|
|
|
@ -2,8 +2,8 @@ |
|
|
|
.SYNOPSIS |
|
|
|
"Windows 10 Setup Script" is a set of tweaks for OS fine-tuning and automating the routine tasks |
|
|
|
|
|
|
|
Version: v4.4.5 |
|
|
|
Date: 29.06.2020 |
|
|
|
Version: v4.4.6 |
|
|
|
Date: 07.07.2020 |
|
|
|
Copyright (c) 2020 farag & oZ-Zo |
|
|
|
|
|
|
|
Thanks to all http://forum.ru-board.com members involved |
|
|
|
@ -20,6 +20,10 @@ |
|
|
|
|
|
|
|
Running the script is best done on a fresh install because running it on tweaked system may result in errors occurring |
|
|
|
|
|
|
|
Some third-party antiviruses flag this script or its' part as malicious one. This is a false positive due to $EncodedScript variable |
|
|
|
You can read more on section "Create a Windows cleaning up task in the Task Scheduler" |
|
|
|
You might need to disable tamper protection from your antivirus settings,re-enable it after running the script, and reboot |
|
|
|
|
|
|
|
Check whether the .ps1 file is encoded in UTF-8 with BOM |
|
|
|
The script can not be executed via PowerShell ISE |
|
|
|
PowerShell must be run with elevated privileges |
|
|
|
@ -2444,33 +2448,6 @@ New-ItemProperty -Path HKCU:\System\GameConfigStore -Name GameDVR_Enabled -Prope |
|
|
|
# Отключить советы Xbox Game Bar |
|
|
|
New-ItemProperty -Path HKCU:\Software\Microsoft\GameBar -Name ShowStartupPanel -PropertyType DWord -Value 0 -Force |
|
|
|
|
|
|
|
<# |
|
|
|
Uninstall all Xbox related UWP apps from all accounts |
|
|
|
App packages will not be installed when new user accounts are created |
|
|
|
|
|
|
|
Удалить все UWP-приложения, связанные с Xbox, из всех учетных записей |
|
|
|
Приложения не будут установлены при создании новых учетных записей |
|
|
|
#> |
|
|
|
$XboxAppxPackages = @( |
|
|
|
# Xbox Identity Provider |
|
|
|
# Поставщик удостоверений Xbox |
|
|
|
"Microsoft.XboxIdentityProvider" |
|
|
|
# Xbox |
|
|
|
# Компаньон консоли Xbox |
|
|
|
"Microsoft.XboxApp" |
|
|
|
# Xbox TCUI |
|
|
|
"Microsoft.Xbox.TCUI" |
|
|
|
# Xbox Speech To Text Overlay |
|
|
|
"Microsoft.XboxSpeechToTextOverlay" |
|
|
|
# Xbox Game Bar |
|
|
|
"Microsoft.XboxGamingOverlay" |
|
|
|
# Xbox Game Bar Plugin |
|
|
|
"Microsoft.XboxGameOverlay" |
|
|
|
) |
|
|
|
$OFS = "|" |
|
|
|
Get-AppxPackage -PackageTypeFilter Bundle -AllUsers | Where-Object -FilterScript {$_.Name -cmatch $XboxAppxPackages} | Remove-AppxPackage -AllUsers -Verbose |
|
|
|
$OFS = " " |
|
|
|
|
|
|
|
# Set "High performance" in graphics performance preference for apps |
|
|
|
# Установить параметры производительности графики для отдельных приложений на "Высокая производительность" |
|
|
|
if (Get-CimInstance -ClassName Win32_VideoController | Where-Object -FilterScript {$_.AdapterDACType -ne "Internal" -and $null -ne $_.AdapterDACType}) |
|
|
|
@ -2488,8 +2465,10 @@ if (Get-CimInstance -ClassName Win32_VideoController | Where-Object -FilterScrip |
|
|
|
$Options = "&Add", "&Skip" |
|
|
|
} |
|
|
|
$DefaultChoice = 1 |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
do |
|
|
|
{ |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
switch ($Result) |
|
|
|
{ |
|
|
|
"0" |
|
|
|
@ -2534,6 +2513,8 @@ if (Get-CimInstance -ClassName Win32_VideoController | Where-Object -FilterScrip |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
until ($Result -eq 1) |
|
|
|
} |
|
|
|
#endregion Gaming |
|
|
|
|
|
|
|
#region Scheduled tasks |
|
|
|
@ -2802,8 +2783,10 @@ else |
|
|
|
$Options = "&Add a protected folder", "&Skip" |
|
|
|
} |
|
|
|
$DefaultChoice = 1 |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
do |
|
|
|
{ |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
switch ($Result) |
|
|
|
{ |
|
|
|
"0" |
|
|
|
@ -2828,7 +2811,6 @@ switch ($Result) |
|
|
|
Set-MpPreference -EnableControlledFolderAccess Enabled |
|
|
|
Add-MpPreference -ControlledFolderAccessProtectedFolders $FolderBrowserDialog.SelectedPath -Force |
|
|
|
} |
|
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
} |
|
|
|
"1" |
|
|
|
{ |
|
|
|
@ -2842,6 +2824,8 @@ switch ($Result) |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
until ($Result -eq 1) |
|
|
|
|
|
|
|
# Allow an app through Controlled folder access |
|
|
|
# Разрешить работу приложения через контролируемый доступ к папкам |
|
|
|
@ -2860,8 +2844,10 @@ if ((Get-MpPreference).EnableControlledFolderAccess -eq 1) |
|
|
|
$Options = "&Add a protected folder", "&Skip" |
|
|
|
} |
|
|
|
$DefaultChoice = 1 |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
do |
|
|
|
{ |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
switch ($Result) |
|
|
|
{ |
|
|
|
"0" |
|
|
|
@ -2886,7 +2872,6 @@ if ((Get-MpPreference).EnableControlledFolderAccess -eq 1) |
|
|
|
{ |
|
|
|
Add-MpPreference -ControlledFolderAccessAllowedApplications $OpenFileDialog.FileName -Force |
|
|
|
} |
|
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
} |
|
|
|
"1" |
|
|
|
{ |
|
|
|
@ -2901,6 +2886,8 @@ if ((Get-MpPreference).EnableControlledFolderAccess -eq 1) |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
until ($Result -eq 1) |
|
|
|
} |
|
|
|
|
|
|
|
# Add exclusion folder from Windows Defender Antivirus scanning |
|
|
|
# Добавить папку в список исключений сканирования Windows Defender |
|
|
|
@ -2917,8 +2904,10 @@ else |
|
|
|
$Options = "&Exclude folder", "&Skip" |
|
|
|
} |
|
|
|
$DefaultChoice = 1 |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
do |
|
|
|
{ |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
switch ($Result) |
|
|
|
{ |
|
|
|
"0" |
|
|
|
@ -2942,7 +2931,6 @@ switch ($Result) |
|
|
|
{ |
|
|
|
Add-MpPreference -ExclusionPath $FolderBrowserDialog.SelectedPath -Force |
|
|
|
} |
|
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
} |
|
|
|
"1" |
|
|
|
{ |
|
|
|
@ -2956,6 +2944,8 @@ switch ($Result) |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
until ($Result -eq 1) |
|
|
|
|
|
|
|
# Add exclusion file from Windows Defender Antivirus scanning |
|
|
|
# Добавить файл в список исключений сканирования Windows Defender |
|
|
|
@ -2972,8 +2962,10 @@ else |
|
|
|
$Options = "&Exclude file", "&Skip" |
|
|
|
} |
|
|
|
$DefaultChoice = 1 |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
|
|
|
|
do |
|
|
|
{ |
|
|
|
$Result = $Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
switch ($Result) |
|
|
|
{ |
|
|
|
"0" |
|
|
|
@ -2998,7 +2990,6 @@ switch ($Result) |
|
|
|
{ |
|
|
|
Add-MpPreference -ExclusionPath $OpenFileDialog.FileName -Force |
|
|
|
} |
|
|
|
$Host.UI.PromptForChoice($Title, $Message, $Options, $DefaultChoice) |
|
|
|
} |
|
|
|
"1" |
|
|
|
{ |
|
|
|
@ -3012,6 +3003,8 @@ switch ($Result) |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
until ($Result -eq 1) |
|
|
|
|
|
|
|
# Turn on Windows Defender Exploit Guard network protection |
|
|
|
# Включить защиту сети в Windows Defender |
|
|
|
@ -3036,30 +3029,27 @@ New-ItemProperty -Path "HKCU:\Software\Microsoft\Windows Security Health\State" |
|
|
|
# Turn on events auditing generated when a process is created or starts |
|
|
|
# Включить аудит событий, возникающих при создании или запуске процесса |
|
|
|
auditpol /set /subcategory:"{0CCE922B-69AE-11D9-BED3-505054503030}" /success:enable /failure:enable |
|
|
|
$ProcessCreation = $true |
|
|
|
|
|
|
|
# Include command line in process creation events |
|
|
|
# Включать командную строку в событиях создания процесса |
|
|
|
<# |
|
|
|
Include command line in process creation events |
|
|
|
In order this feature to work events auditing must be enabled |
|
|
|
|
|
|
|
Включать командную строку в событиях создания процесса |
|
|
|
Необходимо включить аудит событий, чтобы работала данная опция |
|
|
|
#> |
|
|
|
if ($RU) |
|
|
|
{ |
|
|
|
$OutputEncoding = [System.Console]::OutputEncoding = [System.Console]::InputEncoding = [System.Text.Encoding]::UTF8 |
|
|
|
} |
|
|
|
|
|
|
|
if ($ProcessCreation) |
|
|
|
{ |
|
|
|
New-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit -Name ProcessCreationIncludeCmdLine_Enabled -PropertyType DWord -Value 1 -Force |
|
|
|
$ProcessCreationIncludeCmdLine_Enabled = $true |
|
|
|
} |
|
|
|
|
|
|
|
# Create "Process Creation" Event Viewer Custom View |
|
|
|
# Создать настаиваемое представление "Создание процесса" в Просмотре событий |
|
|
|
if ($RU) |
|
|
|
{ |
|
|
|
$OutputEncoding = [System.Console]::OutputEncoding = [System.Console]::InputEncoding = [System.Text.Encoding]::UTF8 |
|
|
|
} |
|
|
|
<# |
|
|
|
Create "Process Creation" Event Viewer Custom View |
|
|
|
In order this feature to work events auditing and command line in process creation events must be enabled |
|
|
|
|
|
|
|
if ($ProcessCreation -and $ProcessCreationIncludeCmdLine_Enabled) |
|
|
|
{ |
|
|
|
Создать настаиваемое представление "Создание процесса" в Просмотре событий |
|
|
|
Необходимо включить аудит событий и командную строку в событиях создания процесса, чтобы работала данная опция |
|
|
|
#> |
|
|
|
$XML = @" |
|
|
|
<ViewerConfig> |
|
|
|
<QueryConfig> |
|
|
|
@ -3094,7 +3084,6 @@ if ($ProcessCreation -and $ProcessCreationIncludeCmdLine_Enabled) |
|
|
|
$XML.ViewerConfig.QueryConfig.QueryNode.Description = "События содания нового процесса и аудит командной строки" |
|
|
|
$xml.Save("$env:ProgramData\Microsoft\Event Viewer\Views\ProcessCreation.xml") |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
# Turn on logging for all Windows PowerShell modules |
|
|
|
# Включить ведение журнала для всех модулей Windows PowerShell |
|
|
|
|
Dmitry Nefedov
5 years ago