#requires -RunAsAdministrator Import-Module NetSecurity #Useful to manipulate firewall rules $HOST_FILE = "$env:windir\System32\drivers\etc\hosts" $HOST_IP = "0.0.0.0" $ErrorActionPreference = "SilentlyContinue" #Thanks to https://gist.github.com/markembling/173887 function block_shitty_host { param([string]$filename, [string]$ip, [string]$hostname) remove-host $filename $hostname Write-Host -NoNewline -ForegroundColor White "Block shitty host $hostname" try { if ( ! $(is_host_present $filename $hostname) ){ $ip + "`t`t" + $hostname | Out-File -encoding ASCII -append $filename } else { Write-Host -ForegroundColor Yellow " Already blocked " return } } catch { Write-Host -ForegroundColor Red " Error " return } Write-Host -ForegroundColor Green " done " } function is_host_present { param([string]$filename, [string]$hostname) $c = Get-Content $filename foreach ($line in $c) { $bits = [regex]::Split($line, "\t+") if ($bits[1] -eq $hostname) { return $true } } return $false } function block_shitty_ip { param($ip) Write-Host -ForegroundColor white -NoNewline "Blacklist IP $ip : " if ( Get-NetFirewallRule -Name Blacklist_$ip -ErrorAction SilentlyContinue) { Write-Host -ForegroundColor Yellow "Already blacklisted" return } else { Try { New-NetFirewallRule -Name Blacklist_$ip -DisplayName "BlackList $ip" -Protocol any -Enabled True -Profile Any -RemoteAddress $ip -Action Block | Out-Null } Catch { Write-Host -Nonewline -ForegroundColor Red " Error " return } Write-Host -ForegroundColor Green " Done" } } function remove_shitty_tasks () { param($taskList) Foreach ($task in $taskList){ Write-Host -ForegroundColor white -NoNewline "Remove Task " $task if ($PSVersionTable.PSVersion.Major -gt 2) { if (Get-ScheduledTask -TaskName $task -ErrorAction SilentlyContinue) { Write-Host -NoNewline -ForegroundColor DarkGreen " found! " Write-Host -Nonewline -ForegroundColor white "removing ... " Try {Unregister-ScheduledTask -TaskName $task -ErrorAction SilentlyContinue -Confirm:$false} Catch { Write-Host -Nonewline -ForegroundColor Red " Error " } Write-Host -ForegroundColor Green " Done" } else { Write-Host -ForegroundColor Yellow " Already removed"} } else { Write-Host -Nonewline -ForegroundColor Red " Damned! this is not Windows 10!" } } } # Modify a reg value # Params : # path : the complete path to reg key # key : key name # value : The value to write function modify_shitty_reg_value { param([string]$path, [string]$key, [string]$value, [string]$type) Write-Host -ForegroundColor white -NoNewline "Modify $key reg value to $value :" if (!(Test-Path $path)){ Write-Host -ForegroundColor Gray -NoNewline " creating path " New-Item -Path $path -Force | Out-Null } try { if ($type) { Set-ItemProperty -Path $path -Name $key -Value $value -Type $type -Force } else { Set-ItemProperty -Path $path -Name $key -Value $value -Type Dword -Force } } catch [System.Security.SecurityException]{ Write-Host -ForegroundColor Red "Access denied" return } catch { Write-Host -ForegroundColor Red " Error " Write-Host $Error[0] return } Write-host -ForegroundColor Green " done " } # Function to remove shitty prog from shitty win # Params : # $name : Feature name function disable_shitty_feature { param ($name) Write-Host -NoNewline -ForegroundColor White "Disable $name feature :" $requestInstall = dism /online /Get-FeatureInfo /FeatureName:$name /English $isInstalled = $requestInstall | Select-String "state" If ($isInstalled -match "Enable") { try { Dism /online /Disable-Feature /FeatureName:$name /NoRestart | Out-Null } catch { Write-Host -ForegroundColor Red " Error" Return } Write-Host -ForegroundColor Green " done " } else { Write-Host -ForegroundColor Yellow " already disable " } } # disable "Modern App" # Params # $name : Name of modern app function disable_shitty_modern_app { param([string]$name) Write-Host -ForegroundColor white -NoNewLine "Remove $name modern app" $package = Get-AppxPackage -AllUsers -name *$name* if ( $package ) { Write-Host -ForegroundColor white -NoNewLine " installed :" try { $package | Remove-AppxPackage } catch { Write-Host -ForegroundColor Red " Uninstall error" return } Write-Host -ForegroundColor Green -NoNewLine " uninstalled" } else { Write-Host -ForegroundColor Yellow -NoNewLine " Not installed"} Write-Host -ForegroundColor white -NoNewLine " |" $provisioned = Get-AppxProvisionedPackage -Online | where-Object {$_.PackageName -like "*$name*"} if ( $provisioned ) { Write-Host -ForegroundColor White -NoNewLine " Provisonned" try { $provisioned | Remove-AppxProvisionedPackage -Online | Out-Null } catch { Write-Host -ForegroundColor red " Error" return } Write-Host -ForegroundColor Green " Done" } else { Write-Host -ForegroundColor Yellow " Not provisionned"} } function disable_shitty_service ([string]$name){ Write-Host -ForegroundColor White -NoNewline "Disable service $name :" $serv = Get-Service -name $name if ( !$serv) { Write-Host -ForegroundColor Red " Not found " return } if ( $serv.StartType -eq "Disable") { Write-Host -ForegroundColor Yellow " Already disabled" } else { service Stop-Service -InputObject $serv -PassThru | Set-Service -StartupType disabled Write-Host -ForegroundColor Green " Done " } } Write-Output "" Write-Output "I's time to kick ass and chew bubble gum" Write-Output "________________________________________" write-Output "" foreach ($line in Get-Content "lib\hosts.txt"){ block_shitty_host $HOST_FILE $HOST_IP $line } foreach ($line in Get-Content "lib\ip.txt"){ block_shitty_ip $line } foreach ($line in Get-Content "lib\features.txt"){ disable_shitty_feature $line } foreach ($line in Get-Content "lib\services.txt") { disable_shitty_featureService $line } foreach ($line in Get-Content "lib\apps.txt") { disable_shitty_modern_app $line } foreach ($line in Get-Content "lib\tasks.txt") {remove_shitty_tasks $line } #Advertiging... modify_shitty_reg_value "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\AdvertisingInfo" "Enabled" "0" modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo" "DisabledByGroupPolicy" 1 # Geoloc. modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableLocation" 1 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableLocationScripting" 1 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" "DisableWindowsLocationProvider" 1 #smartscreen filter modify_shitty_reg_value "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" "EnableWebContentEvaluation" # AllowTelemetry modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0 #OneDrive modify_shitty_reg_value "HKLM:\Software\Policies\Microsoft\Windows\OneDrive" "DisableFileSyncNGSC" 1 modify_shitty_reg_value "HKLM:\Software\Policies\Microsoft\Windows\OneDrive" "DisableFileSync" 1 modify_shitty_reg_value "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run" "OneDrive" "0300000021B9DEB396D7D001" "Binary" # Windows Defender Delivery Optimization Download modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" "DODownloadMode" "0" # WifiSense Credential Share modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseCredShared" "0" # WifiSense Open-ness modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseOpen" "0" # Windows Defender Spynet modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" "SpynetReporting" 0 # Windows Defender Sample Submission modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" "SubmitSamplesConsent" 2 # Windows Defender Behavior monitoring and Spynet reporting. modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" "DisableBehaviorMonitoring" 1 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" "SpynetReporting" 0 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" "SubmitSamplesConsent" 2 # Disable Cortana modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" "AllowCortana" "0" modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" "ConnectedSearchUseWeb" "0" # App right. modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessAccountInfo" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessCalendar" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessCallHistory" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessCamera" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessContacts" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessEmail" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessLocation" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessMessaging" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessMicrophone" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessMotion" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessRadios" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsAccessTrustedDevices" 2 modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" "LetAppsSyncWithDevices" 2 # MS Account modify_shitty_reg_value "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" "NoConnectedUser" 3 # App suggestion (Cloud Content) modify_shitty_reg_value "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Cloud Content" "DisableWindowsConsumerFeatures" 1 Write-Host "all done!"