mirror of
https://github.com/W4RH4WK/Debloat-Windows-10.git
synced 2024-11-15 18:12:57 +00:00
Add reg-helper module.
This commit is contained in:
tumpio
parent
7265a45b76
commit
4fc197ae4e
28
lib/reg-helper.psm1
Normal file
28
lib/reg-helper.psm1
Normal file
@ -0,0 +1,28 @@
|
||||
function Import-Registry($reg) {
|
||||
# add reg file hander
|
||||
$reg = "Windows Registry Editor Version 5.00`r`n`r`n" + $reg
|
||||
|
||||
# store, import and remove reg file
|
||||
$regfile = "$env:windir\Temp\registry.reg"
|
||||
$reg | Out-File $regfile
|
||||
Start-Process "regedit.exe" -ArgumentList ("/s", "$regfile") -Wait
|
||||
rm $regfile
|
||||
}
|
||||
|
||||
function Takeown-Registry($key) {
|
||||
# TODO works only for LocalMachine for now
|
||||
$key = $key.substring(19)
|
||||
|
||||
# set owner
|
||||
$key = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("SOFTWARE\Microsoft\Windows Defender\Spynet", "ReadWriteSubTree", "TakeOwnership")
|
||||
$owner = [Security.Principal.NTAccount]"Administrators"
|
||||
$acl = $key.GetAccessControl()
|
||||
$acl.SetOwner($owner)
|
||||
$key.SetAccessControl($acl)
|
||||
|
||||
# set FullControl
|
||||
$acl = $key.GetAccessControl()
|
||||
$rule = New-Object System.Security.AccessControl.RegistryAccessRule("Administrators", "FullControl", "Allow")
|
||||
$acl.SetAccessRule($rule)
|
||||
$key.SetAccessControl($acl)
|
||||
}
|
||||
@ -1,10 +1,10 @@
|
||||
# Description:
|
||||
# This script will disable Windows Defender via Group Policies.
|
||||
|
||||
echo "Disabling Windows Defender"
|
||||
$reg = @"
|
||||
Windows Registry Editor Version 5.00
|
||||
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1
|
||||
|
||||
echo "Disabling Windows Defender"
|
||||
Import-Registry(@"
|
||||
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender]
|
||||
"DisableAntiSpyware"=dword:00000001
|
||||
"DisableRoutinelyTakingAction"=dword:00000001
|
||||
@ -13,8 +13,4 @@ Windows Registry Editor Version 5.00
|
||||
|
||||
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection]
|
||||
"DisableRealtimeMonitoring"=dword:00000001
|
||||
"@
|
||||
$regfile = "$env:windir\Temp\registry.reg"
|
||||
$reg | Out-File $regfile
|
||||
Start-Process "regedit.exe" -ArgumentList ("/s", "$regfile") -Wait
|
||||
rm $regfile
|
||||
"@)
|
||||
|
||||
@ -2,6 +2,8 @@
|
||||
# This script redirects telemetry related domains to your nowhere using the
|
||||
# hosts file. Additionally telemetry is disallows via Group Policies.
|
||||
|
||||
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1
|
||||
|
||||
echo "Adding telemetry routes to hosts file"
|
||||
$hosts = @"
|
||||
0.0.0.0 134.170.30.202
|
||||
@ -56,17 +58,11 @@ $hosts = @"
|
||||
0.0.0.0 watson.telemetry.microsoft.com
|
||||
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
|
||||
0.0.0.0 wes.df.telemetry.microsoft.com
|
||||
"@
|
||||
"@)
|
||||
echo $hosts >> "$env:systemroot\System32\drivers\etc\hosts"
|
||||
|
||||
echo "Disabling telemetry via Group Policies"
|
||||
$reg = @"
|
||||
Windows Registry Editor Version 5.00
|
||||
|
||||
Import-Registry(@"
|
||||
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection]
|
||||
"AllowTelemetry"=dword:00000000
|
||||
"@
|
||||
$regfile = "$env:windir\Temp\registry.reg"
|
||||
$reg | Out-File $regfile
|
||||
Start-Process "regedit.exe" -ArgumentList ("/s", "$regfile") -Wait
|
||||
rm $regfile
|
||||
"@)
|
||||
|
||||
@ -2,35 +2,7 @@
|
||||
# This script will try to fix many of the privacy settings for the user. This
|
||||
# is work in progress!
|
||||
|
||||
|
||||
function Import-Registry($reg) {
|
||||
# add reg file hander
|
||||
$reg = "Windows Registry Editor Version 5.00`r`n`r`n" + $reg
|
||||
|
||||
# store, import and remove reg file
|
||||
$regfile = "$env:windir\Temp\registry.reg"
|
||||
$reg | Out-File $regfile
|
||||
Start-Process "regedit.exe" -ArgumentList ("/s", "$regfile") -Wait
|
||||
rm $regfile
|
||||
}
|
||||
|
||||
function Takeown-Registry($key) {
|
||||
# TODO works only for LocalMachine for now
|
||||
$key = $key.substring(19)
|
||||
|
||||
# set owner
|
||||
$key = [Microsoft.Win32.Registry]::LocalMachine.OpenSubKey("SOFTWARE\Microsoft\Windows Defender\Spynet", "ReadWriteSubTree", "TakeOwnership")
|
||||
$owner = [Security.Principal.NTAccount]"Administrators"
|
||||
$acl = $key.GetAccessControl()
|
||||
$acl.SetOwner($owner)
|
||||
$key.SetAccessControl($acl)
|
||||
|
||||
# set FullControl
|
||||
$acl = $key.GetAccessControl()
|
||||
$rule = New-Object System.Security.AccessControl.RegistryAccessRule("Administrators", "FullControl", "Allow")
|
||||
$acl.SetAccessRule($rule)
|
||||
$key.SetAccessControl($acl)
|
||||
}
|
||||
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1
|
||||
|
||||
function Enable-Privilege {
|
||||
param($Privilege)
|
||||
|
||||
@ -2,29 +2,19 @@
|
||||
# This script optimizes Windows updates by disabling automatic download and
|
||||
# seeding updates to other computers.
|
||||
|
||||
echo "Disable automatic download and installation of Windows updates"
|
||||
$reg = @"
|
||||
Windows Registry Editor Version 5.00
|
||||
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1
|
||||
|
||||
echo "Disable automatic download and installation of Windows updates"
|
||||
Import-Registry(@"
|
||||
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU]
|
||||
"NoAutoUpdate"=dword:00000000
|
||||
"AUOptions"=dword:00000002
|
||||
"ScheduledInstallDay"=dword:00000000
|
||||
"ScheduledInstallTime"=dword:00000003
|
||||
"@
|
||||
$regfile = "$env:windir\Temp\registry.reg"
|
||||
$reg | Out-File $regfile
|
||||
Start-Process "regedit.exe" -ArgumentList ("/s", "$regfile") -Wait
|
||||
rm $regfile
|
||||
"@)
|
||||
|
||||
echo "Disable seeding of updates to other computers"
|
||||
$reg = @"
|
||||
Windows Registry Editor Version 5.00
|
||||
|
||||
Import-Registry(@"
|
||||
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization]
|
||||
"SystemSettingsDownloadMode"=dword:00000003
|
||||
"@
|
||||
$regfile = "$env:windir\Temp\registry.reg"
|
||||
$reg | Out-File $regfile
|
||||
Start-Process "regedit.exe" -ArgumentList ("/s", "$regfile") -Wait
|
||||
rm $regfile
|
||||
"@)
|
||||
|
||||
@ -1,6 +1,8 @@
|
||||
# Description:
|
||||
# This script will remove and disable OneDrive integration.
|
||||
|
||||
Import-Module $PSScriptRoot\..\lib\reg-helper.psm1
|
||||
|
||||
echo "Kill OneDrive process"
|
||||
taskkill.exe /F /IM "OneDrive.exe"
|
||||
taskkill.exe /F /IM "explorer.exe"
|
||||
@ -20,16 +22,10 @@ rm -r -Force "$env:userprofile\OneDrive"
|
||||
rm -r -Force "C:\OneDriveTemp"
|
||||
|
||||
echo "Disable OneDrive via Group Policies"
|
||||
$reg = @"
|
||||
Windows Registry Editor Version 5.00
|
||||
|
||||
Import-Registry(@"
|
||||
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive]
|
||||
"DisableFileSyncNGSC"=dword:00000001
|
||||
"@
|
||||
$regfile = "$env:windir\Temp\registry.reg"
|
||||
$reg | Out-File $regfile
|
||||
Start-Process "regedit.exe" -ArgumentList ("/s", "$regfile") -Wait
|
||||
rm $regfile
|
||||
"@)
|
||||
|
||||
echo "Removing startmenu entry"
|
||||
rm "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user