Daily rewrite commit
This commit is contained in:
parent
09b4d8ea28
commit
f897ca973c
8 changed files with 404 additions and 192 deletions
357
cleanW10.ps1
357
cleanW10.ps1
|
|
@ -6,27 +6,38 @@ $HOST_IP = "0.0.0.0"
|
|||
$ErrorActionPreference = "SilentlyContinue"
|
||||
|
||||
#Thanks to https://gist.github.com/markembling/173887
|
||||
function block_shitty_host {
|
||||
param([string]$filename, [string]$ip, [string]$hostname)
|
||||
remove-host $filename $hostname
|
||||
Write-Host -NoNewline "`t$hostname :"
|
||||
try {
|
||||
if ( ! $(is_host_present $filename $hostname) ){
|
||||
$ip + "`t`t" + $hostname | Out-File -encoding ASCII -append $filename
|
||||
function BlockHost {
|
||||
param(
|
||||
[Parameter(
|
||||
ValueFromPipeline=$False,
|
||||
ParameterSetName="params",
|
||||
Position = 0
|
||||
)]
|
||||
[object]$params
|
||||
)
|
||||
if ( $params.file ) {
|
||||
Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line} }
|
||||
}
|
||||
if ( $params.host ) {
|
||||
Write-Host -NoNewline "`t$($params.host) : "
|
||||
try {
|
||||
if ( ! $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){
|
||||
$HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE
|
||||
}
|
||||
else {
|
||||
Write-Host -ForegroundColor Yellow "already blocked "
|
||||
return
|
||||
}
|
||||
}
|
||||
else {
|
||||
Write-Host -ForegroundColor Yellow "already blocked "
|
||||
catch {
|
||||
Write-Host -ForegroundColor Red "error"
|
||||
return
|
||||
}
|
||||
Write-Host -ForegroundColor Green "done"
|
||||
}
|
||||
catch {
|
||||
Write-Host -ForegroundColor Red "error"
|
||||
return
|
||||
}
|
||||
Write-Host -ForegroundColor Green "done"
|
||||
}
|
||||
|
||||
function is_host_present {
|
||||
function IsHostAlreadyBlocked {
|
||||
param([string]$filename, [string]$hostname)
|
||||
$c = Get-Content $filename
|
||||
|
||||
|
|
@ -39,22 +50,29 @@ function is_host_present {
|
|||
return $false
|
||||
}
|
||||
|
||||
function block_shitty_ip {
|
||||
param($ip)
|
||||
Write-Host -NoNewline "`t$ip : "
|
||||
if ( Get-NetFirewallRule -Name Blacklist_$ip -ErrorAction SilentlyContinue) {
|
||||
Write-Host -ForegroundColor Yellow "already blacklisted"
|
||||
return
|
||||
function FwBlockOutputIP {
|
||||
param(
|
||||
[object]$params
|
||||
)
|
||||
if ( $params.file ) {
|
||||
foreach ($line in Get-Content $params.file ){ FwBlockOutputIP @{"ip"="$line"} }
|
||||
}
|
||||
else {
|
||||
Try {
|
||||
New-NetFirewallRule -Name Blacklist_$ip -DisplayName "BlackList $ip" -Protocol any -Enabled True -Profile Any -RemoteAddress $ip -Action Block | Out-Null
|
||||
if ( $params.ip) {
|
||||
Write-Host -NoNewline "`t$($params.ip) : "
|
||||
if ( Get-NetFirewallRule -Name Blacklist_$($params.ip) -ErrorAction SilentlyContinue) {
|
||||
Write-Host -ForegroundColor Yellow "already blacklisted"
|
||||
return
|
||||
}
|
||||
Catch {
|
||||
Write-Host -ForegroundColor Red "error"
|
||||
return
|
||||
else {
|
||||
Try {
|
||||
New-NetFirewallRule -Name Blacklist_$($params.ip) -DisplayName "BlackList $($params.ip)" -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null
|
||||
}
|
||||
Catch {
|
||||
Write-Host -ForegroundColor Red "error"
|
||||
return
|
||||
}
|
||||
Write-Host -ForegroundColor Green "done"
|
||||
}
|
||||
Write-Host -ForegroundColor Green "done"
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -85,29 +103,30 @@ function remove_shitty_tasks () {
|
|||
# path : the complete path to reg key
|
||||
# key : key name
|
||||
# value : The value to write
|
||||
function modify_shitty_reg_value {
|
||||
param([string]$path, [string]$key, [string]$value, [string]$type)
|
||||
Write-Host -NoNewline "`t$key reg key to $value : "
|
||||
if (!(Test-Path $path)){
|
||||
Write-Host -NoNewline "creating path "
|
||||
New-Item -Path $path -Force | Out-Null
|
||||
function AddRegKey {
|
||||
param(
|
||||
[Parameter(Mandatory=$false)]
|
||||
[object]$params
|
||||
)
|
||||
Write-Host -NoNewline "`t$($params.key) reg key to $($params.value) : "
|
||||
if ( -not $params.path -or -not $params.key -or -not $params.value ) {
|
||||
Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value"
|
||||
}
|
||||
if ( -not $params.type ){ $params.type="DWORD" }
|
||||
if ( -not (Test-Path $params.path) ){
|
||||
Write-Host -NoNewline "- creating path -"
|
||||
New-Item -Path $params.path -Force | Out-Null
|
||||
}
|
||||
|
||||
try {
|
||||
if ($type) {
|
||||
Set-ItemProperty -Path $path -Name $key -Value $value -Type $type -Force
|
||||
}
|
||||
else {
|
||||
Set-ItemProperty -Path $path -Name $key -Value $value -Type Dword -Force
|
||||
}
|
||||
Set-ItemProperty -Path $params.path -Name $params.key -Value $params.value -Type $params.type -Force
|
||||
}
|
||||
catch [System.Security.SecurityException]{
|
||||
Write-Host -ForegroundColor Red "access denied"
|
||||
return
|
||||
}
|
||||
catch {
|
||||
Write-Host -ForegroundColor Red "error"
|
||||
Write-Host "`t$Error[0]"
|
||||
Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t"
|
||||
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
|
||||
return
|
||||
}
|
||||
Write-host -ForegroundColor Green "done"
|
||||
|
|
@ -165,33 +184,90 @@ function disable_shitty_feature {
|
|||
|
||||
# remove unwanted "Modern App"
|
||||
# Params
|
||||
# $pkg : Package (Object)
|
||||
function remove_shitty_modern_app {
|
||||
param($pkg)
|
||||
Write-Host -NoNewLine "`t$($pkg.Name) :"
|
||||
try {
|
||||
$pkg | Remove-AppxPackage
|
||||
}
|
||||
catch {
|
||||
Write-Host -ForegroundColor Red "error"
|
||||
write-Host $Error[0]
|
||||
return
|
||||
}
|
||||
Write-Host -ForegroundColor Green "done"
|
||||
#
|
||||
function UninstallModernApp {
|
||||
param(
|
||||
[cmdletbinding(
|
||||
DefaultParameterSetName='params'
|
||||
)]
|
||||
[Parameter(
|
||||
ValueFromPipeline=$False,
|
||||
ParameterSetName="params",
|
||||
Position = 0
|
||||
)]
|
||||
[object]$params,
|
||||
|
||||
[Parameter(
|
||||
ValueFromPipeline=$True,
|
||||
ParameterSetName="pkg",
|
||||
Position = 0
|
||||
)]
|
||||
[Object]$pkg
|
||||
)
|
||||
if ( $params.file ) {
|
||||
Get-AppxPackage -AllUsers | Where-Object { $_.name -in $(Get-Content $params.file) } | foreach {
|
||||
$_ | UninstallModernApp
|
||||
}
|
||||
}
|
||||
elseif ( $params.name ) {
|
||||
$(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } ) | UninstallModernApp
|
||||
}
|
||||
elseif ( $pkg ) {
|
||||
try {
|
||||
Write-Host -NoNewLine "`tUninstall $($pkg.Name) :"
|
||||
$pkg | Remove-AppxPackage | Out-Null
|
||||
Write-Host -ForegroundColor Green "done"
|
||||
}
|
||||
catch {
|
||||
Write-Host -NoNewLine -ForegroundColor Red "`tError in UninstallModernApp`n`t"
|
||||
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
|
||||
return
|
||||
}
|
||||
}
|
||||
if ( $params.removeProvisionned ) {
|
||||
UninstallModernProvisonnedApp $params
|
||||
}
|
||||
}
|
||||
|
||||
function remove_provisioned_shitty_modern_app {
|
||||
param($pkg)
|
||||
Write-Host -NoNewline "`t$($pkg.DisplayName) : "
|
||||
try {
|
||||
$pkg | Remove-AppxProvisionedPackage -Online | Out-Null
|
||||
}
|
||||
catch {
|
||||
Write-Host -ForegroundColor red "error"
|
||||
Write-Host $Error[0]
|
||||
return
|
||||
}
|
||||
Write-Host -ForegroundColor Green "done"
|
||||
function UninstallModernProvisonnedApp {
|
||||
param(
|
||||
[cmdletbinding(
|
||||
DefaultParameterSetName='params'
|
||||
)]
|
||||
[Parameter(
|
||||
ValueFromPipeline=$False,
|
||||
#ParameterSetName="params",
|
||||
Position = 0
|
||||
)]
|
||||
[object]$params,
|
||||
|
||||
[Parameter(
|
||||
ValueFromPipeline=$True,
|
||||
ParameterSetName="pkg",
|
||||
Position = 0
|
||||
)]
|
||||
[Object]$pkg
|
||||
)
|
||||
if ( $params.file ) {
|
||||
Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -in $(Get-Content $params.file) } | foreach {
|
||||
UninstallModernProvisonnedApp -pkg $_
|
||||
}
|
||||
}
|
||||
elseif ( $params.name ) {
|
||||
UninstallModernProvisonnedApp -pkg $(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -like "*$($params.name)*" })
|
||||
}
|
||||
elseif ( $pkg ) {
|
||||
try {
|
||||
Write-Host -NoNewLine "`tUninstall Provisonned $($pkg.DisplayName) :"
|
||||
$pkg | Remove-AppxProvisionedPackage -Online | Out-Null
|
||||
Write-Host -ForegroundColor Green "done"
|
||||
}
|
||||
catch {
|
||||
Write-Host -NoNewLine -ForegroundColor Red "`tError in UninstallModernApp`n`t"
|
||||
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function disable_shitty_service {
|
||||
|
|
@ -230,128 +306,25 @@ function kill_shitty_process {
|
|||
Write-Output "`nI's time to kick ass and chew bubble gum"
|
||||
Write-Output "________________________________________`n"
|
||||
|
||||
Write-Host -ForegroundColor White "Blacklist hosts :"
|
||||
foreach ($line in Get-Content "lib\hosts.txt"){ block_shitty_host $HOST_FILE $HOST_IP $line }
|
||||
Write-Host -ForegroundColor White "`nBlacklist IPs :"
|
||||
foreach ($line in Get-Content "lib\ip.txt"){ block_shitty_ip $line }
|
||||
Write-Host -ForegroundColor White "`nDisable features :"
|
||||
foreach ($line in Get-Content "lib\features.txt"){ disable_shitty_feature $line }
|
||||
Write-Host -ForegroundColor White "`nDisable services :"
|
||||
foreach ($line in Get-Content "lib\services.txt") { disable_shitty_service $line }
|
||||
|
||||
Write-Host -ForegroundColor White "`nRemove modern apps :"
|
||||
Get-AppxPackage -AllUsers | Where-Object { $_.name -in $(Get-Content "lib\apps.txt")} | foreach {
|
||||
remove_shitty_modern_app $_
|
||||
Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach {
|
||||
$module = ""
|
||||
$module = Get-Content $_.FullName -Raw | ConvertFrom-Json
|
||||
|
||||
Write-Host -ForegroundColor White "`nProcess Module $($module.name)"
|
||||
$module_dir = $_.Directory.FullName + "\" + $_.BaseName + "\"
|
||||
$module.actions | Foreach {
|
||||
$action_file = ""
|
||||
$current_action = $_
|
||||
# If action content a file element, nedd to test if file exist
|
||||
if ( $_.file) {
|
||||
$action_file = $module_dir + $_.file
|
||||
if ( -not (Test-Path $action_file) ) {
|
||||
Write-Host -ForegroundColor Red "`tError in $($module.name) : file $($_.file) not found"
|
||||
return
|
||||
}
|
||||
$_.file = $action_file
|
||||
}
|
||||
# Invoke function
|
||||
Invoke-Expression "$($_.action) -params `$_"
|
||||
}
|
||||
}
|
||||
|
||||
Write-Host -ForegroundColor White "`nRemove provisioned modern apps :"
|
||||
Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -in $(Get-Content "lib\apps.txt")} | foreach {
|
||||
remove_provisioned_shitty_modern_app $_
|
||||
}
|
||||
Write-Host -ForegroundColor White "`nRemove tasks :"
|
||||
foreach ($line in Get-Content "lib\tasks.txt") {remove_shitty_tasks $line }
|
||||
|
||||
#Remove all OneDrive Stuff thanks to https://github.com/W4RH4WK/Debloat-Windows-10/
|
||||
Write-Host -ForegroundColor white "`nRemoving all Onedrive stuff :"
|
||||
|
||||
# Kill onedrive qnd explorer for proper uninstallation
|
||||
kill_shitty_process "onedrive"
|
||||
kill_shitty_process "explorer"
|
||||
|
||||
Write-Host "`tUninstalling Onedrive"
|
||||
if (Test-Path "$env:systemroot\System32\OneDriveSetup.exe") {
|
||||
& "$env:systemroot\System32\OneDriveSetup.exe" /uninstall
|
||||
}
|
||||
if (Test-Path "$env:systemroot\SysWOW64\OneDriveSetup.exe") {
|
||||
& "$env:systemroot\SysWOW64\OneDriveSetup.exe" /uninstall
|
||||
}
|
||||
Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:localappdata\Microsoft\OneDrive"
|
||||
Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:programdata\Microsoft OneDrive"
|
||||
Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:systemdrive\OneDriveTemp"
|
||||
|
||||
Write-Host "`tModify OneDrive shitty registery values :"
|
||||
#OneDrive
|
||||
modify_shitty_reg_value "HKLM:\Software\Policies\Microsoft\Windows\OneDrive" "DisableFileSyncNGSC" 1
|
||||
modify_shitty_reg_value "HKLM:\Software\Policies\Microsoft\Windows\OneDrive" "DisableFileSync" 1
|
||||
modify_shitty_reg_value "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run" "OneDrive" "0300000021B9DEB396D7D001" "Binary"
|
||||
# Onedrive Explorer integration
|
||||
New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR | Out-Null
|
||||
modify_shitty_reg_value "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
|
||||
modify_shitty_reg_value "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
|
||||
Remove-PSDrive -Name HKCR
|
||||
Get-ScheduledTask -TaskPath '\' -TaskName 'OneDrive*' -ea SilentlyContinue | foreach {
|
||||
remove_shitty_tasks $_
|
||||
}
|
||||
|
||||
reg load "hku\Default" "C:\Users\Default\NTUSER.DAT" | Out-Null
|
||||
New-PSDrive -PSProvider Registry -Root HKEY_USERS -Name HKU | Out-Null
|
||||
delete_shitty_reg_key "HKU:\Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "OneDriveSetup"
|
||||
Remove-PSDrive -Name HKU
|
||||
reg unload "hku\Default" | Out-Null
|
||||
Start-Process "explorer.exe"
|
||||
|
||||
#Advertiging...
|
||||
Write-Host -ForegroundColor White "`nDisable Advertising :"
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\AdvertisingInfo" "Enabled" "0"
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo" "DisabledByGroupPolicy" 1
|
||||
|
||||
# Geoloc.
|
||||
Write-Host -ForegroundColor White "`nDisable Geolocalization :"
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableLocation" 1
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableLocationScripting" 1
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableWindowsLocationProvider" 1
|
||||
|
||||
#smartscreen filter
|
||||
Write-Host -ForegroundColor White "`nDisable Smartscreen filter :"
|
||||
modify_shitty_reg_value "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" "EnableWebContentEvaluation"
|
||||
|
||||
# AllowTelemetry
|
||||
Write-Host -ForegroundColor White "`nDisable Telemetry :"
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0
|
||||
|
||||
Write-Host -ForegroundColor White "`nModify somes Windows defendenr behaviors :"
|
||||
# Windows Defender Delivery Optimization Download
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" "DODownloadMode" "0"
|
||||
# Windows Defender Behavior monitoring and Spynet reporting.
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" "DisableBehaviorMonitoring" 1
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" "SpynetReporting" 0
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" "SubmitSamplesConsent" 2
|
||||
|
||||
|
||||
Write-Host -ForegroundColor White "`nDisable Wifi-Sense :"
|
||||
# WifiSense Credential Share
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseCredShared" "0"
|
||||
# WifiSense Open-ness
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseOpen" "0"
|
||||
|
||||
|
||||
# Disable Cortana
|
||||
Write-Host -ForegroundColor White "`nDisable Cortana (online at least) :"
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" "AllowCortana" "0"
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" "ConnectedSearchUseWeb" "0"
|
||||
|
||||
# App right.
|
||||
Write-Host -ForegroundColor White "`nDisable rights for applications :"
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessAccountInfo" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessCalendar" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessCallHistory" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessCamera" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessContacts" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessEmail" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessLocation" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessMessaging" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessMicrophone" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessMotion" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessRadios" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessTrustedDevices" 2
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsSyncWithDevices" 2
|
||||
|
||||
# MS Account
|
||||
Write-Host -ForegroundColor White "`nDisable MS online account for login :"
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" "NoConnectedUser" 3
|
||||
|
||||
# App suggestion (Cloud Content)
|
||||
Write-Host -ForegroundColor White "`nDisable suggestions :"
|
||||
modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Cloud Content" "DisableWindowsConsumerFeatures" 1
|
||||
|
||||
Write-Host "all done!"
|
||||
|
|
|
|||
Reference in a new issue