#Import-Module Applocker#Requires -RunAsAdministratorclearWrite-Host "

1. #Import-Module Applocker
2. #Requires -RunAsAdministrator
3. clear
4.  
5.  
6. Write-Host "Hello World"
7.  
8. # Debut question 1
9. $Policy = Get-ExecutionPolicy
10.  
11. If ((Get-ExecutionPolicy) -ne "Unrestricted") {  
12.  
13.     Write-Host -NoNewline "Setting ExecutionPolicy to Unrestricted... "
14.     Set-ExecutionPolicy "Unrestricted" -Force  
15.     Write-Host "Done"
16. }
17. # Fin question 1
18.  
19. # Debut question 2
20. Write-Host "Host Machine Information: "
21. Get-CimInstance Win32_OperatingSystem | Select-Object  Caption, InstallDate, ServicePackMajorVersion, OSArchitecture, BootDevice,  BuildNumber, CSName | FL
22. # Fin question 2
23.  
24. # Debut question 4
25. Write-Host "Checking directories in PATH environment variable... "
26. Get-Item -Path Env:Path
27. # Fin question 4
28.  
29. # Debut question 5
30. Function Get-RegistryKeyPropertiesAndValues {
31.  Param(
32.   [Parameter(Mandatory=$true)]
33.   [string]$path
34.   )
35.  
36.  Push-Location
37.  Set-Location -Path $path
38.  Get-Item . |
39.  Select-Object -ExpandProperty property |
40.  ForEach-Object {
41.  New-Object psobject -Property @{"property"=$_;
42.     "Value" = (Get-ItemProperty -Path . -Name $_).$_}}
43.  Pop-Location
44. } #end function Get-RegistryKeyPropertiesAndValues
45.  
46. Get-RegistryKeyPropertiesAndValues -path 'HKCU:\Software\Microsoft\Windows\CurrentVersion\Run'
47.  
48. $WinlogonACLs = Get-Acl 'HKCU:\Software\Microsoft\Windows NT\CurrentVersion\Winlogon'
49. $LSAACLs = Get-Acl 'HKLM:\SYSTEM\CurrentControlSet\Control\Lsa'
50. $SecurePipeServerACLs = Get-Acl 'HKLM:\SYSTEM\CurrentControlSet\Control\SecurePipeServers'
51. $KnownDLLsACLs = Get-Acl 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs'
52. # Fin question 5
53.  
54. # Debut question 6
55. $Antiviruses =  Get-CimInstance -Namespace root/SecurityCenter2 -ClassName AntivirusProduct
56. $Antiviruses.displayName
57.  
58. $ThreatsNumber = get-alias | measure
59. $ThreatsNumber.Count
60.  
61. $WindowsDefenderStatus = Get-MpComputerStatus
62. # Fin question 6
63.  
64. # Debut question 8
65. # Get-AppLockerPolicy
66. # Fin question 8
67.  
68. # Debut question 9
69. Get-SmbShare
70. # Debut question 9
71.  
72. gwmi Win32_UserAccount | foreach-object {
73.  $username = $_.Caption
74.  $username
75.  $chkCmd = "accesschk """ + $username + """ -a * -q"
76.  iex $chkCmd
77.  ""
78. }
79.  
80. Write-Host -NoNewline "Setting ExecutionPolicy back to" $Policy "... "
81. Set-ExecutionPolicy $Policy -Force  
82. Write-Host "Done"
83.  
84. Measure-Command {
85.     $eventLog = Get-EventLog "windows powershell"
86.     $eventLog.TotalSeconds
87. }
88.  
89. Exit