Win10 Tweaking Scripts

Discussion in 'Scripting' started by mdl052020, Jul 29, 2020.

?

Do you like these batch scripts?

  1. Yes

    74 vote(s)
    87.1%
  2. No

    4 vote(s)
    4.7%
  3. Will Decide After I Try Any of Script

    7 vote(s)
    8.2%
Multiple votes are allowed.
  1. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #1 mdl052020, Jul 29, 2020
    Last edited: Apr 15, 2021 at 13:58
    Disable Win10 Extra Services.
    Included in Complete $OEM$ Pack

    Code:
    @echo off & title Disable Services & color 17
    echo ==========================================================
    echo ------------------ Disable Services ----------------------
    echo ==========================================================
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\CredentialEnrollmentManagerUserSvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\DeviceAssociationBrokerSvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\diagnosticshub.standardcollector.service" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\DiagTrack" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\DmWapPushService" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\DoSvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\MessagingService" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\PimIndexMaintenanceSvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\PrintWorkflowUserSvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\sgrmbroker" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\UnistoreSvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\UserDataSvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\WinHttpAutoProxySvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\WpnUserService" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\Sense" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\WdBoot" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\WdFilter" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\WdNisDrv" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\WdNisSvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\WinDefend" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" /v "Start" /t REG_DWORD /d "4" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "4" /f
    sc stop AarSvc & sc config AarSvc start=disabled
    sc stop AJRouter & sc config AJRouter start=disabled
    sc stop ALG & sc config ALG start=disabled
    sc stop AppMgmt & sc config AppMgmt start=disabled
    sc stop AppReadiness & sc config AppReadiness start=disabled
    sc stop BcastDVRUserService & sc config BcastDVRUserService start=disabled
    sc stop BluetoothUserService & sc config BluetoothUserService start=disabled
    sc stop BthAvctpSvc & sc config BthAvctpSvc start=disabled
    sc stop BTAGService & sc config BTAGService start=disabled
    sc stop bthserv & sc config bthserv start=disabled
    sc stop CaptureService & sc config CaptureService start=disabled
    sc stop cbdhsvc & sc config cbdhsvc start=disabled
    sc stop CDPSvc & sc config CDPSvc start=disabled
    sc stop CDPUserSvc & sc config CDPUserSvc start=disabled
    sc stop CertPropSvc & sc config CertPropSvc start=disabled
    sc stop cldflt & sc config cldflt start=disabled
    sc stop ConsentUxUserSvc & sc config ConsentUxUserSvc start=disabled
    sc stop DeviceAssociationService & sc config DeviceAssociationService start=disabled
    sc stop DevicePickerUserSvc & sc config DevicePickerUserSvc start=disabled
    sc stop DevicesFlowUserSvc & sc config DevicesFlowUserSvc start=disabled
    sc stop diagsvc & sc config diagsvc start=disabled
    sc stop DPS & sc config DPS start=disabled
    sc stop DsSvc & sc config DsSvc start=disabled
    sc stop FrameServer & sc config FrameServer start=disabled
    sc stop HvHost & sc config HvHost start=disabled
    sc stop icssvc & sc config icssvc start=disabled
    sc stop InstallService & sc config InstallService start=disabled
    sc stop lfsvc & sc config lfsvc start=disabled
    sc stop lmhosts & sc config lmhosts start=disabled
    sc stop LxpSvc & sc config LxpSvc start=disabled
    sc stop MapsBroker & sc config MapsBroker start=disabled
    sc stop MRxDAV & sc config MRxDAV start=disabled
    sc stop MSiSCSI & sc config MSiSCSI start=disabled
    sc stop NaturalAuthentication & sc config NaturalAuthentication start=disabled
    sc stop NcaSvc & sc config NcaSvc start=disabled
    sc stop NcdAutoSetup & sc config NcdAutoSetup start=disabled
    sc stop NetBT & sc config NetBT start=disabled
    sc stop Netlogon & sc config Netlogon start=disabled
    sc stop PcaSvc & sc config PcaSvc start=disabled
    sc stop PeerDistSvc & sc config PeerDistSvc start=disabled
    sc stop PhoneSvc & sc config PhoneSvc start=disabled
    sc stop PushToInstall & sc config PushToInstall start=disabled
    sc stop RetailDemo & sc config RetailDemo start=disabled
    sc stop RpcLocator & sc config RpcLocator start=disabled
    sc stop SharedAccess & sc config SharedAccess start=disabled
    sc stop SEMgrSvc & sc config SEMgrSvc start=disabled
    sc stop SessionEnv & sc config SessionEnv start=disabled
    sc stop SensorDataService & sc config SensorDataService start=disabled
    sc stop SensrSvc & sc config SensrSvc start=disabled
    sc stop SensorService & sc config SensorService start=disabled
    sc stop SCardSvr & sc config SCardSvr start=disabled
    sc stop ScDeviceEnum & sc config ScDeviceEnum start=disabled
    sc stop SCPolicySvc & sc config SCPolicySvc start=disabled
    sc stop SmsRouter & sc config SmsRouter start=disabled
    sc stop SNMPTRAP & sc config SNMPTRAP start=disabled
    sc stop SSDPSRV & sc config SSDPSRV start=disabled
    sc stop StorSvc & sc config StorSvc start=disabled
    sc stop SysMain & sc config SysMain start=disabled
    sc stop TabletInputService & sc config TabletInputService start=disabled
    sc stop TermService & sc config TermService start=disabled
    sc stop TrkWks & sc config TrkWks start=disabled
    sc stop tunnel & sc config tunnel start=disabled
    sc stop UmRdpService & sc config UmRdpService start=disabled
    sc stop upnphost & sc config upnphost start=disabled
    sc stop vmicguestinterface & sc config vmicguestinterface start=disabled
    sc stop vmicheartbeat & sc config vmicheartbeat start=disabled
    sc stop vmickvpexchange & sc config vmickvpexchange start=disabled
    sc stop vmicrdv & sc config vmicrdv start=disabled
    sc stop vmicshutdown & sc config vmicshutdown start=disabled
    sc stop vmictimesync & sc config vmictimesync start=disabled
    sc stop vmicvmsession & sc config vmicvmsession start=disabled
    sc stop vmicvss & sc config vmicvss start=disabled
    sc stop wcncsvc & sc config wcncsvc start=disabled
    sc stop WdiServiceHost & sc config WdiServiceHost start=disabled
    sc stop WdiSystemHost & sc config WdiSystemHost start=disabled
    sc stop WebClient & sc config WebClient start=disabled
    sc stop wercplsupport & sc config wercplsupport start=disabled
    sc stop WerSvc & sc config WerSvc start=disabled
    sc stop WinRM & sc config WinRM start=disabled
    sc stop wisvc & sc config wisvc start=disabled
    sc stop WpcMonSvc & sc config WpcMonSvc start=disabled
    sc stop WpnService & sc config WpnService start=disabled
    sc stop WwanSvc & sc config WwanSvc start=disabled
    sc stop XblAuthManager & sc config XblAuthManager start=disabled
    sc stop XblGameSave & sc config XblGameSave start=disabled
    sc stop XboxGipSvc & sc config XboxGipSvc start=disabled
    sc stop XboxNetApiSvc & sc config XboxNetApiSvc start=disabled
    echo ==========================================================
    
     
  2. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #2 mdl052020, Jul 29, 2020
    Last edited: Apr 15, 2021 at 14:02
    (OP)
    Win10 AIO Tweaker:
    Included in Complete $OEM$ Pack

    Code:
    @echo off & Title Windows 10 Tweaker by Mydigitallife User & color 17
    :: ----------------------------------------------------------
    echo           Get Admin Privilege
    :: ----------------------------------------------------------
    REM  --> Check for permissions
    >nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
    REM --> If error flag set, we do not have admin.
    if '%errorlevel%' NEQ '0' (    echo Requesting administrative privileges...    goto UACPrompt) else ( goto gotAdmin )
    :UACPrompt
    echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
    echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
    "%temp%\getadmin.vbs"
    exit /B
    :gotAdmin
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo --- Remove This PC Libraries
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{0DB7E03F-FC29-4DC6-9020-FF41B59E513A}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{0DB7E03F-FC29-4DC6-9020-FF41B59E513A}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}" /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}" /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo --- TakeOwnership of WaasMedic and Remove
    takeown /f %SystemRoot%\Logs\waasmedic /R /D y
    icacls %SystemRoot%\Logs\waasmedic /grant administrators:F /T
    RD /S /Q "%SystemRoot%\Logs\waasmedic"
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo --- Remove WindowsApps for Current User ---
    Powershell -Command "Get-AppxProvisionedPackage -Online | Out-GridView -PassThru -Title 'Select Provisioned Apps to Remove' | Remove-AppxProvisionedPackage -Online -Verbose"
    echo.
    echo --- Remove SystemApps for Current User ---
    Powershell -Command "Get-AppxPackage | Out-GridView -PassThru -Title 'Select Current User System Apps to Remove' | Remove-AppxPackage -ErrorAction SilentlyContinue -Verbose"
    echo.
    echo --- Remove SystemApps for All Users ---
    Powershell -Command "Get-AppxPackage -AllUsers | Out-GridView -PassThru -Title 'Select All Users System Apps to Remove' | Remove-AppxPackage -ErrorAction SilentlyContinue -Verbose"
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo --- Remove Firewall Rules ---
    Powershell -Command "Get-NetFirewallRule | Out-GridView -PassThru -Title 'Delete Firewall Rules' | Remove-NetFirewallRule -Confirm:$False -Verbose"
    echo.
    echo --- Apply Best Firewall Policy ---
    Powershell -Command "Get-NetFirewallProfile | Where-Object Enabled -eq True | Out-GridView -PassThru -Title 'Select All Firewall Profiles and Click OK to Apply Best Policies For Security' | Set-NetFirewallProfile -AllowUserPorts False -AllowInboundRules False -AllowLocalFirewallRules False -AllowLocalIPsecRules False -AllowUserApps False -AllowUnicastResponseToMulticast False -DefaultInboundAction Block -DefaultOutboundAction Block -LogFileName %SystemRoot%\Logs\Firewall.log -NotifyOnListen True -EnableStealthModeForIPsec True -LogAllowed True -LogBlocked True -LogIgnored True -Verbose"
    echo.
    echo --- Allow SVCHOST Outbound Connection in Firewall ---
    Powershell -Command "New-NetFirewallRule -DisplayName 'Host Process for Windows Services (svchost.exe)' -Direction Outbound -Program '%SystemRoot%\System32\svchost.exe' -Action Allow -Verbose"
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo --- Apply Best Autologger Policy ---
    Powershell -Command "Get-AutologgerConfig | Out-GridView -PassThru -Title 'Select Autologger and Click OK to Stop' | Set-AutologgerConfig -Start 0 -InitStatus 0 -Confirm:$False -ErrorAction SilentlyContinue -Verbose"
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo --- Remove Scheduled Tasks ---
    Powershell -Command "Get-Scheduledtask | Out-GridView -PassThru -Title 'Select Scheduled Tasks to Delete' | Unregister-ScheduledTask -Confirm:$false -ErrorAction SilentlyContinue -Verbose"
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo --- Enable Uninstall Microsoft Edge Chromium via Programs and Features
    call :TakeKeyOwnership "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" -y
    call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" -y
    call :TakeKeyOwnership "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" -y
    reg add "HKLM\SOFTWARE\Microsoft\EdgeUpdate" /v DoNotUpdateToEdgeWithChromium /t REG_DWORD /d 1 /f
    reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" /v NoRemove /f
    reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" /v NoRemove /f
    reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" /v NoRemove /f
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo  Disable Defender With Tamper Protection and Smartscreen
    call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\Features" -y
    call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" -y
    call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\UX Configuration" -y
    reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontOfferThroughWUAU" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "PreventOverride" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "PreventOverride" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "PreventOverride" /t REG_DWORD /d 0 /f
    reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
    reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "PreventOverride" /t REG_DWORD /d 0 /f
    reg add "HKCU\SOFTWARE\Microsoft\Windows Security Health\State" /v "AppAndBrowser_StoreAppsSmartScreenOff" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run" /v "SecurityHealth" /t REG_BINARY /d "030000000000000000000000" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "RandomizeScheduleTaskTimes" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "PUAProtection" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions" /v "DisableAutoExclusions" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Quarantine" /v "PurgeItemsAfterDelay" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Quarantine" /v "LocalSettingOverridePurgeItemsAfterDelay" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRoutinelyTakingAction" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtimeMonitoring" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScriptScanning" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScanOnRealtimeEnable" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Remediation" /v "Scan_ScheduleDay" /t REG_DWORD /d "8" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Remediation" /v "Scan_ScheduleTime" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "AdditionalActionTimeOut" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "CriticalFailureTimeOut" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "NonCriticalTimeOut" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableGenericRePorts" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "AvgCPULoadFactor" /t REG_DWORD /d "10" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableArchiveScanning" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableCatchupFullScan" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableCatchupQuickScan" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableRemovableDriveScanning" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableRestorePoint" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableScanningMappedNetworkDrivesForFullScan" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableScanningNetworkFiles" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "PurgeItemsAfterDelay" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScheduleDay" /t REG_DWORD /d 8 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScheduleTime" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScanOnlyIfIdle" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScanParameters" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "DisableUpdateOnStartupWithoutEngine" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "ScheduleDay" /t REG_DWORD /d 8 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "ScheduleTime" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "SignatureUpdateCatchupInterval" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControl" /t REG_SZ /d "Anywhere" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControlEnabled" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "SpynetReporting" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpyNetReportingLocation" /t REG_MULTI_SZ /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "LocalSettingOverrideSpynetReporting" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Systray" /v "HideSystray" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v "FirstAuGracePeriod" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\UX Configuration" /v "DisablePrivacyMode" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Features" /v "TamperProtection" /t REG_DWORD /d "4" /f
    Powershell -Command "Get-MpPreference"
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo --- Clear Windows Product Key from Registry ---
    cscript //nologo %SystemRoot%\System32\slmgr.vbs /dlv
    cscript //nologo %SystemRoot%\System32\slmgr.vbs /cpky
    :: ----------------------------------------------------------
    echo.
    :: ----------------------------------------------------------
    echo --- Clear Event Logs ---
    Powershell -Command "Get-EventLog -LogName '*' | Out-GridView -PassThru -Title 'Select Event Logs to Clear' | ForEach { Clear-EventLog $_.Log } -ErrorAction SilentlyContinue -Verbose"
    pause
    :: ----------------------------------------------------------
    
    :TakeKeyOwnership %1:regpath[ex:"HKCU\Console"] %2:_recurse[optional, default:"-n", "-y"] %3:_sid[optional, default:"S-1-5-32-545"]
    set "s10=function TakeKeyOwnership { param($regp, $all, $owner); $recurse=($all -eq '-y'); $RP=($regp -split '\\',2); $key=$RP[1];"
    set "s11= switch -regex ($RP[0]) { 'HKLM|HKEY_LOCAL_MACHINE' {$HK='LocalMachine'};'HKCC|HKEY_CURRENT_CONFIG' {$HK='CurrentConfig'};"
    set "s12=  'HKCR|HKEY_CLASSES_ROOT' {$HK='ClassesRoot'};'HKU|HKEY_USERS' {$HK='Users'};'HKCU|HKEY_CURRENT_USER' {$HK='CurrentUser'}"
    set "s13= }; $rootKey=$HK; if ($owner -eq '') {$owner='S-1-5-32-545'}; [System.Security.Principal.SecurityIdentifier]$sid=$owner;"
    set "s14= $import='[DllImport("ntdll.dll")] public static extern int RtlAdjustPrivilege(ulong a, bool b, bool c, ref bool d);';"
    set "s15= $ntdll=Add-Type -Member $import -Name NtDll -PassThru; $privileges=@{ SeTakeOwnership=9; SeBackup=17; SeRestore=18 };"
    set "s16= foreach ($i in $privileges.Values) { $null=$ntdll::RtlAdjustPrivilege($i, 1, 0, [ref]0) };"
    set "s17= function Take-KeyPermissions { param($rootKey, $key, $sid, $recurse, $recurseLevel=0);"
    set "s18=  $regKey=[Microsoft.Win32.Registry]::$rootKey.OpenSubKey($key, 'ReadWriteSubTree', 'TakeOwnership');"
    set "s19=  $acl=New-Object System.Security.AccessControl.RegistrySecurity; $acl.SetOwner($sid); $regKey.SetAccessControl($acl);"
    set "s20=  $acl.SetAccessRuleProtection($false, $false); $regKey.SetAccessControl($acl);"
    set "s21=  if ($recurseLevel -eq 0) { $regKey=$regKey.OpenSubKey('', 'ReadWriteSubTree', 'ChangePermissions');"
    set "s22=  $rule=New-Object System.Security.AccessControl.RegistryAccessRule($sid,'FullControl','ContainerInherit','None','Allow');"
    set "s23=  $acl.ResetAccessRule($rule); $regKey.SetAccessControl($acl) };"
    set "s24=  if ($recurse) { foreach($subKey in $regKey.OpenSubKey('').GetSubKeyNames()) {"
    set "s25=    Take-KeyPermissions $rootKey ($key+'\'+$subKey) $sid $recurse ($recurseLevel+1) } };"
    set "s26= }; $ErrorActionPreference='Continue'; Take-KeyPermissions $rootKey $key $sid $recurse }"
    for /l %%# in (10,1,26) do call set "ps_TakeKeyOwnership=%%ps_TakeKeyOwnership%%%%s%%#:"=\"%%"
    powershell.exe -c "%ps_TakeKeyOwnership%; try { TakeKeyOwnership '%~1' '%~2' '%~3' } catch {}"
    
     
  3. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #3 mdl052020, Jul 29, 2020
    Last edited: Mar 22, 2021
    (OP)
    Permanently Disable Defender to Use Thrid Party Antivirus :
    Included in Complete $OEM$ Pack
    Code:
    @echo off & title Disable Defender With Tamper Protection and Smartscreen & color 17
    echo ==========================================================
    echo  Disable Defender With Tamper Protection and Smartscreen
    echo ==========================================================
    call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\Features" -y
    call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" -y
    call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\UX Configuration" -y
    reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f
    reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontOfferThroughWUAU" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "PreventOverride" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "PreventOverride" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "PreventOverride" /t REG_DWORD /d 0 /f
    reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
    reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "PreventOverride" /t REG_DWORD /d 0 /f
    reg add "HKCU\SOFTWARE\Microsoft\Windows Security Health\State" /v "AppAndBrowser_StoreAppsSmartScreenOff" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run" /v "SecurityHealth" /t REG_BINARY /d "030000000000000000000000" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "RandomizeScheduleTaskTimes" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "PUAProtection" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions" /v "DisableAutoExclusions" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Quarantine" /v "PurgeItemsAfterDelay" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Quarantine" /v "LocalSettingOverridePurgeItemsAfterDelay" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRoutinelyTakingAction" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtimeMonitoring" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScriptScanning" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScanOnRealtimeEnable" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Remediation" /v "Scan_ScheduleDay" /t REG_DWORD /d "8" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Remediation" /v "Scan_ScheduleTime" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "AdditionalActionTimeOut" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "CriticalFailureTimeOut" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "NonCriticalTimeOut" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableGenericRePorts" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "AvgCPULoadFactor" /t REG_DWORD /d "10" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableArchiveScanning" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableCatchupFullScan" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableCatchupQuickScan" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableRemovableDriveScanning" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableRestorePoint" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableScanningMappedNetworkDrivesForFullScan" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableScanningNetworkFiles" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "PurgeItemsAfterDelay" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScheduleDay" /t REG_DWORD /d 8 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScheduleTime" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScanOnlyIfIdle" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScanParameters" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "DisableUpdateOnStartupWithoutEngine" /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "ScheduleDay" /t REG_DWORD /d 8 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "ScheduleTime" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "SignatureUpdateCatchupInterval" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControl" /t REG_SZ /d "Anywhere" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControlEnabled" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "SpynetReporting" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpyNetReportingLocation" /t REG_MULTI_SZ /d "0" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "LocalSettingOverrideSpynetReporting" /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Systray" /v "HideSystray" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v "FirstAuGracePeriod" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\UX Configuration" /v "DisablePrivacyMode" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Features" /v "TamperProtection" /t REG_DWORD /d "4" /f
    echo ==========================================================
    Powershell -Command "Get-MpPreference"
    pause
    
    :TakeKeyOwnership %1:regpath[ex:"HKCU\Console"] %2:_recurse[optional, default:"-n", "-y"] %3:_sid[optional, default:"S-1-5-32-545"]
    set "s10=function TakeKeyOwnership { param($regp, $all, $owner); $recurse=($all -eq '-y'); $RP=($regp -split '\\',2); $key=$RP[1];"
    set "s11= switch -regex ($RP[0]) { 'HKLM|HKEY_LOCAL_MACHINE' {$HK='LocalMachine'};'HKCC|HKEY_CURRENT_CONFIG' {$HK='CurrentConfig'};"
    set "s12=  'HKCR|HKEY_CLASSES_ROOT' {$HK='ClassesRoot'};'HKU|HKEY_USERS' {$HK='Users'};'HKCU|HKEY_CURRENT_USER' {$HK='CurrentUser'}"
    set "s13= }; $rootKey=$HK; if ($owner -eq '') {$owner='S-1-5-32-545'}; [System.Security.Principal.SecurityIdentifier]$sid=$owner;"
    set "s14= $import='[DllImport("ntdll.dll")] public static extern int RtlAdjustPrivilege(ulong a, bool b, bool c, ref bool d);';"
    set "s15= $ntdll=Add-Type -Member $import -Name NtDll -PassThru; $privileges=@{ SeTakeOwnership=9; SeBackup=17; SeRestore=18 };"
    set "s16= foreach ($i in $privileges.Values) { $null=$ntdll::RtlAdjustPrivilege($i, 1, 0, [ref]0) };"
    set "s17= function Take-KeyPermissions { param($rootKey, $key, $sid, $recurse, $recurseLevel=0);"
    set "s18=  $regKey=[Microsoft.Win32.Registry]::$rootKey.OpenSubKey($key, 'ReadWriteSubTree', 'TakeOwnership');"
    set "s19=  $acl=New-Object System.Security.AccessControl.RegistrySecurity; $acl.SetOwner($sid); $regKey.SetAccessControl($acl);"
    set "s20=  $acl.SetAccessRuleProtection($false, $false); $regKey.SetAccessControl($acl);"
    set "s21=  if ($recurseLevel -eq 0) { $regKey=$regKey.OpenSubKey('', 'ReadWriteSubTree', 'ChangePermissions');"
    set "s22=  $rule=New-Object System.Security.AccessControl.RegistryAccessRule($sid,'FullControl','ContainerInherit','None','Allow');"
    set "s23=  $acl.ResetAccessRule($rule); $regKey.SetAccessControl($acl) };"
    set "s24=  if ($recurse) { foreach($subKey in $regKey.OpenSubKey('').GetSubKeyNames()) {"
    set "s25=    Take-KeyPermissions $rootKey ($key+'\'+$subKey) $sid $recurse ($recurseLevel+1) } };"
    set "s26= }; $ErrorActionPreference='Continue'; Take-KeyPermissions $rootKey $key $sid $recurse }"
    for /l %%# in (10,1,26) do call set "ps_TakeKeyOwnership=%%ps_TakeKeyOwnership%%%%s%%#:"=\"%%"
    powershell.exe -c "%ps_TakeKeyOwnership%; try { TakeKeyOwnership '%~1' '%~2' '%~3' } catch {}"
    
    
    Enable Back Defender Using Registry Tweak
    Please Run as Trusted Installer [TI] Using NSUDO or PowerRun
    :
    For Those Who want to Know How to Add Run AS Trusted Installer to Context Menu With PowerRun or Either NSudo please see here Run as TrustedInstaller [from Context menu]
    Code:
    
    Windows Registry Editor Version 5.00
    
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDefend]
    "Start"=dword:00000002
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
    "DisableAntiSpyware"=-
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware"=-
    
    [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
    "DisableRealtimeMonitoring"=-
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection]
    "DisableRealtimeMonitoring"=-
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
    "SecurityHealth"=hex:04,00,00,00,00,00,00,00,00,00,00,00
    
    
     
  4. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #4 mdl052020, Sep 19, 2020
    Last edited: Mar 22, 2021
    (OP)
    Extra Firewall Rules for OS Hardening
    Included in Complete $OEM$ Pack

    Code:
    @echo off & title Extra Firewall Rules for OS Hardening & color 17
    echo --- Adding Extra Firewall Rules for OS Hardening
    netsh advfirewall firewall add rule name="Block appvlp.exe" program="%programfiles%\Microsoft Office\root\client\AppVLP.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block appvlp.exe" program="%programfiles(x86)%\Microsoft Office\root\client\AppVLP.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block At.exe" program="%systemroot%\System32\At.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block At.exe" program="%systemroot%\SysWOW64\At.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Attrib.exe" program="%systemroot%\System32\Attrib.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Attrib.exe" program="%systemroot%\SysWOW64\Attrib.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Atbroker.exe" program="%systemroot%\System32\Atbroker.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Atbroker.exe" program="%systemroot%\SysWOW64\Atbroker.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block bash.exe" program="%systemroot%\System32\bash.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block bash.exe" program="%systemroot%\SysWOW64\bash.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block bitsadmin.exe" program="%systemroot%\System32\bitsadmin.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block bitsadmin.exe" program="%systemroot%\SysWOW64\bitsadmin.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block calc.exe" program="%systemroot%\System32\calc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block calc.exe" program="%systemroot%\SysWOW64\calc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block certreq.exe" program="%systemroot%\System32\certreq.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block certreq.exe" program="%systemroot%\SysWOW64\certreq.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block certutil.exe" program="%systemroot%\System32\certutil.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block certutil.exe" program="%systemroot%\SysWOW64\certutil.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block cmdkey.exe" program="%systemroot%\System32\cmdkey.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block cmdkey.exe" program="%systemroot%\SysWOW64\cmdkey.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block cmstp.exe" program="%systemroot%\System32\cmstp.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block cmstp.exe" program="%systemroot%\SysWOW64\cmstp.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block CompatTelRunner.exe" program="%systemroot%\System32\CompatTelRunner.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block CompatTelRunner.exe" program="%systemroot%\SysWOW64\CompatTelRunner.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ConfigSecurityPolicy.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.9-0\ConfigSecurityPolicy.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block control.exe" program="%systemroot%\System32\control.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block control.exe" program="%systemroot%\SysWOW64\control.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Csc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Csc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Csc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Csc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block cscript.exe" program="%systemroot%\System32\cscript.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block cscript.exe" program="%systemroot%\SysWOW64\cscript.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ctfmon.exe" program="%systemroot%\System32\ctfmon.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ctfmon.exe" program="%systemroot%\SysWOW64\ctfmon.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block curl.exe" program="%systemroot%\System32\curl.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block curl.exe" program="%systemroot%\SysWOW64\curl.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block desktopimgdownldr.exe" program="%systemroot%\System32\desktopimgdownldr.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block DeviceDisplayObjectProvider.exe" program="%systemroot%\System32\DeviceDisplayObjectProvider.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block DeviceDisplayObjectProvider.exe" program="%systemroot%\SysWOW64\DeviceDisplayObjectProvider.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Dfsvc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Dfsvc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Dfsvc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Dfsvc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block diskshadow.exe" program="%systemroot%\SysWOW64\diskshadow.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block diskshadow.exe" program="%systemroot%\System32\diskshadow.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Dnscmd.exe" program="%systemroot%\SysWOW64\Dnscmd.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Dnscmd.exe" program="%systemroot%\System32\Dnscmd.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block dwm.exe" program="%systemroot%\SysWOW64\dwm.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block dwm.exe" program="%systemroot%\System32\dwm.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block eventvwr.exe" program="%systemroot%\System32\eventvwr.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block esentutl.exe" program="%systemroot%\SysWOW64\esentutl.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block esentutl.exe" program="%systemroot%\System32\esentutl.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Expand.exe" program="%systemroot%\System32\Expand.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Expand.exe" program="%systemroot%\SysWOW64\Expand.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block explorer.exe" program="%systemroot%\System32\explorer.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block explorer.exe" program="%systemroot%\SysWOW64\explorer.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Extexport.exe" program="%programfiles%\Internet Explorer\Extexport.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Extexport.exe" program="%programfiles(x86)%\Internet Explorer\Extexport.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block extrac32.exe" program="%systemroot%\System32\extrac32.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block extrac32.exe" program="%systemroot%\SysWOW64\extrac32.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block findstr.exe" program="%systemroot%\System32\findstr.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block findstr.exe" program="%systemroot%\SysWOW64\findstr.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block forfiles.exe" program="%systemroot%\System32\forfiles.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block forfiles.exe" program="%systemroot%\SysWOW64\forfiles.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ftp.exe" program="%systemroot%\System32\ftp.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ftp.exe" program="%systemroot%\SysWOW64\ftp.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block gpscript.exe" program="%systemroot%\System32\gpscript.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block gpscript.exe" program="%systemroot%\SysWOW64\gpscript.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block hh.exe" program="%systemroot%\System32\hh.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block hh.exe" program="%systemroot%\SysWOW64\hh.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ie4uinit.exe" program="%systemroot%\System32\ie4uinit.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ie4uinit.exe" program="%systemroot%\SysWOW64\ie4uinit.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ieexec.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\ieexec.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ieexec.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\ieexec.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ilasm.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\ilasm.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ilasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Infdefaultinstall.exe" program="%systemroot%\System32\Infdefaultinstall.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Infdefaultinstall.exe" program="%systemroot%\SysWOW64\Infdefaultinstall.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Jsc.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\Jsc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Jsc.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\Jsc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Jsc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Jsc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Jsc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Jsc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block lsass.exe" program="%systemroot%\System32\lsass.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block lsass.exe" program="%systemroot%\SysWOW64\lsass.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block makecab.exe" program="%systemroot%\System32\makecab.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block makecab.exe" program="%systemroot%\SysWOW64\makecab.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block mavinject.exe" program="%systemroot%\System32\mavinject.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block mavinject.exe" program="%systemroot%\SysWOW64\mavinject.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Microsoft.Workflow.Compiler.exe" program="%systemroot%\Microsoft.Net\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block mmc.exe" program="%systemroot%\SysWOW64\mmc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block mmc.exe" program="%systemroot%\System32\mmc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.4-0\MpCmdRun.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.7-0\MpCmdRun.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MpCmdRun.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\Msbuild.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\Msbuild.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v3.5\Msbuild.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v3.5\Msbuild.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Msbuild.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block msconfig.exe" program="%systemroot%\System32\msconfig.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Msdt.exe" program="%systemroot%\System32\Msdt.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Msdt.exe" program="%systemroot%\SysWOW64\Msdt.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block mshta.exe" program="%systemroot%\System32\mshta.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block mshta.exe" program="%systemroot%\SysWOW64\mshta.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block msiexec.exe" program="%systemroot%\System32\msiexec.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block msiexec.exe" program="%systemroot%\SysWOW64\msiexec.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Netsh.exe" program="%systemroot%\System32\Netsh.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Netsh.exe" program="%systemroot%\SysWOW64\Netsh.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block notepad.exe" program="%systemroot%\system32\notepad.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block notepad.exe " program="%systemroot%\SysWOW64\notepad.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block odbcconf.exe" program="%systemroot%\System32\odbcconf.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block odbcconf.exe" program="%systemroot%\SysWOW64\odbcconf.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block pcalua.exe" program="%systemroot%\System32\pcalua.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block pcalua.exe" program="%systemroot%\SysWOW64\pcalua.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block pcwrun.exe" program="%systemroot%\System32\pcwrun.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block pcwrun.exe" program="%systemroot%\SysWOW64\pcwrun.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block pktmon.exe" program="%systemroot%\System32\pktmon.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block pktmon.exe" program="%systemroot%\SysWOW64\pktmon.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block powershell.exe" program="%systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block powershell.exe" program="%systemroot%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block powershell_ise.exe" program="%systemroot%\System32\WindowsPowerShell\v1.0\powershell_ise.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block powershell_ise.exe" program="%systemroot%\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Presentationhost.exe" program="%systemroot%\System32\Presentationhost.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Presentationhost.exe" program="%systemroot%\SysWOW64\Presentationhost.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block print.exe" program="%systemroot%\System32\print.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block print.exe" program="%systemroot%\SysWOW64\print.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block psr.exe" program="%systemroot%\System32\psr.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block psr.exe" program="%systemroot%\SysWOW64\psr.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block rasautou.exe" program="%systemroot%\System32\rasautou.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block rasautou.exe" program="%systemroot%\SysWOW64\rasautou.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block reg.exe" program="%systemroot%\System32\reg.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block reg.exe" program="%systemroot%\SysWOW64\reg.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regasm.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\regasm.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\regasm.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regasm.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\regasm.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\regasm.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regedit.exe" program="%systemroot%\System32\regedit.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regedit.exe" program="%systemroot%\SysWOW64\regedit.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regini.exe" program="%systemroot%\System32\regini.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regini.exe" program="%systemroot%\SysWOW64\regini.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Register-cimprovider.exe" program="%systemroot%\System32\Register-cimprovider.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block Register-cimprovider.exe" program="%systemroot%\SysWOW64\Register-cimprovider.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regsvcs.exe" program="%systemroot%\System32\regsvcs.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regsvcs.exe" program="%systemroot%\SysWOW64\regsvcs.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regsvr32.exe" program="%systemroot%\System32\regsvr32.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block regsvr32.exe" program="%systemroot%\SysWOW64\regsvr32.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block replace.exe" program="%systemroot%\System32\replace.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block replace.exe" program="%systemroot%\SysWOW64\replace.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block rpcping.exe" program="%systemroot%\System32\rpcping.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block rpcping.exe" program="%systemroot%\SysWOW64\rpcping.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block rundll32.exe" program="%systemroot%\System32\rundll32.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block rundll32.exe" program="%systemroot%\SysWOW64\rundll32.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block runonce.exe" program="%systemroot%\System32\runonce.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block runonce.exe" program="%systemroot%\SysWOW64\runonce.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block services.exe" program="%systemroot%\System32\services.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block services.exe" program="%systemroot%\SysWOW64\services.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block sc.exe" program="%systemroot%\System32\sc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block sc.exe" program="%systemroot%\SysWOW64\sc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block schtasks.exe" program="%systemroot%\System32\schtasks.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block schtasks.exe" program="%systemroot%\SysWOW64\schtasks.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block scriptrunner.exe" program="%systemroot%\System32\scriptrunner.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block scriptrunner.exe" program="%systemroot%\SysWOW64\scriptrunner.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block SyncAppvPublishingServer.exe" program="%systemroot%\System32\SyncAppvPublishingServer.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block SyncAppvPublishingServer.exe" program="%systemroot%\SysWOW64\SyncAppvPublishingServer.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block telnet.exe" program="%systemroot%\System32\telnet.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block telnet.exe" program="%systemroot%\SysWOW64\telnet.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block tftp.exe" program="%systemroot%\System32\tftp.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block tftp.exe" program="%systemroot%\SysWOW64\tftp.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ttdinject.exe" program="%systemroot%\System32\ttdinject.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block ttdinject.exe" program="%systemroot%\SysWOW64\ttdinject.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block tttracer.exe" program="%systemroot%\System32\tttracer.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block tttracer.exe" program="%systemroot%\SysWOW64\tttracer.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block vbc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\vbc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block vbc.exe" program="%systemroot%\Microsoft.NET\Framework64\v3.5\vbc.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block verclsid.exe" program="%systemroot%\System32\verclsid.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block verclsid.exe" program="%systemroot%\SysWOW64\verclsid.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wab.exe" program="%programfiles%\Windows Mail\wab.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wab.exe" program="%programfiles(x86)%\Windows Mail\wab.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block WerFault.exe" program="%systemroot%\SysWOW64\WerFault.exe" protocol=any dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block WerFault.exe" program="%systemroot%\SysWOW64\WerFault.exe" protocol=any dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wininit.exe" program="%systemroot%\System32\wininit.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wininit.exe" program="%systemroot%\SysWOW64\wininit.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block winlogon.exe" program="%systemroot%\System32\winlogon.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block winlogon.exe" program="%systemroot%\SysWOW64\winlogon.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wmic.exe" program="%systemroot%\System32\wbem\wmic.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wmic.exe" program="%systemroot%\SysWOW64\wbem\wmic.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wordpad.exe" program="%programfiles%\windows nt\accessories\wordpad.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wordpad.exe" program="%programfiles(x86)%\windows nt\accessories\wordpad.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wscript.exe" program="%systemroot%\System32\wscript.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wscript.exe" program="%systemroot%\SysWOW64\wscript.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wsreset.exe" program="%systemroot%\System32\wsreset.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block wsreset.exe" program="%systemroot%\SysWOW64\wsreset.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block xwizard.exe" program="%systemroot%\System32\xwizard.exe" dir=out enable=yes action=block profile=any
    netsh advfirewall firewall add rule name="Block xwizard.exe" program="%systemroot%\SysWOW64\xwizard.exe" dir=out enable=yes action=block profile=any
    
     
  5. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    34,336
    56,327
    450
    When you use code tags it will be more readable and no auto emoticons with code.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    5,996
    7,262
    180
    :rolleyes:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #7 mdl052020, Sep 19, 2020
    Last edited: Apr 15, 2021 at 19:34
    (OP)
    --- Offline Win 10 Image Servicing Script to Remove Windows Apps , Remove System Apps , Disable UnNeeded Features , Remove Capabilities (Packages) , Remove OneDrive & More ----

    FileExplorer
    FilePicker
    AddSuggestionFoldersToLibraryDialog
    AADBrokerPlugin
    BioEnrollment
    ECApp
    LockApp
    EdgeDevToolsClient
    Edge
    Win32WebViewHost
    AppRep.ChxApp
    AssignedAccessLockApp
    CallingShellApp
    CapturePicker
    ContentDeliveryManager
    NarratorQuickStart
    ParentalControls
    PeopleExperienceHost
    NcsiUwpApp
    XboxGameCallableUI
    XgpuEjectDialog
    CbsPreview

    W10AIO-Debloater Version 1.1 by @RaiyvaN
    Latest
    Code:
    https://www.upload.ee/files/12986379/Win10-AIO-Debloater.7z.html
    
    Mirror
    Code:
    https://anonfiles.com/sa2dS1l4u4/Win10-AIO-Debloater_7z
    

    OEM Pack First Release March 2021 [Tested on LTSC 2019 Installation ]
    Code:
    https://www.upload.ee/files/12969862/_OEM_.zip.html
    
    Mirror
    Code:
    https://anonfiles.com/Yaq8S3lau1/_OEM_zip
    
    OEM Pack Updated April 2021 [ Tested on 20H1 20H2 & 21H1 Installation ]
    Code:
    https://www.upload.ee/files/13012502/_OEM_.zip.html
    
    Mirror
    Code:
    https://anonfiles.com/f92eg8oau7/_OEM_zip
    
    OEM Pack Updated Mid April 2021 [ Integerated AutoSettingsPS best Group Policies in April 2021 Pack ]
    Code:
    https://www.upload.ee/files/13056265/_OEM_.7z.html
    
    Mirror
    Code:
    https://anonfiles.com/FeN7pdr9u8/_OEM_7z
    

    Edit & write your own Key in xxxxx-xxxxx-xxxxx-xxxxx-xxxxx



    Users can update there downloaded AIO Debloater Script & put ei.cfg plus pid.txt unattend.xml plus $OEM$ just next to script so that these will be copied to final debloated ISO .
    IF Exist Command is used for user choice if user dont want these files & directory to integerate just dont put them next to script & they will be ignored .
    Users can Generate there own AutoUnattend.xml file online from here
     

    Attached Files:

    • PID.txt
      File size:
      42 bytes
      Views:
      40
  8. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    34,336
    56,327
    450
    [code]text here[/code]

    will look like this:
    Code:
    @echo off & title Debloat Offline Windows 10 Image by MyDigitallife User
    
    dism /Get-ImageInfo /imagefile:%UserProfile%\Desktop\Win10\sources\install.wim
    
    pause
    echo --- Choose your SourceIndex from image as an example i have selected index 6 as Win10 PRO to be exported as single image
    dism /Export-Image /SourceImageFile:%UserProfile%\Desktop\Win10\sources\install.wim /SourceIndex:6 /DestinationImageFile:%UserProfile%\Desktop\install.wim
    
    echo --- Moving Exported image back to its source destination
    move /y "%UserProfile%\Desktop\install.wim" "%UserProfile%\Desktop\Win10\sources"
    
    echo --- Creating Mount directory on your desktop
    mkdir "%UserProfile%\Desktop\Mount"
    
    echo --- Mounting Image to Mount Directory
    dism /Mount-image /imagefile:%UserProfile%\Desktop\Win10\sources\install.wim /Index:1 /MountDir:%UserProfile%\Desktop\Mount
    
    echo --- Disabling UnNeeded Windows Features
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:Internet-Explorer-Optional-amd64
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:MediaPlayback
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:MicrosoftWindowsPowerShellV2Root
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:MicrosoftWindowsPowerShellV2
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:MSRDC-Infrastructure
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:printing-Foundation-Features
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:printing-Foundation-InternetPrinting-Client
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:printing-XPSServices-Features
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:SmbDirect
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:SMB1Protocol
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:WorkFolders-Client
    dism /image:%UserProfile%\Desktop\Mount /disable-feature /featurename:WCF-TCP-PortSharing45
    
    echo --- Disabling UnNeeded Windows Capabilities
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "App.StepsRecorder*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "App.Support.QuickAssist*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "Browser.InternetExplorer*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "Hello.Face*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "Language.Speech*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "Language.TextToSpeech*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "MathRecognizer*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "Media.WindowsMediaPlayer*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "Microsoft.Windows.PowerShell.ISE*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "OneCoreUAP.OneSync*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "OpenSSH.Client*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "OpenSSH.Server*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "Print.Fax.Scan*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    Powershell -Command "Get-WindowsCapability -Path %UserProfile%\Desktop\Mount -Name "Print.Management.Console*" | Remove-WindowsCapability -Path %UserProfile%\Desktop\Mount"
    
    echo --- Removing All Appx Provisioned Packages
    Powershell -Command "Get-AppXProvisionedPackage -Path %UserProfile%\Desktop\Mount | Remove-AppxProvisionedPackage -Path %UserProfile%\Desktop\Mount"
    
    echo --- Clearing Winsxs Components and Reset Base on Image
    dism /Image:%UserProfile%\Desktop\Mount /Cleanup-Image /StartComponentCleanup /ResetBase
    
    echo --- Saving and Unmounting Final Debloated Image 
    dism /Unmount-Image /MountDir:%UserProfile%\Desktop\Mount /Commit /CheckIntegrity
    
    echo --- Exporting Final Image Again to Desktop to clear stale files created inside
    dism /Export-Image /SourceImageFile:%UserProfile%\Desktop\Win10\sources\install.wim /SourceIndex:1 /DestinationImageFile:%UserProfile%\Desktop\install.wim
    
    echo --- Moving Back Exported Image to its Source Destination
    move /y "%UserProfile%\Desktop\install.wim" "%UserProfile%\Desktop\Win10\sources"
    
    echo --- Removing Mount Directory Created on Your Desktop
    rd /s /q "%UserProfile%\Desktop\Mount"
    
    echo --- Creating Updated ISO
    cd "%UserProfile%\Desktop\Win10"
    %UserProfile%\Desktop\oscdimg.exe -bootdata:2#p0,e,b".\boot\etfsboot.com"#pEF,e,b".\efi\microsoft\boot\efisys.bin" -o -m -u2 -udfver102 -l . "%UserProfile%\Desktop\Win10.iso"
    
    echo --- Finished Offline Image Servicing.
    echo ------ Enjoy Debloated Win10 Iso Using a Single Script.
    pause
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #9 mdl052020, Sep 19, 2020
    Last edited: Mar 22, 2021
    (OP)
    Set Motherboard Company and Model in My Computer Properties (Save as (anyname).cmd & Run as Admin)
    Included in Complete $OEM$ Pack

    Code:
    @echo off & color 17 & title Set Motherboard Company and Model
    :: ----------------------------------------------------------
    echo --- Set Motherboard Company and Model in My Computer Properties
    SETLOCAL
    FOR /F "tokens=3* delims= " %%i in ('reg query HKLM\HARDWARE\DESCRIPTION\System\BIOS /v BaseBoardManufacturer') DO (SET BaseBoardManufacturer=%%i %%j)
    FOR /F "tokens=3* delims= " %%i in ('reg query HKLM\HARDWARE\DESCRIPTION\System\BIOS /v BaseBoardProduct') DO (SET BaseBoardProduct=%%i %%j)
    ECHO Manufacturer="%BaseBoardManufacturer%"
    ECHO Product="%BaseBoardProduct%"
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" /t REG_SZ /v Manufacturer /d "%BaseBoardManufacturer%" /f
    reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" /t REG_SZ /v Model /d "%BaseBoardProduct%" /f
    :: ----------------------------------------------------------
    pause
    
    Get BIOS Details Using Same reg query or wmic method :
    Included in Complete $OEM$ Pack
    Code:
    @echo off & color 17 & title Get BIOS Details
    :: ----------------------------------------------------------
    echo:
    SETLOCAL
    FOR /F "tokens=3* delims= " %%i in ('reg query HKLM\HARDWARE\DESCRIPTION\System\BIOS /v BIOSVendor') DO (SET BIOSVendor=%%i %%j)
    FOR /F "tokens=3* delims= " %%i in ('reg query HKLM\HARDWARE\DESCRIPTION\System\BIOS /v BIOSVersion') DO (SET BIOSVersion=%%i %%j)
    ECHO BIOS Vendor="%BIOSVendor%"
    echo:
    ECHO BIOS Version="%BIOSVersion%"
    ENDLOCAL
    echo:
    echo:
    echo:          OR
    echo:
    wmic bios get Manufacturer, Name, Version /format:table
    :: ----------------------------------------------------------
    pause
    
    Get System Details Using WMIC method
    Included in Complete $OEM$ Pack
    Code:
    @echo off & title System Details & color 17
    echo:
    echo ==========================================================
    echo --------------------- System Details ---------------------
    echo ==========================================================
    echo:
    echo BIOS
    WMIC BIOS get Manufacturer, Name, Version /Format:table
    echo:
    echo Motherboard
    WMIC Baseboard get Manufacturer, Product /Format:table
    echo:
    echo Processor
    WMIC CPU get Name, L2CacheSize, L3CacheSize, NumberOfCores, NumberOfLogicalProcessors /Format:table
    echo:
    echo RAM
    WMIC Memorychip get PartNumber, Speed, ConfiguredClockSpeed /Format:table
    echo:
    echo Disk Drives
    wmic DISKDRIVE get Model, Name /Format:table
    echo:
    echo System
    wmic COMPUTERSYSTEM get UserName, SystemType /Format:table
    echo:
    echo Operating System
    WMIC OS get Caption, Version, NumberOfUsers, OperatingSystemSKU, OSArchitecture /Format:table
    echo:
    echo Display Adapters
    WMIC Path Win32_VideoController get Caption, VideoModeDescription /Format:table
    echo:
    echo Printers
    WMIC Printer get Name /Format:table
    echo ==========================================================
    Pause
    
     
  10. Tiger-1

    Tiger-1 MDL Guru

    Oct 18, 2014
    5,996
    7,262
    180
    wow bro you are the dude thanks :D
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #11 mdl052020, Sep 21, 2020
    Last edited: Mar 22, 2021
    (OP)
    Disk Management Using Powershell :

    Code:
    @echo off & Title Manage External Disk & color 17
    echo --- Set Disk Online
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.OperationalStatus -Eq 'Offline' } | Out-GridView -PassThru -Title 'Set Disk Online' | Set-Disk -IsOffline $False"
    
    echo --- Clean Disk
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Clean Disk Including All Partitions' | Clear-Disk -RemoveData -RemoveOEM -Confirm:$false"
    
    echo --- Set Disk Layout MBR or Click Cancel to Proceed to Set Disk Layout GPT
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.PartitionStyle -eq 'GPT' } | Out-GridView -PassThru -Title 'Create MBR Disk Layout on Clean Disk' | Set-Disk -PartitionStyle MBR"
    
    echo --- Set Disk Layout GPT
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.PartitionStyle -eq 'MBR' } | Out-GridView -PassThru -Title 'Create GPT Disk Layout on Clean Disk' | Set-Disk -PartitionStyle GPT"
    
    echo --- Format and Create NTFS Partition Using Whole Disk
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Format and Create NTFS Partition Using Whole Disk' | New-Partition -AssignDriveLetter -UseMaximumSize | Format-Volume -FileSystem NTFS -NewFileSystemLabel USB -Confirm:$false"
    
    Code:
    @echo off & Title Create Partitions to Install Windows 10 on USB & color 17
    echo --- Set Disk Online
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.OperationalStatus -Eq 'Offline' } | Out-GridView -PassThru -Title 'Set Disk Online' | Set-Disk -IsOffline $False"
    
    echo --- Delete All Disk Partitions Volumes and Data
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Clean Disk Including All Partitions' | Clear-Disk -RemoveData -RemoveOEM -Confirm:$false"
    
    echo --- Set Disk Layout GPT
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.PartitionStyle -eq 'MBR' } | Out-GridView -PassThru -Title 'Create GPT Disk Layout on Clean Disk' | Set-Disk -PartitionStyle GPT"
    
    echo --- Select Disk and Create 100mb EFI Partition
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Select Disk and Create 100mb EFI Partition' | New-Partition -Size 100MB -GptType '{c12a7328-f81f-11d2-ba4b-00a0c93ec93b}' | Format-Volume -FileSystem FAT32 -Confirm:$false"
    
    echo --- Select Disk and Create 500mb Recovery Partition
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Select Disk and Create 500mb Recovery Partition' | New-Partition -Size 500MB -GptType '{de94bba4-06d1-4d40-a16a-bfd50179d6ac}' | Format-Volume -FileSystem NTFS -Confirm:$false"
    
    echo --- Select Disk and Create 16mb MSR Partition
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Select Disk and Create 16mb MSR Partition' | New-Partition -Size 16MB -GptType '{e3c9e316-0b5c-4db8-817d-f92df00215ae}'"
    
    echo --- Select Disk and Create Windows Partition
    Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Select Disk and Create Windows Partition' | New-Partition -UseMaximumSize -AssignDriveLetter -GptType '{ebd0a0a2-b9e5-4433-87c0-68b6b72699c7}' | Format-Volume -FileSystem NTFS -NewFileSystemLabel Windows -Confirm:$false"
    
     
  12. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    4,327
    4,241
    150
    Unfortunately, I don't know anything about Powershell. I'm on Windows 7, your script probably won't even work here.
     
  13. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #13 mdl052020, Sep 22, 2020
    Last edited: Mar 22, 2021
    (OP)
    Reserved
     
  14. adric

    adric MDL Addicted

    Jul 30, 2009
    827
    531
    30
    Can selections be undone once implemented?
     
  15. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #15 mdl052020, Sep 22, 2020
    Last edited: Sep 22, 2020
    (OP)
    That's the reason - i have given users an option via selecting the packages they want to remove from offline win10 iso wim so that there's no any changes made by batch script itself to the main ISO.
    choice is user side itself via selecting the packages they want to remove or disable from grid view menu shown as in images uploaded via myself.

    yes you can revert all the changes after installation :

    yes you can install capabilities again via : settings-apps-manage optional features-add a feature
    yes you can enable windows optional features again via: control panel-programs & features-turn windows features on or off-click the features needed-apply-restart machine.
    yes you can install provisioned appx packages again via: downloading packages-ms store adguard repo https://store.rg-adguard.net -Install needed appx packages to OS again via dism.

    that's all.
     
  16. zero cool root

    zero cool root MDL Senior Member

    Jun 17, 2011
    281
    72
    10

    Sorry my bad english..!!

    I didn't understand what this Script do..!!

    Can you explain me, plz..??
     
  17. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #17 mdl052020, Sep 22, 2020
    Last edited: Mar 22, 2021
    (OP)
    Reserved
     
  18. ingviowarr

    ingviowarr MDL Senior Member

    Dec 14, 2009
    273
    225
    10
    For thouse people who doubting what to remove, I can adivse check the "Save to remove" Guide from "Optimize-Offline" project
    Optimize-Offline Guide

    (P.S. The main disadvantage of the "Optimize-Offline" project - you have no ability to work with non-English OS installed and non-English OS images)
     
  19. zero cool root

    zero cool root MDL Senior Member

    Jun 17, 2011
    281
    72
    10
    For me do not appear the Grid View to Select Windows Apps to Be Removed , Windows Optional Features to be Disabled, Windows Capabilities [Packages] to be Removed Nothing Else.

    Made the ISO with install.wim and install.esd automatically. Why..??

    [​IMG]

    What I'm doing wrong..??
     
  20. mdl052020

    mdl052020 MDL Addicted

    May 31, 2020
    544
    618
    30
    #20 mdl052020, Sep 22, 2020
    Last edited: Mar 22, 2021
    (OP)
    Reserved