Public-Mirrors
/
Debloat-Windows-10
mirror of https://github.com/W4RH4WK/Debloat-Windows-10
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

slightly adapt #2

pull/8/head
Alex Hirsch 9 years ago
parent
4fc197ae4e
commit
9bc9774f9d
6 changed files with 82 additions and 83 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 103
      lib/reg-helper.psm1
  2. 2
      scripts/disable-defender.ps1
  3. 2
      scripts/disable-telemetry.ps1
  4. 54
      scripts/fix-privacy-settings.ps1
  5. 2
      scripts/optimize-windows-update.ps1
  6. 2
      scripts/remove-onedrive.ps1

103
lib/reg-helper.psm1
View File

@ -1,28 +1,75 @@
function Import-Registry($reg) { function Import-Registry($reg) {
# add reg file hander # add reg file hander
$reg = "Windows Registry Editor Version 5.00`r`n`r`n" + $reg $reg = "Windows Registry Editor Version 5.00`r`n`r`n" + $reg
# store, import and remove reg file # store, import and remove reg file
$regfile = "$env:windir\Temp\registry.reg" $regfile = "$env:windir\Temp\registry.reg"
$reg | Out-File $regfile $reg | Out-File $regfile
Start-Process "regedit.exe" -ArgumentList ("/s", "$regfile") -Wait Start-Process "regedit.exe" -ArgumentList ("/s", "$regfile") -Wait
rm $regfile rm $regfile
} }
function Takeown-Registry($key) { function Takeown-Registry($key) {
# TODO works only for LocalMachine for now # TODO works only for LocalMachine for now
$key = $key.substring(19) $key = $key.substring(19)
# set owner # set owner
$key = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("SOFTWARE\Microsoft\Windows Defender\Spynet", "ReadWriteSubTree", "TakeOwnership") $key = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("SOFTWARE\Microsoft\Windows Defender\Spynet", "ReadWriteSubTree", "TakeOwnership")
$owner = [Security.Principal.NTAccount]"Administrators" $owner = [Security.Principal.NTAccount]"Administrators"
$acl = $key.GetAccessControl() $acl = $key.GetAccessControl()
$acl.SetOwner($owner) $acl.SetOwner($owner)
$key.SetAccessControl($acl) $key.SetAccessControl($acl)
# set FullControl # set FullControl
$acl = $key.GetAccessControl() $acl = $key.GetAccessControl()
$rule = New-Object System.Security.AccessControl.RegistryAccessRule("Administrators", "FullControl", "Allow") $rule = New-Object System.Security.AccessControl.RegistryAccessRule("Administrators", "FullControl", "Allow")
$acl.SetAccessRule($rule) $acl.SetAccessRule($rule)
$key.SetAccessControl($acl) $key.SetAccessControl($acl)
} }
function Elevate-Privileges {
param($Privilege)
$Definition = @"
using System;
using System.Runtime.InteropServices;
public class AdjPriv {
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele);
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
[StructLayout(LayoutKind.Sequential, Pack = 1)]
internal struct TokPriv1Luid {
public int Count;
public long Luid;
public int Attr;
}
internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
internal const int TOKEN_QUERY = 0x00000008;
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static bool EnablePrivilege(long processHandle, string privilege) {
bool retVal;
TokPriv1Luid tp;
IntPtr hproc = new IntPtr(processHandle);
IntPtr htok = IntPtr.Zero;
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
tp.Count = 1;
tp.Luid = 0;
tp.Attr = SE_PRIVILEGE_ENABLED;
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
return retVal;
}
}
"@
$ProcessHandle = (Get-Process -id $pid).Handle
$type = Add-Type $definition -PassThru
$type[0]::EnablePrivilege($processHandle, $Privilege)
}

2
scripts/disable-defender.ps1
View File

@ -1,7 +1,7 @@
# Description: # Description:
# This script will disable Windows Defender via Group Policies. # This script will disable Windows Defender via Group Policies.
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1 Import-Module -DisableNameChecking $PSScriptRoot\..\lib\reg-helper.psm1
echo "Disabling Windows Defender" echo "Disabling Windows Defender"
Import-Registry(@" Import-Registry(@"

2
scripts/disable-telemetry.ps1
View File

@ -2,7 +2,7 @@
# This script redirects telemetry related domains to your nowhere using the # This script redirects telemetry related domains to your nowhere using the
# hosts file. Additionally telemetry is disallows via Group Policies. # hosts file. Additionally telemetry is disallows via Group Policies.
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1 Import-Module -DisableNameChecking $PSScriptRoot\..\lib\reg-helper.psm1
echo "Adding telemetry routes to hosts file" echo "Adding telemetry routes to hosts file"
$hosts = @" $hosts = @"

54
scripts/fix-privacy-settings.ps1
View File

@ -2,58 +2,10 @@
# This script will try to fix many of the privacy settings for the user. This # This script will try to fix many of the privacy settings for the user. This
# is work in progress! # is work in progress!
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1 Import-Module -DisableNameChecking $PSScriptRoot\..\lib\reg-helper.psm1
function Enable-Privilege {
param($Privilege)
$Definition = @"
using System;
using System.Runtime.InteropServices;
public class AdjPriv {
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele);
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)]
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok);
[DllImport("advapi32.dll", SetLastError = true)]
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid);
[StructLayout(LayoutKind.Sequential, Pack = 1)]
internal struct TokPriv1Luid {
public int Count;
public long Luid;
public int Attr;
}
internal const int SE_PRIVILEGE_ENABLED = 0x00000002;
internal const int TOKEN_QUERY = 0x00000008;
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public static bool EnablePrivilege(long processHandle, string privilege) {
bool retVal;
TokPriv1Luid tp;
IntPtr hproc = new IntPtr(processHandle);
IntPtr htok = IntPtr.Zero;
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok);
tp.Count = 1;
tp.Luid = 0;
tp.Attr = SE_PRIVILEGE_ENABLED;
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid);
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero);
return retVal;
}
}
"@
$ProcessHandle = (Get-Process -id $pid).Handle
$type = Add-Type $definition -PassThru
$type[0]::EnablePrivilege($processHandle, $Privilege)
}
echo "Elevating priviledges for this process" echo "Elevating priviledges for this process"
do {} until (Enable-Privilege SeTakeOwnershipPrivilege) do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
echo "Defuse Windows search settings" echo "Defuse Windows search settings"
Set-WindowsSearchSetting -EnableWebResultsSetting $false Set-WindowsSearchSetting -EnableWebResultsSetting $false
@ -313,7 +265,7 @@ Import-Registry(@"
"SensorPermissionState"=dword:00000000 "SensorPermissionState"=dword:00000000
"@) "@)
echo "Disable submission of Windows Defender findings" echo "Disable submission of Windows Defender findings (w/ elevated privileges)"
Takeown-Registry("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet") Takeown-Registry("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet")
Import-Registry(@" Import-Registry(@"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet]

2
scripts/optimize-windows-update.ps1
View File

@ -2,7 +2,7 @@
# This script optimizes Windows updates by disabling automatic download and # This script optimizes Windows updates by disabling automatic download and
# seeding updates to other computers. # seeding updates to other computers.
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1 Import-Module -DisableNameChecking $PSScriptRoot\..\lib\reg-helper.psm1
echo "Disable automatic download and installation of Windows updates" echo "Disable automatic download and installation of Windows updates"
Import-Registry(@" Import-Registry(@"

2
scripts/remove-onedrive.ps1
View File

@ -1,7 +1,7 @@
# Description: # Description:
# This script will remove and disable OneDrive integration. # This script will remove and disable OneDrive integration.
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1 Import-Module -DisableNameChecking $PSScriptRoot\..\lib\reg-helper.psm1
echo "Kill OneDrive process" echo "Kill OneDrive process"
taskkill.exe /F /IM "OneDrive.exe" taskkill.exe /F /IM "OneDrive.exe"

Write Preview
Loading…
Cancel
Save