Microsoft

Disable Windows Auto Update – Key Audit

Checks for the existance of the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU Key, and then checks for the value of NoAutoUpdate. You can report by using tag = $PatchDelay$ or $OOD$ (if it is missing or not set to 1).

Read More

Bing Start Menu Search (enable, Win10)

Turns on bing serches when typing into the search bar of the start menu. This is done using by modifying 2 registry values in ‘\SOFTWARE\Microsoft\Windows\CurrentVersion\Search’

Read More

Bing start Menu Search (disable, Win10)

Turns off bing serches when typing into the search bar of the start menu. This is done using by modifying 2 registry values in ‘\SOFTWARE\Microsoft\Windows\CurrentVersion\Search’

Read More

Bing prevention and removal

Prevents Bing extension being installed and uninstalls if present. This extention causes Chrome to default to Bing as the search engine and also integrates Bing searches into the taskbar.

Read More

Win 10 Version Audit to Custom Field

Script locates the Windows 10 Version number and writes to to custom field (W10 Version) as well as to Agent Procedure Log. You can report using tag "$Win10$" NOTE: Make sure you have created the custom field BEFORE importing script, or you will need to re-link it at line 6.

Read More

Windows 10 Update to latest Build

Script will check for at least 30GB of free space on the C drive. It will also check to make sure the Intel Rapid Restore version will is higher than 15.9. It will also check to make sure that Windows is Activated and will then create a Restore Point (if enabled on that machine), and…

Read More

System Restore Scripts

A folder of scripts that will enable and disable system restore. As well as a script to create a restore point.

Read More

Offline Cache Status

Learn the status of WMI offline cache. Check to see if it is enabled or disabled and where the cache is located. Uses Powershell command ‘gwmi win32_offlinefilescache’ to determine offline cache status. Results are displayed in the procedure log. Can report using tags: $WinOfflineCache$ $OCSEnabled$ $OCSDisabled$. See the following article for more information on this…

Read More

Audit – Microsoft Office Version

Uses registry to check for office version and if it’s a 32 or 64 bit installation. Reports to procedure log. Can use tags $O365$ and $Audit$ for reporting.

Read More

Processor Vuln Protection (CVE-2018-12207) Enable

Add registry key to enable protection from CVE-2018-12207 as recommended in this MS article.

Read More