parent
f1f63f49a4
commit
d3bf3e3749
@ -1,4 +1,5 @@
|
||||
* text=auto
|
||||
*.bat text eol=crlf
|
||||
*.ps1 text eol=crlf
|
||||
*.psm1 text eol=crlf
|
||||
*.reg text eol=crlf
|
||||
|
@ -1,106 +1,106 @@
|
||||
function Takeown-Registry($key) {
|
||||
# TODO does not work for all root keys yet
|
||||
switch ($key.split('\')[0]) {
|
||||
"HKEY_CLASSES_ROOT" {
|
||||
$reg = [Microsoft.Win32.Registry]::ClassesRoot
|
||||
$key = $key.substring(18)
|
||||
}
|
||||
"HKEY_CURRENT_USER" {
|
||||
$reg = [Microsoft.Win32.Registry]::CurrentUser
|
||||
$key = $key.substring(18)
|
||||
}
|
||||
"HKEY_LOCAL_MACHINE" {
|
||||
$reg = [Microsoft.Win32.Registry]::LocalMachine
|
||||
$key = $key.substring(19)
|
||||
}
|
||||
}
|
||||
|
||||
# get administraor group
|
||||
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
|
||||
$admins = $admins.Translate([System.Security.Principal.NTAccount])
|
||||
|
||||
# set owner
|
||||
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership")
|
||||
$acl = $key.GetAccessControl()
|
||||
$acl.SetOwner($admins)
|
||||
$key.SetAccessControl($acl)
|
||||
|
||||
# set FullControl
|
||||
$acl = $key.GetAccessControl()
|
||||
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow")
|
||||
$acl.SetAccessRule($rule)
|
||||
$key.SetAccessControl($acl)
|
||||
}
|
||||
|
||||
function Takeown-File($path) {
|
||||
takeown.exe /A /F $path
|
||||
$acl = Get-Acl $path
|
||||
|
||||
# get administraor group
|
||||
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
|
||||
$admins = $admins.Translate([System.Security.Principal.NTAccount])
|
||||
|
||||
# add NT Authority\SYSTEM
|
||||
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow")
|
||||
$acl.AddAccessRule($rule)
|
||||
|
||||
Set-Acl -Path $path -AclObject $acl
|
||||
}
|
||||
|
||||
function Takeown-Folder($path) {
|
||||
Takeown-File $path
|
||||
foreach ($item in Get-ChildItem $path) {
|
||||
if (Test-Path $item -PathType Container) {
|
||||
Takeown-Folder $item.FullName
|
||||
} else {
|
||||
Takeown-File $item.FullName
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function Elevate-Privileges {
|
||||
param($Privilege)
|
||||
$Definition = @"
|
||||
using System;
|
||||
using System.Runtime.InteropServices;
|
||||
|
||||
public class AdjPriv {
|
||||
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
|
||||
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele);
|
||||
|
||||
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
|
||||
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
|
||||
|
||||
[DllImport("advapi32.dll", SetLastError = true)]
|
||||
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
|
||||
|
||||
[StructLayout(LayoutKind.Sequential, Pack = 1)]
|
||||
internal struct TokPriv1Luid {
|
||||
public int Count;
|
||||
public long Luid;
|
||||
public int Attr;
|
||||
}
|
||||
|
||||
internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
|
||||
internal const int TOKEN_QUERY = 0x00000008;
|
||||
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
|
||||
|
||||
public static bool EnablePrivilege(long processHandle, string privilege) {
|
||||
bool retVal;
|
||||
TokPriv1Luid tp;
|
||||
IntPtr hproc = new IntPtr(processHandle);
|
||||
IntPtr htok = IntPtr.Zero;
|
||||
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
|
||||
tp.Count = 1;
|
||||
tp.Luid = 0;
|
||||
tp.Attr = SE_PRIVILEGE_ENABLED;
|
||||
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
|
||||
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
|
||||
return retVal;
|
||||
}
|
||||
}
|
||||
"@
|
||||
$ProcessHandle = (Get-Process -id $pid).Handle
|
||||
$type = Add-Type $definition -PassThru
|
||||
$type[0]::EnablePrivilege($processHandle, $Privilege)
|
||||
}
|
||||
function Takeown-Registry($key) {
|
||||
# TODO does not work for all root keys yet
|
||||
switch ($key.split('\')[0]) {
|
||||
"HKEY_CLASSES_ROOT" {
|
||||
$reg = [Microsoft.Win32.Registry]::ClassesRoot
|
||||
$key = $key.substring(18)
|
||||
}
|
||||
"HKEY_CURRENT_USER" {
|
||||
$reg = [Microsoft.Win32.Registry]::CurrentUser
|
||||
$key = $key.substring(18)
|
||||
}
|
||||
"HKEY_LOCAL_MACHINE" {
|
||||
$reg = [Microsoft.Win32.Registry]::LocalMachine
|
||||
$key = $key.substring(19)
|
||||
}
|
||||
}
|
||||
|
||||
# get administraor group
|
||||
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
|
||||
$admins = $admins.Translate([System.Security.Principal.NTAccount])
|
||||
|
||||
# set owner
|
||||
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership")
|
||||
$acl = $key.GetAccessControl()
|
||||
$acl.SetOwner($admins)
|
||||
$key.SetAccessControl($acl)
|
||||
|
||||
# set FullControl
|
||||
$acl = $key.GetAccessControl()
|
||||
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow")
|
||||
$acl.SetAccessRule($rule)
|
||||
$key.SetAccessControl($acl)
|
||||
}
|
||||
|
||||
function Takeown-File($path) {
|
||||
takeown.exe /A /F $path
|
||||
$acl = Get-Acl $path
|
||||
|
||||
# get administraor group
|
||||
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544")
|
||||
$admins = $admins.Translate([System.Security.Principal.NTAccount])
|
||||
|
||||
# add NT Authority\SYSTEM
|
||||
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow")
|
||||
$acl.AddAccessRule($rule)
|
||||
|
||||
Set-Acl -Path $path -AclObject $acl
|
||||
}
|
||||
|
||||
function Takeown-Folder($path) {
|
||||
Takeown-File $path
|
||||
foreach ($item in Get-ChildItem $path) {
|
||||
if (Test-Path $item -PathType Container) {
|
||||
Takeown-Folder $item.FullName
|
||||
} else {
|
||||
Takeown-File $item.FullName
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function Elevate-Privileges {
|
||||
param($Privilege)
|
||||
$Definition = @"
|
||||
using System;
|
||||
using System.Runtime.InteropServices;
|
||||
|
||||
public class AdjPriv {
|
||||
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
|
||||
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele);
|
||||
|
||||
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
|
||||
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
|
||||
|
||||
[DllImport("advapi32.dll", SetLastError = true)]
|
||||
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
|
||||
|
||||
[StructLayout(LayoutKind.Sequential, Pack = 1)]
|
||||
internal struct TokPriv1Luid {
|
||||
public int Count;
|
||||
public long Luid;
|
||||
public int Attr;
|
||||
}
|
||||
|
||||
internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
|
||||
internal const int TOKEN_QUERY = 0x00000008;
|
||||
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
|
||||
|
||||
public static bool EnablePrivilege(long processHandle, string privilege) {
|
||||
bool retVal;
|
||||
TokPriv1Luid tp;
|
||||
IntPtr hproc = new IntPtr(processHandle);
|
||||
IntPtr htok = IntPtr.Zero;
|
||||
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
|
||||
tp.Count = 1;
|
||||
tp.Luid = 0;
|
||||
tp.Attr = SE_PRIVILEGE_ENABLED;
|
||||
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
|
||||
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
|
||||
return retVal;
|
||||
}
|
||||
}
|
||||
"@
|
||||
$ProcessHandle = (Get-Process -id $pid).Handle
|
||||
$type = Add-Type $definition -PassThru
|
||||
$type[0]::EnablePrivilege($processHandle, $Privilege)
|
||||
}
|
||||
|
@ -1,47 +1,47 @@
|
||||
# Description:
|
||||
# This script remove strang looking stuff which will probably result in a break
|
||||
# of your system. It should not be used unless you want to test out a few
|
||||
# things. It is named `experimental_unfuckery.ps1` for a reason.
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
|
||||
|
||||
echo "Elevating priviledges for this process"
|
||||
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
|
||||
|
||||
echo "Force removing system apps"
|
||||
$needles = @(
|
||||
#"Anytime"
|
||||
"BioEnrollment"
|
||||
#"Browser"
|
||||
"ContactSupport"
|
||||
#"Cortana" # This will disable startmenu search.
|
||||
#"Defender"
|
||||
"Feedback"
|
||||
"Flash"
|
||||
"Gaming"
|
||||
#"InternetExplorer"
|
||||
#"Maps"
|
||||
"OneDrive"
|
||||
#"Wallet"
|
||||
#"Xbox" # This will result in a bootloop since upgrade 1511
|
||||
)
|
||||
|
||||
foreach ($needle in $needles) {
|
||||
echo "Trying to remove all packages containing $needle"
|
||||
|
||||
$pkgs = (ls "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" |
|
||||
where Name -Like "*$needle*")
|
||||
|
||||
foreach ($pkg in $pkgs) {
|
||||
$pkgname = $pkg.Name.split('\')[-1]
|
||||
|
||||
Takeown-Registry($pkg.Name)
|
||||
Takeown-Registry($pkg.Name + "\Owners")
|
||||
|
||||
Set-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name Visibility -Value 1
|
||||
New-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name DefVis -PropertyType DWord -Value 2
|
||||
Remove-Item -Path ("HKLM:" + $pkg.Name.Substring(18) + "\Owners")
|
||||
|
||||
dism.exe /Online /Remove-Package /PackageName:$pkgname /NoRestart
|
||||
}
|
||||
}
|
||||
# Description:
|
||||
# This script remove strang looking stuff which will probably result in a break
|
||||
# of your system. It should not be used unless you want to test out a few
|
||||
# things. It is named `experimental_unfuckery.ps1` for a reason.
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
|
||||
|
||||
echo "Elevating priviledges for this process"
|
||||
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
|
||||
|
||||
echo "Force removing system apps"
|
||||
$needles = @(
|
||||
#"Anytime"
|
||||
"BioEnrollment"
|
||||
#"Browser"
|
||||
"ContactSupport"
|
||||
#"Cortana" # This will disable startmenu search.
|
||||
#"Defender"
|
||||
"Feedback"
|
||||
"Flash"
|
||||
"Gaming"
|
||||
#"InternetExplorer"
|
||||
#"Maps"
|
||||
"OneDrive"
|
||||
#"Wallet"
|
||||
#"Xbox" # This will result in a bootloop since upgrade 1511
|
||||
)
|
||||
|
||||
foreach ($needle in $needles) {
|
||||
echo "Trying to remove all packages containing $needle"
|
||||
|
||||
$pkgs = (ls "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages" |
|
||||
where Name -Like "*$needle*")
|
||||
|
||||
foreach ($pkg in $pkgs) {
|
||||
$pkgname = $pkg.Name.split('\')[-1]
|
||||
|
||||
Takeown-Registry($pkg.Name)
|
||||
Takeown-Registry($pkg.Name + "\Owners")
|
||||
|
||||
Set-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name Visibility -Value 1
|
||||
New-ItemProperty -Path ("HKLM:" + $pkg.Name.Substring(18)) -Name DefVis -PropertyType DWord -Value 2
|
||||
Remove-Item -Path ("HKLM:" + $pkg.Name.Substring(18) + "\Owners")
|
||||
|
||||
dism.exe /Online /Remove-Package /PackageName:$pkgname /NoRestart
|
||||
}
|
||||
}
|
||||
|
@ -1,3 +1,3 @@
|
||||
@echo off
|
||||
|
||||
shutdown /o /r /t 00
|
||||
@echo off
|
||||
|
||||
shutdown /o /r /t 00
|
||||
|
@ -1,7 +1,7 @@
|
||||
Windows Registry Editor Version 5.00
|
||||
|
||||
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize]
|
||||
"AppsUseLightTheme"=dword:00000000
|
||||
|
||||
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize]
|
||||
"AppsUseLightTheme"=dword:00000000
|
||||
Windows Registry Editor Version 5.00
|
||||
|
||||
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize]
|
||||
"AppsUseLightTheme"=dword:00000000
|
||||
|
||||
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\Personalize]
|
||||
"AppsUseLightTheme"=dword:00000000
|
||||
|
@ -1,207 +1,207 @@
|
||||
# Description:
|
||||
# This script will disable certain scheduled tasks. Work in progress!
|
||||
|
||||
$tasks = @(
|
||||
# Windows base scheduled tasks
|
||||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319"
|
||||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64"
|
||||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical"
|
||||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical"
|
||||
|
||||
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)"
|
||||
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)"
|
||||
|
||||
#"\Microsoft\Windows\AppID\EDP Policy Manager"
|
||||
#"\Microsoft\Windows\AppID\PolicyConverter"
|
||||
"\Microsoft\Windows\AppID\SmartScreenSpecific"
|
||||
#"\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck"
|
||||
|
||||
"\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser"
|
||||
"\Microsoft\Windows\Application Experience\ProgramDataUpdater"
|
||||
#"\Microsoft\Windows\Application Experience\StartupAppTask"
|
||||
|
||||
#"\Microsoft\Windows\ApplicationData\CleanupTemporaryState"
|
||||
#"\Microsoft\Windows\ApplicationData\DsSvcCleanup"
|
||||
|
||||
#"\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup"
|
||||
|
||||
"\Microsoft\Windows\Autochk\Proxy"
|
||||
|
||||
#"\Microsoft\Windows\Bluetooth\UninstallDeviceTask"
|
||||
|
||||
#"\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask"
|
||||
#"\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask"
|
||||
#"\Microsoft\Windows\CertificateServicesClient\SystemTask"
|
||||
#"\Microsoft\Windows\CertificateServicesClient\UserTask"
|
||||
#"\Microsoft\Windows\CertificateServicesClient\UserTask-Roam"
|
||||
|
||||
#"\Microsoft\Windows\Chkdsk\ProactiveScan"
|
||||
|
||||
#"\Microsoft\Windows\Clip\License Validation"
|
||||
|
||||
"\Microsoft\Windows\CloudExperienceHost\CreateObjectTask"
|
||||
|
||||
"\Microsoft\Windows\Customer Experience Improvement Program\Consolidator"
|
||||
"\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask"
|
||||
"\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip"
|
||||
|
||||
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan"
|
||||
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery"
|
||||
|
||||
#"\Microsoft\Windows\Defrag\ScheduledDefrag"
|
||||
|
||||
#"\Microsoft\Windows\Diagnosis\Scheduled"
|
||||
|
||||
#"\Microsoft\Windows\DiskCleanup\SilentCleanup"
|
||||
|
||||
"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector"
|
||||
#"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver"
|
||||
|
||||
#"\Microsoft\Windows\DiskFootprint\Diagnostics"
|
||||
|
||||
"\Microsoft\Windows\Feedback\Siuf\DmClient"
|
||||
|
||||
#"\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync"
|
||||
|
||||
#"\Microsoft\Windows\FileHistory\File History (maintenance mode)"
|
||||
|
||||
#"\Microsoft\Windows\LanguageComponentsInstaller\Installation"
|
||||
#"\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation"
|
||||
|
||||
#"\Microsoft\Windows\Location\Notifications"
|
||||
#"\Microsoft\Windows\Location\WindowsActionDialog"
|
||||
|
||||
#"\Microsoft\Windows\Maintenance\WinSAT"
|
||||
|
||||
#"\Microsoft\Windows\Maps\MapsToastTask"
|
||||
#"\Microsoft\Windows\Maps\MapsUpdateTask"
|
||||
|
||||
#"\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents"
|
||||
#"\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic"
|
||||
|
||||
"\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser"
|
||||
|
||||
#"\Microsoft\Windows\MUI\LPRemove"
|
||||
|
||||
#"\Microsoft\Windows\Multimedia\SystemSoundsService"
|
||||
|
||||
#"\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler"
|
||||
|
||||
#"\Microsoft\Windows\NetTrace\GatherNetworkInfo"
|
||||
|
||||
#"\Microsoft\Windows\Offline Files\Background Synchronization"
|
||||
#"\Microsoft\Windows\Offline Files\Logon Synchronization"
|
||||
|
||||
#"\Microsoft\Windows\PI\Secure-Boot-Update"
|
||||
#"\Microsoft\Windows\PI\Sqm-Tasks"
|
||||
|
||||
#"\Microsoft\Windows\Plug and Play\Device Install Group Policy"
|
||||
#"\Microsoft\Windows\Plug and Play\Device Install Reboot Required"
|
||||
#"\Microsoft\Windows\Plug and Play\Plug and Play Cleanup"
|
||||
#"\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers"
|
||||
|
||||
#"\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem"
|
||||
|
||||
#"\Microsoft\Windows\Ras\MobilityManager"
|
||||
|
||||
#"\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE"
|
||||
|
||||
#"\Microsoft\Windows\Registry\RegIdleBackup"
|
||||
|
||||
#"\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask"
|
||||
|
||||
#"\Microsoft\Windows\RemovalTools\MRT_HB"
|
||||
|
||||
#"\Microsoft\Windows\Servicing\StartComponentCleanup"
|
||||
|
||||
#"\Microsoft\Windows\SettingSync\NetworkStateChangeTask"
|
||||
|
||||
#"\Microsoft\Windows\Shell\CreateObjectTask"
|
||||
#"\Microsoft\Windows\Shell\FamilySafetyMonitor"
|
||||
#"\Microsoft\Windows\Shell\FamilySafetyRefresh"
|
||||
#"\Microsoft\Windows\Shell\IndexerAutomaticMaintenance"
|
||||
|
||||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"
|
||||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon"
|
||||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork"
|
||||
|
||||
#"\Microsoft\Windows\SpacePort\SpaceAgentTask"
|
||||
|
||||
#"\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate"
|
||||
#"\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance"
|
||||
#"\Microsoft\Windows\Sysmain\ResPriStaticDbSync"
|
||||
#"\Microsoft\Windows\Sysmain\WsSwapAssessmentTask"
|
||||
|
||||
#"\Microsoft\Windows\SystemRestore\SR"
|
||||
|
||||
#"\Microsoft\Windows\Task Manager\Interactive"
|
||||
|
||||
#"\Microsoft\Windows\TextServicesFramework\MsCtfMonitor"
|
||||
|
||||
#"\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime"
|
||||
#"\Microsoft\Windows\Time Synchronization\SynchronizeTime"
|
||||
|
||||
#"\Microsoft\Windows\Time Zone\SynchronizeTimeZone"
|
||||
|
||||
#"\Microsoft\Windows\TPM\Tpm-HASCertRetr"
|
||||
#"\Microsoft\Windows\TPM\Tpm-Maintenance"
|
||||
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Maintenance Install"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Policy Install"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Reboot"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Resume On Boot"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Schedule Scan"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot"
|
||||
|
||||
#"\Microsoft\Windows\UPnP\UPnPHostConfig"
|
||||
|
||||
#"\Microsoft\Windows\User Profile Service\HiveUploadTask"
|
||||
|
||||
#"\Microsoft\Windows\WCM\WiFiTask"
|
||||
|
||||
#"\Microsoft\Windows\WDI\ResolutionHost"
|
||||
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Cleanup"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Verification"
|
||||
|
||||
"\Microsoft\Windows\Windows Error Reporting\QueueReporting"
|
||||
|
||||
#"\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange"
|
||||
|
||||
#"\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"
|
||||
|
||||
#"\Microsoft\Windows\WindowsColorSystem\Calibration Loader"
|
||||
|
||||
#"\Microsoft\Windows\WindowsUpdate\Automatic App Update"
|
||||
#"\Microsoft\Windows\WindowsUpdate\Scheduled Start"
|
||||
#"\Microsoft\Windows\WindowsUpdate\sih"
|
||||
#"\Microsoft\Windows\WindowsUpdate\sihboot"
|
||||
|
||||
#"\Microsoft\Windows\Wininet\CacheTask"
|
||||
|
||||
#"\Microsoft\Windows\WOF\WIM-Hash-Management"
|
||||
#"\Microsoft\Windows\WOF\WIM-Hash-Validation"
|
||||
|
||||
#"\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization"
|
||||
#"\Microsoft\Windows\Work Folders\Work Folders Maintenance Work"
|
||||
|
||||
#"\Microsoft\Windows\Workplace Join\Automatic-Device-Join"
|
||||
|
||||
#"\Microsoft\Windows\WS\License Validation"
|
||||
#"\Microsoft\Windows\WS\WSTask"
|
||||
|
||||
# Scheduled tasks which cannot be disabled
|
||||
#"\Microsoft\Windows\Device Setup\Metadata Refresh"
|
||||
#"\Microsoft\Windows\SettingSync\BackgroundUploadTask"
|
||||
)
|
||||
|
||||
foreach ($task in $tasks) {
|
||||
$parts = $task.split('\')
|
||||
$name = $parts[-1]
|
||||
$path = $parts[0..($parts.length-2)] -join '\'
|
||||
|
||||
Disable-ScheduledTask -TaskName "$name" -TaskPath "$path"
|
||||
}
|
||||
# Description:
|
||||
# This script will disable certain scheduled tasks. Work in progress!
|
||||
|
||||
$tasks = @(
|
||||
# Windows base scheduled tasks
|
||||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319"
|
||||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64"
|
||||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical"
|
||||
"\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical"
|
||||
|
||||
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)"
|
||||
#"\Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)"
|
||||
|
||||
#"\Microsoft\Windows\AppID\EDP Policy Manager"
|
||||
#"\Microsoft\Windows\AppID\PolicyConverter"
|
||||
"\Microsoft\Windows\AppID\SmartScreenSpecific"
|
||||
#"\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck"
|
||||
|
||||
"\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser"
|
||||
"\Microsoft\Windows\Application Experience\ProgramDataUpdater"
|
||||
#"\Microsoft\Windows\Application Experience\StartupAppTask"
|
||||
|
||||
#"\Microsoft\Windows\ApplicationData\CleanupTemporaryState"
|
||||
#"\Microsoft\Windows\ApplicationData\DsSvcCleanup"
|
||||
|
||||
#"\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup"
|
||||
|
||||
"\Microsoft\Windows\Autochk\Proxy"
|
||||
|
||||
#"\Microsoft\Windows\Bluetooth\UninstallDeviceTask"
|
||||
|
||||
#"\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask"
|
||||
#"\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask"
|
||||
#"\Microsoft\Windows\CertificateServicesClient\SystemTask"
|
||||
#"\Microsoft\Windows\CertificateServicesClient\UserTask"
|
||||
#"\Microsoft\Windows\CertificateServicesClient\UserTask-Roam"
|
||||
|
||||
#"\Microsoft\Windows\Chkdsk\ProactiveScan"
|
||||
|
||||
#"\Microsoft\Windows\Clip\License Validation"
|
||||
|
||||
"\Microsoft\Windows\CloudExperienceHost\CreateObjectTask"
|
||||
|
||||
"\Microsoft\Windows\Customer Experience Improvement Program\Consolidator"
|
||||
"\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask"
|
||||
"\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip"
|
||||
|
||||
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan"
|
||||
#"\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery"
|
||||
|
||||
#"\Microsoft\Windows\Defrag\ScheduledDefrag"
|
||||
|
||||
#"\Microsoft\Windows\Diagnosis\Scheduled"
|
||||
|
||||
#"\Microsoft\Windows\DiskCleanup\SilentCleanup"
|
||||
|
||||
"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector"
|
||||
#"\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver"
|
||||
|
||||
#"\Microsoft\Windows\DiskFootprint\Diagnostics"
|
||||
|
||||
"\Microsoft\Windows\Feedback\Siuf\DmClient"
|
||||
|
||||
#"\Microsoft\Windows\File Classification Infrastructure\Property Definition Sync"
|
||||
|
||||
#"\Microsoft\Windows\FileHistory\File History (maintenance mode)"
|
||||
|
||||
#"\Microsoft\Windows\LanguageComponentsInstaller\Installation"
|
||||
#"\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation"
|
||||
|
||||
#"\Microsoft\Windows\Location\Notifications"
|
||||
#"\Microsoft\Windows\Location\WindowsActionDialog"
|
||||
|
||||
#"\Microsoft\Windows\Maintenance\WinSAT"
|
||||
|
||||
#"\Microsoft\Windows\Maps\MapsToastTask"
|
||||
#"\Microsoft\Windows\Maps\MapsUpdateTask"
|
||||
|
||||
#"\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents"
|
||||
#"\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic"
|
||||
|
||||
"\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser"
|
||||
|
||||
#"\Microsoft\Windows\MUI\LPRemove"
|
||||
|
||||
#"\Microsoft\Windows\Multimedia\SystemSoundsService"
|
||||
|
||||
#"\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler"
|
||||
|
||||
#"\Microsoft\Windows\NetTrace\GatherNetworkInfo"
|
||||
|
||||
#"\Microsoft\Windows\Offline Files\Background Synchronization"
|
||||
#"\Microsoft\Windows\Offline Files\Logon Synchronization"
|
||||
|
||||
#"\Microsoft\Windows\PI\Secure-Boot-Update"
|
||||
#"\Microsoft\Windows\PI\Sqm-Tasks"
|
||||
|
||||
#"\Microsoft\Windows\Plug and Play\Device Install Group Policy"
|
||||
#"\Microsoft\Windows\Plug and Play\Device Install Reboot Required"
|
||||
#"\Microsoft\Windows\Plug and Play\Plug and Play Cleanup"
|
||||
#"\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers"
|
||||
|
||||
#"\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem"
|
||||
|
||||
#"\Microsoft\Windows\Ras\MobilityManager"
|
||||
|
||||
#"\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE"
|
||||
|
||||
#"\Microsoft\Windows\Registry\RegIdleBackup"
|
||||
|
||||
#"\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask"
|
||||
|
||||
#"\Microsoft\Windows\RemovalTools\MRT_HB"
|
||||
|
||||
#"\Microsoft\Windows\Servicing\StartComponentCleanup"
|
||||
|
||||
#"\Microsoft\Windows\SettingSync\NetworkStateChangeTask"
|
||||
|
||||
#"\Microsoft\Windows\Shell\CreateObjectTask"
|
||||
#"\Microsoft\Windows\Shell\FamilySafetyMonitor"
|
||||
#"\Microsoft\Windows\Shell\FamilySafetyRefresh"
|
||||
#"\Microsoft\Windows\Shell\IndexerAutomaticMaintenance"
|
||||
|
||||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask"
|
||||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon"
|
||||
#"\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork"
|
||||
|
||||
#"\Microsoft\Windows\SpacePort\SpaceAgentTask"
|
||||
|
||||
#"\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate"
|
||||
#"\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance"
|
||||
#"\Microsoft\Windows\Sysmain\ResPriStaticDbSync"
|
||||
#"\Microsoft\Windows\Sysmain\WsSwapAssessmentTask"
|
||||
|
||||
#"\Microsoft\Windows\SystemRestore\SR"
|
||||
|
||||
#"\Microsoft\Windows\Task Manager\Interactive"
|
||||
|
||||
#"\Microsoft\Windows\TextServicesFramework\MsCtfMonitor"
|
||||
|
||||
#"\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime"
|
||||
#"\Microsoft\Windows\Time Synchronization\SynchronizeTime"
|
||||
|
||||
#"\Microsoft\Windows\Time Zone\SynchronizeTimeZone"
|
||||
|
||||
#"\Microsoft\Windows\TPM\Tpm-HASCertRetr"
|
||||
#"\Microsoft\Windows\TPM\Tpm-Maintenance"
|
||||
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Maintenance Install"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Policy Install"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Reboot"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Resume On Boot"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\Schedule Scan"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display"
|
||||
#"\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot"
|
||||
|
||||
#"\Microsoft\Windows\UPnP\UPnPHostConfig"
|
||||
|
||||
#"\Microsoft\Windows\User Profile Service\HiveUploadTask"
|
||||
|
||||
#"\Microsoft\Windows\WCM\WiFiTask"
|
||||
|
||||
#"\Microsoft\Windows\WDI\ResolutionHost"
|
||||
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Cleanup"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Verification"
|
||||
|
||||
"\Microsoft\Windows\Windows Error Reporting\QueueReporting"
|
||||
|
||||
#"\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange"
|
||||
|
||||
#"\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"
|
||||
|
||||
#"\Microsoft\Windows\WindowsColorSystem\Calibration Loader"
|
||||
|
||||
#"\Microsoft\Windows\WindowsUpdate\Automatic App Update"
|
||||
#"\Microsoft\Windows\WindowsUpdate\Scheduled Start"
|
||||
#"\Microsoft\Windows\WindowsUpdate\sih"
|
||||
#"\Microsoft\Windows\WindowsUpdate\sihboot"
|
||||
|
||||
#"\Microsoft\Windows\Wininet\CacheTask"
|
||||
|
||||
#"\Microsoft\Windows\WOF\WIM-Hash-Management"
|
||||
#"\Microsoft\Windows\WOF\WIM-Hash-Validation"
|
||||
|
||||
#"\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization"
|
||||
#"\Microsoft\Windows\Work Folders\Work Folders Maintenance Work"
|
||||
|
||||
#"\Microsoft\Windows\Workplace Join\Automatic-Device-Join"
|
||||
|
||||
#"\Microsoft\Windows\WS\License Validation"
|
||||
#"\Microsoft\Windows\WS\WSTask"
|
||||
|
||||
# Scheduled tasks which cannot be disabled
|
||||
#"\Microsoft\Windows\Device Setup\Metadata Refresh"
|
||||
#"\Microsoft\Windows\SettingSync\BackgroundUploadTask"
|
||||
)
|
||||
|
||||
foreach ($task in $tasks) {
|
||||
$parts = $task.split('\')
|
||||
$name = $parts[-1]
|
||||
$path = $parts[0..($parts.length-2)] -join '\'
|
||||
|
||||
Disable-ScheduledTask -TaskName "$name" -TaskPath "$path"
|
||||
}
|
||||
|
@ -1,19 +1,19 @@
|
||||
# Description:
|
||||
# This scripts places the "God Mode" folder on the current user's desktop.
|
||||
|
||||
echo @"
|
||||
###############################################################################
|
||||
# _______ _______ ______ __ __ _______ ______ _______ #
|
||||
# | || || | | |_| || || | | | #
|
||||
# | ___|| _ || _ | | || _ || _ || ___| #
|
||||
# | | __ | | | || | | | | || | | || | | || |___ #
|
||||
# | || || |_| || |_| | | || |_| || |_| || ___| #
|
||||
# | |_| || || | | ||_|| || || || |___ #
|
||||
# |_______||_______||______| |_| |_||_______||______| |_______| #
|
||||
# #
|
||||
# God Mode has been enabled, check out the new link on your Desktop #
|
||||
# #
|
||||
###############################################################################
|
||||
"@
|
||||
$DesktopPath = [Environment]::GetFolderPath("Desktop");
|
||||
mkdir "$DesktopPath\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}"
|
||||
# Description:
|
||||
# This scripts places the "God Mode" folder on the current user's desktop.
|
||||
|
||||
echo @"
|
||||
###############################################################################
|
||||
# _______ _______ ______ __ __ _______ ______ _______ #
|
||||
# | || || | | |_| || || | | | #
|
||||
# | ___|| _ || _ | | || _ || _ || ___| #
|
||||
# | | __ | | | || | | | | || | | || | | || |___ #
|
||||
# | || || |_| || |_| | | || |_| || |_| || ___| #
|
||||
# | |_| || || | | ||_|| || || || |___ #
|
||||
# |_______||_______||______| |_| |_||_______||______| |_______| #
|
||||
# #
|
||||
# God Mode has been enabled, check out the new link on your Desktop #
|
||||
# #
|
||||
###############################################################################
|
||||
"@
|
||||
$DesktopPath = [Environment]::GetFolderPath("Desktop");
|
||||
mkdir "$DesktopPath\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}"
|
||||
|
Loading…
Reference in New Issue