Scripts/Handig.ps1
|
Start-Process cleanmgr -ArgumentList "/sagerun:1 /VeryLowDisk /AUTOCLEAN" Get-ChildItem $env:TEMP | Remove-Item -Recurse -Force -ea 0 Get-UserProfiles | Where-Object { $_.LastUseTime -lt (Get-Date).AddDays(-180) } | Remove-CimInstance New-InboxRule -FromAddressContainsWords support@henkie.nl -MoveToFolder someone@somewhere.com:\Inbox\Automail -Name "support@henkie.nl" # Pwsh7 Sandbox $ProgressPreference = 'SilentlyContinue' Invoke-WebRequest -Uri "https://github.com/PowerShell/PowerShell/releases/download/v7.5.0/PowerShell-7.5.0-win-x64.msi" -OutFile "C:\PowerShell.msi" $ProgressPreference = 'Continue' $install = Start-Process "msiexec.exe" -ArgumentList "/i C:\Powershell.msi /qn /l*v C:\Temp\PowershellMsi.log" -Wait -PassThru $install.ExitCode Remove-Item "C:\Powershell.msi" -Force # VSCode install $ProgressPreference = 'SilentlyContinue' Invoke-WebRequest -Uri "https://code.visualstudio.com/sha/download?build=stable&os=win32-x64-user" -OutFile "C:\VSCodeUserSetup.exe" $ProgressPreference = 'Continue' $install = Start-Process "C:\VSCodeUserSetup.exe" -ArgumentList "/verysilent /suppressmsgboxes" -Wait -PassThru $install.ExitCode Remove-Item "C:\VSCodeUserSetup.exe" -Force # Base 64 image $FilePath = ".\wiki-logo-wit.png" $Base64 = [Convert]::ToBase64String((Get-Content $FilePath -AsByteStream)) $Base64 $HTML = "<img src=`"data:image/png; base64, $($Base64)`" />" $HTML $HTML | clip $OutFilePath = "C:\Temp\test.png" $Image = [Drawing.Bitmap]::FromStream([IO.MemoryStream][Convert]::FromBase64String($Base)) $Image.Save($OutFilePath) [System.Environment]::SetEnvironmentVariable("DockerFolder", "$($env:Onedrive)\Docker", "Machine") # Installed (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*) + (Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*) | Where-Object { $_.DisplayName } | Select-Object DisplayName $progs = (Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\*) + (Get-ItemProperty HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\*) $progs # Remote wipe $namespaceName = "root\cimv2\mdm\dmmap" $className = "MDM_RemoteWipe" $methodName = "doWipeMethod" $session = New-CimSession $params = New-Object Microsoft.Management.Infrastructure.CimMethodParametersCollection $param = [Microsoft.Management.Infrastructure.CimMethodParameter]::Create("param", "", "String", "In") $params.Add($param) $instance = Get-CimInstance -Namespace $namespaceName -ClassName $className -Filter "ParentID='./Vendor/MSFT' and InstanceID='RemoteWipe'" if ($WeetJeHetAbsoluutZeker) { $session.InvokeMethod($namespaceName, $instance, $methodName, $params) } # Detect onbekende devices / missende drivers Get-PnpDevice | Where-Object Status -NotMatch "OK|Unknown" | Format-List # Powersettings powercfg /batteryreport # Defender Anti-virus Get-MpPreference Get-MpPreference | Select-Object -ExpandProperty exclusionpath Add-MpPreference -ExclusionPath 'C:\Temp\test' Remove-MpPreference -ExclusionPath 'C:\Temp\test' $TaskAction = New-ScheduledTaskAction -Execute "tsdiscon.exe" # New-ScheduledTaskPrincipal $TaskTrigger = New-ScheduledTaskTrigger -AtLogOn Register-ScheduledTask -TaskName "Lock at logon" -Action $TaskAction -Trigger $TaskTrigger # Logonevents function Get-LogonEvents { [CmdletBinding()] param ( ) $logonEvents = Get-WinEvent -LogName 'Security' -FilterXPath "*[System[EventID=4624 or EventID=4648]]" | Select-Object -First 50 $result = @() foreach ($logonEvent in $logonEvents) { $logonType = if ($logonEvent.Id -eq 4648) { "Explicit" } else { "Interactive" } $obj = [pscustomobject] @{ Time = $logonEvent.TimeCreated Message = $logonEvent.Message LogonType = $logonType } $result += $obj } return $result } |