From 2b80e14bf954e2cba07903e0c6822677fb97c3d9 Mon Sep 17 00:00:00 2001 From: Chris Titus Date: Mon, 10 Jun 2024 15:24:12 -0500 Subject: [PATCH 1/6] Compile Cleanup and Tweak Fixes (#2062) * Simple improvements to 'applications.json' File (#2043) * Replace Spaces with Tabs in 'applications.json' File * Correct 'AFFiNE' App Entry's Winget ID from 'AFFiNE.stable' to 'ToEverything.AFFiNE' in 'applications.json' File * Compile Winutil * Tweaks (#2051) * Fix Numlock toggle (#2044) * Fix Numlock at login * Compile Winutil --------- Co-authored-by: ChrisTitusTech * Compile Winutil * fix typo (#2041) * Compile Winutil * Update README.md * * Fixed .getignore issues, it's it not enough to just add to gitgnore if it was already tracked by git it will be continued to be tracked by git, so you have to 'git rm' it * Fixed ooshutup, there is no need to download configs, they are already compiled into winutil + Added a tweak to remove and disable Intel LMS, which have been identifed as a potential backdoor into Windows. * Update winget.ps1 * + Added new release actions, every time we merge into main it will create a release by extracting the version fromwinutil.ps1 and setting all appropriate tags and versions * fix merge * add compile back in * Update action to latest tools * Ensure Compile is finished --------- Co-authored-by: Chris Titus Co-authored-by: ChrisTitusTech Co-authored-by: nikolan <94351312+nikolan123@users.noreply.github.com> Co-authored-by: KonTy Co-authored-by: Chris Titus * Compile Winutil * Rework Compile (#2061) * Compile Winutil --------- Co-authored-by: Mr.k Co-authored-by: ChrisTitusTech Co-authored-by: KonTy <9524513+KonTy@users.noreply.github.com> Co-authored-by: nikolan <94351312+nikolan123@users.noreply.github.com> Co-authored-by: KonTy Co-authored-by: Martin Wiethan <47688561+Marterich@users.noreply.github.com> --- .github/workflows/compile.yaml | 24 + .github/workflows/release.yaml | 52 +- Compile.ps1 | 85 ++- README.md | 5 +- config/applications.json | 32 +- config/ooshutup10_recommended.cfg | 14 +- config/tweaks.json | 60 +- functions/public/Invoke-WPFOOSU.ps1 | 4 +- winget.ps1 | 2 +- winutil.ps1 | 540 ++++++++++++- xaml/inputApp.xaml | 1089 --------------------------- xaml/inputFeatures.xaml | 43 -- xaml/inputTweaks.xaml | 113 --- 13 files changed, 727 insertions(+), 1336 deletions(-) create mode 100644 .github/workflows/compile.yaml delete mode 100644 xaml/inputApp.xaml delete mode 100644 xaml/inputFeatures.xaml delete mode 100644 xaml/inputTweaks.xaml diff --git a/.github/workflows/compile.yaml b/.github/workflows/compile.yaml new file mode 100644 index 0000000000..e740f32580 --- /dev/null +++ b/.github/workflows/compile.yaml @@ -0,0 +1,24 @@ +name: Compile + +on: + push: + branches: + - main + - test* + +jobs: + build-runspace: + runs-on: windows-latest + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + - name: Compile project + shell: pwsh + run: | + Set-ExecutionPolicy Bypass -Scope Process -Force; ./Compile.ps1 + continue-on-error: false # Directly fail the job on error, removing the need for a separate check + - uses: stefanzweifel/git-auto-commit-action@v5 + with: + commit_message: Compile Winutil + if: success() diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7ee8ff8dfb..2d5d9dee6b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -1,24 +1,42 @@ -name: Update Branch +name: Release WinUtil on: - push: - branches: - - main - - test* + workflow_run: + workflows: ["Compile WinUtil"] #Ensure Compile winget.ps1 is done + types: + - completed jobs: build-runspace: runs-on: windows-latest steps: - - uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - - name: Compile project - shell: pwsh - run: | - Set-ExecutionPolicy Bypass -Scope Process -Force; ./Compile.ps1 - continue-on-error: false # Directly fail the job on error, removing the need for a separate check - - uses: stefanzweifel/git-auto-commit-action@v5 - with: - commit_message: Compile Winutil - if: success() \ No newline at end of file + - name: Checkout Repository + uses: actions/checkout@v4 + + - name: Extract Version from winutil.ps1 + id: extract_version + run: | + $version = '' + Get-Content ./winutil.ps1 -TotalCount 30 | ForEach-Object { + if ($_ -match 'Version\s*:\s*(\d{2}\.\d{2}\.\d{2})') { + $version = $matches[1] + echo "version=$version" >> $GITHUB_ENV + break + } + } + if (-not $version) { + Write-Error "Version not found in winutil.ps1" + exit 1 + } + shell: pwsh + + - name: Create and Upload Release + id: create_release + uses: softprops/action-gh-release@v2 + with: + tag_name: ${{ steps.extract_version.outputs.version }} + name: Release ${{ steps.extract_version.outputs.version }} + body_path: path/to/release-notes.md + files: ./winutil.ps1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/Compile.ps1 b/Compile.ps1 index 2f56849952..8568e1af20 100644 --- a/Compile.ps1 +++ b/Compile.ps1 @@ -1,35 +1,43 @@ +param ( + [switch]$Debug +) $OFS = "`r`n" $scriptname = "winutil.ps1" + # Variable to sync between runspaces $sync = [Hashtable]::Synchronized(@{}) $sync.PSScriptRoot = $PSScriptRoot $sync.configs = @{} -if (Test-Path -Path "$($scriptname)") -{ - Remove-Item -Force "$($scriptname)" -} - -Write-output ' +$header = @" ################################################################################################################ ### ### ### WARNING: This file is automatically generated DO NOT modify this file directly as it will be overwritten ### ### ### ################################################################################################################ -' | Out-File ./$scriptname -Append -Encoding ascii +"@ -(Get-Content .\scripts\start.ps1).replace('#{replaceme}',"$(Get-Date -Format yy.MM.dd)") | Out-File ./$scriptname -Append -Encoding ascii +# Create the script in memory. +$script_content = [System.Collections.Generic.List[string]]::new() -Get-ChildItem .\functions -Recurse -File | ForEach-Object { - Get-Content $psitem.FullName | Out-File ./$scriptname -Append -Encoding ascii -} +Write-Progress -Activity "Compiling" -Status "Adding: Header" -PercentComplete 5 +$script_content.Add($header) + +Write-Progress -Activity "Compiling" -Status "Adding: Version" -PercentComplete 10 +$script_content.Add($(Get-Content .\scripts\start.ps1).replace('#{replaceme}',"$(Get-Date -Format yy.MM.dd)")) +Write-Progress -Activity "Compiling" -Status "Adding: Functions" -PercentComplete 20 +Get-ChildItem .\functions -Recurse -File | ForEach-Object { + $script_content.Add($(Get-Content $psitem.FullName)) + } +Write-Progress -Activity "Compiling" -Status "Adding: Config *.json" -PercentComplete 40 Get-ChildItem .\config | Where-Object {$psitem.extension -eq ".json"} | ForEach-Object { + $json = (Get-Content $psitem.FullName).replace("'","''") # Replace every XML Special Character so it'll render correctly in final build # Only do so if json files has content to be displayed (for example the applications, tweaks, features json files) - # Some Type Convertion using Casting and Cleaning Up of the convertion result using 'Replace' Method + # Some Type Convertion using Casting and Cleaning Up of the convertion result using 'Replace' Method $jsonAsObject = $json | convertfrom-json $firstLevelJsonList = ([System.String]$jsonAsObject).split('=;') | ForEach-Object { $_.Replace('=}','').Replace('@{','').Replace(' ','') @@ -38,7 +46,7 @@ Get-ChildItem .\config | Where-Object {$psitem.extension -eq ".json"} | ForEach- for ($i = 0; $i -lt $firstLevelJsonList.Count; $i += 1) { $firstLevelName = $firstLevelJsonList[$i] # Note: Avoid using HTML Entity Codes (for example '”' (stands for "Right Double Quotation Mark")), and use HTML decimal/hex codes instead. - # as using HTML Entity Codes will result in XML parse Error when running the compiled script. + # as using HTML Entity Codes will result in XML parse Error when running the compiled script. if ($jsonAsObject.$firstLevelName.content -ne $null) { $jsonAsObject.$firstLevelName.content = $jsonAsObject.$firstLevelName.content.replace('&','&').replace('“','“').replace('”','”').replace("'",''').replace('<','<').replace('>','>') $jsonAsObject.$firstLevelName.content = $jsonAsObject.$firstLevelName.content.replace('''',"'") # resolves the Double Apostrophe caused by the first replace function in the main loop @@ -49,14 +57,18 @@ Get-ChildItem .\config | Where-Object {$psitem.extension -eq ".json"} | ForEach- } } # The replace at the end is required, as without it the output of converto-json will be somewhat weird for Multiline String - # Most Notably is the scripts in json files, make=ing it harder for users who want to review these scripts that are found in the final compiled script + # Most Notably is the scripts in json files, making it harder for users who want to review these scripts that are found in the final compiled script $json = ($jsonAsObject | convertto-json -Depth 3).replace('\r\n',"`r`n") $sync.configs.$($psitem.BaseName) = $json | convertfrom-json - Write-output "`$sync.configs.$($psitem.BaseName) = '$json' `| convertfrom-json" | Out-File ./$scriptname -Append -Encoding ascii + $script_content.Add($(Write-output "`$sync.configs.$($psitem.BaseName) = '$json' `| convertfrom-json" )) } +Write-Progress -Activity "Compiling" -Status "Adding: Config *.cfg" -PercentComplete 45 Get-ChildItem .\config | Where-Object {$PSItem.Extension -eq ".cfg"} | ForEach-Object { - Write-output "`$sync.configs.$($psitem.BaseName) = '$(Get-Content $PSItem.FullName)'" | Out-File ./$scriptname -Append -Encoding ascii + $script_content.Add($(Write-output "`$sync.configs.$($psitem.BaseName) = '$(Get-Content $PSItem.FullName)'")) +} +Get-ChildItem .\config | Where-Object {$PSItem.Extension -eq ".cfg"} | ForEach-Object { + $script_content.Add($(Write-output "`$sync.configs.$($psitem.BaseName) = '$(Get-Content $PSItem.FullName)'")) } $xaml = (Get-Content .\xaml\inputXML.xaml).replace("'","''") @@ -64,29 +76,34 @@ $xaml = (Get-Content .\xaml\inputXML.xaml).replace("'","''") # Dot-source the Get-TabXaml function . .\functions\private\Get-TabXaml.ps1 -## Xaml Manipulation -$tabColumns = Get-TabXaml "applications" 5 -$tabColumns | Out-File -FilePath ".\xaml\inputApp.xaml" -Encoding ascii -$tabColumns = Get-TabXaml "tweaks" -$tabColumns | Out-File -FilePath ".\xaml\inputTweaks.xaml" -Encoding ascii -$tabColumns = Get-TabXaml "feature" -$tabColumns | Out-File -FilePath ".\xaml\inputFeatures.xaml" -Encoding ascii +Write-Progress -Activity "Compiling" -Status "Building: Xaml " -PercentComplete 75 +$appXamlContent = Get-TabXaml "applications" 5 +$tweaksXamlContent = Get-TabXaml "tweaks" +$featuresXamlContent = Get-TabXaml "feature" -# Assuming inputApp.xaml is in the same directory as main.ps1 -$appXamlPath = Join-Path -Path $PSScriptRoot -ChildPath "xaml/inputApp.xaml" -$tweaksXamlPath = Join-Path -Path $PSScriptRoot -ChildPath "xaml/inputTweaks.xaml" -$featuresXamlPath = Join-Path -Path $PSScriptRoot -ChildPath "xaml/inputFeatures.xaml" - -# Load the XAML content from inputApp.xaml -$appXamlContent = Get-Content -Path $appXamlPath -Raw -$tweaksXamlContent = Get-Content -Path $tweaksXamlPath -Raw -$featuresXamlContent = Get-Content -Path $featuresXamlPath -Raw +Write-Progress -Activity "Compiling" -Status "Adding: Xaml " -PercentComplete 90 # Replace the placeholder in $inputXML with the content of inputApp.xaml $xaml = $xaml -replace "{{InstallPanel_applications}}", $appXamlContent $xaml = $xaml -replace "{{InstallPanel_tweaks}}", $tweaksXamlContent $xaml = $xaml -replace "{{InstallPanel_features}}", $featuresXamlContent -Write-output "`$inputXML = '$xaml'" | Out-File ./$scriptname -Append -Encoding ascii +$script_content.Add($(Write-output "`$inputXML = '$xaml'")) + +$script_content.Add($(Get-Content .\scripts\main.ps1)) + +if ($Debug){ + Write-Progress -Activity "Compiling" -Status "Writing debug files" -PercentComplete 95 + $appXamlContent | Out-File -FilePath ".\xaml\inputApp.xaml" -Encoding ascii + $tweaksXamlContent | Out-File -FilePath ".\xaml\inputTweaks.xaml" -Encoding ascii + $featuresXamlContent | Out-File -FilePath ".\xaml\inputFeatures.xaml" -Encoding ascii +} +else { + Write-Progress -Activity "Compiling" -Status "Removing temporary files" -PercentComplete 99 + Remove-Item ".\xaml\inputApp.xaml" -ErrorAction SilentlyContinue + Remove-Item ".\xaml\inputTweaks.xaml" -ErrorAction SilentlyContinue + Remove-Item ".\xaml\inputFeatures.xaml" -ErrorAction SilentlyContinue +} -Get-Content .\scripts\main.ps1 | Out-File ./$scriptname -Append -Encoding ascii +Set-Content -Path $scriptname -Value ($script_content -join "`r`n") -Encoding ascii +Write-Progress -Activity "Compiling" -Completed \ No newline at end of file diff --git a/README.md b/README.md index c8b43b54f0..ae90b7d781 100644 --- a/README.md +++ b/README.md @@ -32,10 +32,9 @@ or by executing: iwr -useb https://christitus.com/win | iex ``` -if for some reason this site is not reachable from your country please try running it directly from github - +if for some reason this site is not reachable from your country please try running it directly from github (replace 24.06.07 with current release that you are interested in) ``` -irm https://raw.githubusercontent.com/ChrisTitusTech/winutil/main/winutil.ps1 | iex +irm "https://raw.githubusercontent.com/ChrisTitusTech/winutil/24.06.07/winutil.ps1" | iex ``` #### Automation diff --git a/config/applications.json b/config/applications.json index 65a3e10de6..e8375bbb58 100644 --- a/config/applications.json +++ b/config/applications.json @@ -32,13 +32,13 @@ "winget": "Famatech.AdvancedIPScanner" }, "WPFInstallaffine": { - "category": "Document", - "choco": "na", - "content": "AFFiNE", - "description": "AFFiNE is an open source alternative to Notion. Write, draw, plan all at once. Selfhost it to sync across devices.", - "link": "https://affine.pro/", - "winget": "AFFiNE.stable" - }, + "category": "Document", + "choco": "na", + "content": "AFFiNE", + "description": "AFFiNE is an open source alternative to Notion. Write, draw, plan all at once. Selfhost it to sync across devices.", + "link": "https://affine.pro/", + "winget": "ToEverything.AFFiNE" + }, "WPFInstallaimp": { "category": "Multimedia Tools", "choco": "aimp", @@ -2408,13 +2408,13 @@ "winget": "Waterfox.Waterfox" }, "WPFInstallwazuh": { - "category": "Utilities", - "choco": "wazuh-agent", - "content": "Wazuh.", - "description": "Wazuh is an open-source security monitoring platform that offers intrusion detection, compliance checks, and log analysis.", - "link": "https://wazuh.com/", - "winget": "Wazuh.WazuhAgent" - }, + "category": "Utilities", + "choco": "wazuh-agent", + "content": "Wazuh.", + "description": "Wazuh is an open-source security monitoring platform that offers intrusion detection, compliance checks, and log analysis.", + "link": "https://wazuh.com/", + "winget": "Wazuh.WazuhAgent" + }, "WPFInstallwezterm": { "category": "Development", "choco": "wezterm", @@ -2736,7 +2736,7 @@ "winget": "magic-wormhole.magic-wormhole" }, "WPFInstallqgis": { - "category": "Multimedia Tools", + "category": "Multimedia Tools", "choco": "qgis", "content": "QGIS", "description": "QGIS (Quantum GIS) is an open-source Geographic Information System (GIS) software that enables users to create, edit, visualize, analyze, and publish geospatial information on Windows, Mac, and Linux platforms.", @@ -2758,7 +2758,7 @@ "description": "GlazeWM is a tiling window manager for Windows inspired by i3 and Polybar", "link": "https://github.com/glzr-io/glazewm", "winget": "glzr-io.glazewm" - }, + }, "WPFInstallfancontrol": { "category": "Utilities", "choco": "na", diff --git a/config/ooshutup10_recommended.cfg b/config/ooshutup10_recommended.cfg index 0149c649a4..53284193dc 100644 --- a/config/ooshutup10_recommended.cfg +++ b/config/ooshutup10_recommended.cfg @@ -1,5 +1,5 @@ ############################################################################ -# This file was created with O&O ShutUp10++ V1.9.1436 +# This file was created with O&O ShutUp10++ V1.9.1438 # and can be imported onto another computer. # # Download the application at https://www.oo-software.com/shutup10 @@ -13,7 +13,7 @@ # user does not get any feedback about the import. # # We are always happy to answer any questions you may have! -# © 2015-2023 O&O Software GmbH, Berlin. All rights reserved. +# © 2015-2024 O&O Software GmbH, Berlin. All rights reserved. # https://www.oo-software.com/ ############################################################################ @@ -179,6 +179,8 @@ C015 + C101 + C201 + C102 + +C103 + +C203 + L001 + L003 + L004 - @@ -208,9 +210,9 @@ S014 - K001 + K002 + K005 + -M003 - +M003 + M015 + -M016 - +M016 + M017 - M018 + M019 - @@ -221,7 +223,9 @@ M001 + M004 + M005 + M024 + +M026 + +M027 + M012 - M013 - M014 - -N001 - +N001 - \ No newline at end of file diff --git a/config/tweaks.json b/config/tweaks.json index 709ef1d3ac..4af9dc7906 100644 --- a/config/tweaks.json +++ b/config/tweaks.json @@ -2232,7 +2232,7 @@ "Description": "Creates a restore point at runtime in case a revert is needed from WinUtil modifications", "category": "Essential Tweaks", "panel": "1", - "Checked": "True", + "Checked": "False", "Order": "a001_", "InvokeScript": [ " @@ -2405,6 +2405,64 @@ " ] }, + "WPFTweaksDisableLMS1": { + "Content": "Disable Intel MM (vPro LMS)", + "Description": "Intel LMS service is always listening on all ports and could be a huge security risk. There is no need to run LMS on home machines and even in the Enterprise there are better solutions.", + "category": "Essential Tweaks", + "panel": "1", + "Order": "a0015_", + "InvokeScript": [ + " + Write-Host \"Kill OneDrive process\" + $serviceName = \"LMS\" + Write-Host \"Stopping and disabling service: $serviceName\" + Stop-Service -Name $serviceName -Force -ErrorAction SilentlyContinue; + Set-Service -Name $serviceName -StartupType Disabled -ErrorAction SilentlyContinue; + + Write-Host \"Removing service: $serviceName\"; + sc.exe delete $serviceName; + + Write-Host \"Removing LMS driver packages\"; + $lmsDriverPackages = Get-ChildItem -Path \"C:\\Windows\\System32\\DriverStore\\FileRepository\" -Recurse -Filter \"lms.inf*\"; + foreach ($package in $lmsDriverPackages) { + Write-Host \"Removing driver package: $($package.Name)\"; + pnputil /delete-driver $($package.Name) /uninstall /force; + } + if ($lmsDriverPackages.Count -eq 0) { + Write-Host \"No LMS driver packages found in the driver store.\"; + } else { + Write-Host \"All found LMS driver packages have been removed.\"; + } + + Write-Host \"Searching and deleting LMS executable files\"; + $programFilesDirs = @(\"C:\\Program Files\", \"C:\\Program Files (x86)\"); + $lmsFiles = @(); + foreach ($dir in $programFilesDirs) { + $lmsFiles += Get-ChildItem -Path $dir -Recurse -Filter \"LMS.exe\" -ErrorAction SilentlyContinue; + } + foreach ($file in $lmsFiles) { + Write-Host \"Taking ownership of file: $($file.FullName)\"; + & icacls $($file.FullName) /grant Administrators:F /T /C /Q; + & takeown /F $($file.FullName) /A /R /D Y; + Write-Host \"Deleting file: $($file.FullName)\"; + Remove-Item $($file.FullName) -Force -ErrorAction SilentlyContinue; + } + if ($lmsFiles.Count -eq 0) { + Write-Host \"No LMS.exe files found in Program Files directories.\"; + } else { + Write-Host \"All found LMS.exe files have been deleted.\"; + } + Write-Host 'Intel LMS vPro service has been disabled, removed, and blocked.'; + " + ], + "UndoScript": [ + " + Write-Host \"Install Microsoft Edge\" + taskkill.exe /F /IM \"OneDrive.exe\" + + " + ] + }, "WPFTweaksRemoveOnedrive": { "Content": "Remove OneDrive", "Description": "Copies OneDrive files to Default Home Folders and Uninstalls it.", diff --git a/functions/public/Invoke-WPFOOSU.ps1 b/functions/public/Invoke-WPFOOSU.ps1 index d30ea3a8d6..97f64e89f3 100644 --- a/functions/public/Invoke-WPFOOSU.ps1 +++ b/functions/public/Invoke-WPFOOSU.ps1 @@ -28,13 +28,13 @@ function Invoke-WPFOOSU { } "recommended"{ $oosu_config = "$ENV:temp\ooshutup10_recommended.cfg" - Invoke-WebRequest -Uri "https://raw.githubusercontent.com/ChrisTitusTech/winutil/main/config/ooshutup10_recommended.cfg" -OutFile $oosu_config + $sync.configs.ooshutup10_recommended | Out-File -FilePath $oosu_config -Force Write-Host "Applying recommended OO Shutup 10 Policies" Start-Process $OOSU_filepath -ArgumentList "$oosu_config /quiet" -Wait } "undo"{ $oosu_config = "$ENV:temp\ooshutup10_factory.cfg" - Invoke-WebRequest -Uri "https://raw.githubusercontent.com/ChrisTitusTech/winutil/main/config/ooshutup10_factory.cfg" -OutFile $oosu_config + $sync.configs.ooshutup10_factory | Out-File -FilePath $oosu_config -Force Write-Host "Resetting all OO Shutup 10 Policies" Start-Process $OOSU_filepath -ArgumentList "$oosu_config /quiet" -Wait } diff --git a/winget.ps1 b/winget.ps1 index f1ba120ad1..b7761cc22c 100644 --- a/winget.ps1 +++ b/winget.ps1 @@ -922,4 +922,4 @@ try { } Write-Warning "Error: $($_.Exception.Message)`n" } -} \ No newline at end of file +} diff --git a/winutil.ps1 b/winutil.ps1 index 4d5193048e..25c0d5bbb6 100644 --- a/winutil.ps1 +++ b/winutil.ps1 @@ -1,10 +1,8 @@ - ################################################################################################################ ### ### ### WARNING: This file is automatically generated DO NOT modify this file directly as it will be overwritten ### ### ### ################################################################################################################ - <# .NOTES Author : Chris Titus @christitustech @@ -4442,13 +4440,13 @@ function Invoke-WPFOOSU { } "recommended"{ $oosu_config = "$ENV:temp\ooshutup10_recommended.cfg" - Invoke-WebRequest -Uri "https://raw.githubusercontent.com/ChrisTitusTech/winutil/main/config/ooshutup10_recommended.cfg" -OutFile $oosu_config + $sync.configs.ooshutup10_recommended | Out-File -FilePath $oosu_config -Force Write-Host "Applying recommended OO Shutup 10 Policies" Start-Process $OOSU_filepath -ArgumentList "$oosu_config /quiet" -Wait } "undo"{ $oosu_config = "$ENV:temp\ooshutup10_factory.cfg" - Invoke-WebRequest -Uri "https://raw.githubusercontent.com/ChrisTitusTech/winutil/main/config/ooshutup10_factory.cfg" -OutFile $oosu_config + $sync.configs.ooshutup10_factory | Out-File -FilePath $oosu_config -Force Write-Host "Resetting all OO Shutup 10 Policies" Start-Process $OOSU_filepath -ArgumentList "$oosu_config /quiet" -Wait } @@ -5386,7 +5384,7 @@ $sync.configs.applications = '{ "content": "AFFiNE", "description": "AFFiNE is an open source alternative to Notion. Write, draw, plan all at once. Selfhost it to sync across devices.", "link": "https://affine.pro/", - "winget": "AFFiNE.stable" + "winget": "ToEverything.AFFiNE" }, "WPFInstallaimp": { "category": "Multimedia Tools", @@ -10789,7 +10787,7 @@ $sync.configs.tweaks = '{ "Description": "Creates a restore point at runtime in case a revert is needed from WinUtil modifications", "category": "Essential Tweaks", "panel": "1", - "Checked": "True", + "Checked": "False", "Order": "a001_", "InvokeScript": [ " @@ -10961,6 +10959,64 @@ $sync.configs.tweaks = '{ " ] }, + "WPFTweaksDisableLMS1": { + "Content": "Disable Intel MM (vPro LMS)", + "Description": "Intel LMS service is always listening on all ports and could be a huge security risk. There is no need to run LMS on home machines and even in the Enterprise there are better solutions.", + "category": "Essential Tweaks", + "panel": "1", + "Order": "a0015_", + "InvokeScript": [ + " + Write-Host \"Kill OneDrive process\" + $serviceName = \"LMS\" + Write-Host \"Stopping and disabling service: $serviceName\" + Stop-Service -Name $serviceName -Force -ErrorAction SilentlyContinue; + Set-Service -Name $serviceName -StartupType Disabled -ErrorAction SilentlyContinue; + + Write-Host \"Removing service: $serviceName\"; + sc.exe delete $serviceName; + + Write-Host \"Removing LMS driver packages\"; + $lmsDriverPackages = Get-ChildItem -Path \"C:\\Windows\\System32\\DriverStore\\FileRepository\" -Recurse -Filter \"lms.inf*\"; + foreach ($package in $lmsDriverPackages) { + Write-Host \"Removing driver package: $($package.Name)\"; + pnputil /delete-driver $($package.Name) /uninstall /force; + } + if ($lmsDriverPackages.Count -eq 0) { + Write-Host \"No LMS driver packages found in the driver store.\"; + } else { + Write-Host \"All found LMS driver packages have been removed.\"; + } + + Write-Host \"Searching and deleting LMS executable files\"; + $programFilesDirs = @(\"C:\\Program Files\", \"C:\\Program Files (x86)\"); + $lmsFiles = @(); + foreach ($dir in $programFilesDirs) { + $lmsFiles += Get-ChildItem -Path $dir -Recurse -Filter \"LMS.exe\" -ErrorAction SilentlyContinue; + } + foreach ($file in $lmsFiles) { + Write-Host \"Taking ownership of file: $($file.FullName)\"; + & icacls $($file.FullName) /grant Administrators:F /T /C /Q; + & takeown /F $($file.FullName) /A /R /D Y; + Write-Host \"Deleting file: $($file.FullName)\"; + Remove-Item $($file.FullName) -Force -ErrorAction SilentlyContinue; + } + if ($lmsFiles.Count -eq 0) { + Write-Host \"No LMS.exe files found in Program Files directories.\"; + } else { + Write-Host \"All found LMS.exe files have been deleted.\"; + } + Write-Host ''Intel LMS vPro service has been disabled, removed, and blocked.''; + " + ], + "UndoScript": [ + " + Write-Host \"Install Microsoft Edge\" + taskkill.exe /F /IM \"OneDrive.exe\" + + " + ] + }, "WPFTweaksRemoveOnedrive": { "Content": "Remove OneDrive", "Description": "Copies OneDrive files to Default Home Folders and Uninstalls it.", @@ -11869,6 +11925,237 @@ M013 - M014 - N001 -' $sync.configs.ooshutup10_recommended = '############################################################################ +# This file was created with O&O ShutUp10++ V1.9.1438 +# and can be imported onto another computer. +# +# Download the application at https://www.oo-software.com/shutup10 +# You can then import the file from within the program. +# +# Alternatively you can import it automatically over a command line. +# Simply use the following parameter: +# OOSU10.exe +# +# Selecting the Option /quiet ends the app right after the import and the +# user does not get any feedback about the import. +# +# We are always happy to answer any questions you may have! +# ? 2015-2024 O&O Software GmbH, Berlin. All rights reserved. +# https://www.oo-software.com/ +############################################################################ + +P001 + +P002 + +P003 + +P004 + +P005 + +P006 + +P008 + +P026 + +P027 + +P028 + +P064 + +P065 + +P066 + +P067 + +P070 + +P069 + +P009 - +P010 + +P015 + +P068 - +P016 - +A001 + +A002 + +A003 + +A004 + +A006 + +A005 + +P007 + +P036 + +P025 + +P033 + +P023 + +P056 + +P057 - +P012 - +P034 - +P013 - +P035 - +P062 - +P063 - +P081 - +P047 - +P019 - +P048 - +P049 - +P020 - +P037 - +P011 - +P038 - +P050 - +P051 - +P018 - +P039 - +P021 - +P040 - +P022 - +P041 - +P014 - +P042 - +P052 - +P053 - +P054 - +P055 - +P029 - +P043 - +P030 - +P044 - +P031 - +P045 - +P032 - +P046 - +P058 - +P059 - +P060 - +P061 - +P071 - +P072 - +P073 - +P074 - +P075 - +P076 - +P077 - +P078 - +P079 - +P080 - +P024 + +S001 + +S002 + +S003 + +S008 - +E101 + +E201 + +E115 + +E215 + +E118 + +E218 + +E107 + +E207 + +E111 + +E211 + +E112 + +E212 + +E109 + +E209 + +E121 + +E221 + +E103 + +E203 + +E123 + +E223 + +E124 + +E224 + +E128 + +E228 + +E119 - +E219 - +E120 - +E220 - +E122 - +E222 - +E125 - +E225 - +E126 - +E226 - +E106 - +E206 - +E127 - +E227 - +E001 + +E002 + +E003 + +E008 + +E007 + +E010 + +E011 + +E012 + +E009 - +E004 - +E005 - +E013 - +E014 - +E006 - +Y001 + +Y002 + +Y003 + +Y004 + +Y005 + +Y006 + +Y007 + +C012 + +C002 + +C013 + +C007 + +C008 + +C009 + +C010 + +C011 + +C014 + +C015 + +C101 + +C201 + +C102 + +C103 + +C203 + +L001 + +L003 + +L004 - +L005 - +U001 + +U004 + +U005 + +U006 + +U007 + +W001 + +W011 + +W004 - +W005 - +W010 - +W009 - +P017 + +W006 - +W008 - +M006 + +M011 - +M010 + +O003 - +O001 - +S012 - +S013 - +S014 - +K001 + +K002 + +K005 + +M003 + +M015 + +M016 + +M017 - +M018 + +M019 - +M020 + +M021 + +M022 + +M001 + +M004 + +M005 + +M024 + +M026 + +M027 + +M012 - +M013 - +M014 - +N001 -' +$sync.configs.ooshutup10_factory = '############################################################################ # This file was created with O&O ShutUp10++ V1.9.1436 # and can be imported onto another computer. # @@ -11887,6 +12174,233 @@ $sync.configs.ooshutup10_recommended = '######################################## # https://www.oo-software.com/ ############################################################################ +P001 - +P002 - +P003 - +P004 - +P005 - +P006 - +P008 - +P026 - +P027 - +P028 - +P064 - +P065 - +P066 - +P067 - +P070 - +P069 - +P009 - +P010 - +P015 - +P068 - +P016 - +A001 - +A002 - +A003 - +A004 - +A006 - +A005 - +P007 - +P036 - +P025 - +P033 - +P023 - +P056 - +P057 - +P012 - +P034 - +P013 - +P035 - +P062 - +P063 - +P081 - +P047 - +P019 - +P048 - +P049 - +P020 - +P037 - +P011 - +P038 - +P050 - +P051 - +P018 - +P039 - +P021 - +P040 - +P022 - +P041 - +P014 - +P042 - +P052 - +P053 - +P054 - +P055 - +P029 - +P043 - +P030 - +P044 - +P031 - +P045 - +P032 - +P046 - +P058 - +P059 - +P060 - +P061 - +P071 - +P072 - +P073 - +P074 - +P075 - +P076 - +P077 - +P078 - +P079 - +P080 - +P024 - +S001 - +S002 - +S003 - +S008 - +E101 - +E201 - +E115 - +E215 - +E118 - +E218 - +E107 - +E207 - +E111 - +E211 - +E112 - +E212 - +E109 - +E209 - +E121 - +E221 - +E103 - +E203 - +E123 - +E223 - +E124 - +E224 - +E128 - +E228 - +E119 - +E219 - +E120 - +E220 - +E122 - +E222 - +E125 - +E225 - +E126 - +E226 - +E106 - +E206 - +E127 - +E227 - +E001 - +E002 - +E003 - +E008 - +E007 - +E010 - +E011 + +E012 + +E009 - +E004 - +E005 - +E013 - +E014 - +E006 - +Y001 - +Y002 - +Y003 - +Y004 - +Y005 - +Y006 - +Y007 - +C012 - +C002 - +C013 - +C007 - +C008 - +C009 - +C010 - +C011 - +C014 - +C015 - +C101 - +C201 - +C102 - +L001 - +L003 - +L004 - +L005 - +U001 - +U004 - +U005 - +U006 - +U007 - +W001 - +W011 - +W004 - +W005 - +W010 - +W009 - +P017 - +W006 - +W008 - +M006 - +M011 - +M010 - +O003 - +O001 - +S012 - +S013 - +S014 - +K001 - +K002 - +K005 - +M003 - +M015 - +M016 - +M017 - +M018 - +M019 - +M020 - +M021 - +M022 - +M001 - +M004 - +M005 - +M024 - +M012 - +M013 - +M014 - +N001 -' +$sync.configs.ooshutup10_recommended = '############################################################################ +# This file was created with O&O ShutUp10++ V1.9.1438 +# and can be imported onto another computer. +# +# Download the application at https://www.oo-software.com/shutup10 +# You can then import the file from within the program. +# +# Alternatively you can import it automatically over a command line. +# Simply use the following parameter: +# OOSU10.exe +# +# Selecting the Option /quiet ends the app right after the import and the +# user does not get any feedback about the import. +# +# We are always happy to answer any questions you may have! +# ? 2015-2024 O&O Software GmbH, Berlin. All rights reserved. +# https://www.oo-software.com/ +############################################################################ + P001 + P002 + P003 + @@ -12049,6 +12563,8 @@ C015 + C101 + C201 + C102 + +C103 + +C203 + L001 + L003 + L004 - @@ -12078,9 +12594,9 @@ S014 - K001 + K002 + K005 + -M003 - +M003 + M015 + -M016 - +M016 + M017 - M018 + M019 - @@ -12091,6 +12607,8 @@ M001 + M004 + M005 + M024 + +M026 + +M027 + M012 - M013 - M014 - @@ -13895,7 +14413,6 @@ $inputXML = ' - @@ -13916,7 +14433,8 @@ $inputXML = '