diff --git a/README.md b/README.md new file mode 100644 index 0000000..c111139 --- /dev/null +++ b/README.md @@ -0,0 +1,3 @@ +```ps +irm https://git.justw.tf/Lightemerald/setup-script/raw/branch/main/setupScript.ps1 | iex +``` \ No newline at end of file diff --git a/autounattend thomson.xml b/autounattend thomson.xml new file mode 100644 index 0000000..684ed9a --- /dev/null +++ b/autounattend thomson.xml @@ -0,0 +1,735 @@ + + + + + + + + en-US + + 040c:0000040c + fr-FR + en-US + fr-FR + + + + + M7XTQ-FN8P6-TTKYV-9D4CC-J462D + + true + + + + + + + + + 1 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.Microsoft3DViewer" + + + 2 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Clipchamp.Clipchamp" + + + 3 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.WindowsAlarms" + + + 4 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.WindowsFeedbackHub" + + + 5 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.GetHelp" + + + 6 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.Getstarted" + + + 7 + cmd.exe /c ">>"%TEMP%\remove-caps.txt" echo Browser.InternetExplorer" + + + 8 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.WindowsMaps" + + + 9 + cmd.exe /c ">>"%TEMP%\remove-caps.txt" echo MathRecognizer" + + + 10 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.BingNews" + + + 11 + cmd.exe /c "del "C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk"" + + + 12 + cmd.exe /c "del "C:\Windows\System32\OneDriveSetup.exe"" + + + 13 + cmd.exe /c "del "C:\Windows\SysWOW64\OneDriveSetup.exe"" + + + 14 + reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT" + + + 15 + reg.exe delete "HKU\mount\Software\Microsoft\Windows\CurrentVersion\Run" /v OneDriveSetup /f + + + 16 + reg.exe unload "HKU\mount" + + + 17 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.Office.OneNote" + + + 18 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.MSPaint" + + + 19 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.People" + + + 20 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.PowerAutomateDesktop" + + + 21 + cmd.exe /c ">>"%TEMP%\remove-caps.txt" echo Microsoft.Windows.PowerShell.ISE" + + + 22 + cmd.exe /c ">>"%TEMP%\remove-caps.txt" echo App.Support.QuickAssist" + + + 23 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo MicrosoftCorporationII.QuickAssist" + + + 24 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.SkypeApp" + + + 25 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.ScreenSketch" + + + 26 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.MicrosoftSolitaireCollection" + + + 27 + cmd.exe /c ">>"%TEMP%\remove-caps.txt" echo App.StepsRecorder" + + + 28 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.MicrosoftStickyNotes" + + + 29 + reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Communications" /v ConfigureChatAutoInstall /t REG_DWORD /d 0 /f + + + 30 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.Todos" + + + 31 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.WindowsSoundRecorder" + + + 32 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.BingWeather" + + + 33 + cmd.exe /c ">>"%TEMP%\remove-caps.txt" echo Microsoft.Windows.WordPad" + + + 34 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.Xbox.TCUI" + + + 35 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.XboxApp" + + + 36 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.XboxGameOverlay" + + + 37 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.XboxGamingOverlay" + + + 38 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.XboxIdentityProvider" + + + 39 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.XboxSpeechToTextOverlay" + + + 40 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.GamingApp" + + + 41 + cmd.exe /c ">>"%TEMP%\remove-packages.txt" echo Microsoft.YourPhone" + + + 42 + powershell.exe -NoProfile -Command "Get-AppxProvisionedPackage -Online | where DisplayName -In (Get-Content $env:TEMP\remove-packages.txt ) | Remove-AppxProvisionedPackage -Online *>&1 >> $env:TEMP\remove-packages.log;" + + + 43 + powershell.exe -NoProfile -Command "Get-WindowsCapability -Online | where {($_.Name -split '~')[0] -in (Get-Content $env:TEMP\remove-caps.txt ) } | Remove-WindowsCapability -Online *>&1 >> $env:TEMP\remove-caps.log;" + + + 44 + cmd.exe /c ">>"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^<LayoutModificationTemplate Version="1" xmlns="http://schemas.microsoft.com/Start/2014/LayoutModification"^>" + + + 45 + cmd.exe /c ">>"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^<LayoutOptions StartTileGroupCellWidth="6" /^>" + + + 46 + cmd.exe /c ">>"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^<DefaultLayoutOverride^>" + + + 47 + cmd.exe /c ">>"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^<StartLayoutCollection^>" + + + 48 + cmd.exe /c ">>"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^<StartLayout GroupCellWidth="6" xmlns="http://schemas.microsoft.com/Start/2014/FullDefaultLayout" /^>" + + + 49 + cmd.exe /c ">>"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^</StartLayoutCollection^>" + + + 50 + cmd.exe /c ">>"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^</DefaultLayoutOverride^>" + + + 51 + cmd.exe /c ">>"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^</LayoutModificationTemplate^>" + + + 52 + reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Start" /v ConfigureStartPins /t REG_SZ /d "{ \"pinnedList\": [] }" /f + + + 53 + reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Start" /v ConfigureStartPins_ProviderSet /t REG_DWORD /d 1 /f + + + 54 + reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Start" /v ConfigureStartPins_WinningProvider /t REG_SZ /d B5292708-1619-419B-9923-E5D9F3925E71 /f + + + 55 + reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\providers\B5292708-1619-419B-9923-E5D9F3925E71\default\Device\Start" /v ConfigureStartPins /t REG_SZ /d "{ \"pinnedList\": [] }" /f + + + 56 + reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\providers\B5292708-1619-419B-9923-E5D9F3925E71\default\Device\Start" /v ConfigureStartPins_LastWrite /t REG_DWORD /d 1 /f + + + 57 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1"^>" + + + 58 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<name^>IPR2^</name^>" + + + 59 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<SSIDConfig^>" + + + 60 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<SSID^>" + + + 61 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<hex^>49505232^</hex^>" + + + 62 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<name^>IPR2^</name^>" + + + 63 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^</SSID^>" + + + 64 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^</SSIDConfig^>" + + + 65 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<connectionType^>ESS^</connectionType^>" + + + 66 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<connectionMode^>auto^</connectionMode^>" + + + 67 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<MSM^>" + + + 68 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<security^>" + + + 69 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<authEncryption^>" + + + 70 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<authentication^>WPA2PSK^</authentication^>" + + + 71 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<encryption^>AES^</encryption^>" + + + 72 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<useOneX^>false^</useOneX^>" + + + 73 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^</authEncryption^>" + + + 74 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<sharedKey^>" + + + 75 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<keyType^>passPhrase^</keyType^>" + + + 76 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<protected^>false^</protected^>" + + + 77 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^<keyMaterial^>#2020-kdjeug?^</keyMaterial^>" + + + 78 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^</sharedKey^>" + + + 79 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^</security^>" + + + 80 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^</MSM^>" + + + 81 + cmd.exe /c ">>"%TEMP%\wifi.xml" echo ^</WLANProfile^>" + + + 82 + netsh.exe wlan add profile filename="%TEMP%\wifi.xml" user=all + + + 83 + netsh.exe wlan connect name="IPR2" ssid="IPR2" + + + 84 + cmd.exe /c "del "%TEMP%\wifi.xml"" + + + 85 + reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\FileSystem" /v LongPathsEnabled /t REG_DWORD /d 1 /f + + + 86 + netsh.exe advfirewall firewall set rule group="Remote Desktop" new enable=Yes + + + 87 + reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f + + + 88 + icacls.exe C:\ /remove:g "*S-1-5-11" + + + 89 + powershell.exe -NoProfile -Command "Set-ExecutionPolicy -Scope 'LocalMachine' -ExecutionPolicy 'RemoteSigned' -Force;" + + + 90 + fsutil.exe behavior set disableLastAccess 1 + + + 91 + reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v AUOptions /t REG_DWORD /d 4 /f + + + 92 + reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoRebootWithLoggedOnUsers /t REG_DWORD /d 1 /f + + + 93 + reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT" + + + 94 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\Runonce" /v "UserFirstLogon" /t REG_SZ /d "C:\Windows\Setup\Scripts\UserFirstLogon.cmd" /f + + + 95 + reg.exe unload "HKU\mount" + + + 96 + reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT" + + + 97 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f + + + 98 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f + + + 99 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f + + + 100 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f + + + 101 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f + + + 102 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f + + + 103 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f + + + 104 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f + + + 105 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f + + + 106 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f + + + 107 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f + + + 108 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f + + + 109 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f + + + 110 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f + + + 111 + reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f + + + 112 + reg.exe unload "HKU\mount" + + + 113 + reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 0 /f + + + 114 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Set-StrictMode -Version 'Latest';" + + + 115 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $ErrorActionPreference = 'Stop';" + + + 116 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $guid= '{d26bff32-33a2-48a3-b037-10357ee48427}';" + + + 117 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $xml = "C:\Windows\System32\CodeIntegrity\CiPolicies\Active\${guid}.xml";" + + + 118 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $binary = "C:\Windows\System32\CodeIntegrity\CiPolicies\Active\${guid}.cip";" + + + 119 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Copy-Item -LiteralPath 'C:\Windows\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_Enforced.xml' -Destination $xml;" + + + 120 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 0;" + + + 121 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 6;" + + + 122 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 9;" + + + 123 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 16;" + + + 124 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 18;" + + + 125 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 5 -Delete;" + + + 126 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 10;" + + + 127 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo Merge-CIPolicy -PolicyPaths $xml -OutputFilePath $xml -Rules $(" + + + 128 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo @(" + + + 129 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule 'C:\Windows\*';" + + + 130 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule 'C:\Program Files\*';" + + + 131 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule 'C:\Program Files (x86)\*';" + + + 132 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\debug\WIA\*' -Deny;" + + + 133 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\PLA\Reports\*' -Deny;" + + + 134 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\PLA\Rules\*' -Deny;" + + + 135 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\PLA\Templates\*' -Deny;" + + + 136 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\Registration\CRMLog\*' -Deny;" + + + 137 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\Com\dmp\*' -Deny;" + + + 138 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\FxsTmp\*' -Deny;" + + + 139 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\LogFiles\WMI\*' -Deny;" + + + 140 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\Microsoft\Crypto\RSA\MachineKeys\*' -Deny;" + + + 141 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\spool\drivers\color\*' -Deny;" + + + 142 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\spool\PRINTERS\*' -Deny;" + + + 143 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\spool\SERVERS\*' -Deny;" + + + 144 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\Tasks_Migrated\*' -Deny;" + + + 145 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\Tasks\*' -Deny;" + + + 146 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\SysWOW64\Com\dmp\*' -Deny;" + + + 147 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\SysWOW64\FxsTmp\*' -Deny;" + + + 148 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\SysWOW64\Tasks\*' -Deny;" + + + 149 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\Tasks\*' -Deny;" + + + 150 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\Temp\*' -Deny;" + + + 151 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\tracing\*' -Deny;" + + + 152 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo ) ^| ForEach-Object -Process { $_; }" + + + 153 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo );" + + + 154 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $doc = [xml]::new();" + + + 155 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $doc.Load( $xml );" + + + 156 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $nsmgr = [System.Xml.XmlNamespaceManager]::new( $doc.NameTable );" + + + 157 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $nsmgr.AddNamespace( 'pol', 'urn:schemas-microsoft-com:sipolicy' );" + + + 158 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $doc.SelectSingleNode( '/pol:SiPolicy/pol:PolicyID', $nsmgr ).InnerText = $guid;" + + + 159 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $doc.SelectSingleNode( '/pol:SiPolicy/pol:BasePolicyID', $nsmgr ).InnerText = $guid;" + + + 160 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $node = $doc.SelectSingleNode( '//pol:SigningScenario[@Value=''12'']/pol:ProductSigners/pol:AllowedSigners', $nsmgr );" + + + 161 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $node.ParentNode.RemoveChild( $node );" + + + 162 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo $doc.Save( $xml );" + + + 163 + cmd.exe /c ">>"%TEMP%\wdac.ps1" echo ConvertFrom-CIPolicy -XmlFilePath $xml -BinaryFilePath $binary;" + + + 164 + powershell.exe -NoProfile -File "%TEMP%\wdac.ps1" + + + + + IPR-PC + Romance Standard Time + + + + + + + 040c:0000040c + fr-FR + en-US + fr-FR + + + + + + Admin + Administrators + + password + true</PlainText> + </Password> + </LocalAccount> + <LocalAccount wcm:action="add"> + <Name>Prof</Name> + <Group>Users</Group> + <Password> + <Value>password</Value> + <PlainText>true</PlainText> + </Password> + </LocalAccount> + <LocalAccount wcm:action="add"> + <Name>Eleve</Name> + <Group>Users</Group> + <Password> + <Value>password</Value> + <PlainText>true</PlainText> + </Password> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <OOBE> + <ProtectYourPC>3</ProtectYourPC> + <HideEULAPage>true</HideEULAPage> + </OOBE> + </component> + </settings> +</unattend> diff --git a/autounattend.xml b/autounattend.xml new file mode 100644 index 0000000..a94dc7f --- /dev/null +++ b/autounattend.xml @@ -0,0 +1,805 @@ +<?xml version="1.0" encoding="utf-8"?> +<unattend xmlns="urn:schemas-microsoft-com:unattend" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State"> + <!--https://schneegans.de/windows/unattend-generator/?LanguageMode=Unattended&UILanguage=en-US&UserLocale=fr-FR&KeyboardLayout=040c%3A0000040c&ProcessorArchitecture=amd64&ComputerName=IPR-PC&TimeZoneMode=Explicit&TimeZone=Romance+Standard+Time&PartitionMode=Unattended&PartitionLayout=GPT&RecoveryMode=Partition&WindowsEditionMode=Unattended&WindowsEdition=pro&UserAccountMode=Unattended&AdministratorAccountName=Admin&AdministratorAccountName=&AdministratorAccountName=&AdministratorAccountName=&AdministratorAccountName=&UserAccountName=Prof&UserAccountName=Eleve&UserAccountName=&UserAccountName=&UserAccountName=&UserAccountName=&LockoutMode=Default&EnableLongPaths=true&EnableRemoteDesktop=true&HardenSystemDriveAcl=true&AllowPowerShellScripts=true&DisableLastAccess=true&NoAutoRebootWithLoggedOnUsers=true&RunScriptOnFirstLogon=true&DisableAppSuggestions=true&WifiMode=Unattended&WifiName=IPR2&WifiAuthentication=WPA2PSK&WifiPassword=WIFIPASSWORD&ExpressSettings=DisableAll&Remove3DViewer=true&RemoveClipchamp=true&RemoveClock=true&RemoveFeedbackHub=true&RemoveGetHelp=true&RemoveGetStarted=true&RemoveInternetExplorer=true&RemoveMaps=true&RemoveMathInputPanel=true&RemoveNews=true&RemoveOneDrive=true&RemoveOneNote=true&RemovePaint3D=true&RemovePeople=true&RemovePowerAutomate=true&RemovePowerShellISE=true&RemoveQuickAssist=true&RemoveSkype=true&RemoveSnipAndSketch=true&RemoveSolitaire=true&RemoveStepsRecorder=true&RemoveStickyNotes=true&RemoveTeams=true&RemoveToDo=true&RemoveVoiceRecorder=true&RemoveWeather=true&RemoveWordPad=true&RemoveXboxApps=true&RemoveYourPhone=true&WdacMode=Configure&WdacAuditMode=AuditingOnBootFailure&WdacScriptMode=Unrestricted--> + <settings pass="offlineServicing"></settings> + <settings pass="windowsPE"> + <component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <SetupUILanguage> + <UILanguage>en-US</UILanguage> + </SetupUILanguage> + <InputLocale>040c:0000040c</InputLocale> + <SystemLocale>fr-FR</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>fr-FR</UserLocale> + </component> + <component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <ImageInstall> + <OSImage> + <InstallTo> + <DiskID>0</DiskID> + <PartitionID>3</PartitionID> + </InstallTo> + </OSImage> + </ImageInstall> + <UserData> + <ProductKey> + <Key>M7XTQ-FN8P6-TTKYV-9D4CC-J462D</Key> + </ProductKey> + <AcceptEula>true</AcceptEula> + </UserData> + <RunSynchronous> + <RunSynchronousCommand wcm:action="add"> + <Order>1</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo SELECT DISK=0"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>2</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo CLEAN"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>3</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo CONVERT GPT"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>4</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo CREATE PARTITION EFI SIZE=100"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>5</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo FORMAT QUICK FS=FAT32 LABEL="System""</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>6</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo CREATE PARTITION MSR SIZE=16"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>7</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo CREATE PARTITION PRIMARY"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>8</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo SHRINK MINIMUM=1000"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>9</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo FORMAT QUICK FS=NTFS LABEL="Windows""</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>10</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo CREATE PARTITION PRIMARY"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>11</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo FORMAT QUICK FS=NTFS LABEL="Recovery""</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>12</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo SET ID="de94bba4-06d1-4d40-a16a-bfd50179d6ac""</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>13</Order> + <Path>cmd.exe /c "&gt;&gt;"X:\diskpart.txt" echo GPT ATTRIBUTES=0x8000000000000001"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>14</Order> + <Path>cmd.exe /c diskpart /s X:\diskpart.txt &gt;&gt; X:\diskpart.log</Path> + </RunSynchronousCommand> + </RunSynchronous> + </component> + </settings> + <settings pass="generalize"></settings> + <settings pass="specialize"> + <component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <RunSynchronous> + <RunSynchronousCommand wcm:action="add"> + <Order>1</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.Microsoft3DViewer"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>2</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Clipchamp.Clipchamp"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>3</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.WindowsAlarms"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>4</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.WindowsFeedbackHub"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>5</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.GetHelp"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>6</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.Getstarted"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>7</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-caps.txt" echo Browser.InternetExplorer"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>8</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.WindowsMaps"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>9</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-caps.txt" echo MathRecognizer"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>10</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.BingNews"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>11</Order> + <Path>cmd.exe /c "del "C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk""</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>12</Order> + <Path>cmd.exe /c "del "C:\Windows\System32\OneDriveSetup.exe""</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>13</Order> + <Path>cmd.exe /c "del "C:\Windows\SysWOW64\OneDriveSetup.exe""</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>14</Order> + <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>15</Order> + <Path>reg.exe delete "HKU\mount\Software\Microsoft\Windows\CurrentVersion\Run" /v OneDriveSetup /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>16</Order> + <Path>reg.exe unload "HKU\mount"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>17</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.Office.OneNote"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>18</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.MSPaint"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>19</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.People"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>20</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.PowerAutomateDesktop"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>21</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-caps.txt" echo Microsoft.Windows.PowerShell.ISE"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>22</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-caps.txt" echo App.Support.QuickAssist"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>23</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo MicrosoftCorporationII.QuickAssist"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>24</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.SkypeApp"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>25</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.ScreenSketch"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>26</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.MicrosoftSolitaireCollection"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>27</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-caps.txt" echo App.StepsRecorder"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>28</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.MicrosoftStickyNotes"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>29</Order> + <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Communications" /v ConfigureChatAutoInstall /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>30</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.Todos"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>31</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.WindowsSoundRecorder"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>32</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.BingWeather"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>33</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-caps.txt" echo Microsoft.Windows.WordPad"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>34</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.Xbox.TCUI"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>35</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.XboxApp"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>36</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.XboxGameOverlay"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>37</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.XboxGamingOverlay"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>38</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.XboxIdentityProvider"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>39</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.XboxSpeechToTextOverlay"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>40</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.GamingApp"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>41</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\remove-packages.txt" echo Microsoft.YourPhone"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>42</Order> + <Path>powershell.exe -NoProfile -Command "Get-AppxProvisionedPackage -Online | where DisplayName -In (Get-Content $env:TEMP\remove-packages.txt ) | Remove-AppxProvisionedPackage -Online *&gt;&amp;1 &gt;&gt; $env:TEMP\remove-packages.log;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>43</Order> + <Path>powershell.exe -NoProfile -Command "Get-WindowsCapability -Online | where {($_.Name -split '~')[0] -in (Get-Content $env:TEMP\remove-caps.txt ) } | Remove-WindowsCapability -Online *&gt;&amp;1 &gt;&gt; $env:TEMP\remove-caps.log;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>44</Order> + <Path>cmd.exe /c "&gt;&gt;"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^&lt;LayoutModificationTemplate Version="1" xmlns="http://schemas.microsoft.com/Start/2014/LayoutModification"^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>45</Order> + <Path>cmd.exe /c "&gt;&gt;"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^&lt;LayoutOptions StartTileGroupCellWidth="6" /^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>46</Order> + <Path>cmd.exe /c "&gt;&gt;"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^&lt;DefaultLayoutOverride^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>47</Order> + <Path>cmd.exe /c "&gt;&gt;"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^&lt;StartLayoutCollection^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>48</Order> + <Path>cmd.exe /c "&gt;&gt;"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^&lt;StartLayout GroupCellWidth="6" xmlns="http://schemas.microsoft.com/Start/2014/FullDefaultLayout" /^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>49</Order> + <Path>cmd.exe /c "&gt;&gt;"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^&lt;/StartLayoutCollection^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>50</Order> + <Path>cmd.exe /c "&gt;&gt;"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^&lt;/DefaultLayoutOverride^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>51</Order> + <Path>cmd.exe /c "&gt;&gt;"C:\Users\Default\AppData\Local\Microsoft\Windows\Shell\LayoutModification.xml" echo ^&lt;/LayoutModificationTemplate^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>52</Order> + <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Start" /v ConfigureStartPins /t REG_SZ /d "{ \"pinnedList\": [] }" /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>53</Order> + <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Start" /v ConfigureStartPins_ProviderSet /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>54</Order> + <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Start" /v ConfigureStartPins_WinningProvider /t REG_SZ /d B5292708-1619-419B-9923-E5D9F3925E71 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>55</Order> + <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\providers\B5292708-1619-419B-9923-E5D9F3925E71\default\Device\Start" /v ConfigureStartPins /t REG_SZ /d "{ \"pinnedList\": [] }" /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>56</Order> + <Path>reg.exe add "HKLM\SOFTWARE\Microsoft\PolicyManager\providers\B5292708-1619-419B-9923-E5D9F3925E71\default\Device\Start" /v ConfigureStartPins_LastWrite /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>57</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;WLANProfile xmlns="http://www.microsoft.com/networking/WLAN/profile/v1"^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>58</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;name^&gt;IPR2^&lt;/name^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>59</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;SSIDConfig^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>60</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;SSID^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>61</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;hex^&gt;49505232^&lt;/hex^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>62</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;name^&gt;IPR2^&lt;/name^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>63</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;/SSID^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>64</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;/SSIDConfig^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>65</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;connectionType^&gt;ESS^&lt;/connectionType^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>66</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;connectionMode^&gt;auto^&lt;/connectionMode^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>67</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;MSM^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>68</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;security^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>69</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;authEncryption^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>70</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;authentication^&gt;WPA2PSK^&lt;/authentication^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>71</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;encryption^&gt;AES^&lt;/encryption^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>72</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;useOneX^&gt;false^&lt;/useOneX^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>73</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;/authEncryption^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>74</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;sharedKey^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>75</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;keyType^&gt;passPhrase^&lt;/keyType^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>76</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;protected^&gt;false^&lt;/protected^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>77</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;keyMaterial^&gt;#2020-kdjeug?^&lt;/keyMaterial^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>78</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;/sharedKey^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>79</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;/security^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>80</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;/MSM^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>81</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wifi.xml" echo ^&lt;/WLANProfile^&gt;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>82</Order> + <Path>netsh.exe wlan add profile filename="%TEMP%\wifi.xml" user=all</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>83</Order> + <Path>netsh.exe wlan connect name="IPR2" ssid="IPR2"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>84</Order> + <Path>cmd.exe /c "del "%TEMP%\wifi.xml""</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>85</Order> + <Path>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\FileSystem" /v LongPathsEnabled /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>86</Order> + <Path>netsh.exe advfirewall firewall set rule group="Remote Desktop" new enable=Yes</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>87</Order> + <Path>reg.exe add "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>88</Order> + <Path>icacls.exe C:\ /remove:g "*S-1-5-11"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>89</Order> + <Path>powershell.exe -NoProfile -Command "Set-ExecutionPolicy -Scope 'LocalMachine' -ExecutionPolicy 'RemoteSigned' -Force;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>90</Order> + <Path>fsutil.exe behavior set disableLastAccess 1</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>91</Order> + <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v AUOptions /t REG_DWORD /d 4 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>92</Order> + <Path>reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoRebootWithLoggedOnUsers /t REG_DWORD /d 1 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>93</Order> + <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>94</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\Runonce" /v "UserFirstLogon" /t REG_SZ /d "C:\Windows\Setup\Scripts\UserFirstLogon.cmd" /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>95</Order> + <Path>reg.exe unload "HKU\mount"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>96</Order> + <Path>reg.exe load "HKU\mount" "C:\Users\Default\NTUSER.DAT"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>97</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>98</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "FeatureManagementEnabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>99</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OEMPreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>100</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>101</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>102</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>103</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>104</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>105</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>106</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338387Enabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>107</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>108</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>109</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>110</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>111</Order> + <Path>reg.exe add "HKU\mount\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>112</Order> + <Path>reg.exe unload "HKU\mount"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>113</Order> + <Path>reg.exe add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d 0 /f</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>114</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Set-StrictMode -Version 'Latest';"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>115</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $ErrorActionPreference = 'Stop';"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>116</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $guid= '{d26bff32-33a2-48a3-b037-10357ee48427}';"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>117</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $xml = "C:\Windows\System32\CodeIntegrity\CiPolicies\Active\${guid}.xml";"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>118</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $binary = "C:\Windows\System32\CodeIntegrity\CiPolicies\Active\${guid}.cip";"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>119</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Copy-Item -LiteralPath 'C:\Windows\schemas\CodeIntegrity\ExamplePolicies\DefaultWindows_Enforced.xml' -Destination $xml;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>120</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 0;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>121</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 6;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>122</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 9;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>123</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 16;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>124</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 18;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>125</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 5 -Delete;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>126</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 11;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>127</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Set-RuleOption -FilePath $xml -Option 10;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>128</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo Merge-CIPolicy -PolicyPaths $xml -OutputFilePath $xml -Rules $("</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>129</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo @("</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>130</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule 'C:\Windows\*';"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>131</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule 'C:\Program Files\*';"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>132</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule 'C:\Program Files (x86)\*';"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>133</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\debug\WIA\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>134</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\PLA\Reports\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>135</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\PLA\Rules\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>136</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\PLA\Templates\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>137</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\Registration\CRMLog\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>138</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\Com\dmp\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>139</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\FxsTmp\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>140</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\LogFiles\WMI\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>141</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\Microsoft\Crypto\RSA\MachineKeys\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>142</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\spool\drivers\color\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>143</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\spool\PRINTERS\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>144</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\spool\SERVERS\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>145</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\Tasks_Migrated\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>146</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\System32\Tasks\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>147</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\SysWOW64\Com\dmp\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>148</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\SysWOW64\FxsTmp\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>149</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\SysWOW64\Tasks\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>150</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\Tasks\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>151</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\Temp\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>152</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo New-CIPolicyRule -FilePathRule '%WINDIR%\tracing\*' -Deny;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>153</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo ) ^| ForEach-Object -Process { $_; }"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>154</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo );"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>155</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $doc = [xml]::new();"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>156</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $doc.Load( $xml );"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>157</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $nsmgr = [System.Xml.XmlNamespaceManager]::new( $doc.NameTable );"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>158</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $nsmgr.AddNamespace( 'pol', 'urn:schemas-microsoft-com:sipolicy' );"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>159</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $doc.SelectSingleNode( '/pol:SiPolicy/pol:PolicyID', $nsmgr ).InnerText = $guid;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>160</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $doc.SelectSingleNode( '/pol:SiPolicy/pol:BasePolicyID', $nsmgr ).InnerText = $guid;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>161</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $node = $doc.SelectSingleNode( '//pol:SigningScenario[@Value=''12'']/pol:ProductSigners/pol:AllowedSigners', $nsmgr );"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>162</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $node.ParentNode.RemoveChild( $node );"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>163</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo $doc.Save( $xml );"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>164</Order> + <Path>cmd.exe /c "&gt;&gt;"%TEMP%\wdac.ps1" echo ConvertFrom-CIPolicy -XmlFilePath $xml -BinaryFilePath $binary;"</Path> + </RunSynchronousCommand> + <RunSynchronousCommand wcm:action="add"> + <Order>165</Order> + <Path>powershell.exe -NoProfile -File "%TEMP%\wdac.ps1"</Path> + </RunSynchronousCommand> + </RunSynchronous> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <ComputerName>IPR-PC</ComputerName> + <TimeZone>Romance Standard Time</TimeZone> + </component> + </settings> + <settings pass="auditSystem"></settings> + <settings pass="auditUser"></settings> + <settings pass="oobeSystem"> + <component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <InputLocale>040c:0000040c</InputLocale> + <SystemLocale>fr-FR</SystemLocale> + <UILanguage>en-US</UILanguage> + <UserLocale>fr-FR</UserLocale> + </component> + <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS"> + <UserAccounts> + <LocalAccounts> + <LocalAccount wcm:action="add"> + <Name>Admin</Name> + <Group>Administrators</Group> + <Password> + <Value>Lprsnm4ehk26-</Value> + <PlainText>true</PlainText> + </Password> + </LocalAccount> + <LocalAccount wcm:action="add"> + <Name>Prof</Name> + <Group>Users</Group> + <Password> + <Value>IPRprof2398</Value> + <PlainText>true</PlainText> + </Password> + </LocalAccount> + <LocalAccount wcm:action="add"> + <Name>Eleve</Name> + <Group>Users</Group> + <Password> + <Value>eleve</Value> + <PlainText>true</PlainText> + </Password> + </LocalAccount> + </LocalAccounts> + </UserAccounts> + <OOBE> + <ProtectYourPC>3</ProtectYourPC> + <HideEULAPage>true</HideEULAPage> + </OOBE> + </component> + </settings> +</unattend>