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
Add-Type -AssemblyName System.Windows.Forms |
|
|
|
|
|
$OpenFileDialog = New-Object -TypeName System.Windows.Forms.OpenFileDialog |
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
$OpenFileDialog.Filter = "Все файлы (*.*)|*.*" |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
$OpenFileDialog.Filter = "All Files (*.*)|*.*" |
|
|
|
|
|
} |
|
|
|
|
|
$OpenFileDialog.InitialDirectory = "::{20D04FE0-3AEA-1069-A2D8-08002B30309D}" |
|
|
|
|
|
$OpenFileDialog.Multiselect = $false |
|
|
|
|
|
# Focus on open file dialog |
|
|
|
|
|
# Перевести фокус на диалог открытия файла |
|
|
|
|
|
$tmp = New-Object -TypeName System.Windows.Forms.Form -Property @{TopMost = $true} |
|
|
|
|
|
$OpenFileDialog.ShowDialog($tmp) |
|
|
|
|
|
if ($OpenFileDialog.FileName) |
|
|
|
|
|
{ |
|
|
|
|
|
Add-MpPreference -ExclusionPath $OpenFileDialog.FileName -Force |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
else |
|
|
"1" |
|
|
{ |
|
|
{ |
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Пропущено" -Verbose |
|
|
|
|
|
} |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
Write-Verbose -Message "Skipped" -Verbose |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
until ($Result -eq 1) |
|
|
|
|
|
|
|
|
# Turn on Windows Defender Exploit Guard network protection |
|
|
# Turn on Windows Defender Exploit Guard network protection |
|
|
# Включить защиту сети в Windows Defender |
|
|
# Включить защиту сети в Windows Defender |
|
|
@ -3036,64 +3029,60 @@ New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows Security Health\State" |
|
|
# Turn on events auditing generated when a process is created or starts |
|
|
# Turn on events auditing generated when a process is created or starts |
|
|
# Включить аудит событий, возникающих при создании или запуске процесса |
|
|
# Включить аудит событий, возникающих при создании или запуске процесса |
|
|
auditpol /set /subcategory:"{0CCE922B-69AE-11D9-BED3-505054503030}" /success:enable /failure:enable |
|
|
auditpol /set /subcategory:"{0CCE922B-69AE-11D9-BED3-505054503030}" /success:enable /failure:enable |
|
|
$ProcessCreation = $true |
|
|
|
|
|
|
|
|
|
|
|
# Include command line in process creation events |
|
|
<# |
|
|
# Включать командную строку в событиях создания процесса |
|
|
Include command line in process creation events |
|
|
|
|
|
In order this feature to work events auditing must be enabled |
|
|
|
|
|
|
|
|
|
|
|
Включать командную строку в событиях создания процесса |
|
|
|
|
|
Необходимо включить аудит событий, чтобы работала данная опция |
|
|
|
|
|
#> |
|
|
if ($RU) |
|
|
if ($RU) |
|
|
{ |
|
|
{ |
|
|
$OutputEncoding = [System.Console]::OutputEncoding = [System.Console]::InputEncoding = [System.Text.Encoding]::UTF8 |
|
|
$OutputEncoding = [System.Console]::OutputEncoding = [System.Console]::InputEncoding = [System.Text.Encoding]::UTF8 |
|
|
} |
|
|
} |
|
|
|
|
|
New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit -Name ProcessCreationIncludeCmdLine_Enabled -PropertyType DWord -Value 1 -Force |
|
|
|
|
|
|
|
|
|
|
|
<# |
|
|
|
|
|
Create "Process Creation" Event Viewer Custom View |
|
|
|
|
|
In order this feature to work events auditing and command line in process creation events must be enabled |
|
|
|
|
|
|
|
|
if ($ProcessCreation) |
|
|
Создать настаиваемое представление "Создание процесса" в Просмотре событий |
|
|
|
|
|
Необходимо включить аудит событий и командную строку в событиях создания процесса, чтобы работала данная опция |
|
|
|
|
|
#> |
|
|
|
|
|
$XML = @" |
|
|
|
|
|
<ViewerConfig> |
|
|
|
|
|
<QueryConfig> |
|
|
|
|
|
<QueryParams> |
|
|
|
|
|
<UserQuery /> |
|
|
|
|
|
</QueryParams> |
|
|
|
|
|
<QueryNode> |
|
|
|
|
|
<Name>Process Creation</Name> |
|
|
|
|
|
<Description>Process Creation and Command-line Auditing Events</Description> |
|
|
|
|
|
<QueryList> |
|
|
|
|
|
<Query Id="0" Path="Security"> |
|
|
|
|
|
<Select Path="Security">*[System[(EventID=4688)]]</Select> |
|
|
|
|
|
</Query> |
|
|
|
|
|
</QueryList> |
|
|
|
|
|
</QueryNode> |
|
|
|
|
|
</QueryConfig> |
|
|
|
|
|
</ViewerConfig> |
|
|
|
|
|
"@ |
|
|
|
|
|
if (-not (Test-Path -Path "$env:ProgramData\Microsoft\Event Viewer\Views")) |
|
|
{ |
|
|
{ |
|
|
New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit -Name ProcessCreationIncludeCmdLine_Enabled -PropertyType DWord -Value 1 -Force |
|
|
New-Item -Path "$env:ProgramData\Microsoft\Event Viewer\Views" -ItemType Directory -Force |
|
|
$ProcessCreationIncludeCmdLine_Enabled = $true |
|
|
|
|
|
} |
|
|
} |
|
|
|
|
|
$ProcessCreationFilePath = "$env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml" |
|
|
|
|
|
# Saving ProcessCreation.xml in UTF-8 encoding |
|
|
|
|
|
# Сохраняем ProcessCreation.xml в кодировке UTF-8 |
|
|
|
|
|
Set-Content -Value (New-Object System.Text.UTF8Encoding).GetBytes($XML) -Encoding Byte -Path $ProcessCreationFilePath -Force |
|
|
|
|
|
|
|
|
# Create "Process Creation" Event Viewer Custom View |
|
|
|
|
|
# Создать настаиваемое представление "Создание процесса" в Просмотре событий |
|
|
|
|
|
if ($RU) |
|
|
if ($RU) |
|
|
{ |
|
|
{ |
|
|
$OutputEncoding = [System.Console]::OutputEncoding = [System.Console]::InputEncoding = [System.Text.Encoding]::UTF8 |
|
|
[xml]$XML = Get-Content -Path $ProcessCreationFilePath |
|
|
} |
|
|
$XML.ViewerConfig.QueryConfig.QueryNode.Name = "Создание процесса" |
|
|
|
|
|
$XML.ViewerConfig.QueryConfig.QueryNode.Description = "События содания нового процесса и аудит командной строки" |
|
|
if ($ProcessCreation -and $ProcessCreationIncludeCmdLine_Enabled) |
|
|
$xml.Save("$env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml") |
|
|
{ |
|
|
|
|
|
$XML = @" |
|
|
|
|
|
<ViewerConfig> |
|
|
|
|
|
<QueryConfig> |
|
|
|
|
|
<QueryParams> |
|
|
|
|
|
<UserQuery /> |
|
|
|
|
|
</QueryParams> |
|
|
|
|
|
<QueryNode> |
|
|
|
|
|
<Name>Process Creation</Name> |
|
|
|
|
|
<Description>Process Creation and Command-line Auditing Events</Description> |
|
|
|
|
|
<QueryList> |
|
|
|
|
|
<Query Id="0" Path="Security"> |
|
|
|
|
|
<Select Path="Security">*[System[(EventID=4688)]]</Select> |
|
|
|
|
|
</Query> |
|
|
|
|
|
</QueryList> |
|
|
|
|
|
</QueryNode> |
|
|
|
|
|
</QueryConfig> |
|
|
|
|
|
</ViewerConfig> |
|
|
|
|
|
"@ |
|
|
|
|
|
if (-not (Test-Path -Path "$env:ProgramData\Microsoft\Event Viewer\Views")) |
|
|
|
|
|
{ |
|
|
|
|
|
New-Item -Path "$env:ProgramData\Microsoft\Event Viewer\Views" -ItemType Directory -Force |
|
|
|
|
|
} |
|
|
|
|
|
$ProcessCreationFilePath = "$env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml" |
|
|
|
|
|
# Saving ProcessCreation.xml in UTF-8 encoding |
|
|
|
|
|
# Сохраняем ProcessCreation.xml в кодировке UTF-8 |
|
|
|
|
|
Set-Content -Value (New-Object System.Text.UTF8Encoding).GetBytes($XML) -Encoding Byte -Path $ProcessCreationFilePath -Force |
|
|
|
|
|
|
|
|
|
|
|
if ($RU) |
|
|
|
|
|
{ |
|
|
|
|
|
[xml]$XML = Get-Content -Path $ProcessCreationFilePath |
|
|
|
|
|
$XML.ViewerConfig.QueryConfig.QueryNode.Name = "Создание процесса" |
|
|
|
|
|
$XML.ViewerConfig.QueryConfig.QueryNode.Description = "События содания нового процесса и аудит командной строки" |
|
|
|
|
|
$xml.Save("$env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml") |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
# Turn on logging for all Windows PowerShell modules |
|
|
# Turn on logging for all Windows PowerShell modules |
|
|
|
Dmitry Nefedov
4 years ago