From f897ca973cef0d7a0e2f2d4851e326567ee1c863 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 19 Mar 2018 23:44:49 +0100 Subject: [PATCH 01/91] Daily rewrite commit --- cleanW10.ps1 | 357 ++++++++++++++---------------- modules.d/BlockHosts.conf | 11 + modules.d/BlockHosts/hosts.txt | 130 +++++++++++ modules.d/BlockIP.conf | 12 + modules.d/BlockIP/ip.txt | 12 + modules.d/DelModernApp.conf | 11 + modules.d/DelModernApp/apps.txt | 49 ++++ modules.d/DisableAdvertising.conf | 14 ++ 8 files changed, 404 insertions(+), 192 deletions(-) create mode 100644 modules.d/BlockHosts.conf create mode 100644 modules.d/BlockHosts/hosts.txt create mode 100644 modules.d/BlockIP.conf create mode 100644 modules.d/BlockIP/ip.txt create mode 100644 modules.d/DelModernApp.conf create mode 100644 modules.d/DelModernApp/apps.txt create mode 100644 modules.d/DisableAdvertising.conf diff --git a/cleanW10.ps1 b/cleanW10.ps1 index bcd583d..77643d4 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -6,27 +6,38 @@ $HOST_IP = "0.0.0.0" $ErrorActionPreference = "SilentlyContinue" #Thanks to https://gist.github.com/markembling/173887 -function block_shitty_host { - param([string]$filename, [string]$ip, [string]$hostname) - remove-host $filename $hostname - Write-Host -NoNewline "`t$hostname :" - try { - if ( ! $(is_host_present $filename $hostname) ){ - $ip + "`t`t" + $hostname | Out-File -encoding ASCII -append $filename +function BlockHost { + param( + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + if ( $params.file ) { + Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line} } + } + if ( $params.host ) { + Write-Host -NoNewline "`t$($params.host) : " + try { + if ( ! $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ + $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE + } + else { + Write-Host -ForegroundColor Yellow "already blocked " + return + } } - else { - Write-Host -ForegroundColor Yellow "already blocked " + catch { + Write-Host -ForegroundColor Red "error" return } + Write-Host -ForegroundColor Green "done" } - catch { - Write-Host -ForegroundColor Red "error" - return - } - Write-Host -ForegroundColor Green "done" } -function is_host_present { +function IsHostAlreadyBlocked { param([string]$filename, [string]$hostname) $c = Get-Content $filename @@ -39,22 +50,29 @@ function is_host_present { return $false } -function block_shitty_ip { - param($ip) - Write-Host -NoNewline "`t$ip : " - if ( Get-NetFirewallRule -Name Blacklist_$ip -ErrorAction SilentlyContinue) { - Write-Host -ForegroundColor Yellow "already blacklisted" - return +function FwBlockOutputIP { + param( + [object]$params + ) + if ( $params.file ) { + foreach ($line in Get-Content $params.file ){ FwBlockOutputIP @{"ip"="$line"} } } - else { - Try { - New-NetFirewallRule -Name Blacklist_$ip -DisplayName "BlackList $ip" -Protocol any -Enabled True -Profile Any -RemoteAddress $ip -Action Block | Out-Null + if ( $params.ip) { + Write-Host -NoNewline "`t$($params.ip) : " + if ( Get-NetFirewallRule -Name Blacklist_$($params.ip) -ErrorAction SilentlyContinue) { + Write-Host -ForegroundColor Yellow "already blacklisted" + return } - Catch { - Write-Host -ForegroundColor Red "error" - return + else { + Try { + New-NetFirewallRule -Name Blacklist_$($params.ip) -DisplayName "BlackList $($params.ip)" -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null + } + Catch { + Write-Host -ForegroundColor Red "error" + return + } + Write-Host -ForegroundColor Green "done" } - Write-Host -ForegroundColor Green "done" } } @@ -85,29 +103,30 @@ function remove_shitty_tasks () { # path : the complete path to reg key # key : key name # value : The value to write -function modify_shitty_reg_value { - param([string]$path, [string]$key, [string]$value, [string]$type) - Write-Host -NoNewline "`t$key reg key to $value : " - if (!(Test-Path $path)){ - Write-Host -NoNewline "creating path " - New-Item -Path $path -Force | Out-Null +function AddRegKey { + param( + [Parameter(Mandatory=$false)] + [object]$params + ) + Write-Host -NoNewline "`t$($params.key) reg key to $($params.value) : " + if ( -not $params.path -or -not $params.key -or -not $params.value ) { + Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value" + } + if ( -not $params.type ){ $params.type="DWORD" } + if ( -not (Test-Path $params.path) ){ + Write-Host -NoNewline "- creating path -" + New-Item -Path $params.path -Force | Out-Null } - try { - if ($type) { - Set-ItemProperty -Path $path -Name $key -Value $value -Type $type -Force - } - else { - Set-ItemProperty -Path $path -Name $key -Value $value -Type Dword -Force - } + Set-ItemProperty -Path $params.path -Name $params.key -Value $params.value -Type $params.type -Force } catch [System.Security.SecurityException]{ Write-Host -ForegroundColor Red "access denied" return } catch { - Write-Host -ForegroundColor Red "error" - Write-Host "`t$Error[0]" + Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message return } Write-host -ForegroundColor Green "done" @@ -165,33 +184,90 @@ function disable_shitty_feature { # remove unwanted "Modern App" # Params -# $pkg : Package (Object) -function remove_shitty_modern_app { - param($pkg) - Write-Host -NoNewLine "`t$($pkg.Name) :" - try { - $pkg | Remove-AppxPackage - } - catch { - Write-Host -ForegroundColor Red "error" - write-Host $Error[0] - return - } - Write-Host -ForegroundColor Green "done" +# +function UninstallModernApp { + param( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params, + + [Parameter( + ValueFromPipeline=$True, + ParameterSetName="pkg", + Position = 0 + )] + [Object]$pkg + ) + if ( $params.file ) { + Get-AppxPackage -AllUsers | Where-Object { $_.name -in $(Get-Content $params.file) } | foreach { + $_ | UninstallModernApp + } + } + elseif ( $params.name ) { + $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } ) | UninstallModernApp + } + elseif ( $pkg ) { + try { + Write-Host -NoNewLine "`tUninstall $($pkg.Name) :" + $pkg | Remove-AppxPackage | Out-Null + Write-Host -ForegroundColor Green "done" + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`tError in UninstallModernApp`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } + } + if ( $params.removeProvisionned ) { + UninstallModernProvisonnedApp $params + } } -function remove_provisioned_shitty_modern_app { - param($pkg) - Write-Host -NoNewline "`t$($pkg.DisplayName) : " - try { - $pkg | Remove-AppxProvisionedPackage -Online | Out-Null - } - catch { - Write-Host -ForegroundColor red "error" - Write-Host $Error[0] - return - } - Write-Host -ForegroundColor Green "done" +function UninstallModernProvisonnedApp { + param( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + #ParameterSetName="params", + Position = 0 + )] + [object]$params, + + [Parameter( + ValueFromPipeline=$True, + ParameterSetName="pkg", + Position = 0 + )] + [Object]$pkg + ) + if ( $params.file ) { + Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -in $(Get-Content $params.file) } | foreach { + UninstallModernProvisonnedApp -pkg $_ + } + } + elseif ( $params.name ) { + UninstallModernProvisonnedApp -pkg $(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -like "*$($params.name)*" }) + } + elseif ( $pkg ) { + try { + Write-Host -NoNewLine "`tUninstall Provisonned $($pkg.DisplayName) :" + $pkg | Remove-AppxProvisionedPackage -Online | Out-Null + Write-Host -ForegroundColor Green "done" + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`tError in UninstallModernApp`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } + } } function disable_shitty_service { @@ -230,128 +306,25 @@ function kill_shitty_process { Write-Output "`nI's time to kick ass and chew bubble gum" Write-Output "________________________________________`n" -Write-Host -ForegroundColor White "Blacklist hosts :" -foreach ($line in Get-Content "lib\hosts.txt"){ block_shitty_host $HOST_FILE $HOST_IP $line } -Write-Host -ForegroundColor White "`nBlacklist IPs :" -foreach ($line in Get-Content "lib\ip.txt"){ block_shitty_ip $line } -Write-Host -ForegroundColor White "`nDisable features :" -foreach ($line in Get-Content "lib\features.txt"){ disable_shitty_feature $line } -Write-Host -ForegroundColor White "`nDisable services :" -foreach ($line in Get-Content "lib\services.txt") { disable_shitty_service $line } - -Write-Host -ForegroundColor White "`nRemove modern apps :" -Get-AppxPackage -AllUsers | Where-Object { $_.name -in $(Get-Content "lib\apps.txt")} | foreach { - remove_shitty_modern_app $_ +Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach { + $module = "" + $module = Get-Content $_.FullName -Raw | ConvertFrom-Json + + Write-Host -ForegroundColor White "`nProcess Module $($module.name)" + $module_dir = $_.Directory.FullName + "\" + $_.BaseName + "\" + $module.actions | Foreach { + $action_file = "" + $current_action = $_ + # If action content a file element, nedd to test if file exist + if ( $_.file) { + $action_file = $module_dir + $_.file + if ( -not (Test-Path $action_file) ) { + Write-Host -ForegroundColor Red "`tError in $($module.name) : file $($_.file) not found" + return + } + $_.file = $action_file + } + # Invoke function + Invoke-Expression "$($_.action) -params `$_" + } } - -Write-Host -ForegroundColor White "`nRemove provisioned modern apps :" -Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -in $(Get-Content "lib\apps.txt")} | foreach { - remove_provisioned_shitty_modern_app $_ -} -Write-Host -ForegroundColor White "`nRemove tasks :" -foreach ($line in Get-Content "lib\tasks.txt") {remove_shitty_tasks $line } - -#Remove all OneDrive Stuff thanks to https://github.com/W4RH4WK/Debloat-Windows-10/ -Write-Host -ForegroundColor white "`nRemoving all Onedrive stuff :" - -# Kill onedrive qnd explorer for proper uninstallation -kill_shitty_process "onedrive" -kill_shitty_process "explorer" - -Write-Host "`tUninstalling Onedrive" -if (Test-Path "$env:systemroot\System32\OneDriveSetup.exe") { - & "$env:systemroot\System32\OneDriveSetup.exe" /uninstall -} -if (Test-Path "$env:systemroot\SysWOW64\OneDriveSetup.exe") { - & "$env:systemroot\SysWOW64\OneDriveSetup.exe" /uninstall -} -Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:localappdata\Microsoft\OneDrive" -Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:programdata\Microsoft OneDrive" -Remove-Item -Recurse -Force -ErrorAction SilentlyContinue "$env:systemdrive\OneDriveTemp" - -Write-Host "`tModify OneDrive shitty registery values :" -#OneDrive -modify_shitty_reg_value "HKLM:\Software\Policies\Microsoft\Windows\OneDrive" "DisableFileSyncNGSC" 1 -modify_shitty_reg_value "HKLM:\Software\Policies\Microsoft\Windows\OneDrive" "DisableFileSync" 1 -modify_shitty_reg_value "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run" "OneDrive" "0300000021B9DEB396D7D001" "Binary" -# Onedrive Explorer integration -New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR | Out-Null -modify_shitty_reg_value "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0 -modify_shitty_reg_value "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0 -Remove-PSDrive -Name HKCR -Get-ScheduledTask -TaskPath '\' -TaskName 'OneDrive*' -ea SilentlyContinue | foreach { - remove_shitty_tasks $_ -} - -reg load "hku\Default" "C:\Users\Default\NTUSER.DAT" | Out-Null -New-PSDrive -PSProvider Registry -Root HKEY_USERS -Name HKU | Out-Null -delete_shitty_reg_key "HKU:\Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "OneDriveSetup" -Remove-PSDrive -Name HKU -reg unload "hku\Default" | Out-Null -Start-Process "explorer.exe" - -#Advertiging... -Write-Host -ForegroundColor White "`nDisable Advertising :" -modify_shitty_reg_value "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\AdvertisingInfo" "Enabled" "0" -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo" "DisabledByGroupPolicy" 1 - -# Geoloc. -Write-Host -ForegroundColor White "`nDisable Geolocalization :" -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableLocation" 1 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableLocationScripting" 1 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableWindowsLocationProvider" 1 - -#smartscreen filter -Write-Host -ForegroundColor White "`nDisable Smartscreen filter :" -modify_shitty_reg_value "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" "EnableWebContentEvaluation" - -# AllowTelemetry -Write-Host -ForegroundColor White "`nDisable Telemetry :" -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0 - -Write-Host -ForegroundColor White "`nModify somes Windows defendenr behaviors :" -# Windows Defender Delivery Optimization Download -modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" "DODownloadMode" "0" -# Windows Defender Behavior monitoring and Spynet reporting. -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" "DisableBehaviorMonitoring" 1 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" "SpynetReporting" 0 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" "SubmitSamplesConsent" 2 - - -Write-Host -ForegroundColor White "`nDisable Wifi-Sense :" -# WifiSense Credential Share -modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseCredShared" "0" -# WifiSense Open-ness -modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseOpen" "0" - - -# Disable Cortana -Write-Host -ForegroundColor White "`nDisable Cortana (online at least) :" -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" "AllowCortana" "0" -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" "ConnectedSearchUseWeb" "0" - -# App right. -Write-Host -ForegroundColor White "`nDisable rights for applications :" -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessAccountInfo" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessCalendar" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessCallHistory" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessCamera" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessContacts" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessEmail" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessLocation" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessMessaging" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessMicrophone" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessMotion" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessRadios" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessTrustedDevices" 2 -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsSyncWithDevices" 2 - -# MS Account -Write-Host -ForegroundColor White "`nDisable MS online account for login :" -modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" "NoConnectedUser" 3 - -# App suggestion (Cloud Content) -Write-Host -ForegroundColor White "`nDisable suggestions :" -modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Cloud Content" "DisableWindowsConsumerFeatures" 1 - -Write-Host "all done!" diff --git a/modules.d/BlockHosts.conf b/modules.d/BlockHosts.conf new file mode 100644 index 0000000..1909b97 --- /dev/null +++ b/modules.d/BlockHosts.conf @@ -0,0 +1,11 @@ +{ + "name" : "Block unwanted Host", + "description" : "This module block some hosts from Microsoft", + "actions" : [ + { + "action" : "BlockHost", + "file" : "hosts.txt", + "host" : "" + } + ] +} \ No newline at end of file diff --git a/modules.d/BlockHosts/hosts.txt b/modules.d/BlockHosts/hosts.txt new file mode 100644 index 0000000..2008428 --- /dev/null +++ b/modules.d/BlockHosts/hosts.txt @@ -0,0 +1,130 @@ +184-86-53-99.deploy.static.akamaitechnologies.com +a-0001.a-msedge.net +a-0002.a-msedge.net +a-0003.a-msedge.net +a-0004.a-msedge.net +a-0005.a-msedge.net +a-0006.a-msedge.net +a-0007.a-msedge.net +a-0008.a-msedge.net +a-0009.a-msedge.net +a-msedge.net +a.ads1.msn.com +a.ads2.msads.net +a.ads2.msn.com +a.rad.msn.com +a1621.g.akamai.net +a1856.g2.akamai.net +a1961.g.akamai.net +a978.i6g1.akamai.net +ac3.msn.com +ad.doubleclick.net +adnexus.net +adnxs.com +ads.msn.com +ads1.msads.net +ads1.msn.com +aidps.atdmt.com +aka-cdn-ns.adtech.de +apps.skype.com +az361816.vo.msecnd.net +az512334.vo.msecnd.net +b.ads1.msn.com +b.ads2.msads.net +b.rad.msn.com +bingads.microsoft.com +bs.serving-sys.com +c.atdmt.com +c.msn.com +cdn.atdmt.com +cds26.ams9.msecn.net +choice.microsoft.com +choice.microsoft.com.nsatc.net +compatexchange.cloudapp.net +corp.sts.microsoft.com +corpext.msitadfs.glbdns2.microsoft.com +cs1.wpc.v0cdn.net +cy2.vortex.data.microsoft.com.akadns.net +db3aqu.atdmt.com +df.telemetry.microsoft.com +diagnostics.support.microsoft.com +e2835.dspb.akamaiedge.net +e7341.g.akamaiedge.net +e7502.ce.akamaiedge.net +e8218.ce.akamaiedge.net +ec.atdmt.com +fe2.update.microsoft.com.akadns.net +feedback.microsoft-hohm.com +feedback.search.microsoft.com +feedback.windows.com +flex.msn.com +g.msn.com +h1.msn.com +h2.msn.com +hostedocsp.globalsign.com +i1.services.social.microsoft.com +i1.services.social.microsoft.com.nsatc.net +ipv6.msftncsi.com +ipv6.msftncsi.com.edgesuite.net +lb1.www.ms.akadns.net +live.rads.msn.com +m.adnxs.com +m.hotmail.com +msedge.net +msftncsi.com +msnbot-65-55-108-23.search.msn.com +msntest.serving-sys.com +oca.telemetry.microsoft.com +oca.telemetry.microsoft.com.nsatc.net +pre.footprintpredict.com +preview.msn.com +pricelist.skype.com +rad.live.com +rad.msn.com +redir.metaservices.microsoft.com +reports.wes.df.telemetry.microsoft.com +s.gateway.messenger.live.com +s0.2mdn.net +schemas.microsoft.akadns.net +secure.adnxs.com +secure.flashtalking.com +services.wes.df.telemetry.microsoft.com +settings-sandbox.data.microsoft.com +settings-win.data.microsoft.com +sls.update.microsoft.com.akadns.net +sqm.df.telemetry.microsoft.com +sqm.telemetry.microsoft.com +sqm.telemetry.microsoft.com.nsatc.net +ssw.live.com +static.2mdn.net +statsfe1.ws.microsoft.com +statsfe2.update.microsoft.com.akadns.net +statsfe2.ws.microsoft.com +survey.watson.microsoft.com +telecommand.telemetry.microsoft.com +telecommand.telemetry.microsoft.com.nsatc.net +telemetry.appex.bing.net +telemetry.microsoft.com +telemetry.urs.microsoft.com +ui.skype.com +v10.vortex-win.data.microsoft.com +view.atdmt.com +vortex-bn2.metron.live.com.nsatc.net +vortex-cy2.metron.live.com.nsatc.net +vortex-sandbox.data.microsoft.com +vortex-win.data.metron.live.com.nsatc.net +vortex-win.data.microsoft.com +vortex.data.glbdns2.microsoft.com +vortex.data.microsoft.com +watson.live.com +watson.microsoft.com +watson.ppe.telemetry.microsoft.com +watson.telemetry.microsoft.com +watson.telemetry.microsoft.com.nsatc.net +web.vortex.data.microsoft.com +wes.df.telemetry.microsoft.com +www.msftncsi.com +win10.ipv6.microsoft.com +www.bingads.microsoft.com +www.go.microsoft.akadns.net +www.msftncsi.com diff --git a/modules.d/BlockIP.conf b/modules.d/BlockIP.conf new file mode 100644 index 0000000..37328cd --- /dev/null +++ b/modules.d/BlockIP.conf @@ -0,0 +1,12 @@ +{ + "name" : "Block IP From MS servers", + "description" : "Disable Advertising", + "actions" : [ + { + "action" : "FwBlockOutputIP", + "ip" : "", + "file" : "ip.txt" + } + ] + +} \ No newline at end of file diff --git a/modules.d/BlockIP/ip.txt b/modules.d/BlockIP/ip.txt new file mode 100644 index 0000000..c534941 --- /dev/null +++ b/modules.d/BlockIP/ip.txt @@ -0,0 +1,12 @@ +2.22.61.43 +2.22.61.66 +64.4.54.254 +65.39.117.230 +65.52.108.33 +65.55.108.23 +23.218.212.69 +134.170.30.202 +137.116.81.24 +157.56.106.189 +184.86.53.99 +204.79.197.200 \ No newline at end of file diff --git a/modules.d/DelModernApp.conf b/modules.d/DelModernApp.conf new file mode 100644 index 0000000..39ee397 --- /dev/null +++ b/modules.d/DelModernApp.conf @@ -0,0 +1,11 @@ +{ + "name" : "Delete Metro App", + "description" : "This module delete all useless modern app", + "actions" : [ + { + "action" : "UninstallModernApp", + "file" : "apps.txt", + "removeProvisionned" : "true" + } + ] +} \ No newline at end of file diff --git a/modules.d/DelModernApp/apps.txt b/modules.d/DelModernApp/apps.txt new file mode 100644 index 0000000..d954926 --- /dev/null +++ b/modules.d/DelModernApp/apps.txt @@ -0,0 +1,49 @@ +Microsoft.3dbuilder +Microsoft.Appconnector +Microsoft.BingFinance +Microsoft.BingFoodAndDrink +Microsoft.BingHealthAndFitness +Microsoft.BingNews +Microsoft.BingSports +Microsoft.BingTravel +Microsoft.BingWeather +Microsoft.CommsPhone +Microsoft.ConnectivityStore +Microsoft.Getstarted +Microsoft.Messaging +Microsoft.Microsoft3DViewer +Microsoft.MicrosoftOfficeHub +Microsoft.MicrosoftPowerBIForWindows +Microsoft.MicrosoftSolitaireCollection +Microsoft.MicrosoftStickyNotes +Microsoft.MinecraftUWP +Microsoft.MSPaint +Microsoft.Office.OneNote +Microsoft.Office.Sway +Microsoft.OneConnect +Microsoft.People +Microsoft.Services.Store.Engagement +Microsoft.SkypeApp +Microsoft.Windows.Photos +Microsoft.WindowsAlarms +Microsoft.WindowsCalculator +Microsoft.WindowsCamera +microsoft.windowscommunicationsapps +Microsoft.WindowsFeedbackHub +Microsoft.WindowsMaps +Microsoft.WindowsPhone +Microsoft.WindowsSoundRecorder +Microsoft.WindowsStore +Microsoft.XboxApp +Microsoft.ZuneMusic +Microsoft.ZuneVideo +Microsoft.Advertising.Xaml +9E2F88E3.Twitter +king.com.CandyCrushSodaSaga +f5.vpn.client +SonicWALL.MobileConnect +Microsoft.BingMaps +Microsoft.XboxLIVEGame +Microsoft.Reader +Microsoft.WindowsReadingList +Microsoft.WindowsScan \ No newline at end of file diff --git a/modules.d/DisableAdvertising.conf b/modules.d/DisableAdvertising.conf new file mode 100644 index 0000000..6cb4cef --- /dev/null +++ b/modules.d/DisableAdvertising.conf @@ -0,0 +1,14 @@ +{ + "name" : "Disable Advertising", + "description" : "Disable Advertising", + "actions" : [ + { + "action" : "AddRegKey", + "value" : "1", + "key" : "DisabledByGroupPolicy", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo", + "type" : "" + } + ] + +} \ No newline at end of file From b221e5db4daf02ea5f34145aadbf2311e353961d Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 20 Mar 2018 23:39:33 +0100 Subject: [PATCH 02/91] Commit this day work --- cleanW10.ps1 | 250 +++++++++++++----- modules.d/DisableFeatures/features.txt | 4 + modules.d/DisableGeolocation.conf | 28 ++ modules.d/DisableServices/features.txt | 4 + modules.d/DisableServices/services.txt | 17 ++ modules.d/DisableSmartScreen.conf | 22 ++ modules.d/UninstallOnedrive.conf | 83 ++++++ modules.d/{ => disable}/BlockHosts.conf | 0 modules.d/{ => disable}/BlockIP.conf | 0 modules.d/{ => disable}/DelModernApp.conf | 0 .../{ => disable}/DisableAdvertising.conf | 0 modules.d/disable/DisableFeatures.conf | 11 + modules.d/disable/DisableServices.conf | 11 + 13 files changed, 370 insertions(+), 60 deletions(-) create mode 100644 modules.d/DisableFeatures/features.txt create mode 100644 modules.d/DisableGeolocation.conf create mode 100644 modules.d/DisableServices/features.txt create mode 100644 modules.d/DisableServices/services.txt create mode 100644 modules.d/DisableSmartScreen.conf create mode 100644 modules.d/UninstallOnedrive.conf rename modules.d/{ => disable}/BlockHosts.conf (100%) rename modules.d/{ => disable}/BlockIP.conf (100%) rename modules.d/{ => disable}/DelModernApp.conf (100%) rename modules.d/{ => disable}/DisableAdvertising.conf (100%) create mode 100644 modules.d/disable/DisableFeatures.conf create mode 100644 modules.d/disable/DisableServices.conf diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 77643d4..7a4ee97 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -76,7 +76,7 @@ function FwBlockOutputIP { } } -function remove_shitty_tasks () { +function DisablesheduledTask () { param($taskList) Foreach ($task in $taskList){ Write-Host -NoNewline "`t$task : " @@ -98,14 +98,9 @@ function remove_shitty_tasks () { } } -# Modify a reg value -# Params : -# path : the complete path to reg key -# key : key name -# value : The value to write function AddRegKey { param( - [Parameter(Mandatory=$false)] + [Parameter(Mandatory=$true)] [object]$params ) Write-Host -NoNewline "`t$($params.key) reg key to $($params.value) : " @@ -114,7 +109,7 @@ function AddRegKey { } if ( -not $params.type ){ $params.type="DWORD" } if ( -not (Test-Path $params.path) ){ - Write-Host -NoNewline "- creating path -" + Write-Host -NoNewline "- creating path - " New-Item -Path $params.path -Force | Out-Null } try { @@ -132,59 +127,77 @@ function AddRegKey { Write-host -ForegroundColor Green "done" } -# Delete a reg key -# Params : -# path : the complete path to reg key -# key : key name -function delete_shitty_reg_key { - param([string]$path, [string]$key) - Write-Host -NoNewline "`tDelete key $key reg : " - if (!(Test-Path $path)){ - Write-Host -ForegroundColor Red -NoNewline "path not found" +function DelRegKey { + param( + [Parameter(Mandatory=$true)] + [object]$params + ) + Write-Host -NoNewline "`tDelete registery key $($params.key) : " + if ( ! (Test-Path $params.path) ){ + Write-Host -ForegroundColor Red " Error path not found" return } - try { Remove-ItemProperty -Path $path -Name $key } catch [System.Security.SecurityException]{ - Write-Host -ForegroundColor Red "access denied" + Write-Host -ForegroundColor Red "Error in DelRegKey`n`t" + Write-Host -ForegounndColor DarkRed "Access to $($params.path)\$($params.key) denied" return } catch { - Write-Host -ForegroundColor Red "error" - Write-Host "`t$Error[0]" + Write-Host -ForegroundColor Red -NoNewLine "Error in DelRegKey`n`t" + Write-Host -ForegounndColor DarkRed $Error[0].Exception.Message return } Write-host -ForegroundColor Green "done" } -# Function to remove shitty prog from shitty win -# Params : -# $name : Feature name -function disable_shitty_feature { - param ($name) - Write-Host -NoNewline "`t$name : " - $requestInstall = dism /online /Get-FeatureInfo /FeatureName:$name /English - $isInstalled = $requestInstall | Select-String "state" - If ($isInstalled -match "Enable") { +function DisableFeature { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params, + + [Parameter( + ValueFromPipeline=$True, + ParameterSetName="feature", + Position = 0 + )] + [Object]$feature + ) + if ( $params.file ) { + Get-Content $params.file | foreach { + DisableFeature -feature $(dism /online /Get-FeatureInfo /FeatureName:$_ /English) + } + } + elseif ( $params.name ) { + $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English) | DisableFeature + } + elseif ( $feature ) { try { + $name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]} + Write-Host -NoNewline "`tDisable Feature $name : " + if ( $($feature | Select-String "state") -match "Disable" ){ + Write-Host -ForegroundColor Yellow "already disable" + return + } Dism /online /Disable-Feature /FeatureName:$name /NoRestart | Out-Null + Write-Host -ForegroundColor Green "done" } catch { Write-Host -ForegroundColor Red "error" Return - } - Write-Host -ForegroundColor Green "done" - } - else { - Write-Host -ForegroundColor Yellow "already disable" + } } } -# remove unwanted "Modern App" -# Params -# function UninstallModernApp { param( [cmdletbinding( @@ -270,29 +283,63 @@ function UninstallModernProvisonnedApp { } } -function disable_shitty_service { - param([string]$name) - Write-Host -NoNewline "`t$name : " - $serv = Get-Service -name $name - if ( !$serv) { - Write-Host -ForegroundColor Red "not found" - return +function DisableService { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params, + + [Parameter( + ValueFromPipeline=$True, + ParameterSetName="service" + )] + [Object]$service + ) + if ( $params.file ) { + Get-Service | Where-Object { $_.name -in $( Get-Content $params.file ) } | Foreach { + $_ | DisableService + } } - if ( $serv.StartType -eq "Disable") { - Write-Host -ForegroundColor Yellow "already disabled" + elseif ( $params.name ) { + DisableService-service $(Get-Service -name $params.name) } - else { - Stop-Service -InputObject $serv -PassThru | Set-Service -StartupType disabled - Write-Host -ForegroundColor Green "done " + elseif ( $service ) { + try { + Write-Host -NoNewline "`tDisable service $($service.name) : " + if ( $service.StartType -eq "Disable") { + Write-Host -ForegroundColor Yellow "already disabled" + return + } + Stop-Service -InputObject $service -PassThru | Set-Service -StartupType disabled + Write-Host -ForegroundColor Green "done " + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`tError in DisableService`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } } } -# Kill a process -# Param : -# $process : name of process to kill (String) -function kill_shitty_process { - param([string]$process) - Write-Host -NoNewLine "`tKilling $process : " +function KillProcess { + param( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + Write-Host -NoNewLine "`tKilling $($params.name) : " try { $p = Get-Process $process Stop-Process $p | Out-Null @@ -303,8 +350,91 @@ function kill_shitty_process { } } -Write-Output "`nI's time to kick ass and chew bubble gum" -Write-Output "________________________________________`n" +function DelFile { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + $path = Invoke-Expression """$($params.path)""" + Write-Host -NoNewline "`tDelete $path : " + if ( -not (Test-Path $path) ){ + Write-Host -ForegroundColor Yellow "not found" + return + } + $command = "Remove-Item $command -ErrorAction SilentlyContinue -Force -Path `"$path`"" + if ( $params.recurse -eq $true ) { + $command += "-Recurse" + } + try { + Invoke-Expression $command + Write-Host -ForegroundColor Green "done" + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`Error in DelFile`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + } +} + +function ExecCommand { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + Write-Host -NoNewline "`tExecute : $($params.path) : " + if ( -not (Test-Path $params.path) ) { + Write-Host -ForegroundColor Yellow "File not found" + return + } + try { + Start-Process $params.path -ArgumentList $params.arguments + Write-Host -ForegroundColor Green "done" + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`Error in DelFile`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + } + +} + +Write-Output "`nIt's time to kick ass and chew bubble gum" +Write-Output "_________________________________________`n" + +try { + Write-Host -NoNewline "Mount Default user registery hive : " + reg load "hku\Default" "C:\Users\Default\NTUSER.DAT" | Out-Null + New-PSDrive -PSProvider Registry -Root HKEY_USERS -Name HKU | Out-Null + Write-Host -ForegroundColor Green "done" +} +catch { + Write-Host -NoNewline -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + exit 1 +} + +try { + Write-Host -NoNewline "Mount HK_CLASSES_ROOT registery hive : " + New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR | Out-Null + Write-Host -ForegroundColor Green "done" +} +catch { + Write-Host -NoNewline -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + exit 1 +} Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach { $module = "" @@ -315,7 +445,7 @@ Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach { $module.actions | Foreach { $action_file = "" $current_action = $_ - # If action content a file element, nedd to test if file exist + # If action content a file element, need to test if file exist if ( $_.file) { $action_file = $module_dir + $_.file if ( -not (Test-Path $action_file) ) { @@ -325,6 +455,6 @@ Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach { $_.file = $action_file } # Invoke function - Invoke-Expression "$($_.action) -params `$_" + Invoke-Expression "$($_.action) `$_" } } diff --git a/modules.d/DisableFeatures/features.txt b/modules.d/DisableFeatures/features.txt new file mode 100644 index 0000000..f50f2f1 --- /dev/null +++ b/modules.d/DisableFeatures/features.txt @@ -0,0 +1,4 @@ +Internet-Explorer-Optional-amd64 +FaxServicesClientPackage +WindowsMediaPlayer +MediaPlayback \ No newline at end of file diff --git a/modules.d/DisableGeolocation.conf b/modules.d/DisableGeolocation.conf new file mode 100644 index 0000000..eff221a --- /dev/null +++ b/modules.d/DisableGeolocation.conf @@ -0,0 +1,28 @@ +{ + "name" : "Disable Geolocation", + "description" : "Disable GeoLocation", + "actions" : [ + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableLocation", + "value" : "1", + "type" : "" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableLocationScripting", + "value" : "1", + "type" : "" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableWindowsLocationProvider", + "value" : "1", + "type" : "" + } + ] + +} \ No newline at end of file diff --git a/modules.d/DisableServices/features.txt b/modules.d/DisableServices/features.txt new file mode 100644 index 0000000..f50f2f1 --- /dev/null +++ b/modules.d/DisableServices/features.txt @@ -0,0 +1,4 @@ +Internet-Explorer-Optional-amd64 +FaxServicesClientPackage +WindowsMediaPlayer +MediaPlayback \ No newline at end of file diff --git a/modules.d/DisableServices/services.txt b/modules.d/DisableServices/services.txt new file mode 100644 index 0000000..c864704 --- /dev/null +++ b/modules.d/DisableServices/services.txt @@ -0,0 +1,17 @@ +diagnosticshub.standardcollector.service +DiagTrack +dmwappushservice +HomeGroupListener +HomeGroupProvider +lfsvc +MapsBroker +NetTcpPortSharing +RemoteAccess +RemoteRegistry +SharedAccess +TrkWks +WbioSrvc +WMPNetworkSvc +XblAuthManager +XblGameSave +XboxNetApiSvc diff --git a/modules.d/DisableSmartScreen.conf b/modules.d/DisableSmartScreen.conf new file mode 100644 index 0000000..66cfeb2 --- /dev/null +++ b/modules.d/DisableSmartScreen.conf @@ -0,0 +1,22 @@ +{ + "name" : "Disable Smartscreen", + "description" : "Disable Smartscreen protection for Edge / IE", + "actions" : [ + { + "action" : "AddRegKey", + "path" : "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AppHost", + "key" : "EnableWebContentEvaluation", + "value" : "0", + "type" : "" + }, + { + "_comment" : "EXPERIMENTAL Disable Smartscreen for new created Users", + "action" : "AddRegKey", + "path" : "HKU:\\Default\\Microsoft\\Windows\\CurrentVersion\\AppHost", + "key" : "EnableWebContentEvaluation", + "value" : "0", + "type" : "" + } + ] + +} \ No newline at end of file diff --git a/modules.d/UninstallOnedrive.conf b/modules.d/UninstallOnedrive.conf new file mode 100644 index 0000000..728e879 --- /dev/null +++ b/modules.d/UninstallOnedrive.conf @@ -0,0 +1,83 @@ +{ + "name" : "Uninstall One Drive", + "description" : "This module Uninstall Onedrive", + "actions" : [ + { + "action" : "KillProcess", + "name" : "onedrive" + }, + { + "action" : "KillProcess", + "name" : "git" + }, + { + "_comment" : "OneDrive Uninstaller x64 version", + "action" : "ExecCommand", + "path" : "$env:systemroot\\SysWOW64\\OneDriveSetup.exe", + "arguments" : "/uninstall" + }, + { + "_comment" : "OneDrive Uninstaller x86 version", + "action" : "ExecCommand", + "path" : "$env:systemroot\\System32\\OneDriveSetup.exe", + "arguments" : "/uninstall" + }, + { + "action" : "DelFile", + "path" : "$env:localappdata\\Microsoft\\OneDrive", + "recurse" : "True" + }, + { + "action" : "DelFile", + "path" : "$env:programdata\\Microsoft OneDrive", + "recurse" : "True" + }, + { + "action" : "DelFile", + "path" : "$env:systemdrive\\OneDriveTemp", + "recurse" : "True" + }, + { + "action" : "AddRegKey", + "value" : "1", + "key" : "DisableFileSyncNGSC", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive", + "type" : "" + }, + { + "action" : "AddRegKey", + "value" : "1", + "key" : "DisableFileSync", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive", + "type" : "" + }, + { + "action" : "AddRegKey", + "value" : "0300000021B9DEB396D7D001", + "key" : "OneDrive", + "path" : "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run", + "type" : "Binary" + }, + { + "action" : "AddRegKey", + "value" : "0", + "key" : "System.IsPinnedToNameSpaceTree", + "path" : "HKCR:\\Wow6432Node\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}", + "type" : "" + }, + { + "action" : "AddRegKey", + "value" : "0", + "key" : "System.IsPinnedToNameSpaceTree", + "path" : "HKCR:\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}", + "type" : "" + }, + { + "_comment" : "Prevent Onedrive installation for new created user", + "action" : "DelRegKey", + "key" : "OneDriveSetup", + "path" : "HKU:\\Default\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" + } + + ] +} diff --git a/modules.d/BlockHosts.conf b/modules.d/disable/BlockHosts.conf similarity index 100% rename from modules.d/BlockHosts.conf rename to modules.d/disable/BlockHosts.conf diff --git a/modules.d/BlockIP.conf b/modules.d/disable/BlockIP.conf similarity index 100% rename from modules.d/BlockIP.conf rename to modules.d/disable/BlockIP.conf diff --git a/modules.d/DelModernApp.conf b/modules.d/disable/DelModernApp.conf similarity index 100% rename from modules.d/DelModernApp.conf rename to modules.d/disable/DelModernApp.conf diff --git a/modules.d/DisableAdvertising.conf b/modules.d/disable/DisableAdvertising.conf similarity index 100% rename from modules.d/DisableAdvertising.conf rename to modules.d/disable/DisableAdvertising.conf diff --git a/modules.d/disable/DisableFeatures.conf b/modules.d/disable/DisableFeatures.conf new file mode 100644 index 0000000..36922ea --- /dev/null +++ b/modules.d/disable/DisableFeatures.conf @@ -0,0 +1,11 @@ +{ + "name" : "Disable Features", + "description" : "This module disable some useless Windows Features", + "actions" : [ + { + "action" : "DisableFeature", + "file" : "features.txt", + "name" : "" + } + ] +} \ No newline at end of file diff --git a/modules.d/disable/DisableServices.conf b/modules.d/disable/DisableServices.conf new file mode 100644 index 0000000..947f01d --- /dev/null +++ b/modules.d/disable/DisableServices.conf @@ -0,0 +1,11 @@ +{ + "name" : "Disable Service", + "description" : "This module delete services known to send data to Microsoft", + "actions" : [ + { + "action" : "DisableService", + "file" : "services.txt", + "name" : "" + } + ] +} \ No newline at end of file From 6c2ab5878159de969b9df08a7766054833ebadbd Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 11:59:45 +0100 Subject: [PATCH 03/91] Early new working version --- cleanW10.ps1 | 320 +++++++++++++--------- lib/tasks.txt | 1 + modules.d/DelModernApp/apps.txt | 2 +- modules.d/DisableServices/features.txt | 4 - modules.d/UninstallOnedrive.conf | 9 +- modules.d/disable/BlockHosts.conf | 11 - modules.d/disable/BlockIP.conf | 12 - modules.d/disable/DelModernApp.conf | 11 - modules.d/disable/DisableAdvertising.conf | 14 - modules.d/disable/DisableFeatures.conf | 11 - modules.d/disable/DisableServices.conf | 11 - 11 files changed, 189 insertions(+), 217 deletions(-) delete mode 100644 modules.d/DisableServices/features.txt delete mode 100644 modules.d/disable/BlockHosts.conf delete mode 100644 modules.d/disable/BlockIP.conf delete mode 100644 modules.d/disable/DelModernApp.conf delete mode 100644 modules.d/disable/DisableAdvertising.conf delete mode 100644 modules.d/disable/DisableFeatures.conf delete mode 100644 modules.d/disable/DisableServices.conf diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 7a4ee97..245ef20 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -1,9 +1,10 @@ #requires -RunAsAdministrator -Import-Module NetSecurity #Useful to manipulate firewall rules - +Import-Module NetSecurity #Useful to manipulate firewall rules +Set-StrictMode -Version 2 $HOST_FILE = "$env:windir\System32\drivers\etc\hosts" $HOST_IP = "0.0.0.0" -$ErrorActionPreference = "SilentlyContinue" +$ErrorActionPreference = "Continue" +$ProgressPreference = "SilentlyContinue" #Thanks to https://gist.github.com/markembling/173887 function BlockHost { @@ -15,10 +16,11 @@ function BlockHost { )] [object]$params ) - if ( $params.file ) { + if ( $params.ContainsKey('file') ) { + Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line} } } - if ( $params.host ) { + if ( $params.ContainsKey('host') ) { Write-Host -NoNewline "`t$($params.host) : " try { if ( ! $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ @@ -54,10 +56,10 @@ function FwBlockOutputIP { param( [object]$params ) - if ( $params.file ) { + if ( $params.ContainsKey('file') ) { foreach ($line in Get-Content $params.file ){ FwBlockOutputIP @{"ip"="$line"} } } - if ( $params.ip) { + elseif ( $params.ContainsKey('ip') ) { Write-Host -NoNewline "`t$($params.ip) : " if ( Get-NetFirewallRule -Name Blacklist_$($params.ip) -ErrorAction SilentlyContinue) { Write-Host -ForegroundColor Yellow "already blacklisted" @@ -74,27 +76,59 @@ function FwBlockOutputIP { Write-Host -ForegroundColor Green "done" } } + else { + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + } } -function DisablesheduledTask () { - param($taskList) - Foreach ($task in $taskList){ - Write-Host -NoNewline "`t$task : " - if ($PSVersionTable.PSVersion.Major -gt 2) { - if (Get-ScheduledTask -TaskName $task -ErrorAction SilentlyContinue) { - Write-Host -NoNewline -ForegroundColor DarkGreen "found! " - Write-Host -Nonewline -ForegroundColor white "removing : " - Try {Unregister-ScheduledTask -TaskName $task -ErrorAction SilentlyContinue -Confirm:$false} - Catch { - Write-Host -Nonewline -ForegroundColor Red "error" - } - Write-Host -ForegroundColor Green "done" - } - else { Write-Host -ForegroundColor Yellow "already removed"} +function RemoveScheduledTask () { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + if ( $params.ContainsKey('file') ) { + Get-Content $params.file | foreach { + try { + $line = $_ + RemoveScheduledTask -task $( Get-ScheduledTask -TaskName $line -ErrorAction Stop) } - else { - Write-Host -ForegroundColor Red "damned! this is not Windows 10!" + catch [Microsoft.PowerShell.Cmdletization.Cim.CimJobException]{ + Write-Host -ForegroundColor Yellow "`tScheduled Task $line not found" } + catch { + Write-Host -NoNewline -ForegroundColor Red "`tError in RemoveSheduledTask`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + } + } + } + elseif ( $params.ContainsKey('name') ) { + $command = "Get-ScheduledTask -ErrorAction Stop -TaskName `"$($params.name)`"" + if ($params.path) { + $command += " -TaskPath `"$($params.path)`"" + } + try { + $task = $(Invoke-Expression $command) + Write-Host -NoNewline "`tRemove task $($param.name) : " + $task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false + Write-Host -ForegroundColor Green "done" + } + catch [Microsoft.PowerShell.Cmdletization.Cim.CimJobException]{ + Write-Host -ForegroundColor Yellow "`tScheduled Task $($params.path)$($params.name) not found" + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`tError in RemoveSheduledTask`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + } + } + else { + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" } } @@ -103,28 +137,33 @@ function AddRegKey { [Parameter(Mandatory=$true)] [object]$params ) - Write-Host -NoNewline "`t$($params.key) reg key to $($params.value) : " - if ( -not $params.path -or -not $params.key -or -not $params.value ) { + if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') -or -not $params.ContainsKey('value') ) { Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value" } - if ( -not $params.type ){ $params.type="DWORD" } + if ( -not $params.ContainsKey('type') -or $params.type -eq "" ){ $params.type="DWord" } + Write-Host -NoNewline "`t$($params.key) reg key to $($params.value) : " if ( -not (Test-Path $params.path) ){ Write-Host -NoNewline "- creating path - " - New-Item -Path $params.path -Force | Out-Null + try { + New-Item -Path $params.path -Force | Out-Null + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } } try { - Set-ItemProperty -Path $params.path -Name $params.key -Value $params.value -Type $params.type -Force + Set-ItemProperty -Path $params.path -Name $params.key -Value $($params.value) -Type $params.type -Force + Write-Host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ - Write-Host -ForegroundColor Red "access denied" - return + Write-Host -ForegroundColor Red "Error (access denied)" } catch { Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - return + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } - Write-host -ForegroundColor Green "done" } function DelRegKey { @@ -139,18 +178,16 @@ function DelRegKey { } try { Remove-ItemProperty -Path $path -Name $key + Write-host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ Write-Host -ForegroundColor Red "Error in DelRegKey`n`t" Write-Host -ForegounndColor DarkRed "Access to $($params.path)\$($params.key) denied" - return } catch { Write-Host -ForegroundColor Red -NoNewLine "Error in DelRegKey`n`t" Write-Host -ForegounndColor DarkRed $Error[0].Exception.Message - return } - Write-host -ForegroundColor Green "done" } function DisableFeature { @@ -163,38 +200,35 @@ function DisableFeature { ParameterSetName="params", Position = 0 )] - [object]$params, - - [Parameter( - ValueFromPipeline=$True, - ParameterSetName="feature", - Position = 0 - )] - [Object]$feature + [object]$params ) - if ( $params.file ) { + if ( $params.ContainsKey('file') ) { Get-Content $params.file | foreach { - DisableFeature -feature $(dism /online /Get-FeatureInfo /FeatureName:$_ /English) + DisableFeature @{name=$_} } } - elseif ( $params.name ) { - $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English) | DisableFeature - } - elseif ( $feature ) { - try { - $name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]} + elseif ( $params.ContainsKey('name') ) { + $feature = $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English) + $name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]} + if (-not $name){ + Write-Host -ForegroundColor Yellow "`tFeature $params.name not found" + return + } Write-Host -NoNewline "`tDisable Feature $name : " if ( $($feature | Select-String "state") -match "Disable" ){ Write-Host -ForegroundColor Yellow "already disable" return } + try { Dism /online /Disable-Feature /FeatureName:$name /NoRestart | Out-Null Write-Host -ForegroundColor Green "done" } catch { Write-Host -ForegroundColor Red "error" - Return - } + } + } + else { + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" } } @@ -208,36 +242,34 @@ function UninstallModernApp { ParameterSetName="params", Position = 0 )] - [object]$params, - - [Parameter( - ValueFromPipeline=$True, - ParameterSetName="pkg", - Position = 0 - )] - [Object]$pkg + [object]$params ) - if ( $params.file ) { - Get-AppxPackage -AllUsers | Where-Object { $_.name -in $(Get-Content $params.file) } | foreach { - $_ | UninstallModernApp + if ( $params.ContainsKey('file') ) { + $pkgs = $(Get-AppxPackage -AllUsers).name + $uninstall_list = Get-Content $params.file + $pkgs | Where-Object { $_ -in $uninstall_list } | foreach { + UninstallModernApp @{name=$_} } + $uninstall_list | Where-Object { $_ -notin $pkgs } | foreach { + Write-Host -ForegroundColor Yellow "`tModern App $_ not installed" + } } - elseif ( $params.name ) { - $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } ) | UninstallModernApp - } - elseif ( $pkg ) { + elseif ( $params.ContainsKey('name') ) { + Write-Host -NoNewLine "`tUninstall $($params.name) :" try { - Write-Host -NoNewLine "`tUninstall $($pkg.Name) :" - $pkg | Remove-AppxPackage | Out-Null + Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage -ErrorAction Continue -ErrorVariable $Error | Out-Null Write-Host -ForegroundColor Green "done" } - catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError in UninstallModernApp`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - return - } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`tError `n`t" + write-Host -ForegroundColor DarkRed "Impossible to Uninstall, this app sees to be a system one." + } } - if ( $params.removeProvisionned ) { + else { + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + return + } + if ( $params.ContainsKey('removeProvisionned' ) ) { UninstallModernProvisonnedApp $params } } @@ -249,38 +281,37 @@ function UninstallModernProvisonnedApp { )] [Parameter( ValueFromPipeline=$False, - #ParameterSetName="params", + ParameterSetName="params", Position = 0 )] - [object]$params, - - [Parameter( - ValueFromPipeline=$True, - ParameterSetName="pkg", - Position = 0 - )] - [Object]$pkg + [object]$params ) - if ( $params.file ) { - Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -in $(Get-Content $params.file) } | foreach { - UninstallModernProvisonnedApp -pkg $_ + + if ( $params.ContainsKey('file') ) { + $pkgs = $(Get-AppxProvisionedPackage -Online).DisplayName + $list = Get-Content $params.file + $pkgs | Where-Object { $_ -in $list } | foreach { + UninstallModernProvisonnedApp @{name=$_} + } + $list | Where-Object { $_ -notin $pkgs } | foreach { + Write-Host -ForegroundColor Yellow "`tProvisionned App $_ not found" } } - elseif ( $params.name ) { - UninstallModernProvisonnedApp -pkg $(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -like "*$($params.name)*" }) - } - elseif ( $pkg ) { + elseif ( $params.ContainsKey('name') ){ + Write-Host -NoNewLine "`tUninstall Provisonned $($params.name) :" try { - Write-Host -NoNewLine "`tUninstall Provisonned $($pkg.DisplayName) :" - $pkg | Remove-AppxProvisionedPackage -Online | Out-Null + $(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -eq $($params.name) }) | Remove-AppxProvisionedPackage -Online | Out-Null Write-Host -ForegroundColor Green "done" } - catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError in UninstallModernApp`n`t" + catch { + Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" write-Host -ForegroundColor DarkRed $Error[0].Exception.Message return } } + else { + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + } } function DisableService { @@ -293,25 +324,27 @@ function DisableService { ParameterSetName="params", Position = 0 )] - [object]$params, - - [Parameter( - ValueFromPipeline=$True, - ParameterSetName="service" - )] - [Object]$service + [object]$params ) - if ( $params.file ) { - Get-Service | Where-Object { $_.name -in $( Get-Content $params.file ) } | Foreach { - $_ | DisableService + if ( $params.ContainsKey('file') ) { + $services = $(Get-Service).name + $list = Get-Content $params.file + $services | Where-Object { $_ -in $list } | Foreach { + DisableService @{name=$_} + } + + $list | Where-Object { $_ -notin $services } | Foreach { + Write-Host -ForegroundColor Yellow "`t Service $_ not found" } } - elseif ( $params.name ) { - DisableService-service $(Get-Service -name $params.name) - } - elseif ( $service ) { + elseif ( $params.ContainsKey('name') ) { try { - Write-Host -NoNewline "`tDisable service $($service.name) : " + $service = Get-Service -Name $params.name + if ( -not $service ){ + Write-Host -ForegroundColor "`t Service $($params.name) not found" + return + } + Write-Host -NoNewline "`tDisable service $($params.name) : " if ( $service.StartType -eq "Disable") { Write-Host -ForegroundColor Yellow "already disabled" return @@ -320,11 +353,14 @@ function DisableService { Write-Host -ForegroundColor Green "done " } catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError in DisableService`n`t" + Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" write-Host -ForegroundColor DarkRed $Error[0].Exception.Message return } } + else { + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + } } function KillProcess { @@ -332,6 +368,7 @@ function KillProcess { [cmdletbinding( DefaultParameterSetName='params' )] + [Parameter( ValueFromPipeline=$False, ParameterSetName="params", @@ -369,7 +406,7 @@ function DelFile { return } $command = "Remove-Item $command -ErrorAction SilentlyContinue -Force -Path `"$path`"" - if ( $params.recurse -eq $true ) { + if ( $params.ContainsKey('recurse') -and $params.recurse -eq $true ) { $command += "-Recurse" } try { @@ -377,7 +414,7 @@ function DelFile { Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "`Error in DelFile`n`t" + Write-Host -NoNewLine -ForegroundColor Red "`Error`n`t" write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } @@ -415,46 +452,61 @@ Write-Output "_________________________________________`n" try { Write-Host -NoNewline "Mount Default user registery hive : " - reg load "hku\Default" "C:\Users\Default\NTUSER.DAT" | Out-Null + reg load "HKU\Default" "C:\Users\Default\NTUSER.DAT" | Out-Null New-PSDrive -PSProvider Registry -Root HKEY_USERS -Name HKU | Out-Null Write-Host -ForegroundColor Green "done" -} -catch { - Write-Host -NoNewline -ForegroundColor Red "Error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - exit 1 -} - -try { Write-Host -NoNewline "Mount HK_CLASSES_ROOT registery hive : " New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR | Out-Null + New-PSDrive -PSProvider Registry -Root HKEY_CURRENT_USER -Name HKCU | Out-Null Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewline -ForegroundColor Red "Error`n`t" + Write-Host -NoNewline -ForegroundColor Red "Error while mounting Registery`n`t" Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - exit 1 + return } Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach { $module = "" - $module = Get-Content $_.FullName -Raw | ConvertFrom-Json - + try { + $module = Get-Content $_.FullName -Raw | ConvertFrom-Json + } + catch { + Write-Host -NoNewline -ForegroundColor Red "Error While Loading JSON : $_.FullName" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } Write-Host -ForegroundColor White "`nProcess Module $($module.name)" $module_dir = $_.Directory.FullName + "\" + $_.BaseName + "\" $module.actions | Foreach { $action_file = "" - $current_action = $_ + $current_action = @{} + foreach( $p in $_.psobject.properties.name ){ + $current_action[$p] = $_.$p + } # If action content a file element, need to test if file exist - if ( $_.file) { - $action_file = $module_dir + $_.file + if ( $current_action.ContainsKey('file')) { + $action_file = $module_dir + $current_action.file if ( -not (Test-Path $action_file) ) { Write-Host -ForegroundColor Red "`tError in $($module.name) : file $($_.file) not found" return } - $_.file = $action_file + $current_action.file = $action_file } # Invoke function - Invoke-Expression "$($_.action) `$_" + Invoke-Expression "$($_.action) `$current_action" } } +#Unmount Registery +try { + Write-Host -NoNewline "`nUnmount HKU and HKCR : " + Remove-PSDrive -Name HKCR + Remove-PSDrive -Name HKCU + Remove-PSDrive -Name HKU + reg unload "HKU\Default" | Out-Null + Write-Host -ForegroundColor Green "done" +} +catch { + Write-Host -NoNewline -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message +} \ No newline at end of file diff --git a/lib/tasks.txt b/lib/tasks.txt index e9005a3..5795c68 100755 --- a/lib/tasks.txt +++ b/lib/tasks.txt @@ -9,3 +9,4 @@ Microsoft-Windows-DiskDiagnosticDataCollector DmClient MNO Metadata Parser QueueReporting +Metadata Refresh \ No newline at end of file diff --git a/modules.d/DelModernApp/apps.txt b/modules.d/DelModernApp/apps.txt index d954926..a9255b0 100644 --- a/modules.d/DelModernApp/apps.txt +++ b/modules.d/DelModernApp/apps.txt @@ -43,7 +43,7 @@ king.com.CandyCrushSodaSaga f5.vpn.client SonicWALL.MobileConnect Microsoft.BingMaps -Microsoft.XboxLIVEGame +Microsoft.XboxLIVEGames Microsoft.Reader Microsoft.WindowsReadingList Microsoft.WindowsScan \ No newline at end of file diff --git a/modules.d/DisableServices/features.txt b/modules.d/DisableServices/features.txt deleted file mode 100644 index f50f2f1..0000000 --- a/modules.d/DisableServices/features.txt +++ /dev/null @@ -1,4 +0,0 @@ -Internet-Explorer-Optional-amd64 -FaxServicesClientPackage -WindowsMediaPlayer -MediaPlayback \ No newline at end of file diff --git a/modules.d/UninstallOnedrive.conf b/modules.d/UninstallOnedrive.conf index 728e879..984c978 100644 --- a/modules.d/UninstallOnedrive.conf +++ b/modules.d/UninstallOnedrive.conf @@ -8,7 +8,7 @@ }, { "action" : "KillProcess", - "name" : "git" + "name" : "explorer" }, { "_comment" : "OneDrive Uninstaller x64 version", @@ -51,13 +51,6 @@ "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive", "type" : "" }, - { - "action" : "AddRegKey", - "value" : "0300000021B9DEB396D7D001", - "key" : "OneDrive", - "path" : "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run", - "type" : "Binary" - }, { "action" : "AddRegKey", "value" : "0", diff --git a/modules.d/disable/BlockHosts.conf b/modules.d/disable/BlockHosts.conf deleted file mode 100644 index 1909b97..0000000 --- a/modules.d/disable/BlockHosts.conf +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name" : "Block unwanted Host", - "description" : "This module block some hosts from Microsoft", - "actions" : [ - { - "action" : "BlockHost", - "file" : "hosts.txt", - "host" : "" - } - ] -} \ No newline at end of file diff --git a/modules.d/disable/BlockIP.conf b/modules.d/disable/BlockIP.conf deleted file mode 100644 index 37328cd..0000000 --- a/modules.d/disable/BlockIP.conf +++ /dev/null @@ -1,12 +0,0 @@ -{ - "name" : "Block IP From MS servers", - "description" : "Disable Advertising", - "actions" : [ - { - "action" : "FwBlockOutputIP", - "ip" : "", - "file" : "ip.txt" - } - ] - -} \ No newline at end of file diff --git a/modules.d/disable/DelModernApp.conf b/modules.d/disable/DelModernApp.conf deleted file mode 100644 index 39ee397..0000000 --- a/modules.d/disable/DelModernApp.conf +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name" : "Delete Metro App", - "description" : "This module delete all useless modern app", - "actions" : [ - { - "action" : "UninstallModernApp", - "file" : "apps.txt", - "removeProvisionned" : "true" - } - ] -} \ No newline at end of file diff --git a/modules.d/disable/DisableAdvertising.conf b/modules.d/disable/DisableAdvertising.conf deleted file mode 100644 index 6cb4cef..0000000 --- a/modules.d/disable/DisableAdvertising.conf +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name" : "Disable Advertising", - "description" : "Disable Advertising", - "actions" : [ - { - "action" : "AddRegKey", - "value" : "1", - "key" : "DisabledByGroupPolicy", - "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo", - "type" : "" - } - ] - -} \ No newline at end of file diff --git a/modules.d/disable/DisableFeatures.conf b/modules.d/disable/DisableFeatures.conf deleted file mode 100644 index 36922ea..0000000 --- a/modules.d/disable/DisableFeatures.conf +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name" : "Disable Features", - "description" : "This module disable some useless Windows Features", - "actions" : [ - { - "action" : "DisableFeature", - "file" : "features.txt", - "name" : "" - } - ] -} \ No newline at end of file diff --git a/modules.d/disable/DisableServices.conf b/modules.d/disable/DisableServices.conf deleted file mode 100644 index 947f01d..0000000 --- a/modules.d/disable/DisableServices.conf +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name" : "Disable Service", - "description" : "This module delete services known to send data to Microsoft", - "actions" : [ - { - "action" : "DisableService", - "file" : "services.txt", - "name" : "" - } - ] -} \ No newline at end of file From 033a4fa8439ee6ad328a57d057a6497533f1b699 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 12:06:49 +0100 Subject: [PATCH 04/91] Add some modules --- modules.d/BlockHosts.conf | 11 +++++++++++ modules.d/BlockIP.conf | 12 ++++++++++++ modules.d/DelModernApp.conf | 11 +++++++++++ modules.d/DisableAdvertising.conf | 14 ++++++++++++++ modules.d/DisableFeatures.conf | 11 +++++++++++ modules.d/DisableServices.conf | 11 +++++++++++ modules.d/DisableSheduledTasks.conf | 22 ++++++++++++++++++++++ modules.d/DisableSheduledTasks/tasks.txt | 11 +++++++++++ modules.d/UninstallOnedrive.conf | 2 +- 9 files changed, 104 insertions(+), 1 deletion(-) create mode 100644 modules.d/BlockHosts.conf create mode 100644 modules.d/BlockIP.conf create mode 100644 modules.d/DelModernApp.conf create mode 100644 modules.d/DisableAdvertising.conf create mode 100644 modules.d/DisableFeatures.conf create mode 100644 modules.d/DisableServices.conf create mode 100644 modules.d/DisableSheduledTasks.conf create mode 100644 modules.d/DisableSheduledTasks/tasks.txt diff --git a/modules.d/BlockHosts.conf b/modules.d/BlockHosts.conf new file mode 100644 index 0000000..1909b97 --- /dev/null +++ b/modules.d/BlockHosts.conf @@ -0,0 +1,11 @@ +{ + "name" : "Block unwanted Host", + "description" : "This module block some hosts from Microsoft", + "actions" : [ + { + "action" : "BlockHost", + "file" : "hosts.txt", + "host" : "" + } + ] +} \ No newline at end of file diff --git a/modules.d/BlockIP.conf b/modules.d/BlockIP.conf new file mode 100644 index 0000000..37328cd --- /dev/null +++ b/modules.d/BlockIP.conf @@ -0,0 +1,12 @@ +{ + "name" : "Block IP From MS servers", + "description" : "Disable Advertising", + "actions" : [ + { + "action" : "FwBlockOutputIP", + "ip" : "", + "file" : "ip.txt" + } + ] + +} \ No newline at end of file diff --git a/modules.d/DelModernApp.conf b/modules.d/DelModernApp.conf new file mode 100644 index 0000000..39ee397 --- /dev/null +++ b/modules.d/DelModernApp.conf @@ -0,0 +1,11 @@ +{ + "name" : "Delete Metro App", + "description" : "This module delete all useless modern app", + "actions" : [ + { + "action" : "UninstallModernApp", + "file" : "apps.txt", + "removeProvisionned" : "true" + } + ] +} \ No newline at end of file diff --git a/modules.d/DisableAdvertising.conf b/modules.d/DisableAdvertising.conf new file mode 100644 index 0000000..6cb4cef --- /dev/null +++ b/modules.d/DisableAdvertising.conf @@ -0,0 +1,14 @@ +{ + "name" : "Disable Advertising", + "description" : "Disable Advertising", + "actions" : [ + { + "action" : "AddRegKey", + "value" : "1", + "key" : "DisabledByGroupPolicy", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo", + "type" : "" + } + ] + +} \ No newline at end of file diff --git a/modules.d/DisableFeatures.conf b/modules.d/DisableFeatures.conf new file mode 100644 index 0000000..36922ea --- /dev/null +++ b/modules.d/DisableFeatures.conf @@ -0,0 +1,11 @@ +{ + "name" : "Disable Features", + "description" : "This module disable some useless Windows Features", + "actions" : [ + { + "action" : "DisableFeature", + "file" : "features.txt", + "name" : "" + } + ] +} \ No newline at end of file diff --git a/modules.d/DisableServices.conf b/modules.d/DisableServices.conf new file mode 100644 index 0000000..947f01d --- /dev/null +++ b/modules.d/DisableServices.conf @@ -0,0 +1,11 @@ +{ + "name" : "Disable Service", + "description" : "This module delete services known to send data to Microsoft", + "actions" : [ + { + "action" : "DisableService", + "file" : "services.txt", + "name" : "" + } + ] +} \ No newline at end of file diff --git a/modules.d/DisableSheduledTasks.conf b/modules.d/DisableSheduledTasks.conf new file mode 100644 index 0000000..3596d7f --- /dev/null +++ b/modules.d/DisableSheduledTasks.conf @@ -0,0 +1,22 @@ +{ + "name" : "Remove Scheduled tasks", + "description" : "Remove some scheduled tasks", + "actions" : [ + { + "action" : "RemoveScheduledTask", + "path" : "", + "name" : "", + "file" : "tasks.txt" + }, + { + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Device Setup\\", + "name" : "Metadata Refresh" + }, + { + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Device Setup\\", + "name" : "Metadata Refresh" + } + ] +} \ No newline at end of file diff --git a/modules.d/DisableSheduledTasks/tasks.txt b/modules.d/DisableSheduledTasks/tasks.txt new file mode 100644 index 0000000..e9005a3 --- /dev/null +++ b/modules.d/DisableSheduledTasks/tasks.txt @@ -0,0 +1,11 @@ +Microsoft Compatibility Appraiser +ProgramDataUpdater +CreateObjectTask +Consolidator +KernelCeipTask +UsbCeip +SmartScreenSpecific +Microsoft-Windows-DiskDiagnosticDataCollector +DmClient +MNO Metadata Parser +QueueReporting diff --git a/modules.d/UninstallOnedrive.conf b/modules.d/UninstallOnedrive.conf index 984c978..2436efa 100644 --- a/modules.d/UninstallOnedrive.conf +++ b/modules.d/UninstallOnedrive.conf @@ -8,7 +8,7 @@ }, { "action" : "KillProcess", - "name" : "explorer" + "name" : "explorer.exe" }, { "_comment" : "OneDrive Uninstaller x64 version", From cab76871f2b55c6fd14b957e7a58e832ede52b35 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 12:15:32 +0100 Subject: [PATCH 05/91] Fix KillProcess() --- cleanW10.ps1 | 3 +-- modules.d/UninstallOnedrive.conf | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 245ef20..1aad205 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -378,8 +378,7 @@ function KillProcess { ) Write-Host -NoNewLine "`tKilling $($params.name) : " try { - $p = Get-Process $process - Stop-Process $p | Out-Null + Stop-Process $(Get-Process $params.name) Write-Host -ForegroundColor Green "Done" } catch { diff --git a/modules.d/UninstallOnedrive.conf b/modules.d/UninstallOnedrive.conf index 2436efa..984c978 100644 --- a/modules.d/UninstallOnedrive.conf +++ b/modules.d/UninstallOnedrive.conf @@ -8,7 +8,7 @@ }, { "action" : "KillProcess", - "name" : "explorer.exe" + "name" : "explorer" }, { "_comment" : "OneDrive Uninstaller x64 version", From 28853e6b0a0c0092e10de04ad5c5255c7916402f Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 13:35:43 +0100 Subject: [PATCH 06/91] Fix RemoveSheduledTask() --- cleanW10.ps1 | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 1aad205..db41d74 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -95,26 +95,17 @@ function RemoveScheduledTask () { ) if ( $params.ContainsKey('file') ) { Get-Content $params.file | foreach { - try { - $line = $_ - RemoveScheduledTask -task $( Get-ScheduledTask -TaskName $line -ErrorAction Stop) - } - catch [Microsoft.PowerShell.Cmdletization.Cim.CimJobException]{ - Write-Host -ForegroundColor Yellow "`tScheduled Task $line not found" - } - catch { - Write-Host -NoNewline -ForegroundColor Red "`tError in RemoveSheduledTask`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - } + RemoveScheduledTask @{name=$_} } } elseif ( $params.ContainsKey('name') ) { $command = "Get-ScheduledTask -ErrorAction Stop -TaskName `"$($params.name)`"" - if ($params.path) { + if ($params.ContainsKey('path') -and $params.path -ne '') { $command += " -TaskPath `"$($params.path)`"" } + else { $params.path="" } try { - $task = $(Invoke-Expression $command) + $task = Invoke-Expression $command Write-Host -NoNewline "`tRemove task $($param.name) : " $task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false Write-Host -ForegroundColor Green "done" @@ -257,7 +248,7 @@ function UninstallModernApp { elseif ( $params.ContainsKey('name') ) { Write-Host -NoNewLine "`tUninstall $($params.name) :" try { - Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage -ErrorAction Continue -ErrorVariable $Error | Out-Null + Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Out-Null Write-Host -ForegroundColor Green "done" } catch { @@ -378,7 +369,7 @@ function KillProcess { ) Write-Host -NoNewLine "`tKilling $($params.name) : " try { - Stop-Process $(Get-Process $params.name) + Stop-Process $(Get-Process $params.name) | Out-Null Write-Host -ForegroundColor Green "Done" } catch { From f3829001d477b3560515c98aaa7a7f36545dd456 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 13:38:00 +0100 Subject: [PATCH 07/91] BlockHost exit when name is empty --- cleanW10.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index db41d74..78e3556 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -20,7 +20,7 @@ function BlockHost { Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line} } } - if ( $params.ContainsKey('host') ) { + if ( $params.ContainsKey('host') -and $params.host -ne "" ) { Write-Host -NoNewline "`t$($params.host) : " try { if ( ! $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ From 61b23e2ef3f689e555527bb59f8a2ea87b86ec93 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 15:30:58 +0100 Subject: [PATCH 08/91] Various fixes --- cleanW10.ps1 | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 78e3556..20370ac 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -106,7 +106,7 @@ function RemoveScheduledTask () { else { $params.path="" } try { $task = Invoke-Expression $command - Write-Host -NoNewline "`tRemove task $($param.name) : " + Write-Host -NoNewline "`tRemove task $($params.name) : " $task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false Write-Host -ForegroundColor Green "done" } @@ -246,14 +246,14 @@ function UninstallModernApp { } } elseif ( $params.ContainsKey('name') ) { - Write-Host -NoNewLine "`tUninstall $($params.name) :" + Write-Host -NoNewLine "`tUninstall $($params.name) : " try { - Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Out-Null + $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage $pkg) Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError `n`t" - write-Host -ForegroundColor DarkRed "Impossible to Uninstall, this app sees to be a system one." + Write-Host -NoNewLine -ForegroundColor Red "Error `n`t" + write-Host -ForegroundColor DarkRed "Impossible to Uninstall. Is this a system one." } } else { @@ -369,7 +369,7 @@ function KillProcess { ) Write-Host -NoNewLine "`tKilling $($params.name) : " try { - Stop-Process $(Get-Process $params.name) | Out-Null + Stop-Process $(Get-Process $params.name -ErrorAction SilentlyContinue ) Write-Host -ForegroundColor Green "Done" } catch { @@ -493,10 +493,10 @@ try { Remove-PSDrive -Name HKCR Remove-PSDrive -Name HKCU Remove-PSDrive -Name HKU - reg unload "HKU\Default" | Out-Null + reg unload "HKU\Default" 2>&1 | Out-Null Write-Host -ForegroundColor Green "done" } catch { Write-Host -NoNewline -ForegroundColor Red "Error`n`t" Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message -} \ No newline at end of file +} From 9c0008eb6712af7cf7973c4d800786655c107b50 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 15:46:31 +0100 Subject: [PATCH 09/91] Variable error in DelFile() --- cleanW10.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 20370ac..b119327 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -395,7 +395,7 @@ function DelFile { Write-Host -ForegroundColor Yellow "not found" return } - $command = "Remove-Item $command -ErrorAction SilentlyContinue -Force -Path `"$path`"" + $command = "Remove-Item $path -ErrorAction SilentlyContinue -Force -Path `"$path`"" if ( $params.ContainsKey('recurse') -and $params.recurse -eq $true ) { $command += "-Recurse" } @@ -500,3 +500,4 @@ catch { Write-Host -NoNewline -ForegroundColor Red "Error`n`t" Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } +ri \ No newline at end of file From 157f3b9c5d42699181b8d01da6ac414f73abf025 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 15:47:58 +0100 Subject: [PATCH 10/91] Error in UninstallModernApp() --- cleanW10.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index b119327..d85fcbc 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -248,7 +248,7 @@ function UninstallModernApp { elseif ( $params.ContainsKey('name') ) { Write-Host -NoNewLine "`tUninstall $($params.name) : " try { - $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage $pkg) + $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage) Write-Host -ForegroundColor Green "done" } catch { From fc212fa7ce034345adce2ebeca191c95047cdaa1 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 15:50:34 +0100 Subject: [PATCH 11/91] Syntax error in DelFile() --- cleanW10.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index d85fcbc..22f1b34 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -395,7 +395,7 @@ function DelFile { Write-Host -ForegroundColor Yellow "not found" return } - $command = "Remove-Item $path -ErrorAction SilentlyContinue -Force -Path `"$path`"" + $command = "Remove-Item -ErrorAction SilentlyContinue -Force -Path `"$path`"" if ( $params.ContainsKey('recurse') -and $params.recurse -eq $true ) { $command += "-Recurse" } From c209024de067676b4e04dd6e307510e9ebf1aa20 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 15:55:27 +0100 Subject: [PATCH 12/91] Change ErrorActionPreference to Stop --- cleanW10.ps1 | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 22f1b34..e09fbfb 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -3,7 +3,7 @@ Import-Module NetSecurity #Useful to manipulate firewall rules Set-StrictMode -Version 2 $HOST_FILE = "$env:windir\System32\drivers\etc\hosts" $HOST_IP = "0.0.0.0" -$ErrorActionPreference = "Continue" +$ErrorActionPreference = "Stop" $ProgressPreference = "SilentlyContinue" #Thanks to https://gist.github.com/markembling/173887 @@ -499,5 +499,4 @@ try { catch { Write-Host -NoNewline -ForegroundColor Red "Error`n`t" Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message -} -ri \ No newline at end of file +} \ No newline at end of file From e0c4d6361ed442239b5346657aaf6113a7e329f8 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 21:40:20 +0100 Subject: [PATCH 13/91] Add -file parameter + Better message when JSON error Add -file parameter + Better message when JSON error --- cleanW10.ps1 | 23 +++++++++++++++-------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index e09fbfb..ed7831b 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -1,11 +1,17 @@ +param ( + [cmdletbinding()] + [string]$dir="modules.d", + [string]$file +) #requires -RunAsAdministrator + Import-Module NetSecurity #Useful to manipulate firewall rules Set-StrictMode -Version 2 +$PSDefaultParameterValues=@{$dir = "./modules.d"} $HOST_FILE = "$env:windir\System32\drivers\etc\hosts" $HOST_IP = "0.0.0.0" $ErrorActionPreference = "Stop" $ProgressPreference = "SilentlyContinue" - #Thanks to https://gist.github.com/markembling/173887 function BlockHost { param( @@ -455,18 +461,19 @@ catch { Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message return } - -Get-ChildItem -Path $PSScriptRoot"\modules.d" -Filter "*.conf" | foreach { +Write-Host "Folder to process : $dir" +Get-ChildItem -Path $dir -Filter "*.conf" | foreach { $module = "" try { - $module = Get-Content $_.FullName -Raw | ConvertFrom-Json + $filename = $_.FullName + $module = Get-Content $filename -Raw | ConvertFrom-Json } catch { - Write-Host -NoNewline -ForegroundColor Red "Error While Loading JSON : $_.FullName" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -NoNewline -ForegroundColor Red "Error While Loading JSON : $filename `n`n" + #Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message return } - Write-Host -ForegroundColor White "`nProcess Module $($module.name)" + Write-Host -ForegroundColor White "`nProcess Module $($module.name) `n" $module_dir = $_.Directory.FullName + "\" + $_.BaseName + "\" $module.actions | Foreach { $action_file = "" @@ -499,4 +506,4 @@ try { catch { Write-Host -NoNewline -ForegroundColor Red "Error`n`t" Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message -} \ No newline at end of file +} From b3d3ee64031229a44be15c556b098cde194d3e9a Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 23 Mar 2018 23:33:08 +0100 Subject: [PATCH 14/91] Add -module argument to process a single module file --- cleanW10.ps1 | 87 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 51 insertions(+), 36 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index ed7831b..2be1fa9 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -1,7 +1,7 @@ param ( - [cmdletbinding()] + [cmdletbinding()] [string]$dir="modules.d", - [string]$file + [string]$module ) #requires -RunAsAdministrator @@ -425,7 +425,7 @@ function ExecCommand { ParameterSetName="params", Position = 0 )] - [object]$params + [object]$params ) Write-Host -NoNewline "`tExecute : $($params.path) : " if ( -not (Test-Path $params.path) ) { @@ -439,8 +439,46 @@ function ExecCommand { catch { Write-Host -NoNewLine -ForegroundColor Red "`Error in DelFile`n`t" write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - } + } +} +function ProcessModuleFile { + param ( + [Parameter( + Mandatory=$true, + ValueFromPipeline=$True, + ParameterSetName="path" + )] + [string]$path + ) + try { + $mod = Get-Content $(Get-ChildItem $path).FullName -Raw | ConvertFrom-Json + } + catch { + Write-Host -ForegroundColor Red "Error While Loading JSON : $path `n`n" + #Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } + Write-Host -ForegroundColor White "`nProcess Module $($mod.name) `n" + + $mod.actions | Foreach { + $action_file = "" + $current_action = @{} + foreach( $p in $_.psobject.properties.name ){ + $current_action[$p] = $_.$p + } + # If action content a file element, need to test if file exist + if ( $current_action.ContainsKey('file')) { + $action_file = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + "\" + $current_action.file + if ( -not (Test-Path $action_file) ) { + Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found" + return + } + $current_action.file = $action_file + } + # Invoke function + Invoke-Expression "$($_.action) `$current_action" + } } Write-Output "`nIt's time to kick ass and chew bubble gum" @@ -461,38 +499,15 @@ catch { Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message return } -Write-Host "Folder to process : $dir" -Get-ChildItem -Path $dir -Filter "*.conf" | foreach { - $module = "" - try { - $filename = $_.FullName - $module = Get-Content $filename -Raw | ConvertFrom-Json - } - catch { - Write-Host -NoNewline -ForegroundColor Red "Error While Loading JSON : $filename `n`n" - #Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - return - } - Write-Host -ForegroundColor White "`nProcess Module $($module.name) `n" - $module_dir = $_.Directory.FullName + "\" + $_.BaseName + "\" - $module.actions | Foreach { - $action_file = "" - $current_action = @{} - foreach( $p in $_.psobject.properties.name ){ - $current_action[$p] = $_.$p - } - # If action content a file element, need to test if file exist - if ( $current_action.ContainsKey('file')) { - $action_file = $module_dir + $current_action.file - if ( -not (Test-Path $action_file) ) { - Write-Host -ForegroundColor Red "`tError in $($module.name) : file $($_.file) not found" - return - } - $current_action.file = $action_file - } - # Invoke function - Invoke-Expression "$($_.action) `$current_action" - } +Write-Host "Folder to process : $module" + +if ( $module -and $( Test-Path $module ) ) { + $module | ProcessModuleFile +} +else { + Get-ChildItem -Path $dir -Filter "*.conf" | foreach { + $_.FullName | ProcessModuleFile + } } #Unmount Registery try { From eba57e6c8a78bf55309fb492b3aaf71f3596b5de Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 25 Mar 2018 16:15:10 +0200 Subject: [PATCH 15/91] Rewrite modules (untested) --- modules.d/BlockHosts.conf | 11 -- modules.d/BlockHosts/hosts.txt | 130 ------------------ modules.d/BlockIP.conf | 12 -- modules.d/BlockIP/ip.txt | 12 -- modules.d/DelModernApp.conf | 11 -- modules.d/DelModernApp/apps.txt | 49 ------- modules.d/DisableAdvertising.conf | 14 -- modules.d/DisableFeatures.conf | 11 -- modules.d/DisableFeatures/features.txt | 4 - modules.d/DisableGeolocation.conf | 28 ---- modules.d/DisableServices.conf | 11 -- modules.d/DisableServices/services.txt | 17 --- modules.d/DisableSheduledTasks.conf | 22 --- modules.d/DisableSheduledTasks/tasks.txt | 11 -- modules.d/DisableSmartScreen.conf | 22 --- modules.d/FW_Cortana.conf | 12 ++ modules.d/GPO_Account.conf | 33 +++++ modules.d/GPO_Advertising.conf | 13 ++ modules.d/GPO_BackgoundApps.conf | 33 +++++ modules.d/GPO_Calendars.conf | 33 +++++ modules.d/GPO_CallHistory.conf | 33 +++++ modules.d/GPO_Camera.conf | 33 +++++ modules.d/GPO_CloudContent.conf | 35 +++++ modules.d/GPO_ConnectionProbe.conf | 14 ++ modules.d/GPO_Contacts.conf | 33 +++++ modules.d/GPO_Cortana.conf | 70 ++++++++++ modules.d/GPO_Diagnostic.conf | 42 ++++++ modules.d/GPO_DiagnosticInfo.conf | 33 +++++ modules.d/GPO_DynamicTiles.conf | 37 +++++ modules.d/GPO_Email.conf | 33 +++++ modules.d/GPO_ErrorReporting.conf | 56 ++++++++ modules.d/GPO_InputSpeechInk.conf | 36 +++++ modules.d/GPO_Location.conf | 68 +++++++++ modules.d/GPO_Messaging.conf | 33 +++++ modules.d/GPO_Microphone.conf | 33 +++++ modules.d/GPO_MicrosoftAccount.conf | 14 ++ modules.d/GPO_Motion.conf | 33 +++++ modules.d/GPO_Notifications.conf | 33 +++++ ...installOnedrive.conf => GPO_OneDrive.conf} | 54 ++++---- modules.d/GPO_Phone.conf | 33 +++++ modules.d/GPO_Privacy.conf | 56 ++++++++ modules.d/GPO_Radios.conf | 33 +++++ modules.d/GPO_SettingSync.conf | 35 +++++ modules.d/GPO_SyncDevices.conf | 33 +++++ modules.d/GPO_Tasks.conf | 33 +++++ modules.d/GPO_Teredo.conf | 15 ++ modules.d/GPO_TrustedDevices.conf | 33 +++++ modules.d/GPO_Wifi.conf | 13 ++ modules.d/GPO_WindowsDefender.conf | 35 +++++ modules.d/GPO_WindowsStore.conf | 49 +++++++ modules.d/GPO_WindowsTips.conf | 22 +++ modules.d/GPO_WindowsUpdate.conf | 70 ++++++++++ modules.d/SER_Location.conf | 10 ++ 53 files changed, 1288 insertions(+), 394 deletions(-) delete mode 100644 modules.d/BlockHosts.conf delete mode 100644 modules.d/BlockHosts/hosts.txt delete mode 100644 modules.d/BlockIP.conf delete mode 100644 modules.d/BlockIP/ip.txt delete mode 100644 modules.d/DelModernApp.conf delete mode 100644 modules.d/DelModernApp/apps.txt delete mode 100644 modules.d/DisableAdvertising.conf delete mode 100644 modules.d/DisableFeatures.conf delete mode 100644 modules.d/DisableFeatures/features.txt delete mode 100644 modules.d/DisableGeolocation.conf delete mode 100644 modules.d/DisableServices.conf delete mode 100644 modules.d/DisableServices/services.txt delete mode 100644 modules.d/DisableSheduledTasks.conf delete mode 100644 modules.d/DisableSheduledTasks/tasks.txt delete mode 100644 modules.d/DisableSmartScreen.conf create mode 100644 modules.d/FW_Cortana.conf create mode 100644 modules.d/GPO_Account.conf create mode 100644 modules.d/GPO_Advertising.conf create mode 100644 modules.d/GPO_BackgoundApps.conf create mode 100644 modules.d/GPO_Calendars.conf create mode 100644 modules.d/GPO_CallHistory.conf create mode 100644 modules.d/GPO_Camera.conf create mode 100644 modules.d/GPO_CloudContent.conf create mode 100644 modules.d/GPO_ConnectionProbe.conf create mode 100644 modules.d/GPO_Contacts.conf create mode 100644 modules.d/GPO_Cortana.conf create mode 100644 modules.d/GPO_Diagnostic.conf create mode 100644 modules.d/GPO_DiagnosticInfo.conf create mode 100644 modules.d/GPO_DynamicTiles.conf create mode 100644 modules.d/GPO_Email.conf create mode 100644 modules.d/GPO_ErrorReporting.conf create mode 100644 modules.d/GPO_InputSpeechInk.conf create mode 100644 modules.d/GPO_Location.conf create mode 100644 modules.d/GPO_Messaging.conf create mode 100644 modules.d/GPO_Microphone.conf create mode 100644 modules.d/GPO_MicrosoftAccount.conf create mode 100644 modules.d/GPO_Motion.conf create mode 100644 modules.d/GPO_Notifications.conf rename modules.d/{UninstallOnedrive.conf => GPO_OneDrive.conf} (54%) create mode 100644 modules.d/GPO_Phone.conf create mode 100644 modules.d/GPO_Privacy.conf create mode 100644 modules.d/GPO_Radios.conf create mode 100644 modules.d/GPO_SettingSync.conf create mode 100644 modules.d/GPO_SyncDevices.conf create mode 100644 modules.d/GPO_Tasks.conf create mode 100644 modules.d/GPO_Teredo.conf create mode 100644 modules.d/GPO_TrustedDevices.conf create mode 100644 modules.d/GPO_Wifi.conf create mode 100644 modules.d/GPO_WindowsDefender.conf create mode 100644 modules.d/GPO_WindowsStore.conf create mode 100644 modules.d/GPO_WindowsTips.conf create mode 100644 modules.d/GPO_WindowsUpdate.conf create mode 100644 modules.d/SER_Location.conf diff --git a/modules.d/BlockHosts.conf b/modules.d/BlockHosts.conf deleted file mode 100644 index 1909b97..0000000 --- a/modules.d/BlockHosts.conf +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name" : "Block unwanted Host", - "description" : "This module block some hosts from Microsoft", - "actions" : [ - { - "action" : "BlockHost", - "file" : "hosts.txt", - "host" : "" - } - ] -} \ No newline at end of file diff --git a/modules.d/BlockHosts/hosts.txt b/modules.d/BlockHosts/hosts.txt deleted file mode 100644 index 2008428..0000000 --- a/modules.d/BlockHosts/hosts.txt +++ /dev/null @@ -1,130 +0,0 @@ -184-86-53-99.deploy.static.akamaitechnologies.com -a-0001.a-msedge.net -a-0002.a-msedge.net -a-0003.a-msedge.net -a-0004.a-msedge.net -a-0005.a-msedge.net -a-0006.a-msedge.net -a-0007.a-msedge.net -a-0008.a-msedge.net -a-0009.a-msedge.net -a-msedge.net -a.ads1.msn.com -a.ads2.msads.net -a.ads2.msn.com -a.rad.msn.com -a1621.g.akamai.net -a1856.g2.akamai.net -a1961.g.akamai.net -a978.i6g1.akamai.net -ac3.msn.com -ad.doubleclick.net -adnexus.net -adnxs.com -ads.msn.com -ads1.msads.net -ads1.msn.com -aidps.atdmt.com -aka-cdn-ns.adtech.de -apps.skype.com -az361816.vo.msecnd.net -az512334.vo.msecnd.net -b.ads1.msn.com -b.ads2.msads.net -b.rad.msn.com -bingads.microsoft.com -bs.serving-sys.com -c.atdmt.com -c.msn.com -cdn.atdmt.com -cds26.ams9.msecn.net -choice.microsoft.com -choice.microsoft.com.nsatc.net -compatexchange.cloudapp.net -corp.sts.microsoft.com -corpext.msitadfs.glbdns2.microsoft.com -cs1.wpc.v0cdn.net -cy2.vortex.data.microsoft.com.akadns.net -db3aqu.atdmt.com -df.telemetry.microsoft.com -diagnostics.support.microsoft.com -e2835.dspb.akamaiedge.net -e7341.g.akamaiedge.net -e7502.ce.akamaiedge.net -e8218.ce.akamaiedge.net -ec.atdmt.com -fe2.update.microsoft.com.akadns.net -feedback.microsoft-hohm.com -feedback.search.microsoft.com -feedback.windows.com -flex.msn.com -g.msn.com -h1.msn.com -h2.msn.com -hostedocsp.globalsign.com -i1.services.social.microsoft.com -i1.services.social.microsoft.com.nsatc.net -ipv6.msftncsi.com -ipv6.msftncsi.com.edgesuite.net -lb1.www.ms.akadns.net -live.rads.msn.com -m.adnxs.com -m.hotmail.com -msedge.net -msftncsi.com -msnbot-65-55-108-23.search.msn.com -msntest.serving-sys.com -oca.telemetry.microsoft.com -oca.telemetry.microsoft.com.nsatc.net -pre.footprintpredict.com -preview.msn.com -pricelist.skype.com -rad.live.com -rad.msn.com -redir.metaservices.microsoft.com -reports.wes.df.telemetry.microsoft.com -s.gateway.messenger.live.com -s0.2mdn.net -schemas.microsoft.akadns.net -secure.adnxs.com -secure.flashtalking.com -services.wes.df.telemetry.microsoft.com -settings-sandbox.data.microsoft.com -settings-win.data.microsoft.com -sls.update.microsoft.com.akadns.net -sqm.df.telemetry.microsoft.com -sqm.telemetry.microsoft.com -sqm.telemetry.microsoft.com.nsatc.net -ssw.live.com -static.2mdn.net -statsfe1.ws.microsoft.com -statsfe2.update.microsoft.com.akadns.net -statsfe2.ws.microsoft.com -survey.watson.microsoft.com -telecommand.telemetry.microsoft.com -telecommand.telemetry.microsoft.com.nsatc.net -telemetry.appex.bing.net -telemetry.microsoft.com -telemetry.urs.microsoft.com -ui.skype.com -v10.vortex-win.data.microsoft.com -view.atdmt.com -vortex-bn2.metron.live.com.nsatc.net -vortex-cy2.metron.live.com.nsatc.net -vortex-sandbox.data.microsoft.com -vortex-win.data.metron.live.com.nsatc.net -vortex-win.data.microsoft.com -vortex.data.glbdns2.microsoft.com -vortex.data.microsoft.com -watson.live.com -watson.microsoft.com -watson.ppe.telemetry.microsoft.com -watson.telemetry.microsoft.com -watson.telemetry.microsoft.com.nsatc.net -web.vortex.data.microsoft.com -wes.df.telemetry.microsoft.com -www.msftncsi.com -win10.ipv6.microsoft.com -www.bingads.microsoft.com -www.go.microsoft.akadns.net -www.msftncsi.com diff --git a/modules.d/BlockIP.conf b/modules.d/BlockIP.conf deleted file mode 100644 index 37328cd..0000000 --- a/modules.d/BlockIP.conf +++ /dev/null @@ -1,12 +0,0 @@ -{ - "name" : "Block IP From MS servers", - "description" : "Disable Advertising", - "actions" : [ - { - "action" : "FwBlockOutputIP", - "ip" : "", - "file" : "ip.txt" - } - ] - -} \ No newline at end of file diff --git a/modules.d/BlockIP/ip.txt b/modules.d/BlockIP/ip.txt deleted file mode 100644 index c534941..0000000 --- a/modules.d/BlockIP/ip.txt +++ /dev/null @@ -1,12 +0,0 @@ -2.22.61.43 -2.22.61.66 -64.4.54.254 -65.39.117.230 -65.52.108.33 -65.55.108.23 -23.218.212.69 -134.170.30.202 -137.116.81.24 -157.56.106.189 -184.86.53.99 -204.79.197.200 \ No newline at end of file diff --git a/modules.d/DelModernApp.conf b/modules.d/DelModernApp.conf deleted file mode 100644 index 39ee397..0000000 --- a/modules.d/DelModernApp.conf +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name" : "Delete Metro App", - "description" : "This module delete all useless modern app", - "actions" : [ - { - "action" : "UninstallModernApp", - "file" : "apps.txt", - "removeProvisionned" : "true" - } - ] -} \ No newline at end of file diff --git a/modules.d/DelModernApp/apps.txt b/modules.d/DelModernApp/apps.txt deleted file mode 100644 index a9255b0..0000000 --- a/modules.d/DelModernApp/apps.txt +++ /dev/null @@ -1,49 +0,0 @@ -Microsoft.3dbuilder -Microsoft.Appconnector -Microsoft.BingFinance -Microsoft.BingFoodAndDrink -Microsoft.BingHealthAndFitness -Microsoft.BingNews -Microsoft.BingSports -Microsoft.BingTravel -Microsoft.BingWeather -Microsoft.CommsPhone -Microsoft.ConnectivityStore -Microsoft.Getstarted -Microsoft.Messaging -Microsoft.Microsoft3DViewer -Microsoft.MicrosoftOfficeHub -Microsoft.MicrosoftPowerBIForWindows -Microsoft.MicrosoftSolitaireCollection -Microsoft.MicrosoftStickyNotes -Microsoft.MinecraftUWP -Microsoft.MSPaint -Microsoft.Office.OneNote -Microsoft.Office.Sway -Microsoft.OneConnect -Microsoft.People -Microsoft.Services.Store.Engagement -Microsoft.SkypeApp -Microsoft.Windows.Photos -Microsoft.WindowsAlarms -Microsoft.WindowsCalculator -Microsoft.WindowsCamera -microsoft.windowscommunicationsapps -Microsoft.WindowsFeedbackHub -Microsoft.WindowsMaps -Microsoft.WindowsPhone -Microsoft.WindowsSoundRecorder -Microsoft.WindowsStore -Microsoft.XboxApp -Microsoft.ZuneMusic -Microsoft.ZuneVideo -Microsoft.Advertising.Xaml -9E2F88E3.Twitter -king.com.CandyCrushSodaSaga -f5.vpn.client -SonicWALL.MobileConnect -Microsoft.BingMaps -Microsoft.XboxLIVEGames -Microsoft.Reader -Microsoft.WindowsReadingList -Microsoft.WindowsScan \ No newline at end of file diff --git a/modules.d/DisableAdvertising.conf b/modules.d/DisableAdvertising.conf deleted file mode 100644 index 6cb4cef..0000000 --- a/modules.d/DisableAdvertising.conf +++ /dev/null @@ -1,14 +0,0 @@ -{ - "name" : "Disable Advertising", - "description" : "Disable Advertising", - "actions" : [ - { - "action" : "AddRegKey", - "value" : "1", - "key" : "DisabledByGroupPolicy", - "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo", - "type" : "" - } - ] - -} \ No newline at end of file diff --git a/modules.d/DisableFeatures.conf b/modules.d/DisableFeatures.conf deleted file mode 100644 index 36922ea..0000000 --- a/modules.d/DisableFeatures.conf +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name" : "Disable Features", - "description" : "This module disable some useless Windows Features", - "actions" : [ - { - "action" : "DisableFeature", - "file" : "features.txt", - "name" : "" - } - ] -} \ No newline at end of file diff --git a/modules.d/DisableFeatures/features.txt b/modules.d/DisableFeatures/features.txt deleted file mode 100644 index f50f2f1..0000000 --- a/modules.d/DisableFeatures/features.txt +++ /dev/null @@ -1,4 +0,0 @@ -Internet-Explorer-Optional-amd64 -FaxServicesClientPackage -WindowsMediaPlayer -MediaPlayback \ No newline at end of file diff --git a/modules.d/DisableGeolocation.conf b/modules.d/DisableGeolocation.conf deleted file mode 100644 index eff221a..0000000 --- a/modules.d/DisableGeolocation.conf +++ /dev/null @@ -1,28 +0,0 @@ -{ - "name" : "Disable Geolocation", - "description" : "Disable GeoLocation", - "actions" : [ - { - "action" : "AddRegKey", - "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", - "key" : "DisableLocation", - "value" : "1", - "type" : "" - }, - { - "action" : "AddRegKey", - "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", - "key" : "DisableLocationScripting", - "value" : "1", - "type" : "" - }, - { - "action" : "AddRegKey", - "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", - "key" : "DisableWindowsLocationProvider", - "value" : "1", - "type" : "" - } - ] - -} \ No newline at end of file diff --git a/modules.d/DisableServices.conf b/modules.d/DisableServices.conf deleted file mode 100644 index 947f01d..0000000 --- a/modules.d/DisableServices.conf +++ /dev/null @@ -1,11 +0,0 @@ -{ - "name" : "Disable Service", - "description" : "This module delete services known to send data to Microsoft", - "actions" : [ - { - "action" : "DisableService", - "file" : "services.txt", - "name" : "" - } - ] -} \ No newline at end of file diff --git a/modules.d/DisableServices/services.txt b/modules.d/DisableServices/services.txt deleted file mode 100644 index c864704..0000000 --- a/modules.d/DisableServices/services.txt +++ /dev/null @@ -1,17 +0,0 @@ -diagnosticshub.standardcollector.service -DiagTrack -dmwappushservice -HomeGroupListener -HomeGroupProvider -lfsvc -MapsBroker -NetTcpPortSharing -RemoteAccess -RemoteRegistry -SharedAccess -TrkWks -WbioSrvc -WMPNetworkSvc -XblAuthManager -XblGameSave -XboxNetApiSvc diff --git a/modules.d/DisableSheduledTasks.conf b/modules.d/DisableSheduledTasks.conf deleted file mode 100644 index 3596d7f..0000000 --- a/modules.d/DisableSheduledTasks.conf +++ /dev/null @@ -1,22 +0,0 @@ -{ - "name" : "Remove Scheduled tasks", - "description" : "Remove some scheduled tasks", - "actions" : [ - { - "action" : "RemoveScheduledTask", - "path" : "", - "name" : "", - "file" : "tasks.txt" - }, - { - "action" : "RemoveScheduledTask", - "path" : "\\Microsoft\\Windows\\Device Setup\\", - "name" : "Metadata Refresh" - }, - { - "action" : "RemoveScheduledTask", - "path" : "\\Microsoft\\Device Setup\\", - "name" : "Metadata Refresh" - } - ] -} \ No newline at end of file diff --git a/modules.d/DisableSheduledTasks/tasks.txt b/modules.d/DisableSheduledTasks/tasks.txt deleted file mode 100644 index e9005a3..0000000 --- a/modules.d/DisableSheduledTasks/tasks.txt +++ /dev/null @@ -1,11 +0,0 @@ -Microsoft Compatibility Appraiser -ProgramDataUpdater -CreateObjectTask -Consolidator -KernelCeipTask -UsbCeip -SmartScreenSpecific -Microsoft-Windows-DiskDiagnosticDataCollector -DmClient -MNO Metadata Parser -QueueReporting diff --git a/modules.d/DisableSmartScreen.conf b/modules.d/DisableSmartScreen.conf deleted file mode 100644 index 66cfeb2..0000000 --- a/modules.d/DisableSmartScreen.conf +++ /dev/null @@ -1,22 +0,0 @@ -{ - "name" : "Disable Smartscreen", - "description" : "Disable Smartscreen protection for Edge / IE", - "actions" : [ - { - "action" : "AddRegKey", - "path" : "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\AppHost", - "key" : "EnableWebContentEvaluation", - "value" : "0", - "type" : "" - }, - { - "_comment" : "EXPERIMENTAL Disable Smartscreen for new created Users", - "action" : "AddRegKey", - "path" : "HKU:\\Default\\Microsoft\\Windows\\CurrentVersion\\AppHost", - "key" : "EnableWebContentEvaluation", - "value" : "0", - "type" : "" - } - ] - -} \ No newline at end of file diff --git a/modules.d/FW_Cortana.conf b/modules.d/FW_Cortana.conf new file mode 100644 index 0000000..4c8befc --- /dev/null +++ b/modules.d/FW_Cortana.conf @@ -0,0 +1,12 @@ +{ + "Name" : "Cortana (Firewall)", + "Description" : "This module Add a firewall rule to desactivate Cortana net traffic", + "actions" : + [ + { + "action" : "FwBlockProgram", + "name" : "Cortana" + "path" : "$env:systemroot\\systemapps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\SearchUI.exe" + } + ] +} diff --git a/modules.d/GPO_Account.conf b/modules.d/GPO_Account.conf new file mode 100644 index 0000000..df8e448 --- /dev/null +++ b/modules.d/GPO_Account.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Account Info (GPO)", + "Description" : "This module desactivate Account Info access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessAccountInfo", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessAccountInfo_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessAccountInfo_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessAccountInfo_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Advertising.conf b/modules.d/GPO_Advertising.conf new file mode 100644 index 0000000..0eac576 --- /dev/null +++ b/modules.d/GPO_Advertising.conf @@ -0,0 +1,13 @@ +{ + "Name" : "Advertising (GPO)", + "Description" : "This module desactivate Advertising info like GPO did.", + "actions" : + [ + { + " action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo", + "key" : "DisabledByGroupPolicy", + "value" : "1" + } + ] +} diff --git a/modules.d/GPO_BackgoundApps.conf b/modules.d/GPO_BackgoundApps.conf new file mode 100644 index 0000000..05c1afe --- /dev/null +++ b/modules.d/GPO_BackgoundApps.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Apps in Background (GPO)", + "Description" : "This module desactivate run in background for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsRunInBackgound", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsRunInBackgound_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsRunInBackgound_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsRunInBackgound_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Calendars.conf b/modules.d/GPO_Calendars.conf new file mode 100644 index 0000000..6b96d00 --- /dev/null +++ b/modules.d/GPO_Calendars.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Calendar (GPO)", + "Description" : "This module desactivate Calendar access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCalendar", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCalendar_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCalendar_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCalendar_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_CallHistory.conf b/modules.d/GPO_CallHistory.conf new file mode 100644 index 0000000..5d968b6 --- /dev/null +++ b/modules.d/GPO_CallHistory.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Call history (GPO)", + "Description" : "This module desactivate Call history access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCallHistory", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCallHistory_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCallHistory_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCallHistory_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Camera.conf b/modules.d/GPO_Camera.conf new file mode 100644 index 0000000..76e73d4 --- /dev/null +++ b/modules.d/GPO_Camera.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Camera (GPO)", + "Description" : "This module desactivate Camera access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCamera", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCamera_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCamera_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessCamera_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_CloudContent.conf b/modules.d/GPO_CloudContent.conf new file mode 100644 index 0000000..cff0aa4 --- /dev/null +++ b/modules.d/GPO_CloudContent.conf @@ -0,0 +1,35 @@ +{ + "Name" : "CloudContent (GPO)", + "Description" : "This module Desactivate somes Windows like GPO does.", + "actions" : + [ + { + "_comment" : "Disable third party suggestion (for current user)", + "action" : "AddRegKey", + "path" : "HKCU:\\Software\\Policies\\Microsoft\\Windows\\CloudContent",, + "key" : "DisableThirdPartysuggestions", + "value" : "1" + }, + { + "_comment" : "Disable Windows Spotlight (for current user)", + "action" : "AddRegKey", + "path" : "HKCU:\\Software\\Policies\\Microsoft\\Windows\\CloudContent",, + "key" : "DisableWindowsSpotlightFeatures", + "value" : "1" + }, + "_comment" : "Disable third party suggestion (for user template hive)", + "action" : "AddRegKey", + "path" : "HKU:\\Default\\Software\\Policies\\Microsoft\\Windows\\CloudContent",, + "key" : "DisableThirdPartysuggestions", + "value" : "1" + }, + { + "_comment" : "Disable Windows Spotlight (for user template hive)", + "action" : "AddRegKey", + "path" : "HKU:\\Default\\Software\\Policies\\Microsoft\\Windows\\CloudContent",, + "key" : "DisableWindowsSpotlightFeatures", + "value" : "1" + } + + ] +} diff --git a/modules.d/GPO_ConnectionProbe.conf b/modules.d/GPO_ConnectionProbe.conf new file mode 100644 index 0000000..19ecc0d --- /dev/null +++ b/modules.d/GPO_ConnectionProbe.conf @@ -0,0 +1,14 @@ +{ + "Name" : "Connection Probe (GPO)", + "Description" : "This module desactivate Internet connection probe like GPO does.", + "actions" : + [ + { + "_comment" : "Disable connection probe", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\NetworkConnectivityStatusIndicator", + "key" : "NoActiveProbe", + "value" : "1" + } + ] +} diff --git a/modules.d/GPO_Contacts.conf b/modules.d/GPO_Contacts.conf new file mode 100644 index 0000000..5576782 --- /dev/null +++ b/modules.d/GPO_Contacts.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Contacts (GPO)", + "Description" : "This module desactivate Contacts access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessContacts", + "value" : "0" + }, + { + "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessContacts_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessContacts_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessContacts_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Cortana.conf b/modules.d/GPO_Cortana.conf new file mode 100644 index 0000000..735c271 --- /dev/null +++ b/modules.d/GPO_Cortana.conf @@ -0,0 +1,70 @@ +{ + "Name" : "Cortana and Windows Search (GPO)", + "Description" : "This module Desactivate Cortana and some Windows Search functionnality like GPO does.", + "actions" : + [ + { + "_comment" : "Desactivate location access for Cortana", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search", + "key" : "AllowSearchToUseLocation", + "value" : "0" + }, + { + "_comment" : "Disable Web Search from Cortana", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search", + "key" : "DisableWebSearch", + "value" : "1" + }, + { + "_comment" : "Disable Web Search result from Windows Search", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search", + "key" : "ConnectedSearchUseWeb", + "value" : "0" + }, + { + "_comment" : "Do not Search over the Web with limited connections", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search", + "key" : "ConnectedSearchUseWebOverMeteredConnections", + "value" : "0" + }, + { + "_comment" : "Disable Cortana", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search", + "key" : "AllowCortana", + "value" : "0" + }, + { + "_comment" : "Define which informations are sent to Web Search (anonymous informations)", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search", + "key" : "ConnectedSearchPrivacy", + "value" : "3" + }, + { + "_comment" : "Disable SafeSearch for Search", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search", + "key" : "ConnectedSearchSafeSearch", + "value" : "3" + }, + { + "_comment" : "Disable encrypted file indexation", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search\\CurrentPolicies", + "key" : "AllowIndexingEncryptedStoresOrItems", + "value" : "0" + }, + { + "_comment" : "Disable Cortana on lock screen", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\Windows Search", + "key" : "AllowCortanaAboveLock", + "value" : "0" + } + ] +} diff --git a/modules.d/GPO_Diagnostic.conf b/modules.d/GPO_Diagnostic.conf new file mode 100644 index 0000000..a20928e --- /dev/null +++ b/modules.d/GPO_Diagnostic.conf @@ -0,0 +1,42 @@ +{ + "Name" : " Diagnostic Data (GPO)", + "Description" : "This module try to disable diagnostic tracking like GPO does.", + "actions" : + [ + { + "_comment" : "Do not show feedback notification", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection", + "key" : "DoNotShowFeedbackNotifications", + "value" : "1" + }, + { + "_comment" : "Disable Telemetry, 1 for minimum information leak (Home and Pro edition) and 0 for total disable (Entreprise only)", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection", + "key" : "AllowTelemetry", + "value" : "1" + }, + { + "_comment" : "Disable 'Use diagnostic data for personnalized experience", + "action" : "AddRegKey", + "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent", + "key" : "DisableTailoredExperiencesWithDiagnosticData", + "value" : "1" + }, + { + "_comment" : "Disable App compatibility telemetry", + "action" : "AddRegKey", + "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppCompat", + "key" : "AITEnable", + "value" : "1" + }, + { + "_comment" : "Disable pre-version functionnality", + "action" : "AddRegKey", + "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DataCollection", + "key" : "EnableConfigFlighting", + "value" : "1" + } + ] +} diff --git a/modules.d/GPO_DiagnosticInfo.conf b/modules.d/GPO_DiagnosticInfo.conf new file mode 100644 index 0000000..10b0ebf --- /dev/null +++ b/modules.d/GPO_DiagnosticInfo.conf @@ -0,0 +1,33 @@ +{ + "Name" : "DiagnisticInfo (GPO)", + "Description" : "This module desactivate diagnistic info access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsGetDiagnosticInfo", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsGetDiagnosticInfo_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsGetDiagnosticInfo_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsGetDiagnosticInfo_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_DynamicTiles.conf b/modules.d/GPO_DynamicTiles.conf new file mode 100644 index 0000000..f1182a1 --- /dev/null +++ b/modules.d/GPO_DynamicTiles.conf @@ -0,0 +1,37 @@ +{ + "Name" : "Tiles content (GPO)", + "Description" : "This module desactivate Internet data loading for tiles like GPO does.", + "actions" : + [ + { + "_comment" : "Disable cloud notifications for tiles (for current user)", + "action" : "AddRegKey", + "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", + "key" : "NoCloudApplicationNotification", + "value" : "1" + }, + { + "_comment" : "Disable notifications for tiles (for current user)", + "action" : "AddRegKey", + "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", + "key" : "NoTileApplicationNotification", + "value" : "1" + } + , + { + "_comment" : "Disable cloud notifications for tiles (for user template hive)", + "action" : "AddRegKey", + "path" : "HKU:\\Default\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", + "key" : "NoCloudApplicationNotification", + "value" : "1" + }, + { + "_comment" : "Disable notifications for tiles (for user templte hive)", + "action" : "AddRegKey", + "path" : "HKU:\\Default\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", + "key" : "NoTileApplicationNotification", + "value" : "1" + } + + ] +} diff --git a/modules.d/GPO_Email.conf b/modules.d/GPO_Email.conf new file mode 100644 index 0000000..981d4af --- /dev/null +++ b/modules.d/GPO_Email.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Email access (GPO)", + "Description" : "This module desactivate email access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessEmail", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys s eems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessEmail_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessEmail_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessEmail_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_ErrorReporting.conf b/modules.d/GPO_ErrorReporting.conf new file mode 100644 index 0000000..6098345 --- /dev/null +++ b/modules.d/GPO_ErrorReporting.conf @@ -0,0 +1,56 @@ +{ + "Name" : "Error Reporting (GPO)", + "Description" : "This module desactivate some error Reporting function like GPO does.", + "actions" : + [ + { + "_comment" : "Disable error Reporting to Microsoft", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting", + "key" : "Disabled", + "value" : "1" + }, + { + "_comment" : "Do not allow operating system memory dump sent to Microsoft", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting", + "key" : "AutoApproveOSDumps", + "value" : "0" + }, + { + "_comment" : "Do not sent additional dada to Microsoft when reporting", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting", + "key" : "DontSendAdditionalData", + "value" : "1" + }, + { + "_comment" : "Disable Windows Error Reporting ", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\PCHealth\\ErrorReporting", + "key" : "DoReport", + "value" : "0" + }, + { + "_comment" : "Disable WER (Not a GPO rule)", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\UnattendSettings\\Windows Error Reporting", + "key" : "Disabled", + "value" : "1" + }, + { + "_comment" : "Disable WMR (Not a GPO rule)", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting\\WMR", + "key" : "Disabled", + "value" : "1" + }, + { + "_comment" : "Do not consent Error Reporting (not a GPO rule) ", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Error Reporting\\consent", + "key" : "DefaultConsent", + "value" : "0" + } + ] +} diff --git a/modules.d/GPO_InputSpeechInk.conf b/modules.d/GPO_InputSpeechInk.conf new file mode 100644 index 0000000..3548533 --- /dev/null +++ b/modules.d/GPO_InputSpeechInk.conf @@ -0,0 +1,36 @@ +{ + "Name" : "Input Speech Ink (GPO)", + "Description" : "This module desactivate Input personalization, speech and ink recognition like GPO did.", + "actions" : + [ + { + "_comment" : "Desactivate text learning", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\InputPersonalization", + "key" : "RestrictImplicitTextCollection", + "value" : "1" + }, + { + "_comment" : "Desactivate ink learning", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\InputPersonalization", + "key" : "RestrictImplicitInkCollection", + "value" : "1" + + }, + { + "_comment" : "Desactivate input personalization", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\InputPersonalization", + "key" : "AllowInputPersonnalization", + "value" : "0" + }, + { + "_comment" : "Desactivate voice data automatic updates", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Speech", + "key" : "AllowSpeechModelUpdate", + "value" : "0" + } + ] +} diff --git a/modules.d/GPO_Location.conf b/modules.d/GPO_Location.conf new file mode 100644 index 0000000..ee76b0b --- /dev/null +++ b/modules.d/GPO_Location.conf @@ -0,0 +1,68 @@ +{ + "Name" : "Location (GPO)", + "Description" : "This module desactivate Location access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessLocation", + "value" : "0" + }, + { + "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessLocation_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessLocation_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessLocation_ForceDenyTheseApps", + "value" : "MultiString" + }, + { + "_comment" : "Disable hardware location sensors", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableLocation", + "value" : "1" + }, + { + "_comment" : "Disable location sensor", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableLocation", + "value" : "1" + }, + { + "_comment" : "Disable Windows location service provider", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableWindowsLocationProvider", + "value" : "1" + }, + { + "_comment" : "Disable location scripting", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableLocationScripting", + "value" : "1" + }, + { + "_comment" : "Disable sensors (rotation will be disable in tablet PC)", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\LocationAndSensors", + "key" : "DisableSensors", + "value" : "1" + } + ] +} diff --git a/modules.d/GPO_Messaging.conf b/modules.d/GPO_Messaging.conf new file mode 100644 index 0000000..d01edb8 --- /dev/null +++ b/modules.d/GPO_Messaging.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Messaging (GPO)", + "Description" : "This module desactivate Messaging access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMessaging", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMessaging_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMessaging_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMessaging_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Microphone.conf b/modules.d/GPO_Microphone.conf new file mode 100644 index 0000000..b06468d --- /dev/null +++ b/modules.d/GPO_Microphone.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Microphone (GPO)", + "Description" : "This module desactivate Microphone access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMicrophone", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMicrophone_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMicrophone_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMicrophone_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_MicrosoftAccount.conf b/modules.d/GPO_MicrosoftAccount.conf new file mode 100644 index 0000000..19f331c --- /dev/null +++ b/modules.d/GPO_MicrosoftAccount.conf @@ -0,0 +1,14 @@ +{ + "Name" : "Microsoft Account (GPO)", + "Description" : "This module desactivate posibility to add a Microsoft account like GPO does.", + "actions" : + [ + { + "_comment" : "Disable MS Account", + " action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", + "key" : "NoConnectedUser", + "value" : "3" + } + ] +} diff --git a/modules.d/GPO_Motion.conf b/modules.d/GPO_Motion.conf new file mode 100644 index 0000000..7ad2062 --- /dev/null +++ b/modules.d/GPO_Motion.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Motion Sensor (GPO)", + "Description" : "This module desactivate Motion sensor access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMotion", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMotion_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMotion_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessMotion_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Notifications.conf b/modules.d/GPO_Notifications.conf new file mode 100644 index 0000000..2b9af06 --- /dev/null +++ b/modules.d/GPO_Notifications.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Notifications (GPO)", + "Description" : "This module desactivate Notifications access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessNotifications", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessNotifications_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessNotifications_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessNotifications_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/UninstallOnedrive.conf b/modules.d/GPO_OneDrive.conf similarity index 54% rename from modules.d/UninstallOnedrive.conf rename to modules.d/GPO_OneDrive.conf index 984c978..c4815a7 100644 --- a/modules.d/UninstallOnedrive.conf +++ b/modules.d/GPO_OneDrive.conf @@ -1,33 +1,37 @@ { - "name" : "Uninstall One Drive", - "description" : "This module Uninstall Onedrive", - "actions" : [ - { - "action" : "KillProcess", + "Name" : "Disable OneDrive (GPO)", + "Description" : "This module Remove Onedrive like GPO does and delete if.", + "actions" : + [ + { + "_comment" : "Kill Onedrive process", + "action" : "KillProcess", "name" : "onedrive" }, { + "_comment" : "Kill explorer process", "action" : "KillProcess", "name" : "explorer" }, { - "_comment" : "OneDrive Uninstaller x64 version", - "action" : "ExecCommand", + "_comment" : "Execute OneDrive Uninstaller (x64 version)", + "action" : "ExecCommand", "path" : "$env:systemroot\\SysWOW64\\OneDriveSetup.exe", "arguments" : "/uninstall" }, { - "_comment" : "OneDrive Uninstaller x86 version", + "_comment" : "Execute OneDrive Uninstaller (x86 version)", "action" : "ExecCommand", "path" : "$env:systemroot\\System32\\OneDriveSetup.exe", "arguments" : "/uninstall" }, { + "_comment" : "The 3 actions bellow delete Onedrive folders ", "action" : "DelFile", "path" : "$env:localappdata\\Microsoft\\OneDrive", "recurse" : "True" }, - { + { "action" : "DelFile", "path" : "$env:programdata\\Microsoft OneDrive", "recurse" : "True" @@ -38,39 +42,31 @@ "recurse" : "True" }, { + "_comment" : "Do not allow OneDrive for file storage", "action" : "AddRegKey", "value" : "1", "key" : "DisableFileSyncNGSC", - "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive", - "type" : "" + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive" }, { + "_comment" : "Disable OneDrive file sync with limited connection", "action" : "AddRegKey", "value" : "1", - "key" : "DisableFileSync", - "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive", - "type" : "" + "key" : "DisableMeteredNetworkFileSync", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive" }, - { + { + "_comment" : "Disable save file to Onedrive", "action" : "AddRegKey", - "value" : "0", - "key" : "System.IsPinnedToNameSpaceTree", - "path" : "HKCR:\\Wow6432Node\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}", - "type" : "" + "value" : "1", + "key" : "DisableLibrariesDefaultSaveToOneDrive", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\OneDrive" }, { - "action" : "AddRegKey", - "value" : "0", - "key" : "System.IsPinnedToNameSpaceTree", - "path" : "HKCR:\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}", - "type" : "" - }, - { - "_comment" : "Prevent Onedrive installation for new created user", + "_comment" : "Prevent Onedrive installation for new created user (non GPO key)", "action" : "DelRegKey", "key" : "OneDriveSetup", "path" : "HKU:\\Default\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" } - - ] + ] } diff --git a/modules.d/GPO_Phone.conf b/modules.d/GPO_Phone.conf new file mode 100644 index 0000000..f281089 --- /dev/null +++ b/modules.d/GPO_Phone.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Phone (GPO)", + "Description" : "This module desactivate Phone access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessPhone", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessPhone_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessPhone_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessPhone_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Privacy.conf b/modules.d/GPO_Privacy.conf new file mode 100644 index 0000000..9f19cc1 --- /dev/null +++ b/modules.d/GPO_Privacy.conf @@ -0,0 +1,56 @@ +{ + "Name" : "Privacy (GPO)", + "Description" : "This module set some privati life settings like GPO does.", + "actions" : + [ + { + "_comment" : "Disable hand writing share", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\TabletPC", + "action" : "AddRegKey", + "key" : "PreventHandwritingDataSharing", + "value" : "1" + }, + { + "_comment" : "Disable hand writing error reporting", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\HandwritingErrorReports", + "key" : "PreventHandwritingErrorReports", + "value" : "1" + }, + { + "_comment" : "Disable Inventory Collector", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppCompat", + "key" : "DisableInventory", + "value" : "1" + }, + { + "_comment" : "Disable camera on lock screen", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Personalization", + "key" : "NoLockScreenCamera", + "value" : "1" + }, + { + "_comment" : "Disable notification for tile, application and Lockscreen (non GPO key)(current user)", + "action" : "AddRegKey", + "path" : "HKCU:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", + "key" : "ToastEnabled", + "value" : "0" + }, + { + "_comment" : "Disable notification for tiles, applications and lockscreen (non GPO key)(user template hive)", + "action" : "AddRegKey", + "path" : "HKU:\\Default\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", + "key" : "ToastEnabled", + "value" : "0" + }, + { + "_comment" : "Disable user experience amelioration program ", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\SQMClient\\Windows", + "key" : "CEIPEnabled", + "value" : "0" + } + ] +} diff --git a/modules.d/GPO_Radios.conf b/modules.d/GPO_Radios.conf new file mode 100644 index 0000000..aef16a3 --- /dev/null +++ b/modules.d/GPO_Radios.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Radios (GPO)", + "Description" : "This module desactivate Radios (Bluetooth, Wifi ...) access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessRadios", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessRadios_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessRadios_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessRadios_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_SettingSync.conf b/modules.d/GPO_SettingSync.conf new file mode 100644 index 0000000..8d61ed2 --- /dev/null +++ b/modules.d/GPO_SettingSync.conf @@ -0,0 +1,35 @@ +{ + "Name" : "Setting Sync (GPO)", + "Description" : "This module desactivate Setting sync between devices like GPO did.", + "actions" : + [ + { + "_comment" : "Disable Setting Sync", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\SettingSync", + "key" : "DisableSettingSync", + "value" : "1" + }, + { + "_comment" : "Disable Possibility for user to reactivate setting sync", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\SettingSync", + "key" : "DisableSettingSyncUserOverride", + "value" : "1" + }, + { + "_comment" : "Disable Setting Sync for third party Apps", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\SettingSync", + "key" : "DisableApplicationSettingSync", + "value" : "1" + }, + { + "_comment" : "Disable Possibility for user to reactivate setting sync for third party Apps", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\SettingSync", + "key" : "DisableApplicationSettingSyncUserOverride", + "value" : "1" + } + ] +} diff --git a/modules.d/GPO_SyncDevices.conf b/modules.d/GPO_SyncDevices.conf new file mode 100644 index 0000000..3156554 --- /dev/null +++ b/modules.d/GPO_SyncDevices.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Sync with devices (GPO)", + "Description" : "This module desactivate sync with devices for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsSyncWithDevices", + "value" : "0" + }, + { + "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsSyncWithDevices_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsSyncWithDevices_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsSyncWithDevices_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Tasks.conf b/modules.d/GPO_Tasks.conf new file mode 100644 index 0000000..dfb3570 --- /dev/null +++ b/modules.d/GPO_Tasks.conf @@ -0,0 +1,33 @@ +{ + "Name" : "Tasks (GPO)", + "Description" : "This module desactivate Tasks access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessTasks", + "value" : "0" + }, + { + "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessTasks_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessTasks_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + " action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessTasks_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Teredo.conf b/modules.d/GPO_Teredo.conf new file mode 100644 index 0000000..278fcad --- /dev/null +++ b/modules.d/GPO_Teredo.conf @@ -0,0 +1,15 @@ +{ + "Name" : "Teredo (GPO)", + "Description" : "This module desactivate Teredo pseudo interface like GPO did.", + "actions" : + [ + { + "_comment" : "Disable Teredo with key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\TCPIP\\v6Transition", + "key" : "Teredo_State", + "value" : "Disable", + "type" : "String" + } + ] +} diff --git a/modules.d/GPO_TrustedDevices.conf b/modules.d/GPO_TrustedDevices.conf new file mode 100644 index 0000000..6df443a --- /dev/null +++ b/modules.d/GPO_TrustedDevices.conf @@ -0,0 +1,33 @@ +{ + "Name" : "TrustedDevices (GPO)", + "Description" : "This module desactivate Trusted Devices access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessTrustedDevices", + "value" : "0" + }, + { + "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessTrustedDevices_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessTrustedDevices_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsAccessTrustedDevices_ForceDenyTheseApps", + "value" : "MultiString" + } + ] +} diff --git a/modules.d/GPO_Wifi.conf b/modules.d/GPO_Wifi.conf new file mode 100644 index 0000000..1322f57 --- /dev/null +++ b/modules.d/GPO_Wifi.conf @@ -0,0 +1,13 @@ +{ + "Name" : "Contact, open and paid Wifi (GPO)", + "Description" : "This module desactivate Wifi connexion to shared network by contacts, paid and open AP like GPO does.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Microsoft\\WcmSvc\\wifinetworkmanager\\config", + "key" : "AutoConnectAllowedOEM", + "value" : "0" + } ] +} diff --git a/modules.d/GPO_WindowsDefender.conf b/modules.d/GPO_WindowsDefender.conf new file mode 100644 index 0000000..d52443d --- /dev/null +++ b/modules.d/GPO_WindowsDefender.conf @@ -0,0 +1,35 @@ +{ + "Name" : "Windows Defender (GPO)", + "Description" : "This module Desactivate somes Windows Defender functionnallity like GPO does.", + "actions" : + [ + { + "_comment" : "Disable Spynet Reporting", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Spynet", + "key" : "SpyNetReporting", + "value" : "0" + }, + { + "_comment" : "Disable sample submission to Microsoft", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Spynet", + "key" : "SubmitSamplesConsent", + "value" : "2" + }, + { + "_comment" : "Do not report infection informations to Microsoft", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\MRT", + "key" : "DontReportInfectionInformation", + "value" : "1" + }, + { + "_comment" : "Do not allow setting override for Spynet reporting", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Spynet", + "key" : "LocalSettingOverrideSpynetReporting", + "value" : "0" + } + ] +} diff --git a/modules.d/GPO_WindowsStore.conf b/modules.d/GPO_WindowsStore.conf new file mode 100644 index 0000000..8bf53b4 --- /dev/null +++ b/modules.d/GPO_WindowsStore.conf @@ -0,0 +1,49 @@ +{ + "Name" : "Windows Store (GPO)", + "Description" : "This module Desactivate Windows Store functionnality like GPO does.", + "actions" : + [ + { + "_comment" : "Disable All Windows Store Application - Appx (Windows Entreprise and Education)", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\WindowsStore", + "key" : "DisableStoreApps", + "value" : "1" + }, + { + "_comment" : "Disable Windows Store (Windows Pro, Entreprise ans Education)", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\WindowsStore", + "key" : "RemoveWindowsStore", + "value" : "1" + }, + { + "_comment" : "Disable Open with Windows Store in Explorer (Windows Pro, Entreprise and Education)", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Explorer", + "key" : "NoUseStoreOpenWith", + "value" : "1" + }, + { + "_comment" : "Show only private repository (Windows Pro, Entreprise and Education)", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\WindowsStore", + "key" : "RequirePrivateStoreOnly", + "value" : "1" + }, + { + "_comment" : "Disable message to update tu Windows last version (Windows Pro, Entreprise and Education)", + "action" : "AddRegKey", + "path" : "HKLM:\\Software\\Policies\\Microsoft\\Windows\\WindowsStore", + "key" : "DisableOsUpgrade", + "value" : "1" + }, + { + "_comment" : "Disable push to install (Windows Pro, Entreprise and Education)", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\PushToInstall", + "key" : "DisablePushToInstall", + "value" : "1" + } + ] +} diff --git a/modules.d/GPO_WindowsTips.conf b/modules.d/GPO_WindowsTips.conf new file mode 100644 index 0000000..bd3f16f --- /dev/null +++ b/modules.d/GPO_WindowsTips.conf @@ -0,0 +1,22 @@ +{ + "Name" : "Windows Tips (GPO)", + "Description" : "This module desactivate Windows tips like GPO does.", + "actions" : + [ + { + "_comment" : "Do not display Windows Tips", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent", + "key" : "DisableSoftLanding", + "value" : "1" + } + , + { + "_comment" : "Disable Windows Consumers Features", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent", + "key" : "DisableWindowsConsumerFeatures", + "value" : "1" + } + ] +} diff --git a/modules.d/GPO_WindowsUpdate.conf b/modules.d/GPO_WindowsUpdate.conf new file mode 100644 index 0000000..74a7530 --- /dev/null +++ b/modules.d/GPO_WindowsUpdate.conf @@ -0,0 +1,70 @@ +{ + "Name" : "Windows Update (GPO)", + "Description" : "Disable sone Windows Update features like GPO does.", + "actions" : + [ + { + "_comment" : "Disable Download Optimization", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\DeliveryOptimization", + "key" : "DODownloadMode", + "value" : "0" + }, + { + "_comment" : "Disable Peer to Peer connection for Windows Update", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\Peernet", + "key" : "Disabled", + "value" : "1" + }, + { + "_comment" : "Notify Update download and installation", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU", + "key" : "AUOptions", + "value" : "2" + }, + { + "_comment" : "Activate Windows Update all day ( 0:All days, 1:sunday, 2:monday, ...", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU", + "key" : "ScheduledInstallDay", + "value" : "0" + }, + { + "_comment" : "Define hour of installation", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU", + "key" : "ScheduledInstallTime", + "value" : "12" + }, + { + "_comment" : "Enable Defered Updates (Windows Pro and +) (https://docs.microsoft.com/en-us/windows/deployment/update/waas-configure-wufb)", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate", + "key" : "DeferFeatureUpdates", + "value" : "1" + }, + { + "_comment" : "Select CBB branch for Defered Updates", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate", + "key" : "BranchReadinessLevel", + "value" : "32" + }, + { + "_comment" : "Defer Feature installation for 1 year", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate", + "key" : "DeferFeatureUpdatesPeriodInDays", + "value" : "365" + }, + { + "_comment" : "Disable drivers update", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\WindowsUpdate\\AU", + "key" : "ExcludeWUDriversInQualityUpdate", + "value" : "1" + } + ] +} diff --git a/modules.d/SER_Location.conf b/modules.d/SER_Location.conf new file mode 100644 index 0000000..229a6e5 --- /dev/null +++ b/modules.d/SER_Location.conf @@ -0,0 +1,10 @@ +{ + "name" : "Disable Location Service", + "description" : "This module disable location service", + "actions" : [ + { + "action" : "DisableService", + "name" : "lfsvc" + } + ] +} From c2733d133cd0a37cc49b3f8073d55f3a2ab5e942 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 25 Mar 2018 16:14:50 +0200 Subject: [PATCH 16/91] Rework AddRegKey() to add key with empty value --- cleanW10.ps1 | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 2be1fa9..e00c84d 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -87,6 +87,21 @@ function FwBlockOutputIP { } } +function FwBlockProgram { + param ( + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + Write-Host " Test" +} + function RemoveScheduledTask () { param ( [cmdletbinding( @@ -134,8 +149,12 @@ function AddRegKey { [Parameter(Mandatory=$true)] [object]$params ) - if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') -or -not $params.ContainsKey('value') ) { - Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value" + if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') ) { + Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value`n" + return + } + if ( -not $params.ContainsKey('value') ) { + $params.value = "" } if ( -not $params.ContainsKey('type') -or $params.type -eq "" ){ $params.type="DWord" } Write-Host -NoNewline "`t$($params.key) reg key to $($params.value) : " From 27614e531d255e9c1fa72be17a654e68d013f996 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 25 Mar 2018 21:14:03 +0200 Subject: [PATCH 17/91] ProcessModule() display a message if action does not exist --- cleanW10.ps1 | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index e00c84d..f2121c9 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -486,17 +486,26 @@ function ProcessModuleFile { foreach( $p in $_.psobject.properties.name ){ $current_action[$p] = $_.$p } + if ( -not $current_action.ContainsKey('action') ) { + Write-Host -ForegroundColor Red "`tError : action not found" + return + } # If action content a file element, need to test if file exist if ( $current_action.ContainsKey('file')) { $action_file = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + "\" + $current_action.file if ( -not (Test-Path $action_file) ) { - Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found" + Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found`n" return } $current_action.file = $action_file } # Invoke function - Invoke-Expression "$($_.action) `$current_action" + if (Get-Command $($_.action) -ErrorAction SilentlyContinue ){ + Invoke-Expression "$($_.action) `$current_action" + } + else { + Write-Host -ForegroundColor Red "`tError in $($mod.name) : action $($_.action) not exist" + } } } From 1dbac1b138369de666c4e068a76821f00423b7de Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 25 Mar 2018 21:18:19 +0200 Subject: [PATCH 18/91] JSON Corrections --- modules.d/FW_Cortana.conf | 2 +- modules.d/GPO_Account.conf | 8 ++++---- modules.d/GPO_Advertising.conf | 4 ++-- modules.d/GPO_BackgoundApps.conf | 2 +- modules.d/GPO_Calendars.conf | 2 +- modules.d/GPO_CallHistory.conf | 2 +- modules.d/GPO_Camera.conf | 2 +- modules.d/GPO_CloudContent.conf | 12 ++++++------ modules.d/GPO_Contacts.conf | 2 +- modules.d/GPO_DiagnosticInfo.conf | 2 +- modules.d/GPO_DynamicTiles.conf | 8 +++----- modules.d/GPO_Email.conf | 2 +- modules.d/GPO_Location.conf | 2 +- modules.d/GPO_Messaging.conf | 2 +- modules.d/GPO_Microphone.conf | 2 +- modules.d/GPO_MicrosoftAccount.conf | 2 +- modules.d/GPO_Motion.conf | 2 +- modules.d/GPO_Notifications.conf | 2 +- modules.d/GPO_Phone.conf | 2 +- modules.d/GPO_Radios.conf | 2 +- modules.d/GPO_SyncDevices.conf | 2 +- modules.d/GPO_Tasks.conf | 4 ++-- modules.d/GPO_TrustedDevices.conf | 2 +- 23 files changed, 35 insertions(+), 37 deletions(-) diff --git a/modules.d/FW_Cortana.conf b/modules.d/FW_Cortana.conf index 4c8befc..72ba49e 100644 --- a/modules.d/FW_Cortana.conf +++ b/modules.d/FW_Cortana.conf @@ -5,7 +5,7 @@ [ { "action" : "FwBlockProgram", - "name" : "Cortana" + "name" : "Cortana", "path" : "$env:systemroot\\systemapps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\SearchUI.exe" } ] diff --git a/modules.d/GPO_Account.conf b/modules.d/GPO_Account.conf index df8e448..2c5e47e 100644 --- a/modules.d/GPO_Account.conf +++ b/modules.d/GPO_Account.conf @@ -11,23 +11,23 @@ "value" : "0" }, { - "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessAccountInfo_UserInControlOfTheseApps", "type" : "MultiString" }, { - "action" : "AddRegKey", + "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessAccountInfo_ForceAllowTheseApps", "type" : "MultiString" }, { - "action" : "AddRegKey", + "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessAccountInfo_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_Advertising.conf b/modules.d/GPO_Advertising.conf index 0eac576..40cdb85 100644 --- a/modules.d/GPO_Advertising.conf +++ b/modules.d/GPO_Advertising.conf @@ -1,10 +1,10 @@ { "Name" : "Advertising (GPO)", - "Description" : "This module desactivate Advertising info like GPO did.", + "Description" : "This module desactivate Advertising info like GPO does.", "actions" : [ { - " action" : "AddRegKey", + "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AdvertisingInfo", "key" : "DisabledByGroupPolicy", "value" : "1" diff --git a/modules.d/GPO_BackgoundApps.conf b/modules.d/GPO_BackgoundApps.conf index 05c1afe..f967681 100644 --- a/modules.d/GPO_BackgoundApps.conf +++ b/modules.d/GPO_BackgoundApps.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsRunInBackgound_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_Calendars.conf b/modules.d/GPO_Calendars.conf index 6b96d00..f94ee9e 100644 --- a/modules.d/GPO_Calendars.conf +++ b/modules.d/GPO_Calendars.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessCalendar_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_CallHistory.conf b/modules.d/GPO_CallHistory.conf index 5d968b6..c4aa2b9 100644 --- a/modules.d/GPO_CallHistory.conf +++ b/modules.d/GPO_CallHistory.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessCallHistory_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_Camera.conf b/modules.d/GPO_Camera.conf index 76e73d4..36bb82f 100644 --- a/modules.d/GPO_Camera.conf +++ b/modules.d/GPO_Camera.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessCamera_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_CloudContent.conf b/modules.d/GPO_CloudContent.conf index cff0aa4..913b837 100644 --- a/modules.d/GPO_CloudContent.conf +++ b/modules.d/GPO_CloudContent.conf @@ -1,35 +1,35 @@ { "Name" : "CloudContent (GPO)", - "Description" : "This module Desactivate somes Windows like GPO does.", + "Description" : "This module Desactivate somes Windows suggestionlike GPO does.", "actions" : [ { "_comment" : "Disable third party suggestion (for current user)", "action" : "AddRegKey", - "path" : "HKCU:\\Software\\Policies\\Microsoft\\Windows\\CloudContent",, + "path" : "HKCU:\\Software\\Policies\\Microsoft\\Windows\\CloudContent", "key" : "DisableThirdPartysuggestions", "value" : "1" }, { "_comment" : "Disable Windows Spotlight (for current user)", "action" : "AddRegKey", - "path" : "HKCU:\\Software\\Policies\\Microsoft\\Windows\\CloudContent",, + "path" : "HKCU:\\Software\\Policies\\Microsoft\\Windows\\CloudContent", "key" : "DisableWindowsSpotlightFeatures", "value" : "1" }, + { "_comment" : "Disable third party suggestion (for user template hive)", "action" : "AddRegKey", - "path" : "HKU:\\Default\\Software\\Policies\\Microsoft\\Windows\\CloudContent",, + "path" : "HKU:\\Default\\Software\\Policies\\Microsoft\\Windows\\CloudContent", "key" : "DisableThirdPartysuggestions", "value" : "1" }, { "_comment" : "Disable Windows Spotlight (for user template hive)", "action" : "AddRegKey", - "path" : "HKU:\\Default\\Software\\Policies\\Microsoft\\Windows\\CloudContent",, + "path" : "HKU:\\Default\\Software\\Policies\\Microsoft\\Windows\\CloudContent", "key" : "DisableWindowsSpotlightFeatures", "value" : "1" } - ] } diff --git a/modules.d/GPO_Contacts.conf b/modules.d/GPO_Contacts.conf index 5576782..911c778 100644 --- a/modules.d/GPO_Contacts.conf +++ b/modules.d/GPO_Contacts.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessContacts_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_DiagnosticInfo.conf b/modules.d/GPO_DiagnosticInfo.conf index 10b0ebf..e7b29ee 100644 --- a/modules.d/GPO_DiagnosticInfo.conf +++ b/modules.d/GPO_DiagnosticInfo.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsGetDiagnosticInfo_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_DynamicTiles.conf b/modules.d/GPO_DynamicTiles.conf index f1182a1..603fb57 100644 --- a/modules.d/GPO_DynamicTiles.conf +++ b/modules.d/GPO_DynamicTiles.conf @@ -16,22 +16,20 @@ "path" : "HKCU:\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", "key" : "NoTileApplicationNotification", "value" : "1" - } - , + }, { "_comment" : "Disable cloud notifications for tiles (for user template hive)", "action" : "AddRegKey", - "path" : "HKU:\\Default\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", + "path" : "HKU:\\Default\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", "key" : "NoCloudApplicationNotification", "value" : "1" }, { - "_comment" : "Disable notifications for tiles (for user templte hive)", + "_comment" : "Disable notifications for tiles (for user template hive)", "action" : "AddRegKey", "path" : "HKU:\\Default\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", "key" : "NoTileApplicationNotification", "value" : "1" } - ] } diff --git a/modules.d/GPO_Email.conf b/modules.d/GPO_Email.conf index 981d4af..05eb36a 100644 --- a/modules.d/GPO_Email.conf +++ b/modules.d/GPO_Email.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessEmail_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_Location.conf b/modules.d/GPO_Location.conf index ee76b0b..834f6fd 100644 --- a/modules.d/GPO_Location.conf +++ b/modules.d/GPO_Location.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessLocation_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" }, { "_comment" : "Disable hardware location sensors", diff --git a/modules.d/GPO_Messaging.conf b/modules.d/GPO_Messaging.conf index d01edb8..f0edb4e 100644 --- a/modules.d/GPO_Messaging.conf +++ b/modules.d/GPO_Messaging.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessMessaging_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_Microphone.conf b/modules.d/GPO_Microphone.conf index b06468d..15bd09d 100644 --- a/modules.d/GPO_Microphone.conf +++ b/modules.d/GPO_Microphone.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessMicrophone_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_MicrosoftAccount.conf b/modules.d/GPO_MicrosoftAccount.conf index 19f331c..cdc6135 100644 --- a/modules.d/GPO_MicrosoftAccount.conf +++ b/modules.d/GPO_MicrosoftAccount.conf @@ -5,7 +5,7 @@ [ { "_comment" : "Disable MS Account", - " action" : "AddRegKey", + "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", "key" : "NoConnectedUser", "value" : "3" diff --git a/modules.d/GPO_Motion.conf b/modules.d/GPO_Motion.conf index 7ad2062..a70648a 100644 --- a/modules.d/GPO_Motion.conf +++ b/modules.d/GPO_Motion.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessMotion_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_Notifications.conf b/modules.d/GPO_Notifications.conf index 2b9af06..8beb0b9 100644 --- a/modules.d/GPO_Notifications.conf +++ b/modules.d/GPO_Notifications.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessNotifications_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_Phone.conf b/modules.d/GPO_Phone.conf index f281089..bc50f45 100644 --- a/modules.d/GPO_Phone.conf +++ b/modules.d/GPO_Phone.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessPhone_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_Radios.conf b/modules.d/GPO_Radios.conf index aef16a3..c276836 100644 --- a/modules.d/GPO_Radios.conf +++ b/modules.d/GPO_Radios.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessRadios_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_SyncDevices.conf b/modules.d/GPO_SyncDevices.conf index 3156554..466002e 100644 --- a/modules.d/GPO_SyncDevices.conf +++ b/modules.d/GPO_SyncDevices.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsSyncWithDevices_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_Tasks.conf b/modules.d/GPO_Tasks.conf index dfb3570..edaabdf 100644 --- a/modules.d/GPO_Tasks.conf +++ b/modules.d/GPO_Tasks.conf @@ -24,10 +24,10 @@ "type" : "MultiString" }, { - " action" : "AddRegKey", + "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessTasks_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } diff --git a/modules.d/GPO_TrustedDevices.conf b/modules.d/GPO_TrustedDevices.conf index 6df443a..83ed6e3 100644 --- a/modules.d/GPO_TrustedDevices.conf +++ b/modules.d/GPO_TrustedDevices.conf @@ -27,7 +27,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessTrustedDevices_ForceDenyTheseApps", - "value" : "MultiString" + "type" : "MultiString" } ] } From 4367ee7a8f24eb0956c35fbd41f1df0d02b60edb Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 25 Mar 2018 22:33:06 +0200 Subject: [PATCH 19/91] Implement FwBlockProgram() --- cleanW10.ps1 | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index f2121c9..9206291 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -99,7 +99,35 @@ function FwBlockProgram { )] [object]$params ) - Write-Host " Test" + if ( $params.ContainsKey('file') ) { + foreach ($line in Get-Content $params.file ){ FwBlockOutputIP @{"ip"="$line"} } + } + elseif ( $params.ContainsKey('path') ) { + $path = Invoke-Expression """$($params.path)""" + Write-Host -NoNewline "`tBlock program $($path) : " + if ( -not (Test-Path $path) ) { + Write-Host -Foregroundcolor Red "Error (path not found)" + return + } + if ( -not $params.ContainsKey('name') ) { + $params.name = $params.path + } + if ( Get-NetFirewallRule -Name $($params.name) -ErrorAction SilentlyContinue) { + Write-Host -ForegroundColor Yellow "already blacklisted" + return + } + try { + New-NetFirewallRule -Name "$($params.name)" -DisplayName "$($params.name)" -Program "$path" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress any -Action Block | Out-Null + Write-Host -ForegroundColor Green "done" + } + catch { + Write-Host -ForegroundColor Red "error" + return + } + } + else { + Write-Host -ForegroundColor Red "`tError : No path or file for action $($MyInvocation.MyCommand.Name)" + } } function RemoveScheduledTask () { From 682707c2061f32da8b2e04fb109f68f156c589c4 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 25 Mar 2018 22:39:53 +0200 Subject: [PATCH 20/91] FwBlockOutputIP() block output traffic now (was inbound by default) --- cleanW10.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 9206291..46bc3ba 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -73,7 +73,7 @@ function FwBlockOutputIP { } else { Try { - New-NetFirewallRule -Name Blacklist_$($params.ip) -DisplayName "BlackList $($params.ip)" -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null + New-NetFirewallRule -Name Blacklist_$($params.ip) -DisplayName "BlackList $($params.ip)" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null } Catch { Write-Host -ForegroundColor Red "error" From 3aca7516afb739d0c91df490fc87bcf672f025d1 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 25 Mar 2018 22:52:26 +0200 Subject: [PATCH 21/91] Remove useless file --- lib/apps.txt | 42 --------------- lib/features.txt | 4 -- lib/hosts.txt | 130 ----------------------------------------------- lib/ip.txt | 12 ----- lib/services.txt | 17 ------- lib/tasks.txt | 12 ----- 6 files changed, 217 deletions(-) delete mode 100755 lib/apps.txt delete mode 100644 lib/features.txt delete mode 100755 lib/hosts.txt delete mode 100755 lib/ip.txt delete mode 100755 lib/services.txt delete mode 100755 lib/tasks.txt diff --git a/lib/apps.txt b/lib/apps.txt deleted file mode 100755 index 3fc0758..0000000 --- a/lib/apps.txt +++ /dev/null @@ -1,42 +0,0 @@ -Microsoft.3dbuilder -Microsoft.Appconnector -Microsoft.BingFinance -Microsoft.BingFoodAndDrink -Microsoft.BingHealthAndFitness -Microsoft.BingNews -Microsoft.BingSports -Microsoft.BingTravel -Microsoft.BingWeather -Microsoft.CommsPhone -Microsoft.ConnectivityStore -Microsoft.Getstarted -Microsoft.Messaging -Microsoft.Microsoft3DViewer -Microsoft.MicrosoftOfficeHub -Microsoft.MicrosoftPowerBIForWindows -Microsoft.MicrosoftSolitaireCollection -Microsoft.MicrosoftStickyNotes -Microsoft.MinecraftUWP -Microsoft.MSPaint -Microsoft.Office.OneNote -Microsoft.Office.Sway -Microsoft.OneConnect -Microsoft.People -Microsoft.Services.Store.Engagement -Microsoft.SkypeApp -Microsoft.Windows.Photos -Microsoft.WindowsAlarms -Microsoft.WindowsCalculator -Microsoft.WindowsCamera -microsoft.windowscommunicationsapps -Microsoft.WindowsFeedbackHub -Microsoft.WindowsMaps -Microsoft.WindowsPhone -Microsoft.WindowsSoundRecorder -Microsoft.WindowsStore -Microsoft.XboxApp -Microsoft.ZuneMusic -Microsoft.ZuneVideo -Microsoft.Advertising.Xaml -9E2F88E3.Twitter -king.com.CandyCrushSodaSaga diff --git a/lib/features.txt b/lib/features.txt deleted file mode 100644 index e92b9c5..0000000 --- a/lib/features.txt +++ /dev/null @@ -1,4 +0,0 @@ -Internet-Explorer-Optional-amd64 -FaxServicesClientPackage -WindowsMediaPlayer -MediaPlayback diff --git a/lib/hosts.txt b/lib/hosts.txt deleted file mode 100755 index 2008428..0000000 --- a/lib/hosts.txt +++ /dev/null @@ -1,130 +0,0 @@ -184-86-53-99.deploy.static.akamaitechnologies.com -a-0001.a-msedge.net -a-0002.a-msedge.net -a-0003.a-msedge.net -a-0004.a-msedge.net -a-0005.a-msedge.net -a-0006.a-msedge.net -a-0007.a-msedge.net -a-0008.a-msedge.net -a-0009.a-msedge.net -a-msedge.net -a.ads1.msn.com -a.ads2.msads.net -a.ads2.msn.com -a.rad.msn.com -a1621.g.akamai.net -a1856.g2.akamai.net -a1961.g.akamai.net -a978.i6g1.akamai.net -ac3.msn.com -ad.doubleclick.net -adnexus.net -adnxs.com -ads.msn.com -ads1.msads.net -ads1.msn.com -aidps.atdmt.com -aka-cdn-ns.adtech.de -apps.skype.com -az361816.vo.msecnd.net -az512334.vo.msecnd.net -b.ads1.msn.com -b.ads2.msads.net -b.rad.msn.com -bingads.microsoft.com -bs.serving-sys.com -c.atdmt.com -c.msn.com -cdn.atdmt.com -cds26.ams9.msecn.net -choice.microsoft.com -choice.microsoft.com.nsatc.net -compatexchange.cloudapp.net -corp.sts.microsoft.com -corpext.msitadfs.glbdns2.microsoft.com -cs1.wpc.v0cdn.net -cy2.vortex.data.microsoft.com.akadns.net -db3aqu.atdmt.com -df.telemetry.microsoft.com -diagnostics.support.microsoft.com -e2835.dspb.akamaiedge.net -e7341.g.akamaiedge.net -e7502.ce.akamaiedge.net -e8218.ce.akamaiedge.net -ec.atdmt.com -fe2.update.microsoft.com.akadns.net -feedback.microsoft-hohm.com -feedback.search.microsoft.com -feedback.windows.com -flex.msn.com -g.msn.com -h1.msn.com -h2.msn.com -hostedocsp.globalsign.com -i1.services.social.microsoft.com -i1.services.social.microsoft.com.nsatc.net -ipv6.msftncsi.com -ipv6.msftncsi.com.edgesuite.net -lb1.www.ms.akadns.net -live.rads.msn.com -m.adnxs.com -m.hotmail.com -msedge.net -msftncsi.com -msnbot-65-55-108-23.search.msn.com -msntest.serving-sys.com -oca.telemetry.microsoft.com -oca.telemetry.microsoft.com.nsatc.net -pre.footprintpredict.com -preview.msn.com -pricelist.skype.com -rad.live.com -rad.msn.com -redir.metaservices.microsoft.com -reports.wes.df.telemetry.microsoft.com -s.gateway.messenger.live.com -s0.2mdn.net -schemas.microsoft.akadns.net -secure.adnxs.com -secure.flashtalking.com -services.wes.df.telemetry.microsoft.com -settings-sandbox.data.microsoft.com -settings-win.data.microsoft.com -sls.update.microsoft.com.akadns.net -sqm.df.telemetry.microsoft.com -sqm.telemetry.microsoft.com -sqm.telemetry.microsoft.com.nsatc.net -ssw.live.com -static.2mdn.net -statsfe1.ws.microsoft.com -statsfe2.update.microsoft.com.akadns.net -statsfe2.ws.microsoft.com -survey.watson.microsoft.com -telecommand.telemetry.microsoft.com -telecommand.telemetry.microsoft.com.nsatc.net -telemetry.appex.bing.net -telemetry.microsoft.com -telemetry.urs.microsoft.com -ui.skype.com -v10.vortex-win.data.microsoft.com -view.atdmt.com -vortex-bn2.metron.live.com.nsatc.net -vortex-cy2.metron.live.com.nsatc.net -vortex-sandbox.data.microsoft.com -vortex-win.data.metron.live.com.nsatc.net -vortex-win.data.microsoft.com -vortex.data.glbdns2.microsoft.com -vortex.data.microsoft.com -watson.live.com -watson.microsoft.com -watson.ppe.telemetry.microsoft.com -watson.telemetry.microsoft.com -watson.telemetry.microsoft.com.nsatc.net -web.vortex.data.microsoft.com -wes.df.telemetry.microsoft.com -www.msftncsi.com -win10.ipv6.microsoft.com -www.bingads.microsoft.com -www.go.microsoft.akadns.net -www.msftncsi.com diff --git a/lib/ip.txt b/lib/ip.txt deleted file mode 100755 index c534941..0000000 --- a/lib/ip.txt +++ /dev/null @@ -1,12 +0,0 @@ -2.22.61.43 -2.22.61.66 -64.4.54.254 -65.39.117.230 -65.52.108.33 -65.55.108.23 -23.218.212.69 -134.170.30.202 -137.116.81.24 -157.56.106.189 -184.86.53.99 -204.79.197.200 \ No newline at end of file diff --git a/lib/services.txt b/lib/services.txt deleted file mode 100755 index c864704..0000000 --- a/lib/services.txt +++ /dev/null @@ -1,17 +0,0 @@ -diagnosticshub.standardcollector.service -DiagTrack -dmwappushservice -HomeGroupListener -HomeGroupProvider -lfsvc -MapsBroker -NetTcpPortSharing -RemoteAccess -RemoteRegistry -SharedAccess -TrkWks -WbioSrvc -WMPNetworkSvc -XblAuthManager -XblGameSave -XboxNetApiSvc diff --git a/lib/tasks.txt b/lib/tasks.txt deleted file mode 100755 index 5795c68..0000000 --- a/lib/tasks.txt +++ /dev/null @@ -1,12 +0,0 @@ -Microsoft Compatibility Appraiser -ProgramDataUpdater -CreateObjectTask -Consolidator -KernelCeipTask -UsbCeip -SmartScreenSpecific -Microsoft-Windows-DiskDiagnosticDataCollector -DmClient -MNO Metadata Parser -QueueReporting -Metadata Refresh \ No newline at end of file From ca5f72720d76c6b29d98e436d637d0e6cc7f9501 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 10:42:13 +0200 Subject: [PATCH 22/91] Variables name corrections in DelRegKey() --- cleanW10.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 46bc3ba..bc5bdd3 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -221,16 +221,16 @@ function DelRegKey { return } try { - Remove-ItemProperty -Path $path -Name $key + Remove-ItemProperty -Path $params.path -Name $params.key Write-host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ Write-Host -ForegroundColor Red "Error in DelRegKey`n`t" - Write-Host -ForegounndColor DarkRed "Access to $($params.path)\$($params.key) denied" + Write-Host -ForegoundColor DarkRed "Access to $($params.path)\$($params.key) denied" } catch { Write-Host -ForegroundColor Red -NoNewLine "Error in DelRegKey`n`t" - Write-Host -ForegounndColor DarkRed $Error[0].Exception.Message + Write-Host -ForegoundColor DarkRed $Error[0].Exception.Message } } From 995eb60e9fab4c4a54c6d325708d064c670433cd Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 11:41:06 +0200 Subject: [PATCH 23/91] Block more programs / applications with firewall --- modules.d/FW_ProgramsApps.conf | 172 +++++++++++++++++++++++++++++++++ 1 file changed, 172 insertions(+) create mode 100644 modules.d/FW_ProgramsApps.conf diff --git a/modules.d/FW_ProgramsApps.conf b/modules.d/FW_ProgramsApps.conf new file mode 100644 index 0000000..84b7297 --- /dev/null +++ b/modules.d/FW_ProgramsApps.conf @@ -0,0 +1,172 @@ +{ + "Name" : "Applications (Firewall)", + "Description" : "This module Add a firewall rule to desactivate some windows program / application net traffic", + "actions" : + [ + { + "action" : "FwBlockProgram", + "name" : "explorer", + "path" : "$env:systemroot\\explorer.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SystemSettings", + "path" : "$env:systemroot\\ImmersiveControlPanel\\SystemSettings.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BgTaskHost", + "path" : "$env:systemroot\\System32\\backgroundTaskHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BgTransfertHost", + "path" : "$env:systemroot\\System32\\BackgroundTransferHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BrowserBroker", + "path" : "$env:systemroot\\System32\\browser_broker.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "CompatTelRunner", + "path" : "$env:systemroot\\System32\\CompatTelRunner.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "DmClient", + "path" : "$env:systemroot\\System32\\dmclient.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "InstallAgentUserBroker", + "path" : "$env:systemroot\\System32\\InstallAgentUserBroker.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "lsass", + "path" : "$env:systemroot\\System32\\lsass.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "msfeedssync", + "path" : "$env:systemroot\\System32\\msfeedssync.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "run32dll", + "path" : "$env:systemroot\\System32\\rundll32.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SettingSyncHost", + "path" : "$env:systemroot\\System32\\SettingSyncHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SIHClient", + "path" : "$env:systemroot\\System32\\SIHClient.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SmartScreen", + "path" : "$env:systemroot\\System32\\smartscreen.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "TaskHostw", + "path" : "$env:systemroot\\System32\\taskhostw.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WmiPrvSE", + "path" : "$env:systemroot\\System32\\wbem\\WmiPrvSE.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WerFault", + "path" : "$env:systemroot\\System32\\WerFault.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WerMgr", + "path" : "$env:systemroot\\System32\\wermgr.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "Wsqmcons", + "path" : "$env:systemroot\\System32\\wsqmcons.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WWAHost", + "path" : "$env:systemroot\\System32\\WWAHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "ContactSupport", + "path" : "$env:systemroot\\systemapps\\ContactSupport_cw5n1h2txyewy\\ContactSupport.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "Edge", + "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "cleanw10_Cortana", + "path" : "$env:systemroot\\systemapps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\SearchUI.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BackgroundTaskHost64", + "path" : "$env:systemroot\\SysWOW64\\backgroundTaskHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "BackgroundTransferHost64", + "path" : "$env:systemroot\\SysWOW64\BackgroundTransferHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "InstallAgentUserBroker64", + "path" : "$env:systemroot\\SysWOW64\\InstallAgentUserBroker.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "MsFeedsSync64", + "path" : "$env:systemroot\\SysWOW64\\msfeedssync.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "rundll3264", + "path" : "$env:systemroot\\SysWOW64\\rundll32.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "SettingSyncHost64", + "path" : "$env:systemroot\\SysWOW64\\SettingSyncHost.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WmiPrvSE64", + "path" : "$env:systemroot\\SysWOW64\\wbem\\WmiPrvSE.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WerFault64", + "path" : "$env:systemroot\\SysWOW64\\WerFault.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WerMgr64", + "path" : "$env:systemroot\\SysWOW64\\wermgr.exe" + }, + { + "action" : "FwBlockProgram", + "name" : "WWAHost64", + "path" : "$env:systemroot\\SysWOW64\\WWAHost.exe" + } + ] +} From 4ba4ef330a197f8b613e61d0ad92c46c278aa42e Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 11:52:11 +0200 Subject: [PATCH 24/91] Syntax error in JSON --- modules.d/FW_ProgramsApps.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules.d/FW_ProgramsApps.conf b/modules.d/FW_ProgramsApps.conf index 84b7297..f6afe93 100644 --- a/modules.d/FW_ProgramsApps.conf +++ b/modules.d/FW_ProgramsApps.conf @@ -111,7 +111,7 @@ { "action" : "FwBlockProgram", "name" : "Edge", - "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" + "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdge.exe" }, { "action" : "FwBlockProgram", @@ -126,7 +126,7 @@ { "action" : "FwBlockProgram", "name" : "BackgroundTransferHost64", - "path" : "$env:systemroot\\SysWOW64\BackgroundTransferHost.exe" + "path" : "$env:systemroot\\SysWOW64\\BackgroundTransferHost.exe" }, { "action" : "FwBlockProgram", From ade08ccca048f9f09136e4d18302957b4ca3ddee Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 12:35:40 +0200 Subject: [PATCH 25/91] Reworked DelRegKey() error messages --- cleanW10.ps1 | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index bc5bdd3..715cc6c 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -217,7 +217,7 @@ function DelRegKey { ) Write-Host -NoNewline "`tDelete registery key $($params.key) : " if ( ! (Test-Path $params.path) ){ - Write-Host -ForegroundColor Red " Error path not found" + Write-Host -ForegroundColor Red " Error (path not found)" return } try { @@ -225,12 +225,11 @@ function DelRegKey { Write-host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ - Write-Host -ForegroundColor Red "Error in DelRegKey`n`t" - Write-Host -ForegoundColor DarkRed "Access to $($params.path)\$($params.key) denied" + Write-Host -ForegroundColor Red "Error (access denied)" } catch { - Write-Host -ForegroundColor Red -NoNewLine "Error in DelRegKey`n`t" - Write-Host -ForegoundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor Red -NoNewLine "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } From 4253dee3273176ff5490130e3dc014706779dfdd Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 12:51:25 +0200 Subject: [PATCH 26/91] Bad reg values for LetAppsAccess... + corrections --- modules.d/FW_Cortana.conf | 12 ------------ modules.d/GPO_Account.conf | 2 +- modules.d/GPO_BackgoundApps.conf | 2 +- modules.d/GPO_Calendars.conf | 4 ++-- modules.d/GPO_CallHistory.conf | 2 +- modules.d/GPO_Camera.conf | 6 +++--- modules.d/GPO_Contacts.conf | 6 +++--- modules.d/GPO_DiagnosticInfo.conf | 6 +++--- modules.d/GPO_Email.conf | 2 +- modules.d/GPO_InputSpeechInk.conf | 4 ++-- modules.d/GPO_Location.conf | 10 +++++----- modules.d/GPO_Messaging.conf | 6 +++--- modules.d/GPO_Microphone.conf | 4 ++-- modules.d/GPO_Motion.conf | 6 +++--- modules.d/GPO_Notifications.conf | 4 ++-- modules.d/GPO_Phone.conf | 4 ++-- modules.d/GPO_Radios.conf | 6 +++--- modules.d/GPO_SettingSync.conf | 4 ++-- modules.d/GPO_SyncDevices.conf | 4 ++-- modules.d/GPO_Tasks.conf | 4 ++-- modules.d/GPO_TrustedDevices.conf | 4 ++-- 21 files changed, 45 insertions(+), 57 deletions(-) delete mode 100644 modules.d/FW_Cortana.conf diff --git a/modules.d/FW_Cortana.conf b/modules.d/FW_Cortana.conf deleted file mode 100644 index 72ba49e..0000000 --- a/modules.d/FW_Cortana.conf +++ /dev/null @@ -1,12 +0,0 @@ -{ - "Name" : "Cortana (Firewall)", - "Description" : "This module Add a firewall rule to desactivate Cortana net traffic", - "actions" : - [ - { - "action" : "FwBlockProgram", - "name" : "Cortana", - "path" : "$env:systemroot\\systemapps\\Microsoft.Windows.Cortana_cw5n1h2txyewy\\SearchUI.exe" - } - ] -} diff --git a/modules.d/GPO_Account.conf b/modules.d/GPO_Account.conf index 2c5e47e..e33a8ed 100644 --- a/modules.d/GPO_Account.conf +++ b/modules.d/GPO_Account.conf @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessAccountInfo", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_BackgoundApps.conf b/modules.d/GPO_BackgoundApps.conf index f967681..76183c9 100644 --- a/modules.d/GPO_BackgoundApps.conf +++ b/modules.d/GPO_BackgoundApps.conf @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsRunInBackgound", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Calendars.conf b/modules.d/GPO_Calendars.conf index f94ee9e..c4eaa56 100644 --- a/modules.d/GPO_Calendars.conf +++ b/modules.d/GPO_Calendars.conf @@ -1,6 +1,6 @@ { "Name" : "Calendar (GPO)", - "Description" : "This module desactivate Calendar access for third party Apps like GPO did.", + "Description" : "This module desactivate Calendar access for third party Apps like GPO does.", "actions" : [ { @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessCalendar", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_CallHistory.conf b/modules.d/GPO_CallHistory.conf index c4aa2b9..bb41fe1 100644 --- a/modules.d/GPO_CallHistory.conf +++ b/modules.d/GPO_CallHistory.conf @@ -1,6 +1,6 @@ { "Name" : "Call history (GPO)", - "Description" : "This module desactivate Call history access for third party Apps like GPO did.", + "Description" : "This module desactivate Call history access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Camera.conf b/modules.d/GPO_Camera.conf index 36bb82f..1b2929a 100644 --- a/modules.d/GPO_Camera.conf +++ b/modules.d/GPO_Camera.conf @@ -1,14 +1,14 @@ { "Name" : "Camera (GPO)", - "Description" : "This module desactivate Camera access for third party Apps like GPO did.", + "Description" : "This module desactivate Camera access for third party Apps like GPO does.", "actions" : [ - { + { "_comment" : "This is the principal reg key controlled by GPO", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessCamera", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Contacts.conf b/modules.d/GPO_Contacts.conf index 911c778..fe15aab 100644 --- a/modules.d/GPO_Contacts.conf +++ b/modules.d/GPO_Contacts.conf @@ -1,14 +1,14 @@ { "Name" : "Contacts (GPO)", - "Description" : "This module desactivate Contacts access for third party Apps like GPO did.", + "Description" : "This module desactivate Contacts access for third party Apps like GPO does.", "actions" : [ - { + { "_comment" : "This is the principal reg key controlled by GPO", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessContacts", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_DiagnosticInfo.conf b/modules.d/GPO_DiagnosticInfo.conf index e7b29ee..eee7563 100644 --- a/modules.d/GPO_DiagnosticInfo.conf +++ b/modules.d/GPO_DiagnosticInfo.conf @@ -1,14 +1,14 @@ { "Name" : "DiagnisticInfo (GPO)", - "Description" : "This module desactivate diagnistic info access for third party Apps like GPO did.", + "Description" : "This module desactivate diagnistic info access for third party Apps like GPO does.", "actions" : [ - { + { "_comment" : "This is the principal reg key controlled by GPO", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsGetDiagnosticInfo", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Email.conf b/modules.d/GPO_Email.conf index 05eb36a..a17dce0 100644 --- a/modules.d/GPO_Email.conf +++ b/modules.d/GPO_Email.conf @@ -1,6 +1,6 @@ { "Name" : "Email access (GPO)", - "Description" : "This module desactivate email access for third party Apps like GPO did.", + "Description" : "This module desactivate email access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_InputSpeechInk.conf b/modules.d/GPO_InputSpeechInk.conf index 3548533..a67c7a3 100644 --- a/modules.d/GPO_InputSpeechInk.conf +++ b/modules.d/GPO_InputSpeechInk.conf @@ -1,6 +1,6 @@ { "Name" : "Input Speech Ink (GPO)", - "Description" : "This module desactivate Input personalization, speech and ink recognition like GPO did.", + "Description" : "This module desactivate Input personalization, speech and ink recognition like GPO does.", "actions" : [ { @@ -25,7 +25,7 @@ "key" : "AllowInputPersonnalization", "value" : "0" }, - { + { "_comment" : "Desactivate voice data automatic updates", "action" : "AddRegKey", "path" : "HKLM:\\Software\\Policies\\Microsoft\\Speech", diff --git a/modules.d/GPO_Location.conf b/modules.d/GPO_Location.conf index 834f6fd..36ef2c0 100644 --- a/modules.d/GPO_Location.conf +++ b/modules.d/GPO_Location.conf @@ -1,14 +1,14 @@ { - "Name" : "Location (GPO)", - "Description" : "This module desactivate Location access for third party Apps like GPO did.", + "Name" : "Location ans sensors (GPO)", + "Description" : "This module desactivate Location access for third party Apps like GPO does.", "actions" : [ - { - "_comment" : "This is the principal reg key controlled by GPO", + { + "_comment" : "This is the principal reg key controlled by GPO", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessLocation", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Messaging.conf b/modules.d/GPO_Messaging.conf index f0edb4e..8666f05 100644 --- a/modules.d/GPO_Messaging.conf +++ b/modules.d/GPO_Messaging.conf @@ -1,14 +1,14 @@ { "Name" : "Messaging (GPO)", - "Description" : "This module desactivate Messaging access for third party Apps like GPO did.", + "Description" : "This module desactivate Messaging access for third party Apps like GPO does.", "actions" : [ - { + { "_comment" : "This is the principal reg key controlled by GPO", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessMessaging", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Microphone.conf b/modules.d/GPO_Microphone.conf index 15bd09d..8fc392a 100644 --- a/modules.d/GPO_Microphone.conf +++ b/modules.d/GPO_Microphone.conf @@ -1,6 +1,6 @@ { "Name" : "Microphone (GPO)", - "Description" : "This module desactivate Microphone access for third party Apps like GPO did.", + "Description" : "This module desactivate Microphone access for third party Apps like GPO does.", "actions" : [ { @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessMicrophone", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Motion.conf b/modules.d/GPO_Motion.conf index a70648a..1b6c171 100644 --- a/modules.d/GPO_Motion.conf +++ b/modules.d/GPO_Motion.conf @@ -1,14 +1,14 @@ { "Name" : "Motion Sensor (GPO)", - "Description" : "This module desactivate Motion sensor access for third party Apps like GPO did.", + "Description" : "This module desactivate Motion sensor access for third party Apps like GPO does.", "actions" : [ - { + { "_comment" : "This is the principal reg key controlled by GPO", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessMotion", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Notifications.conf b/modules.d/GPO_Notifications.conf index 8beb0b9..56b98a7 100644 --- a/modules.d/GPO_Notifications.conf +++ b/modules.d/GPO_Notifications.conf @@ -1,6 +1,6 @@ { "Name" : "Notifications (GPO)", - "Description" : "This module desactivate Notifications access for third party Apps like GPO did.", + "Description" : "This module desactivate Notifications access for third party Apps like GPO does.", "actions" : [ { @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessNotifications", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Phone.conf b/modules.d/GPO_Phone.conf index bc50f45..f244d65 100644 --- a/modules.d/GPO_Phone.conf +++ b/modules.d/GPO_Phone.conf @@ -1,6 +1,6 @@ { "Name" : "Phone (GPO)", - "Description" : "This module desactivate Phone access for third party Apps like GPO did.", + "Description" : "This module desactivate Phone access for third party Apps like GPO does.", "actions" : [ { @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessPhone", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Radios.conf b/modules.d/GPO_Radios.conf index c276836..4b13a76 100644 --- a/modules.d/GPO_Radios.conf +++ b/modules.d/GPO_Radios.conf @@ -1,14 +1,14 @@ { "Name" : "Radios (GPO)", - "Description" : "This module desactivate Radios (Bluetooth, Wifi ...) access for third party Apps like GPO did.", + "Description" : "This module desactivate Radios (Bluetooth, Wifi ...) access for third party Apps like GPO does.", "actions" : [ - { + { "_comment" : "This is the principal reg key controlled by GPO", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessRadios", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_SettingSync.conf b/modules.d/GPO_SettingSync.conf index 8d61ed2..3081a75 100644 --- a/modules.d/GPO_SettingSync.conf +++ b/modules.d/GPO_SettingSync.conf @@ -1,9 +1,9 @@ { "Name" : "Setting Sync (GPO)", - "Description" : "This module desactivate Setting sync between devices like GPO did.", + "Description" : "This module desactivate Setting sync between devices like GPO does.", "actions" : [ - { + { "_comment" : "Disable Setting Sync", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\SettingSync", diff --git a/modules.d/GPO_SyncDevices.conf b/modules.d/GPO_SyncDevices.conf index 466002e..348697a 100644 --- a/modules.d/GPO_SyncDevices.conf +++ b/modules.d/GPO_SyncDevices.conf @@ -1,6 +1,6 @@ { "Name" : "Sync with devices (GPO)", - "Description" : "This module desactivate sync with devices for third party Apps like GPO did.", + "Description" : "This module desactivate sync with devices for third party Apps like GPO does.", "actions" : [ { @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsSyncWithDevices", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_Tasks.conf b/modules.d/GPO_Tasks.conf index edaabdf..668721e 100644 --- a/modules.d/GPO_Tasks.conf +++ b/modules.d/GPO_Tasks.conf @@ -1,6 +1,6 @@ { "Name" : "Tasks (GPO)", - "Description" : "This module desactivate Tasks access for third party Apps like GPO did.", + "Description" : "This module desactivate Tasks access for third party Apps like GPO does.", "actions" : [ { @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessTasks", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", diff --git a/modules.d/GPO_TrustedDevices.conf b/modules.d/GPO_TrustedDevices.conf index 83ed6e3..315dc9f 100644 --- a/modules.d/GPO_TrustedDevices.conf +++ b/modules.d/GPO_TrustedDevices.conf @@ -1,6 +1,6 @@ { "Name" : "TrustedDevices (GPO)", - "Description" : "This module desactivate Trusted Devices access for third party Apps like GPO did.", + "Description" : "This module desactivate Trusted Devices access for third party Apps like GPO does.", "actions" : [ { @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessTrustedDevices", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", From 4e2ad141533ad2df77d9438f282735cb7edea7bd Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 13:02:36 +0200 Subject: [PATCH 27/91] Bad reg values for LetAppsAccessCallHistory --- modules.d/GPO_CallHistory.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules.d/GPO_CallHistory.conf b/modules.d/GPO_CallHistory.conf index bb41fe1..a4bca9d 100644 --- a/modules.d/GPO_CallHistory.conf +++ b/modules.d/GPO_CallHistory.conf @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessCallHistory", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", From b765d3752f616f5b218af9a308ad0e7795a642e2 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 13:03:12 +0200 Subject: [PATCH 28/91] Bad reg values for LetAppsAccessEmail --- modules.d/GPO_Email.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules.d/GPO_Email.conf b/modules.d/GPO_Email.conf index a17dce0..59d81a4 100644 --- a/modules.d/GPO_Email.conf +++ b/modules.d/GPO_Email.conf @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessEmail", - "value" : "0" + "value" : "2" }, { "_comment" : "The 3 bottom k eys s eems to be some kind of ACL for App right", From 1d7d2a62545b2eccccf09772fcbcb446c042ae8c Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 13:06:00 +0200 Subject: [PATCH 29/91] Bad reg key --- modules.d/GPO_BackgoundApps.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/modules.d/GPO_BackgoundApps.conf b/modules.d/GPO_BackgoundApps.conf index 76183c9..7ecc90d 100644 --- a/modules.d/GPO_BackgoundApps.conf +++ b/modules.d/GPO_BackgoundApps.conf @@ -7,26 +7,26 @@ "_comment" : "This is the principal reg key controlled by GPO", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", - "key" : "LetAppsRunInBackgound", + "key" : "LetAppsRunInBackground", "value" : "2" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", - "key" : "LetAppsRunInBackgound_UserInControlOfTheseApps", + "key" : "LetAppsRunInBackground_UserInControlOfTheseApps", "type" : "MultiString" }, { "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", - "key" : "LetAppsRunInBackgound_ForceAllowTheseApps", + "key" : "LetAppsRunInBackground_ForceAllowTheseApps", "type" : "MultiString" }, { "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", - "key" : "LetAppsRunInBackgound_ForceDenyTheseApps", + "key" : "LetAppsRunInBackground_ForceDenyTheseApps", "type" : "MultiString" } ] From f7d0a679acbe214f561df463cc559be242c99daf Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 22:17:29 +0200 Subject: [PATCH 30/91] Rewrite ExecCommand() --- cleanW10.ps1 | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 715cc6c..35faef9 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -460,7 +460,6 @@ function DelFile { write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } - function ExecCommand { param ( [cmdletbinding( @@ -471,19 +470,22 @@ function ExecCommand { ParameterSetName="params", Position = 0 )] - [object]$params + [object]$params ) - Write-Host -NoNewline "`tExecute : $($params.path) : " - if ( -not (Test-Path $params.path) ) { + $path = $params.path.Replace("##mod_path##", $script:current_module_path) + $args = $params.arguments.Replace("##mod_path##", $script:current_module_path) + Write-Host -NoNewline "`tExecute : $path : " + $path = Invoke-Expression """$($path)""" + if ( -not (Test-Path $path) -and -not $path -eq "powershell" ) { Write-Host -ForegroundColor Yellow "File not found" return } try { - Start-Process $params.path -ArgumentList $params.arguments + Start-Process -wait -filepath $path -ArgumentList $args.split(" ") Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "`Error in DelFile`n`t" + Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } From 97ad26ff910a85887ba5a66d5fc8cebd71eaf95b Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 23:01:13 +0200 Subject: [PATCH 31/91] First version of UninstallModernApp module --- modules.d/UninstallModernApp.conf | 53 +++++++++++++++++++ .../UninstallModernApp/MicrosoftApps.txt | 39 ++++++++++++++ modules.d/UninstallModernApp/OthersApps.txt | 10 ++++ modules.d/UninstallModernApp/XboxApps.txt | 5 ++ modules.d/UninstallModernApp/XboxServices.txt | 4 ++ 5 files changed, 111 insertions(+) create mode 100644 modules.d/UninstallModernApp.conf create mode 100644 modules.d/UninstallModernApp/MicrosoftApps.txt create mode 100644 modules.d/UninstallModernApp/OthersApps.txt create mode 100644 modules.d/UninstallModernApp/XboxApps.txt create mode 100644 modules.d/UninstallModernApp/XboxServices.txt diff --git a/modules.d/UninstallModernApp.conf b/modules.d/UninstallModernApp.conf new file mode 100644 index 0000000..ba44bc0 --- /dev/null +++ b/modules.d/UninstallModernApp.conf @@ -0,0 +1,53 @@ +{ + "name" : "Uninstall Modern Apps", + "description" : "Uninstall unwanted Modern App", + "actions" : + [ + { + "_comment" : "Disable MapsBoker service for uninstall Windows Map", + "action" : "DisableService", + "name" : "MapsBroker" + }, + { + "_comment" : "Uninstall Windows Maps", + "action" : "UninstallModernApp", + "name" : "Microsoft.WindowsMaps", + "removeProvisonned" : "True" + }, + { + "_comment" : "Disable xbox services for uninstall Apps", + "action" : "DisableService", + "file" : "XboxServices.txt" + }, + { + "_comment" : "Disable Xbox sheduled tasks", + "action" : "RemoveSheduledTask", + "path" : "Microsoft\\XblGameSave\\", + "name" : "XblGameSaveTask" + }, + { + "_comment" : "Disable Xbox sheduled tasks", + "action" : "RemoveSheduledTask", + "path" : "Microsoft\\XblGameSave\\", + "name" : "XblGameSaveTaskLogon" + }, + { + "_comment" : "Uninstall Xbox Apps", + "action" : "UninstallModernApp", + "file" : "XboxApps.txt", + "removeProvisonned" : "True" + }, + { + "_comment" : "Uninstall Microsoft Apps", + "action" : "UninstallModernApp", + "file" : "MicrosoftApps.txt", + "removeProvisionned" : "True" + }, + { + "_comment" : "Uninstall third party apps", + "action" : "UninstallModernApp", + "file" : "OthersApps.txt", + "removeProvisionned" : "True" + } + ] +} diff --git a/modules.d/UninstallModernApp/MicrosoftApps.txt b/modules.d/UninstallModernApp/MicrosoftApps.txt new file mode 100644 index 0000000..145be5a --- /dev/null +++ b/modules.d/UninstallModernApp/MicrosoftApps.txt @@ -0,0 +1,39 @@ +Microsoft.3dbuilder +Microsoft.Appconnector +Microsoft.BingFinance +Microsoft.BingFoodAndDrink +Microsoft.BingHealthAndFitness +Microsoft.BingNews +Microsoft.BingSports +Microsoft.BingTravel +Microsoft.BingWeather +Microsoft.CommsPhone +Microsoft.ConnectivityStore +Microsoft.Getstarted +Microsoft.Messaging +Microsoft.Microsoft3DViewer +Microsoft.MicrosoftOfficeHub +Microsoft.MicrosoftPowerBIForWindows +Microsoft.MicrosoftSolitaireCollection +Microsoft.MicrosoftStickyNotes +Microsoft.MinecraftUWP +Microsoft.MSPaint +Microsoft.Office.OneNote +Microsoft.Office.Sway +Microsoft.OneConnect +Microsoft.People +Microsoft.Services.Store.Engagement +Microsoft.SkypeApp +Microsoft.Windows.Photos +Microsoft.WindowsAlarms +Microsoft.WindowsCalculator +Microsoft.WindowsCamera +microsoft.windowscommunicationsapps +Microsoft.WindowsFeedbackHub +Microsoft.WindowsMaps +Microsoft.WindowsPhone +Microsoft.WindowsSoundRecorder +Microsoft.WindowsStore +Microsoft.ZuneMusic +Microsoft.ZuneVideo +Microsoft.Advertising.Xaml diff --git a/modules.d/UninstallModernApp/OthersApps.txt b/modules.d/UninstallModernApp/OthersApps.txt new file mode 100644 index 0000000..0b702c4 --- /dev/null +++ b/modules.d/UninstallModernApp/OthersApps.txt @@ -0,0 +1,10 @@ +DolbyLaboratories.DolbyAccess +Expedia.ExpediaHotelsFlightsCarsActivities +2414FC7A.Viber +64885BlueEdge.OneCalendar +89006A2E.AutodeskSketchBook +9E2F88E3.Twitter +CAF9E577.Plex +king.com.CandyCrushSodaSaga +SpotifyAB.SpotifyMusic +WinZipComputing.WinZipUniversal diff --git a/modules.d/UninstallModernApp/XboxApps.txt b/modules.d/UninstallModernApp/XboxApps.txt new file mode 100644 index 0000000..ed5c7a9 --- /dev/null +++ b/modules.d/UninstallModernApp/XboxApps.txt @@ -0,0 +1,5 @@ +Microsoft.Xbox.TCUI +Microsoft.XboxApp +Microsoft.XboxGameOverlay +Microsoft.XboxIdentityProvider +Microsoft.XboxSpeechToTextOverlay diff --git a/modules.d/UninstallModernApp/XboxServices.txt b/modules.d/UninstallModernApp/XboxServices.txt new file mode 100644 index 0000000..8a7a7ae --- /dev/null +++ b/modules.d/UninstallModernApp/XboxServices.txt @@ -0,0 +1,4 @@ +XblAuthManager +XblGameSave +XboxNetApiSvc +XboxGipSvc From db821afe77cf51e9e0c8fb45a2d70c56e0f5065d Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 23:17:18 +0200 Subject: [PATCH 32/91] Variable error in ProcessModuleFile --- cleanW10.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 35faef9..5772a7c 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -512,6 +512,7 @@ function ProcessModuleFile { $mod.actions | Foreach { $action_file = "" $current_action = @{} + $script:current_module_path = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + '\' foreach( $p in $_.psobject.properties.name ){ $current_action[$p] = $_.$p } @@ -521,7 +522,7 @@ function ProcessModuleFile { } # If action content a file element, need to test if file exist if ( $current_action.ContainsKey('file')) { - $action_file = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + "\" + $current_action.file + $action_file = $script:current_module_path + $current_action.file if ( -not (Test-Path $action_file) ) { Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found`n" return From db84086dab7bb54c645a0bb350e620f4f2cb8e59 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 23:45:54 +0200 Subject: [PATCH 33/91] Add some applications to uninstall --- modules.d/UninstallModernApp/MicrosoftApps.txt | 2 ++ modules.d/UninstallModernApp/OthersApps.txt | 3 +++ 2 files changed, 5 insertions(+) diff --git a/modules.d/UninstallModernApp/MicrosoftApps.txt b/modules.d/UninstallModernApp/MicrosoftApps.txt index 145be5a..09edebf 100644 --- a/modules.d/UninstallModernApp/MicrosoftApps.txt +++ b/modules.d/UninstallModernApp/MicrosoftApps.txt @@ -22,8 +22,10 @@ Microsoft.Office.OneNote Microsoft.Office.Sway Microsoft.OneConnect Microsoft.People +Microsoft.Print3D Microsoft.Services.Store.Engagement Microsoft.SkypeApp +Microsoft.Wallet Microsoft.Windows.Photos Microsoft.WindowsAlarms Microsoft.WindowsCalculator diff --git a/modules.d/UninstallModernApp/OthersApps.txt b/modules.d/UninstallModernApp/OthersApps.txt index 0b702c4..2c219a4 100644 --- a/modules.d/UninstallModernApp/OthersApps.txt +++ b/modules.d/UninstallModernApp/OthersApps.txt @@ -4,7 +4,10 @@ Expedia.ExpediaHotelsFlightsCarsActivities 64885BlueEdge.OneCalendar 89006A2E.AutodeskSketchBook 9E2F88E3.Twitter +A278AB0D.DisneyMagicKingdoms +A278AB0D.MarchofEmpires CAF9E577.Plex +king.com.BubbleWitch3Saga king.com.CandyCrushSodaSaga SpotifyAB.SpotifyMusic WinZipComputing.WinZipUniversal From 1ba290dfe74348b158896c6c3b52a85e7191028c Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 26 Mar 2018 23:47:01 +0200 Subject: [PATCH 34/91] Error in action name for sheduled tasks --- modules.d/UninstallModernApp.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules.d/UninstallModernApp.conf b/modules.d/UninstallModernApp.conf index ba44bc0..38d527e 100644 --- a/modules.d/UninstallModernApp.conf +++ b/modules.d/UninstallModernApp.conf @@ -21,13 +21,13 @@ }, { "_comment" : "Disable Xbox sheduled tasks", - "action" : "RemoveSheduledTask", + "action" : "RemoveScheduledTask", "path" : "Microsoft\\XblGameSave\\", "name" : "XblGameSaveTask" }, { "_comment" : "Disable Xbox sheduled tasks", - "action" : "RemoveSheduledTask", + "action" : "RemoveScheduledTask", "path" : "Microsoft\\XblGameSave\\", "name" : "XblGameSaveTaskLogon" }, From 6374b71932fa22de88e679a3933ac56392e94c1b Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 27 Mar 2018 00:11:45 +0200 Subject: [PATCH 35/91] Add a firewall rule to block Edge --- modules.d/FW_ProgramsApps.conf | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules.d/FW_ProgramsApps.conf b/modules.d/FW_ProgramsApps.conf index f6afe93..c73537a 100644 --- a/modules.d/FW_ProgramsApps.conf +++ b/modules.d/FW_ProgramsApps.conf @@ -113,6 +113,13 @@ "name" : "Edge", "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdge.exe" }, + { + "_comment" : "With this rule, Edge will not be able to join Internet", + "action" : "FwBlockProgram", + "name" : "EdgeCP", + "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdgeCP.exe" + }, + { "action" : "FwBlockProgram", "name" : "cleanw10_Cortana", From 69d2d6ce7660ff659b0a842d9eff1b93871ea971 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 27 Mar 2018 00:17:11 +0200 Subject: [PATCH 36/91] Incorrect path for scheduled tasks --- modules.d/UninstallModernApp.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules.d/UninstallModernApp.conf b/modules.d/UninstallModernApp.conf index 38d527e..c103e4d 100644 --- a/modules.d/UninstallModernApp.conf +++ b/modules.d/UninstallModernApp.conf @@ -22,13 +22,13 @@ { "_comment" : "Disable Xbox sheduled tasks", "action" : "RemoveScheduledTask", - "path" : "Microsoft\\XblGameSave\\", + "path" : "\\Microsoft\\XblGameSave\\", "name" : "XblGameSaveTask" }, { "_comment" : "Disable Xbox sheduled tasks", "action" : "RemoveScheduledTask", - "path" : "Microsoft\\XblGameSave\\", + "path" : "\\Microsoft\\XblGameSave\\", "name" : "XblGameSaveTaskLogon" }, { From 7c6aed89e3d3246b36ce7bbc9d8790ecbf04255a Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 28 Mar 2018 20:47:35 +0200 Subject: [PATCH 37/91] Dynamicaly load users information, AddRegKey() and DelRegKey() now process local users hives This is the first step to make the script process already 'used' installation. --- cleanW10.ps1 | 118 +++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 110 insertions(+), 8 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 5772a7c..ed86c37 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -7,7 +7,7 @@ param ( Import-Module NetSecurity #Useful to manipulate firewall rules Set-StrictMode -Version 2 -$PSDefaultParameterValues=@{$dir = "./modules.d"} +#$PSDefaultParameterValues=@{$dir = "./modules.d"} $HOST_FILE = "$env:windir\System32\drivers\etc\hosts" $HOST_IP = "0.0.0.0" $ErrorActionPreference = "Stop" @@ -185,20 +185,59 @@ function AddRegKey { $params.value = "" } if ( -not $params.ContainsKey('type') -or $params.type -eq "" ){ $params.type="DWord" } - Write-Host -NoNewline "`t$($params.key) reg key to $($params.value) : " + + #When keypath start with HKCU, we need to apply it ro all users + if ( ($params.path).StartsWith("HKCU") ) { + $script:users | Foreach { + #If so, we need to put the key on all users hives + AddRegKey @{ + path = (($params.path).replace('HKCU:','HKU:\' + $_.sid)); + key = $params.key; + value = $params.value; + type = $params.type + } + } + #then put key to default user hive + AddRegKey @{ + path = (($params.path).replace('HKCU:','HKU:\Default')); + key = $params.key; + value = $params.value; + type = $params.type + } + return + } + + #Let's begin... + Write-Host -NoNewline "`t$($params.path.substring(0,30))...$($params.key) reg key to $($params.value) : " if ( -not (Test-Path $params.path) ){ - Write-Host -NoNewline "- creating path - " + Write-Host -NoNewline -ForegroundColor DarkGreen "creating path " try { New-Item -Path $params.path -Force | Out-Null } + catch { Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message return } } + + # Test if the key already exist try { - Set-ItemProperty -Path $params.path -Name $params.key -Value $($params.value) -Type $params.type -Force + $current_value = Get-ItemPropertyValue -Path $params.path -Name $params.key + if ( $current_value -eq $params.value ) { + Write-Host -ForegroundColor Yellow "Already done" + return + } + else { Write-Host -NoNewline -ForegroundColor DarkGreen "old value $current_value " } + } + catch { + Write-Host -NoNewline -ForegroundColor DarkGreen "new key " + } + + # Put the key + try { + Set-ItemProperty -Path $params.path -Name $params.key -Value $params.value -Type $params.type -Force Write-Host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ @@ -215,6 +254,22 @@ function DelRegKey { [Parameter(Mandatory=$true)] [object]$params ) + #When keypath start with HKCU, we need to apply it ro all users + if ( ($params.path).StartsWith("HKCU") ) { + $script:users | Foreach { + #If so, we need to put the key on all users hives + DelRegKey @{ + path = (($params.path).replace('HKCU:','HKU:\' + $_.sid)); + key = $params.key; + } + } + #then put key to default user hive + DelRegKey @{ + path = (($params.path).replace('HKCU:','HKU:\Default')); + key = $params.key; + } + return + } Write-Host -NoNewline "`tDelete registery key $($params.key) : " if ( ! (Test-Path $params.path) ){ Write-Host -ForegroundColor Red " Error (path not found)" @@ -300,7 +355,7 @@ function UninstallModernApp { elseif ( $params.ContainsKey('name') ) { Write-Host -NoNewLine "`tUninstall $($params.name) : " try { - $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage) + $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage -AllUsers) Write-Host -ForegroundColor Green "done" } catch { @@ -542,6 +597,8 @@ function ProcessModuleFile { Write-Output "`nIt's time to kick ass and chew bubble gum" Write-Output "_________________________________________`n" +$script:users = @() + try { Write-Host -NoNewline "Mount Default user registery hive : " reg load "HKU\Default" "C:\Users\Default\NTUSER.DAT" | Out-Null @@ -555,7 +612,25 @@ try { catch { Write-Host -NoNewline -ForegroundColor Red "Error while mounting Registery`n`t" Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - return + #return +} + +#We need access to users registry hive for applying mofidication to existing users +$profile_list = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" +Get-LocalUser | Where-Object { $_.Enabled -eq $true } | foreach { + $current_user_path = Get-ItemPropertyValue -Path "$profile_list$($_.SID.Value)\" -Name "ProfileImagePath" + $script:users += @{name = $_.name;'sid' = $_.SID.Value; 'was_mounted' = $false; 'directory' = $current_user_path} +} + +$script:users | foreach { + if ( -not (Test-Path "HKU:\$($_.sid)") ) { + Write-Host "$($_.name) not mounted" + reg load "HKU\$($_.sid)" "$($_.directory)\NTUSER.DAT" + } + else { + Write-Host "$($_.name) mounted" + $_.was_mounted = $true + } } Write-Host "Folder to process : $module" @@ -567,12 +642,39 @@ else { $_.FullName | ProcessModuleFile } } -#Unmount Registery +Write-Host -Nonewline "`nRemove powershell access to HKCR, HKCU and HKU : " try { - Write-Host -NoNewline "`nUnmount HKU and HKCR : " Remove-PSDrive -Name HKCR Remove-PSDrive -Name HKCU Remove-PSDrive -Name HKU + Write-Host -ForegroundColor Green "done" +} +catch { + Write-Host -NoNewline -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message +} +0 +[gc]::collect() +Write-Host "`nUnload Users hives : " +#Unmount Registery +$script:users | foreach { + Write-Host -Nonewline "`tUnmount $($_.name) hive : " + #Need to unmount all not-connected users hives" + if ($_.was_mounted -eq $false) { + try { + reg unload "HKU\$($_.sid)" 2>&1 | Out-Null + Write-Host -foregroundColor Green "Done" + } + catch { + Write-Host -NoNewline -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor Red $Error[0].Exception.Message + } + } + else { Write-Host -ForegroundColor Yellow "Was mounted (User connected)" } +} + +Write-Host -nonewline "`nUnload default user hive : " +try { reg unload "HKU\Default" 2>&1 | Out-Null Write-Host -ForegroundColor Green "done" } From c1d3c82c353465cccba93b38ddfa0c16a926968e Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 28 Mar 2018 21:08:20 +0200 Subject: [PATCH 38/91] Better output for users hive mount --- cleanW10.ps1 | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index ed86c37..a5397c1 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -622,14 +622,22 @@ Get-LocalUser | Where-Object { $_.Enabled -eq $true } | foreach { $script:users += @{name = $_.name;'sid' = $_.SID.Value; 'was_mounted' = $false; 'directory' = $current_user_path} } +Write-Host "Mount users registry hives :" $script:users | foreach { + Write-Host -NoNewline "`tMount $($_.name) hive : " if ( -not (Test-Path "HKU:\$($_.sid)") ) { - Write-Host "$($_.name) not mounted" - reg load "HKU\$($_.sid)" "$($_.directory)\NTUSER.DAT" + try { + reg load "HKU\$($_.sid)" "$($_.directory)\NTUSER.DAT" 2>&1 | Out-Null + Write-Host -ForegroundColor Green "done" + } + catch { + Write-Host -ForegroundColor Red "Error`n`t" + Write-host $Error[0].Exeption.Message + } } else { - Write-Host "$($_.name) mounted" $_.was_mounted = $true + Write-Host -ForegroundColor Yellow "Already mounted" } } Write-Host "Folder to process : $module" From 47329ea298394a085c15d0512d66cf082ca1f129 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 28 Mar 2018 21:30:29 +0200 Subject: [PATCH 39/91] Better output for DelRegKey() --- cleanW10.ps1 | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index a5397c1..b4e40ef 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -276,7 +276,15 @@ function DelRegKey { return } try { - Remove-ItemProperty -Path $params.path -Name $params.key + Get-ItemProperty -Path $params.path -Name $params.key + } + catch { + Write-Host -ForegroundColor Yellow "key already deleted" + return + } + try { + + #Remove-ItemProperty -Path $params.path -Name $params.key Write-host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ From fca51612cdf15b599b346258116f7495d34c5435 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 28 Mar 2018 21:40:15 +0200 Subject: [PATCH 40/91] ExecCommand() now display 'file not found' if the path not exist --- cleanW10.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index b4e40ef..aae06e3 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -523,6 +523,7 @@ function DelFile { write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } + function ExecCommand { param ( [cmdletbinding( @@ -539,7 +540,7 @@ function ExecCommand { $args = $params.arguments.Replace("##mod_path##", $script:current_module_path) Write-Host -NoNewline "`tExecute : $path : " $path = Invoke-Expression """$($path)""" - if ( -not (Test-Path $path) -and -not $path -eq "powershell" ) { + if ( -not (Test-Path $path) -or -not $path -eq "powershell" ) { Write-Host -ForegroundColor Yellow "File not found" return } From 8a30b58fd131b9312436608626c20407cf952f5e Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 28 Mar 2018 21:54:10 +0200 Subject: [PATCH 41/91] Reworked conf file for HKCU + Corrections --- modules.d/FW_ProgramsApps.conf | 4 ++-- modules.d/GPO_Account.conf | 4 ++-- modules.d/GPO_Advertising.conf | 6 +++--- modules.d/GPO_BackgoundApps.conf | 4 ++-- modules.d/GPO_Calendars.conf | 4 ++-- modules.d/GPO_CallHistory.conf | 4 ++-- modules.d/GPO_Camera.conf | 4 ++-- modules.d/GPO_CloudContent.conf | 18 ++---------------- modules.d/GPO_ConnectionProbe.conf | 6 +++--- modules.d/GPO_Contacts.conf | 4 ++-- modules.d/GPO_Cortana.conf | 6 +++--- modules.d/GPO_Diagnostic.conf | 4 ++-- modules.d/GPO_DiagnosticInfo.conf | 4 ++-- modules.d/GPO_DynamicTiles.conf | 4 ++-- modules.d/GPO_Email.conf | 4 ++-- modules.d/GPO_ErrorReporting.conf | 6 +++--- modules.d/GPO_InputSpeechInk.conf | 4 ++-- modules.d/GPO_Location.conf | 4 ++-- modules.d/GPO_Messaging.conf | 4 ++-- modules.d/GPO_Microphone.conf | 6 +++--- modules.d/GPO_MicrosoftAccount.conf | 4 ++-- modules.d/GPO_Motion.conf | 4 ++-- modules.d/GPO_Notifications.conf | 4 ++-- modules.d/GPO_OneDrive.conf | 4 ++-- modules.d/GPO_Phone.conf | 4 ++-- modules.d/GPO_Privacy.conf | 11 ++--------- modules.d/GPO_Radios.conf | 4 ++-- modules.d/GPO_SettingSync.conf | 4 ++-- modules.d/GPO_SyncDevices.conf | 4 ++-- modules.d/GPO_Tasks.conf | 4 ++-- modules.d/GPO_Teredo.conf | 4 ++-- modules.d/GPO_TrustedDevices.conf | 4 ++-- modules.d/GPO_Wifi.conf | 4 ++-- modules.d/GPO_WindowsDefender.conf | 4 ++-- modules.d/GPO_WindowsStore.conf | 4 ++-- modules.d/GPO_WindowsTips.conf | 4 ++-- 36 files changed, 77 insertions(+), 98 deletions(-) diff --git a/modules.d/FW_ProgramsApps.conf b/modules.d/FW_ProgramsApps.conf index c73537a..3beb8b7 100644 --- a/modules.d/FW_ProgramsApps.conf +++ b/modules.d/FW_ProgramsApps.conf @@ -1,6 +1,6 @@ { - "Name" : "Applications (Firewall)", - "Description" : "This module Add a firewall rule to desactivate some windows program / application net traffic", + "name" : "Applications (Firewall)", + "description" : "This module Add a firewall rule to desactivate some windows program / application net traffic", "actions" : [ { diff --git a/modules.d/GPO_Account.conf b/modules.d/GPO_Account.conf index e33a8ed..0d70a2f 100644 --- a/modules.d/GPO_Account.conf +++ b/modules.d/GPO_Account.conf @@ -1,6 +1,6 @@ { - "Name" : "Account Info (GPO)", - "Description" : "This module desactivate Account Info access for third party Apps like GPO did.", + "name" : "Account Info (GPO)", + "description" : "This module desactivate Account Info access for third party Apps like GPO did.", "actions" : [ { diff --git a/modules.d/GPO_Advertising.conf b/modules.d/GPO_Advertising.conf index 40cdb85..5ac94bd 100644 --- a/modules.d/GPO_Advertising.conf +++ b/modules.d/GPO_Advertising.conf @@ -1,6 +1,6 @@ { - "Name" : "Advertising (GPO)", - "Description" : "This module desactivate Advertising info like GPO does.", + "name" : "Advertising (GPO)", + "description" : "This module desactivate Advertising info like GPO does.", "actions" : [ { @@ -10,4 +10,4 @@ "value" : "1" } ] -} +} \ No newline at end of file diff --git a/modules.d/GPO_BackgoundApps.conf b/modules.d/GPO_BackgoundApps.conf index 7ecc90d..193a504 100644 --- a/modules.d/GPO_BackgoundApps.conf +++ b/modules.d/GPO_BackgoundApps.conf @@ -1,6 +1,6 @@ { - "Name" : "Apps in Background (GPO)", - "Description" : "This module desactivate run in background for third party Apps like GPO did.", + "name" : "Apps in Background (GPO)", + "description" : "This module desactivate run in background for third party Apps like GPO did.", "actions" : [ { diff --git a/modules.d/GPO_Calendars.conf b/modules.d/GPO_Calendars.conf index c4eaa56..60d0121 100644 --- a/modules.d/GPO_Calendars.conf +++ b/modules.d/GPO_Calendars.conf @@ -1,6 +1,6 @@ { - "Name" : "Calendar (GPO)", - "Description" : "This module desactivate Calendar access for third party Apps like GPO does.", + "name" : "Calendar (GPO)", + "description" : "This module desactivate Calendar access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_CallHistory.conf b/modules.d/GPO_CallHistory.conf index a4bca9d..adf142a 100644 --- a/modules.d/GPO_CallHistory.conf +++ b/modules.d/GPO_CallHistory.conf @@ -1,6 +1,6 @@ { - "Name" : "Call history (GPO)", - "Description" : "This module desactivate Call history access for third party Apps like GPO does.", + "name" : "Call history (GPO)", + "description" : "This module desactivate Call history access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Camera.conf b/modules.d/GPO_Camera.conf index 1b2929a..299e298 100644 --- a/modules.d/GPO_Camera.conf +++ b/modules.d/GPO_Camera.conf @@ -1,6 +1,6 @@ { - "Name" : "Camera (GPO)", - "Description" : "This module desactivate Camera access for third party Apps like GPO does.", + "name" : "Camera (GPO)", + "description" : "This module desactivate Camera access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_CloudContent.conf b/modules.d/GPO_CloudContent.conf index 913b837..adda5b5 100644 --- a/modules.d/GPO_CloudContent.conf +++ b/modules.d/GPO_CloudContent.conf @@ -1,6 +1,6 @@ { - "Name" : "CloudContent (GPO)", - "Description" : "This module Desactivate somes Windows suggestionlike GPO does.", + "name" : "CloudContent (GPO)", + "description" : "This module Desactivate somes Windows suggestionlike GPO does.", "actions" : [ { @@ -16,20 +16,6 @@ "path" : "HKCU:\\Software\\Policies\\Microsoft\\Windows\\CloudContent", "key" : "DisableWindowsSpotlightFeatures", "value" : "1" - }, - { - "_comment" : "Disable third party suggestion (for user template hive)", - "action" : "AddRegKey", - "path" : "HKU:\\Default\\Software\\Policies\\Microsoft\\Windows\\CloudContent", - "key" : "DisableThirdPartysuggestions", - "value" : "1" - }, - { - "_comment" : "Disable Windows Spotlight (for user template hive)", - "action" : "AddRegKey", - "path" : "HKU:\\Default\\Software\\Policies\\Microsoft\\Windows\\CloudContent", - "key" : "DisableWindowsSpotlightFeatures", - "value" : "1" } ] } diff --git a/modules.d/GPO_ConnectionProbe.conf b/modules.d/GPO_ConnectionProbe.conf index 19ecc0d..c3ced39 100644 --- a/modules.d/GPO_ConnectionProbe.conf +++ b/modules.d/GPO_ConnectionProbe.conf @@ -1,6 +1,6 @@ { - "Name" : "Connection Probe (GPO)", - "Description" : "This module desactivate Internet connection probe like GPO does.", + "name" : "Connection Probe (GPO)", + "description" : "This module desactivate Internet connection probe like GPO does.", "actions" : [ { @@ -11,4 +11,4 @@ "value" : "1" } ] -} +} \ No newline at end of file diff --git a/modules.d/GPO_Contacts.conf b/modules.d/GPO_Contacts.conf index fe15aab..00e24dc 100644 --- a/modules.d/GPO_Contacts.conf +++ b/modules.d/GPO_Contacts.conf @@ -1,6 +1,6 @@ { - "Name" : "Contacts (GPO)", - "Description" : "This module desactivate Contacts access for third party Apps like GPO does.", + "name" : "Contacts (GPO)", + "description" : "This module desactivate Contacts access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Cortana.conf b/modules.d/GPO_Cortana.conf index 735c271..fbeec81 100644 --- a/modules.d/GPO_Cortana.conf +++ b/modules.d/GPO_Cortana.conf @@ -1,6 +1,6 @@ { - "Name" : "Cortana and Windows Search (GPO)", - "Description" : "This module Desactivate Cortana and some Windows Search functionnality like GPO does.", + "name" : "Cortana and Windows Search (GPO)", + "description" : "This module Desactivate Cortana and some Windows Search functionnality like GPO does.", "actions" : [ { @@ -67,4 +67,4 @@ "value" : "0" } ] -} +} \ No newline at end of file diff --git a/modules.d/GPO_Diagnostic.conf b/modules.d/GPO_Diagnostic.conf index a20928e..7df95ca 100644 --- a/modules.d/GPO_Diagnostic.conf +++ b/modules.d/GPO_Diagnostic.conf @@ -1,6 +1,6 @@ { - "Name" : " Diagnostic Data (GPO)", - "Description" : "This module try to disable diagnostic tracking like GPO does.", + "name" : " Diagnostic Data (GPO)", + "description" : "This module try to disable diagnostic tracking like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_DiagnosticInfo.conf b/modules.d/GPO_DiagnosticInfo.conf index eee7563..72cc1f6 100644 --- a/modules.d/GPO_DiagnosticInfo.conf +++ b/modules.d/GPO_DiagnosticInfo.conf @@ -1,6 +1,6 @@ { - "Name" : "DiagnisticInfo (GPO)", - "Description" : "This module desactivate diagnistic info access for third party Apps like GPO does.", + "name" : "DiagnisticInfo (GPO)", + "description" : "This module desactivate diagnistic info access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_DynamicTiles.conf b/modules.d/GPO_DynamicTiles.conf index 603fb57..42d1b37 100644 --- a/modules.d/GPO_DynamicTiles.conf +++ b/modules.d/GPO_DynamicTiles.conf @@ -1,6 +1,6 @@ { - "Name" : "Tiles content (GPO)", - "Description" : "This module desactivate Internet data loading for tiles like GPO does.", + "name" : "Tiles content (GPO)", + "description" : "This module desactivate Internet data loading for tiles like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Email.conf b/modules.d/GPO_Email.conf index 59d81a4..1ce1f83 100644 --- a/modules.d/GPO_Email.conf +++ b/modules.d/GPO_Email.conf @@ -1,6 +1,6 @@ { - "Name" : "Email access (GPO)", - "Description" : "This module desactivate email access for third party Apps like GPO does.", + "name" : "Email access (GPO)", + "description" : "This module desactivate email access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_ErrorReporting.conf b/modules.d/GPO_ErrorReporting.conf index 6098345..9e8afe1 100644 --- a/modules.d/GPO_ErrorReporting.conf +++ b/modules.d/GPO_ErrorReporting.conf @@ -1,6 +1,6 @@ { - "Name" : "Error Reporting (GPO)", - "Description" : "This module desactivate some error Reporting function like GPO does.", + "name" : "Error Reporting (GPO)", + "description" : "This module desactivate some error Reporting function like GPO does.", "actions" : [ { @@ -53,4 +53,4 @@ "value" : "0" } ] -} +} \ No newline at end of file diff --git a/modules.d/GPO_InputSpeechInk.conf b/modules.d/GPO_InputSpeechInk.conf index a67c7a3..40657bd 100644 --- a/modules.d/GPO_InputSpeechInk.conf +++ b/modules.d/GPO_InputSpeechInk.conf @@ -1,6 +1,6 @@ { - "Name" : "Input Speech Ink (GPO)", - "Description" : "This module desactivate Input personalization, speech and ink recognition like GPO does.", + "name" : "Input Speech Ink (GPO)", + "description" : "This module desactivate Input personalization, speech and ink recognition like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Location.conf b/modules.d/GPO_Location.conf index 36ef2c0..e5651ad 100644 --- a/modules.d/GPO_Location.conf +++ b/modules.d/GPO_Location.conf @@ -1,6 +1,6 @@ { - "Name" : "Location ans sensors (GPO)", - "Description" : "This module desactivate Location access for third party Apps like GPO does.", + "name" : "Location ans sensors (GPO)", + "description" : "This module desactivate Location access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Messaging.conf b/modules.d/GPO_Messaging.conf index 8666f05..b3581c7 100644 --- a/modules.d/GPO_Messaging.conf +++ b/modules.d/GPO_Messaging.conf @@ -1,6 +1,6 @@ { - "Name" : "Messaging (GPO)", - "Description" : "This module desactivate Messaging access for third party Apps like GPO does.", + "name" : "Messaging (GPO)", + "description" : "This module desactivate Messaging access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Microphone.conf b/modules.d/GPO_Microphone.conf index 8fc392a..2cdb2d4 100644 --- a/modules.d/GPO_Microphone.conf +++ b/modules.d/GPO_Microphone.conf @@ -1,6 +1,6 @@ { - "Name" : "Microphone (GPO)", - "Description" : "This module desactivate Microphone access for third party Apps like GPO does.", + "name" : "Microphone (GPO)", + "description" : "This module desactivate Microphone access for third party Apps like GPO does.", "actions" : [ { @@ -30,4 +30,4 @@ "type" : "MultiString" } ] -} +} \ No newline at end of file diff --git a/modules.d/GPO_MicrosoftAccount.conf b/modules.d/GPO_MicrosoftAccount.conf index cdc6135..9006b3d 100644 --- a/modules.d/GPO_MicrosoftAccount.conf +++ b/modules.d/GPO_MicrosoftAccount.conf @@ -1,6 +1,6 @@ { - "Name" : "Microsoft Account (GPO)", - "Description" : "This module desactivate posibility to add a Microsoft account like GPO does.", + "name" : "Microsoft Account (GPO)", + "description" : "This module desactivate posibility to add a Microsoft account like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Motion.conf b/modules.d/GPO_Motion.conf index 1b6c171..0fe30e5 100644 --- a/modules.d/GPO_Motion.conf +++ b/modules.d/GPO_Motion.conf @@ -1,6 +1,6 @@ { - "Name" : "Motion Sensor (GPO)", - "Description" : "This module desactivate Motion sensor access for third party Apps like GPO does.", + "name" : "Motion Sensor (GPO)", + "description" : "This module desactivate Motion sensor access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Notifications.conf b/modules.d/GPO_Notifications.conf index 56b98a7..7889a56 100644 --- a/modules.d/GPO_Notifications.conf +++ b/modules.d/GPO_Notifications.conf @@ -1,6 +1,6 @@ { - "Name" : "Notifications (GPO)", - "Description" : "This module desactivate Notifications access for third party Apps like GPO does.", + "name" : "Notifications (GPO)", + "description" : "This module desactivate Notifications access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_OneDrive.conf b/modules.d/GPO_OneDrive.conf index c4815a7..6410cfd 100644 --- a/modules.d/GPO_OneDrive.conf +++ b/modules.d/GPO_OneDrive.conf @@ -1,6 +1,6 @@ { - "Name" : "Disable OneDrive (GPO)", - "Description" : "This module Remove Onedrive like GPO does and delete if.", + "name" : "Disable OneDrive (GPO)", + "description" : "This module Remove Onedrive like GPO does and delete if.", "actions" : [ { diff --git a/modules.d/GPO_Phone.conf b/modules.d/GPO_Phone.conf index f244d65..ffd72b8 100644 --- a/modules.d/GPO_Phone.conf +++ b/modules.d/GPO_Phone.conf @@ -1,6 +1,6 @@ { - "Name" : "Phone (GPO)", - "Description" : "This module desactivate Phone access for third party Apps like GPO does.", + "name" : "Phone (GPO)", + "description" : "This module desactivate Phone access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Privacy.conf b/modules.d/GPO_Privacy.conf index 9f19cc1..eb8439e 100644 --- a/modules.d/GPO_Privacy.conf +++ b/modules.d/GPO_Privacy.conf @@ -1,6 +1,6 @@ { - "Name" : "Privacy (GPO)", - "Description" : "This module set some privati life settings like GPO does.", + "name" : "Privacy (GPO)", + "description" : "This module set some privati life settings like GPO does.", "actions" : [ { @@ -38,13 +38,6 @@ "key" : "ToastEnabled", "value" : "0" }, - { - "_comment" : "Disable notification for tiles, applications and lockscreen (non GPO key)(user template hive)", - "action" : "AddRegKey", - "path" : "HKU:\\Default\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\PushNotifications", - "key" : "ToastEnabled", - "value" : "0" - }, { "_comment" : "Disable user experience amelioration program ", "action" : "AddRegKey", diff --git a/modules.d/GPO_Radios.conf b/modules.d/GPO_Radios.conf index 4b13a76..559bc09 100644 --- a/modules.d/GPO_Radios.conf +++ b/modules.d/GPO_Radios.conf @@ -1,6 +1,6 @@ { - "Name" : "Radios (GPO)", - "Description" : "This module desactivate Radios (Bluetooth, Wifi ...) access for third party Apps like GPO does.", + "name" : "Radios (GPO)", + "description" : "This module desactivate Radios (Bluetooth, Wifi ...) access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_SettingSync.conf b/modules.d/GPO_SettingSync.conf index 3081a75..70e6697 100644 --- a/modules.d/GPO_SettingSync.conf +++ b/modules.d/GPO_SettingSync.conf @@ -1,6 +1,6 @@ { - "Name" : "Setting Sync (GPO)", - "Description" : "This module desactivate Setting sync between devices like GPO does.", + "name" : "Setting Sync (GPO)", + "description" : "This module desactivate Setting sync between devices like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_SyncDevices.conf b/modules.d/GPO_SyncDevices.conf index 348697a..a50710b 100644 --- a/modules.d/GPO_SyncDevices.conf +++ b/modules.d/GPO_SyncDevices.conf @@ -1,6 +1,6 @@ { - "Name" : "Sync with devices (GPO)", - "Description" : "This module desactivate sync with devices for third party Apps like GPO does.", + "name" : "Sync with devices (GPO)", + "description" : "This module desactivate sync with devices for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Tasks.conf b/modules.d/GPO_Tasks.conf index 668721e..1757073 100644 --- a/modules.d/GPO_Tasks.conf +++ b/modules.d/GPO_Tasks.conf @@ -1,6 +1,6 @@ { - "Name" : "Tasks (GPO)", - "Description" : "This module desactivate Tasks access for third party Apps like GPO does.", + "name" : "Tasks (GPO)", + "description" : "This module desactivate Tasks access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Teredo.conf b/modules.d/GPO_Teredo.conf index 278fcad..eb9185c 100644 --- a/modules.d/GPO_Teredo.conf +++ b/modules.d/GPO_Teredo.conf @@ -1,6 +1,6 @@ { - "Name" : "Teredo (GPO)", - "Description" : "This module desactivate Teredo pseudo interface like GPO did.", + "name" : "Teredo (GPO)", + "description" : "This module desactivate Teredo pseudo interface like GPO did.", "actions" : [ { diff --git a/modules.d/GPO_TrustedDevices.conf b/modules.d/GPO_TrustedDevices.conf index 315dc9f..9d7cff4 100644 --- a/modules.d/GPO_TrustedDevices.conf +++ b/modules.d/GPO_TrustedDevices.conf @@ -1,6 +1,6 @@ { - "Name" : "TrustedDevices (GPO)", - "Description" : "This module desactivate Trusted Devices access for third party Apps like GPO does.", + "name" : "TrustedDevices (GPO)", + "description" : "This module desactivate Trusted Devices access for third party Apps like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_Wifi.conf b/modules.d/GPO_Wifi.conf index 1322f57..c3e30d3 100644 --- a/modules.d/GPO_Wifi.conf +++ b/modules.d/GPO_Wifi.conf @@ -1,6 +1,6 @@ { - "Name" : "Contact, open and paid Wifi (GPO)", - "Description" : "This module desactivate Wifi connexion to shared network by contacts, paid and open AP like GPO does.", + "name" : "Contact, open and paid Wifi (GPO)", + "description" : "This module desactivate Wifi connexion to shared network by contacts, paid and open AP like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_WindowsDefender.conf b/modules.d/GPO_WindowsDefender.conf index d52443d..ac783d7 100644 --- a/modules.d/GPO_WindowsDefender.conf +++ b/modules.d/GPO_WindowsDefender.conf @@ -1,6 +1,6 @@ { - "Name" : "Windows Defender (GPO)", - "Description" : "This module Desactivate somes Windows Defender functionnallity like GPO does.", + "name" : "Windows Defender (GPO)", + "description" : "This module Desactivate somes Windows Defender functionnallity like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_WindowsStore.conf b/modules.d/GPO_WindowsStore.conf index 8bf53b4..3626231 100644 --- a/modules.d/GPO_WindowsStore.conf +++ b/modules.d/GPO_WindowsStore.conf @@ -1,6 +1,6 @@ { - "Name" : "Windows Store (GPO)", - "Description" : "This module Desactivate Windows Store functionnality like GPO does.", + "name" : "Windows Store (GPO)", + "description" : "This module Desactivate Windows Store functionnality like GPO does.", "actions" : [ { diff --git a/modules.d/GPO_WindowsTips.conf b/modules.d/GPO_WindowsTips.conf index bd3f16f..e36e415 100644 --- a/modules.d/GPO_WindowsTips.conf +++ b/modules.d/GPO_WindowsTips.conf @@ -1,6 +1,6 @@ { - "Name" : "Windows Tips (GPO)", - "Description" : "This module desactivate Windows tips like GPO does.", + "name" : "Windows Tips (GPO)", + "description" : "This module desactivate Windows tips like GPO does.", "actions" : [ { From ae3fe95912ea1e4a01180120964b3bab56cf5e6c Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sat, 31 Mar 2018 22:46:46 +0200 Subject: [PATCH 42/91] Add a service to disable --- modules.d/UninstallModernApp/XboxServices.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/modules.d/UninstallModernApp/XboxServices.txt b/modules.d/UninstallModernApp/XboxServices.txt index 8a7a7ae..1a59b98 100644 --- a/modules.d/UninstallModernApp/XboxServices.txt +++ b/modules.d/UninstallModernApp/XboxServices.txt @@ -1,4 +1,5 @@ XblAuthManager XblGameSave XboxNetApiSvc +xboxgip XboxGipSvc From 80e3c40b4308ae6b30ae8a42b73ad4d71f5c1540 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sat, 31 Mar 2018 23:13:23 +0200 Subject: [PATCH 43/91] service with userService to True write a registry key to not create a user service when log-in --- cleanW10.ps1 | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index aae06e3..b2eb039 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -456,7 +456,16 @@ function DisableService { return } Stop-Service -InputObject $service -PassThru | Set-Service -StartupType disabled - Write-Host -ForegroundColor Green "done " + Write-Host -ForegroundColor Green "done" + if ( $params.userService ) { + # For this kind of service, we need to add a key t create a user service + # Where user log-in. + AddRegKey @{ + path="HKLM:\SYSTEM\CurrentControlSet\Services\$($params.name)"; + key="UserServiceFlags" + value="0" + } + } } catch { Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" From ce7da69a5b94ce595f18d345d9e1af4ce916b477 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sat, 31 Mar 2018 23:15:47 +0200 Subject: [PATCH 44/91] Add services modules --- modules.d/SER_Sensors.conf | 21 ++++++++ modules.d/SER_Users.conf | 49 +++++++++++++++++++ modules.d/SER_VariousServices.conf | 22 +++++++++ .../SER_VariousServices/DiagServices.txt | 4 ++ 4 files changed, 96 insertions(+) create mode 100644 modules.d/SER_Sensors.conf create mode 100644 modules.d/SER_Users.conf create mode 100644 modules.d/SER_VariousServices.conf create mode 100644 modules.d/SER_VariousServices/DiagServices.txt diff --git a/modules.d/SER_Sensors.conf b/modules.d/SER_Sensors.conf new file mode 100644 index 0000000..1696770 --- /dev/null +++ b/modules.d/SER_Sensors.conf @@ -0,0 +1,21 @@ +{ + "name" : "Sensors Services", + "description" : "Disable sensors related services should impact orientation, auto-brightness orientation etc.", + "actions" : [ + { + "_comment" : "disable sensors service", + "action" : "disableservices", + "name" : "sensorservice" + }, + { + "_comment" : "Disable sensors monitoring service", + "action" : "disableservices", + "name" : "SensrSvc" + }, + { + "_comment" : "Disable sensors data service", + "action" : "disableservices", + "name" : "SensorDataService" + } + ] +} diff --git a/modules.d/SER_Users.conf b/modules.d/SER_Users.conf new file mode 100644 index 0000000..d402b34 --- /dev/null +++ b/modules.d/SER_Users.conf @@ -0,0 +1,49 @@ +{ + "name" : "User services", + "description" : "User specific services, ones ends with ????? need to be disable per account", + "actions" : + [ + { + "_comment" : "Disable sync service (useful for calendars, contact, mesaging and other sync applications)", + "action" : "DisableService", + "name" : "OneSyncSvc", + "userService" : "True" + }, + { + "_comment" : "Disable connected user platform service", + "action" : "DisableService", + "name" : "CDPUserSvc", + "userService" : "True" + }, + { + "_comment" : "Disable messaging service", + "action" : "DisableService", + "name" : "MessagingService", + "userService" : "True" + }, + { + "_comment" : "Disable contact data service", + "action" : "DisableService", + "name" : "PimIndexMaintenanceSvc", + "userService" : "True" + }, + { + "_comment" : "Disable contact data service", + "action" : "DisableService", + "name" : "UnistoreSvc", + "userService" : "True" + }, + { + "_comment" : "Disable user data sharing service", + "action" : "DisableService", + "name" : "UserDataSvc", + "userService" : "True" + }, + { + "_comment" : "Disable contact data service", + "action" : "DisableService", + "name" : "WpnUserService", + "userService" : "True" + } + ] +} diff --git a/modules.d/SER_VariousServices.conf b/modules.d/SER_VariousServices.conf new file mode 100644 index 0000000..54777ab --- /dev/null +++ b/modules.d/SER_VariousServices.conf @@ -0,0 +1,22 @@ +{ + "name" : "Remove Services", + "description" : "", + "actions" : [ + { + "_comment" : "Disable most diagnostic related services", + "action" : "DisableServices", + "file" : "DiagServices.txt", + "firewall" : "True" + }, + { + "_comment" : "Disable Biometric service", + "action" : "DisableService", + "name" : "WbioSrvc" + }, + { + "_comment" : "Disable Windows Licence Manager", + "action" : "DisableService", + "name" : "LicenseManager" + } + ] +} diff --git a/modules.d/SER_VariousServices/DiagServices.txt b/modules.d/SER_VariousServices/DiagServices.txt new file mode 100644 index 0000000..24e975b --- /dev/null +++ b/modules.d/SER_VariousServices/DiagServices.txt @@ -0,0 +1,4 @@ +DiagTrack +dmwappushservice +diagnosticshub.standardcollector.service +RetailDemo From 745049551a4409ad7375a0fdfcb58262e831d0d3 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sat, 31 Mar 2018 23:31:12 +0200 Subject: [PATCH 45/91] Error in action name --- modules.d/SER_Sensors.conf | 6 +++--- modules.d/SER_VariousServices.conf | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules.d/SER_Sensors.conf b/modules.d/SER_Sensors.conf index 1696770..a77be34 100644 --- a/modules.d/SER_Sensors.conf +++ b/modules.d/SER_Sensors.conf @@ -4,17 +4,17 @@ "actions" : [ { "_comment" : "disable sensors service", - "action" : "disableservices", + "action" : "DisableService", "name" : "sensorservice" }, { "_comment" : "Disable sensors monitoring service", - "action" : "disableservices", + "action" : "DisableService", "name" : "SensrSvc" }, { "_comment" : "Disable sensors data service", - "action" : "disableservices", + "action" : "DisableService", "name" : "SensorDataService" } ] diff --git a/modules.d/SER_VariousServices.conf b/modules.d/SER_VariousServices.conf index 54777ab..4860e81 100644 --- a/modules.d/SER_VariousServices.conf +++ b/modules.d/SER_VariousServices.conf @@ -4,7 +4,7 @@ "actions" : [ { "_comment" : "Disable most diagnostic related services", - "action" : "DisableServices", + "action" : "DisableService", "file" : "DiagServices.txt", "firewall" : "True" }, From c107756bd5325f15018243a097488e0725464144 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 1 Apr 2018 00:07:42 +0200 Subject: [PATCH 46/91] Rework DisableService() : write UserFlagService reg key even although service could not be disable --- cleanW10.ps1 | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index b2eb039..aa8a212 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -457,7 +457,14 @@ function DisableService { } Stop-Service -InputObject $service -PassThru | Set-Service -StartupType disabled Write-Host -ForegroundColor Green "done" - if ( $params.userService ) { + } + catch { + Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + } + finally { + Write-host "Value : $($params.userService.getType())" + if ( $params.ContainsKey('userService') -and $params.userService -eq $true ) { # For this kind of service, we need to add a key t create a user service # Where user log-in. AddRegKey @{ @@ -467,11 +474,6 @@ function DisableService { } } } - catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - return - } } else { Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" From 068e82ef2821cb4f9bdf29e354df6638e697948e Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 1 Apr 2018 00:09:40 +0200 Subject: [PATCH 47/91] userService variable use real JSON Boolean type --- modules.d/SER_Users.conf | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/modules.d/SER_Users.conf b/modules.d/SER_Users.conf index d402b34..9a14348 100644 --- a/modules.d/SER_Users.conf +++ b/modules.d/SER_Users.conf @@ -7,43 +7,43 @@ "_comment" : "Disable sync service (useful for calendars, contact, mesaging and other sync applications)", "action" : "DisableService", "name" : "OneSyncSvc", - "userService" : "True" + "userService" : true }, { "_comment" : "Disable connected user platform service", "action" : "DisableService", "name" : "CDPUserSvc", - "userService" : "True" + "userService" : true }, { "_comment" : "Disable messaging service", "action" : "DisableService", "name" : "MessagingService", - "userService" : "True" + "userService" : true }, { "_comment" : "Disable contact data service", "action" : "DisableService", "name" : "PimIndexMaintenanceSvc", - "userService" : "True" + "userService" : true }, { "_comment" : "Disable contact data service", "action" : "DisableService", "name" : "UnistoreSvc", - "userService" : "True" + "userService" : true }, { "_comment" : "Disable user data sharing service", "action" : "DisableService", "name" : "UserDataSvc", - "userService" : "True" + "userService" : true }, { "_comment" : "Disable contact data service", "action" : "DisableService", "name" : "WpnUserService", - "userService" : "True" + "userService" : true } ] } From 6a1bf1af0e0e5abbe0fc6fb4e96343223c0c91a4 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Sun, 1 Apr 2018 00:12:23 +0200 Subject: [PATCH 48/91] Remove debug output --- cleanW10.ps1 | 1 - 1 file changed, 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index aa8a212..6ab5c5c 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -463,7 +463,6 @@ function DisableService { write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } finally { - Write-host "Value : $($params.userService.getType())" if ( $params.ContainsKey('userService') -and $params.userService -eq $true ) { # For this kind of service, we need to add a key t create a user service # Where user log-in. From 246441cb50009af7bc8d58c49ccd216b81a05115 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 3 Apr 2018 10:50:17 +0200 Subject: [PATCH 49/91] Add module to block MS telemetry IPs --- modules.d/FW_BlockIP.conf | 0 modules.d/FW_BlockIP/skype-msn.txt | 37 +++ modules.d/FW_BlockIP/telemetry.txt | 366 +++++++++++++++++++++++++++++ 3 files changed, 403 insertions(+) create mode 100644 modules.d/FW_BlockIP.conf create mode 100644 modules.d/FW_BlockIP/skype-msn.txt create mode 100644 modules.d/FW_BlockIP/telemetry.txt diff --git a/modules.d/FW_BlockIP.conf b/modules.d/FW_BlockIP.conf new file mode 100644 index 0000000..e69de29 diff --git a/modules.d/FW_BlockIP/skype-msn.txt b/modules.d/FW_BlockIP/skype-msn.txt new file mode 100644 index 0000000..4c1ae3c --- /dev/null +++ b/modules.d/FW_BlockIP/skype-msn.txt @@ -0,0 +1,37 @@ +2.18.122.78 +2.18.126.223 +23.40.1.36 +40.69.132.130 +40.74.50.25 +40.77.226.192 +40.77.226.194 +40.77.226.246 +40.79.79.123 +40.127.139.224 +52.169.118.173 +64.4.23.151 +65.54.225.167 +65.55.108.23 +92.122.180.48 +93.184.221.200 +95.101.148.83 +104.71.185.14 +104.85.27.201 +104.94.168.220 +104.96.28.184 +131.253.14.76 +134.170.0.216 +134.170.3.200 +157.55.56.161 +157.55.130.155 +157.56.198.14 +157.56.109.8 +157.56.123.82 +157.56.114.104 +157.56.194.24 +207.46.11.252 +207.46.194.8 +207.46.194.10 +207.46.194.14 +207.46.194.25 +207.46.194.33 diff --git a/modules.d/FW_BlockIP/telemetry.txt b/modules.d/FW_BlockIP/telemetry.txt new file mode 100644 index 0000000..b35786f --- /dev/null +++ b/modules.d/FW_BlockIP/telemetry.txt @@ -0,0 +1,366 @@ +2.17.21.70 +2.18.126.144 +2.18.126.99 +2.18.245.121 +2.18.245.81 +2.18.245.97 +2.19.224.131 +2.19.225.200 +2.22.61.43 +2.22.61.66 +4.23.62.126 +13.81.59.242 +13.107.3.128 +13.107.4.50 +13.107.4.52 +13.107.5.88 +13.107.21.200 +23.101.115.193 +23.101.156.198 +23.101.187.68 +23.102.17.214 +23.102.21.4 +23.103.189.125 +23.103.189.126 +23.193.225.197 +23.193.230.88 +23.193.236.70 +23.193.238.90 +23.193.251.132 +23.206.42.56 +23.210.48.42 +23.210.5.16 +23.210.63.75 +23.211.159.37 +23.211.170.9 +23.217.138.11 +23.217.138.122 +23.217.138.18 +23.217.138.25 +23.217.138.43 +23.67.60.97 +23.74.8.80 +23.74.8.99 +23.74.9.198 +23.74.9.217 +23.9.123.27 +23.96.212.225 +23.97.178.173 +23.97.197.207 +23.99.10.11 +31.13.92.2 +37.252.162.217 +37.252.163.144 +37.252.163.145 +37.252.170.141 +40.113.10.78 +40.113.11.93 +40.117.145.132 +40.122.214.188 +40.69.66.208 +40.77.134.24 +40.77.226.249 +40.77.226.250 +40.77.229.2 +40.77.229.133 +40.77.229.141 +40.84.199.233 +52.71.117.99 +52.164.227.208 +52.166.197.207 +52.169.118.173 +52.178.167.109 +64.4.6.100 +64.4.11.42 +64.4.54.18 +64.4.54.22 +64.4.54.32 +64.4.54.98 +64.4.54.99 +64.4.54.116 +64.4.54.117 +4.4.54.153 +64.4.54.167 +64.4.54.253 +64.4.54.254 +65.39.117.230 +65.52.100.7 +65.52.100.9 +65.52.100.11 +65.52.100.91 +65.52.100.92 +65.52.100.93 +65.52.100.94 +65.52.108.3 +65.52.108.27 +65.52.108.29 +65.52.108.33 +65.52.108.92 +65.52.108.94 +65.52.108.103 +65.52.108.153 +65.52.108.154 +65.52.108.252 +65.52.161.64 +65.52.236.160 +65.54.226.187 +65.55.29.238 +65.55.39.10 +65.55.44.85 +65.55.44.108 +65.55.44.109 +65.55.57.27 +65.55.83.120 +65.55.108.23 +65.55.113.13 +65.55.128.80 +65.55.128.81 +65.55.130.50 +65.55.138.110 +65.55.138.111 +65.55.138.114 +65.55.138.126 +65.55.138.186 +65.55.163.221 +65.55.163.222 +65.55.176.90 +65.55.206.154 +65.55.252.190 +65.55.252.43 +65.55.252.63 +65.55.252.71 +65.55.252.92 +65.55.252.93 +66.119.144.157 +66.119.144.158 +66.119.144.189 +66.119.144.190 +66.119.147.131 +66.119.152.204 +66.119.152.205 +68.232.34.200 +72.21.81.200 +72.21.91.8 +74.125.206.148 +74.125.206.149 +77.67.29.176 +8.23.91.254 +8.253.7.126 +8.253.91.126 +8.253.91.254 +8.253.92.126 +8.254.226.254 +8.254.227.126 +82.199.68.72 +82.199.80.143 +88.221.113.72 +88.221.113.96 +88.221.14.168 +88.221.15.43 +88.221.15.59 +92.123.182.27 +92.123.182.58 +94.245.121.176 +94.245.121.177 +94.245.121.178 +94.245.121.179 +94.245.121.251 +94.245.121.253 +94.245.121.254 +95.101.148.186 +95.101.149.158 +98.124.243.41 +104.101.172.250 +104.121.1.194 +104.208.28.54 +104.40.208.40 +104.47.166.140 +104.69.67.29 +104.69.119.19 +104.69.135.172 +104.73.92.149 +104.73.138.217 +104.73.143.160 +104.73.153.9 +104.73.160.16 +104.73.160.51 +104.73.160.58 +104.82.14.146 +104.82.22.249 +104.85.17.76 +104.85.38.129 +104.91.166.82 +104.91.188.21 +104.94.111.30 +104.94.163.155 +104.94.172.176 +104.96.20.117 +104.96.28.44 +104.96.147.3 +111.221.29.177 +111.221.29.253 +128.63.2.53 +131.107.113.238 +131.107.255.255 +131.253.14.121 +131.253.14.153 +131.253.14.76 +131.253.34.240 +131.253.40.109 +131.253.40.37 +131.253.40.53 +131.253.40.59 +131.253.61.100 +131.253.61.66 +131.253.61.82 +131.253.61.84 +131.253.61.96 +134.170.30.202 +134.170.51.190 +134.170.51.246 +134.170.51.247 +134.170.51.248 +134.170.51.250 +134.170.52.151 +134.170.53.29 +134.170.53.30 +134.170.58.118 +134.170.58.121 +134.170.58.123 +134.170.58.189 +134.170.58.190 +134.170.104.154 +134.170.111.154 +134.170.115.60 +134.170.115.62 +134.170.165.248 +134.170.165.251 +134.170.165.253 +134.170.179.87 +134.170.185.70 +134.170.188.248 +134.170.188.84 +137.116.74.190 +137.116.81.24 +137.117.235.16 +157.55.129.21 +157.55.133.204 +157.55.240.220 +157.56.17.248 +157.56.23.91 +157.56.57.5 +157.56.74.250 +157.56.77.138 +157.56.77.139 +157.56.91.77 +157.56.91.82 +157.56.96.54 +157.56.96.58 +157.56.96.123 +157.56.106.184 +157.56.106.189 +157.56.121.89 +157.56.124.87 +157.56.144.215 +157.56.144.216 +157.56.149.250 +157.56.194.72 +157.58.211.44 +157.58.249.57 +161.69.13.20 +161.69.17.33 +161.69.28.13 +161.69.29.54 +161.69.165.22 +161.69.165.23 +161.69.165.24 +161.69.165.26 +161.69.165.56 +161.69.165.57 +161.69.165.60 +161.69.165.62 +168.61.24.141 +168.62.187.13 +168.63.29.74 +168.63.108.233 +172.217.20.38 +173.194.113.219 +173.194.113.220 +173.194.40.123 +173.194.40.124 +173.223.10.103 +173.223.10.169 +173.223.10.232 +173.223.11.142 +173.223.11.143 +173.223.11.152 +173.223.11.166 +173.252.90.192 +178.255.83.1 +185.13.160.61 +191.232.140.76 +191.232.80.58 +191.232.80.60 +191.232.80.62 +191.234.72.183 +191.234.72.186 +191.234.72.188 +191.234.72.190 +191.237.208.126 +192.168.1.255 +192.229.233.249 +194.44.4.200 +194.44.4.208 +198.41.214.183 +198.41.214.184 +198.41.214.186 +198.41.214.187 +198.41.215.182 +198.41.215.185 +198.41.215.186 +198.78.208.254 +204.79.197.209 +204.79.197.210 +204.79.197.211 +204.79.197.213 +207.123.34.126 +207.123.56.252 +207.46.7.252 +207.46.101.29 +207.46.114.58 +207.46.114.61 +207.46.223.94 +207.68.166.254 +212.30.134.204 +212.30.134.205 +216.38.172.128 +216.58.198.230 +216.58.209.166 +216.58.211.102 +216.58.213.134 +64.4.23.0-64.4.23.255 +65.55.223.0-65.55.223.255 +157.55.52.0-157.55.52.255 +157.55.56.0-157.55.56.255 +157.55.235.0-157.55.235.255 +111.221.64.0-111.221.127.255 +157.55.130.0-157.55.130.255 +157.55.236.0-157.55.236.255 +195.138.255.0-195.138.255.255 +213.199.179.0-213.199.179.255 +191.232.139.2-191.232.139.255 +=23.55.155.27 +23.214.171.90 +64.4.11.25 +65.52.100.46 +88.221.113.10 +88.221.113.57 +95.101.148.156 +184.87.182.252 +198.41.214.185 +198.41.215.183 +198.41.215.184 +221.221.112.129 +221.221.112.145 +221.221.112.160 +221.221.112.203 From 7fbd179fe2baf723cd99f05cc7ed03287b1a8b42 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 3 Apr 2018 11:03:33 +0200 Subject: [PATCH 50/91] Write module rules --- modules.d/FW_BlockIP.conf | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/modules.d/FW_BlockIP.conf b/modules.d/FW_BlockIP.conf index e69de29..6f25789 100644 --- a/modules.d/FW_BlockIP.conf +++ b/modules.d/FW_BlockIP.conf @@ -0,0 +1,17 @@ +{ + "name" : "Block Telemetry IPs", + "description" : "Block IPs relative to Microsoft telemery.", + "actions" : + [ + { + "_comment" : "Block telemetry IPS", + "action" : "FwBlockOutputIP", + "file" : "telemetry.txt" + }, + { + "comment" : "Block IP relative to Skype and Messenger", + "action" : "FwBlockOutputIP", + "file" : "skype-msn.txt" + } + ] +} From 5269bf5d78abdcff0cc882c395b8c4259f699819 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 3 Apr 2018 10:16:00 +0200 Subject: [PATCH 51/91] Remove duplicate entries --- modules.d/FW_BlockIP/skype-msn.txt | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/modules.d/FW_BlockIP/skype-msn.txt b/modules.d/FW_BlockIP/skype-msn.txt index 4c1ae3c..d7e518d 100644 --- a/modules.d/FW_BlockIP/skype-msn.txt +++ b/modules.d/FW_BlockIP/skype-msn.txt @@ -8,10 +8,8 @@ 40.77.226.246 40.79.79.123 40.127.139.224 -52.169.118.173 64.4.23.151 65.54.225.167 -65.55.108.23 92.122.180.48 93.184.221.200 95.101.148.83 @@ -34,4 +32,4 @@ 207.46.194.10 207.46.194.14 207.46.194.25 -207.46.194.33 +207.46.194.33 \ No newline at end of file From 9fddccdc620def1f406b935f6d0638a335a24919 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 3 Apr 2018 10:16:44 +0200 Subject: [PATCH 52/91] Reworked Firewall function for better output and message in rules --- cleanW10.ps1 | 41 +++++++++++++++++++++++++---------------- 1 file changed, 25 insertions(+), 16 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 6ab5c5c..f5265d5 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -10,8 +10,11 @@ Set-StrictMode -Version 2 #$PSDefaultParameterValues=@{$dir = "./modules.d"} $HOST_FILE = "$env:windir\System32\drivers\etc\hosts" $HOST_IP = "0.0.0.0" +$FW_RULE_NAME_PREFIX = "CleanW10" + $ErrorActionPreference = "Stop" $ProgressPreference = "SilentlyContinue" + #Thanks to https://gist.github.com/markembling/173887 function BlockHost { param( @@ -66,14 +69,20 @@ function FwBlockOutputIP { foreach ($line in Get-Content $params.file ){ FwBlockOutputIP @{"ip"="$line"} } } elseif ( $params.ContainsKey('ip') ) { - Write-Host -NoNewline "`t$($params.ip) : " - if ( Get-NetFirewallRule -Name Blacklist_$($params.ip) -ErrorAction SilentlyContinue) { - Write-Host -ForegroundColor Yellow "already blacklisted" + if (-not $params.ContainsKey('name') -or $params.name -eq "" ) { + $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.ip + } + else { + $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.name + } + Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : " + if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { + Write-Host -ForegroundColor Yellow "already exist" return } else { Try { - New-NetFirewallRule -Name Blacklist_$($params.ip) -DisplayName "BlackList $($params.ip)" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null + New-NetFirewallRule -Name $name -DisplayName "$name (blacklist $($params.ip))" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null } Catch { Write-Host -ForegroundColor Red "error" @@ -100,29 +109,29 @@ function FwBlockProgram { [object]$params ) if ( $params.ContainsKey('file') ) { - foreach ($line in Get-Content $params.file ){ FwBlockOutputIP @{"ip"="$line"} } + foreach ($line in Get-Content $params.file ){ FwBlockProgram @{"path"="$line"} } } elseif ( $params.ContainsKey('path') ) { $path = Invoke-Expression """$($params.path)""" - Write-Host -NoNewline "`tBlock program $($path) : " + if ( -not $params.ContainsKey('name') -or $params.name -eq "" ) { + $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.path + } + $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.name + Write-Host -NoNewline "`tAdd FW program rule $name ($($path)) : " + if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { + Write-Host -ForegroundColor Yellow "already exist" + return + } if ( -not (Test-Path $path) ) { Write-Host -Foregroundcolor Red "Error (path not found)" return } - if ( -not $params.ContainsKey('name') ) { - $params.name = $params.path - } - if ( Get-NetFirewallRule -Name $($params.name) -ErrorAction SilentlyContinue) { - Write-Host -ForegroundColor Yellow "already blacklisted" - return - } try { - New-NetFirewallRule -Name "$($params.name)" -DisplayName "$($params.name)" -Program "$path" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress any -Action Block | Out-Null + New-NetFirewallRule -Name "$name" -DisplayName "$name (program : $($params.path))" -Program "$path" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress any -Action Block | Out-Null Write-Host -ForegroundColor Green "done" } catch { Write-Host -ForegroundColor Red "error" - return } } else { @@ -368,7 +377,7 @@ function UninstallModernApp { } catch { Write-Host -NoNewLine -ForegroundColor Red "Error `n`t" - write-Host -ForegroundColor DarkRed "Impossible to Uninstall. Is this a system one." + write-Host -ForegroundColor DarkRed $_ } } else { From 4a715091b71f1c3fca9b768fa54c9ad36eb74a52 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 3 Apr 2018 15:05:42 +0200 Subject: [PATCH 53/91] Add module to block hosts --- modules.d/BlockHosts.conf | 11 ++ modules.d/BlockHosts/base.txt | 161 ++++++++++++++++++++ modules.d/BlockHosts/mcafee.txt | 2 + modules.d/BlockHosts/ms-skype-messenger.txt | 26 ++++ 4 files changed, 200 insertions(+) create mode 100644 modules.d/BlockHosts.conf create mode 100644 modules.d/BlockHosts/base.txt create mode 100644 modules.d/BlockHosts/mcafee.txt create mode 100644 modules.d/BlockHosts/ms-skype-messenger.txt diff --git a/modules.d/BlockHosts.conf b/modules.d/BlockHosts.conf new file mode 100644 index 0000000..1909b97 --- /dev/null +++ b/modules.d/BlockHosts.conf @@ -0,0 +1,11 @@ +{ + "name" : "Block unwanted Host", + "description" : "This module block some hosts from Microsoft", + "actions" : [ + { + "action" : "BlockHost", + "file" : "hosts.txt", + "host" : "" + } + ] +} \ No newline at end of file diff --git a/modules.d/BlockHosts/base.txt b/modules.d/BlockHosts/base.txt new file mode 100644 index 0000000..7480605 --- /dev/null +++ b/modules.d/BlockHosts/base.txt @@ -0,0 +1,161 @@ +a-0001.a-msedge.net +a-0002.a-msedge.net +a-0003.a-msedge.net +a-0004.a-msedge.net +a-0005.a-msedge.net +a-0006.a-msedge.net +a-0007.a-msedge.net +a-0008.a-msedge.net +a-0009.a-msedge.net +a.ads1.msn.com +a.ads2.msn.com +a1095.g2.akamai.net +a23-193-236-70.deploy.static.akamaitechnologies.com +a23-193-238-90.deploy.static.akamaitechnologies.com +a23-210-48-42.deploy.static.akamaitechnologies.com +a23-210-5-16.deploy.static.akamaitechnologies.com +a23-210-63-75.deploy.static.akamaitechnologies.com +a23-217-138-11.deploy.static.akamaitechnologies.com +a23-217-138-122.deploy.static.akamaitechnologies.com +a23-217-138-18.deploy.static.akamaitechnologies.com +a23-217-138-25.deploy.static.akamaitechnologies.com +a23-217-138-43.deploy.static.akamaitechnologies.com +a23-217-138-90.deploy.static.akamaitechnologies.com +a23-217-138-97.deploy.static.akamaitechnologies.com +a23-218-212-69.deploy.static.akamaitechnologies.com +a23-67-60-65.deploy.static.akamaitechnologies.com +a23-67-60-73.deploy.static.akamaitechnologies.com +a23-67-60-97.deploy.static.akamaitechnologies.com +a23-9-123-27.deploy.static.akamaitechnologies.com +a569.g.akamai.net +activity.windows.com +ad.doubleclick.net +ads.msn.com +ads.msn.com.nsatc.net +ads1.msads.net +ads1.msn.com +appex.bing.com +apprep.smartscreen.microsoft.com +array201-prod.do.dsp.mp.microsoft.com +array202-prod.do.dsp.mp.microsoft.com +array203-prod.do.dsp.mp.microsoft.com +array204-prod.do.dsp.mp.microsoft.com +bingads.microsoft.com +bn1303.settings.live.net +c.microsoft.com +c.s-microsoft.com +c.urs.microsoft.com +c1.microsoft.com +cache.datamart.windows.com +cdn.content.prod.cms.msn.com +choice.microsoft.com +choice.microsoft.com.nsatc.net +co4.telecommand.telemetry.microsoft.com.akadns.net +corp.sts.microsoft.com +corpext.msitadfs.glbdns2.microsoft.com +cp201-prod.do.dsp.mp.microsoft.com +cs1.wpc.v0cdn.net +db3aqu.atdmt.com +df.telemetry.microsoft.com +diagnostics.support.microsoft.akadns.net +diagnostics.support.microsoft.com +dl.delivery.mp.microsoft.com +dns.msftncsi.com +download-ssl.msgamestudios.com +e2236.g.akamaiedge.net +e7173.g.akamaiedge.net +e8011.g.akamaiedge.net +fe1.update.microsoft.com.akadns.net +fe2.update.microsoft.com.akadns.net +fe3.delivery.dsp.mp.microsoft.com.nsatc.net +feedback.microsoft-hohm.com +feedback.search.microsoft.com +feedback.windows.com +finances.services.appx.bing.com +fr-fr.appx-rf.msn.com +g.bing.com +geo-prod.do.dsp.mp.microsoft.com +geover-prod.do.dsp.mp.microsoft.com +ieonline.microsoft.com +ieonlinews.microsoft.com +i1.services.social.microsoft.com +i1.services.social.microsoft.com.nsatc.net +Inprod.support.services.microsoft.com +lb1.www.ms.akadns.net +licensing.md.mp.microsoft.com +mpd.mxptint.net +msedge.net +msnbot-207-46-194-33.search.msn.com +msnbot-65-52-108-27.search.msn.com +msnbot-65-52-108-29.search.msn.com +msnbot-65-52-108-92.search.msn.com +msnbot-65-52-108-94.search.msn.com +msnbot-65-55-252-43.search.msn.com +next-services.apps.microsoft.com +nexus.officeapps.live.com +nexusrules.officeapps.live.com +oca.telemetry.microsoft.com +ocos-office365-s2s.msedge.net +ocsa.office.microsoft.com +ocsp.usertrust.com +odc.officeapps.live.com +pre.footprintpredict.com +preview.msn.com +public-family.api.account.microsoft.com +redir.metaservices.microsoft.com +redir.metaservices.microsoft.com.edgesuite.net +redirection.prod.cms.msn.com.akadns.net +reports.wes.df.telemetry.microsoft.com +roaming.officeapps.live.com +rr.office.microsoft.com +sc.iasds01.com +schemas.microsoft.akadns.net +services.wes.df.telemetry.microsoft.com +settings-sandbox.data.glbdns2.microsoft.com +settings-sandbox.data.microsoft.com +settings.data.microsoft.com +siWeb.microsoft.akadns.net +sls.update.microsoft.com.akadns.net +solitaireprod.maelstrom.xboxlive.com +spynet2.microsoft.akadns.net +spynetalt.microsoft.akadns.net +spynetalt.microsoft.com +spyneteurope.microsoft.akadns.net +sqm.df.telemetry.microsoft.com +sqm.telemetry.microsoft.com +sqm.telemetry.microsoft.com.nsatc.net +ssw.live.com +ssw.live.com.nsatc.net +statsfe1.update.microsoft.com.akadns.net +statsfe1.ws.microsoft.com +statsfe1.ws.microsoft.com.nsatc.net +statsfe2.update.microsoft.com.akadns.net +statsfe2.ws.microsoft.com +statsfe2.ws.microsoft.com.nsatc.net +storeedgefd.dsx.mp.microsoft.com +support.msn.microsoft.akadns.net +survey.watson.microsoft.com +t.urs.microsoft.com.nsatc.net +telecommand.telemetry.microsoft.com +telemetry.appex.bing.net +telemetry.appex.bing.net:443 +telemetry.appex.search.prod.ms.akadns.net +telemetry.microsoft.com +telemetry.urs.microsoft.com +tunnel.cfw.trustedsource.org +uci.officeapps.live.com +updatekeepalive.mcafee.com +urs.smartscreen.microsoft.com +v10.vortex-win.data.microsoft.com +vortex-sandbox.data.glbdns2.microsoft.com +vortex-sandbox.data.microsoft.com +vortex-win.data.microsoft.com +vortex.data.microsoft.com +watson.live.com +watson.microsoft.com +watson.ppe.telemetry.microsoft.com +watson.telemetry.microsoft.com +wes.df.telemetry.microsoft.com +win10.ipv6.microsoft.com +www.msftconnecttest.com +www.msftncsi.com diff --git a/modules.d/BlockHosts/mcafee.txt b/modules.d/BlockHosts/mcafee.txt new file mode 100644 index 0000000..631f973 --- /dev/null +++ b/modules.d/BlockHosts/mcafee.txt @@ -0,0 +1,2 @@ +su3.mcafee.com +sm.mcafee.com diff --git a/modules.d/BlockHosts/ms-skype-messenger.txt b/modules.d/BlockHosts/ms-skype-messenger.txt new file mode 100644 index 0000000..9acce47 --- /dev/null +++ b/modules.d/BlockHosts/ms-skype-messenger.txt @@ -0,0 +1,26 @@ +a.rad.msn.com +ac3.msn.com +apps.skype.com +arc.msn.com +az361816.vo.msecnd.net +az512334.vo.msecnd.net +b.rad.msn.com +c.msn.com +client-s.gateway.messenger.live.com +client.wns.windows.com +dub407-m.hotmail.com +flex.msn.com +g.msn.com +h1.msn.com +h2.msn.com +live.rads.msn.com +m.hotmail.com +mscrl.microsoft.com +msnbot-65-55-108-23.search.msn.com +preview.msn.com +rad.live.com +rad.msn.com +rpt.msn.com +s.gateway.messenger.live.com +otf.msn.com +ui.skype.com From d986ccb16dbff198a28cdbd94b79e201690bd031 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 3 Apr 2018 16:05:53 +0200 Subject: [PATCH 54/91] Host is also blocked in firewall if action.firewall is true in BlockHost action --- cleanW10.ps1 | 31 ++++++++++++++++++++++++++++--- modules.d/BlockHosts.conf | 13 +++++++++---- 2 files changed, 37 insertions(+), 7 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index f5265d5..16bd400 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -26,7 +26,6 @@ function BlockHost { [object]$params ) if ( $params.ContainsKey('file') ) { - Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line} } } if ( $params.ContainsKey('host') -and $params.host -ne "" ) { @@ -39,12 +38,38 @@ function BlockHost { Write-Host -ForegroundColor Yellow "already blocked " return } + Write-Host -ForegroundColor Green "done" } catch { - Write-Host -ForegroundColor Red "error" + Write-Host -NoNewline -ForegroundColor Red "error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exeption.Message return } - Write-Host -ForegroundColor Green "done" + if ( $params.ContainsKey('firewall') -and $params.firewall ) { + BlockHostByIP $params.host + } + } + else { + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + } + +} + +function BlockHostByIP { + param( + [string]$hostname + ) + $ip = [system.net.Dns]::GetHostAddresses($hostname) + $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } -ErrorAction SilentlyContinue | Get-NetFirewallRule + if ( $rule ) { + write-host -ForegroundColor yellow "`t`tFW Rule exist : ($($rule.name))" + } + else { + write-host -NoNewline -Foregroundcolor Green "`t`tFW block host.`n`t`t" + FwBlockOutputIP @{ + ip=$ip, + name=$hostname + } } } diff --git a/modules.d/BlockHosts.conf b/modules.d/BlockHosts.conf index 1909b97..195bd0f 100644 --- a/modules.d/BlockHosts.conf +++ b/modules.d/BlockHosts.conf @@ -4,8 +4,13 @@ "actions" : [ { "action" : "BlockHost", - "file" : "hosts.txt", - "host" : "" - } + "file" : "base.txt", + "host" : "", + "firewall" : true + }, + { + "action" : "BlockHost", + "file" : "ms-skype-messeger.txt" + } ] -} \ No newline at end of file +} From 5db809b884203d3a805919c32c567ca667b52d27 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 3 Apr 2018 22:24:07 +0200 Subject: [PATCH 55/91] Reworked BlockHost() BlockHostByIP() --- cleanW10.ps1 | 86 ++++++++++++++++++++++++++++------------------------ 1 file changed, 47 insertions(+), 39 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 16bd400..9717fe9 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -1,7 +1,8 @@ param ( [cmdletbinding()] [string]$dir="modules.d", - [string]$module + [string]$module, + [switch]$debug = $false ) #requires -RunAsAdministrator @@ -11,8 +12,7 @@ Set-StrictMode -Version 2 $HOST_FILE = "$env:windir\System32\drivers\etc\hosts" $HOST_IP = "0.0.0.0" $FW_RULE_NAME_PREFIX = "CleanW10" - -$ErrorActionPreference = "Stop" +$IP4_REGEX = "((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$" $ProgressPreference = "SilentlyContinue" #Thanks to https://gist.github.com/markembling/173887 @@ -26,62 +26,68 @@ function BlockHost { [object]$params ) if ( $params.ContainsKey('file') ) { - Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line} } + Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line;firewall=$params.firewall} } } - if ( $params.ContainsKey('host') -and $params.host -ne "" ) { - Write-Host -NoNewline "`t$($params.host) : " + elseif ( $params.ContainsKey('host') -and $params.host -ne "" ) { + Write-Host "`n`tBlock host $($params.host) : " try { - if ( ! $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ - $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE + if ( $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ + #If host is inhosts.conf, verify that ip is blocked in FW + if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { + $tmp = Get-Content $HOST_FILE | Where { $_ -ne "$HOST_IP`t`t$($params.host)" } + Set-Content $HOST_FILE $tmp + BlockHostByIP $params.host + $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE + } + Write-Host -ForegroundColor Yellow "`t`tHost Already blocked" } else { - Write-Host -ForegroundColor Yellow "already blocked " - return + if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { + BlockHostByIP $params.host + } + $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE + Write-Host -ForegroundColor Green "`t`tHost blocked" } - Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewline -ForegroundColor Red "error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exeption.Message - return - } - if ( $params.ContainsKey('firewall') -and $params.firewall ) { - BlockHostByIP $params.host + Write-Host -NoNewline -ForegroundColor Red "`t`terror`n`t`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } else { Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" } - } function BlockHostByIP { param( [string]$hostname ) - $ip = [system.net.Dns]::GetHostAddresses($hostname) - $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } -ErrorAction SilentlyContinue | Get-NetFirewallRule - if ( $rule ) { - write-host -ForegroundColor yellow "`t`tFW Rule exist : ($($rule.name))" - } - else { - write-host -NoNewline -Foregroundcolor Green "`t`tFW block host.`n`t`t" - FwBlockOutputIP @{ - ip=$ip, - name=$hostname + $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | select Address,Type | Where { $_.type -match "^A{1,4}$" } + $resolv | Foreach { + Write-Host -NoNewLine "`t`t" + if ($_.Address -match $IP4_REGEX ) { Write-Debug "Found a valid IPv4 $($_.Address)" } + $ip = $_.Address + $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule + if ( $rule ) { + write-host -NoNewLine "FW Rule exist : " + write-host -ForegroundColor yellow $rule.name + } + else { + FwBlockOutputIP @{ + ip=$ip; + name=$hostname + } } } } function IsHostAlreadyBlocked { param([string]$filename, [string]$hostname) - $c = Get-Content $filename - - foreach ($line in $c) { - $bits = [regex]::Split($line, "\t+") - if ($bits[1] -eq $hostname) { - return $true - } + $c = Get-Content $filename | where { $_ -eq "$HOST_IP`t`t$hostname" } + Write-Debug "`tMatch hostname on host file : $c" + if ( $c ) { + return $true } return $false } @@ -98,7 +104,7 @@ function FwBlockOutputIP { $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.ip } else { - $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.name + $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.name + "-" + $params.ip } Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : " if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { @@ -107,7 +113,7 @@ function FwBlockOutputIP { } else { Try { - New-NetFirewallRule -Name $name -DisplayName "$name (blacklist $($params.ip))" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null + New-NetFirewallRule -Name "$name" -DisplayName "$name" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null } Catch { Write-Host -ForegroundColor Red "error" @@ -685,7 +691,7 @@ $script:users | foreach { } catch { Write-Host -ForegroundColor Red "Error`n`t" - Write-host $Error[0].Exeption.Message + Write-host $Error[0].Exception.Message } } else { @@ -694,7 +700,9 @@ $script:users | foreach { } } Write-Host "Folder to process : $module" - +if ( $debug ) { + $DebugPreference = "Continue" +} if ( $module -and $( Test-Path $module ) ) { $module | ProcessModuleFile } From ca98df6e24194805016f08333961ba80bd503ea5 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 11:37:06 +0200 Subject: [PATCH 56/91] Add tasks relatives modules --- modules.d/TSK_ApplicationExperiences.conf | 31 ++++++++ modules.d/TSK_CustomerExperience.conf | 31 ++++++++ modules.d/TSK_Feedback.conf | 19 +++++ modules.d/TSK_LocationMaps.conf | 31 ++++++++ modules.d/TSK_Shell.conf | 25 ++++++ modules.d/TSK_Various.conf | 97 +++++++++++++++++++++++ 6 files changed, 234 insertions(+) create mode 100644 modules.d/TSK_ApplicationExperiences.conf create mode 100644 modules.d/TSK_CustomerExperience.conf create mode 100644 modules.d/TSK_Feedback.conf create mode 100644 modules.d/TSK_LocationMaps.conf create mode 100644 modules.d/TSK_Shell.conf create mode 100644 modules.d/TSK_Various.conf diff --git a/modules.d/TSK_ApplicationExperiences.conf b/modules.d/TSK_ApplicationExperiences.conf new file mode 100644 index 0000000..e448f52 --- /dev/null +++ b/modules.d/TSK_ApplicationExperiences.conf @@ -0,0 +1,31 @@ +{ + "name" : "Remove Applcation Experiences Tasks", + "description" : "Is mostly consist of user data analyse for user experience", + "actions" : + [ + { + "_comment" : "", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Application Experience\\", + "name" : "AitAgent" + }, + { + "_comment" : "Disable telemetry collect for Microsoft user experience - Compatibility", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Application Experience\\", + "name" : "Microsoft Compatibility Appraiser" + }, + { + "_comment" : "Disable telemetry collect for Microsoft user experience - Program Data", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Application Experience\\", + "name" : "ProgramDataUpdater" + }, + { + "_comment" : "Disable startup tasks analyser and user notification", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Application Experience\\", + "name" : "AitAgent" + } + ] +} diff --git a/modules.d/TSK_CustomerExperience.conf b/modules.d/TSK_CustomerExperience.conf new file mode 100644 index 0000000..10e9a6c --- /dev/null +++ b/modules.d/TSK_CustomerExperience.conf @@ -0,0 +1,31 @@ +{ + "name" : "Remove Customer xperiences Tasks", + "description" : "Is mostly consist of user data analyse for user experience", + "actions" : + [ + { + "_comment" : "", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Customer Experience Improvement Program\\", + "name" : "BthSQM" + }, + { + "_comment" : "Disable user data consolidation and sent to Microsoft (if user subscribe to MS User Experience program)", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Customer Experience Improvement Program\\", + "name" : "Consolidator" + }, + { + "_comment" : "", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Customer Experience Improvement Program\\", + "name" : "KernelCeipTask" + }, + { + "_comment" : "Disable USB data collect and sent to Microsoft (if user subscribe to MS User Experience program)", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Customer Experience Improvement Program\\", + "name" : "UsbCeip" + } + ] +} diff --git a/modules.d/TSK_Feedback.conf b/modules.d/TSK_Feedback.conf new file mode 100644 index 0000000..bc7a953 --- /dev/null +++ b/modules.d/TSK_Feedback.conf @@ -0,0 +1,19 @@ +{ + "name" : "User feedback tasks", + "description" : "Disable User Feedback tasks", + "actions" : + [ + { + "_comment" : "", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Feedback\\Siuf\\", + "name" : "DmClient" + }, + { + "_comment" : "", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Feedback\\Siuf\\", + "name" : "DmClientOnScenarioDownload" + } + ] +} diff --git a/modules.d/TSK_LocationMaps.conf b/modules.d/TSK_LocationMaps.conf new file mode 100644 index 0000000..a9cb1c6 --- /dev/null +++ b/modules.d/TSK_LocationMaps.conf @@ -0,0 +1,31 @@ +{ + "name" : "Location and Maps Tasks", + "description" : "Remove Location ans Maps relative tasks", + "actions" : + [ + { + "_comment" : "Disable location notification task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Location\\", + "name" : "Notifications" + }, + { + "_comment" : "", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Location\\", + "name" : "WindowsActionDialog" + }, + { + "_comment" : "Disable maps toasts task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Maps\\", + "name" : "\\MapsToastTask" + }, + { + "_comment" : "Disable maps update task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Maps\\", + "name" : "MapsUpdateTask" + } + ] +} diff --git a/modules.d/TSK_Shell.conf b/modules.d/TSK_Shell.conf new file mode 100644 index 0000000..59e302d --- /dev/null +++ b/modules.d/TSK_Shell.conf @@ -0,0 +1,25 @@ +{ + "name" : "Remove Windows shell Tasks", + "description" : "Disable tasks relative to parental lock", + "actions" : + [ + { + "_comment" : "Disable sync setting with Microsoft familly service task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Shell\\", + "name" : "FamilySafetyMonitorToastTask" + }, + { + "_comment" : "Disable parental lock monitor task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\shell\\", + "name" : "FamilySafetyMonitor" + }, + { + "_comment" : "Disable parental lock update task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Shell\\", + "name" : "FamilySafetyRefreshTask" + } + ] +} diff --git a/modules.d/TSK_Various.conf b/modules.d/TSK_Various.conf new file mode 100644 index 0000000..c353865 --- /dev/null +++ b/modules.d/TSK_Various.conf @@ -0,0 +1,97 @@ +{ + "name" : "Varisous Tasks", + "description" : "Unsorted Task to disable", + "actions" : + [ + { + "_comment" : "Disable proxy for telemetry data", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Autochk\\", + "name" : "Proxy" + }, + { + "_comment" : "Disable Windows Store licence check task, task exist but Get-ScheduledTask doesn't found it!", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Clip\\", + "name" : "License Validation" + }, + { + "_comment" : "", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\CloudExperienceHost\\", + "name" : "CloudExperienceHost" + }, + { + "_comment" : "", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Device Information\\", + "name" : "device" + }, + { + "_comment" : "Disable disk diagnostic data collect and sent task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\DiskDiagnostic\\", + "name" : "Microsoft-Windows-DiskDiagnosticDataCollector" + }, + { + "_comment" : "Disable exchanges temporary preinstalled licenses for Windows Store licenses task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\License Manager\\", + "name" : "TempSignedLicenseExchange" + }, + { + "_comment" : "Disable system performance probe task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Maintenance\\", + "name" : "WinSAT" + }, + { + "_comment" : "Disable network information data collect", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\NetTrace\\", + "name" : "GatherNetworkInfo" + }, + { + "_comment" : "disable secure boot and boot time data collect and analysis task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\PI\\", + "name" : "Sqm-Tasks" + }, + { + "_comment" : "Disable system analysis for power managment efficiency", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Power Efficiency Diagnostics\\", + "name" : "AnalyzeSystem" + }, + { + "_comment" : "On my test system this task do not exist", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\RetailDemo\\", + "name" : "CleanupOfflineContent" + }, + { + "_comment" : "Disable backgroud upload settings to Microsoft servers task (for sync I suppose)", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\SettingSync\\", + "name" : "BackgroundUploadTask" + }, + { + "_comment" : "Disable speech model download task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Speech\\", + "name" : "SpeechModelDownloadTask" + }, + { + "_comment" : "Disable queued data report analysis and sent task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Windows Error Reporting\\", + "name" : "Windows Error Reporting" + }, + { + "_comment" : "Disable automatic application update from Microsoft Store task", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\WindowsUpdate\\", + "name" : "Automatic App Update" + } + ] +} From 91ba06eaef475cf4b90fa2cd6ce399a9eb152ab8 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 11:46:11 +0200 Subject: [PATCH 57/91] Corrections for tasks modules --- modules.d/TSK_ApplicationExperiences.conf | 2 +- modules.d/TSK_LocationMaps.conf | 2 +- modules.d/TSK_Various.conf | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules.d/TSK_ApplicationExperiences.conf b/modules.d/TSK_ApplicationExperiences.conf index e448f52..d9537cc 100644 --- a/modules.d/TSK_ApplicationExperiences.conf +++ b/modules.d/TSK_ApplicationExperiences.conf @@ -25,7 +25,7 @@ "_comment" : "Disable startup tasks analyser and user notification", "action" : "RemoveScheduledTask", "path" : "\\Microsoft\\Windows\\Application Experience\\", - "name" : "AitAgent" + "name" : "StartupAppTask" } ] } diff --git a/modules.d/TSK_LocationMaps.conf b/modules.d/TSK_LocationMaps.conf index a9cb1c6..0d11986 100644 --- a/modules.d/TSK_LocationMaps.conf +++ b/modules.d/TSK_LocationMaps.conf @@ -19,7 +19,7 @@ "_comment" : "Disable maps toasts task", "action" : "RemoveScheduledTask", "path" : "\\Microsoft\\Windows\\Maps\\", - "name" : "\\MapsToastTask" + "name" : "MapsToastTask" }, { "_comment" : "Disable maps update task", diff --git a/modules.d/TSK_Various.conf b/modules.d/TSK_Various.conf index c353865..1957654 100644 --- a/modules.d/TSK_Various.conf +++ b/modules.d/TSK_Various.conf @@ -19,7 +19,7 @@ "_comment" : "", "action" : "RemoveScheduledTask", "path" : "\\Microsoft\\Windows\\CloudExperienceHost\\", - "name" : "CloudExperienceHost" + "name" : "CreateObjectTask" }, { "_comment" : "", @@ -85,7 +85,7 @@ "_comment" : "Disable queued data report analysis and sent task", "action" : "RemoveScheduledTask", "path" : "\\Microsoft\\Windows\\Windows Error Reporting\\", - "name" : "Windows Error Reporting" + "name" : "QueueReporting" }, { "_comment" : "Disable automatic application update from Microsoft Store task", From 9cd6d3a7f531f00f430a6bfb0794f63af04dcb72 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 11:50:29 +0200 Subject: [PATCH 58/91] Add MNO Metadata Parser task to remove --- modules.d/TSK_Various.conf | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/modules.d/TSK_Various.conf b/modules.d/TSK_Various.conf index 1957654..74227f4 100644 --- a/modules.d/TSK_Various.conf +++ b/modules.d/TSK_Various.conf @@ -45,6 +45,12 @@ "path" : "\\Microsoft\\Windows\\Maintenance\\", "name" : "WinSAT" }, + { + "_comment" : "Disable mobile broadband data analysis and sent to Microsoft", + "action" : "RemoveScheduledTask", + "path" : "\\Microsoft\\Windows\\Mobile Broadband Accounts\\", + "name" : "MNO Metadata Parsee" + }, { "_comment" : "Disable network information data collect", "action" : "RemoveScheduledTask", From 6151c51531c56269323b5559381dab6a91fbaacc Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 15:16:22 +0200 Subject: [PATCH 59/91] BlockHostByIP() use GetAddressIP instead ResolvDNSName to retrieve IP with hostname --- cleanW10.ps1 | 11 ++++++----- modules.d/FW_BlockIP/telemetry.txt | 4 ++-- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 9717fe9..8397c05 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -63,14 +63,15 @@ function BlockHostByIP { param( [string]$hostname ) - $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | select Address,Type | Where { $_.type -match "^A{1,4}$" } + $resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString + #$resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | select Address,Type | Where { $_.type -match "^A{1,4}$" } $resolv | Foreach { - Write-Host -NoNewLine "`t`t" - if ($_.Address -match $IP4_REGEX ) { Write-Debug "Found a valid IPv4 $($_.Address)" } - $ip = $_.Address + Write-Host -NoNewLine "`t" + $ip = $_.IPAddressToString + Write-Debug "Found a valid IP $($_.IPAddressToString)" $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule if ( $rule ) { - write-host -NoNewLine "FW Rule exist : " + write-host -NoNewLine "`tFW Rule exist : " write-host -ForegroundColor yellow $rule.name } else { diff --git a/modules.d/FW_BlockIP/telemetry.txt b/modules.d/FW_BlockIP/telemetry.txt index b35786f..b4c2ce2 100644 --- a/modules.d/FW_BlockIP/telemetry.txt +++ b/modules.d/FW_BlockIP/telemetry.txt @@ -349,7 +349,7 @@ 195.138.255.0-195.138.255.255 213.199.179.0-213.199.179.255 191.232.139.2-191.232.139.255 -=23.55.155.27 +23.55.155.27 23.214.171.90 64.4.11.25 65.52.100.46 @@ -363,4 +363,4 @@ 221.221.112.129 221.221.112.145 221.221.112.160 -221.221.112.203 +221.221.112.203 \ No newline at end of file From 97b826a91548cb8c5122699fe6d418434aa84719 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 22:12:48 +0200 Subject: [PATCH 60/91] Revert to Resolve-DnsName in BlockHostByIP(), File in BlockHost() can use comment --- cleanW10.ps1 | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 8397c05..8ee4f23 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -26,7 +26,7 @@ function BlockHost { [object]$params ) if ( $params.ContainsKey('file') ) { - Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line;firewall=$params.firewall} } + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach{ BlockHost -params @{host=$_;firewall=$params.firewall} } } elseif ( $params.ContainsKey('host') -and $params.host -ne "" ) { Write-Host "`n`tBlock host $($params.host) : " @@ -63,12 +63,12 @@ function BlockHostByIP { param( [string]$hostname ) - $resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString - #$resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | select Address,Type | Where { $_.type -match "^A{1,4}$" } + #$resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString + $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | Where { $_.type -match "^A{1,4}$" } | select Address $resolv | Foreach { Write-Host -NoNewLine "`t" - $ip = $_.IPAddressToString - Write-Debug "Found a valid IP $($_.IPAddressToString)" + $ip = $_.Address + Write-Debug "Found a valid IP $ip" $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule if ( $rule ) { write-host -NoNewLine "`tFW Rule exist : " @@ -107,10 +107,11 @@ function FwBlockOutputIP { else { $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.name + "-" + $params.ip } - Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : " - if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { - Write-Host -ForegroundColor Yellow "already exist" - return + Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : " + $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $params.ip } | Get-NetFirewallRule + if ( $rule ) { + write-host -NoNewLine " exist : " + write-host -ForegroundColor yellow $rule.name } else { Try { From 915ba84aa1202fc4abd1605186e782a1552a2fcf Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 22:13:31 +0200 Subject: [PATCH 61/91] Modify IPs --- modules.d/FW_BlockIP/skype-msn.txt | 8 +------- modules.d/FW_BlockIP/telemetry.txt | 5 ----- 2 files changed, 1 insertion(+), 12 deletions(-) diff --git a/modules.d/FW_BlockIP/skype-msn.txt b/modules.d/FW_BlockIP/skype-msn.txt index d7e518d..a15ccf7 100644 --- a/modules.d/FW_BlockIP/skype-msn.txt +++ b/modules.d/FW_BlockIP/skype-msn.txt @@ -26,10 +26,4 @@ 157.56.109.8 157.56.123.82 157.56.114.104 -157.56.194.24 -207.46.11.252 -207.46.194.8 -207.46.194.10 -207.46.194.14 -207.46.194.25 -207.46.194.33 \ No newline at end of file +157.56.194.24 \ No newline at end of file diff --git a/modules.d/FW_BlockIP/telemetry.txt b/modules.d/FW_BlockIP/telemetry.txt index b4c2ce2..75cac75 100644 --- a/modules.d/FW_BlockIP/telemetry.txt +++ b/modules.d/FW_BlockIP/telemetry.txt @@ -325,11 +325,6 @@ 204.79.197.213 207.123.34.126 207.123.56.252 -207.46.7.252 -207.46.101.29 -207.46.114.58 -207.46.114.61 -207.46.223.94 207.68.166.254 212.30.134.204 212.30.134.205 From 335ba9b5484a1175f35ff0190e474b6b47e07100 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 22:43:35 +0200 Subject: [PATCH 62/91] Error if .firewall was null for file in BlockHost() --- cleanW10.ps1 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 8ee4f23..eea54de 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -26,6 +26,9 @@ function BlockHost { [object]$params ) if ( $params.ContainsKey('file') ) { + if ( -not $params.ContainsKey('firewall') -or $params.firewall -eq "" ) { + $params.firewall = $false + } Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach{ BlockHost -params @{host=$_;firewall=$params.firewall} } } elseif ( $params.ContainsKey('host') -and $params.host -ne "" ) { From 4c4ec03375e993de6af2d9bdd285c01d1958513e Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 22:44:38 +0200 Subject: [PATCH 63/91] Reworked FW_Hosts module and files --- modules.d/{BlockHosts.conf => FW_Hosts.conf} | 2 +- modules.d/{BlockHosts => FW_Hosts}/base.txt | 10 +++++----- modules.d/{BlockHosts => FW_Hosts}/mcafee.txt | 0 .../{BlockHosts => FW_Hosts}/ms-skype-messenger.txt | 3 +-- 4 files changed, 7 insertions(+), 8 deletions(-) rename modules.d/{BlockHosts.conf => FW_Hosts.conf} (85%) rename modules.d/{BlockHosts => FW_Hosts}/base.txt (97%) rename modules.d/{BlockHosts => FW_Hosts}/mcafee.txt (100%) rename modules.d/{BlockHosts => FW_Hosts}/ms-skype-messenger.txt (93%) diff --git a/modules.d/BlockHosts.conf b/modules.d/FW_Hosts.conf similarity index 85% rename from modules.d/BlockHosts.conf rename to modules.d/FW_Hosts.conf index 195bd0f..f65f46a 100644 --- a/modules.d/BlockHosts.conf +++ b/modules.d/FW_Hosts.conf @@ -10,7 +10,7 @@ }, { "action" : "BlockHost", - "file" : "ms-skype-messeger.txt" + "file" : "ms-skype-messenger.txt" } ] } diff --git a/modules.d/BlockHosts/base.txt b/modules.d/FW_Hosts/base.txt similarity index 97% rename from modules.d/BlockHosts/base.txt rename to modules.d/FW_Hosts/base.txt index 7480605..451d401 100644 --- a/modules.d/BlockHosts/base.txt +++ b/modules.d/FW_Hosts/base.txt @@ -29,7 +29,6 @@ a23-67-60-97.deploy.static.akamaitechnologies.com a23-9-123-27.deploy.static.akamaitechnologies.com a569.g.akamai.net activity.windows.com -ad.doubleclick.net ads.msn.com ads.msn.com.nsatc.net ads1.msads.net @@ -66,7 +65,10 @@ e2236.g.akamaiedge.net e7173.g.akamaiedge.net e8011.g.akamaiedge.net fe1.update.microsoft.com.akadns.net -fe2.update.microsoft.com.akadns.net + +#Problem with windows update +#fe2.update.microsoft.com.akadns.net + fe3.delivery.dsp.mp.microsoft.com.nsatc.net feedback.microsoft-hohm.com feedback.search.microsoft.com @@ -138,13 +140,11 @@ survey.watson.microsoft.com t.urs.microsoft.com.nsatc.net telecommand.telemetry.microsoft.com telemetry.appex.bing.net -telemetry.appex.bing.net:443 telemetry.appex.search.prod.ms.akadns.net telemetry.microsoft.com telemetry.urs.microsoft.com tunnel.cfw.trustedsource.org uci.officeapps.live.com -updatekeepalive.mcafee.com urs.smartscreen.microsoft.com v10.vortex-win.data.microsoft.com vortex-sandbox.data.glbdns2.microsoft.com @@ -158,4 +158,4 @@ watson.telemetry.microsoft.com wes.df.telemetry.microsoft.com win10.ipv6.microsoft.com www.msftconnecttest.com -www.msftncsi.com +www.msftncsi.com \ No newline at end of file diff --git a/modules.d/BlockHosts/mcafee.txt b/modules.d/FW_Hosts/mcafee.txt similarity index 100% rename from modules.d/BlockHosts/mcafee.txt rename to modules.d/FW_Hosts/mcafee.txt diff --git a/modules.d/BlockHosts/ms-skype-messenger.txt b/modules.d/FW_Hosts/ms-skype-messenger.txt similarity index 93% rename from modules.d/BlockHosts/ms-skype-messenger.txt rename to modules.d/FW_Hosts/ms-skype-messenger.txt index 9acce47..2cd994b 100644 --- a/modules.d/BlockHosts/ms-skype-messenger.txt +++ b/modules.d/FW_Hosts/ms-skype-messenger.txt @@ -17,10 +17,9 @@ live.rads.msn.com m.hotmail.com mscrl.microsoft.com msnbot-65-55-108-23.search.msn.com -preview.msn.com rad.live.com rad.msn.com rpt.msn.com s.gateway.messenger.live.com otf.msn.com -ui.skype.com +ui.skype.com \ No newline at end of file From a4df335b4924e2e408f043cc2291a982ade8ce20 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 22:48:14 +0200 Subject: [PATCH 64/91] Remove Mc Afee host textfile in FW_Hosts module --- modules.d/FW_Hosts/mcafee.txt | 2 -- 1 file changed, 2 deletions(-) delete mode 100644 modules.d/FW_Hosts/mcafee.txt diff --git a/modules.d/FW_Hosts/mcafee.txt b/modules.d/FW_Hosts/mcafee.txt deleted file mode 100644 index 631f973..0000000 --- a/modules.d/FW_Hosts/mcafee.txt +++ /dev/null @@ -1,2 +0,0 @@ -su3.mcafee.com -sm.mcafee.com From 545a63db036bcd830d3af93b40fc0efa0c844b9d Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 4 Apr 2018 23:30:08 +0200 Subject: [PATCH 65/91] Rework DisableService() --- cleanW10.ps1 | 54 +++++++++++++++++++++++++--------------------------- 1 file changed, 26 insertions(+), 28 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index eea54de..15df906 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -101,7 +101,7 @@ function FwBlockOutputIP { [object]$params ) if ( $params.ContainsKey('file') ) { - foreach ($line in Get-Content $params.file ){ FwBlockOutputIP @{"ip"="$line"} } + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockOutputIP @{ip=$_} } } elseif ( $params.ContainsKey('ip') ) { if (-not $params.ContainsKey('name') -or $params.name -eq "" ) { @@ -145,7 +145,7 @@ function FwBlockProgram { [object]$params ) if ( $params.ContainsKey('file') ) { - foreach ($line in Get-Content $params.file ){ FwBlockProgram @{"path"="$line"} } + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockProgram @{path=$_} } } elseif ( $params.ContainsKey('path') ) { $path = Invoke-Expression """$($params.path)""" @@ -188,9 +188,7 @@ function RemoveScheduledTask () { [object]$params ) if ( $params.ContainsKey('file') ) { - Get-Content $params.file | foreach { - RemoveScheduledTask @{name=$_} - } + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { RemoveScheduledTask @{name=$_} } } elseif ( $params.ContainsKey('name') ) { $command = "Get-ScheduledTask -ErrorAction Stop -TaskName `"$($params.name)`"" @@ -354,9 +352,7 @@ function DisableFeature { [object]$params ) if ( $params.ContainsKey('file') ) { - Get-Content $params.file | foreach { - DisableFeature @{name=$_} - } + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { DisableFeature @{name=$_} } } elseif ( $params.ContainsKey('name') ) { $feature = $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English) @@ -397,11 +393,11 @@ function UninstallModernApp { ) if ( $params.ContainsKey('file') ) { $pkgs = $(Get-AppxPackage -AllUsers).name - $uninstall_list = Get-Content $params.file - $pkgs | Where-Object { $_ -in $uninstall_list } | foreach { + $uninstall_list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } + $pkgs | Where-Object { $_ -in $uninstall_list } | Foreach { UninstallModernApp @{name=$_} } - $uninstall_list | Where-Object { $_ -notin $pkgs } | foreach { + $uninstall_list | Where-Object { $_ -notin $pkgs } | Foreach { Write-Host -ForegroundColor Yellow "`tModern App $_ not installed" } } @@ -440,11 +436,11 @@ function UninstallModernProvisonnedApp { if ( $params.ContainsKey('file') ) { $pkgs = $(Get-AppxProvisionedPackage -Online).DisplayName - $list = Get-Content $params.file - $pkgs | Where-Object { $_ -in $list } | foreach { + $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } + $pkgs | Where-Object { $_ -in $list } | Foreach { UninstallModernProvisonnedApp @{name=$_} } - $list | Where-Object { $_ -notin $pkgs } | foreach { + $list | Where-Object { $_ -notin $pkgs } | Foreach { Write-Host -ForegroundColor Yellow "`tProvisionned App $_ not found" } } @@ -478,8 +474,8 @@ function DisableService { [object]$params ) if ( $params.ContainsKey('file') ) { - $services = $(Get-Service).name - $list = Get-Content $params.file + $services = $(Get-Service).name + $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } $services | Where-Object { $_ -in $list } | Foreach { DisableService @{name=$_} } @@ -489,22 +485,24 @@ function DisableService { } } elseif ( $params.ContainsKey('name') ) { + $service = Get-Service -Name $params.name + if ( -not $service ){ + Write-Host -ForegroundColor "`t Service $($params.name) not found" + return + } + Write-Host -NoNewline "`tDisable service $($params.name) : " + if ( $service.StartType -eq "Disable") { + Write-Host -ForegroundColor Yellow "already disabled" + return + } try { - $service = Get-Service -Name $params.name - if ( -not $service ){ - Write-Host -ForegroundColor "`t Service $($params.name) not found" - return - } - Write-Host -NoNewline "`tDisable service $($params.name) : " - if ( $service.StartType -eq "Disable") { - Write-Host -ForegroundColor Yellow "already disabled" - return - } - Stop-Service -InputObject $service -PassThru | Set-Service -StartupType disabled + + Stop-Service -InputObject $service + $service | Set-Service -StartupType disabled -ErrorAction Stop Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" + Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } finally { From 7466a25ac2724d524938a6f5331ac8ea73a1811d Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Thu, 5 Apr 2018 00:06:04 +0200 Subject: [PATCH 66/91] Modify IP ranges --- modules.d/FW_BlockIP/telemetry.txt | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/modules.d/FW_BlockIP/telemetry.txt b/modules.d/FW_BlockIP/telemetry.txt index 75cac75..ac753b8 100644 --- a/modules.d/FW_BlockIP/telemetry.txt +++ b/modules.d/FW_BlockIP/telemetry.txt @@ -333,17 +333,17 @@ 216.58.209.166 216.58.211.102 216.58.213.134 -64.4.23.0-64.4.23.255 -65.55.223.0-65.55.223.255 -157.55.52.0-157.55.52.255 -157.55.56.0-157.55.56.255 -157.55.235.0-157.55.235.255 -111.221.64.0-111.221.127.255 -157.55.130.0-157.55.130.255 -157.55.236.0-157.55.236.255 -195.138.255.0-195.138.255.255 -213.199.179.0-213.199.179.255 -191.232.139.2-191.232.139.255 +64.4.23.0/24 +65.55.223.0/24 +157.55.52.0/24 +157.55.56.0/24 +157.55.235.0/24 +111.221.64.0/24 +157.55.130.0/24 +157.55.236.0/24 +195.138.255.0/24 +213.199.179.0/24 +191.232.139.2/24 23.55.155.27 23.214.171.90 64.4.11.25 From 3cc0e7528911bdb5275b1d5ece4066503665cdaa Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 6 Apr 2018 08:59:11 +0200 Subject: [PATCH 67/91] Add a _H_ where firewall rue is created with hostname --- cleanW10.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 15df906..2a9edb4 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -80,7 +80,7 @@ function BlockHostByIP { else { FwBlockOutputIP @{ ip=$ip; - name=$hostname + name="H_$hostname" } } } From 0529b16387e0c9d9f171d81b91d8d7a01025b0e4 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 9 Apr 2018 16:27:16 +0200 Subject: [PATCH 68/91] Powershell script is now process in ExecCommand() --- cleanW10.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 2a9edb4..357bca3 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -593,7 +593,7 @@ function ExecCommand { $args = $params.arguments.Replace("##mod_path##", $script:current_module_path) Write-Host -NoNewline "`tExecute : $path : " $path = Invoke-Expression """$($path)""" - if ( -not (Test-Path $path) -or -not $path -eq "powershell" ) { + if ( -not (Test-Path $path) -and -not $path -eq "powershell" ) { Write-Host -ForegroundColor Yellow "File not found" return } From 1739c2f8005fbc224efc5d4c502059cd432ae015 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 10 Apr 2018 15:35:41 +0200 Subject: [PATCH 69/91] Rework ExecCommand() --- cleanW10.ps1 | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 357bca3..8bd87d9 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -598,8 +598,7 @@ function ExecCommand { return } try { - Start-Process -wait -filepath $path -ArgumentList $args.split(" ") - Write-Host -ForegroundColor Green "done" + Start-Process -NoNewWindow -wait -filepath $path -ArgumentList $args } catch { Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" From 5536ab63b335c5391649a632d06b11ac9d1d710f Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 10 Apr 2018 17:16:19 +0200 Subject: [PATCH 70/91] Syntax error in RemoveModernApp() --- cleanW10.ps1 | 12 ++++++------ modules.d/UninstallModernApp.conf | 8 ++++---- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 8bd87d9..63b6878 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -416,12 +416,12 @@ function UninstallModernApp { Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" return } - if ( $params.ContainsKey('removeProvisionned' ) ) { - UninstallModernProvisonnedApp $params + if ( $params.ContainsKey('removeProvisioned') -and $params.removeProvisioned -eq $true ) { + UninstallModernProvisionedApp $params } } -function UninstallModernProvisonnedApp { +function UninstallModernProvisionedApp { param( [cmdletbinding( DefaultParameterSetName='params' @@ -438,14 +438,14 @@ function UninstallModernProvisonnedApp { $pkgs = $(Get-AppxProvisionedPackage -Online).DisplayName $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } $pkgs | Where-Object { $_ -in $list } | Foreach { - UninstallModernProvisonnedApp @{name=$_} + UninstallModernProvisionedApp @{name=$_} } $list | Where-Object { $_ -notin $pkgs } | Foreach { - Write-Host -ForegroundColor Yellow "`tProvisionned App $_ not found" + Write-Host -ForegroundColor Yellow "`tProvisioned App $_ not found" } } elseif ( $params.ContainsKey('name') ){ - Write-Host -NoNewLine "`tUninstall Provisonned $($params.name) :" + Write-Host -NoNewLine "`tUninstall Provisioned $($params.name) :" try { $(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -eq $($params.name) }) | Remove-AppxProvisionedPackage -Online | Out-Null Write-Host -ForegroundColor Green "done" diff --git a/modules.d/UninstallModernApp.conf b/modules.d/UninstallModernApp.conf index c103e4d..fb15da7 100644 --- a/modules.d/UninstallModernApp.conf +++ b/modules.d/UninstallModernApp.conf @@ -12,7 +12,7 @@ "_comment" : "Uninstall Windows Maps", "action" : "UninstallModernApp", "name" : "Microsoft.WindowsMaps", - "removeProvisonned" : "True" + "removeProvisioned" : true }, { "_comment" : "Disable xbox services for uninstall Apps", @@ -35,19 +35,19 @@ "_comment" : "Uninstall Xbox Apps", "action" : "UninstallModernApp", "file" : "XboxApps.txt", - "removeProvisonned" : "True" + "removeProvisioned" : true }, { "_comment" : "Uninstall Microsoft Apps", "action" : "UninstallModernApp", "file" : "MicrosoftApps.txt", - "removeProvisionned" : "True" + "removeProvisioned" : true }, { "_comment" : "Uninstall third party apps", "action" : "UninstallModernApp", "file" : "OthersApps.txt", - "removeProvisionned" : "True" + "removeProvisioned" : true } ] } From 62e6d18efd9f43e5781d536abe10c772ed7e7b88 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 11 Apr 2018 21:17:01 +0200 Subject: [PATCH 71/91] Remove provisioned package before uninstall it for users --- cleanW10.ps1 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 63b6878..4e8fdab 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -391,6 +391,9 @@ function UninstallModernApp { )] [object]$params ) + if ( $params.ContainsKey('removeProvisioned') -and $params.removeProvisioned -eq $true ) { + UninstallModernProvisionedApp $params + } if ( $params.ContainsKey('file') ) { $pkgs = $(Get-AppxPackage -AllUsers).name $uninstall_list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } @@ -416,9 +419,6 @@ function UninstallModernApp { Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" return } - if ( $params.ContainsKey('removeProvisioned') -and $params.removeProvisioned -eq $true ) { - UninstallModernProvisionedApp $params - } } function UninstallModernProvisionedApp { From 186b8b04eb1d4d0b6150c5425edc03d8e7d8e452 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 11 Apr 2018 21:20:35 +0200 Subject: [PATCH 72/91] Better output for DelRegKey() --- cleanW10.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 4e8fdab..4e14174 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -319,7 +319,7 @@ function DelRegKey { return } try { - Get-ItemProperty -Path $params.path -Name $params.key + Get-ItemProperty -Path $params.path -Name $params.key | Out-Null } catch { Write-Host -ForegroundColor Yellow "key already deleted" @@ -327,7 +327,7 @@ function DelRegKey { } try { - #Remove-ItemProperty -Path $params.path -Name $params.key + Remove-ItemProperty -Path $params.path -Name $params.key Write-host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ From 2d9dc9743b852b3534819b39b4f06a68138f3662 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 11 Apr 2018 22:04:18 +0200 Subject: [PATCH 73/91] Re-indent all file --- cleanW10.ps1 | 626 +++++++++++++++++++++++++-------------------------- 1 file changed, 313 insertions(+), 313 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 4e14174..b774f9b 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -1,9 +1,9 @@ param ( - [cmdletbinding()] - [string]$dir="modules.d", - [string]$module, - [switch]$debug = $false -) + [cmdletbinding()] + [string]$dir="modules.d", + [string]$module, + [switch]$debug = $false + ) #requires -RunAsAdministrator Import-Module NetSecurity #Useful to manipulate firewall rules @@ -18,94 +18,94 @@ $ProgressPreference = "SilentlyContinue" #Thanks to https://gist.github.com/markembling/173887 function BlockHost { param( - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) - if ( $params.ContainsKey('file') ) { - if ( -not $params.ContainsKey('firewall') -or $params.firewall -eq "" ) { - $params.firewall = $false + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + if ( $params.ContainsKey('file') ) { + if ( -not $params.ContainsKey('firewall') -or $params.firewall -eq "" ) { + $params.firewall = $false + } + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach{ BlockHost -params @{host=$_;firewall=$params.firewall} } } - Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach{ BlockHost -params @{host=$_;firewall=$params.firewall} } - } elseif ( $params.ContainsKey('host') -and $params.host -ne "" ) { - Write-Host "`n`tBlock host $($params.host) : " - try { - if ( $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ - #If host is inhosts.conf, verify that ip is blocked in FW - if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { - $tmp = Get-Content $HOST_FILE | Where { $_ -ne "$HOST_IP`t`t$($params.host)" } - Set-Content $HOST_FILE $tmp - BlockHostByIP $params.host + Write-Host "`n`tBlock host $($params.host) : " + try { + if ( $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ +#If host is inhosts.conf, verify that ip is blocked in FW + if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { + $tmp = Get-Content $HOST_FILE | Where { $_ -ne "$HOST_IP`t`t$($params.host)" } + Set-Content $HOST_FILE $tmp + BlockHostByIP $params.host + $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE + } + Write-Host -ForegroundColor Yellow "`t`tHost Already blocked" + } + else { + if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { + BlockHostByIP $params.host + } $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE + Write-Host -ForegroundColor Green "`t`tHost blocked" } - Write-Host -ForegroundColor Yellow "`t`tHost Already blocked" } - else { - if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { - BlockHostByIP $params.host - } - $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE - Write-Host -ForegroundColor Green "`t`tHost blocked" - } - } catch { Write-Host -NoNewline -ForegroundColor Red "`t`terror`n`t`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } - else { - Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" - } + else { + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + } } function BlockHostByIP { param( - [string]$hostname - ) - #$resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString - $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | Where { $_.type -match "^A{1,4}$" } | select Address - $resolv | Foreach { - Write-Host -NoNewLine "`t" - $ip = $_.Address - Write-Debug "Found a valid IP $ip" - $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule - if ( $rule ) { - write-host -NoNewLine "`tFW Rule exist : " - write-host -ForegroundColor yellow $rule.name + [string]$hostname + ) + #$resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString + $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | Where { $_.type -match "^A{1,4}$" } | select Address + $resolv | Foreach { + Write-Host -NoNewLine "`t" + $ip = $_.Address + Write-Debug "Found a valid IP $ip" + $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule + if ( $rule ) { + write-host -NoNewLine "`tFW Rule exist : " + write-host -ForegroundColor yellow $rule.name + } + else { + FwBlockOutputIP @{ + ip=$ip; + name="H_$hostname" + } + } } - else { - FwBlockOutputIP @{ - ip=$ip; - name="H_$hostname" - } - } - } } function IsHostAlreadyBlocked { param([string]$filename, [string]$hostname) - $c = Get-Content $filename | where { $_ -eq "$HOST_IP`t`t$hostname" } + $c = Get-Content $filename | where { $_ -eq "$HOST_IP`t`t$hostname" } Write-Debug "`tMatch hostname on host file : $c" - if ( $c ) { - return $true - } + if ( $c ) { + return $true + } return $false } function FwBlockOutputIP { param( - [object]$params - ) - if ( $params.ContainsKey('file') ) { - Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockOutputIP @{ip=$_} } - } + [object]$params + ) + if ( $params.ContainsKey('file') ) { + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockOutputIP @{ip=$_} } + } elseif ( $params.ContainsKey('ip') ) { if (-not $params.ContainsKey('name') -or $params.name -eq "" ) { - $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.ip + $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.ip } else { $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.name + "-" + $params.ip @@ -113,8 +113,8 @@ function FwBlockOutputIP { Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : " $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $params.ip } | Get-NetFirewallRule if ( $rule ) { - write-host -NoNewLine " exist : " - write-host -ForegroundColor yellow $rule.name + write-host -NoNewLine " exist : " + write-host -ForegroundColor yellow $rule.name } else { Try { @@ -122,114 +122,114 @@ function FwBlockOutputIP { } Catch { Write-Host -ForegroundColor Red "error" - return + return } Write-Host -ForegroundColor Green "done" } } else { - Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" } } function FwBlockProgram { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) - if ( $params.ContainsKey('file') ) { - Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockProgram @{path=$_} } - } + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + if ( $params.ContainsKey('file') ) { + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockProgram @{path=$_} } + } elseif ( $params.ContainsKey('path') ) { $path = Invoke-Expression """$($params.path)""" - if ( -not $params.ContainsKey('name') -or $params.name -eq "" ) { - $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.path - } + if ( -not $params.ContainsKey('name') -or $params.name -eq "" ) { + $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.path + } $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.name - Write-Host -NoNewline "`tAdd FW program rule $name ($($path)) : " - if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { - Write-Host -ForegroundColor Yellow "already exist" - return - } + Write-Host -NoNewline "`tAdd FW program rule $name ($($path)) : " + if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { + Write-Host -ForegroundColor Yellow "already exist" + return + } if ( -not (Test-Path $path) ) { Write-Host -Foregroundcolor Red "Error (path not found)" - return + return } try { New-NetFirewallRule -Name "$name" -DisplayName "$name (program : $($params.path))" -Program "$path" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress any -Action Block | Out-Null - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { Write-Host -ForegroundColor Red "error" } } else { - Write-Host -ForegroundColor Red "`tError : No path or file for action $($MyInvocation.MyCommand.Name)" + Write-Host -ForegroundColor Red "`tError : No path or file for action $($MyInvocation.MyCommand.Name)" } } function RemoveScheduledTask () { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) - if ( $params.ContainsKey('file') ) { - Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { RemoveScheduledTask @{name=$_} } - } + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + if ( $params.ContainsKey('file') ) { + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { RemoveScheduledTask @{name=$_} } + } elseif ( $params.ContainsKey('name') ) { $command = "Get-ScheduledTask -ErrorAction Stop -TaskName `"$($params.name)`"" - if ($params.ContainsKey('path') -and $params.path -ne '') { - $command += " -TaskPath `"$($params.path)`"" - } - else { $params.path="" } + if ($params.ContainsKey('path') -and $params.path -ne '') { + $command += " -TaskPath `"$($params.path)`"" + } + else { $params.path="" } try { $task = Invoke-Expression $command - Write-Host -NoNewline "`tRemove task $($params.name) : " - $task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false - Write-Host -ForegroundColor Green "done" + Write-Host -NoNewline "`tRemove task $($params.name) : " + $task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false + Write-Host -ForegroundColor Green "done" } catch [Microsoft.PowerShell.Cmdletization.Cim.CimJobException]{ Write-Host -ForegroundColor Yellow "`tScheduled Task $($params.path)$($params.name) not found" } catch { Write-Host -NoNewLine -ForegroundColor Red "`tError in RemoveSheduledTask`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } else { - Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" } } function AddRegKey { param( - [Parameter(Mandatory=$true)] - [object]$params - ) - if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') ) { - Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value`n" - return - } + [Parameter(Mandatory=$true)] + [object]$params + ) + if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') ) { + Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value`n" + return + } if ( -not $params.ContainsKey('value') ) { $params.value = "" } if ( -not $params.ContainsKey('type') -or $params.type -eq "" ){ $params.type="DWord" } - - #When keypath start with HKCU, we need to apply it ro all users + + #When keypath start with HKCU, we need to apply it ro all users if ( ($params.path).StartsWith("HKCU") ) { $script:users | Foreach { #If so, we need to put the key on all users hives @@ -252,27 +252,27 @@ function AddRegKey { #Let's begin... Write-Host -NoNewline "`t$($params.path.substring(0,30))...$($params.key) reg key to $($params.value) : " - if ( -not (Test-Path $params.path) ){ - Write-Host -NoNewline -ForegroundColor DarkGreen "creating path " - try { - New-Item -Path $params.path -Force | Out-Null - } + if ( -not (Test-Path $params.path) ){ + Write-Host -NoNewline -ForegroundColor DarkGreen "creating path " + try { + New-Item -Path $params.path -Force | Out-Null + } - catch { - Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - return + catch { + Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } } - } # Test if the key already exist try { $current_value = Get-ItemPropertyValue -Path $params.path -Name $params.key - if ( $current_value -eq $params.value ) { - Write-Host -ForegroundColor Yellow "Already done" - return - } - else { Write-Host -NoNewline -ForegroundColor DarkGreen "old value $current_value " } + if ( $current_value -eq $params.value ) { + Write-Host -ForegroundColor Yellow "Already done" + return + } + else { Write-Host -NoNewline -ForegroundColor DarkGreen "old value $current_value " } } catch { Write-Host -NoNewline -ForegroundColor DarkGreen "new key " @@ -281,7 +281,7 @@ function AddRegKey { # Put the key try { Set-ItemProperty -Path $params.path -Name $params.key -Value $params.value -Type $params.type -Force - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ Write-Host -ForegroundColor Red "Error (access denied)" @@ -293,11 +293,11 @@ function AddRegKey { } function DelRegKey { - param( - [Parameter(Mandatory=$true)] - [object]$params - ) - #When keypath start with HKCU, we need to apply it ro all users + param( + [Parameter(Mandatory=$true)] + [object]$params + ) + #When keypath start with HKCU, we need to apply it ro all users if ( ($params.path).StartsWith("HKCU") ) { $script:users | Foreach { #If so, we need to put the key on all users hives @@ -316,128 +316,127 @@ function DelRegKey { Write-Host -NoNewline "`tDelete registery key $($params.key) : " if ( ! (Test-Path $params.path) ){ Write-Host -ForegroundColor Red " Error (path not found)" - return + return } try { Get-ItemProperty -Path $params.path -Name $params.key | Out-Null } catch { Write-Host -ForegroundColor Yellow "key already deleted" - return + return } try { - + Remove-ItemProperty -Path $params.path -Name $params.key - Write-host -ForegroundColor Green "done" + Write-host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ Write-Host -ForegroundColor Red "Error (access denied)" } catch { Write-Host -ForegroundColor Red -NoNewLine "Error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } function DisableFeature { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) if ( $params.ContainsKey('file') ) { Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { DisableFeature @{name=$_} } } elseif ( $params.ContainsKey('name') ) { - $feature = $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English) + $feature = $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English) $name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]} - if (-not $name){ - Write-Host -ForegroundColor Yellow "`tFeature $params.name not found" + if (-not $name){ + Write-Host -ForegroundColor Yellow "`tFeature $params.name not found" return - } - Write-Host -NoNewline "`tDisable Feature $name : " + } + Write-Host -NoNewline "`tDisable Feature $name : " if ( $($feature | Select-String "state") -match "Disable" ){ Write-Host -ForegroundColor Yellow "already disable" - return + return } try { Dism /online /Disable-Feature /FeatureName:$name /NoRestart | Out-Null - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { Write-Host -ForegroundColor Red "error" - } + } } else { - Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" } } function UninstallModernApp { param( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) if ( $params.ContainsKey('removeProvisioned') -and $params.removeProvisioned -eq $true ) { UninstallModernProvisionedApp $params } if ( $params.ContainsKey('file') ) { $pkgs = $(Get-AppxPackage -AllUsers).name - $uninstall_list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } + $uninstall_list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } $pkgs | Where-Object { $_ -in $uninstall_list } | Foreach { UninstallModernApp @{name=$_} } $uninstall_list | Where-Object { $_ -notin $pkgs } | Foreach { - Write-Host -ForegroundColor Yellow "`tModern App $_ not installed" - } + Write-Host -ForegroundColor Yellow "`tModern App $_ not installed" + } } elseif ( $params.ContainsKey('name') ) { Write-Host -NoNewLine "`tUninstall $($params.name) : " - try { - $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage -AllUsers) - Write-Host -ForegroundColor Green "done" - } + try { + $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage -AllUsers) + Write-Host -ForegroundColor Green "done" + } catch { - Write-Host -NoNewLine -ForegroundColor Red "Error `n`t" - write-Host -ForegroundColor DarkRed $_ + Write-Host -NoNewLine -ForegroundColor Red "Error `n`t" + write-Host -ForegroundColor DarkRed $_ } } else { Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" - return } } function UninstallModernProvisionedApp { param( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) - + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + if ( $params.ContainsKey('file') ) { - $pkgs = $(Get-AppxProvisionedPackage -Online).DisplayName - $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } - $pkgs | Where-Object { $_ -in $list } | Foreach { + $pkgs = $(Get-AppxProvisionedPackage -Online).DisplayName + $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } + $pkgs | Where-Object { $_ -in $list } | Foreach { UninstallModernProvisionedApp @{name=$_} } $list | Where-Object { $_ -notin $pkgs } | Foreach { @@ -446,36 +445,36 @@ function UninstallModernProvisionedApp { } elseif ( $params.ContainsKey('name') ){ Write-Host -NoNewLine "`tUninstall Provisioned $($params.name) :" - try { - $(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -eq $($params.name) }) | Remove-AppxProvisionedPackage -Online | Out-Null - Write-Host -ForegroundColor Green "done" - } + try { + $(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -eq $($params.name) }) | Remove-AppxProvisionedPackage -Online | Out-Null + Write-Host -ForegroundColor Green "done" + } catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - return - } + Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } } else { - Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" } } function DisableService { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) if ( $params.ContainsKey('file') ) { - $services = $(Get-Service).name - $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } + $services = $(Get-Service).name + $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } $services | Where-Object { $_ -in $list } | Foreach { DisableService @{name=$_} } @@ -486,24 +485,24 @@ function DisableService { } elseif ( $params.ContainsKey('name') ) { $service = Get-Service -Name $params.name - if ( -not $service ){ - Write-Host -ForegroundColor "`t Service $($params.name) not found" - return - } + if ( -not $service ){ + Write-Host -ForegroundColor "`t Service $($params.name) not found" + return + } Write-Host -NoNewline "`tDisable service $($params.name) : " - if ( $service.StartType -eq "Disable") { - Write-Host -ForegroundColor Yellow "already disabled" - return - } + if ( $service.StartType -eq "Disable") { + Write-Host -ForegroundColor Yellow "already disabled" + return + } try { - + Stop-Service -InputObject $service - $service | Set-Service -StartupType disabled -ErrorAction Stop - Write-Host -ForegroundColor Green "done" + $service | Set-Service -StartupType disabled -ErrorAction Stop + Write-Host -ForegroundColor Green "done" } catch { Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } finally { if ( $params.ContainsKey('userService') -and $params.userService -eq $true ) { @@ -524,21 +523,21 @@ function DisableService { function KillProcess { param( - [cmdletbinding( - DefaultParameterSetName='params' - )] + [cmdletbinding( + DefaultParameterSetName='params' + )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) Write-Host -NoNewLine "`tKilling $($params.name) : " try { - Stop-Process $(Get-Process $params.name -ErrorAction SilentlyContinue ) - Write-Host -ForegroundColor Green "Done" + Stop-Process $(Get-Process $params.name -ErrorAction SilentlyContinue ) + Write-Host -ForegroundColor Green "Done" } catch { Write-host -ForegroundColor Yellow "Not started" @@ -547,21 +546,21 @@ function KillProcess { function DelFile { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) $path = Invoke-Expression """$($params.path)""" Write-Host -NoNewline "`tDelete $path : " if ( -not (Test-Path $path) ){ Write-Host -ForegroundColor Yellow "not found" - return + return } $command = "Remove-Item -ErrorAction SilentlyContinue -Force -Path `"$path`"" if ( $params.ContainsKey('recurse') -and $params.recurse -eq $true ) { @@ -569,52 +568,52 @@ function DelFile { } try { Invoke-Expression $command - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "`Error`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - } + Write-Host -NoNewLine -ForegroundColor Red "`Error`n`t" + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + } } function ExecCommand { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) $path = $params.path.Replace("##mod_path##", $script:current_module_path) - $args = $params.arguments.Replace("##mod_path##", $script:current_module_path) + $args = $params.arguments.Replace("##mod_path##", $script:current_module_path) Write-Host -NoNewline "`tExecute : $path : " $path = Invoke-Expression """$($path)""" if ( -not (Test-Path $path) -and -not $path -eq "powershell" ) { Write-Host -ForegroundColor Yellow "File not found" - return + return } try { Start-Process -NoNewWindow -wait -filepath $path -ArgumentList $args } catch { Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - } + write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + } } function ProcessModuleFile { param ( - [Parameter( - Mandatory=$true, - ValueFromPipeline=$True, - ParameterSetName="path" - )] - [string]$path - ) + [Parameter( + Mandatory=$true, + ValueFromPipeline=$True, + ParameterSetName="path" + )] + [string]$path + ) try { $mod = Get-Content $(Get-ChildItem $path).FullName -Raw | ConvertFrom-Json } @@ -627,22 +626,22 @@ function ProcessModuleFile { $mod.actions | Foreach { $action_file = "" - $current_action = @{} + $current_action = @{} $script:current_module_path = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + '\' - foreach( $p in $_.psobject.properties.name ){ - $current_action[$p] = $_.$p - } + foreach( $p in $_.psobject.properties.name ){ + $current_action[$p] = $_.$p + } if ( -not $current_action.ContainsKey('action') ) { - Write-Host -ForegroundColor Red "`tError : action not found" - return + Write-Host -ForegroundColor Red "`tError : action not found" + return } # If action content a file element, need to test if file exist if ( $current_action.ContainsKey('file')) { - $action_file = $script:current_module_path + $current_action.file - if ( -not (Test-Path $action_file) ) { - Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found`n" - return - } + $action_file = $script:current_module_path + $current_action.file + if ( -not (Test-Path $action_file) ) { + Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found`n" + return + } $current_action.file = $action_file } # Invoke function @@ -672,15 +671,15 @@ try { } catch { Write-Host -NoNewline -ForegroundColor Red "Error while mounting Registery`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - #return + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return } #We need access to users registry hive for applying mofidication to existing users $profile_list = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" Get-LocalUser | Where-Object { $_.Enabled -eq $true } | foreach { $current_user_path = Get-ItemPropertyValue -Path "$profile_list$($_.SID.Value)\" -Name "ProfileImagePath" - $script:users += @{name = $_.name;'sid' = $_.SID.Value; 'was_mounted' = $false; 'directory' = $current_user_path} + $script:users += @{name = $_.name;'sid' = $_.SID.Value; 'was_mounted' = $false; 'directory' = $current_user_path} } Write-Host "Mount users registry hives :" @@ -689,29 +688,30 @@ $script:users | foreach { if ( -not (Test-Path "HKU:\$($_.sid)") ) { try { reg load "HKU\$($_.sid)" "$($_.directory)\NTUSER.DAT" 2>&1 | Out-Null - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { Write-Host -ForegroundColor Red "Error`n`t" - Write-host $Error[0].Exception.Message + Write-host $Error[0].Exception.Message } } else { $_.was_mounted = $true - Write-Host -ForegroundColor Yellow "Already mounted" + Write-Host -ForegroundColor Yellow "Already mounted" } } -Write-Host "Folder to process : $module" if ( $debug ) { $DebugPreference = "Continue" } if ( $module -and $( Test-Path $module ) ) { + Write-Host "File to process : $module" $module | ProcessModuleFile } -else { +else { + Write-Host "Folder to process : $dir" Get-ChildItem -Path $dir -Filter "*.conf" | foreach { $_.FullName | ProcessModuleFile - } + } } Write-Host -Nonewline "`nRemove powershell access to HKCR, HKCU and HKU : " try { @@ -722,23 +722,23 @@ try { } catch { Write-Host -NoNewline -ForegroundColor Red "Error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } -0 + [gc]::collect() Write-Host "`nUnload Users hives : " #Unmount Registery $script:users | foreach { Write-Host -Nonewline "`tUnmount $($_.name) hive : " - #Need to unmount all not-connected users hives" + #Need to unmount all not-connected users hives" if ($_.was_mounted -eq $false) { try { reg unload "HKU\$($_.sid)" 2>&1 | Out-Null - Write-Host -foregroundColor Green "Done" + Write-Host -foregroundColor Green "Done" } catch { Write-Host -NoNewline -ForegroundColor Red "Error`n`t" - Write-Host -ForegroundColor Red $Error[0].Exception.Message + Write-Host -ForegroundColor Red $Error[0].Exception.Message } } else { Write-Host -ForegroundColor Yellow "Was mounted (User connected)" } @@ -747,9 +747,9 @@ $script:users | foreach { Write-Host -nonewline "`nUnload default user hive : " try { reg unload "HKU\Default" 2>&1 | Out-Null - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { Write-Host -NoNewline -ForegroundColor Red "Error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } From 37bb194595fac1da30ba360a80ebe2c4f926aae6 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 11 Apr 2018 22:29:18 +0200 Subject: [PATCH 74/91] Path testing was wrong --- cleanW10.ps1 | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index b774f9b..3b47be0 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -592,17 +592,18 @@ function ExecCommand { $args = $params.arguments.Replace("##mod_path##", $script:current_module_path) Write-Host -NoNewline "`tExecute : $path : " $path = Invoke-Expression """$($path)""" - if ( -not (Test-Path $path) -and -not $path -eq "powershell" ) { + if ( -not ((Test-Path $path) -or $path -eq "powershell") ) { Write-Host -ForegroundColor Yellow "File not found" - return + return } try { Start-Process -NoNewWindow -wait -filepath $path -ArgumentList $args } catch { Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } + Write-Host "`n" } function ProcessModuleFile { From 10eecf17f5b6c2ccf9633473a65cb00c61727da5 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 11 Apr 2018 23:08:20 +0200 Subject: [PATCH 75/91] Add ErrorAction Stop for Get-ItemProperty in DelRegKey() --- cleanW10.ps1 | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 3b47be0..f56fd21 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -316,26 +316,25 @@ function DelRegKey { Write-Host -NoNewline "`tDelete registery key $($params.key) : " if ( ! (Test-Path $params.path) ){ Write-Host -ForegroundColor Red " Error (path not found)" - return + return } try { - Get-ItemProperty -Path $params.path -Name $params.key | Out-Null + Get-ItemProperty -Path $params.path -Name $params.key -ErrorAction Stop | Out-Null } catch { - Write-Host -ForegroundColor Yellow "key already deleted" - return + Write-Host -ForegroundColor Yellow "key not exist (already deleted?)" + return } try { - Remove-ItemProperty -Path $params.path -Name $params.key - Write-host -ForegroundColor Green "done" + Write-host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ Write-Host -ForegroundColor Red "Error (access denied)" } catch { Write-Host -ForegroundColor Red -NoNewLine "Error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } } From 5e9148b11105319964b264e032ca4445e5e90fc4 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Thu, 12 Apr 2018 00:57:00 +0200 Subject: [PATCH 76/91] Rework message output for ExecCommand() --- cleanW10.ps1 | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index f56fd21..39b74a5 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -589,20 +589,20 @@ function ExecCommand { ) $path = $params.path.Replace("##mod_path##", $script:current_module_path) $args = $params.arguments.Replace("##mod_path##", $script:current_module_path) - Write-Host -NoNewline "`tExecute : $path : " + Write-Host "`n`tExecute $path : " $path = Invoke-Expression """$($path)""" if ( -not ((Test-Path $path) -or $path -eq "powershell") ) { - Write-Host -ForegroundColor Yellow "File not found" + Write-Host -ForegroundColor Yellow "`t`tFile not found" return } try { - Start-Process -NoNewWindow -wait -filepath $path -ArgumentList $args + Start-Process -NoNewWindow -wait -filepath $path -ArgumentList $args -ErrorAction Stop + Write-Host -ForegroundColor Green "`t`tExecution done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" + Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t`t" Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message } - Write-Host "`n" } function ProcessModuleFile { @@ -626,7 +626,7 @@ function ProcessModuleFile { $mod.actions | Foreach { $action_file = "" - $current_action = @{} + $current_action = @{} $script:current_module_path = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + '\' foreach( $p in $_.psobject.properties.name ){ $current_action[$p] = $_.$p From 00e4a217677ad4cf193e52a86c6c05cbacf10ed9 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Thu, 12 Apr 2018 01:39:42 +0200 Subject: [PATCH 77/91] Better output for AddRegKey() --- cleanW10.ps1 | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 39b74a5..9f1c8a4 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -220,10 +220,10 @@ function AddRegKey { [Parameter(Mandatory=$true)] [object]$params ) - if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') ) { - Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value`n" - return - } + if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') ) { + Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value`n" + return + } if ( -not $params.ContainsKey('value') ) { $params.value = "" } @@ -251,28 +251,28 @@ function AddRegKey { } #Let's begin... - Write-Host -NoNewline "`t$($params.path.substring(0,30))...$($params.key) reg key to $($params.value) : " - if ( -not (Test-Path $params.path) ){ - Write-Host -NoNewline -ForegroundColor DarkGreen "creating path " - try { - New-Item -Path $params.path -Force | Out-Null - } - - catch { - Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - return - } + Write-Host -NoNewline "`t$($params.path.substring(0,30))...$($params.key) reg key to '$($params.value)' : " + if ( -not (Test-Path $params.path) ){ + Write-Host -NoNewline -ForegroundColor DarkGreen "creating path " + try { + New-Item -Path $params.path -Force | Out-Null } + catch { + Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" + Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + return + } + } # Test if the key already exist try { $current_value = Get-ItemPropertyValue -Path $params.path -Name $params.key - if ( $current_value -eq $params.value ) { - Write-Host -ForegroundColor Yellow "Already done" - return - } - else { Write-Host -NoNewline -ForegroundColor DarkGreen "old value $current_value " } + if ( -not $current_value ) { $current_value = "" } + if ( $current_value -eq $params.value ) { + Write-Host -ForegroundColor Yellow "Already done" + return + } + else { Write-Host -NoNewline -ForegroundColor DarkGreen " old value $current_value - " } } catch { Write-Host -NoNewline -ForegroundColor DarkGreen "new key " @@ -281,7 +281,7 @@ function AddRegKey { # Put the key try { Set-ItemProperty -Path $params.path -Name $params.key -Value $params.value -Type $params.type -Force - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch [System.Security.SecurityException]{ Write-Host -ForegroundColor Red "Error (access denied)" From e2fe868454f84c78b67cc26aa04c328854f31d91 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Mon, 16 Apr 2018 16:29:55 +0200 Subject: [PATCH 78/91] Test if registry key value is null of empty in AddRegKey() --- cleanW10.ps1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index 9f1c8a4..c5234a7 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -225,7 +225,7 @@ function AddRegKey { return } if ( -not $params.ContainsKey('value') ) { - $params.value = "" + $params.value = $null } if ( -not $params.ContainsKey('type') -or $params.type -eq "" ){ $params.type="DWord" } @@ -266,9 +266,9 @@ function AddRegKey { # Test if the key already exist try { - $current_value = Get-ItemPropertyValue -Path $params.path -Name $params.key - if ( -not $current_value ) { $current_value = "" } - if ( $current_value -eq $params.value ) { + $current_value = (Get-ItemPropertyValue -Path $params.path -Name $params.key) + #current_value and params.value both empty need a special condition + if ( ( [string]::IsNullOrWhitespace($current_value) -and [string]::IsNullOrWhitespace($params.value) ) -or ($current_value -eq $params.value) ) { Write-Host -ForegroundColor Yellow "Already done" return } From 6b55544443dcef614e902739e0b9018baac20d54 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 2 May 2018 19:28:15 +0200 Subject: [PATCH 79/91] Rewrite README in French --- README.md | 264 +++++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 240 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 79e1a67..52372fc 100644 --- a/README.md +++ b/README.md @@ -1,31 +1,247 @@ -Win10 privacy helper script -========================== +Clean Win10 +=========== -This Powershell script disable some anti-privacy Windows 10 features. -I created this for my work needs. +CleanW10 est un script powershell pour rendre Windows plus respectueux de la +vie privée de son|ses utilisateur(s) - Utilisatrice(s). Il réalise tout un tas +d'actions afin de désactiver, supprimer, modifier des composant du système et +applications tierces. - * redirect some Microsoft domain known to 0.0.0.0 - * add firewall rules to block some Ms IP used to collect data - * disable some Windows 10 features (Fax, MediaPlayer ...) - * disable somes services - * disable most Modern Apps (because there are useless ...) - * disable some task - * write plenty of reg key to disable some features : - * advertising - * geolocation - * telemetry - * disable apps righs - * disable MS Account for login - * Onedrive - * (...) +Ce script est avant tout destiné aux utilisateurs avancés, il réalise beaucoup +d'actions normalement réservées aux GPO (version pro et entreprise de Windows +mais accessible) via la base de registre, ou autre (désactivation de +services par exemple) -### Warning! +# Actions réalisées -Do not use this script if you're logged with a MS Account on your -Windows sesssion. Because this script disable MS Account, your account -may be blocked and you could not login again. +CleanW10 réalise beaucoup d'actions, en voici une liste non exhaustive : + + * Désinstallation d'applications universelles (ModernApp) pour l'utilisateur + et en version provisionnée. Attention, **Windows Store sera aussi supprimé**. + * Blocage d'applications dans le pare-feu Windows (explorer, Cortana, + Edge). Attention, **vous ne pourrez plus utiliser Edge**. + * Blocage d'adresse IP Microsoft connue pour récolter des données de + télémétrie. Attention, des IP utilisées pour **Skype et Outlook** seront + bloquées. + * Blocage de noms de domaine appartenant à Microsoft connus pour récolter des + données + * Désintallation de OneDrive + * Désactivation des comptes Microsoft. Attention, si vous utilisew des + comptes Microsoft sous Windows 10, **transformez-le en compte local AVANT de + lancer CleanW10**. + * Désactivation des droits pour les applications (caméra, localisation, + synchronisation des contacts / calendriers etc.) + * Désactivation des services relatifs aux données personnelles / de + télémétrie. + * Supression des tâches planifiées problématiques pour les données + personelles + +# Lancer le CleanW10 + +Par défaut, Windows n'autorise pas l'execution de script powershell non signé +ou dont il ne connait pas la signature. Pour exécuter ce script, Il est donc +conseillé d'exécuter la commande suivante dans une fenêtre powershell en mode +administrateur : + +``` +Set-ExecutionPolicy unrestricted +``` + +Vous pouvez cependant lancer ``launcher.cmd`` en tant qu'administrateur.Il se +chargera de basculer la politique de sécurité relative à powershell, de lancer +CleanW10 puis de la remettre à son état initial. + +## Options de la ligne de commande + +voici les options du script en ligne de commande : + +``` +CleanW10.ps1 -module -dir -debug +``` + +### -module + +Avec cette option vous pouvez executer un seul module. Le parametre est suivi +par le chemin complet du fichier module. + +### -dir + +Cette option donne le chemin complet vers le répertoire contenant les modules à +executer, par défaut ``./modules.d/``. Elle est imcompatible avec ``-module`` + +### -debug + +Affiche des information de debug en plus des messages relatifs au script. Il y +en a très peu (pour le moment) + +# Comment ça marche? + +Le script fonctionne à partir de modules sous forme de fichiers écrits en JSON. +Un module contient un ensemble d'actions à réaliser ainsi que leurs paramètres. +Voici un exemple de fichier module : + +```JSON +{ + "name" : "Block Telemetry IPs", + "description" : "Block IPs relative to Microsoft telemery.", + "actions" : + [ + { + "_comment" : "Block telemetry IPS", + "action" : "FwBlockOutputIP", + "file" : "telemetry.txt" + }, + { + "_comment" : "Block IP relative to Skype and Messenger", + "action" : "FwBlockOutputIP", + "file" : "skype-msn.txt" + } + ] +} +``` + +Chaque module contient un nom (``name``), une description (``description``) et +une série d'actions à réaliser (``actions``). + +uen action contient une action à réaliser (ici ``FwBlockOutputIP``), +éventuellement un commentaire (``_comment``) puis un ou plusieurs paramètre(s) +en fonction de l'action. Voici une liste des actions disponibles : + +## Liste des actions + +### BlockHost + +Bloque un ou plusieurs nom(s) d'hôte via le fichier hosts, les paramètres de ce +module sont : + + * ``host`` : nom d'hote à bloquer + * ``file`` : nom du fichier contenant une adresse IP par ligne pour un + traitement par lots. Voir la section [#fichiers-externes](fichiers) + * ``firewall`` [Booléen] : Bloque la ou les adresse(s) IP relative au nom + d'hôte par le module FwBlockOutputIP + + Activer ce paramètre permet de bloquer par le firewall certains hôtes pour + lesquels Windows ne prends pas en compte le fichier hosts. + +### FwBlockOutputIP + +Bloque une ou plusieurs adresse(s) IP, les paramètres relatifs à ce module +sont : + + * ``ip`` : adresse IP à bloquer + * ``file`` : nom du fichier contenant une adresse IP par ligne pour un + traitement par lot. Voir la section [#fichiers-externes](fichiers) + + +### FwBlockProgram + +Bloque un ou plusieurs programme(s) dans le pare-feu, les paramètres relatifs à +ce module sont : + + * ``name`` : ce paramètre est utilisé pour créer le nom de la règle du + pare-feu Windows - facultatif, utilise le chemin complet si absent + * ``path`` : chemin complet vers l'exécutable à bloquer. + * ``file`` : nom du fichier contenant un chemin par ligne pour un traitement + par lot. Voir la section [#fichiers-externes](fichiers) -### Licence +### AddRegKey -Do what you're want with it and feel fre to offer me a beer :) +Ajoute ou modifie une clé de registre. Si une clé concerne l'utilisateur +courant (HKCU) alors la clé sera ajoutée / modifiée pour tous les utilisateurs +mais aussi sur le gabarit de registre pour la création d'utilisateurs. Les +paramètres sont : + + * ``path`` : chemin vers la clé + * ``key`` : la clé + * ``value`` : la nouvelle valeur - facultatif + * ``type`` : le type de valeur (DWord QWord, Multistring ...) - facutlatif, + DWord par défaut + +### DelRegKey + +Supprime une clé de registre, les mêmes actions que pour ``AddRegKey`` seront +réalisées si la clé concerne HKCU. Les paramètres sont : + * ``path`` : chemin vers la clé + * ``key`` : clé à supprimer. + +### UninstallModernApp + +Désintalle une ou plusiers application(s) universelle(s), les paramètres sont : + + * ``name`` : nom de l'application à désintaller + * ``removeProvisionned`` [Booléen] : supprimer aussi des application + provisionnées (que le système réinstallera pour tout nouvel utilisateur créé) + * ``file`` : nom du fichier contenant un nom d' application par ligne pour un + traitement par lots. Voir la section [#fichiers-externes](fichiers) + +### DisableService + +Désactive un service, les paramètres sont : + + * ``name`` : nom du service à désactiver + * ``userService`` [Booléen] : service est lancé en mode utilisateur. Pour + désactiver la création du service par utilisateur, la clé de registre + ``userServiceFlag`` sera modifiée. + * ``file`` : nom du fichier contenant un nom de service par ligne pour un + traitement par lots. Voir la section [#fichiers-externes](fichiers) + +### RemoveSchedukedTask + +Désactive une tâche planifiés, les paramètres sont : + + * ``name`` : nom de la tache planifiée + * ``path`` : chemin de la tache planifiée - facultatif + * ``file`` : nom du fichier contenant un nom de tâche par ligne pour un + traitement par lots. Voir la section [#fichiers-externes](fichiers) + +## DisableFeature + +Désactive une fonctionnalité de Windows (accessible via dism.exe) les paramètres +sont : + + * ``name`` : nom de la fonctionnalité + * ``file`` : nom du fichier contenant un nom de fonctionnalité par ligne pour + un traitement par lot. Voir la section [#fichiers-externes](fichiers) + +### KillProcess + +Tue un processus, le paramètre est : + + * ``name`` : nom du processus à tuer + +### DelFile + +Supprime un fichier / dossier, les parametres sont : + + * ``path`` : chemin du fichier / dossier à supprimer + * ``recurse``[Booléen] : supprimmer de manière récursive. - facultatif + +### ExecCommand + +Executer un commande, les parametres sont : + + * ``path`` : chemin vers l'exécutable. Celui-ci peut contenur des variables + d'environnement powershell comme par exemple ``"$env:systemroot\``, Si la + * ``arguments`` : liste des arguments + +## Fichiers externes + +Pour certaines actions il est possible de charger un fichier externe pour du +traitement par lots. Ce peut être le cas pour ``BlockHost`` par exemple. Il +faut alors renseigner le paramètre ``file`` dans l'action correspondante avec +le nom du fichier à charger, Celui-ci decra se trouver **obligatoirement** dans +un sous-dossier portant le même nom que le fichier module. + +Prenom l'exemple du module FW_Hosts.conf, il contient l'action ``BlockHost`` +avec commr paramètre ``file`` hosts.txt, voici donc l'arborescence obtenue : + +``` +modules.d\FW_Hosts\hosts.txt +modules.d\FW_Hosts.conf +``` + +# Licence + +Ce script est disponible sous licence Beeware : utilisez, copiez, modifiez, +redistribuez comme ça vous chante. Et offrez-moi une bière si l'on se recontre +un de ces 4 (et si ça vous chante). From d4e384be68e81938ce3c4b11fd49ecc8c9473920 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 2 May 2018 21:15:21 +0200 Subject: [PATCH 80/91] Markdown and syntax corrections --- README.md | 162 +++++++++++++++++++++++++++--------------------------- 1 file changed, 82 insertions(+), 80 deletions(-) diff --git a/README.md b/README.md index 52372fc..3437aa2 100644 --- a/README.md +++ b/README.md @@ -2,13 +2,13 @@ Clean Win10 =========== CleanW10 est un script powershell pour rendre Windows plus respectueux de la -vie privée de son|ses utilisateur(s) - Utilisatrice(s). Il réalise tout un tas -d'actions afin de désactiver, supprimer, modifier des composant du système et +vie privée de son|ses utilisateur(s) - Utilisatrice(s). Il réalise tout un tas +d'actions afin de désactiver, supprimer, modifier des composant du système et applications tierces. -Ce script est avant tout destiné aux utilisateurs avancés, il réalise beaucoup -d'actions normalement réservées aux GPO (version pro et entreprise de Windows -mais accessible) via la base de registre, ou autre (désactivation de +Ce script est avant tout destiné aux utilisateurs avancés, il réalise beaucoup +d'actions normalement réservées aux GPO (version pro et entreprise de Windows +mais accessible) via la base de registre, ou autre (désactivation de services par exemple) # Actions réalisées @@ -17,42 +17,42 @@ CleanW10 réalise beaucoup d'actions, en voici une liste non exhaustive : * Désinstallation d'applications universelles (ModernApp) pour l'utilisateur et en version provisionnée. Attention, **Windows Store sera aussi supprimé**. - * Blocage d'applications dans le pare-feu Windows (explorer, Cortana, + * Blocage d'applications dans le pare-feu Windows (explorer, Cortana, Edge). Attention, **vous ne pourrez plus utiliser Edge**. - * Blocage d'adresse IP Microsoft connue pour récolter des données de + * Blocage d'adresse IP Microsoft connue pour récolter des données de télémétrie. Attention, des IP utilisées pour **Skype et Outlook** seront bloquées. - * Blocage de noms de domaine appartenant à Microsoft connus pour récolter des + * Blocage de noms de domaine appartenant à Microsoft connus pour récolter des données * Désintallation de OneDrive - * Désactivation des comptes Microsoft. Attention, si vous utilisew des + * Désactivation des comptes Microsoft. Attention, si vous utilisew des comptes Microsoft sous Windows 10, **transformez-le en compte local AVANT de lancer CleanW10**. - * Désactivation des droits pour les applications (caméra, localisation, + * Désactivation des droits pour les applications (caméra, localisation, synchronisation des contacts / calendriers etc.) - * Désactivation des services relatifs aux données personnelles / de + * Désactivation des services relatifs aux données personnelles / de télémétrie. - * Supression des tâches planifiées problématiques pour les données + * Supression des tâches planifiées problématiques pour les données personelles # Lancer le CleanW10 -Par défaut, Windows n'autorise pas l'execution de script powershell non signé -ou dont il ne connait pas la signature. Pour exécuter ce script, Il est donc -conseillé d'exécuter la commande suivante dans une fenêtre powershell en mode +Par défaut, Windows n'autorise pas l'execution de script powershell non signé +ou dont il ne connait pas la signature. Pour exécuter ce script, Il est donc +conseillé d'exécuter la commande suivante dans une fenêtre powershell en mode administrateur : ``` Set-ExecutionPolicy unrestricted ``` -Vous pouvez cependant lancer ``launcher.cmd`` en tant qu'administrateur.Il se -chargera de basculer la politique de sécurité relative à powershell, de lancer +Vous pouvez cependant lancer ``launcher.cmd`` en tant qu'administrateur.Il se +chargera de basculer la politique de sécurité relative à powershell, de lancer CleanW10 puis de la remettre à son état initial. - + ## Options de la ligne de commande -voici les options du script en ligne de commande : +voici les options du script en ligne de commande : ``` CleanW10.ps1 -module -dir -debug @@ -60,30 +60,30 @@ CleanW10.ps1 -module -dir -debug ### -module -Avec cette option vous pouvez executer un seul module. Le parametre est suivi +Avec cette option vous pouvez executer un seul module. Le paramètre est suivi par le chemin complet du fichier module. ### -dir -Cette option donne le chemin complet vers le répertoire contenant les modules à +Cette option donne le chemin complet vers le répertoire contenant les modules à executer, par défaut ``./modules.d/``. Elle est imcompatible avec ``-module`` ### -debug -Affiche des information de debug en plus des messages relatifs au script. Il y +Affiche des information de debug en plus des messages relatifs au script. Il y en a très peu (pour le moment) # Comment ça marche? -Le script fonctionne à partir de modules sous forme de fichiers écrits en JSON. -Un module contient un ensemble d'actions à réaliser ainsi que leurs paramètres. -Voici un exemple de fichier module : +Le script fonctionne à partir de modules sous forme de fichiers écrits en JSON. +Un module contient un ensemble d'actions à réaliser ainsi que leurs paramètres. +Voici un exemple de fichier module : ```JSON { "name" : "Block Telemetry IPs", "description" : "Block IPs relative to Microsoft telemery.", - "actions" : + "actions" : [ { "_comment" : "Block telemetry IPS", @@ -99,91 +99,93 @@ Voici un exemple de fichier module : } ``` -Chaque module contient un nom (``name``), une description (``description``) et +Chaque module contient un nom (``name``), une description (``description``) et une série d'actions à réaliser (``actions``). -uen action contient une action à réaliser (ici ``FwBlockOutputIP``), -éventuellement un commentaire (``_comment``) puis un ou plusieurs paramètre(s) +uen action contient une action à réaliser (ici ``FwBlockOutputIP``), +éventuellement un commentaire (``_comment``) puis un ou plusieurs paramètre(s) en fonction de l'action. Voici une liste des actions disponibles : ## Liste des actions ### BlockHost -Bloque un ou plusieurs nom(s) d'hôte via le fichier hosts, les paramètres de ce -module sont : +Bloque un ou plusieurs noms d'hôtes via le fichier hosts, les paramètres de +cette action sont : * ``host`` : nom d'hote à bloquer - * ``file`` : nom du fichier contenant une adresse IP par ligne pour un - traitement par lots. Voir la section [#fichiers-externes](fichiers) - * ``firewall`` [Booléen] : Bloque la ou les adresse(s) IP relative au nom + * ``file`` : nom du fichier contenant une adresse IP par ligne pour un + traitement par lots. Voir la section (#fichiers-externes)[fichiers] + * ``firewall`` [Booléen] : Bloque la ou les adresse(s) IP relative au nom d'hôte par le module FwBlockOutputIP - Activer ce paramètre permet de bloquer par le firewall certains hôtes pour - lesquels Windows ne prends pas en compte le fichier hosts. - + Activer ce paramètre permet de bloquer par le firewall certains hôtes pour + lesquels Windows ne prends pas en compte le fichier hosts. + ### FwBlockOutputIP -Bloque une ou plusieurs adresse(s) IP, les paramètres relatifs à ce module +Bloque une ou plusieurs adresse(s) IP, les paramètres relatifs à cette action sont : - + * ``ip`` : adresse IP à bloquer - * ``file`` : nom du fichier contenant une adresse IP par ligne pour un + * ``file`` : nom du fichier contenant une adresse IP par ligne pour un traitement par lot. Voir la section [#fichiers-externes](fichiers) - -### FwBlockProgram - -Bloque un ou plusieurs programme(s) dans le pare-feu, les paramètres relatifs à -ce module sont : - * ``name`` : ce paramètre est utilisé pour créer le nom de la règle du +### FwBlockProgram + +Bloque un ou plusieurs programmes dans le pare-feu, les paramètres relatifs à +cette action sont : + + * ``name`` : ce paramètre est utilisé pour créer le nom de la règle du pare-feu Windows - facultatif, utilise le chemin complet si absent * ``path`` : chemin complet vers l'exécutable à bloquer. - * ``file`` : nom du fichier contenant un chemin par ligne pour un traitement + * ``file`` : nom du fichier contenant un chemin par ligne pour un traitement par lot. Voir la section [#fichiers-externes](fichiers) ### AddRegKey -Ajoute ou modifie une clé de registre. Si une clé concerne l'utilisateur -courant (HKCU) alors la clé sera ajoutée / modifiée pour tous les utilisateurs -mais aussi sur le gabarit de registre pour la création d'utilisateurs. Les +Ajoute ou modifie une clé de registre. Si une clé concerne l'utilisateur +courant (HKCU) alors la clé sera ajoutée / modifiée pour tous les utilisateurs +mais aussi sur le gabarit de registre pour la création d'utilisateurs. Les paramètres sont : - + * ``path`` : chemin vers la clé * ``key`` : la clé * ``value`` : la nouvelle valeur - facultatif - * ``type`` : le type de valeur (DWord QWord, Multistring ...) - facutlatif, + * ``type`` : le type de valeur (DWord QWord, Multistring ...) - facutlatif, DWord par défaut ### DelRegKey -Supprime une clé de registre, les mêmes actions que pour ``AddRegKey`` seront +Supprime une clé de registre, les mêmes actions que pour ``AddRegKey`` seront réalisées si la clé concerne HKCU. Les paramètres sont : + * ``path`` : chemin vers la clé * ``key`` : clé à supprimer. ### UninstallModernApp -Désintalle une ou plusiers application(s) universelle(s), les paramètres sont : +Désintalle une ou plusieurs applications universelles, les paramètres sont : - * ``name`` : nom de l'application à désintaller - * ``removeProvisionned`` [Booléen] : supprimer aussi des application + * ``name`` : nom de l'application à désintaller + * ``removeProvisionned`` [Booléen] : supprimer aussi des application provisionnées (que le système réinstallera pour tout nouvel utilisateur créé) - * ``file`` : nom du fichier contenant un nom d' application par ligne pour un - traitement par lots. Voir la section [#fichiers-externes](fichiers) + * ``file`` : nom du fichier contenant un nom d' application par ligne pour un + traitement par lots. Voir la section [fichiers externes](#fichiers-externes) ### DisableService -Désactive un service, les paramètres sont : +Désactive un service, les paramètres sont : * ``name`` : nom du service à désactiver - * ``userService`` [Booléen] : service est lancé en mode utilisateur. Pour - désactiver la création du service par utilisateur, la clé de registre + * ``userService`` [Booléen] : service est lancé en mode utilisateur. Pour + désactiver la création du service par utilisateur, la clé de registre ``userServiceFlag`` sera modifiée. - * ``file`` : nom du fichier contenant un nom de service par ligne pour un - traitement par lots. Voir la section [#fichiers-externes](fichiers) + * ``file`` : nom du fichier contenant un nom de service par ligne pour un + traitement par lots. Voir la section [fichiers externes](#fichiers-externes) + ### RemoveSchedukedTask @@ -191,17 +193,17 @@ Désactive une tâche planifiés, les paramètres sont : * ``name`` : nom de la tache planifiée * ``path`` : chemin de la tache planifiée - facultatif - * ``file`` : nom du fichier contenant un nom de tâche par ligne pour un - traitement par lots. Voir la section [#fichiers-externes](fichiers) + * ``file`` : nom du fichier contenant un nom de tâche par ligne pour un + traitement par lots. Voir la section [fichiers externes](#fichiers-externes) -## DisableFeature +### DisableFeature -Désactive une fonctionnalité de Windows (accessible via dism.exe) les paramètres +Désactive une fonctionnalité de Windows (accessible via dism.exe) les paramètres sont : * ``name`` : nom de la fonctionnalité - * ``file`` : nom du fichier contenant un nom de fonctionnalité par ligne pour - un traitement par lot. Voir la section [#fichiers-externes](fichiers) + * ``file`` : nom du fichier contenant un nom de fonctionnalité par ligne pour + un traitement par lot. Voir la section [fichiers externes](#fichiers-externes) ### KillProcess @@ -211,28 +213,28 @@ Tue un processus, le paramètre est : ### DelFile -Supprime un fichier / dossier, les parametres sont : +Supprime un fichier / dossier, les paramètres sont : * ``path`` : chemin du fichier / dossier à supprimer * ``recurse``[Booléen] : supprimmer de manière récursive. - facultatif ### ExecCommand -Executer un commande, les parametres sont : +Executer un commande, les paramètres sont : - * ``path`` : chemin vers l'exécutable. Celui-ci peut contenur des variables - d'environnement powershell comme par exemple ``"$env:systemroot\``, Si la + * ``path`` : chemin vers l'exécutable. Celui-ci peut contenir des variables + d'environnement powershell comme par exemple ``"$env:systemroot\``, Si la * ``arguments`` : liste des arguments ## Fichiers externes -Pour certaines actions il est possible de charger un fichier externe pour du -traitement par lots. Ce peut être le cas pour ``BlockHost`` par exemple. Il -faut alors renseigner le paramètre ``file`` dans l'action correspondante avec -le nom du fichier à charger, Celui-ci decra se trouver **obligatoirement** dans +Pour certaines actions il est possible de charger un fichier externe pour du +traitement par lot. Ce peut être le cas pour ``BlockHost`` par exemple. Il +faut alors renseigner le paramètre ``file`` dans l'action correspondante avec +le nom du fichier à charger, Celui-ci decra se trouver **obligatoirement** dans un sous-dossier portant le même nom que le fichier module. -Prenom l'exemple du module FW_Hosts.conf, il contient l'action ``BlockHost`` +Prenons l'exemple du module FW_Hosts.conf, il contient l'action ``BlockHost`` avec commr paramètre ``file`` hosts.txt, voici donc l'arborescence obtenue : ``` @@ -242,6 +244,6 @@ modules.d\FW_Hosts.conf # Licence -Ce script est disponible sous licence Beeware : utilisez, copiez, modifiez, -redistribuez comme ça vous chante. Et offrez-moi une bière si l'on se recontre +Ce script est disponible sous licence Beeware : utilisez, copiez, modifiez, +redistribuez comme ça vous chante. Et offrez-moi une bière si l'on se recontre un de ces 4 (et si ça vous chante). From 88b48f5c660f14353b4202bf30d8683b89090c73 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 2 May 2018 21:36:35 +0200 Subject: [PATCH 81/91] Remove onedrive icon in Explorer --- modules.d/GPO_OneDrive.conf | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/modules.d/GPO_OneDrive.conf b/modules.d/GPO_OneDrive.conf index 6410cfd..48b1fa9 100644 --- a/modules.d/GPO_OneDrive.conf +++ b/modules.d/GPO_OneDrive.conf @@ -67,6 +67,20 @@ "action" : "DelRegKey", "key" : "OneDriveSetup", "path" : "HKU:\\Default\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" + }, + { + "_comment" : "Hide Onedrive icon from explorer", + "action" : "AddRegKey", + "value" : "0", + "key" : "System.IsPinnedToNameSpaceTree", + "path" : "HKCR:\\Wow6432Node\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" + }, + { + "_comment" : "Hide Onedrive icon from explorer (2)", + "action" : "AddRegKey", + "value" : "0", + "key" : "System.IsPinnedToNameSpaceTree", + "path" : "HKCR:\\CLSID\\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" } ] } From d7329ab94e8ee08be3837ca3c47a9fda78fe5d3c Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 2 May 2018 22:57:36 +0200 Subject: [PATCH 82/91] Error message details display with Write-Debug --- cleanW10.ps1 | 509 +++++++++++++++++++++++++-------------------------- 1 file changed, 254 insertions(+), 255 deletions(-) diff --git a/cleanW10.ps1 b/cleanW10.ps1 index c5234a7..20e66c8 100755 --- a/cleanW10.ps1 +++ b/cleanW10.ps1 @@ -18,91 +18,91 @@ $ProgressPreference = "SilentlyContinue" #Thanks to https://gist.github.com/markembling/173887 function BlockHost { param( - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) - if ( $params.ContainsKey('file') ) { - if ( -not $params.ContainsKey('firewall') -or $params.firewall -eq "" ) { - $params.firewall = $false - } - Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach{ BlockHost -params @{host=$_;firewall=$params.firewall} } + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + if ( $params.ContainsKey('file') ) { + if ( -not $params.ContainsKey('firewall') -or $params.firewall -eq "" ) { + $params.firewall = $false } + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach{ BlockHost -params @{host=$_;firewall=$params.firewall} } + } elseif ( $params.ContainsKey('host') -and $params.host -ne "" ) { Write-Host "`n`tBlock host $($params.host) : " - try { - if ( $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ -#If host is inhosts.conf, verify that ip is blocked in FW - if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { - $tmp = Get-Content $HOST_FILE | Where { $_ -ne "$HOST_IP`t`t$($params.host)" } - Set-Content $HOST_FILE $tmp - BlockHostByIP $params.host - $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE - } - Write-Host -ForegroundColor Yellow "`t`tHost Already blocked" - } - else { - if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { + try { + if ( $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ + #If host is in hosts.conf, verify that ip is blocked in FW + if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { + $tmp = Get-Content $HOST_FILE | Where { $_ -ne "$HOST_IP`t`t$($params.host)" } + Set-Content $HOST_FILE $tmp BlockHostByIP $params.host - } - $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE - Write-Host -ForegroundColor Green "`t`tHost blocked" + $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE } + Write-Host -ForegroundColor Yellow "`t`tHost Already blocked" } + else { + if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { + BlockHostByIP $params.host + } + $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE + Write-Host -ForegroundColor Green "`t`tHost blocked" + } + } catch { - Write-Host -NoNewline -ForegroundColor Red "`t`terror`n`t`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor Red "`t`tError" + Write-Debug $Error[0].Exception.Message } } - else { - Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" - } + else { + Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" + } } function BlockHostByIP { param( - [string]$hostname - ) - #$resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString - $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | Where { $_.type -match "^A{1,4}$" } | select Address - $resolv | Foreach { - Write-Host -NoNewLine "`t" - $ip = $_.Address - Write-Debug "Found a valid IP $ip" - $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule - if ( $rule ) { - write-host -NoNewLine "`tFW Rule exist : " - write-host -ForegroundColor yellow $rule.name - } - else { - FwBlockOutputIP @{ - ip=$ip; - name="H_$hostname" - } - } + [string]$hostname + ) + #$resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString + $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | Where { $_.type -match "^A{1,4}$" } | select Address + $resolv | Foreach { + Write-Host -NoNewLine "`t" + $ip = $_.Address + Write-Debug "Found a valid IP $ip" + $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule + if ( $rule ) { + Write-Host -NoNewLine " exist " + Write-Host -ForegroundColor yellow $rule.name } + else { + FwBlockOutputIP @{ + ip=$ip; + name="H_$hostname" + } + } + } } function IsHostAlreadyBlocked { param([string]$filename, [string]$hostname) - $c = Get-Content $filename | where { $_ -eq "$HOST_IP`t`t$hostname" } + $c = Get-Content $filename | where { $_ -eq "$HOST_IP`t`t$hostname" } Write-Debug "`tMatch hostname on host file : $c" - if ( $c ) { - return $true - } + if ( $c ) { + return $true + } return $false } function FwBlockOutputIP { param( - [object]$params - ) - if ( $params.ContainsKey('file') ) { - Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockOutputIP @{ip=$_} } - } + [object]$params + ) + if ( $params.ContainsKey('file') ) { + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockOutputIP @{ip=$_} } + } elseif ( $params.ContainsKey('ip') ) { if (-not $params.ContainsKey('name') -or $params.name -eq "" ) { $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.ip @@ -113,18 +113,18 @@ function FwBlockOutputIP { Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : " $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $params.ip } | Get-NetFirewallRule if ( $rule ) { - write-host -NoNewLine " exist : " - write-host -ForegroundColor yellow $rule.name + Write-Host -NoNewLine " exist " + Write-Host -ForegroundColor yellow $rule.name } else { Try { New-NetFirewallRule -Name "$name" -DisplayName "$name" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null + Write-Host -ForegroundColor Green "Done" } Catch { - Write-Host -ForegroundColor Red "error" - return + Write-Host -ForegroundColor Red "Error" + Write-Debug $Error[0].Exception.Message } - Write-Host -ForegroundColor Green "done" } } else { @@ -134,40 +134,41 @@ function FwBlockOutputIP { function FwBlockProgram { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) - if ( $params.ContainsKey('file') ) { - Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockProgram @{path=$_} } - } + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + if ( $params.ContainsKey('file') ) { + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockProgram @{path=$_} } + } elseif ( $params.ContainsKey('path') ) { $path = Invoke-Expression """$($params.path)""" - if ( -not $params.ContainsKey('name') -or $params.name -eq "" ) { - $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.path - } + if ( -not $params.ContainsKey('name') -or $params.name -eq "" ) { + $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.path + } $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.name - Write-Host -NoNewline "`tAdd FW program rule $name ($($path)) : " - if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { - Write-Host -ForegroundColor Yellow "already exist" - return - } + Write-Host -NoNewline "`tAdd FW program rule $name ($($path)) : " + if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { + Write-Host -ForegroundColor Yellow "already exist" + return + } if ( -not (Test-Path $path) ) { Write-Host -Foregroundcolor Red "Error (path not found)" - return + return } try { New-NetFirewallRule -Name "$name" -DisplayName "$name (program : $($params.path))" -Program "$path" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress any -Action Block | Out-Null - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { Write-Host -ForegroundColor Red "error" + Write-Debug $Error[0].Exception.Message } } else { @@ -177,37 +178,37 @@ function FwBlockProgram { function RemoveScheduledTask () { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) - if ( $params.ContainsKey('file') ) { - Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { RemoveScheduledTask @{name=$_} } - } + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) + if ( $params.ContainsKey('file') ) { + Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { RemoveScheduledTask @{name=$_} } + } elseif ( $params.ContainsKey('name') ) { $command = "Get-ScheduledTask -ErrorAction Stop -TaskName `"$($params.name)`"" - if ($params.ContainsKey('path') -and $params.path -ne '') { - $command += " -TaskPath `"$($params.path)`"" - } - else { $params.path="" } + if ($params.ContainsKey('path') -and $params.path -ne '') { + $command += " -TaskPath `"$($params.path)`"" + } + else { $params.path="" } try { $task = Invoke-Expression $command - Write-Host -NoNewline "`tRemove task $($params.name) : " - $task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false - Write-Host -ForegroundColor Green "done" + Write-Host -NoNewline "`tRemove task $($params.name) : " + $task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false + Write-Host -ForegroundColor Green "done" } catch [Microsoft.PowerShell.Cmdletization.Cim.CimJobException]{ Write-Host -ForegroundColor Yellow "`tScheduled Task $($params.path)$($params.name) not found" } catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError in RemoveSheduledTask`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -NoNewLine -ForegroundColor Red "`tError in RemoveSheduledTask" + Write-Debug $Error[0].Exception.Message } } else { @@ -217,12 +218,12 @@ function RemoveScheduledTask () { function AddRegKey { param( - [Parameter(Mandatory=$true)] - [object]$params - ) + [Parameter(Mandatory=$true)] + [object]$params + ) if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') ) { Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value`n" - return + return } if ( -not $params.ContainsKey('value') ) { $params.value = $null @@ -258,8 +259,8 @@ function AddRegKey { New-Item -Path $params.path -Force | Out-Null } catch { - Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -NoNewLine -ForegroundColor Red "Error" + Write-Debug $Error[0].Exception.Message return } } @@ -287,16 +288,16 @@ function AddRegKey { Write-Host -ForegroundColor Red "Error (access denied)" } catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -NoNewLine -ForegroundColor Red "Error" + Write-Debug $Error[0].Exception.Message } } function DelRegKey { param( - [Parameter(Mandatory=$true)] - [object]$params - ) + [Parameter(Mandatory=$true)] + [object]$params + ) #When keypath start with HKCU, we need to apply it ro all users if ( ($params.path).StartsWith("HKCU") ) { $script:users | Foreach { @@ -315,7 +316,7 @@ function DelRegKey { } Write-Host -NoNewline "`tDelete registery key $($params.key) : " if ( ! (Test-Path $params.path) ){ - Write-Host -ForegroundColor Red " Error (path not found)" + Write-Host -ForegroundColor Red "Error (path not found)" return } try { @@ -333,44 +334,45 @@ function DelRegKey { Write-Host -ForegroundColor Red "Error (access denied)" } catch { - Write-Host -ForegroundColor Red -NoNewLine "Error`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor Red -NoNewLine "Error" + Write-Debug $Error[0].Exception.Message } } function DisableFeature { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) if ( $params.ContainsKey('file') ) { Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { DisableFeature @{name=$_} } } elseif ( $params.ContainsKey('name') ) { $feature = $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English) - $name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]} + $name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]} if (-not $name){ Write-Host -ForegroundColor Yellow "`tFeature $params.name not found" - return + return } Write-Host -NoNewline "`tDisable Feature $name : " - if ( $($feature | Select-String "state") -match "Disable" ){ - Write-Host -ForegroundColor Yellow "already disable" - return - } + if ( $($feature | Select-String "state") -match "Disable" ){ + Write-Host -ForegroundColor Yellow "already disable" + return + } try { Dism /online /Disable-Feature /FeatureName:$name /NoRestart | Out-Null - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { - Write-Host -ForegroundColor Red "error" + Write-Host -ForegroundColor Red "Error" + Write-Debug $Error[0].Exception.Message } } else { @@ -380,16 +382,16 @@ function DisableFeature { function UninstallModernApp { param( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) if ( $params.ContainsKey('removeProvisioned') -and $params.removeProvisioned -eq $true ) { UninstallModernProvisionedApp $params } @@ -400,18 +402,18 @@ function UninstallModernApp { UninstallModernApp @{name=$_} } $uninstall_list | Where-Object { $_ -notin $pkgs } | Foreach { - Write-Host -ForegroundColor Yellow "`tModern App $_ not installed" + Write-Debug "`tModern App $_ not installed" } } elseif ( $params.ContainsKey('name') ) { Write-Host -NoNewLine "`tUninstall $($params.name) : " try { $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage -AllUsers) - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "Error `n`t" - write-Host -ForegroundColor DarkRed $_ + Write-Host -NoNewLine -ForegroundColor Red "Error" + Write-Debug $Error[0].Exception.Message } } else { @@ -421,37 +423,35 @@ function UninstallModernApp { function UninstallModernProvisionedApp { param( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) - + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) if ( $params.ContainsKey('file') ) { $pkgs = $(Get-AppxProvisionedPackage -Online).DisplayName - $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } + $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } $pkgs | Where-Object { $_ -in $list } | Foreach { UninstallModernProvisionedApp @{name=$_} } $list | Where-Object { $_ -notin $pkgs } | Foreach { - Write-Host -ForegroundColor Yellow "`tProvisioned App $_ not found" + Write-Debug "`tProvisioned App $_ not found" } } elseif ( $params.ContainsKey('name') ){ Write-Host -NoNewLine "`tUninstall Provisioned $($params.name) :" try { $(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -eq $($params.name) }) | Remove-AppxProvisionedPackage -Online | Out-Null - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message - return + Write-Host -NoNewLine -ForegroundColor Red "`tError" + Write-Debug $Error[0].Exception.Message } } else { @@ -461,47 +461,46 @@ function UninstallModernProvisionedApp { function DisableService { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) if ( $params.ContainsKey('file') ) { $services = $(Get-Service).name - $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } + $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } $services | Where-Object { $_ -in $list } | Foreach { DisableService @{name=$_} } $list | Where-Object { $_ -notin $services } | Foreach { - Write-Host -ForegroundColor Yellow "`t Service $_ not found" + Write-Debug "`t Service $_ not found" } } elseif ( $params.ContainsKey('name') ) { $service = Get-Service -Name $params.name - if ( -not $service ){ - Write-Host -ForegroundColor "`t Service $($params.name) not found" - return - } + if ( -not $service ){ + Write-Host -ForegroundColor "`t Service $($params.name) not found" + return + } Write-Host -NoNewline "`tDisable service $($params.name) : " - if ( $service.StartType -eq "Disable") { - Write-Host -ForegroundColor Yellow "already disabled" - return - } + if ( $service.StartType -eq "Disable") { + Write-Host -ForegroundColor Yellow "already disabled" + return + } try { - Stop-Service -InputObject $service - $service | Set-Service -StartupType disabled -ErrorAction Stop - Write-Host -ForegroundColor Green "done" + $service | Set-Service -StartupType disabled -ErrorAction Stop + Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor Red "Error" + Write-Debug $Error[0].Exception.Message } finally { if ( $params.ContainsKey('userService') -and $params.userService -eq $true ) { @@ -522,21 +521,21 @@ function DisableService { function KillProcess { param( - [cmdletbinding( - DefaultParameterSetName='params' - )] + [cmdletbinding( + DefaultParameterSetName='params' + )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) Write-Host -NoNewLine "`tKilling $($params.name) : " try { Stop-Process $(Get-Process $params.name -ErrorAction SilentlyContinue ) - Write-Host -ForegroundColor Green "Done" + Write-Host -ForegroundColor Green "Done" } catch { Write-host -ForegroundColor Yellow "Not started" @@ -545,21 +544,21 @@ function KillProcess { function DelFile { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) $path = Invoke-Expression """$($params.path)""" Write-Host -NoNewline "`tDelete $path : " if ( -not (Test-Path $path) ){ Write-Host -ForegroundColor Yellow "not found" - return + return } $command = "Remove-Item -ErrorAction SilentlyContinue -Force -Path `"$path`"" if ( $params.ContainsKey('recurse') -and $params.recurse -eq $true ) { @@ -567,26 +566,26 @@ function DelFile { } try { Invoke-Expression $command - Write-Host -ForegroundColor Green "done" + Write-Host -ForegroundColor Green "done" } catch { - Write-Host -NoNewLine -ForegroundColor Red "`Error`n`t" - write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Host -ForegroundColor Red "`tError" + write-Debug $Error[0].Exception.Message } } function ExecCommand { param ( - [cmdletbinding( - DefaultParameterSetName='params' - )] - [Parameter( - ValueFromPipeline=$False, - ParameterSetName="params", - Position = 0 - )] - [object]$params - ) + [cmdletbinding( + DefaultParameterSetName='params' + )] + [Parameter( + ValueFromPipeline=$False, + ParameterSetName="params", + Position = 0 + )] + [object]$params + ) $path = $params.path.Replace("##mod_path##", $script:current_module_path) $args = $params.arguments.Replace("##mod_path##", $script:current_module_path) Write-Host "`n`tExecute $path : " @@ -601,25 +600,25 @@ function ExecCommand { } catch { Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Debug $Error[0].Exception.Message } } function ProcessModuleFile { param ( - [Parameter( - Mandatory=$true, - ValueFromPipeline=$True, - ParameterSetName="path" - )] - [string]$path - ) + [Parameter( + Mandatory=$true, + ValueFromPipeline=$True, + ParameterSetName="path" + )] + [string]$path + ) try { $mod = Get-Content $(Get-ChildItem $path).FullName -Raw | ConvertFrom-Json } catch { Write-Host -ForegroundColor Red "Error While Loading JSON : $path `n`n" - #Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Debug $Error[0].Exception.Message return } Write-Host -ForegroundColor White "`nProcess Module $($mod.name) `n" @@ -628,20 +627,20 @@ function ProcessModuleFile { $action_file = "" $current_action = @{} $script:current_module_path = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + '\' - foreach( $p in $_.psobject.properties.name ){ - $current_action[$p] = $_.$p - } + foreach( $p in $_.psobject.properties.name ){ + $current_action[$p] = $_.$p + } if ( -not $current_action.ContainsKey('action') ) { Write-Host -ForegroundColor Red "`tError : action not found" - return + return } # If action content a file element, need to test if file exist if ( $current_action.ContainsKey('file')) { $action_file = $script:current_module_path + $current_action.file - if ( -not (Test-Path $action_file) ) { - Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found`n" - return - } + if ( -not (Test-Path $action_file) ) { + Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found`n" + return + } $current_action.file = $action_file } # Invoke function @@ -671,15 +670,15 @@ try { } catch { Write-Host -NoNewline -ForegroundColor Red "Error while mounting Registery`n`t" - Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message + Write-Debug $Error[0].Exception.Message return } -#We need access to users registry hive for applying mofidication to existing users +#We need access to users registry hive for applying modifications to existing users $profile_list = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" Get-LocalUser | Where-Object { $_.Enabled -eq $true } | foreach { $current_user_path = Get-ItemPropertyValue -Path "$profile_list$($_.SID.Value)\" -Name "ProfileImagePath" - $script:users += @{name = $_.name;'sid' = $_.SID.Value; 'was_mounted' = $false; 'directory' = $current_user_path} + $script:users += @{name = $_.name;'sid' = $_.SID.Value; 'was_mounted' = $false; 'directory' = $current_user_path} } Write-Host "Mount users registry hives :" @@ -692,7 +691,7 @@ $script:users | foreach { } catch { Write-Host -ForegroundColor Red "Error`n`t" - Write-host $Error[0].Exception.Message + Write-Debug $Error[0].Exception.Message } } else { From 34ea37af43d68955b6710fb82592b76b290cc1bc Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 2 May 2018 23:15:22 +0200 Subject: [PATCH 83/91] Add DisableFeatures module --- modules.d/DisableFeatures.conf | 11 +++++++++++ modules.d/DisableFeatures/features.txt | 4 ++++ 2 files changed, 15 insertions(+) create mode 100644 modules.d/DisableFeatures.conf create mode 100644 modules.d/DisableFeatures/features.txt diff --git a/modules.d/DisableFeatures.conf b/modules.d/DisableFeatures.conf new file mode 100644 index 0000000..36922ea --- /dev/null +++ b/modules.d/DisableFeatures.conf @@ -0,0 +1,11 @@ +{ + "name" : "Disable Features", + "description" : "This module disable some useless Windows Features", + "actions" : [ + { + "action" : "DisableFeature", + "file" : "features.txt", + "name" : "" + } + ] +} \ No newline at end of file diff --git a/modules.d/DisableFeatures/features.txt b/modules.d/DisableFeatures/features.txt new file mode 100644 index 0000000..f50f2f1 --- /dev/null +++ b/modules.d/DisableFeatures/features.txt @@ -0,0 +1,4 @@ +Internet-Explorer-Optional-amd64 +FaxServicesClientPackage +WindowsMediaPlayer +MediaPlayback \ No newline at end of file From 32a89d13687cff3dadd8c421d668240c2841105a Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Wed, 2 May 2018 23:50:48 +0200 Subject: [PATCH 84/91] Update README --- README.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 3437aa2..b3651e3 100644 --- a/README.md +++ b/README.md @@ -30,6 +30,9 @@ CleanW10 réalise beaucoup d'actions, en voici une liste non exhaustive : lancer CleanW10**. * Désactivation des droits pour les applications (caméra, localisation, synchronisation des contacts / calendriers etc.) + * Modifications des paramètres relatifs au programme d’amélioration de + l’expérience utilisateur (apprentissage de la saisie clavier, envoi de + rapports d'erreurs ...) * Désactivation des services relatifs aux données personnelles / de télémétrie. * Supression des tâches planifiées problématiques pour les données @@ -70,8 +73,7 @@ executer, par défaut ``./modules.d/``. Elle est imcompatible avec ``-module`` ### -debug -Affiche des information de debug en plus des messages relatifs au script. Il y -en a très peu (pour le moment) +Affiche des information de debug en plus des messages relatifs au script. # Comment ça marche? @@ -94,15 +96,15 @@ Voici un exemple de fichier module : "_comment" : "Block IP relative to Skype and Messenger", "action" : "FwBlockOutputIP", "file" : "skype-msn.txt" - } - ] + } + ] } ``` Chaque module contient un nom (``name``), une description (``description``) et une série d'actions à réaliser (``actions``). -uen action contient une action à réaliser (ici ``FwBlockOutputIP``), +Une action contient une instruction à réaliser (ici ``FwBlockOutputIP``), éventuellement un commentaire (``_comment``) puis un ou plusieurs paramètre(s) en fonction de l'action. Voici une liste des actions disponibles : From 0ce53123bb6c6c6c47d25cfe34dc0c7874cb7f4c Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 18 Feb 2020 17:10:43 +0100 Subject: [PATCH 85/91] Add some application to Uninstall --- modules.d/UninstallModernApp/MicrosoftApps.txt | 7 ++++--- modules.d/UninstallModernApp/OthersApps.txt | 17 +++++++++++++++-- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/modules.d/UninstallModernApp/MicrosoftApps.txt b/modules.d/UninstallModernApp/MicrosoftApps.txt index 09edebf..7b21b5b 100644 --- a/modules.d/UninstallModernApp/MicrosoftApps.txt +++ b/modules.d/UninstallModernApp/MicrosoftApps.txt @@ -1,4 +1,5 @@ Microsoft.3dbuilder +Microsoft.Advertising.Xaml Microsoft.Appconnector Microsoft.BingFinance Microsoft.BingFoodAndDrink @@ -17,6 +18,7 @@ Microsoft.MicrosoftPowerBIForWindows Microsoft.MicrosoftSolitaireCollection Microsoft.MicrosoftStickyNotes Microsoft.MinecraftUWP +Microsoft.MixedReality.Portal Microsoft.MSPaint Microsoft.Office.OneNote Microsoft.Office.Sway @@ -35,7 +37,6 @@ Microsoft.WindowsFeedbackHub Microsoft.WindowsMaps Microsoft.WindowsPhone Microsoft.WindowsSoundRecorder -Microsoft.WindowsStore +Microsoft.YourPhone Microsoft.ZuneMusic -Microsoft.ZuneVideo -Microsoft.Advertising.Xaml +Microsoft.ZuneVideo \ No newline at end of file diff --git a/modules.d/UninstallModernApp/OthersApps.txt b/modules.d/UninstallModernApp/OthersApps.txt index 2c219a4..34750e0 100644 --- a/modules.d/UninstallModernApp/OthersApps.txt +++ b/modules.d/UninstallModernApp/OthersApps.txt @@ -1,13 +1,26 @@ -DolbyLaboratories.DolbyAccess -Expedia.ExpediaHotelsFlightsCarsActivities 2414FC7A.Viber 64885BlueEdge.OneCalendar +7906AAC0.TOSHIBAManual +7906AAC0.TOSHIBAPCInformation +7906AAC0.TOSHIBAServiceStation +7906AAC0.TOSHIBASettings 89006A2E.AutodeskSketchBook +906AAC0.TOSHIBAPCInformation 9E2F88E3.Twitter A278AB0D.DisneyMagicKingdoms A278AB0D.MarchofEmpires +Amazon.com.Amazon CAF9E577.Plex +CyberLinkCorp.to.PowerDVDforToshiba +DolbyLaboratories.DolbyAccess +Expedia.ExpediaHotelsFlightsCarsActivities king.com.BubbleWitch3Saga +king.com.CandyCrushFriends king.com.CandyCrushSodaSaga +king.com.FarmHeroesSaga SpotifyAB.SpotifyMusic WinZipComputing.WinZipUniversal +WinZipComputing.41990D275AB9A + + + From 08ed26843296ac177a294834559180c80897c9cd Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 18 Feb 2020 17:34:45 +0100 Subject: [PATCH 86/91] Block new version of Edge --- modules.d/FW_ProgramsApps.conf | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/modules.d/FW_ProgramsApps.conf b/modules.d/FW_ProgramsApps.conf index 3beb8b7..998eb97 100644 --- a/modules.d/FW_ProgramsApps.conf +++ b/modules.d/FW_ProgramsApps.conf @@ -119,7 +119,12 @@ "name" : "EdgeCP", "path" : "$env:systemroot\\systemapps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdgeCP.exe" }, - + { + "_comment" : "Same as above, but new versions of this exe is located in system32", + "action" : "FwBlockProgram", + "name" : "EdgeCP", + "path" : "$env:systemroot\\System32\\MicrosoftEdgeCP.exe" + }, { "action" : "FwBlockProgram", "name" : "cleanw10_Cortana", From 822af6e0f51fe3d1a38d12ea7f08cd58cf43af35 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Tue, 18 Feb 2020 17:26:29 +0100 Subject: [PATCH 87/91] Host doesn't blacklist IP with firewall anymore (cherry picked from commit 3aef40fd40e25ae00cee37cb30af69ce2cfd9ad1) --- modules.d/FW_Hosts.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules.d/FW_Hosts.conf b/modules.d/FW_Hosts.conf index f65f46a..961da41 100644 --- a/modules.d/FW_Hosts.conf +++ b/modules.d/FW_Hosts.conf @@ -6,7 +6,7 @@ "action" : "BlockHost", "file" : "base.txt", "host" : "", - "firewall" : true + "firewall" : false }, { "action" : "BlockHost", From 4faa0cc9e5101a55c294dbc0db6bdb73998836bd Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 27 Mar 2020 10:50:30 +0100 Subject: [PATCH 88/91] Change restriction type to User Controled --- modules.d/GPO_Microphone.conf | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/modules.d/GPO_Microphone.conf b/modules.d/GPO_Microphone.conf index 2cdb2d4..baef3c7 100644 --- a/modules.d/GPO_Microphone.conf +++ b/modules.d/GPO_Microphone.conf @@ -8,10 +8,10 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessMicrophone", - "value" : "2" + "value" : "0" }, { - "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", + "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessMicrophone_UserInControlOfTheseApps", @@ -27,7 +27,8 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessMicrophone_ForceDenyTheseApps", - "type" : "MultiString" + "type" : "MultiString", + "value" : "Microsoft.MicrosoftEdge_8wekyb3d8bbwe Microsoft.Win32WebViewHost_cw5n1h2txyewy Microsoft.Windows.Cortana_cw5n1h2txyewy Microsoft.WindowsStore_8wekyb3d8bbwe Microsoft.XboxGamingOverlay_8wekyb3d8bbwe" } ] -} \ No newline at end of file +} From e6e9b3afc5eb8f09b5747aecd0371b795d4c9ac5 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 27 Mar 2020 11:00:47 +0100 Subject: [PATCH 89/91] Change restriction type to User Controled --- modules.d/GPO_Camera.conf | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/modules.d/GPO_Camera.conf b/modules.d/GPO_Camera.conf index 299e298..6625600 100644 --- a/modules.d/GPO_Camera.conf +++ b/modules.d/GPO_Camera.conf @@ -8,7 +8,7 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessCamera", - "value" : "2" + "value" : "0" }, { "_comment" : "The 3 bottom k eys seems to be some kind of ACL for App right", @@ -27,7 +27,8 @@ "action" : "AddRegKey", "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", "key" : "LetAppsAccessCamera_ForceDenyTheseApps", - "type" : "MultiString" + "type" : "MultiString", + "value" : "Microsoft.MicrosoftEdge_8wekyb3d8bbwe Microsoft.Win32WebViewHost_cw5n1h2txyewy Microsoft.Windows.Cortana_cw5n1h2txyewy Microsoft.WindowsStore_8wekyb3d8bbwe Microsoft.XboxGamingOverlay_8wekyb3d8bbwe" } ] } From 5de4c2ba1d7b2f8fd7c8cbd2b275a5e8fd9c3e05 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 27 Mar 2020 11:09:21 +0100 Subject: [PATCH 90/91] Add Voice Activation restriction --- modules.d/GPO_VoiceActivation.conf | 33 ++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 modules.d/GPO_VoiceActivation.conf diff --git a/modules.d/GPO_VoiceActivation.conf b/modules.d/GPO_VoiceActivation.conf new file mode 100644 index 0000000..cda9165 --- /dev/null +++ b/modules.d/GPO_VoiceActivation.conf @@ -0,0 +1,33 @@ +{ + "name" : "Account Info (GPO)", + "description" : "This module desactivate Account Info access for third party Apps like GPO did.", + "actions" : + [ + { + "_comment" : "This is the principal reg key controlled by GPO", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsActivateWithVoice", + "value" : "2" + }, + { + "_comment" : "The 3 bottom keys seems to be some kind of ACL for App right", + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsActivateWithVoice_UserInControlOfTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsActivateWithVoice_ForceAllowTheseApps", + "type" : "MultiString" + }, + { + "action" : "AddRegKey", + "path" : "HKLM:\\SOFTWARE\\Policies\\Microsoft\\Windows\\AppPrivacy", + "key" : "LetAppsActivateWithVoice_ForceDenyTheseApps", + "type" : "MultiString" + } + ] +} From 43ab9298082115684c633b9412f30b8e8393b1c5 Mon Sep 17 00:00:00 2001 From: Yorick Barbanneau Date: Fri, 27 Mar 2020 11:17:28 +0100 Subject: [PATCH 91/91] Add dell MAxAudio App --- modules.d/UninstallModernApp/OthersApps.txt | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/modules.d/UninstallModernApp/OthersApps.txt b/modules.d/UninstallModernApp/OthersApps.txt index 34750e0..ca4e4e3 100644 --- a/modules.d/UninstallModernApp/OthersApps.txt +++ b/modules.d/UninstallModernApp/OthersApps.txt @@ -12,6 +12,7 @@ A278AB0D.MarchofEmpires Amazon.com.Amazon CAF9E577.Plex CyberLinkCorp.to.PowerDVDforToshiba +WavesAudio.MaxxAudioProforDell2019 DolbyLaboratories.DolbyAccess Expedia.ExpediaHotelsFlightsCarsActivities king.com.BubbleWitch3Saga @@ -21,6 +22,3 @@ king.com.FarmHeroesSaga SpotifyAB.SpotifyMusic WinZipComputing.WinZipUniversal WinZipComputing.41990D275AB9A - - -