Last active
May 26, 2021 01:20
-
-
Save neremin/92dc589650f334c0ee761ef4a1215ead to your computer and use it in GitHub Desktop.
Windows 10 fine-tuning
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Autorun script as Administrator | |
| $admin = [Security.Principal.WindowsBuiltInRole] "Administrator" | |
| $identity = [Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent() | |
| if (!$identity.IsInRole($admin)) { | |
| Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit | |
| } | |
| ## Admin tasks | |
| net stop wuauserv | |
| net stop bits | |
| Write-Host "Очистка $Env:Windir\SoftwareDistribution" | |
| Remove-Item "$Env:Windir\SoftwareDistribution\*" -recurse -force | |
| net start bits | |
| net start wuauserv |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellAsAdmin] | |
| @="@shell32.dll,-8508" | |
| "Extended"="" | |
| "HasLUAShield"="" | |
| "Icon"="powershell.exe, -20" | |
| [HKEY_CLASSES_ROOT\Directory\Background\shell\PowerShellAsAdmin\command] | |
| @="powershell.exe -WindowStyle Hidden -Command \"Start-Process powershell -Verb RunAs -ArgumentList \\\"-NoExit\\\", \\\"-Command \\\"\\\"cd \\\"\\\"\\\"\\\"$((Resolve-Path .\\).Path)\\\"\\\"\\\"\\\"\\\"\\\"\\\"\"" | |
| [HKEY_CLASSES_ROOT\Directory\shell\PowerShellAsAdmin] | |
| @="@shell32.dll,-8508" | |
| "Extended"="" | |
| "HasLUAShield"="" | |
| "Icon"="powershell.exe, -20" | |
| [HKEY_CLASSES_ROOT\Directory\shell\PowerShellAsAdmin\command] | |
| @="powershell.exe -WindowStyle Hidden -Command \"Start-Process powershell -Verb RunAs -ArgumentList \\\"-NoExit\\\", \\\"-Command \\\"\\\"cd \\\"\\\"\\\"\\\"$((Resolve-Path .\\).Path)\\\"\\\"\\\"\\\"\\\"\\\"\\\"\"" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using namespace System.Security.Principal | |
| $admin = [WindowsBuiltInRole]::Administrator | |
| $me = [WindowsIdentity]::GetCurrent() | |
| $identity = [WindowsPrincipal]$me | |
| if (!$identity.IsInRole($admin)) { | |
| Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit | |
| } | |
| function Take-Permissions { | |
| # https://stackoverflow.com/a/35843420 | |
| # | |
| # Developed for PowerShell v4.0 | |
| # Required Admin privileges | |
| # Links: | |
| # http://shrekpoint.blogspot.ru/2012/08/taking-ownership-of-dcom-registry.html | |
| # http://www.remkoweijnen.nl/blog/2012/01/16/take-ownership-of-a-registry-key-in-powershell/ | |
| # https://powertoe.wordpress.com/2010/08/28/controlling-registry-acl-permissions-with-powershell/ | |
| param($rootKey, $key, [SecurityIdentifier]$sid = 'S-1-5-32-545', $recurse = $true) | |
| switch -regex ($rootKey) { | |
| 'HKCU|HKEY_CURRENT_USER' { $rootKey = 'CurrentUser' } | |
| 'HKLM|HKEY_LOCAL_MACHINE' { $rootKey = 'LocalMachine' } | |
| 'HKCR|HKEY_CLASSES_ROOT' { $rootKey = 'ClassesRoot' } | |
| 'HKCC|HKEY_CURRENT_CONFIG' { $rootKey = 'CurrentConfig' } | |
| 'HKU|HKEY_USERS' { $rootKey = 'Users' } | |
| } | |
| ### Step 1 - escalate current process's privilege | |
| # get SeTakeOwnership, SeBackup and SeRestore privileges before executes next lines, script needs Admin privilege | |
| $import = '[DllImport("ntdll.dll")] public static extern int RtlAdjustPrivilege(ulong a, bool b, bool c, ref bool d);' | |
| $ntdll = Add-Type -Member $import -Name NtDll -PassThru | |
| $privileges = @{ SeTakeOwnership = 9; SeBackup = 17; SeRestore = 18 } | |
| foreach ($i in $privileges.Values) { | |
| $null = $ntdll::RtlAdjustPrivilege($i, 1, 0, [ref]0) | |
| } | |
| function Take-KeyPermissions { | |
| param($rootKey, $key, $sid, $recurse, $recurseLevel = 0) | |
| ### Step 2 - get ownerships of key - it works only for current key | |
| $regKey = [Microsoft.Win32.Registry]::$rootKey.OpenSubKey($key, 'ReadWriteSubTree', 'TakeOwnership') | |
| $acl = New-Object System.Security.AccessControl.RegistrySecurity | |
| $acl.SetOwner($sid) | |
| $regKey.SetAccessControl($acl) | |
| ### Step 3 - enable inheritance of permissions (not ownership) for current key from parent | |
| $acl.SetAccessRuleProtection($false, $false) | |
| $regKey.SetAccessControl($acl) | |
| ### Step 4 - only for top-level key, change permissions for current key and propagate it for subkeys | |
| # to enable propagations for subkeys, it needs to execute Steps 2-3 for each subkey (Step 5) | |
| if ($recurseLevel -eq 0) { | |
| $regKey = $regKey.OpenSubKey('', 'ReadWriteSubTree', 'ChangePermissions') | |
| $rule = New-Object System.Security.AccessControl.RegistryAccessRule($sid, 'FullControl', 'ContainerInherit', 'None', 'Allow') | |
| $acl.ResetAccessRule($rule) | |
| $regKey.SetAccessControl($acl) | |
| } | |
| ### Step 5 - recursively repeat steps 2-5 for subkeys | |
| if ($recurse) { | |
| foreach($subKey in $regKey.OpenSubKey('').GetSubKeyNames()) { | |
| Take-KeyPermissions $rootKey ($key+'\'+$subKey) $sid $recurse ($recurseLevel+1) | |
| } | |
| } | |
| } | |
| Take-KeyPermissions $rootKey $key $sid $recurse | |
| } | |
| function SetValue($key, $name, $value) { | |
| ## Read ACL bytes | |
| $acl = Get-Acl $key | |
| $acl_bytes = $acl.GetSecurityDescriptorBinaryForm() | |
| ## Take ownership | |
| Take-Permissions 'HKCR' $key $me.User $false | |
| ## Set value | |
| sp $key -Name $name -Value $value | |
| ## Restore ACL | |
| $acl.SetSecurityDescriptorBinaryForm($acl_bytes) | |
| Set-Acl $key $acl | |
| } | |
| function ApplyPSKeyFixes($key) { | |
| ## Apply PowerShell registry fixes | |
| SetValue "$($key)shell\Powershell" "Icon" "powershell.exe, -1" | |
| SetValue "$($key)shell\Powershell\command" "(Default)" 'powershell.exe -noexit -command "Set-Location -Path \"%V\""' | |
| } | |
| New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT | Out-Null | |
| cd HKCR:\ | |
| ApplyPSKeyFixes "Directory\" | |
| ApplyPSKeyFixes "Directory\Background\" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using namespace System.Security.Principal | |
| $admin = [WindowsBuiltInRole]::Administrator | |
| $me = [WindowsIdentity]::GetCurrent() | |
| $identity = [WindowsPrincipal]$me | |
| if (!$identity.IsInRole($admin)) { | |
| Start-Process powershell.exe "-NoProfile -ExecutionPolicy Bypass -File `"$PSCommandPath`"" -Verb RunAs; exit | |
| } | |
| Get-AppxPackage -allusers | Where {$_.Name -like '*xbox*'} | Select InstallLocation | | |
| ForEach-Object { | |
| Add-AppxPackage -register "$($_.InstallLocation)\appxmanifest.xml" -DisableDevelopmentMode | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Windows Registry Editor Version 5.00 | |
| [HKEY_CLASSES_ROOT\Allfilesystemobjects\shell\Windows.CopyAsPath] | |
| @="@shell32.dll,-30329" | |
| "Icon"="imageres.dll,-5302" | |
| "InvokeCommandOnSelection"=dword:00000001 | |
| "VerbHandler"="{f3d06e7c-1e45-4a26-847e-f9fcdee59be0}" | |
| "VerbName"="CopyAsPath" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment