ephase/win10-privacy-script
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: ephase:5536ab63b335c5391649a632d06b11ac9d1d710f
Branches Tags
ephase:master
ephase:dev
...
compare: ephase:e2fe868454f84c78b67cc26aa04c328854f31d91
Branches Tags
ephase:master
ephase:dev

8 commits
5536ab63b3 ... e2fe868454

Author SHA1 Message Date
Yorick Barbanneau
e2fe868454 Test if registry key value is null of empty in AddRegKey() 2018-04-16 16:29:55 +02:00
Yorick Barbanneau
00e4a21767 Better output for AddRegKey() 2018-04-12 01:39:42 +02:00
Yorick Barbanneau
5e9148b111 Rework message output for ExecCommand() 2018-04-12 00:57:00 +02:00
Yorick Barbanneau
10eecf17f5 Add ErrorAction Stop for Get-ItemProperty in DelRegKey() 2018-04-11 23:08:20 +02:00
Yorick Barbanneau
37bb194595 Path testing was wrong 2018-04-11 22:29:18 +02:00
Yorick Barbanneau
2d9dc9743b Re-indent all file 2018-04-11 22:04:18 +02:00
Yorick Barbanneau
186b8b04eb Better output for DelRegKey() 2018-04-11 21:20:35 +02:00
Yorick Barbanneau
62e6d18efd Remove provisioned package before uninstall it for users 2018-04-11 21:17:01 +02:00
1 changed files with 305 additions and 305 deletions
Download patch file Download diff file Expand all files Collapse all files

610
cleanW10.ps1
View file

@ -1,9 +1,9 @@
param ( param (
[cmdletbinding()] [cmdletbinding()]
[string]$dir="modules.d", [string]$dir="modules.d",
[string]$module, [string]$module,
[switch]$debug = $false [switch]$debug = $false
) )
#requires -RunAsAdministrator #requires -RunAsAdministrator
Import-Module NetSecurity #Useful to manipulate firewall rules Import-Module NetSecurity #Useful to manipulate firewall rules
@ -18,94 +18,94 @@ $ProgressPreference = "SilentlyContinue"
#Thanks to https://gist.github.com/markembling/173887 #Thanks to https://gist.github.com/markembling/173887
function BlockHost { function BlockHost {
param( param(
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
if ( $params.ContainsKey('file') ) { if ( $params.ContainsKey('file') ) {
if ( -not $params.ContainsKey('firewall') -or $params.firewall -eq "" ) { if ( -not $params.ContainsKey('firewall') -or $params.firewall -eq "" ) {
$params.firewall = $false $params.firewall = $false
}
Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach{ BlockHost -params @{host=$_;firewall=$params.firewall} }
} }
Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach{ BlockHost -params @{host=$_;firewall=$params.firewall} }
}
elseif ( $params.ContainsKey('host') -and $params.host -ne "" ) { elseif ( $params.ContainsKey('host') -and $params.host -ne "" ) {
Write-Host "`n`tBlock host $($params.host) : " Write-Host "`n`tBlock host $($params.host) : "
try { try {
if ( $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){ if ( $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){
#If host is inhosts.conf, verify that ip is blocked in FW #If host is inhosts.conf, verify that ip is blocked in FW
if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) { if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) {
$tmp = Get-Content $HOST_FILE | Where { $_ -ne "$HOST_IP`t`t$($params.host)" } $tmp = Get-Content $HOST_FILE | Where { $_ -ne "$HOST_IP`t`t$($params.host)" }
Set-Content $HOST_FILE $tmp Set-Content $HOST_FILE $tmp
BlockHostByIP $params.host BlockHostByIP $params.host
$HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE
}
Write-Host -ForegroundColor Yellow "`t`tHost Already blocked"
}
else {
if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) {
BlockHostByIP $params.host
}
$HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE $HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE
Write-Host -ForegroundColor Green "`t`tHost blocked"
} }
Write-Host -ForegroundColor Yellow "`t`tHost Already blocked"
} }
else {
if ( $params.ContainsKey('firewall') -and $params.firewall -eq $true ) {
BlockHostByIP $params.host
}
$HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE
Write-Host -ForegroundColor Green "`t`tHost blocked"
}
}
catch { catch {
Write-Host -NoNewline -ForegroundColor Red "`t`terror`n`t`t" Write-Host -NoNewline -ForegroundColor Red "`t`terror`n`t`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
} }
} }
else { else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
} }
} }
function BlockHostByIP { function BlockHostByIP {
param( param(
[string]$hostname [string]$hostname
) )
#$resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString #$resolv = [system.net.Dns]::GetHostAddresses($hostname) | Select IPAddressToString
$resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | Where { $_.type -match "^A{1,4}$" } | select Address $resolv = Resolve-DnsName $hostname -ErrorAction SilentlyContinue | Where { $_.type -match "^A{1,4}$" } | select Address
$resolv | Foreach { $resolv | Foreach {
Write-Host -NoNewLine "`t" Write-Host -NoNewLine "`t"
$ip = $_.Address $ip = $_.Address
Write-Debug "Found a valid IP $ip" Write-Debug "Found a valid IP $ip"
$rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $ip } | Get-NetFirewallRule
if ( $rule ) { if ( $rule ) {
write-host -NoNewLine "`tFW Rule exist : " write-host -NoNewLine "`tFW Rule exist : "
write-host -ForegroundColor yellow $rule.name write-host -ForegroundColor yellow $rule.name
}
else {
FwBlockOutputIP @{
ip=$ip;
name="H_$hostname"
}
}
} }
else {
FwBlockOutputIP @{
ip=$ip;
name="H_$hostname"
}
}
}
} }
function IsHostAlreadyBlocked { function IsHostAlreadyBlocked {
param([string]$filename, [string]$hostname) param([string]$filename, [string]$hostname)
$c = Get-Content $filename | where { $_ -eq "$HOST_IP`t`t$hostname" } $c = Get-Content $filename | where { $_ -eq "$HOST_IP`t`t$hostname" }
Write-Debug "`tMatch hostname on host file : $c" Write-Debug "`tMatch hostname on host file : $c"
if ( $c ) { if ( $c ) {
return $true return $true
} }
return $false return $false
} }
function FwBlockOutputIP { function FwBlockOutputIP {
param( param(
[object]$params [object]$params
) )
if ( $params.ContainsKey('file') ) { if ( $params.ContainsKey('file') ) {
Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockOutputIP @{ip=$_} } Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockOutputIP @{ip=$_} }
} }
elseif ( $params.ContainsKey('ip') ) { elseif ( $params.ContainsKey('ip') ) {
if (-not $params.ContainsKey('name') -or $params.name -eq "" ) { if (-not $params.ContainsKey('name') -or $params.name -eq "" ) {
$name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.ip $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.ip
} }
else { else {
$name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.name + "-" + $params.ip $name = $FW_RULE_NAME_PREFIX + "_IP_" + $params.name + "-" + $params.ip
@ -113,8 +113,8 @@ function FwBlockOutputIP {
Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : " Write-Host -NoNewline "`tAdd FW IP rule $name ($($params.ip)) : "
$rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $params.ip } | Get-NetFirewallRule $rule = Get-NetFirewallAddressFilter | Where-Object { $_.RemoteAddress -eq $params.ip } | Get-NetFirewallRule
if ( $rule ) { if ( $rule ) {
write-host -NoNewLine " exist : " write-host -NoNewLine " exist : "
write-host -ForegroundColor yellow $rule.name write-host -ForegroundColor yellow $rule.name
} }
else { else {
Try { Try {
@ -122,114 +122,114 @@ function FwBlockOutputIP {
} }
Catch { Catch {
Write-Host -ForegroundColor Red "error" Write-Host -ForegroundColor Red "error"
return return
} }
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
} }
else { else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
} }
} }
function FwBlockProgram { function FwBlockProgram {
param ( param (
[cmdletbinding( [cmdletbinding(
DefaultParameterSetName='params' DefaultParameterSetName='params'
)] )]
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
if ( $params.ContainsKey('file') ) { if ( $params.ContainsKey('file') ) {
Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockProgram @{path=$_} } Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | Foreach { FwBlockProgram @{path=$_} }
} }
elseif ( $params.ContainsKey('path') ) { elseif ( $params.ContainsKey('path') ) {
$path = Invoke-Expression """$($params.path)""" $path = Invoke-Expression """$($params.path)"""
if ( -not $params.ContainsKey('name') -or $params.name -eq "" ) { if ( -not $params.ContainsKey('name') -or $params.name -eq "" ) {
$name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.path $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.path
} }
$name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.name $name = $FW_RULE_NAME_PREFIX + "_PROG_" + $params.name
Write-Host -NoNewline "`tAdd FW program rule $name ($($path)) : " Write-Host -NoNewline "`tAdd FW program rule $name ($($path)) : "
if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) { if ( Get-NetFirewallRule -Name $name -ErrorAction SilentlyContinue) {
Write-Host -ForegroundColor Yellow "already exist" Write-Host -ForegroundColor Yellow "already exist"
return return
} }
if ( -not (Test-Path $path) ) { if ( -not (Test-Path $path) ) {
Write-Host -Foregroundcolor Red "Error (path not found)" Write-Host -Foregroundcolor Red "Error (path not found)"
return return
} }
try { try {
New-NetFirewallRule -Name "$name" -DisplayName "$name (program : $($params.path))" -Program "$path" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress any -Action Block | Out-Null New-NetFirewallRule -Name "$name" -DisplayName "$name (program : $($params.path))" -Program "$path" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress any -Action Block | Out-Null
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
catch { catch {
Write-Host -ForegroundColor Red "error" Write-Host -ForegroundColor Red "error"
} }
} }
else { else {
Write-Host -ForegroundColor Red "`tError : No path or file for action $($MyInvocation.MyCommand.Name)" Write-Host -ForegroundColor Red "`tError : No path or file for action $($MyInvocation.MyCommand.Name)"
} }
} }
function RemoveScheduledTask () { function RemoveScheduledTask () {
param ( param (
[cmdletbinding( [cmdletbinding(
DefaultParameterSetName='params' DefaultParameterSetName='params'
)] )]
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
if ( $params.ContainsKey('file') ) { if ( $params.ContainsKey('file') ) {
Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { RemoveScheduledTask @{name=$_} } Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { RemoveScheduledTask @{name=$_} }
} }
elseif ( $params.ContainsKey('name') ) { elseif ( $params.ContainsKey('name') ) {
$command = "Get-ScheduledTask -ErrorAction Stop -TaskName `"$($params.name)`"" $command = "Get-ScheduledTask -ErrorAction Stop -TaskName `"$($params.name)`""
if ($params.ContainsKey('path') -and $params.path -ne '') { if ($params.ContainsKey('path') -and $params.path -ne '') {
$command += " -TaskPath `"$($params.path)`"" $command += " -TaskPath `"$($params.path)`""
} }
else { $params.path="" } else { $params.path="" }
try { try {
$task = Invoke-Expression $command $task = Invoke-Expression $command
Write-Host -NoNewline "`tRemove task $($params.name) : " Write-Host -NoNewline "`tRemove task $($params.name) : "
$task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false $task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
catch [Microsoft.PowerShell.Cmdletization.Cim.CimJobException]{ catch [Microsoft.PowerShell.Cmdletization.Cim.CimJobException]{
Write-Host -ForegroundColor Yellow "`tScheduled Task $($params.path)$($params.name) not found" Write-Host -ForegroundColor Yellow "`tScheduled Task $($params.path)$($params.name) not found"
} }
catch { catch {
Write-Host -NoNewLine -ForegroundColor Red "`tError in RemoveSheduledTask`n`t" Write-Host -NoNewLine -ForegroundColor Red "`tError in RemoveSheduledTask`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
} }
} }
else { else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
} }
} }
function AddRegKey { function AddRegKey {
param( param(
[Parameter(Mandatory=$true)] [Parameter(Mandatory=$true)]
[object]$params [object]$params
) )
if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') ) { if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') ) {
Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value`n" Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value`n"
return return
} }
if ( -not $params.ContainsKey('value') ) { if ( -not $params.ContainsKey('value') ) {
$params.value = "" $params.value = $null
} }
if ( -not $params.ContainsKey('type') -or $params.type -eq "" ){ $params.type="DWord" } if ( -not $params.ContainsKey('type') -or $params.type -eq "" ){ $params.type="DWord" }
#When keypath start with HKCU, we need to apply it ro all users #When keypath start with HKCU, we need to apply it ro all users
if ( ($params.path).StartsWith("HKCU") ) { if ( ($params.path).StartsWith("HKCU") ) {
$script:users | Foreach { $script:users | Foreach {
#If so, we need to put the key on all users hives #If so, we need to put the key on all users hives
@ -251,13 +251,12 @@ function AddRegKey {
} }
#Let's begin... #Let's begin...
Write-Host -NoNewline "`t$($params.path.substring(0,30))...$($params.key) reg key to $($params.value) : " Write-Host -NoNewline "`t$($params.path.substring(0,30))...$($params.key) reg key to '$($params.value)' : "
if ( -not (Test-Path $params.path) ){ if ( -not (Test-Path $params.path) ){
Write-Host -NoNewline -ForegroundColor DarkGreen "creating path " Write-Host -NoNewline -ForegroundColor DarkGreen "creating path "
try { try {
New-Item -Path $params.path -Force | Out-Null New-Item -Path $params.path -Force | Out-Null
} }
catch { catch {
Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" Write-Host -NoNewLine -ForegroundColor Red "Error`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
@ -267,12 +266,13 @@ function AddRegKey {
# Test if the key already exist # Test if the key already exist
try { try {
$current_value = Get-ItemPropertyValue -Path $params.path -Name $params.key $current_value = (Get-ItemPropertyValue -Path $params.path -Name $params.key)
if ( $current_value -eq $params.value ) { #current_value and params.value both empty need a special condition
if ( ( [string]::IsNullOrWhitespace($current_value) -and [string]::IsNullOrWhitespace($params.value) ) -or ($current_value -eq $params.value) ) {
Write-Host -ForegroundColor Yellow "Already done" Write-Host -ForegroundColor Yellow "Already done"
return return
} }
else { Write-Host -NoNewline -ForegroundColor DarkGreen "old value $current_value " } else { Write-Host -NoNewline -ForegroundColor DarkGreen " old value $current_value - " }
} }
catch { catch {
Write-Host -NoNewline -ForegroundColor DarkGreen "new key " Write-Host -NoNewline -ForegroundColor DarkGreen "new key "
@ -293,11 +293,11 @@ function AddRegKey {
} }
function DelRegKey { function DelRegKey {
param( param(
[Parameter(Mandatory=$true)] [Parameter(Mandatory=$true)]
[object]$params [object]$params
) )
#When keypath start with HKCU, we need to apply it ro all users #When keypath start with HKCU, we need to apply it ro all users
if ( ($params.path).StartsWith("HKCU") ) { if ( ($params.path).StartsWith("HKCU") ) {
$script:users | Foreach { $script:users | Foreach {
#If so, we need to put the key on all users hives #If so, we need to put the key on all users hives
@ -319,15 +319,14 @@ function DelRegKey {
return return
} }
try { try {
Get-ItemProperty -Path $params.path -Name $params.key Get-ItemProperty -Path $params.path -Name $params.key -ErrorAction Stop | Out-Null
} }
catch { catch {
Write-Host -ForegroundColor Yellow "key already deleted" Write-Host -ForegroundColor Yellow "key not exist (already deleted?)"
return return
} }
try { try {
Remove-ItemProperty -Path $params.path -Name $params.key
#Remove-ItemProperty -Path $params.path -Name $params.key
Write-host -ForegroundColor Green "done" Write-host -ForegroundColor Green "done"
} }
catch [System.Security.SecurityException]{ catch [System.Security.SecurityException]{
@ -341,103 +340,102 @@ function DelRegKey {
function DisableFeature { function DisableFeature {
param ( param (
[cmdletbinding( [cmdletbinding(
DefaultParameterSetName='params' DefaultParameterSetName='params'
)] )]
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
if ( $params.ContainsKey('file') ) { if ( $params.ContainsKey('file') ) {
Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { DisableFeature @{name=$_} } Get-Content $params.file | where { $_ -notmatch "^#.*$|^$" } | foreach { DisableFeature @{name=$_} }
} }
elseif ( $params.ContainsKey('name') ) { elseif ( $params.ContainsKey('name') ) {
$feature = $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English) $feature = $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English)
$name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]} $name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]}
if (-not $name){ if (-not $name){
Write-Host -ForegroundColor Yellow "`tFeature $params.name not found" Write-Host -ForegroundColor Yellow "`tFeature $params.name not found"
return return
} }
Write-Host -NoNewline "`tDisable Feature $name : " Write-Host -NoNewline "`tDisable Feature $name : "
if ( $($feature | Select-String "state") -match "Disable" ){ if ( $($feature | Select-String "state") -match "Disable" ){
Write-Host -ForegroundColor Yellow "already disable" Write-Host -ForegroundColor Yellow "already disable"
return return
} }
try { try {
Dism /online /Disable-Feature /FeatureName:$name /NoRestart | Out-Null Dism /online /Disable-Feature /FeatureName:$name /NoRestart | Out-Null
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
catch { catch {
Write-Host -ForegroundColor Red "error" Write-Host -ForegroundColor Red "error"
} }
} }
else { else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
} }
} }
function UninstallModernApp { function UninstallModernApp {
param( param(
[cmdletbinding( [cmdletbinding(
DefaultParameterSetName='params' DefaultParameterSetName='params'
)] )]
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
if ( $params.ContainsKey('removeProvisioned') -and $params.removeProvisioned -eq $true ) {
UninstallModernProvisionedApp $params
}
if ( $params.ContainsKey('file') ) { if ( $params.ContainsKey('file') ) {
$pkgs = $(Get-AppxPackage -AllUsers).name $pkgs = $(Get-AppxPackage -AllUsers).name
$uninstall_list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } $uninstall_list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" }
$pkgs | Where-Object { $_ -in $uninstall_list } | Foreach { $pkgs | Where-Object { $_ -in $uninstall_list } | Foreach {
UninstallModernApp @{name=$_} UninstallModernApp @{name=$_}
} }
$uninstall_list | Where-Object { $_ -notin $pkgs } | Foreach { $uninstall_list | Where-Object { $_ -notin $pkgs } | Foreach {
Write-Host -ForegroundColor Yellow "`tModern App $_ not installed" Write-Host -ForegroundColor Yellow "`tModern App $_ not installed"
} }
} }
elseif ( $params.ContainsKey('name') ) { elseif ( $params.ContainsKey('name') ) {
Write-Host -NoNewLine "`tUninstall $($params.name) : " Write-Host -NoNewLine "`tUninstall $($params.name) : "
try { try {
$(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage -AllUsers) $(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage -AllUsers)
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
catch { catch {
Write-Host -NoNewLine -ForegroundColor Red "Error `n`t" Write-Host -NoNewLine -ForegroundColor Red "Error `n`t"
write-Host -ForegroundColor DarkRed $_ write-Host -ForegroundColor DarkRed $_
} }
} }
else { else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
return
}
if ( $params.ContainsKey('removeProvisioned') -and $params.removeProvisioned -eq $true ) {
UninstallModernProvisionedApp $params
} }
} }
function UninstallModernProvisionedApp { function UninstallModernProvisionedApp {
param( param(
[cmdletbinding( [cmdletbinding(
DefaultParameterSetName='params' DefaultParameterSetName='params'
)] )]
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
if ( $params.ContainsKey('file') ) { if ( $params.ContainsKey('file') ) {
$pkgs = $(Get-AppxProvisionedPackage -Online).DisplayName $pkgs = $(Get-AppxProvisionedPackage -Online).DisplayName
$list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" }
$pkgs | Where-Object { $_ -in $list } | Foreach { $pkgs | Where-Object { $_ -in $list } | Foreach {
UninstallModernProvisionedApp @{name=$_} UninstallModernProvisionedApp @{name=$_}
} }
$list | Where-Object { $_ -notin $pkgs } | Foreach { $list | Where-Object { $_ -notin $pkgs } | Foreach {
@ -446,36 +444,36 @@ function UninstallModernProvisionedApp {
} }
elseif ( $params.ContainsKey('name') ){ elseif ( $params.ContainsKey('name') ){
Write-Host -NoNewLine "`tUninstall Provisioned $($params.name) :" Write-Host -NoNewLine "`tUninstall Provisioned $($params.name) :"
try { try {
$(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -eq $($params.name) }) | Remove-AppxProvisionedPackage -Online | Out-Null $(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -eq $($params.name) }) | Remove-AppxProvisionedPackage -Online | Out-Null
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
catch { catch {
Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t" Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t"
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
return return
} }
} }
else { else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)" Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
} }
} }
function DisableService { function DisableService {
param ( param (
[cmdletbinding( [cmdletbinding(
DefaultParameterSetName='params' DefaultParameterSetName='params'
)] )]
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
if ( $params.ContainsKey('file') ) { if ( $params.ContainsKey('file') ) {
$services = $(Get-Service).name $services = $(Get-Service).name
$list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" } $list = Get-Content $params.file | Where { $_ -notmatch "^#.*$|^$" }
$services | Where-Object { $_ -in $list } | Foreach { $services | Where-Object { $_ -in $list } | Foreach {
DisableService @{name=$_} DisableService @{name=$_}
} }
@ -486,24 +484,24 @@ function DisableService {
} }
elseif ( $params.ContainsKey('name') ) { elseif ( $params.ContainsKey('name') ) {
$service = Get-Service -Name $params.name $service = Get-Service -Name $params.name
if ( -not $service ){ if ( -not $service ){
Write-Host -ForegroundColor "`t Service $($params.name) not found" Write-Host -ForegroundColor "`t Service $($params.name) not found"
return return
} }
Write-Host -NoNewline "`tDisable service $($params.name) : " Write-Host -NoNewline "`tDisable service $($params.name) : "
if ( $service.StartType -eq "Disable") { if ( $service.StartType -eq "Disable") {
Write-Host -ForegroundColor Yellow "already disabled" Write-Host -ForegroundColor Yellow "already disabled"
return return
} }
try { try {
Stop-Service -InputObject $service Stop-Service -InputObject $service
$service | Set-Service -StartupType disabled -ErrorAction Stop $service | Set-Service -StartupType disabled -ErrorAction Stop
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
catch { catch {
Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" Write-Host -NoNewLine -ForegroundColor Red "Error`n`t"
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
} }
finally { finally {
if ( $params.ContainsKey('userService') -and $params.userService -eq $true ) { if ( $params.ContainsKey('userService') -and $params.userService -eq $true ) {
@ -524,21 +522,21 @@ function DisableService {
function KillProcess { function KillProcess {
param( param(
[cmdletbinding( [cmdletbinding(
DefaultParameterSetName='params' DefaultParameterSetName='params'
)] )]
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
Write-Host -NoNewLine "`tKilling $($params.name) : " Write-Host -NoNewLine "`tKilling $($params.name) : "
try { try {
Stop-Process $(Get-Process $params.name -ErrorAction SilentlyContinue ) Stop-Process $(Get-Process $params.name -ErrorAction SilentlyContinue )
Write-Host -ForegroundColor Green "Done" Write-Host -ForegroundColor Green "Done"
} }
catch { catch {
Write-host -ForegroundColor Yellow "Not started" Write-host -ForegroundColor Yellow "Not started"
@ -547,21 +545,21 @@ function KillProcess {
function DelFile { function DelFile {
param ( param (
[cmdletbinding( [cmdletbinding(
DefaultParameterSetName='params' DefaultParameterSetName='params'
)] )]
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
$path = Invoke-Expression """$($params.path)""" $path = Invoke-Expression """$($params.path)"""
Write-Host -NoNewline "`tDelete $path : " Write-Host -NoNewline "`tDelete $path : "
if ( -not (Test-Path $path) ){ if ( -not (Test-Path $path) ){
Write-Host -ForegroundColor Yellow "not found" Write-Host -ForegroundColor Yellow "not found"
return return
} }
$command = "Remove-Item -ErrorAction SilentlyContinue -Force -Path `"$path`"" $command = "Remove-Item -ErrorAction SilentlyContinue -Force -Path `"$path`""
if ( $params.ContainsKey('recurse') -and $params.recurse -eq $true ) { if ( $params.ContainsKey('recurse') -and $params.recurse -eq $true ) {
@ -569,52 +567,53 @@ function DelFile {
} }
try { try {
Invoke-Expression $command Invoke-Expression $command
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
catch { catch {
Write-Host -NoNewLine -ForegroundColor Red "`Error`n`t" Write-Host -NoNewLine -ForegroundColor Red "`Error`n`t"
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
} }
} }
function ExecCommand { function ExecCommand {
param ( param (
[cmdletbinding( [cmdletbinding(
DefaultParameterSetName='params' DefaultParameterSetName='params'
)] )]
[Parameter( [Parameter(
ValueFromPipeline=$False, ValueFromPipeline=$False,
ParameterSetName="params", ParameterSetName="params",
Position = 0 Position = 0
)] )]
[object]$params [object]$params
) )
$path = $params.path.Replace("##mod_path##", $script:current_module_path) $path = $params.path.Replace("##mod_path##", $script:current_module_path)
$args = $params.arguments.Replace("##mod_path##", $script:current_module_path) $args = $params.arguments.Replace("##mod_path##", $script:current_module_path)
Write-Host -NoNewline "`tExecute : $path : " Write-Host "`n`tExecute $path : "
$path = Invoke-Expression """$($path)""" $path = Invoke-Expression """$($path)"""
if ( -not (Test-Path $path) -and -not $path -eq "powershell" ) { if ( -not ((Test-Path $path) -or $path -eq "powershell") ) {
Write-Host -ForegroundColor Yellow "File not found" Write-Host -ForegroundColor Yellow "`t`tFile not found"
return return
} }
try { try {
Start-Process -NoNewWindow -wait -filepath $path -ArgumentList $args Start-Process -NoNewWindow -wait -filepath $path -ArgumentList $args -ErrorAction Stop
Write-Host -ForegroundColor Green "`t`tExecution done"
} }
catch { catch {
Write-Host -NoNewLine -ForegroundColor Red "Error`n`t" Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t`t"
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
} }
} }
function ProcessModuleFile { function ProcessModuleFile {
param ( param (
[Parameter( [Parameter(
Mandatory=$true, Mandatory=$true,
ValueFromPipeline=$True, ValueFromPipeline=$True,
ParameterSetName="path" ParameterSetName="path"
)] )]
[string]$path [string]$path
) )
try { try {
$mod = Get-Content $(Get-ChildItem $path).FullName -Raw | ConvertFrom-Json $mod = Get-Content $(Get-ChildItem $path).FullName -Raw | ConvertFrom-Json
} }
@ -629,20 +628,20 @@ function ProcessModuleFile {
$action_file = "" $action_file = ""
$current_action = @{} $current_action = @{}
$script:current_module_path = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + '\' $script:current_module_path = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + '\'
foreach( $p in $_.psobject.properties.name ){ foreach( $p in $_.psobject.properties.name ){
$current_action[$p] = $_.$p $current_action[$p] = $_.$p
} }
if ( -not $current_action.ContainsKey('action') ) { if ( -not $current_action.ContainsKey('action') ) {
Write-Host -ForegroundColor Red "`tError : action not found" Write-Host -ForegroundColor Red "`tError : action not found"
return return
} }
# If action content a file element, need to test if file exist # If action content a file element, need to test if file exist
if ( $current_action.ContainsKey('file')) { if ( $current_action.ContainsKey('file')) {
$action_file = $script:current_module_path + $current_action.file $action_file = $script:current_module_path + $current_action.file
if ( -not (Test-Path $action_file) ) { if ( -not (Test-Path $action_file) ) {
Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found`n" Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found`n"
return return
} }
$current_action.file = $action_file $current_action.file = $action_file
} }
# Invoke function # Invoke function
@ -672,15 +671,15 @@ try {
} }
catch { catch {
Write-Host -NoNewline -ForegroundColor Red "Error while mounting Registery`n`t" Write-Host -NoNewline -ForegroundColor Red "Error while mounting Registery`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
#return return
} }
#We need access to users registry hive for applying mofidication to existing users #We need access to users registry hive for applying mofidication to existing users
$profile_list = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\" $profile_list = "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\"
Get-LocalUser | Where-Object { $_.Enabled -eq $true } | foreach { Get-LocalUser | Where-Object { $_.Enabled -eq $true } | foreach {
$current_user_path = Get-ItemPropertyValue -Path "$profile_list$($_.SID.Value)\" -Name "ProfileImagePath" $current_user_path = Get-ItemPropertyValue -Path "$profile_list$($_.SID.Value)\" -Name "ProfileImagePath"
$script:users += @{name = $_.name;'sid' = $_.SID.Value; 'was_mounted' = $false; 'directory' = $current_user_path} $script:users += @{name = $_.name;'sid' = $_.SID.Value; 'was_mounted' = $false; 'directory' = $current_user_path}
} }
Write-Host "Mount users registry hives :" Write-Host "Mount users registry hives :"
@ -689,29 +688,30 @@ $script:users | foreach {
if ( -not (Test-Path "HKU:\$($_.sid)") ) { if ( -not (Test-Path "HKU:\$($_.sid)") ) {
try { try {
reg load "HKU\$($_.sid)" "$($_.directory)\NTUSER.DAT" 2>&1 | Out-Null reg load "HKU\$($_.sid)" "$($_.directory)\NTUSER.DAT" 2>&1 | Out-Null
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
catch { catch {
Write-Host -ForegroundColor Red "Error`n`t" Write-Host -ForegroundColor Red "Error`n`t"
Write-host $Error[0].Exception.Message Write-host $Error[0].Exception.Message
} }
} }
else { else {
$_.was_mounted = $true $_.was_mounted = $true
Write-Host -ForegroundColor Yellow "Already mounted" Write-Host -ForegroundColor Yellow "Already mounted"
} }
} }
Write-Host "Folder to process : $module"
if ( $debug ) { if ( $debug ) {
$DebugPreference = "Continue" $DebugPreference = "Continue"
} }
if ( $module -and $( Test-Path $module ) ) { if ( $module -and $( Test-Path $module ) ) {
Write-Host "File to process : $module"
$module | ProcessModuleFile $module | ProcessModuleFile
} }
else { else {
Write-Host "Folder to process : $dir"
Get-ChildItem -Path $dir -Filter "*.conf" | foreach { Get-ChildItem -Path $dir -Filter "*.conf" | foreach {
$_.FullName | ProcessModuleFile $_.FullName | ProcessModuleFile
} }
} }
Write-Host -Nonewline "`nRemove powershell access to HKCR, HKCU and HKU : " Write-Host -Nonewline "`nRemove powershell access to HKCR, HKCU and HKU : "
try { try {
@ -722,23 +722,23 @@ try {
} }
catch { catch {
Write-Host -NoNewline -ForegroundColor Red "Error`n`t" Write-Host -NoNewline -ForegroundColor Red "Error`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
} }
0
[gc]::collect() [gc]::collect()
Write-Host "`nUnload Users hives : " Write-Host "`nUnload Users hives : "
#Unmount Registery #Unmount Registery
$script:users | foreach { $script:users | foreach {
Write-Host -Nonewline "`tUnmount $($_.name) hive : " Write-Host -Nonewline "`tUnmount $($_.name) hive : "
#Need to unmount all not-connected users hives" #Need to unmount all not-connected users hives"
if ($_.was_mounted -eq $false) { if ($_.was_mounted -eq $false) {
try { try {
reg unload "HKU\$($_.sid)" 2>&1 | Out-Null reg unload "HKU\$($_.sid)" 2>&1 | Out-Null
Write-Host -foregroundColor Green "Done" Write-Host -foregroundColor Green "Done"
} }
catch { catch {
Write-Host -NoNewline -ForegroundColor Red "Error`n`t" Write-Host -NoNewline -ForegroundColor Red "Error`n`t"
Write-Host -ForegroundColor Red $Error[0].Exception.Message Write-Host -ForegroundColor Red $Error[0].Exception.Message
} }
} }
else { Write-Host -ForegroundColor Yellow "Was mounted (User connected)" } else { Write-Host -ForegroundColor Yellow "Was mounted (User connected)" }
@ -747,9 +747,9 @@ $script:users | foreach {
Write-Host -nonewline "`nUnload default user hive : " Write-Host -nonewline "`nUnload default user hive : "
try { try {
reg unload "HKU\Default" 2>&1 | Out-Null reg unload "HKU\Default" 2>&1 | Out-Null
Write-Host -ForegroundColor Green "done" Write-Host -ForegroundColor Green "done"
} }
catch { catch {
Write-Host -NoNewline -ForegroundColor Red "Error`n`t" Write-Host -NoNewline -ForegroundColor Red "Error`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
} }