The registry tweaks if you modify them manually then gpedit.msc does not show the parameter changes because you need another path to update and read the registry and then they will show up on the gpo policy as changed.
Yes, I know both methods work, but if someone wants to change it via GPO, they won't see the changed registry settings that were changed manually. The problem is that the GPO does not update the changed settings that were added manually in policy.
Tested it in Virtualbox. The fact that operation system does not respect user choice and revert gpedit.msc (!) policy changes (e.g. disable Defender) is wild.
Is there really no way to stop running Windows Defender in background? It slows down virtual machine. So far managed to remove it by mounting WIM and deleting folders manually. This is wild, Windows Defender in W11 quarantine group policy edits and registry edits. basically turned into malware itself After taking ownership and removing WD files from Program Files and winsxs, sfc /scannow no more can be completed. So WD cannot be restored, but if something else breaks and will required sfc /scannow... so not a perfect solution, and WD will probably return with first cumulative update anyway.
I use this application Control Defender Switch 2.01 to deactivate it and in my opinion it works, then in group policies I also deactivate real-time protection
easiest way is to boot in safe mode. start autoruns type defender and uncheck everything defender apart from firewall and policyagent , also type security and uncheck wscsvc and securityhealthservice
thanks. Defender control worked in realtime and disables antivirus completely (but cannot enable it back, lol). Still, it is closed source software, and I got used to group politics edits. Would be more awesome to do this manually somehow without 3rd party tools no matter how effective they are. But maybe, it's just me who wants it
Releasing another batch file. Needs some refining but it's good enough to post. This one will list and make a .txt on the desktop of your packages, features, and capabilities. Then you are presented with the option to remove them. Alternatively, if you know by memory what you want to remove you can jump right in to that. Currently only for online images. Spoiler: cleanuptool.bat Code: @echo off title Clean your damn windows, they are filthy. color 0E :: :: REQUESTING ADMIN :: >nul 2>&1 reg query "HKU\S-1-5-19\Environment" if '%errorlevel%' NEQ '0' ( (echo.Set UAC = CreateObject^("Shell.Application"^)&echo.UAC.ShellExecute "%~s0", "", "", "runas", 1)>"%tmp%\getadmin.vbs" "%tmp%\getadmin.vbs" exit /B ) else ( >nul 2>&1 del "%tmp%\getadmin.vbs" ) :options call:banner echo +---[ OPTION MENU ]----------+ echo ^| ^| echo ^| ~~Make Lists~~ ^| echo ^| p. Packages ^| echo ^| f. Features ^| echo ^| c. Capabilities ^| echo ^| ^| echo ^| ~~Kill Them~~ ^| echo ^| pp. Packages ^| echo ^| ff. Features ^| echo ^| cc. Capabilities ^| echo ^| ^| echo ^| 0. Exit ^| echo ^| ^| echo +---------------------------+ echo. echo # Type a number below and press the Enter key. echo. set DVAR= set /p "DVAR=>----> Enter Option: " cls echo. && echo. if '%DVAR%' NEQ '0' ( goto setup ) else ( goto exit ) :: Allows removal of payloads, requiring sourcing the FoD files to reinstall. Reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing" /v "DisableRemovePayload" /t REG_DWORD /d "0" /f :setup set "mode=DISM /Online " set pack= set feat= set capa= set kill= set list=%homepath%\Desktop if "%DVAR%"=="0" goto exit if "%DVAR%"=="p" goto plisted if "%DVAR%"=="f" goto flisted if "%DVAR%"=="c" goto clisted if "%DVAR%"=="pp" goto pkill if "%DVAR%"=="ff" goto fkill if "%DVAR%"=="cc" goto ckill :plisted cls call:banner echo. && echo. DISM /online /get-packages /format:table > %list%\packages.txt type %list%\packages.txt echo. && echo. echo You will find a copy of this at %list%\packages.txt echo If you wish to remove something, consult the file for ease. echo. choice /c sre /n /m "Return to [s]tart, [r]emove package, or [e]xit?" echo. if "%errorlevel%"=="3" goto exit if "%errorlevel%"=="2" goto pkill if "%errorlevel%"=="1" goto options if "%errorlevel%"=="0" goto exit :flisted cls call:banner DISM /online /get-features /format:table > %list%\features.txt type %list%\packages.txt echo. && echo. echo You will find a copy of this at %list%\features.txt echo If you wish to remove something, consult the file for ease. echo. choice /c sre /n /m "Return to [s]tart, [r]emove feature, or [e]xit?" echo. if "%errorlevel%"=="3" goto exit if "%errorlevel%"=="2" goto fkill if "%errorlevel%"=="1" goto options if "%errorlevel%"=="0" goto exit :clisted cls call:banner DISM /online /get-capabilities /format:table > %list%\capabilities.txt type %list%\packages.txt echo. && echo. echo You will find a copy of this at %list%\capabilities.txt echo If you wish to remove something, consult the file for ease. echo. choice /c sre /n /m "Return to [s]tart, [r]emove package, or [e]xit?" echo. if "%errorlevel%"=="3" goto exit if "%errorlevel%"=="2" goto ckill if "%errorlevel%"=="1" goto options if "%errorlevel%"=="0" goto exit :pkill call:banner echo. && echo. echo "--Use the short name." echo. set /p "pack=>----> Enter Package Name: " set "kill= /Remove-Package /packagename:%pack%" goto doit :fkill call:banner echo. && echo. echo "--Use the whole name." echo. set /p "feat=>----> Enter Feature Name: " set "kill= /disable-feature /featurename:%feat% /remove" goto doit :ckill call:banner echo. && echo. echo "--Use the whole name." echo. set /p "capa=>----> Enter Capability Name: " set "kill= /remove-capability /capabilityname:%capa%" goto doit :doit echo. && echo. dism /online %kill% echo. echo Done! echo. choice /c se /n /m "Return to [s]tart, or [e]xit?" if "%errorlevel%"=="2" goto exit if "%errorlevel%"=="1" goto options if "%errorlevel%"=="0" goto exit :exit title Godspeed! set "lines=echo. && echo." set "cnt=echo COUNTDOWN" > %tmp%\Rest1.vbs echo Wscript.sleep 1000 && SET R1=Start /w %tmp%\Rest1.vbs cls %lines% && echo ">---> Closing in ...3" && %cnt% 3 >> %tmp%\count.txt && %R1% && cls %lines% && echo ">---> Closing in ....2" && %cnt% 2 >> %tmp%\count.txt && %R1% && color 06 && cls %lines% && echo ">---> Closing in .....1" && %cnt% 1 >> %tmp%\count.txt && %R1% && cls del %tmp%\Rest1.vbs > nul && DEL %tmp%\count.txt > nul && exit :banner cls echo ___________________ echo __/ / Packages, \__/ __ \ echo / \/ Features, / \ // echo /\__________ Capabilities. ________\__/ echo.&echo. goto:eof
are any of this safe to remove.? Code: Deployment Image Servicing and Management tool Version: 10.0.22621.2792 Image Version: 10.0.22631.3527 Packages listing: ------------------------------------------------------------------------------------------------------- | --------- | ------------- | ----------------- Package Identity | State | Release Type | Install Time ------------------------------------------------------------------------------------------------------- | --------- | ------------- | ----------------- Microsoft-OneCore-ApplicationModel-Sync-Desktop-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Client-LanguagePack-Package~31bf3856ad364e35~amd64~en-US~10.0.22621.3527 | Installed | Language Pack | 4/24/2024 8:40 PM Microsoft-Windows-Ethernet-Client-Intel-E1i68x64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Ethernet-Client-Intel-E2f68-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Ethernet-Client-Realtek-Rtcx21x64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Ethernet-Client-Vmware-Vmxnet3-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-FodMetadata-Package~31bf3856ad364e35~amd64~~10.0.22621.1 | Installed | Feature Pack | 5/7/2022 7:30 AM Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~10.0.22621.1 | Installed | Foundation | 5/7/2022 5:28 AM Microsoft-Windows-Kernel-LA57-FoD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-LanguageFeatures-Basic-en-us-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-LanguageFeatures-Handwriting-en-us-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-LanguageFeatures-OCR-en-us-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-LanguageFeatures-Speech-en-us-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-LanguageFeatures-TextToSpeech-en-us-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Broadcom-Bcmpciedhd63-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Broadcom-Bcmwl63a-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Broadcom-Bcmwl63al-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwbw02-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwew00-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwew01-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwlv64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwns64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwsw00-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw02-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw04-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw06-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw08-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw10-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Marvel-Mrvlpcie8897-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Qualcomm-Athw8x-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Qualcomm-Athwnx-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Qualcomm-Qcamain10x64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Ralink-Netr28x-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtl8187se-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtl8192se-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtl819xp-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtl85n64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtwlane-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtwlane01-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtwlane13-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Package_for_DotNetRollup_481~31bf3856ad364e35~amd64~~10.0.9236.2 | Installed | Update | 4/5/2024 10:54 PM Package_for_KB5027397~31bf3856ad364e35~amd64~~22621.2355.1.1 | Installed | Update | 4/5/2024 10:54 PM Package_for_RollupFix~31bf3856ad364e35~amd64~~22621.3527.1.17 | Installed | Update | 4/24/2024 8:40 PM Package_for_ServicingStack_3522~31bf3856ad364e35~amd64~~22621.3522.1.8 | Installed | Update | 4/24/2024 8:30 PM The operation completed successfully.
Spoiler: packages Code: Deployment Image Servicing and Management tool Version: 10.0.22621.2792 Image Version: 10.0.22631.3527 Packages listing: ------------------------------------------------------------------------------------------------------- | --------- | ------------- | ----------------- Package Identity | State | Release Type | Install Time ------------------------------------------------------------------------------------------------------- | --------- | ------------- | ----------------- Microsoft-OneCore-ApplicationModel-Sync-Desktop-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 (if you don't sync your settings) | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Ethernet-Client-Intel-E1i68x64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Ethernet-Client-Intel-E2f68-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Ethernet-Client-Realtek-Rtcx21x64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Ethernet-Client-Vmware-Vmxnet3-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 (if you don't use vmware) | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Kernel-LA57-FoD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 (if your CPU doesn't use LA57) | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-LanguageFeatures-Handwriting-en-us-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 (if you don't use handwriting) | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Broadcom-Bcmpciedhd63-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Broadcom-Bcmwl63a-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Broadcom-Bcmwl63al-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwbw02-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwew00-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwew01-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwlv64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwns64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwsw00-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw02-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw04-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw06-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw08-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Intel-Netwtw10-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Marvel-Mrvlpcie8897-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Qualcomm-Athw8x-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Qualcomm-Athwnx-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Qualcomm-Qcamain10x64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Ralink-Netr28x-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtl8187se-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtl8192se-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtl819xp-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtl85n64-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtwlane-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtwlane01-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Microsoft-Windows-Wifi-Client-Realtek-Rtwlane13-FOD-Package~31bf3856ad364e35~amd64~~10.0.22621.3527 | Installed | OnDemand Pack | 4/24/2024 8:40 PM Most. Most are network drivers. Make sure you have spare net drivers on hand if you remove them all instead of finding what you are using. Check my (notes) in the code block for other info. My 8yo pc only needed: Microsoft-Windows-Wifi-Client-Intel-Netwtw10-FOD-Package Microsoft-Windows-Wifi-Client-Qualcomm-Qcamain10x64-FOD-Package
https://forums.mydigitallife.net/threads/83744/page-17#post-1683742 29/04/2024 - Defender disabler v6.0 - Windows Auto Configure v23 Added new defender service to disable
Here's a fun one to include in your batch files or what-have-you. Spoiler: Change the window paramaters Code: // 2>nul||@goto :batch /* :batch @echo off setlocal del /q /f "%~n0.exe" >nul 2>nul :: find csc.exe set "csc=" for /r "%SystemRoot%\Microsoft.NET\Framework\" %%# in ("*csc.exe") do set "csc=%%#" if not exist "%csc%" ( echo no .net framework installed exit /b 10 ) if not exist "%~n0.exe" ( call %csc% /nologo /warn:0 /out:"%~n0.exe" "%~dpsfnx0" || ( exit /b %errorlevel% ) ) %~n0.exe %* endlocal & exit /b %errorlevel% */ using System; using System.Runtime.InteropServices; using System.Diagnostics; using System.Collections.Generic; class HadlerWrapper { public System.IntPtr handler; public HadlerWrapper(System.IntPtr handler) { this.handler = handler; } } public class ScreenCapture { static Int32 mode = 1; static Dictionary < String, Int32 > modes = new Dictionary < String, Int32 > (); static String title = null; static Int32 pid = -1; [DllImport("user32.dll")] private static extern bool ShowWindowAsync(IntPtr hWnd, int nCmdShow); public static void Main(String[] args) { modes.Add("hidden", 0); modes.Add("normal", 1); modes.Add("minimized", 2); modes.Add("maximized", 3); modes.Add("force_minimized", 11); modes.Add("maximize_next", 6); modes.Add("restore", 9); modes.Add("show", 5); modes.Add("show_default", 10); modes.Add("no_active_minimized", 7); modes.Add("no_active_show", 8); modes.Add("no_active_normal", 4); parseArgs(); if (!string.IsNullOrEmpty(title)) { HadlerWrapper hw = windowByString(title); if (hw != null) { ShowWindowAsync(hw.handler, mode); } else { Console.WriteLine("Cannot find a window with title [" + title + "]"); Environment.Exit(6); } } else if (pid != -1) { HadlerWrapper hw = windowByPID(pid); if (hw != null) { ShowWindowAsync(hw.handler, mode); } else { Console.WriteLine("Cannot find a window with pid [" + pid + "]"); Environment.Exit(7); } } else { Console.WriteLine("Neither process id not title were passed to the script"); printHelp(); Environment.Exit(8); } } static HadlerWrapper windowByString(String title) { Process[] processlist = Process.GetProcesses(); foreach(Process process in processlist) { if (process.MainWindowTitle != null) { if (process.MainWindowTitle.Equals(title)) { return new HadlerWrapper(process.MainWindowHandle); } } } foreach(Process process in processlist) { if (!String.IsNullOrEmpty(process.MainWindowTitle)) { if (process.MainWindowTitle.StartsWith(title)) { return new HadlerWrapper(process.MainWindowHandle); } } } return null; } static HadlerWrapper windowByPID(Int32 pid) { Process[] processlist = Process.GetProcesses(); foreach(Process process in processlist) { if (process.MainWindowHandle!= null) { if (process.Id == pid) { Console.WriteLine("process found with pid:" + pid); return new HadlerWrapper(process.MainWindowHandle); } } else { Console.WriteLine("main window handle is null for pid:" + pid); } } return null; } static void parseArgs() { String[] args = Environment.GetCommandLineArgs(); if (args.Length == 1) { printHelp(); Environment.Exit(0); } if (args.Length % 2 == 0) { Console.WriteLine("Wrong arguments"); Environment.Exit(1); } for (int i = 1; i < args.Length - 1; i = i + 2) { switch (args[i].ToLower()) { case "-help": case "-h": case "/h": case "/help": case "/?": printHelp(); Environment.Exit(5); break; case "-pid": if (int.TryParse(args[i + 1], out pid)) {} else { Console.WriteLine("Process id should be a number"); Environment.Exit(2); } break; case "-title": title = args[i + 1]; break; case "-mode": if (modes.TryGetValue(args[i + 1].ToLower(), out mode)) {} else { Console.WriteLine("Invalid mode passed: " + args[i + 1]); Environment.Exit(3); } break; default: Console.WriteLine("Wrong parameter " + args[i]); Environment.Exit(4); break; } } } public static void printHelp() { String script = Environment.GetCommandLineArgs()[0]; Console.WriteLine(script + " - changed the mode of a window by given process id or window title"); Console.WriteLine(""); Console.WriteLine("Usage:"); Console.WriteLine(""); Console.WriteLine(script + " {[-title \"Title\"]|[-pid PID_Number]} [-mode mode]"); Console.WriteLine(""); Console.WriteLine("Possible modes are hidden,normal,minimized,maximized,force_minimized,"); Console.WriteLine(" force_minimized,maximize_next,restore,show,show_default,no_active_minimized,"); Console.WriteLine(" no_active_show,no_active_normal."); Console.WriteLine("If both title and pid are passed only the title will be taken into account"); Console.WriteLine("If there's no title matching the given string a"); Console.WriteLine(" title starting with it will be searched for"); Console.WriteLine(""); Console.WriteLine("Examples:"); Console.WriteLine(""); Console.WriteLine(" " + script + " -title \"Untitled - Notepad\" -mode normal"); Console.WriteLine(" " + script + " -title \"Untitled\" -mode normal"); Console.WriteLine(" " + script + " -pid 1313 -mode normal"); } } This will generate a .exe file that you can simply call to mess with a window in the future. Or, you can have your batch delete the exe after it has been used. OR.......... Here is one such usage for a help file I made for Hashcat that needs a maximized window to read effectively. It creates windowMode.bat, runs it, uses the exe, then deletes both files. Spoiler: example Code: @echo off pushd "~dp0" title ~~~~~ HashCat Password Recovery ~~~~~ :hcb call:banner choice /T 5 /C yn /D n /N /M "Open help? [y/n]:" if '%errorlevel%' EQU '1' ( start cmd /k help.bat ........yes was pressed........ @echo off pushd "%cd%" title ~~~~~ Hashcat Help ~~~~~ call:windmode :setup ::(creates windowMode.exe, deletes bat/exe) call windowMode.bat -title "~~~~~ Hashcat Help ~~~~~" -mode maximized timeout 2 /nobreak > nul del windowMode.bat del windowMode.exe cls set help= goto start (rest of help file is here) :windmode ::(creates windowMode.bat) echo // 2^>nul^|^|@goto :batch >> windowMode.bat echo /* >> windowMode.bat echo :batch >> windowMode.bat echo @echo off >> windowMode.bat echo setlocal >> windowMode.bat echo del /q /f "%%~n0.exe" ^>nul 2^>nul >> windowMode.bat echo :: find csc.exe >> windowMode.bat echo set "csc=" >> windowMode.bat echo for /r "%%SystemRoot%%\Microsoft.NET\Framework\" %%%%# in ("*csc.exe") do set "csc=%%%%#" >> windowMode.bat echo. >> windowMode.bat echo if not exist "%%csc%%" ( >> windowMode.bat echo echo no .net framework installed >> windowMode.bat echo exit /b 10 >> windowMode.bat echo ) >> windowMode.bat echo. >> windowMode.bat echo if not exist "%%~n0.exe" ( >> windowMode.bat echo call %%csc%% /nologo /warn:0 /out:"%%~n0.exe" "%%~dpsfnx0" ^|^| ( >> windowMode.bat echo exit /b %%errorlevel%% >> windowMode.bat echo ) >> windowMode.bat echo ) >> windowMode.bat echo %%~n0.exe %%* >> windowMode.bat echo endlocal ^& exit /b %%errorlevel%% >> windowMode.bat echo. >> windowMode.bat echo */ >> windowMode.bat echo. >> windowMode.bat echo. >> windowMode.bat echo using System; >> windowMode.bat echo using System.Runtime.InteropServices; >> windowMode.bat echo using System.Diagnostics; >> windowMode.bat echo using System.Collections.Generic; >> windowMode.bat echo. >> windowMode.bat echo class HadlerWrapper { >> windowMode.bat echo public System.IntPtr handler; >> windowMode.bat echo. >> windowMode.bat echo public HadlerWrapper(System.IntPtr handler) { >> windowMode.bat echo this.handler = handler; >> windowMode.bat echo } >> windowMode.bat echo } >> windowMode.bat echo. >> windowMode.bat echo public class ScreenCapture { >> windowMode.bat echo. >> windowMode.bat echo static Int32 mode = 1; >> windowMode.bat echo static Dictionary ^< String, Int32 ^> modes = new Dictionary ^< String, Int32 ^> (); >> windowMode.bat echo. >> windowMode.bat echo static String title = null; >> windowMode.bat echo static Int32 pid = -1; >> windowMode.bat echo. >> windowMode.bat echo. >> windowMode.bat echo. >> windowMode.bat echo. >> windowMode.bat echo. >> windowMode.bat echo [DllImport("user32.dll")] >> windowMode.bat echo private static extern bool ShowWindowAsync(IntPtr hWnd, int nCmdShow); >> windowMode.bat echo. >> windowMode.bat echo. >> windowMode.bat echo public static void Main(String[] args) { >> windowMode.bat echo. >> windowMode.bat echo modes.Add("hidden", 0); >> windowMode.bat echo modes.Add("normal", 1); >> windowMode.bat echo modes.Add("minimized", 2); >> windowMode.bat echo modes.Add("maximized", 3); >> windowMode.bat echo modes.Add("force_minimized", 11); >> windowMode.bat echo modes.Add("maximize_next", 6); >> windowMode.bat echo modes.Add("restore", 9); >> windowMode.bat echo modes.Add("show", 5); >> windowMode.bat echo modes.Add("show_default", 10); >> windowMode.bat echo modes.Add("no_active_minimized", 7); >> windowMode.bat echo modes.Add("no_active_show", 8); >> windowMode.bat echo modes.Add("no_active_normal", 4); >> windowMode.bat echo. >> windowMode.bat echo. >> windowMode.bat echo parseArgs(); >> windowMode.bat echo. >> windowMode.bat echo if (!string.IsNullOrEmpty(title)) { >> windowMode.bat echo HadlerWrapper hw = windowByString(title); >> windowMode.bat echo if (hw != null) { >> windowMode.bat echo ShowWindowAsync(hw.handler, mode); >> windowMode.bat echo } else { >> windowMode.bat echo Console.WriteLine("Cannot find a window with title [" + title + "]"); >> windowMode.bat echo Environment.Exit(6); >> windowMode.bat echo } >> windowMode.bat echo } else if (pid != -1) { >> windowMode.bat echo HadlerWrapper hw = windowByPID(pid); >> windowMode.bat echo if (hw != null) { >> windowMode.bat echo ShowWindowAsync(hw.handler, mode); >> windowMode.bat echo } else { >> windowMode.bat echo Console.WriteLine("Cannot find a window with pid [" + pid + "]"); >> windowMode.bat echo Environment.Exit(7); >> windowMode.bat echo } >> windowMode.bat echo } else { >> windowMode.bat echo Console.WriteLine("Neither process id not title were passed to the script"); >> windowMode.bat echo printHelp(); >> windowMode.bat echo Environment.Exit(8); >> windowMode.bat echo } >> windowMode.bat echo. >> windowMode.bat echo } >> windowMode.bat echo. >> windowMode.bat echo static HadlerWrapper windowByString(String title) { >> windowMode.bat echo Process[] processlist = Process.GetProcesses(); >> windowMode.bat echo foreach(Process process in processlist) { >> windowMode.bat echo if (process.MainWindowTitle != null) { >> windowMode.bat echo if (process.MainWindowTitle.Equals(title)) { >> windowMode.bat echo return new HadlerWrapper(process.MainWindowHandle); >> windowMode.bat echo } >> windowMode.bat echo } >> windowMode.bat echo } >> windowMode.bat echo. >> windowMode.bat echo foreach(Process process in processlist) { >> windowMode.bat echo if (!String.IsNullOrEmpty(process.MainWindowTitle)) { >> windowMode.bat echo if (process.MainWindowTitle.StartsWith(title)) { >> windowMode.bat echo return new HadlerWrapper(process.MainWindowHandle); >> windowMode.bat echo } >> windowMode.bat echo } >> windowMode.bat echo } >> windowMode.bat echo. >> windowMode.bat echo return null; >> windowMode.bat echo } >> windowMode.bat echo. >> windowMode.bat echo static HadlerWrapper windowByPID(Int32 pid) { >> windowMode.bat echo Process[] processlist = Process.GetProcesses(); >> windowMode.bat echo foreach(Process process in processlist) { >> windowMode.bat echo if (process.MainWindowHandle!= null) { >> windowMode.bat echo if (process.Id == pid) { >> windowMode.bat echo Console.WriteLine("process found with pid:" + pid); >> windowMode.bat echo return new HadlerWrapper(process.MainWindowHandle); >> windowMode.bat echo } >> windowMode.bat echo } else { >> windowMode.bat echo Console.WriteLine("main window handle is null for pid:" + pid); >> windowMode.bat echo } >> windowMode.bat echo } >> windowMode.bat echo return null; >> windowMode.bat echo } >> windowMode.bat echo. >> windowMode.bat echo static void parseArgs() { >> windowMode.bat echo. >> windowMode.bat echo String[] args = Environment.GetCommandLineArgs(); >> windowMode.bat echo if (args.Length == 1) { >> windowMode.bat echo printHelp(); >> windowMode.bat echo Environment.Exit(0); >> windowMode.bat echo } >> windowMode.bat echo if (args.Length %% 2 == 0) { >> windowMode.bat echo Console.WriteLine("Wrong arguments"); >> windowMode.bat echo Environment.Exit(1); >> windowMode.bat echo } >> windowMode.bat echo for (int i = 1; i ^< args.Length - 1; i = i + 2) { >> windowMode.bat echo. >> windowMode.bat echo switch (args[i].ToLower()) { >> windowMode.bat echo case "-help": >> windowMode.bat echo case "-h": >> windowMode.bat echo case "/h": >> windowMode.bat echo case "/help": >> windowMode.bat echo case "/?": >> windowMode.bat echo printHelp(); >> windowMode.bat echo Environment.Exit(5); >> windowMode.bat echo break; >> windowMode.bat echo case "-pid": >> windowMode.bat echo if (int.TryParse(args[i + 1], out pid)) {} else { >> windowMode.bat echo Console.WriteLine("Process id should be a number"); >> windowMode.bat echo Environment.Exit(2); >> windowMode.bat echo } >> windowMode.bat echo break; >> windowMode.bat echo case "-title": >> windowMode.bat echo title = args[i + 1]; >> windowMode.bat echo break; >> windowMode.bat echo case "-mode": >> windowMode.bat echo if (modes.TryGetValue(args[i + 1].ToLower(), out mode)) {} else { >> windowMode.bat echo Console.WriteLine("Invalid mode passed: " + args[i + 1]); >> windowMode.bat echo Environment.Exit(3); >> windowMode.bat echo } >> windowMode.bat echo break; >> windowMode.bat echo default: >> windowMode.bat echo Console.WriteLine("Wrong parameter " + args[i]); >> windowMode.bat echo Environment.Exit(4); >> windowMode.bat echo break; >> windowMode.bat echo. >> windowMode.bat echo } >> windowMode.bat echo } >> windowMode.bat echo } >> windowMode.bat echo. >> windowMode.bat echo public static void printHelp() { >> windowMode.bat echo String script = Environment.GetCommandLineArgs()[0]; >> windowMode.bat echo Console.WriteLine(script + " - changed the mode of a window by given process id or window title"); >> windowMode.bat echo Console.WriteLine(""); >> windowMode.bat echo Console.WriteLine("Usage:"); >> windowMode.bat echo Console.WriteLine(""); >> windowMode.bat echo Console.WriteLine(script + " {[-title \"Title\"]^|[-pid PID_Number]} [-mode mode]"); >> windowMode.bat echo Console.WriteLine(""); >> windowMode.bat echo Console.WriteLine("Possible modes are hidden,normal,minimized,maximized,force_minimized,"); >> windowMode.bat echo Console.WriteLine(" force_minimized,maximize_next,restore,show,show_default,no_active_minimized,"); >> windowMode.bat echo Console.WriteLine(" no_active_show,no_active_normal."); >> windowMode.bat echo Console.WriteLine("If both title and pid are passed only the title will be taken into account"); >> windowMode.bat echo Console.WriteLine("If there's no title matching the given string a"); >> windowMode.bat echo Console.WriteLine(" title starting with it will be searched for"); >> windowMode.bat echo Console.WriteLine(""); >> windowMode.bat echo Console.WriteLine("Examples:"); >> windowMode.bat echo Console.WriteLine(""); >> windowMode.bat echo Console.WriteLine(" " + script + " -title \"Untitled - Notepad\" -mode normal"); >> windowMode.bat echo Console.WriteLine(" " + script + " -title \"Untitled\" -mode normal"); >> windowMode.bat echo Console.WriteLine(" " + script + " -pid 1313 -mode normal"); >> windowMode.bat echo. >> windowMode.bat echo } >> windowMode.bat echo. >> windowMode.bat echo } >> windowMode.bat goto setup goto:eof