1. GodHand

    GodHand MDL Addicted

    Jul 15, 2016
    532
    926
    30
    Easy to learn and invaluable in its ability to wrap any other programming language and compile it directly within the function for use. If you cannot do something with PowerShell natively, you can simply wrap simple C# code as a New-Object and add it to the function. This is how we attain access to protected namespaces to adjust BIOS settings directly from the OS itself and deploy BIOS settings over a network.

    A snippit:

    Code:
    Add-Type @"
    using System;
    namespace PRIVILEGES_LSA
    {
        using System.Runtime.InteropServices;
        using System.Security;
        using System.Management;
        using System.Runtime.CompilerServices;
        using System.ComponentModel;
        using LSA_HANDLE = IntPtr;
    
        public enum AccessTokens
        {
            SeAssignPrimaryTokenPrivilege,        // Replace a process-level token.
            SeAuditPrivilege,                     // Generate security audits.
            SeBackupPrivilege,                    // Back up files and directories.
            SeChangeNotifyPrivilege,              // Bypass traverse checking.
            SeCreateGlobalPrivilege,              // Create global objects.
            SeCreatePagefilePrivilege,            // Create a pagefile.
            SeCreatePermanentPrivilege,           // Create permanent shared objects.
            SeCreateSymbolicLinkPrivilege,        // Create symbolic links.
            SeCreateTokenPrivilege,               // Create a token object.
            SeDebugPrivilege,                     // Debug programs.
            SeEnableDelegationPrivilege,          // Enable computer and user accounts to be trusted for delegation.
            SeImpersonatePrivilege,               // Impersonate a client after authentication.
            SeIncreaseBasePriorityPrivilege,      // Increase scheduling priority.
            SeIncreaseQuotaPrivilege,             // Adjust memory quotas for a process.
            SeIncreaseWorkingSetPrivilege,        // Increase a process working set.
            SeLoadDriverPrivilege,                // Load and unload device drivers.
            SeLockMemoryPrivilege,                // Lock pages in memory.
            SeMachineAccountPrivilege,            // Add workstations to domain.
            SeManageVolumePrivilege,              // Perform volume maintenance tasks.
            SeProfileSingleProcessPrivilege,      // Profile single process.
            SeRelabelPrivilege,                   // Modify an object label.
            SeRemoteShutdownPrivilege,            // Force shutdown from a remote system.
            SeRestorePrivilege,                   // Restore files and directories.
            SeSecurityPrivilege,                  // Manage auditing and security log.
            SeShutdownPrivilege,                  // Shut down the system.
            SeSyncAgentPrivilege,                 // Synchronize directory service data.
            SeSystemEnvironmentPrivilege,         // Modify firmware environment values.
            SeSystemProfilePrivilege,             // Profile system performance.
            SeSystemtimePrivilege,                // Change the system time.
            SeTakeOwnershipPrivilege,             // Take ownership of files or other objects.
            SeTcbPrivilege,                       // Act as part of the operating system.
            SeTimeZonePrivilege,                  // Change the time zone.
            SeTrustedCredManAccessPrivilege,      // Access Credential Manager as a trusted caller.
            SeUndockPrivilege,                    // Remove computer from docking station.
            SeUnsolicitedInputPrivilege           // Read unsolicited input from a terminal device.
        }
    
    For obvious reasons I am hesitant to post the full C# methods because access rights and token privileges can brick devices if you do not know what you're doing since they can directly interact with hardware.

    However, I'm always willing to do so privately.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. dhjohns

    dhjohns MDL Guru

    Sep 5, 2013
    3,262
    1,734
    120
    I still have much to learn. I do so by studying and googling code. Trying scripts, and finding what works. I plug away until it works.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. GodHand

    GodHand MDL Addicted

    Jul 15, 2016
    532
    926
    30
    You can also wrap within wrapped code (i.e. using the Win32 wrapper allows token adjustment on current processes in order to use them as a script runs).

    Code:
            internal sealed class Win32Token
            {
                [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
                internal static extern bool AdjustTokenPrivileges
                    (
                    IntPtr htok,
                    bool disall,
                    ref TokPriv1Luid newst,
                    int len,
                    IntPtr prev,
                    IntPtr relen
                    );
    
                [DllImport("kernel32.dll", ExactSpelling = true)]
                internal static extern IntPtr GetCurrentProcess();
    
                [DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
                internal static extern bool OpenProcessToken
                    (
                    IntPtr h,
                    int acc,
                    ref IntPtr phtok
                    );
    
                [DllImport("advapi32.dll", SetLastError = true)]
                internal static extern bool LookupPrivilegeValue
                    (
                    string host,
                    string name,
                    ref long pluid
                    );
    
                [DllImport("kernel32.dll", ExactSpelling = true)]
                internal static extern bool CloseHandle
                    (
                    IntPtr phtok
                    );
            }
    
    But, hey, it's fun to use batch scripts because you can press buttons and stuff, right? Sorry, we're not in 1998 anymore.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. GodHand

    GodHand MDL Addicted

    Jul 15, 2016
    532
    926
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. dhjohns

    dhjohns MDL Guru

    Sep 5, 2013
    3,262
    1,734
    120
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Windows 10 User

    Windows 10 User MDL Guru

    Feb 2, 2017
    2,031
    128
    90
    #5726 Windows 10 User, Jan 29, 2018
    Last edited: Jan 29, 2018
    Well, what's strange is that finally someone understands the problems I had some months ago and doesn't say the fault is mine.

    Ok, but isn't it strange a PowerShell scrip to remove apps like the Store and Calculator ones breaks the OS?

    Good for you.


    Heh, nice you finally understood the fault wasn't, of course, mine.

    How can I post it since I no longer had it? I was talking about the problems I had months ago when I registered in this forum and you didn't understand. One of the problems I still have is that I'm unable to remove (let alone uninstall) some things I have in the start menu without making a clean install like the Windows Defender Security Center, Connect, Photos and Mixed Reality Portal apps. Will you still blame me? Do you expect me to understand what I have to do with that? Weren't you who told me I was a noob?
     
  7. AeonX

    AeonX MDL Addicted

    May 24, 2013
    798
    728
    30
    Well, it could be a hardware problem because with an untouched ISO it is not possible to have so many problems with simple tasks. But "in other PCs" does not make sense would be very unlucky. Test these memory modules and download a new ISO by disengagement of consciousness in the most do not know how I can help.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. dhjohns

    dhjohns MDL Guru

    Sep 5, 2013
    3,262
    1,734
    120
    I have removed everything in every IP, and final release. I have not experienced a broken OS.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. GodHand

    GodHand MDL Addicted

    Jul 15, 2016
    532
    926
    30
    You can definitely use it to learn. It will auto-complete lines of code for you using the variables you've been assigning. It has a very easy function creator to learn how to create your own advanced functions. The object on the left are all selectable and it gives detailed information about each object/cmdlet/module/etc. and examples of how they can be used in basic and advanced scripts.

    You can create full projects and GUI programs.

    It creates all manifest files for you automatically when you create your own modules allowing cmdlet/module exporting, and supplies its own console for debugging the script (it runs as if it was doing so in the regular environment, and outputs the process percentages required by the system to run the script, syntax errors and errors sending/receiving pipe-line objects.

    oscdimg for ISO creation? Nah...use the .NET framework:

    Code:
        Begin
       {
           ($CP = New-Object System.CodeDom.Compiler.CompilerParameters).CompilerOptions = '/unsafe'
           if (!('ISOFile' -as [type]))
           {
               Add-Type -CompilerParameters $CP -TypeDefinition @'
    public class ISOFile 
    {
      public unsafe static void Create(string Path, object Stream, int BlockSize, int TotalBlocks) 
      { 
        int bytes = 0; 
        byte[] buf = new byte[BlockSize]; 
        var ptr = (System.IntPtr)(&bytes); 
        var o = System.IO.File.OpenWrite(Path); 
        var i = Stream as System.Runtime.InteropServices.ComTypes.IStream; 
     
        if (o != null) {
          while (TotalBlocks-- > 0) { 
            i.Read(buf, BlockSize, ptr); o.Write(buf, 0, bytes); 
          } 
          o.Flush(); o.Close(); 
        }
      }
    } 
    '@
           }
          
           If ($Bootable)
           {
               If ('BDR', 'BDRE' -contains $Media) { Write-Warning "$Image is incompatible with $Bootable" }
               ($Stream = New-Object -ComObject ADODB.Stream -Property @{ Type = 1 }).Open()
               $Stream.LoadFromFile((Get-Item -LiteralPath $Bootable).Fullname)
               ($Boot = New-Object -ComObject IMAPI2FS.BootOptions).AssignBootImage($Stream)
           }
          
           $MediaType = @('UNKNOWN', 'CDROM', 'CDR', 'CDRW', 'DVDROM', 'DVDRAM', 'DVDPLUSR', 'DVDPLUSRW', 'DVDPLUSR_DUALLAYER', 'DVDDASHR', 'DVDDASHRW', 'DVDDASHR_DUALLAYER', 'DISK', 'DVDPLUSRW_DUALLAYER', 'HDDVDROM', 'HDDVDR', 'HDDVDRAM', 'BDROM', 'BDR', 'BDRE')
           etc.
    etc.
    
    Anyways, I digress...All these will be in the optimization project I post within the next week (still being debugged by a handful of people).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    54,966
    125,938
    450
    And now back to MSMG's toolkit?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. GodHand

    GodHand MDL Addicted

    Jul 15, 2016
    532
    926
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. Windows 10 User

    Windows 10 User MDL Guru

    Feb 2, 2017
    2,031
    128
    90
    Which memory modules? Anyway, how can I start by at least removing this start menu apps from the start menu without doing a clean install? Is it possible to reinstall the Windows Photo Viewer even after it was removed by MSMG ToolKit or NTLite?
     
  13. GodHand

    GodHand MDL Addicted

    Jul 15, 2016
    532
    926
    30
    Agreed. Point being, it's best to use one optimizing script/program for the optimization of your image. If you start with MSMG, stick with MSMG (aside from non-critical clean-up like CPL link removal and the like).

    NTLite is a nice program, but there's way too much missing data about many of the critical system features it removes and other info is sometimes ambiguous.

    MSMG you can look at the code and see what it's doing...IMO being able for people to see the actual code being used is critical to having a trusted tool and in accordance with the mentality anyone who writes pretty much anything stands by: Open Source enforces trust (so long as the processes are safe, too, of course). Hell, even Microsoft made PowerShell open source!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    54,966
    125,938
    450
    It's best to not remove anything, it won't bring any improvements only future problems ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. AeonX

    AeonX MDL Addicted

    May 24, 2013
    798
    728
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. GodHand

    GodHand MDL Addicted

    Jul 15, 2016
    532
    926
    30
    Hence why I use the word "optimize" and "optimizations" primarily when referring to images I create and why I've harped about the force removal of Component Packages for months. 99.9% of removals are completely unnecessary but some people aim for these tiny "Wimboot-like" Wim files like they get a medal for the smallest system image.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. AeonX

    AeonX MDL Addicted

    May 24, 2013
    798
    728
    30
    That's why I said it would be very unlucky. Before continuing with the tweaks it would be better to find out the cause of this otherwise you will be walking in circles without leaving the place.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  18. Windows 10 User

    Windows 10 User MDL Guru

    Feb 2, 2017
    2,031
    128
    90
    Ok.
     
  19. GodHand

    GodHand MDL Addicted

    Jul 15, 2016
    532
    926
    30
    ISO/WIM to UUP working.

    Anyone who wants to know the working parameters, knock yourself out.

    Code:
    [DllImport("Wimgapi.dll", CharSet = CharSet.Unicode, SetLastError = true, EntryPoint = "CreateUUP")]
    internal static extern IntPtr GetCurrentProcess();
    if (MarshalAs(UnmanagedType.Bool)); throw ex;
    CreateUUP(
        [In, MarshalAs(UnmanagedType.WIMStr)] string WimFile,
        [In]    UUPCreateDesiredAccess DesiredAccess,
        [In]    UUPCompressionType CompressionType,
        [Out, Optional] out UUPCreationResult CreationResult
    );
    
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...