From b221e5db4daf02ea5f34145aadbf2311e353961d Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 20 Mar 2018 23:39:33 +0100 Subject: [PATCH] Commit this day work --- cleanW10.ps1 | 250 +++++++++++++----- modules.d/DisableFeatures/features.txt | 4 + modules.d/DisableGeolocation.conf | 28 ++ modules.d/DisableServices/features.txt | 4 + modules.d/DisableServices/services.txt | 17 ++ modules.d/DisableSmartScreen.conf | 22 ++ modules.d/UninstallOnedrive.conf | 83 ++++++ modules.d/{ => disable}/BlockHosts.conf | 0 modules.d/{ => disable}/BlockIP.conf | 0 modules.d/{ => disable}/DelModernApp.conf | 0 .../{ => disable}/DisableAdvertising.conf | 0 modules.d/disable/DisableFeatures.conf | 11 + modules.d/disable/DisableServices.conf | 11 + 13 files changed, 370 insertions(+), 60 deletions(-) create mode 100644 modules.d/DisableFeatures/features.txt create mode 100644 modules.d/DisableGeolocation.conf create mode 100644 modules.d/DisableServices/features.txt create mode 100644 modules.d/DisableServices/services.txt create mode 100644 modules.d/DisableSmartScreen.conf create mode 100644 modules.d/UninstallOnedrive.conf rename modules.d/{ => disable}/BlockHosts.conf (100%) rename modules.d/{ => disable}/BlockIP.conf (100%) rename modules.d/{ => disable}/DelModernApp.conf (100%) rename modules.d/{ => disable}/DisableAdvertising.conf (100%) create mode 100644 modules.d/disable/DisableFeatures.conf create mode 100644 modules.d/disable/DisableServices.conf diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 77643d4..7a4ee97 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -76,7 +76,7 @@ function FwBlockOutputIP { } } -function remove_shitty_tasks () { +function DisablesheduledTask () { param($taskList) Foreach ($task in $taskList){ Write-Host -NoNewline "`t$task : " @@ -98,14 +98,9 @@ function remove_shitty_tasks () { } } -# Modify a reg value -# Params : -# path : the complete path to reg key -# key : key name -# value : The value to write function AddRegKey { param( - [Parameter(Mandatory=$false)] + [Parameter(Mandatory=$true)] [object]$params ) Write-Host -NoNewline "`t$($params.key) reg key to $($params.value) : " @@ -114,7 +109,7 @@ function AddRegKey { } if ( -not $params.type ){ $params.type="DWORD" } if ( -not (Test-Path $params.path) ){ - Write-Host -NoNewline "- creating path -" + Write-Host -NoNewline "- creating path - " New-Item -Path $params.path -Force | Out-Null } try { @@ -132,59 +127,77 @@ function AddRegKey { Write-host -ForegroundColor Green "done" } -# Delete a reg key -# Params : -# path : the complete path to reg key -# key : key name -function delete_shitty_reg_key { - param([string]$path, [string]$key) - Write-Host -NoNewline "`tDelete key $key reg : " - if (!(Test-Path $path)){ - Write-Host -ForegroundColor Red -NoNewline "path not found" +function DelRegKey { + param( + [Parameter(Mandatory=$true)] + [object]$params + ) + Write-Host -NoNewline "`tDelete registery key $($params.key) : " + if ( ! (Test-Path $params.path) ){ + Write-Host -ForegroundColor Red " Error path not found" return } - try { Remove-ItemProperty -Path $path -Name $key } catch [System.Security.SecurityException]{ - Write-Host -ForegroundColor Red "access denied" + Write-Host -ForegroundColor Red "Error in DelRegKey`n`t" + Write-Host -ForegounndColor DarkRed "Access to $($params.path)\$($params.key) denied" return } catch { - Write-Host -ForegroundColor Red "error" - Write-Host "`t$Error[0]" + Write-Host -ForegroundColor Red -NoNewLine "Error in DelRegKey`n`t" + Write-Host -ForegounndColor DarkRed $Error[0].Exception.Message return } Write-host -ForegroundColor Green "done" } -# Function to remove shitty prog from shitty win -# Params : -# $name : Feature name -function disable_shitty_feature { - param ($name) - Write-Host -NoNewline "`t$name : " - $requestInstall = dism /online /Get-FeatureInfo /FeatureName:$name /English - $isInstalled = $requestInstall | Select-String "state" - If ($isInstalled -match "Enable") { +function DisableFeature { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params, + + [Parameter( + ValueFromPipeline=$True, + ParameterSetName="feature", + Position = 0 + )] + [Object]$feature + ) + if ( $params.file ) { + Get-Content $params.file | foreach { + DisableFeature -feature $(dism /online /Get-FeatureInfo /FeatureName:$_ /English) + } + } + elseif ( $params.name ) { + $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English) | DisableFeature + } + elseif ( $feature ) { try { + $name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]} + Write-Host -NoNewline "`tDisable Feature $name : " + if ( $($feature | Select-String "state") -match "Disable" ){ + Write-Host -ForegroundColor Yellow "already disable" + return + } Dism /online /Disable-Feature /FeatureName:$name /NoRestart | Out-Null + Write-Host -ForegroundColor Green "done" } catch { Write-Host -ForegroundColor Red "error" Return - } - Write-Host -ForegroundColor Green "done" - } - else { - Write-Host -ForegroundColor Yellow "already disable" + } } } -# remove unwanted "Modern App" -# Params -# function UninstallModernApp { param( [cmdletbinding( @@ -270,29 +283,63 @@ function UninstallModernProvisonnedApp { } } -function disable_shitty_service { - param([string]$name) - Write-Host -NoNewline "`t$name : " - $serv = Get-Service -name $name - if ( !$serv) { - Write-Host -ForegroundColor Red "not found" - return +function DisableService { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params, + + [Parameter( + ValueFromPipeline=$True, + ParameterSetName="service" + )] + [Object]$service + ) + if ( $params.file ) { + Get-Service | Where-Object { $_.name -in $( Get-Content $params.file ) } | Foreach { + $_ | DisableService + } } - if ( $serv.StartType -eq "Disable") { - Write-Host -ForegroundColor Yellow "already disabled" + elseif ( $params.name ) { + DisableService-service $(Get-Service -name $params.name) } - else { - Stop-Service -InputObject $serv -PassThru | Set-Service -StartupType disabled - Write-Host -ForegroundColor Green "done " + elseif ( $service ) { + try { + Write-Host -NoNewline "`tDisable service $($service.name) : " + if ( $service.StartType -eq "Disable") { + Write-Host -ForegroundColor Yellow "already disabled" + return + } + Stop-Service -InputObject $service -PassThru | Set-Service -StartupType disabled + Write-Host -ForegroundColor Green "done " + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`tError in DisableService`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } } } -# Kill a process -# Param : -# $process : name of process to kill (String) -function kill_shitty_process { - param([string]$process) - Write-Host -NoNewLine "`tKilling $process : " +function KillProcess { + param( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + Write-Host -NoNewLine "`tKilling $($params.name) : " try { $p = Get-Process $process Stop-Process $p | Out-Null @@ -303,8 +350,91 @@ function kill_shitty_process { } } -Write-Output "`nI's time to kick ass and chew bubble gum" -Write-Output "________________________________________`n" +function DelFile { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + $path = Invoke-Expression """$($params.path)""" + Write-Host -NoNewline "`tDelete $path : " + if ( -not (Test-Path $path) ){ + Write-Host -ForegroundColor Yellow "not found" + return + } + $command = "Remove-Item $command -ErrorAction SilentlyContinue -Force -Path `"$path`"" + if ( $params.recurse -eq $true ) { + $command += "-Recurse" + } + try { + Invoke-Expression $command + Write-Host -ForegroundColor Green "done" + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`Error in DelFile`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + } +} + +function ExecCommand { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + Write-Host -NoNewline "`tExecute : $($params.path) : " + if ( -not (Test-Path $params.path) ) { + Write-Host -ForegroundColor Yellow "File not found" + return + } + try { + Start-Process $params.path -ArgumentList $params.arguments + Write-Host -ForegroundColor Green "done" + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`Error in DelFile`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + } + +} + +Write-Output "`nIt's time to kick ass and chew bubble gum" +Write-Output "_________________________________________`n" + +try { + Write-Host -NoNewline "Mount Default user registery hive : " + reg load "hku\Default" "C:\Users\Default\NTUSER.DAT" | Out-Null + New-PSDrive -PSProvider Registry -Root HKEY_USERS -Name HKU | Out-Null + Write-Host -ForegroundColor Green "done" +} +catch { + Write-Host -NoNewline -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + exit 1 +} + +try { + Write-Host -NoNewline "Mount HK_CLASSES_ROOT registery hive : " + New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR | Out-Null + Write-Host -ForegroundColor Green "done" +} +catch { + Write-Host -NoNewline -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + exit 1 +} Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach { $module = "" @@ -315,7 +445,7 @@ Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach { $module.actions | Foreach { $action_file = "" $current_action = $_ - # If action content a file element, nedd to test if file exist + # If action content a file element, need to test if file exist if ( $_.file) { $action_file = $module_dir + $_.file if ( -not (Test-Path $action_file) ) { @@ -325,6 +455,6 @@ Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach { $_.file = $action_file } # Invoke function - Invoke-Expression "$($_.action) -params `$_" + Invoke-Expression "$($_.action) `$_" } } diff --git a/modules.d/DisableFeatures/features.txt b/modules.d/DisableFeatures/features.txt new file mode 100644 index 0000000..f50f2f1 --- /dev/null +++ b/modules.d/DisableFeatures/features.txt @@ -0,0 +1,4 @@ +Internet-Explorer-Optional-amd64 +FaxServicesClientPackage +WindowsMediaPlayer +MediaPlayback \ No newline at end of file diff --git a/modules.d/DisableGeolocation.conf b/modules.d/DisableGeolocation.conf new file mode 100644 index 0000000..eff221a --- /dev/null +++ b/modules.d/DisableGeolocation.conf @@ -0,0 +1,28 @@ +{ + "name" : "Disable Geolocation", + "description" : "Disable GeoLocation", + "actions" : [ + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableLocation", + "value" : "1", + "type" : "" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableLocationScripting", + "value" : "1", + "type" : "" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableWindowsLocationProvider", + "value" : "1", + "type" : "" + } + ] + +} \ No newline at end of file diff --git a/modules.d/DisableServices/features.txt b/modules.d/DisableServices/features.txt new file mode 100644 index 0000000..f50f2f1 --- /dev/null +++ b/modules.d/DisableServices/features.txt @@ -0,0 +1,4 @@ +Internet-Explorer-Optional-amd64 +FaxServicesClientPackage +WindowsMediaPlayer +MediaPlayback \ No newline at end of file diff --git a/modules.d/DisableServices/services.txt b/modules.d/DisableServices/services.txt new file mode 100644 index 0000000..c864704 --- /dev/null +++ b/modules.d/DisableServices/services.txt @@ -0,0 +1,17 @@ +diagnosticshub.standardcollector.service +DiagTrack +dmwappushservice +HomeGroupListener +HomeGroupProvider +lfsvc +MapsBroker +NetTcpPortSharing +RemoteAccess +RemoteRegistry +SharedAccess +TrkWks +WbioSrvc +WMPNetworkSvc +XblAuthManager +XblGameSave +XboxNetApiSvc diff --git a/modules.d/DisableSmartScreen.conf b/modules.d/DisableSmartScreen.conf new file mode 100644 index 0000000..66cfeb2 --- /dev/null +++ b/modules.d/DisableSmartScreen.conf @@ -0,0 +1,22 @@ +{ + "name" : "Disable Smartscreen", + "description" : "Disable Smartscreen protection for Edge / IE", + "actions" : [ + { + "action" : "AddRegKey", + "path" : "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AppHost", + "key" : "EnableWebContentEvaluation", + "value" : "0", + "type" : "" + }, + { + "_comment" : "EXPERIMENTAL Disable Smartscreen for new created Users", + "action" : "AddRegKey", + "path" : "HKU:\\Default\\Microsoft\\Windows\\CurrentVersion\\AppHost", + "key" : "EnableWebContentEvaluation", + "value" : "0", + "type" : "" + } + ] + +} \ No newline at end of file diff --git a/modules.d/UninstallOnedrive.conf b/modules.d/UninstallOnedrive.conf new file mode 100644 index 0000000..728e879 --- /dev/null +++ b/modules.d/UninstallOnedrive.conf @@ -0,0 +1,83 @@ +{ + "name" : "Uninstall One Drive", + "description" : "This module Uninstall Onedrive", + "actions" : [ + { + "action" : "KillProcess", + "name" : "onedrive" + }, + { + "action" : "KillProcess", + "name" : "git" + }, + { + "_comment" : "OneDrive Uninstaller x64 version", + "action" : "ExecCommand", + "path" : "$env:systemroot\\SysWOW64\\OneDriveSetup.exe", + "arguments" : "/uninstall" + }, + { + "_comment" : "OneDrive Uninstaller x86 version", + "action" : "ExecCommand", + "path" : "$env:systemroot\\System32\\OneDriveSetup.exe", + "arguments" : "/uninstall" + }, + { + "action" : "DelFile", + "path" : "$env:localappdata\\Microsoft\\OneDrive", + "recurse" : "True" + }, + { + "action" : "DelFile", + "path" : "$env:programdata\\Microsoft OneDrive", + "recurse" : "True" + }, + { + "action" : "DelFile", + "path" : "$env:systemdrive\\OneDriveTemp", + "recurse" : "True" + }, + { + "action" : "AddRegKey", + "value" : "1", + "key" : "DisableFileSyncNGSC", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive", + "type" : "" + }, + { + "action" : "AddRegKey", + "value" : "1", + "key" : "DisableFileSync", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive", + "type" : "" + }, + { + "action" : "AddRegKey", + "value" : "0300000021B9DEB396D7D001", + "key" : "OneDrive", + "path" : "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run", + "type" : "Binary" + }, + { + "action" : "AddRegKey", + "value" : "0", + "key" : "System.IsPinnedToNameSpaceTree", + "path" : "HKCR:\\Wow6432Node\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}", + "type" : "" + }, + { + "action" : "AddRegKey", + "value" : "0", + "key" : "System.IsPinnedToNameSpaceTree", + "path" : "HKCR:\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}", + "type" : "" + }, + { + "_comment" : "Prevent Onedrive installation for new created user", + "action" : "DelRegKey", + "key" : "OneDriveSetup", + "path" : "HKU:\\Default\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" + } + + ] +} diff --git a/modules.d/BlockHosts.conf b/modules.d/disable/BlockHosts.conf similarity index 100% rename from modules.d/BlockHosts.conf rename to modules.d/disable/BlockHosts.conf diff --git a/modules.d/BlockIP.conf b/modules.d/disable/BlockIP.conf similarity index 100% rename from modules.d/BlockIP.conf rename to modules.d/disable/BlockIP.conf diff --git a/modules.d/DelModernApp.conf b/modules.d/disable/DelModernApp.conf similarity index 100% rename from modules.d/DelModernApp.conf rename to modules.d/disable/DelModernApp.conf diff --git a/modules.d/DisableAdvertising.conf b/modules.d/disable/DisableAdvertising.conf similarity index 100% rename from modules.d/DisableAdvertising.conf rename to modules.d/disable/DisableAdvertising.conf diff --git a/modules.d/disable/DisableFeatures.conf b/modules.d/disable/DisableFeatures.conf new file mode 100644 index 0000000..36922ea --- /dev/null +++ b/modules.d/disable/DisableFeatures.conf @@ -0,0 +1,11 @@ +{ + "name" : "Disable Features", + "description" : "This module disable some useless Windows Features", + "actions" : [ + { + "action" : "DisableFeature", + "file" : "features.txt", + "name" : "" + } + ] +} \ No newline at end of file diff --git a/modules.d/disable/DisableServices.conf b/modules.d/disable/DisableServices.conf new file mode 100644 index 0000000..947f01d --- /dev/null +++ b/modules.d/disable/DisableServices.conf @@ -0,0 +1,11 @@ +{ + "name" : "Disable Service", + "description" : "This module delete services known to send data to Microsoft", + "actions" : [ + { + "action" : "DisableService", + "file" : "services.txt", + "name" : "" + } + ] +} \ No newline at end of file