Win10 Tweaking Scripts

Disabled Services Config are accurate as per Blackviper Tweaked Services Config on His Domain or simply use Madbomb122 Blackviper Services Tweaker with tweaked settings to apply exactly same config as per script

Code:

@echo off & title Disable Services & color 17
:: ----------------------------------------------------------
:: --------- Stop and Disable Extra Win 10 Services ---------
:: ----------------------------------------------------------
sc stop "AarSvc" & sc config "AarSvc" start=disabled
sc stop "AarSvc_?????" & sc config "AarSvc_?????" start=disabled
sc stop "AdobeARMservice" & sc config "AdobeARMservice" start=disabled
sc stop "AJRouter" & sc config "AJRouter" start=disabled
sc stop "ALG" & sc config "ALG" start=disabled
sc stop "AppMgmt" & sc config "AppMgmt" start=disabled
sc stop "AppReadiness" & sc config "AppReadiness" start=disabled
sc stop "AppVClient" & sc config "AppVClient" start=disabled
sc stop "AssignedAccessManagerSvc" & sc config "AssignedAccessManagerSvc" start=disabled
sc stop "BcastDVRUserService" & sc config "BcastDVRUserService" start=disabled
sc stop "BcastDVRUserService_?????" & sc config "BcastDVRUserService_?????" start=disabled
sc stop "BthAvctpSvc" & sc config "BthAvctpSvc" start=disabled
sc stop "bthserv" & sc config "bthserv" start=disabled
sc stop "CaptureService" & sc config "CaptureService" start=disabled
sc stop "CaptureService_?????" & sc config "CaptureService_?????" start=disabled
sc stop "cbdhsvc" & sc config "cbdhsvc" start=disabled
sc stop "cbdhsvc_?????" & sc config "cbdhsvc_?????" start=disabled
sc stop "CertPropSvc" & sc config "CertPropSvc" start=disabled
sc stop "ConsentUxUserSvc" & sc config "ConsentUxUserSvc" start=disabled
sc stop "ConsentUxUserSvc_?????" & sc config "ConsentUxUserSvc_?????" start=disabled
sc stop "cphs" & sc config "cphs" start=disabled
sc stop "CredentialEnrollmentManagerUserSvc" & sc config "CredentialEnrollmentManagerUserSvc" start=disabled
sc stop "CredentialEnrollmentManagerUserSvc_?????" & sc config "CredentialEnrollmentManagerUserSvc_?????" start=disabled
sc stop "CscService" & sc config "CscService" start=disabled
sc stop "DeviceAssociationBrokerService" & sc config "DeviceAssociationBrokerService" start=disabled
sc stop "DeviceAssociationBrokerService_?????" & sc config "DeviceAssociationBrokerService_?????" start=disabled
sc stop "DevicePickerUserSvc_?????" & sc config "DevicePickerUserSvc_?????" start=disabled
sc stop "DeviceFlowUserSvc_?????" & sc config "DeviceFlowUserSvc_?????" start=disabled
sc stop "diagnosticshub.standardcollector.service" & sc config "diagnosticshub.standardcollector.service" start=disabled
sc stop "DiagTrack" & sc config "DiagTrack" start=disabled
sc stop "dmwappushservice" & sc config "dmwappushservice" start=disabled
sc stop "DusmSvc" & sc config "DusmSvc" start=demand
sc stop "EntAppSvc" & sc config "EntAppSvc" start=disabled
sc stop "FrameServer" & sc config "FrameServer" start=disabled
sc stop "HvHost" & sc config "HvHost" start=disabled
sc stop "icssvc" & sc config "icssvc" start=disabled
sc stop "iphlpsvc" & sc config "iphlpsvc" start=disabled
sc stop "IpxlatCfgSvc" & sc config "IpxlatCfgSvc" start=disabled
sc stop "lfsvc" & sc config "lfsvc" start=disabled
sc stop "LxpSvc" & sc config "LxpSvc" start=disabled
sc stop "MessagingService" & sc config "MessagingService" start=disabled
sc stop "MessagingService_?????" & sc config "MessagingService_?????" start=disabled
sc stop "MapsBroker" & sc config "MapsBroker" start=disabled
sc stop "MixedRealityOpenXRSvc" & sc config "MixedRealityOpenXRSvc" start=disabled
sc stop "MSiSCSI" & sc config "MSiSCSI" start=disabled
sc stop "NaturalAuthentication" & sc config "NaturalAuthentication" start=disabled
sc stop "NcdAutoSetup" & sc config "NcdAutoSetup" start=disabled
sc stop "NetTcpPortSharing" & sc config "NetTcpPortSharing" start=disabled
sc stop "NetTcpActivator" & sc config "NetTcpActivator" start=disabled
sc stop "NetPipeActivator" & sc config "NetPipeActivator" start=disabled
sc stop "NetMsmqActivator" & sc config "NetMsmqActivator" start=disabled
sc stop "NgcCtnrSvc" & sc config "NgcCtnrSvc" start=disabled
sc stop "NgcSvc" & sc config "NgcSvc" start=disabled
sc stop "PeerDistSvc" & sc config "PeerDistSvc" start=disabled
sc stop "perceptionsimulation" & sc config "perceptionsimulation" start=disabled
sc stop "PhoneSvc" & sc config "PhoneSvc" start=disabled
sc stop "PimIndexMaintenanceSvc" & sc config "PimIndexMaintenanceSvc" start=disabled
sc stop "RemoteAccess" & sc config "RemoteAccess" start=disabled
sc stop "RemoteRegistry" & sc config "RemoteRegistry" start=disabled
sc stop "RetailDemo" & sc config "RetailDemo" start=disabled
sc stop "RpcLocator" & sc config "RpcLocator" start=disabled
sc stop "SCardSvr" & sc config "SCardSvr" start=disabled
sc stop "ScDeviceEnum" & sc config "ScDeviceEnum" start=disabled
sc stop "ScPolicySvc" & sc config "ScPolicySvc" start=disabled
sc stop "SEMgrSvc" & sc config "SEMgrSvc" start=disabled
sc stop "Sense" & sc config "Sense" start=disabled
sc stop "SensorDataService" & sc config "SensorDataService" start=disabled
sc stop "SensorService" & sc config "SensorService" start=disabled
sc stop "SensrSvc" & sc config "SensrSvc" start=disabled
sc stop "SessionEnv" & sc config "SessionEnv" start=disabled
sc stop "SharedAccess" & sc config "SharedAccess" start=disabled
sc stop "shpamsvc" & sc config "shpamsvc" start=disabled
sc stop "SmsRouter" & sc config "SmsRouter" start=disabled
sc stop "SNMPTRAP" & sc config "SNMPTRAP" start=disabled
sc stop "SSDPSRV" & sc config "SSDPSRV" start=disabled
sc stop "StorSvc" & sc config "StorSvc" start=disabled
sc stop "SysMain" & sc config "SysMain" start=disabled
sc stop "TermService" & sc config "TermService" start=disabled
sc stop "TroubleshootingSvc" & sc config "TroubleshootingSvc" start=disabled
sc stop "UevAgentService" & sc config "UevAgentService" start=disabled
sc stop "UmRdpService" & sc config "UmRdpService" start=disabled
sc stop "UnistoreSvc" & sc config "UnistoreSvc" start=disabled
sc stop "UnistoreSvc_?????" & sc config "UnistoreSvc_?????" start=disabled
sc stop "UserDataSvc" & sc config "UserDataSvc" Start=disabled
sc stop "UserDataSvc_?????" & sc config "UserDataSvc_?????" Start=disabled
sc stop "VacSvc" & sc config "VacSvc" start=disabled
sc stop "vmicguestinterface" & sc config "vmicguestinterface" start=disabled
sc stop "vmicheartbeat" & sc config "vmicheartbeat" start=disabled
sc stop "vmickvpexchange" & sc config "vmickvpexchange" start=disabled
sc stop "vmicrdv" & sc config "vmicrdv" start=disabled
sc stop "vmicshutdown" & sc config "vmicshutdown" start=disabled
sc stop "vmictimesync" & sc config "vmictimesync" start=disabled
sc stop "vmicvmsession" & sc config "vmicvmsession" start=disabled
sc stop "vmicvss" & sc config "vmicvss" start=disabled
sc stop "WaaSMedicSvc" & sc config "WaaSMedicSvc" start=disabled
sc stop "wcncsvc" & sc config "wcncsvc" start=disabled
sc stop "WdNisSvc" & sc config WdNisSvc" start=disabled
sc stop "WebClient" & sc config "WebClient" start=disabled
sc stop "Wecsvc" & sc config "Wecsvc" start=disabled
sc stop "wercplsupport" & sc config "wercplsupport" start=disabled
sc stop "WerSvc" & sc config "WerSvc" start=disabled
sc stop "WFDSConMgrSvc" & sc config "WFDSConMgrSvc" start=disabled
sc stop "WinRM" & sc config "WinRM" start=disabled
sc stop "wisvc" & sc config "wisvc" start=disabled
sc stop "WManSvc" & sc config "WManSvc" start=disabled
sc stop "Wms" & sc config "Wms" start=disabled
sc stop "WmsRepair" & sc config "WmsRepair" start=disabled
sc stop "WpcMonSvc" & sc config "WpcMonSvc" start=disabled
sc stop "WpnService" & sc config "WpnService" start=disabled
sc stop "XblAuthManager" & sc config "XblAuthManager" start=disabled
sc stop "XblGameSave" & sc config "XblGameSave" start=disabled
sc stop "XboxGipSvc" & sc config "XboxGipSvc" start=disabled
sc stop "XboxNetApiSvc" & sc config "XboxNetApiSvc" start=disabled
:: ----------------------------------------------------------

 

Code:

@echo off & Title Windows 10 Tweaker by Mydigitallife User & color 17
:: ----------------------------------------------------------
echo           Get Admin Privilege
:: ----------------------------------------------------------
REM  --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (    echo Requesting administrative privileges...    goto UACPrompt) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- TakeOwnership of SystemApps
takeown /f %SystemRoot%\SystemApps /R /D y
icacls %SystemRoot%\SystemApps /grant administrators:F /T
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- Remove This PC Libraries
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{0DB7E03F-FC29-4DC6-9020-FF41B59E513A}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{0DB7E03F-FC29-4DC6-9020-FF41B59E513A}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}" /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}" /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- TakeOwnership of WaasMedic and Remove
takeown /f %SystemRoot%\Logs\waasmedic /R /D y
icacls %SystemRoot%\Logs\waasmedic /grant administrators:F /T
RD /S /Q "%SystemRoot%\Logs\waasmedic"
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- Remove WindowsApps for Current User ---
Powershell -Command "Get-AppxProvisionedPackage -Online | Out-GridView -PassThru -Title 'Select Provisioned Apps to Remove' | Remove-AppxProvisionedPackage -Online"
echo.
echo --- Remove SystemApps for Current User ---
Powershell -Command "Get-AppxPackage | Out-GridView -PassThru -Title 'Select Current User System Apps to Remove' | Remove-AppxPackage -ErrorAction SilentlyContinue"
echo.
echo --- Remove SystemApps for All Users ---
Powershell -Command "Get-AppxPackage -AllUsers | Out-GridView -PassThru -Title 'Select All Users System Apps to Remove' | Remove-AppxPackage -ErrorAction SilentlyContinue"
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- Remove Firewall Rules ---
Powershell -Command "Get-NetFirewallRule | Out-GridView -PassThru -Title 'Delete Firewall Rules' | Remove-NetFirewallRule -Confirm:$False"
echo.
echo --- Apply Best Firewall Policy ---
Powershell -Command "Get-NetFirewallProfile | Where-Object Enabled -eq True | Out-GridView -PassThru -Title 'Select All Firewall Profiles and Click OK to Apply Best Policies For Security' | Set-NetFirewallProfile -AllowUserPorts False -AllowInboundRules False -AllowLocalFirewallRules False -AllowLocalIPsecRules False -AllowUserApps False -AllowUnicastResponseToMulticast False -DefaultInboundAction Block -DefaultOutboundAction Block -LogFileName %SystemRoot%\Logs\Firewall.log -NotifyOnListen True -EnableStealthModeForIPsec True -LogAllowed True -LogBlocked True -LogIgnored True"
echo.
echo --- Allow SVCHOST Outbound Connection in Firewall ---
Powershell -Command "New-NetFirewallRule -DisplayName 'Host Process for Windows Services (svchost.exe)' -Direction Outbound -Program '%SystemRoot%\System32\svchost.exe' -Action Allow"
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- Apply Best Autologger Policy ---
Powershell -Command "Get-AutologgerConfig | Out-GridView -PassThru -Title 'Select Autologger and Click OK to Stop' | Set-AutologgerConfig -Start 0 -InitStatus 0 -Confirm:$False -ErrorAction SilentlyContinue"
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- Remove Scheduled Tasks ---
Powershell -Command "Get-Scheduledtask | Out-GridView -PassThru -Title 'Select Scheduled Tasks to Delete' | Unregister-ScheduledTask -Confirm:$false -ErrorAction SilentlyContinue"
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- Enable Uninstall Microsoft Edge Chromium via Programs and Features
call :TakeKeyOwnership "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" -y
call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" -y
call :TakeKeyOwnership "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" -y
reg add "HKLM\SOFTWARE\Microsoft\EdgeUpdate" /v DoNotUpdateToEdgeWithChromium /t REG_DWORD /d 1 /f
reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" /v NoRemove /f
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" /v NoRemove /f
reg delete "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" /v NoRemove /f
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo  Disable Defender With Tamper Protection and Smartscreen
call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\Features" -y
call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" -y
call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\UX Configuration" -y
reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f
reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontOfferThroughWUAU" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "PreventOverride" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "PreventOverride" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "PreventOverride" /t REG_DWORD /d 0 /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "PreventOverride" /t REG_DWORD /d 0 /f
reg add "HKCU\SOFTWARE\Microsoft\Windows Security Health\State" /v "AppAndBrowser_StoreAppsSmartScreenOff" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run" /v "SecurityHealth" /t REG_BINARY /d "030000000000000000000000" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "RandomizeScheduleTaskTimes" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "PUAProtection" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions" /v "DisableAutoExclusions" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Quarantine" /v "PurgeItemsAfterDelay" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Quarantine" /v "LocalSettingOverridePurgeItemsAfterDelay" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRoutinelyTakingAction" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtimeMonitoring" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScriptScanning" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScanOnRealtimeEnable" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Remediation" /v "Scan_ScheduleDay" /t REG_DWORD /d "8" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Remediation" /v "Scan_ScheduleTime" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "AdditionalActionTimeOut" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "CriticalFailureTimeOut" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "NonCriticalTimeOut" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableGenericRePorts" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "AvgCPULoadFactor" /t REG_DWORD /d "10" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableArchiveScanning" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableCatchupFullScan" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableCatchupQuickScan" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableRemovableDriveScanning" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableRestorePoint" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableScanningMappedNetworkDrivesForFullScan" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableScanningNetworkFiles" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "PurgeItemsAfterDelay" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScheduleDay" /t REG_DWORD /d 8 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScheduleTime" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScanOnlyIfIdle" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScanParameters" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "DisableUpdateOnStartupWithoutEngine" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "ScheduleDay" /t REG_DWORD /d 8 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "ScheduleTime" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "SignatureUpdateCatchupInterval" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControl" /t REG_SZ /d "Anywhere" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControlEnabled" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "SpynetReporting" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpyNetReportingLocation" /t REG_MULTI_SZ /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "LocalSettingOverrideSpynetReporting" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Systray" /v "HideSystray" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v "FirstAuGracePeriod" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\UX Configuration" /v "DisablePrivacyMode" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Features" /v "TamperProtection" /t REG_DWORD /d "4" /f
Powershell -Command "Get-MpPreference"
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- Clear Windows Product Key from Registry ---
cscript //nologo %SystemRoot%\System32\slmgr.vbs /dlv
cscript //nologo %SystemRoot%\System32\slmgr.vbs /cpky
:: ----------------------------------------------------------
echo.
:: ----------------------------------------------------------
echo --- Clear Event Logs ---
Powershell -Command "Get-EventLog -LogName '*' | Out-GridView -PassThru -Title 'Select Event Logs to Clear' | ForEach { Clear-EventLog $_.Log } -ErrorAction SilentlyContinue"
pause
:: ----------------------------------------------------------

:TakeKeyOwnership %1:regpath[ex:"HKCU\Console"] %2:_recurse[optional, default:"-n", "-y"] %3:_sid[optional, default:"S-1-5-32-545"]
set "s10=function TakeKeyOwnership { param($regp, $all, $owner); $recurse=($all -eq '-y'); $RP=($regp -split '\\',2); $key=$RP[1];"
set "s11= switch -regex ($RP[0]) { 'HKLM|HKEY_LOCAL_MACHINE' {$HK='LocalMachine'};'HKCC|HKEY_CURRENT_CONFIG' {$HK='CurrentConfig'};"
set "s12=  'HKCR|HKEY_CLASSES_ROOT' {$HK='ClassesRoot'};'HKU|HKEY_USERS' {$HK='Users'};'HKCU|HKEY_CURRENT_USER' {$HK='CurrentUser'}"
set "s13= }; $rootKey=$HK; if ($owner -eq '') {$owner='S-1-5-32-545'}; [System.Security.Principal.SecurityIdentifier]$sid=$owner;"
set "s14= $import='[DllImport("ntdll.dll")] public static extern int RtlAdjustPrivilege(ulong a, bool b, bool c, ref bool d);';"
set "s15= $ntdll=Add-Type -Member $import -Name NtDll -PassThru; $privileges=@{ SeTakeOwnership=9; SeBackup=17; SeRestore=18 };"
set "s16= foreach ($i in $privileges.Values) { $null=$ntdll::RtlAdjustPrivilege($i, 1, 0, [ref]0) };"
set "s17= function Take-KeyPermissions { param($rootKey, $key, $sid, $recurse, $recurseLevel=0);"
set "s18=  $regKey=[Microsoft.Win32.Registry]::$rootKey.OpenSubKey($key, 'ReadWriteSubTree', 'TakeOwnership');"
set "s19=  $acl=New-Object System.Security.AccessControl.RegistrySecurity; $acl.SetOwner($sid); $regKey.SetAccessControl($acl);"
set "s20=  $acl.SetAccessRuleProtection($false, $false); $regKey.SetAccessControl($acl);"
set "s21=  if ($recurseLevel -eq 0) { $regKey=$regKey.OpenSubKey('', 'ReadWriteSubTree', 'ChangePermissions');"
set "s22=  $rule=New-Object System.Security.AccessControl.RegistryAccessRule($sid,'FullControl','ContainerInherit','None','Allow');"
set "s23=  $acl.ResetAccessRule($rule); $regKey.SetAccessControl($acl) };"
set "s24=  if ($recurse) { foreach($subKey in $regKey.OpenSubKey('').GetSubKeyNames()) {"
set "s25=    Take-KeyPermissions $rootKey ($key+'\'+$subKey) $sid $recurse ($recurseLevel+1) } };"
set "s26= }; $ErrorActionPreference='Continue'; Take-KeyPermissions $rootKey $key $sid $recurse }"
for /l %%# in (10,1,26) do call set "ps_TakeKeyOwnership=%%ps_TakeKeyOwnership%%%%s%%#:"=\"%%"
powershell.exe -c "%ps_TakeKeyOwnership%; try { TakeKeyOwnership '%~1' '%~2' '%~3' } catch {}"

 

Disk Management Using Powershell :

Code:

@echo off & Title Manage External Disk & color 17
echo --- Set Disk Online
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.OperationalStatus -Eq 'Offline' } | Out-GridView -PassThru -Title 'Set Disk Online' | Set-Disk -IsOffline $False"

echo --- Clean Disk
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Clean Disk Including All Partitions' | Clear-Disk -RemoveData -RemoveOEM -Confirm:$false"

echo --- Set Disk Layout MBR or Click Cancel to Proceed to Set Disk Layout GPT
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.PartitionStyle -eq 'GPT' } | Out-GridView -PassThru -Title 'Create MBR Disk Layout on Clean Disk' | Set-Disk -PartitionStyle MBR"

echo --- Set Disk Layout GPT
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.PartitionStyle -eq 'MBR' } | Out-GridView -PassThru -Title 'Create GPT Disk Layout on Clean Disk' | Set-Disk -PartitionStyle GPT"

echo --- Format and Create NTFS Partition Using Whole Disk
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Format and Create NTFS Partition Using Whole Disk' | New-Partition -AssignDriveLetter -UseMaximumSize | Format-Volume -FileSystem NTFS -NewFileSystemLabel USB -Confirm:$false"

Code:

@echo off & Title Create Partitions to Install Windows 10 on USB & color 17
echo --- Set Disk Online
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.OperationalStatus -Eq 'Offline' } | Out-GridView -PassThru -Title 'Set Disk Online' | Set-Disk -IsOffline $False"

echo --- Delete All Disk Partitions Volumes and Data
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Clean Disk Including All Partitions' | Clear-Disk -RemoveData -RemoveOEM -Confirm:$false"

echo --- Set Disk Layout GPT
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' -and $_.PartitionStyle -eq 'MBR' } | Out-GridView -PassThru -Title 'Create GPT Disk Layout on Clean Disk' | Set-Disk -PartitionStyle GPT"

echo --- Select Disk and Create 100mb EFI Partition
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Select Disk and Create 100mb EFI Partition' | New-Partition -Size 100MB -GptType '{c12a7328-f81f-11d2-ba4b-00a0c93ec93b}' | Format-Volume -FileSystem FAT32 -Confirm:$false"

echo --- Select Disk and Create 500mb Recovery Partition
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Select Disk and Create 500mb Recovery Partition' | New-Partition -Size 500MB -GptType '{de94bba4-06d1-4d40-a16a-bfd50179d6ac}' | Format-Volume -FileSystem NTFS -Confirm:$false"

echo --- Select Disk and Create 16mb MSR Partition
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Select Disk and Create 16mb MSR Partition' | New-Partition -Size 16MB -GptType '{e3c9e316-0b5c-4db8-817d-f92df00215ae}'"

echo --- Select Disk and Create Windows Partition
Powershell -Command "Get-Disk | Where-Object { $_.Bustype -eq 'USB' } | Out-GridView -PassThru -Title 'Select Disk and Create Windows Partition' | New-Partition -UseMaximumSize -AssignDriveLetter -GptType '{ebd0a0a2-b9e5-4433-87c0-68b6b72699c7}' | Format-Volume -FileSystem NTFS -NewFileSystemLabel Windows -Confirm:$false"

 

Disable Defender :

Code:

@echo off & title Disable Defender With Tamper Protection and Smartscreen & color 17
echo ==========================================================
echo  Disable Defender With Tamper Protection and Smartscreen
echo ==========================================================
call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\Features" -y
call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" -y
call :TakeKeyOwnership "HKLM\SOFTWARE\Microsoft\Windows Defender\UX Configuration" -y
reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f
reg add "HKLM\SYSTEM\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontOfferThroughWUAU" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "PreventOverride" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "PreventOverride" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "PreventOverride" /t REG_DWORD /d 0 /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "PreventOverride" /t REG_DWORD /d 0 /f
reg add "HKCU\SOFTWARE\Microsoft\Windows Security Health\State" /v "AppAndBrowser_StoreAppsSmartScreenOff" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run" /v "SecurityHealth" /t REG_BINARY /d "030000000000000000000000" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "RandomizeScheduleTaskTimes" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "PUAProtection" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Exclusions" /v "DisableAutoExclusions" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Quarantine" /v "PurgeItemsAfterDelay" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Quarantine" /v "LocalSettingOverridePurgeItemsAfterDelay" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRoutinelyTakingAction" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtimeMonitoring" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScriptScanning" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScanOnRealtimeEnable" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Remediation" /v "Scan_ScheduleDay" /t REG_DWORD /d "8" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Remediation" /v "Scan_ScheduleTime" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "AdditionalActionTimeOut" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "CriticalFailureTimeOut" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "NonCriticalTimeOut" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableGenericRePorts" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "AvgCPULoadFactor" /t REG_DWORD /d "10" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableArchiveScanning" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableCatchupFullScan" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableCatchupQuickScan" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableRemovableDriveScanning" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableRestorePoint" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableScanningMappedNetworkDrivesForFullScan" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "DisableScanningNetworkFiles" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "PurgeItemsAfterDelay" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScheduleDay" /t REG_DWORD /d 8 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScheduleTime" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScanOnlyIfIdle" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Scan" /v "ScanParameters" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "DisableUpdateOnStartupWithoutEngine" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "ScheduleDay" /t REG_DWORD /d 8 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "ScheduleTime" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Signature Updates" /v "SignatureUpdateCatchupInterval" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControl" /t REG_SZ /d "Anywhere" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControlEnabled" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "SpynetReporting" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpyNetReportingLocation" /t REG_MULTI_SZ /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SpyNet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "LocalSettingOverrideSpynetReporting" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Systray" /v "HideSystray" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates" /v "FirstAuGracePeriod" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\UX Configuration" /v "DisablePrivacyMode" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows Defender\Features" /v "TamperProtection" /t REG_DWORD /d "4" /f
echo ==========================================================
Powershell -Command "Get-MpPreference"
pause

:TakeKeyOwnership %1:regpath[ex:"HKCU\Console"] %2:_recurse[optional, default:"-n", "-y"] %3:_sid[optional, default:"S-1-5-32-545"]
set "s10=function TakeKeyOwnership { param($regp, $all, $owner); $recurse=($all -eq '-y'); $RP=($regp -split '\\',2); $key=$RP[1];"
set "s11= switch -regex ($RP[0]) { 'HKLM|HKEY_LOCAL_MACHINE' {$HK='LocalMachine'};'HKCC|HKEY_CURRENT_CONFIG' {$HK='CurrentConfig'};"
set "s12=  'HKCR|HKEY_CLASSES_ROOT' {$HK='ClassesRoot'};'HKU|HKEY_USERS' {$HK='Users'};'HKCU|HKEY_CURRENT_USER' {$HK='CurrentUser'}"
set "s13= }; $rootKey=$HK; if ($owner -eq '') {$owner='S-1-5-32-545'}; [System.Security.Principal.SecurityIdentifier]$sid=$owner;"
set "s14= $import='[DllImport("ntdll.dll")] public static extern int RtlAdjustPrivilege(ulong a, bool b, bool c, ref bool d);';"
set "s15= $ntdll=Add-Type -Member $import -Name NtDll -PassThru; $privileges=@{ SeTakeOwnership=9; SeBackup=17; SeRestore=18 };"
set "s16= foreach ($i in $privileges.Values) { $null=$ntdll::RtlAdjustPrivilege($i, 1, 0, [ref]0) };"
set "s17= function Take-KeyPermissions { param($rootKey, $key, $sid, $recurse, $recurseLevel=0);"
set "s18=  $regKey=[Microsoft.Win32.Registry]::$rootKey.OpenSubKey($key, 'ReadWriteSubTree', 'TakeOwnership');"
set "s19=  $acl=New-Object System.Security.AccessControl.RegistrySecurity; $acl.SetOwner($sid); $regKey.SetAccessControl($acl);"
set "s20=  $acl.SetAccessRuleProtection($false, $false); $regKey.SetAccessControl($acl);"
set "s21=  if ($recurseLevel -eq 0) { $regKey=$regKey.OpenSubKey('', 'ReadWriteSubTree', 'ChangePermissions');"
set "s22=  $rule=New-Object System.Security.AccessControl.RegistryAccessRule($sid,'FullControl','ContainerInherit','None','Allow');"
set "s23=  $acl.ResetAccessRule($rule); $regKey.SetAccessControl($acl) };"
set "s24=  if ($recurse) { foreach($subKey in $regKey.OpenSubKey('').GetSubKeyNames()) {"
set "s25=    Take-KeyPermissions $rootKey ($key+'\'+$subKey) $sid $recurse ($recurseLevel+1) } };"
set "s26= }; $ErrorActionPreference='Continue'; Take-KeyPermissions $rootKey $key $sid $recurse }"
for /l %%# in (10,1,26) do call set "ps_TakeKeyOwnership=%%ps_TakeKeyOwnership%%%%s%%#:"=\"%%"
powershell.exe -c "%ps_TakeKeyOwnership%; try { TakeKeyOwnership '%~1' '%~2' '%~3' } catch {}"

Enable Back Defender Using Registry Tweak
Please Run as Trusted Installer [TI] Using NSUDO or PowerRun :
For Those Who want to Know How to Add Run AS Trusted Installer to Context Menu With PowerRun or Either NSudo please see here Run as TrustedInstaller [from Context menu]

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinDefend]
"Start"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=-

[HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection]
"DisableRealtimeMonitoring"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection]
"DisableRealtimeMonitoring"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"SecurityHealth"=hex:04,00,00,00,00,00,00,00,00,00,00,00

 

Script to Reduce Win10 ISO Layout as According to @Enthousiast in his post of ISO Tree Layout here Windows 10 Hotfix Repository

Download : Reduce Win10 ISO Layout

Place Any M$ Win ISO of any Name Next to Script & Execute it . Result Will be Final_Win.ISO of Reduced ISO Layout as well as reduced size too.

 

Extra Firewall Rules for OS Hardening

Code:

@echo off & title Extra Firewall Rules for OS Hardening & color 17
echo --- Adding Extra Firewall Rules for OS Hardening
netsh advfirewall firewall add rule name="Block appvlp.exe" program="%programfiles%\Microsoft Office\root\client\AppVLP.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block appvlp.exe" program="%programfiles(x86)%\Microsoft Office\root\client\AppVLP.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block At.exe" program="%systemroot%\System32\At.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block At.exe" program="%systemroot%\SysWOW64\At.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Attrib.exe" program="%systemroot%\System32\Attrib.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Attrib.exe" program="%systemroot%\SysWOW64\Attrib.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Atbroker.exe" program="%systemroot%\System32\Atbroker.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Atbroker.exe" program="%systemroot%\SysWOW64\Atbroker.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block bash.exe" program="%systemroot%\System32\bash.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block bash.exe" program="%systemroot%\SysWOW64\bash.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block bitsadmin.exe" program="%systemroot%\System32\bitsadmin.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block bitsadmin.exe" program="%systemroot%\SysWOW64\bitsadmin.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block calc.exe" program="%systemroot%\System32\calc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block calc.exe" program="%systemroot%\SysWOW64\calc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block certreq.exe" program="%systemroot%\System32\certreq.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block certreq.exe" program="%systemroot%\SysWOW64\certreq.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block certutil.exe" program="%systemroot%\System32\certutil.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block certutil.exe" program="%systemroot%\SysWOW64\certutil.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block cmdkey.exe" program="%systemroot%\System32\cmdkey.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block cmdkey.exe" program="%systemroot%\SysWOW64\cmdkey.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block cmstp.exe" program="%systemroot%\System32\cmstp.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block cmstp.exe" program="%systemroot%\SysWOW64\cmstp.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block CompatTelRunner.exe" program="%systemroot%\System32\CompatTelRunner.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block CompatTelRunner.exe" program="%systemroot%\SysWOW64\CompatTelRunner.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ConfigSecurityPolicy.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.9-0\ConfigSecurityPolicy.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block control.exe" program="%systemroot%\System32\control.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block control.exe" program="%systemroot%\SysWOW64\control.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Csc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Csc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Csc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Csc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block cscript.exe" program="%systemroot%\System32\cscript.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block cscript.exe" program="%systemroot%\SysWOW64\cscript.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ctfmon.exe" program="%systemroot%\System32\ctfmon.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ctfmon.exe" program="%systemroot%\SysWOW64\ctfmon.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block curl.exe" program="%systemroot%\System32\curl.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block curl.exe" program="%systemroot%\SysWOW64\curl.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block desktopimgdownldr.exe" program="%systemroot%\System32\desktopimgdownldr.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block DeviceDisplayObjectProvider.exe" program="%systemroot%\System32\DeviceDisplayObjectProvider.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block DeviceDisplayObjectProvider.exe" program="%systemroot%\SysWOW64\DeviceDisplayObjectProvider.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Dfsvc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Dfsvc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Dfsvc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Dfsvc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block diskshadow.exe" program="%systemroot%\SysWOW64\diskshadow.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block diskshadow.exe" program="%systemroot%\System32\diskshadow.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Dnscmd.exe" program="%systemroot%\SysWOW64\Dnscmd.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Dnscmd.exe" program="%systemroot%\System32\Dnscmd.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block dwm.exe" program="%systemroot%\SysWOW64\dwm.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block dwm.exe" program="%systemroot%\System32\dwm.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block eventvwr.exe" program="%systemroot%\System32\eventvwr.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block esentutl.exe" program="%systemroot%\SysWOW64\esentutl.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block esentutl.exe" program="%systemroot%\System32\esentutl.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block eventvwr.exe" program="%systemroot%\SysWOW64\eventvwr.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Expand.exe" program="%systemroot%\System32\Expand.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Expand.exe" program="%systemroot%\SysWOW64\Expand.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block explorer.exe" program="%systemroot%\System32\explorer.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block explorer.exe" program="%systemroot%\SysWOW64\explorer.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Extexport.exe" program="%programfiles%\Internet Explorer\Extexport.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Extexport.exe" program="%programfiles(x86)%\Internet Explorer\Extexport.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block extrac32.exe" program="%systemroot%\System32\extrac32.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block extrac32.exe" program="%systemroot%\SysWOW64\extrac32.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block findstr.exe" program="%systemroot%\System32\findstr.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block findstr.exe" program="%systemroot%\SysWOW64\findstr.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block forfiles.exe" program="%systemroot%\System32\forfiles.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block forfiles.exe" program="%systemroot%\SysWOW64\forfiles.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ftp.exe" program="%systemroot%\System32\ftp.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ftp.exe" program="%systemroot%\SysWOW64\ftp.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block gpscript.exe" program="%systemroot%\System32\gpscript.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block gpscript.exe" program="%systemroot%\SysWOW64\gpscript.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block hh.exe" program="%systemroot%\System32\hh.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block hh.exe" program="%systemroot%\SysWOW64\hh.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ie4uinit.exe" program="%systemroot%\System32\ie4uinit.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ie4uinit.exe" program="%systemroot%\SysWOW64\ie4uinit.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ieexec.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\ieexec.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ieexec.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\ieexec.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ilasm.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\ilasm.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ilasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ilasm.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Infdefaultinstall.exe" program="%systemroot%\System32\Infdefaultinstall.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Infdefaultinstall.exe" program="%systemroot%\SysWOW64\Infdefaultinstall.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\InstallUtil.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block InstallUtil.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\InstallUtil.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Jsc.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\Jsc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Jsc.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\Jsc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Jsc.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Jsc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Jsc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Jsc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block lsass.exe" program="%systemroot%\System32\lsass.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block lsass.exe" program="%systemroot%\SysWOW64\lsass.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block makecab.exe" program="%systemroot%\System32\makecab.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block makecab.exe" program="%systemroot%\SysWOW64\makecab.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block mavinject.exe" program="%systemroot%\System32\mavinject.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block mavinject.exe" program="%systemroot%\SysWOW64\mavinject.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Microsoft.Workflow.Compiler.exe" program="%systemroot%\Microsoft.Net\Framework64\v4.0.30319\Microsoft.Workflow.Compiler.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block mmc.exe" program="%systemroot%\SysWOW64\mmc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block mmc.exe" program="%systemroot%\System32\mmc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.4-0\MpCmdRun.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.7-0\MpCmdRun.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block MpCmdRun.exe" program="%ProgramData%\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MpCmdRun.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\Msbuild.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\Msbuild.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v3.5\Msbuild.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v3.5\Msbuild.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Msbuild.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\Msbuild.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block msconfig.exe" program="%systemroot%\System32\msconfig.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Msdt.exe" program="%systemroot%\System32\Msdt.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Msdt.exe" program="%systemroot%\SysWOW64\Msdt.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block mshta.exe" program="%systemroot%\System32\mshta.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block mshta.exe" program="%systemroot%\SysWOW64\mshta.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block msiexec.exe" program="%systemroot%\System32\msiexec.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block msiexec.exe" program="%systemroot%\SysWOW64\msiexec.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Netsh.exe" program="%systemroot%\System32\Netsh.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Netsh.exe" program="%systemroot%\SysWOW64\Netsh.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block notepad.exe" program="%systemroot%\system32\notepad.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block notepad.exe " program="%systemroot%\SysWOW64\notepad.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block odbcconf.exe" program="%systemroot%\System32\odbcconf.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block odbcconf.exe" program="%systemroot%\SysWOW64\odbcconf.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block pcalua.exe" program="%systemroot%\System32\pcalua.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block pcalua.exe" program="%systemroot%\SysWOW64\pcalua.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block pcwrun.exe" program="%systemroot%\System32\pcwrun.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block pcwrun.exe" program="%systemroot%\SysWOW64\pcwrun.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block pktmon.exe" program="%systemroot%\System32\pktmon.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block pktmon.exe" program="%systemroot%\SysWOW64\pktmon.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block powershell.exe" program="%systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block powershell.exe" program="%systemroot%\SysWOW64\WindowsPowerShell\v1.0\powershell.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block powershell_ise.exe" program="%systemroot%\System32\WindowsPowerShell\v1.0\powershell_ise.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block powershell_ise.exe" program="%systemroot%\SysWOW64\WindowsPowerShell\v1.0\powershell_ise.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Presentationhost.exe" program="%systemroot%\System32\Presentationhost.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Presentationhost.exe" program="%systemroot%\SysWOW64\Presentationhost.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block print.exe" program="%systemroot%\System32\print.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block print.exe" program="%systemroot%\SysWOW64\print.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block psr.exe" program="%systemroot%\System32\psr.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block psr.exe" program="%systemroot%\SysWOW64\psr.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block rasautou.exe" program="%systemroot%\System32\rasautou.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block rasautou.exe" program="%systemroot%\SysWOW64\rasautou.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block reg.exe" program="%systemroot%\System32\reg.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block reg.exe" program="%systemroot%\SysWOW64\reg.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regasm.exe" program="%systemroot%\Microsoft.NET\Framework\v2.0.50727\regasm.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v2.0.50727\regasm.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regasm.exe" program="%systemroot%\Microsoft.NET\Framework\v4.0.30319\regasm.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regasm.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\regasm.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regedit.exe" program="%systemroot%\System32\regedit.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regedit.exe" program="%systemroot%\SysWOW64\regedit.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regini.exe" program="%systemroot%\System32\regini.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regini.exe" program="%systemroot%\SysWOW64\regini.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Register-cimprovider.exe" program="%systemroot%\System32\Register-cimprovider.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block Register-cimprovider.exe" program="%systemroot%\SysWOW64\Register-cimprovider.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regsvcs.exe" program="%systemroot%\System32\regsvcs.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regsvcs.exe" program="%systemroot%\SysWOW64\regsvcs.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regsvr32.exe" program="%systemroot%\System32\regsvr32.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block regsvr32.exe" program="%systemroot%\SysWOW64\regsvr32.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block replace.exe" program="%systemroot%\System32\replace.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block replace.exe" program="%systemroot%\SysWOW64\replace.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block rpcping.exe" program="%systemroot%\System32\rpcping.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block rpcping.exe" program="%systemroot%\SysWOW64\rpcping.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block rundll32.exe" program="%systemroot%\System32\rundll32.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block rundll32.exe" program="%systemroot%\SysWOW64\rundll32.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block runonce.exe" program="%systemroot%\System32\runonce.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block runonce.exe" program="%systemroot%\SysWOW64\runonce.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block services.exe" program="%systemroot%\System32\services.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block services.exe" program="%systemroot%\SysWOW64\services.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block sc.exe" program="%systemroot%\System32\sc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block sc.exe" program="%systemroot%\SysWOW64\sc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block schtasks.exe" program="%systemroot%\System32\schtasks.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block schtasks.exe" program="%systemroot%\SysWOW64\schtasks.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block scriptrunner.exe" program="%systemroot%\System32\scriptrunner.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block scriptrunner.exe" program="%systemroot%\SysWOW64\scriptrunner.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block SyncAppvPublishingServer.exe" program="%systemroot%\System32\SyncAppvPublishingServer.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block SyncAppvPublishingServer.exe" program="%systemroot%\SysWOW64\SyncAppvPublishingServer.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block telnet.exe" program="%systemroot%\System32\telnet.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block telnet.exe" program="%systemroot%\SysWOW64\telnet.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block tftp.exe" program="%systemroot%\System32\tftp.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block tftp.exe" program="%systemroot%\SysWOW64\tftp.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ttdinject.exe" program="%systemroot%\System32\ttdinject.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block ttdinject.exe" program="%systemroot%\SysWOW64\ttdinject.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block tttracer.exe" program="%systemroot%\System32\tttracer.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block tttracer.exe" program="%systemroot%\SysWOW64\tttracer.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block vbc.exe" program="%systemroot%\Microsoft.NET\Framework64\v4.0.30319\vbc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block vbc.exe" program="%systemroot%\Microsoft.NET\Framework64\v3.5\vbc.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block verclsid.exe" program="%systemroot%\System32\verclsid.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block verclsid.exe" program="%systemroot%\SysWOW64\verclsid.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wab.exe" program="%programfiles%\Windows Mail\wab.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wab.exe" program="%programfiles(x86)%\Windows Mail\wab.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block WerFault.exe" program="%systemroot%\SysWOW64\WerFault.exe" protocol=any dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block WerFault.exe" program="%systemroot%\SysWOW64\WerFault.exe" protocol=any dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wininit.exe" program="%systemroot%\System32\wininit.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wininit.exe" program="%systemroot%\SysWOW64\wininit.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block winlogon.exe" program="%systemroot%\System32\winlogon.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block winlogon.exe" program="%systemroot%\SysWOW64\winlogon.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wmic.exe" program="%systemroot%\System32\wbem\wmic.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wmic.exe" program="%systemroot%\SysWOW64\wbem\wmic.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wordpad.exe" program="%programfiles%\windows nt\accessories\wordpad.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wordpad.exe" program="%programfiles(x86)%\windows nt\accessories\wordpad.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wscript.exe" program="%systemroot%\System32\wscript.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wscript.exe" program="%systemroot%\SysWOW64\wscript.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wsreset.exe" program="%systemroot%\System32\wsreset.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block wsreset.exe" program="%systemroot%\SysWOW64\wsreset.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block xwizard.exe" program="%systemroot%\System32\xwizard.exe" dir=out enable=yes action=block profile=any
netsh advfirewall firewall add rule name="Block xwizard.exe" program="%systemroot%\SysWOW64\xwizard.exe" dir=out enable=yes action=block profile=any

 

Set Motherboard Company and Model in My Computer Properties (Save as #.cmd & Run as Admin)

Code:

@echo off & color 17 & title Set Motherboard Company and Model
:: ----------------------------------------------------------
echo --- Set Motherboard Company and Model in My Computer Properties
SETLOCAL
FOR /F "tokens=3* delims= " %%i in ('reg query HKLM\HARDWARE\DESCRIPTION\System\BIOS /v BaseBoardManufacturer') DO (SET BaseBoardManufacturer=%%i %%j)
FOR /F "tokens=3* delims= " %%i in ('reg query HKLM\HARDWARE\DESCRIPTION\System\BIOS /v BaseBoardProduct') DO (SET BaseBoardProduct=%%i %%j)
ECHO Manufacturer="%BaseBoardManufacturer%"
ECHO Product="%BaseBoardProduct%"
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" /t REG_SZ /v Manufacturer /d "%BaseBoardManufacturer%" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation" /t REG_SZ /v Model /d "%BaseBoardProduct%" /f
:: ----------------------------------------------------------

 

--- Offline Win 10 Image Servicing Script to Remove Windows Apps , Remove System Apps , Disable UnNeeded Features , Remove Capabilities (Packages) , Remove OneDrive & More ----

Spoiler: Safe SystemApps Removal

FileExplorer
FilePicker
AddSuggestionFoldersToLibraryDialog
AADBrokerPlugin
BioEnrollment
ECApp
LockApp
EdgeDevToolsClient
Edge
Win32WebViewHost
AppRep.ChxApp
AssignedAccessLockApp
CallingShellApp
CapturePicker
ContentDeliveryManager
NarratorQuickStart
ParentalControls
PeopleExperienceHost
NcsiUwpApp
XboxGameCallableUI
XgpuEjectDialog
CbsPreview

Spoiler: Images For Removals

Spoiler: Download Links

W10-Debloater
W10-Debloater-SysApps
W10LTSC-Debloater-SysApps
W10AIO-Debloater Version 1.0
W10AIO-Debloater Version 1.1
W10AIO-Debloater Version 1.1 Final Updated by @RaiyvaN

Changelog

1.Updated Script Code to Show User Choice of Selecting Provisioned Appx Packages + Capabilities to be Removed & Windows Optional Features to be Disabled Using GridView Output function of Powershell.
2. Added Project Directory to Script Using @BAU Compressed2TxT Script.
2a. Project Directory Now Contain 5 Files ie
7z.exe , 7z.dll ( Command line Version of 7Zip used for extraction of Win10 iso file only).
Install Wim Tweak to remove Onedrive Reg hives & Setup Package.
oscdimg.exe ( Used to Create Final Win10 ISO with User Choice Windows 10 Index.
SetACL ver 3.0 by Helge Klien to take Ownership of SystemApps Reg Keys for Removal Process.
3. There's no Need to Extract Win10 ISO with this Final Script or even Use Win10 ISO with Any Name but be sure only One ISO Must be there in the Disk Drive or else Script Will Extract All ISO's on Same Disk Drive & will Delete the Source ISO.
4. Images Attached for Grid View as Output to Select & Remove Packages + Disable Windows Optional Features.
5. Updated Script Execution via any Directory & Resolved Custom Path to Common Path as Suggested by @ingviowarr because of Different Language ISO Issues Thanks to him.
6. Updated Script with only Installed Packages & Enabled Features Selection via [Where-Object] Parameter of Powershell Function Plus Some Other Changes too For a clean clear script to be user friendly ( Safe to Remove Selection of Packages & Safe to Disable Windows Optional Features Selection Images updated in Spoiler ) For Provisioned Appx Packages User Can Select All or only There Choice of Packages being Removable Windows Apps.
7. Updated Script to Remove OneDrive Package via Install Wim Tweak Offline Wim Servicing. Please Disable Your Antivirus or Else Install Wim Tweak by Legolash20 which is Used to remove Onedrive Package only will not work & will result in whole project error.
8. Updated Removal of System Apps Via Registry Tweak as Suggested by @abbodi1406 here System Apps Removal.
9. System Apps Removal Script will be Updated Separately still i don't suggest any User to tweak there iso with system apps removal & will get into many troubles in future.
10. Updated Capabilities Spoiler Image with Unselected Powershell Integrated Scripting Engine Package only because if it will be removed then users will not have the possibility to see a grid view as output on any called powershell scripting function. thanks a lot again to @ingviowarr for his suggestion after testing the scripts.
11. SystemApps Safe to be Removed Thanks to @spanishfly for System Apps Removal
12. Uploaded & Updated Link to Download Windows 10 LTSC Debloater With SystemApps Removal.
13. Added SetACL to Project Directory & Removed RegTakeOwnership Snippet for SystemApps Removal becuae it is conflicting with Wim Info & Export
14. Added User Choice of Wim Index Selection so that user will be able to select his needed Index to be Debloated but not with Powershell Grid View hence Using Dism Choice Commands.
15. Added Version to First Version 1.0 as i am now myself satisfied with the script.
16. Now theres No any Need to Use Separate Scripts for Separate ISO Debloating hence user can use only new updated AIO Debloater Script from now onwards & Added Some More Functions too.
17. Added MSG Popup with Wait Time of 1 hour so that User Will Read it & Do as Noticed for Script to work Perfectly without any error. Antivirus Disable is mandatory as idk why most Antivirus Engines get Install Wim Tweaker by Legolash2o as PUA (Potential unwanted App) or PUS (Potential Unwanted Software) to be very fare i downloaded it from a Trusted Repo Plus Script only Work With Wim Based ISO Plus User Must be Sure that theres no any other ISO at Script Path or else it will also get extracted & will conflict with Script Process.
18. Version 1.1 Test . [ Testing Upcoming Updates ]
19. Added Option to Remove Chromium based Edge After Installation. Reg Tweak as by @abbodi1406 somewhere on forums.
20. Removed Optimize Final Tweaked Wim as found of No Use.
21 . Added Option to Exit Script at End Via Pressing a Numerical Key 0 so that users will copy Whole Log & will paste somewhere as reference.
21 . Added Some More Txts to MsgBox Via Powershell Write-Host Function & Alligned it to be Centered.
22. Added Powershell Function to Copy whole transcript then paste it to a log file created at same path of script.
23 . Added Some More Registry Tweaks so that User Wont fight with OS after a New Install to do settings as are pre applied mostly ie removed : reserved storage space , User Directiories , Cpanel view to large , This PC & Cpanel on Desktop.
24. Added Reduce Win10 ISO layout script code in last to have a reduced size Final Debloated ISO in result according to this post Reduce Win10 ISO Layout . thanks a lot to @Enthousiast .
25 Added Two More Safe to Remove SystemApps to be Removed NcsiUwpApp & NarratorQuickStart.
26 Updated Link to Download Version 1.1 [Thanks Everybody for your Support & Contribution]
27 Updated Link to Download Final 1.1 Updated Script with Lots of Changes by @RaiyvaN Brother , Thanks a lot to him for this support.

 

That's the reason - i have given users an option via selecting the packages they want to remove from offline win10 iso wim so that there's no any changes made by batch script itself to the main ISO.
choice is user side itself via selecting the packages they want to remove or disable from grid view menu shown as in images uploaded via myself.

yes you can revert all the changes after installation :

yes you can install capabilities again via : settings-apps-manage optional features-add a feature
yes you can enable windows optional features again via: control panel-programs & features-turn windows features on or off-click the features needed-apply-restart machine.
yes you can install provisioned appx packages again via: downloading packages-ms store adguard repo https://store.rg-adguard.net -Install needed appx packages to OS again via dism.

that's all.

 

Offline Win10 ISO Debloat only via single Batch Script Using Powershell [GUI] Grid View to Select Windows Apps to Be Removed , Windows Optional Features to be Disabled, Windows Capabilities [Packages] to be Removed Nothing Else .
Just Give it a Try & Review your Experience after Installing Final Debloated ISO as Guest OS on Any VM App.

In Simple i must Say Win10 ISO Tweaker / Bloatware Removal Batch Script Using Powershell [GUI] Grid View Which Nobody else has done before via Batch but many people have used it in there Powershell project Using Sapien Powershell Studio. Please Feel Free to ask me anything on How to ?

 

Yes Optimize-Offline Project Use the Same Grid View Output Function to Remove Packages & Disable Features.
Please Tell Your Experience with this Batch script if you have given it a try . Is it good to go or you want to suggest some more changes to script.
Somebody asked me if there's a way to add Systemapps Packages to be tweaked via the same Grid View from My Batch Script . I will be working on it from now onwards to add System Apps Tweak to Next Batch Script Update.