ephase/win10-privacy-script
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
This repository has been archived on 2024-09-06. You can view files and clone it, but you cannot make any changes to it's state, such as pushing and creating new issues, pull requests or comments.
win10-privacy-script/cleanW10.ps1

580 lines
19 KiB
PowerShell
Executable file
Raw Blame History

param (
[cmdletbinding()]
[string]$dir="modules.d",
[string]$module
)
#requires -RunAsAdministrator
Import-Module NetSecurity #Useful to manipulate firewall rules
Set-StrictMode -Version 2
$PSDefaultParameterValues=@{$dir = "./modules.d"}
$HOST_FILE = "$env:windir\System32\drivers\etc\hosts"
$HOST_IP = "0.0.0.0"
$ErrorActionPreference = "Stop"
$ProgressPreference = "SilentlyContinue"
#Thanks to https://gist.github.com/markembling/173887
function BlockHost {
param(
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
if ( $params.ContainsKey('file') ) {
Foreach ($line in Get-Content $params.file ){ BlockHost -params @{host=$line} }
}
if ( $params.ContainsKey('host') -and $params.host -ne "" ) {
Write-Host -NoNewline "`t$($params.host) : "
try {
if ( ! $(IsHostAlreadyBlocked $HOST_FILE $params.host) ){
$HOST_IP + "`t`t" + $params.host | Out-File -encoding ASCII -append $HOST_FILE
}
else {
Write-Host -ForegroundColor Yellow "already blocked "
return
}
}
catch {
Write-Host -ForegroundColor Red "error"
return
}
Write-Host -ForegroundColor Green "done"
}
}
function IsHostAlreadyBlocked {
param([string]$filename, [string]$hostname)
$c = Get-Content $filename
foreach ($line in $c) {
$bits = [regex]::Split($line, "\t+")
if ($bits[1] -eq $hostname) {
return $true
}
}
return $false
}
function FwBlockOutputIP {
param(
[object]$params
)
if ( $params.ContainsKey('file') ) {
foreach ($line in Get-Content $params.file ){ FwBlockOutputIP @{"ip"="$line"} }
}
elseif ( $params.ContainsKey('ip') ) {
Write-Host -NoNewline "`t$($params.ip) : "
if ( Get-NetFirewallRule -Name Blacklist_$($params.ip) -ErrorAction SilentlyContinue) {
Write-Host -ForegroundColor Yellow "already blacklisted"
return
}
else {
Try {
New-NetFirewallRule -Name Blacklist_$($params.ip) -DisplayName "BlackList $($params.ip)" -Protocol any -Enabled True -Profile Any -RemoteAddress $params.ip -Action Block | Out-Null
}
Catch {
Write-Host -ForegroundColor Red "error"
return
}
Write-Host -ForegroundColor Green "done"
}
}
else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
}
}
function FwBlockProgram {
param (
[cmdletbinding(
DefaultParameterSetName='params'
)]
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
if ( $params.ContainsKey('file') ) {
foreach ($line in Get-Content $params.file ){ FwBlockOutputIP @{"ip"="$line"} }
}
elseif ( $params.ContainsKey('path') ) {
$path = Invoke-Expression """$($params.path)"""
Write-Host -NoNewline "`tBlock program $($path) : "
if ( -not (Test-Path $path) ) {
Write-Host -Foregroundcolor Red "Error (path not found)"
return
}
if ( -not $params.ContainsKey('name') ) {
$params.name = $params.path
}
if ( Get-NetFirewallRule -Name $($params.name) -ErrorAction SilentlyContinue) {
Write-Host -ForegroundColor Yellow "already blacklisted"
return
}
try {
New-NetFirewallRule -Name "$($params.name)" -DisplayName "$($params.name)" -Program "$path" -Direction Outbound -Protocol any -Enabled True -Profile Any -RemoteAddress any -Action Block | Out-Null
Write-Host -ForegroundColor Green "done"
}
catch {
Write-Host -ForegroundColor Red "error"
return
}
}
else {
Write-Host -ForegroundColor Red "`tError : No path or file for action $($MyInvocation.MyCommand.Name)"
}
}
function RemoveScheduledTask () {
param (
[cmdletbinding(
DefaultParameterSetName='params'
)]
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
if ( $params.ContainsKey('file') ) {
Get-Content $params.file | foreach {
RemoveScheduledTask @{name=$_}
}
}
elseif ( $params.ContainsKey('name') ) {
$command = "Get-ScheduledTask -ErrorAction Stop -TaskName `"$($params.name)`""
if ($params.ContainsKey('path') -and $params.path -ne '') {
$command += " -TaskPath `"$($params.path)`""
}
else { $params.path="" }
try {
$task = Invoke-Expression $command
Write-Host -NoNewline "`tRemove task $($params.name) : "
$task | Unregister-ScheduledTask -ErrorAction SilentlyContinue -Confirm:$false
Write-Host -ForegroundColor Green "done"
}
catch [Microsoft.PowerShell.Cmdletization.Cim.CimJobException]{
Write-Host -ForegroundColor Yellow "`tScheduled Task $($params.path)$($params.name) not found"
}
catch {
Write-Host -NoNewLine -ForegroundColor Red "`tError in RemoveSheduledTask`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
}
}
else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
}
}
function AddRegKey {
param(
[Parameter(Mandatory=$true)]
[object]$params
)
if ( -not $params.ContainsKey('path') -or -not $params.ContainsKey('key') ) {
Write-Host -ForegroundColor Red -NoNewline "Error in AddRegKey : no path, key or value`n"
return
}
if ( -not $params.ContainsKey('value') ) {
$params.value = ""
}
if ( -not $params.ContainsKey('type') -or $params.type -eq "" ){ $params.type="DWord" }
Write-Host -NoNewline "`t$($params.key) reg key to $($params.value) : "
if ( -not (Test-Path $params.path) ){
Write-Host -NoNewline "- creating path - "
try {
New-Item -Path $params.path -Force | Out-Null
}
catch {
Write-Host -NoNewLine -ForegroundColor Red "Error`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
return
}
}
try {
Set-ItemProperty -Path $params.path -Name $params.key -Value $($params.value) -Type $params.type -Force
Write-Host -ForegroundColor Green "done"
}
catch [System.Security.SecurityException]{
Write-Host -ForegroundColor Red "Error (access denied)"
}
catch {
Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
}
}
function DelRegKey {
param(
[Parameter(Mandatory=$true)]
[object]$params
)
Write-Host -NoNewline "`tDelete registery key $($params.key) : "
if ( ! (Test-Path $params.path) ){
Write-Host -ForegroundColor Red " Error path not found"
return
}
try {
Remove-ItemProperty -Path $path -Name $key
Write-host -ForegroundColor Green "done"
}
catch [System.Security.SecurityException]{
Write-Host -ForegroundColor Red "Error in DelRegKey`n`t"
Write-Host -ForegounndColor DarkRed "Access to $($params.path)\$($params.key) denied"
}
catch {
Write-Host -ForegroundColor Red -NoNewLine "Error in DelRegKey`n`t"
Write-Host -ForegounndColor DarkRed $Error[0].Exception.Message
}
}
function DisableFeature {
param (
[cmdletbinding(
DefaultParameterSetName='params'
)]
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
if ( $params.ContainsKey('file') ) {
Get-Content $params.file | foreach {
DisableFeature @{name=$_}
}
}
elseif ( $params.ContainsKey('name') ) {
$feature = $(dism /online /Get-FeatureInfo /FeatureName:$($params.name) /English)
$name = $feature | Select-String "Feature Name" | %{($_ -split " : ")[1]}
if (-not $name){
Write-Host -ForegroundColor Yellow "`tFeature $params.name not found"
return
}
Write-Host -NoNewline "`tDisable Feature $name : "
if ( $($feature | Select-String "state") -match "Disable" ){
Write-Host -ForegroundColor Yellow "already disable"
return
}
try {
Dism /online /Disable-Feature /FeatureName:$name /NoRestart | Out-Null
Write-Host -ForegroundColor Green "done"
}
catch {
Write-Host -ForegroundColor Red "error"
}
}
else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
}
}
function UninstallModernApp {
param(
[cmdletbinding(
DefaultParameterSetName='params'
)]
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
if ( $params.ContainsKey('file') ) {
$pkgs = $(Get-AppxPackage -AllUsers).name
$uninstall_list = Get-Content $params.file
$pkgs | Where-Object { $_ -in $uninstall_list } | foreach {
UninstallModernApp @{name=$_}
}
$uninstall_list | Where-Object { $_ -notin $pkgs } | foreach {
Write-Host -ForegroundColor Yellow "`tModern App $_ not installed"
}
}
elseif ( $params.ContainsKey('name') ) {
Write-Host -NoNewLine "`tUninstall $($params.name) : "
try {
$(Get-AppxPackage -AllUsers | Where-Object { $_.name -like "*$($params.name)*" } | Remove-AppxPackage)
Write-Host -ForegroundColor Green "done"
}
catch {
Write-Host -NoNewLine -ForegroundColor Red "Error `n`t"
write-Host -ForegroundColor DarkRed "Impossible to Uninstall. Is this a system one."
}
}
else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
return
}
if ( $params.ContainsKey('removeProvisionned' ) ) {
UninstallModernProvisonnedApp $params
}
}
function UninstallModernProvisonnedApp {
param(
[cmdletbinding(
DefaultParameterSetName='params'
)]
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
if ( $params.ContainsKey('file') ) {
$pkgs = $(Get-AppxProvisionedPackage -Online).DisplayName
$list = Get-Content $params.file
$pkgs | Where-Object { $_ -in $list } | foreach {
UninstallModernProvisonnedApp @{name=$_}
}
$list | Where-Object { $_ -notin $pkgs } | foreach {
Write-Host -ForegroundColor Yellow "`tProvisionned App $_ not found"
}
}
elseif ( $params.ContainsKey('name') ){
Write-Host -NoNewLine "`tUninstall Provisonned $($params.name) :"
try {
$(Get-AppxProvisionedPackage -Online | Where-Object { $_.DisplayName -eq $($params.name) }) | Remove-AppxProvisionedPackage -Online | Out-Null
Write-Host -ForegroundColor Green "done"
}
catch {
Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t"
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
return
}
}
else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
}
}
function DisableService {
param (
[cmdletbinding(
DefaultParameterSetName='params'
)]
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
if ( $params.ContainsKey('file') ) {
$services = $(Get-Service).name
$list = Get-Content $params.file
$services | Where-Object { $_ -in $list } | Foreach {
DisableService @{name=$_}
}
$list | Where-Object { $_ -notin $services } | Foreach {
Write-Host -ForegroundColor Yellow "`t Service $_ not found"
}
}
elseif ( $params.ContainsKey('name') ) {
try {
$service = Get-Service -Name $params.name
if ( -not $service ){
Write-Host -ForegroundColor "`t Service $($params.name) not found"
return
}
Write-Host -NoNewline "`tDisable service $($params.name) : "
if ( $service.StartType -eq "Disable") {
Write-Host -ForegroundColor Yellow "already disabled"
return
}
Stop-Service -InputObject $service -PassThru | Set-Service -StartupType disabled
Write-Host -ForegroundColor Green "done "
}
catch {
Write-Host -NoNewLine -ForegroundColor Red "`tError`n`t"
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
return
}
}
else {
Write-Host -ForegroundColor Red "`tError : No name or file for action $($MyInvocation.MyCommand.Name)"
}
}
function KillProcess {
param(
[cmdletbinding(
DefaultParameterSetName='params'
)]
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
Write-Host -NoNewLine "`tKilling $($params.name) : "
try {
Stop-Process $(Get-Process $params.name -ErrorAction SilentlyContinue )
Write-Host -ForegroundColor Green "Done"
}
catch {
Write-host -ForegroundColor Yellow "Not started"
}
}
function DelFile {
param (
[cmdletbinding(
DefaultParameterSetName='params'
)]
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
$path = Invoke-Expression """$($params.path)"""
Write-Host -NoNewline "`tDelete $path : "
if ( -not (Test-Path $path) ){
Write-Host -ForegroundColor Yellow "not found"
return
}
$command = "Remove-Item -ErrorAction SilentlyContinue -Force -Path `"$path`""
if ( $params.ContainsKey('recurse') -and $params.recurse -eq $true ) {
$command += "-Recurse"
}
try {
Invoke-Expression $command
Write-Host -ForegroundColor Green "done"
}
catch {
Write-Host -NoNewLine -ForegroundColor Red "`Error`n`t"
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
}
}
function ExecCommand {
param (
[cmdletbinding(
DefaultParameterSetName='params'
)]
[Parameter(
ValueFromPipeline=$False,
ParameterSetName="params",
Position = 0
)]
[object]$params
)
Write-Host -NoNewline "`tExecute : $($params.path) : "
if ( -not (Test-Path $params.path) ) {
Write-Host -ForegroundColor Yellow "File not found"
return
}
try {
Start-Process $params.path -ArgumentList $params.arguments
Write-Host -ForegroundColor Green "done"
}
catch {
Write-Host -NoNewLine -ForegroundColor Red "`Error in DelFile`n`t"
write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
}
}
function ProcessModuleFile {
param (
[Parameter(
Mandatory=$true,
ValueFromPipeline=$True,
ParameterSetName="path"
)]
[string]$path
)
try {
$mod = Get-Content $(Get-ChildItem $path).FullName -Raw | ConvertFrom-Json
}
catch {
Write-Host -ForegroundColor Red "Error While Loading JSON : $path `n`n"
#Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
return
}
Write-Host -ForegroundColor White "`nProcess Module $($mod.name) `n"
$mod.actions | Foreach {
$action_file = ""
$current_action = @{}
foreach( $p in $_.psobject.properties.name ){
$current_action[$p] = $_.$p
}
if ( -not $current_action.ContainsKey('action') ) {
Write-Host -ForegroundColor Red "`tError : action not found"
return
}
# If action content a file element, need to test if file exist
if ( $current_action.ContainsKey('file')) {
$action_file = $(Get-ChildItem $path).DirectoryName + "\" + $(Get-ChildItem $path).BaseName + "\" + $current_action.file
if ( -not (Test-Path $action_file) ) {
Write-Host -ForegroundColor Red "`tError in $($mod.name) : file $action_file not found`n"
return
}
$current_action.file = $action_file
}
# Invoke function
if (Get-Command $($_.action) -ErrorAction SilentlyContinue ){
Invoke-Expression "$($_.action) `$current_action"
}
else {
Write-Host -ForegroundColor Red "`tError in $($mod.name) : action $($_.action) not exist"
}
}
}
Write-Output "`nIt's time to kick ass and chew bubble gum"
Write-Output "_________________________________________`n"
try {
Write-Host -NoNewline "Mount Default user registery hive : "
reg load "HKU\Default" "C:\Users\Default\NTUSER.DAT" | Out-Null
New-PSDrive -PSProvider Registry -Root HKEY_USERS -Name HKU | Out-Null
Write-Host -ForegroundColor Green "done"
Write-Host -NoNewline "Mount HK_CLASSES_ROOT registery hive : "
New-PSDrive -PSProvider Registry -Root HKEY_CLASSES_ROOT -Name HKCR | Out-Null
New-PSDrive -PSProvider Registry -Root HKEY_CURRENT_USER -Name HKCU | Out-Null
Write-Host -ForegroundColor Green "done"
}
catch {
Write-Host -NoNewline -ForegroundColor Red "Error while mounting Registery`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
return
}
Write-Host "Folder to process : $module"
if ( $module -and $( Test-Path $module ) ) {
$module | ProcessModuleFile
}
else {
Get-ChildItem -Path $dir -Filter "*.conf" | foreach {
$_.FullName | ProcessModuleFile
}
}
#Unmount Registery
try {
Write-Host -NoNewline "`nUnmount HKU and HKCR : "
Remove-PSDrive -Name HKCR
Remove-PSDrive -Name HKCU
Remove-PSDrive -Name HKU
reg unload "HKU\Default" 2>&1 | Out-Null
Write-Host -ForegroundColor Green "done"
}
catch {
Write-Host -NoNewline -ForegroundColor Red "Error`n`t"
Write-Host -ForegroundColor DarkRed $Error[0].Exception.Message
}
Reference in a new issue View git blame Copy permalink