-
-
Notifications
You must be signed in to change notification settings - Fork 164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Script Updates #26
Comments
Hi @Disk2019 , and great to welcome you back and thanks again for your deep analysis of scripts and very constructive feedback. They look great in the first look. I love the ideas, especially the one with prompting UAC. Great! I'll do more testing and look at them deeper and come with feedback. |
Some of my Forensic Science Lab colleagues told me that capability removal is not working for them as they are on different build so i have done a little change ie removing capabilities via powershell command within the script via common name * . script changes are as follows : Powershell -Command "Get-WindowsCapability -Online | Where-Object { $.CapabilityName -like 'App.StepsRecorder*' } | Remove-WindowsCapability -Online" after this if a user is on any build of Win10 it will remove the capabilities via common name * but not as we have done it previously via dism capabilities removal. Thanks & Regards |
Very smart. Thanks again and for your friends for making Windows better for everyone 👏 You have been super helpful ensuring good quality everywhere. Btw I also improved OneDrive when you were gone.. Very hard to get rid of it.. Let's work with scripts already mentioned in this issue and create new issues for new stuff. This way we can have discussions more clearly and track the work easily 😎 I also started added revert scripts for more and more tweaks after your feedback. And I'd like to add every new tweak with their revert scripts, it'd speed up things a lot for me if you'd have time to add scripts to revert each script as well. Just keeping a checklist here to keep you updated with the status, I'll check the boxes as they are addedand leave a comment when everything is released. TODO
|
They are not there checked in "Recommended" mode but yes they get deleted on "All" mode. They are not privacy intrusive (as I know) and not bloatware (as many would think). I'll consider removing them. Have fun working with security. It's my hobby as well 👍 I'd like to see other robocops as contributors as well. It's not a security breach to that but it's only good to share your knowledge to help the community and nation to become more secure 👍 |
Pardone Please : Some of my friends told me that the updated code to remove capabilities is not showing any operation on there display hence i have done some more changes to it so that users will see whats going on via the capabilities removal script. Code As Follows : echo ========================================================== |
Hi, Thanks again for stabilizing this library! Your POV is an absolutely perfect use-case for making stuff better here. Social media policies are made for non-technical people generally, not fr people who knows what they're doing.. But I understand it, and thanks for risking it to make everyones OS more secure and private. I had time to look much deeper into the scripts. I improved those with "👍" emoji, restructured scripts and added many revert options and here's my feedback:
Again, I love working with you and thanks again for everything. I'm sure you've been helpful to many people so far, an anonymous hero in the community 😊 P.S. When I was writing this, got a warning from OneDrive.. Painful to get rid of it. Maybe I'll be able to after your updates. |
❓ DefaultUser0 seems like an old Windows bug that's been patched. Answer : If somebody is on LTSC 2019 then DefaultUser0 Account is by default created on Installation as telemetry account. ❓ Reset Defender Antimalware Platform Answer : Yes Not related to User Privacy but i found it useful for me in many Points cant discuss it though. Please do ignore it but it will not trouble any user in there OS functionality . Might add it in extra option not recommended . some in depth users of win10 will still found it useful according to there POV. ❓ Set User TEMP to Windows TEMP Answer : [Changing TEMP & TMP user Variable to Win TemP] Yes Not related to User Privacy but useful for in depth users of Win10 OS cant discuss it though. ❓ TakeOwnership of SystemApps Answer : Yes it is not deleting any systemapps directory but only to take ownership of same directory cuz i don't want any user to get into any trouble thereafter . Users are free thereafter taking ownership of whole systemapps directory to choose the system apps directly they don't want to use & rename them to .backup after origin name so that they can easily take back those apps directory to default via renaming it again to the same state as it was at a time of urgent need when WU will throw error to them installing updates because Win10 is moving to a different state & as one time will come it will be totally M$ APP based OS. ❓ Defender Settings Answer : Yes i agree with you on this point . but in a scenario if user don't want to use defender as there default OS AV & want to install third party Security App with a Stateful Firewall then these tweaks will show him/her whats the use of them. please do ignore them if you found it irrelevant to the Script Project. Thanks & Regards, |
After your explanations, I added those:
They're probably good sysops command but excluded those two as I could not understand the point:
Log cleanup: I wonder if we need to explicitly run So everything else is included except those two. I also documented them and even added more stuff 🌟. I'll release them along with some GUI improvements hopefully this week. Big thank you again! |
Big Thanks to you for creating such an awesome win10 privacy project . its more then awesome. |
@undergroundwires 🥇 echo ================================================== echo ================================================== echo ================================================== echo ================================================== echo ================================================== echo ================================================== echo ================================================== echo ================================================== |
@Disk2019 thanks for following the development, some small touches left and I'll release them. Host file editing was something I was considering but did not have time to add.. I agree that we should add them as well. However there are two issues we should consider:
|
we can use [if] command function to cross check whether entry is already there or not. |
Good idea. A oneliner would be great as we'll repeat this many times. Also we could use the same One other challenge is the maintenance of the domains. Actively maintaining those and ensuring that they don't break stuff and are up-to-date is very time consuming and should not be the core focus for us. Maybe we can use a third party list such as https://github.com/supmaxi/Bad-IP-s . However privacy.sexy works with parsing a single yaml file so a custom logic will be required to be able to work with another text file to get the information, and it introduces a new level of complexity. I guess we should start with hardcoding important ones at first and then can consider having a third party list. |
Another alternative is to download and use https://github.com/crazy-max/WindowsSpyBlocker through a script. |
This commit improves the organization of service disabling scripts by relocating the "Disable OS services" section. It improves documentation and script/category titles to enhance clarity and accessibility for the divers user base of privacy.sexy, including those with non-technical backgrounds. Key changes: - Move "Disable OS services" to "Remove bloatware" to simplify navigation and prepare for new categories (for #26). - Rename "Disable OS services" to "Disable non-essential services" for better understanding. - Relocate "Disable NetBios for all interfaces" to "Security improvements" due to its relevance to security rather than bloatware. - Improve documentation. - Simplify script names by removing technical jargon, making them more more accessible.
- Introduce new category for host blocking. - Add new scripts to block tracking hosts Windows connects to. - Relocate Dropbox host blocking under new category. - Update comments in `BlockViaHostsFile` function for clarity.
Released as part of 0.13.0 🚀. |
:: ----------------------------------------------------------
:: -----------------Ensure admin privileges------------------
:: ----------------------------------------------------------
REM --> Run Batch File as Admin Without Right Click
:: ----------------------------------------------------------
:: --------------------- Defender Settings ------------------
:: ----------------------------------------------------------
echo --- Defender Extra Settings
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\MpEngine" /v "MpEnablePus" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRoutinelyTakingAction" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScanOnRealtimeEnable" /t REG_DWORD /d "1" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableGenericRePorts" /t REG_DWORD /d 1 /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Reporting" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "SpynetReporting" /t REG_DWORD /d "0" /f
reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "LocalSettingOverrideSpynetReporting" /t REG_DWORD /d 0 /f
reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f
reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d 1 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
reg add "HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontOfferThroughWUAU" /t REG_DWORD /d 1 /f
reg add "HKLM\System\CurrentControlSet\Services\WdNisSvc" /v "Start" /t REG_DWORD /d "4" /f
echo. Add Hosts to Defender Exclusion
WMIC /NAMESPACE:\root\Microsoft\Windows\Defender PATH MSFT_MpPreference call Add ExclusionPath="%Windir%\System32\drivers\etc\hosts"
:: ----------------------------------------------------------
:: ----------------------------------------------------------
:: ----- Remove DefaultUser0 Account For Privacy ------------
:: ----------------------------------------------------------
echo --- Remove DefaultUser0 Account For Privacy
net user defaultuser0 /delete
:: ----------------------------------------------------------
:: ----------------------------------------------------------
:: --------- Reset Defender Antimalware Platform ------------
:: ----------------------------------------------------------
echo --- Reset Defender Antimalware Platform
"%programfiles%\Windows Defender\MpCmdRun.exe" -resetplatform
:: ----------------------------------------------------------
:: ----------------------------------------------------------
:: ------------- TakeOwnership of WaasMedic -----------------
:: ----------------------------------------------------------
echo --- TakeOwnership of WaasMedic logs and Delete them
takeown /f %SystemRoot%\Logs\waasmedic /r /d y
icacls %SystemRoot%\Logs\waasmedic /grant administrators:F /t
rd /s /q %SystemRoot%\Logs\waasmedic
:: ----------------------------------------------------------
:: ----------------------------------------------------------
:: ------------- TakeOwnership of SystemApps ----------------
:: ----------------------------------------------------------
echo --- TakeOwnership of SystemApps and Delete extra found apps directories
takeown /f %SystemRoot%\SystemApps /r /d y
icacls %SystemRoot%\SystemApps /grant administrators:F /t
:: ----------------------------------------------------------
:: ----------------------------------------------------------
:: ------------ Set User TEMP to Windows TEMP ---------------
:: ----------------------------------------------------------
echo --- Setting User TEMP to Windows TEMP and Remove Onedrive User Variable
reg delete "HKCU\Environment" /v "OneDrive" /f
reg add "HKCU\Environment" /v "TEMP" /t REG_SZ /d "C:\Windows\Temp" /f
reg add "HKCU\Environment" /v "TMP" /t REG_SZ /d "C:\Windows\Temp" /f
:: ----------------------------------------------------------
Improved Ondrive Removal Part with complete Leftovers Removal
:: ----------------------------------------------------------
:: -------------------- Remove OneDrive ---------------------
:: ----------------------------------------------------------
echo --- Remove OneDrive
taskkill /f /im OneDrive.exe
%SystemRoot%\System32\OneDriveSetup.exe /uninstall
%SystemRoot%\SysWOW64\OneDriveSetup.exe /uninstall
rd /S /Q "C:\OneDriveTemp"
rd /S /Q "%UserProfile%\OneDrive"
rd /S /Q "%LocalAppData%\Microsoft\OneDrive"
rd /S /Q "%ProgramData%\Microsoft OneDrive"
del /S /Q /F %AppData%\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk"
reg delete "HKCR\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /f
reg delete "HKCR\Wow6432Node\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /f
reg delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OneDriveSetup" /f
reg add "HKLM\SOFTWARE\WOW6432Node\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d "1" /f
reg add "HKCR\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v System.IsPinnedToNameSpaceTree /t REG_DWORD /d "0" /f
reg add "HKCR\Wow6432Node\CLSID{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v System.IsPinnedToNameSpaceTree /t REG_DWORD /d "0" /f
:: ----------------------------------------------------------
Improved Clear logs to watch all logs getting cleared : Must be in Last of Script [mandatory]
:: ----------------------------------------------------------
:: ------------ Clear All Windows Event Logs ----------------
:: ----------------------------------------------------------
echo --- Clearing All Windows Event Logs
for /f "tokens=*" %%i in ('wevtutil.exe el') do echo "%%i" & wevtutil.exe cl "%%i" & wevtutil.exe cl System
echo --- Cleared All Windows Event Logs
taskkill /f /im Explorer.exe & start Explorer.exe
:: ----------------------------------------------------------
Thanks & Regards ,
Disk2019
The text was updated successfully, but these errors were encountered: