From ebc93a11c71afe75ac7a319bcf8e5d6d2e743f42 Mon Sep 17 00:00:00 2001 From: Alex Hirsch Date: Thu, 16 Feb 2017 08:45:29 +0100 Subject: [PATCH 1/6] Fix strange dashes in install-basic-software.ps1 ref #95 --- utils/install-basic-software.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/install-basic-software.ps1 b/utils/install-basic-software.ps1 index 9566505..11dab4f 100644 --- a/utils/install-basic-software.ps1 +++ b/utils/install-basic-software.ps1 @@ -35,10 +35,10 @@ Get-PackageProvider -Name chocolatey -Force echo "Creating daily task to automatically upgrade Chocolatey packages" # adapted from https://blogs.technet.microsoft.com/heyscriptingguy/2013/11/23/using-scheduled-tasks-and-scheduled-jobs-in-powershell/ $taskName = "Chocolatey Daily Upgrade" -$taskAction = New-ScheduledTaskAction –Execute C:\programdata\chocolatey\choco.exe -Argument "upgrade all -y" +$taskAction = New-ScheduledTaskAction -Execute C:\programdata\chocolatey\choco.exe -Argument "upgrade all -y" $taskTrigger = New-ScheduledTaskTrigger -At 2am -Daily $taskUser = "Admin" -Register-ScheduledTask –TaskName $taskName -Action $taskAction –Trigger $taskTrigger -User $taskUser +Register-ScheduledTask -TaskName $taskName -Action $taskAction -Trigger $taskTrigger -User $taskUser echo "Installing Packages" Install-Package -Name $packages -Force -ProviderName chocolatey From 7bc682f03b6448d5a40094a5856b96ef4b2b61a0 Mon Sep 17 00:00:00 2001 From: Miodrag Milic Date: Fri, 24 Feb 2017 13:35:36 +0100 Subject: [PATCH 2/6] removed Windows Defender tray icon --- scripts/disable-windows-defender.ps1 | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/scripts/disable-windows-defender.ps1 b/scripts/disable-windows-defender.ps1 index ac38d6b..6a537dc 100644 --- a/scripts/disable-windows-defender.ps1 +++ b/scripts/disable-windows-defender.ps1 @@ -28,3 +28,7 @@ sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Pro echo "Removing Windows Defender context menu item" si "HKLM:\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780}\InprocServer32" "" + +echo "Removing Windows Defender tray icon" +rp HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowsDefender -Name WindowsDefender -ea 0 +ps MSASCuiL -ea 0 | kill From 78387cfcb31232a0665ea0b1811d96c8cc9b9109 Mon Sep 17 00:00:00 2001 From: Alex Hirsch Date: Sat, 25 Feb 2017 15:17:45 +0100 Subject: [PATCH 3/6] Also disable Windows Defender Services --- README.md | 2 ++ scripts/disable-windows-defender.ps1 | 17 ++++++++++++++++- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index e59a782..e50138f 100644 --- a/README.md +++ b/README.md @@ -38,6 +38,8 @@ Unblock PowerShell scripts and modules within this directory: 2. Edit the scripts to fit your need. 3. Run the scripts 4. `PS > Restart-Computer` +5. Run `disable-windows-defender.ps1` one more time. +6. `PS > Restart-Computer` ## Startmenu diff --git a/scripts/disable-windows-defender.ps1 b/scripts/disable-windows-defender.ps1 index ac38d6b..004cb94 100644 --- a/scripts/disable-windows-defender.ps1 +++ b/scripts/disable-windows-defender.ps1 @@ -1,7 +1,13 @@ # Description: -# This script disables Windows Defender. +# This script disables Windows Defender. Run it once (will throw errors), then +# reboot, run it again (this time no errors should occur) followed by another +# reboot. Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1 +Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1 + +echo "Elevating priviledges for this process" +do {} until (Elevate-Privileges SeTakeOwnershipPrivilege) $tasks = @( "\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" @@ -26,5 +32,14 @@ sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableRout force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection" sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection" "DisableRealtimeMonitoring" 1 +echo "Disabling Windows Defender Services" +Takeown-Registry("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinDefend") +sp "HKLM:\SYSTEM\CurrentControlSet\Services\WinDefend" "Start" 4 +sp "HKLM:\SYSTEM\CurrentControlSet\Services\WinDefend" "AutorunsDisabled" 3 +sp "HKLM:\SYSTEM\CurrentControlSet\Services\WdNisSvc" "Start" 4 +sp "HKLM:\SYSTEM\CurrentControlSet\Services\WdNisSvc" "AutorunsDisabled" 3 +sp "HKLM:\SYSTEM\CurrentControlSet\Services\Sense" "Start" 4 +sp "HKLM:\SYSTEM\CurrentControlSet\Services\Sense" "AutorunsDisabled" 3 + echo "Removing Windows Defender context menu item" si "HKLM:\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780}\InprocServer32" "" From 6281c87a69f5322b5fc1061ec82f0c95d9f7ffe6 Mon Sep 17 00:00:00 2001 From: Alex Hirsch Date: Sun, 5 Mar 2017 08:13:42 +0100 Subject: [PATCH 4/6] Add newly discovered telemetry endpoint to list close #100 --- scripts/block-telemetry.ps1 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/block-telemetry.ps1 b/scripts/block-telemetry.ps1 index b0460b4..ed4a517 100644 --- a/scripts/block-telemetry.ps1 +++ b/scripts/block-telemetry.ps1 @@ -11,6 +11,7 @@ sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0 echo "Adding telemetry domains to hosts file" $hosts_file = "$env:systemroot\System32\drivers\etc\hosts" $domains = @( + "184-86-53-99.deploy.static.akamaitechnologies.com" "a-0001.a-msedge.net" "a-0002.a-msedge.net" "a-0003.a-msedge.net" @@ -161,6 +162,7 @@ $ips = @( "134.170.30.202" "137.116.81.24" "157.56.106.189" + "184.86.53.99" "2.22.61.43" "2.22.61.66" "204.79.197.200" From 28505a5d86af6a086622be0ff21e285328b9c094 Mon Sep 17 00:00:00 2001 From: Alex Hirsch Date: Sun, 5 Mar 2017 08:14:38 +0100 Subject: [PATCH 5/6] Fix Registry path for disabling Defender --- scripts/disable-windows-defender.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/disable-windows-defender.ps1 b/scripts/disable-windows-defender.ps1 index 56baae1..b1cd43e 100644 --- a/scripts/disable-windows-defender.ps1 +++ b/scripts/disable-windows-defender.ps1 @@ -45,4 +45,4 @@ echo "Removing Windows Defender context menu item" si "HKLM:\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780}\InprocServer32" "" echo "Removing Windows Defender GUI / tray from autorun" -rp "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowsDefender" "WindowsDefender" -ea 0 +rp "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "WindowsDefender" -ea 0 From 900fde4db20e4ed14257f89ae3d7a6428779eb42 Mon Sep 17 00:00:00 2001 From: Alex Hirsch Date: Sun, 5 Mar 2017 08:22:31 +0100 Subject: [PATCH 6/6] Rephrase some parts of the README for clarity ref #99 --- README.md | 36 +++++++++++++++++++----------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index e50138f..01e64d2 100644 --- a/README.md +++ b/README.md @@ -3,21 +3,30 @@ This project collects Powershell scripts which help to *debloat* Windows 10, tweak common settings and install basic software components. -I develop those scripts on a Windows 10 Professional 64-Bit (English) virtual -machine. Please let me know if you encounter any issues with other Windows 10 -versions. +I test these scripts on a Windows 10 Professional 64-Bit (English) virtual +machine. Please let me know if you encounter any issues. Home Edition and +different languages are not supported. These scripts are intended for +tech-savvy administrators, who know what they are doing and just want to +automate this phase of their setup. If this profile does not fit you, I +recommend using a different (more interactive) tool -- and there are a lot of +them out there. + +**There is no undo**, I recommend only using these scripts on a fresh +installation (including Windows Updates). Test everything after running them +before doing anything else. Also there is no guarantee that everything will +work after future updates since I cannot predict what Microsoft will do next. -Home Edition and different languages are not supported. Let me know of you fork -this repo for fixing Home Edition or a different language. +## Interactivity -Note that **there is no undo**, I recommend only using these scripts on a fresh -install (including updates). Test everything after running them before -continuing with something else. Also there is no guarantee that everything will -work after future updates since I cannot predict what Microsoft will do next. +The scripts are designed to run without any user-interaction. Modify them +beforehand. If you want a more interactive approach check out +[DisableWinTracking](https://github.com/10se1ucgo/DisableWinTracking) from +[10se1ucgo](https://github.com/10se1ucgo). ## Download Latest Version -Code located in the `master` branch is under development (for now). +Code located in the `master` branch is always considered under development, but +you'll probably want the most recent version anyway. - [Download [zip]](https://github.com/W4RH4WK/Debloat-Windows-10/archive/master.zip) @@ -86,13 +95,6 @@ App when wanting to use one. But I haven't confirmed this yet, and there is a workaround to re-enable it afterwards. See [#78](https://github.com/W4RH4WK/Debloat-Windows-10/issues/78). -## Interactivity - -The scripts are designed to run without any user-interaction. Modify them -beforehand. If you want a more interactive approach check out -[DisableWinTracking](https://github.com/10se1ucgo/DisableWinTracking) from -[10se1ucgo](https://github.com/10se1ucgo). - ## Liability **All scripts are provided as is and you use them at your own risk.**