parent
a36d990784
commit
2236687c1f
@ -0,0 +1,11 @@
|
||||
# Thanks to raydric, this function should be used instead of `mkdir -force`.
|
||||
#
|
||||
# While `mkdir -force` works fine when dealing with regular folders, it behaves
|
||||
# strange when using it at registry level. If the target registry key is
|
||||
# already present, all values within that key are purged.
|
||||
function force-mkdir($path) {
|
||||
if (!(Test-Path $path)) {
|
||||
#Write-Host "-- Creating full path to: " $path -ForegroundColor White -BackgroundColor DarkGreen
|
||||
New-Item -ItemType Directory -Force -Path $path
|
||||
}
|
||||
}
|
@ -1,172 +1,174 @@
|
||||
# Description:
|
||||
# This script blocks telemetry related domains via the hosts file and related
|
||||
# IPs via Windows Firewall.
|
||||
|
||||
echo "Disabling telemetry via Group Policies"
|
||||
mkdir -Force "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection"
|
||||
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0
|
||||
|
||||
echo "Adding telemetry domains to hosts file"
|
||||
$hosts_file = "$env:systemroot\System32\drivers\etc\hosts"
|
||||
$domains = @(
|
||||
"a-0001.a-msedge.net"
|
||||
"a-0002.a-msedge.net"
|
||||
"a-0003.a-msedge.net"
|
||||
"a-0004.a-msedge.net"
|
||||
"a-0005.a-msedge.net"
|
||||
"a-0006.a-msedge.net"
|
||||
"a-0007.a-msedge.net"
|
||||
"a-0008.a-msedge.net"
|
||||
"a-0009.a-msedge.net"
|
||||
"a1621.g.akamai.net"
|
||||
"a1856.g2.akamai.net"
|
||||
"a1961.g.akamai.net"
|
||||
#"a248.e.akamai.net" # makes iTunes download button disappear (#43)
|
||||
"a978.i6g1.akamai.net"
|
||||
"a.ads1.msn.com"
|
||||
"a.ads2.msads.net"
|
||||
"a.ads2.msn.com"
|
||||
"ac3.msn.com"
|
||||
"ad.doubleclick.net"
|
||||
"adnexus.net"
|
||||
"adnxs.com"
|
||||
"ads1.msads.net"
|
||||
"ads1.msn.com"
|
||||
"ads.msn.com"
|
||||
"aidps.atdmt.com"
|
||||
"aka-cdn-ns.adtech.de"
|
||||
"a-msedge.net"
|
||||
"any.edge.bing.com"
|
||||
"a.rad.msn.com"
|
||||
"az361816.vo.msecnd.net"
|
||||
"az512334.vo.msecnd.net"
|
||||
"b.ads1.msn.com"
|
||||
"b.ads2.msads.net"
|
||||
"bingads.microsoft.com"
|
||||
"b.rad.msn.com"
|
||||
"bs.serving-sys.com"
|
||||
"c.atdmt.com"
|
||||
"cdn.atdmt.com"
|
||||
"cds26.ams9.msecn.net"
|
||||
"choice.microsoft.com"
|
||||
"choice.microsoft.com.nsatc.net"
|
||||
"c.msn.com"
|
||||
"compatexchange.cloudapp.net"
|
||||
"corpext.msitadfs.glbdns2.microsoft.com"
|
||||
"corp.sts.microsoft.com"
|
||||
"cs1.wpc.v0cdn.net"
|
||||
"db3aqu.atdmt.com"
|
||||
"df.telemetry.microsoft.com"
|
||||
"diagnostics.support.microsoft.com"
|
||||
"e2835.dspb.akamaiedge.net"
|
||||
"e7341.g.akamaiedge.net"
|
||||
"e7502.ce.akamaiedge.net"
|
||||
"e8218.ce.akamaiedge.net"
|
||||
"ec.atdmt.com"
|
||||
"fe2.update.microsoft.com.akadns.net"
|
||||
"feedback.microsoft-hohm.com"
|
||||
"feedback.search.microsoft.com"
|
||||
"feedback.windows.com"
|
||||
"flex.msn.com"
|
||||
"g.msn.com"
|
||||
"h1.msn.com"
|
||||
"h2.msn.com"
|
||||
"hostedocsp.globalsign.com"
|
||||
"i1.services.social.microsoft.com"
|
||||
"i1.services.social.microsoft.com.nsatc.net"
|
||||
"ipv6.msftncsi.com"
|
||||
"ipv6.msftncsi.com.edgesuite.net"
|
||||
"lb1.www.ms.akadns.net"
|
||||
"live.rads.msn.com"
|
||||
"m.adnxs.com"
|
||||
"msedge.net"
|
||||
"msftncsi.com"
|
||||
"msnbot-65-55-108-23.search.msn.com"
|
||||
"msntest.serving-sys.com"
|
||||
"oca.telemetry.microsoft.com"
|
||||
"oca.telemetry.microsoft.com.nsatc.net"
|
||||
"onesettings-db5.metron.live.nsatc.net"
|
||||
"pre.footprintpredict.com"
|
||||
"preview.msn.com"
|
||||
"rad.live.com"
|
||||
"rad.msn.com"
|
||||
"redir.metaservices.microsoft.com"
|
||||
"reports.wes.df.telemetry.microsoft.com"
|
||||
"schemas.microsoft.akadns.net"
|
||||
"secure.adnxs.com"
|
||||
"secure.flashtalking.com"
|
||||
"services.wes.df.telemetry.microsoft.com"
|
||||
"settings-sandbox.data.microsoft.com"
|
||||
"settings-win.data.microsoft.com"
|
||||
"sls.update.microsoft.com.akadns.net"
|
||||
"sqm.df.telemetry.microsoft.com"
|
||||
"sqm.telemetry.microsoft.com"
|
||||
"sqm.telemetry.microsoft.com.nsatc.net"
|
||||
"ssw.live.com"
|
||||
"static.2mdn.net"
|
||||
"statsfe1.ws.microsoft.com"
|
||||
"statsfe2.update.microsoft.com.akadns.net"
|
||||
"statsfe2.ws.microsoft.com"
|
||||
"survey.watson.microsoft.com"
|
||||
"telecommand.telemetry.microsoft.com"
|
||||
"telecommand.telemetry.microsoft.com.nsatc.net"
|
||||
"telemetry.appex.bing.net"
|
||||
"telemetry.appex.bing.net:443"
|
||||
"telemetry.microsoft.com"
|
||||
"telemetry.urs.microsoft.com"
|
||||
"vortex-bn2.metron.live.com.nsatc.net"
|
||||
"vortex-cy2.metron.live.com.nsatc.net"
|
||||
"vortex.data.microsoft.com"
|
||||
"vortex-sandbox.data.microsoft.com"
|
||||
"vortex-win.data.microsoft.com"
|
||||
"watson.live.com"
|
||||
"watson.microsoft.com"
|
||||
"watson.ppe.telemetry.microsoft.com"
|
||||
"watson.telemetry.microsoft.com"
|
||||
"watson.telemetry.microsoft.com.nsatc.net"
|
||||
"wes.df.telemetry.microsoft.com"
|
||||
"win10.ipv6.microsoft.com"
|
||||
"www.bingads.microsoft.com"
|
||||
"www.go.microsoft.akadns.net"
|
||||
"www.msftncsi.com"
|
||||
|
||||
# extra
|
||||
"fe2.update.microsoft.com.akadns.net"
|
||||
"s0.2mdn.net"
|
||||
"statsfe2.update.microsoft.com.akadns.net",
|
||||
"survey.watson.microsoft.com"
|
||||
"view.atdmt.com"
|
||||
"watson.microsoft.com",
|
||||
"watson.ppe.telemetry.microsoft.com"
|
||||
"watson.telemetry.microsoft.com",
|
||||
"watson.telemetry.microsoft.com.nsatc.net"
|
||||
"wes.df.telemetry.microsoft.com"
|
||||
"ui.skype.com",
|
||||
"pricelist.skype.com"
|
||||
"apps.skype.com"
|
||||
"m.hotmail.com"
|
||||
"s.gateway.messenger.live.com"
|
||||
)
|
||||
echo "" | Out-File -Encoding ASCII -Append $hosts_file
|
||||
foreach ($domain in $domains) {
|
||||
if (-Not (Select-String -Path $hosts_file -Pattern $domain)) {
|
||||
echo "0.0.0.0 $domain" | Out-File -Encoding ASCII -Append $hosts_file
|
||||
}
|
||||
}
|
||||
|
||||
echo "Adding telemetry ips to firewall"
|
||||
$ips = @(
|
||||
"134.170.30.202"
|
||||
"137.116.81.24"
|
||||
"157.56.106.189"
|
||||
"2.22.61.43"
|
||||
"2.22.61.66"
|
||||
"204.79.197.200"
|
||||
"23.218.212.69"
|
||||
"65.39.117.230"
|
||||
"65.52.108.33"
|
||||
"65.55.108.23"
|
||||
)
|
||||
Remove-NetFirewallRule -DisplayName "Block Telemetry IPs" -ErrorAction SilentlyContinue
|
||||
New-NetFirewallRule -DisplayName "Block Telemetry IPs" -Direction Outbound `
|
||||
-Action Block -RemoteAddress ([string[]]$ips)
|
||||
# Description:
|
||||
# This script blocks telemetry related domains via the hosts file and related
|
||||
# IPs via Windows Firewall.
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
|
||||
|
||||
echo "Disabling telemetry via Group Policies"
|
||||
force-mkdir "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection"
|
||||
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0
|
||||
|
||||
echo "Adding telemetry domains to hosts file"
|
||||
$hosts_file = "$env:systemroot\System32\drivers\etc\hosts"
|
||||
$domains = @(
|
||||
"a-0001.a-msedge.net"
|
||||
"a-0002.a-msedge.net"
|
||||
"a-0003.a-msedge.net"
|
||||
"a-0004.a-msedge.net"
|
||||
"a-0005.a-msedge.net"
|
||||
"a-0006.a-msedge.net"
|
||||
"a-0007.a-msedge.net"
|
||||
"a-0008.a-msedge.net"
|
||||
"a-0009.a-msedge.net"
|
||||
"a1621.g.akamai.net"
|
||||
"a1856.g2.akamai.net"
|
||||
"a1961.g.akamai.net"
|
||||
#"a248.e.akamai.net" # makes iTunes download button disappear (#43)
|
||||
"a978.i6g1.akamai.net"
|
||||
"a.ads1.msn.com"
|
||||
"a.ads2.msads.net"
|
||||
"a.ads2.msn.com"
|
||||
"ac3.msn.com"
|
||||
"ad.doubleclick.net"
|
||||
"adnexus.net"
|
||||
"adnxs.com"
|
||||
"ads1.msads.net"
|
||||
"ads1.msn.com"
|
||||
"ads.msn.com"
|
||||
"aidps.atdmt.com"
|
||||
"aka-cdn-ns.adtech.de"
|
||||
"a-msedge.net"
|
||||
"any.edge.bing.com"
|
||||
"a.rad.msn.com"
|
||||
"az361816.vo.msecnd.net"
|
||||
"az512334.vo.msecnd.net"
|
||||
"b.ads1.msn.com"
|
||||
"b.ads2.msads.net"
|
||||
"bingads.microsoft.com"
|
||||
"b.rad.msn.com"
|
||||
"bs.serving-sys.com"
|
||||
"c.atdmt.com"
|
||||
"cdn.atdmt.com"
|
||||
"cds26.ams9.msecn.net"
|
||||
"choice.microsoft.com"
|
||||
"choice.microsoft.com.nsatc.net"
|
||||
"c.msn.com"
|
||||
"compatexchange.cloudapp.net"
|
||||
"corpext.msitadfs.glbdns2.microsoft.com"
|
||||
"corp.sts.microsoft.com"
|
||||
"cs1.wpc.v0cdn.net"
|
||||
"db3aqu.atdmt.com"
|
||||
"df.telemetry.microsoft.com"
|
||||
"diagnostics.support.microsoft.com"
|
||||
"e2835.dspb.akamaiedge.net"
|
||||
"e7341.g.akamaiedge.net"
|
||||
"e7502.ce.akamaiedge.net"
|
||||
"e8218.ce.akamaiedge.net"
|
||||
"ec.atdmt.com"
|
||||
"fe2.update.microsoft.com.akadns.net"
|
||||
"feedback.microsoft-hohm.com"
|
||||
"feedback.search.microsoft.com"
|
||||
"feedback.windows.com"
|
||||
"flex.msn.com"
|
||||
"g.msn.com"
|
||||
"h1.msn.com"
|
||||
"h2.msn.com"
|
||||
"hostedocsp.globalsign.com"
|
||||
"i1.services.social.microsoft.com"
|
||||
"i1.services.social.microsoft.com.nsatc.net"
|
||||
"ipv6.msftncsi.com"
|
||||
"ipv6.msftncsi.com.edgesuite.net"
|
||||
"lb1.www.ms.akadns.net"
|
||||
"live.rads.msn.com"
|
||||
"m.adnxs.com"
|
||||
"msedge.net"
|
||||
"msftncsi.com"
|
||||
"msnbot-65-55-108-23.search.msn.com"
|
||||
"msntest.serving-sys.com"
|
||||
"oca.telemetry.microsoft.com"
|
||||
"oca.telemetry.microsoft.com.nsatc.net"
|
||||
"onesettings-db5.metron.live.nsatc.net"
|
||||
"pre.footprintpredict.com"
|
||||
"preview.msn.com"
|
||||
"rad.live.com"
|
||||
"rad.msn.com"
|
||||
"redir.metaservices.microsoft.com"
|
||||
"reports.wes.df.telemetry.microsoft.com"
|
||||
"schemas.microsoft.akadns.net"
|
||||
"secure.adnxs.com"
|
||||
"secure.flashtalking.com"
|
||||
"services.wes.df.telemetry.microsoft.com"
|
||||
"settings-sandbox.data.microsoft.com"
|
||||
"settings-win.data.microsoft.com"
|
||||
"sls.update.microsoft.com.akadns.net"
|
||||
"sqm.df.telemetry.microsoft.com"
|
||||
"sqm.telemetry.microsoft.com"
|
||||
"sqm.telemetry.microsoft.com.nsatc.net"
|
||||
"ssw.live.com"
|
||||
"static.2mdn.net"
|
||||
"statsfe1.ws.microsoft.com"
|
||||
"statsfe2.update.microsoft.com.akadns.net"
|
||||
"statsfe2.ws.microsoft.com"
|
||||
"survey.watson.microsoft.com"
|
||||
"telecommand.telemetry.microsoft.com"
|
||||
"telecommand.telemetry.microsoft.com.nsatc.net"
|
||||
"telemetry.appex.bing.net"
|
||||
"telemetry.appex.bing.net:443"
|
||||
"telemetry.microsoft.com"
|
||||
"telemetry.urs.microsoft.com"
|
||||
"vortex-bn2.metron.live.com.nsatc.net"
|
||||
"vortex-cy2.metron.live.com.nsatc.net"
|
||||
"vortex.data.microsoft.com"
|
||||
"vortex-sandbox.data.microsoft.com"
|
||||
"vortex-win.data.microsoft.com"
|
||||
"watson.live.com"
|
||||
"watson.microsoft.com"
|
||||
"watson.ppe.telemetry.microsoft.com"
|
||||
"watson.telemetry.microsoft.com"
|
||||
"watson.telemetry.microsoft.com.nsatc.net"
|
||||
"wes.df.telemetry.microsoft.com"
|
||||
"win10.ipv6.microsoft.com"
|
||||
"www.bingads.microsoft.com"
|
||||
"www.go.microsoft.akadns.net"
|
||||
"www.msftncsi.com"
|
||||
|
||||
# extra
|
||||
"fe2.update.microsoft.com.akadns.net"
|
||||
"s0.2mdn.net"
|
||||
"statsfe2.update.microsoft.com.akadns.net",
|
||||
"survey.watson.microsoft.com"
|
||||
"view.atdmt.com"
|
||||
"watson.microsoft.com",
|
||||
"watson.ppe.telemetry.microsoft.com"
|
||||
"watson.telemetry.microsoft.com",
|
||||
"watson.telemetry.microsoft.com.nsatc.net"
|
||||
"wes.df.telemetry.microsoft.com"
|
||||
"ui.skype.com",
|
||||
"pricelist.skype.com"
|
||||
"apps.skype.com"
|
||||
"m.hotmail.com"
|
||||
"s.gateway.messenger.live.com"
|
||||
)
|
||||
echo "" | Out-File -Encoding ASCII -Append $hosts_file
|
||||
foreach ($domain in $domains) {
|
||||
if (-Not (Select-String -Path $hosts_file -Pattern $domain)) {
|
||||
echo "0.0.0.0 $domain" | Out-File -Encoding ASCII -Append $hosts_file
|
||||
}
|
||||
}
|
||||
|
||||
echo "Adding telemetry ips to firewall"
|
||||
$ips = @(
|
||||
"134.170.30.202"
|
||||
"137.116.81.24"
|
||||
"157.56.106.189"
|
||||
"2.22.61.43"
|
||||
"2.22.61.66"
|
||||
"204.79.197.200"
|
||||
"23.218.212.69"
|
||||
"65.39.117.230"
|
||||
"65.52.108.33"
|
||||
"65.55.108.23"
|
||||
)
|
||||
Remove-NetFirewallRule -DisplayName "Block Telemetry IPs" -ErrorAction SilentlyContinue
|
||||
New-NetFirewallRule -DisplayName "Block Telemetry IPs" -Direction Outbound `
|
||||
-Action Block -RemoteAddress ([string[]]$ips)
|
||||
|
@ -1,28 +1,30 @@
|
||||
# Description:
|
||||
# This script disables Windows Defender.
|
||||
|
||||
$tasks = @(
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Cleanup"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Verification"
|
||||
)
|
||||
|
||||
foreach ($task in $tasks) {
|
||||
$parts = $task.split('\')
|
||||
$name = $parts[-1]
|
||||
$path = $parts[0..($parts.length-2)] -join '\'
|
||||
|
||||
echo "Trying to disable scheduled task $name"
|
||||
Disable-ScheduledTask -TaskName "$name" -TaskPath "$path"
|
||||
}
|
||||
|
||||
echo "Disabling Windows Defender via Group Policies"
|
||||
mkdir -Force "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender"
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableAntiSpyware" 1
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableRoutinelyTakingAction" 1
|
||||
mkdir -Force "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection"
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection" "DisableRealtimeMonitoring" 1
|
||||
|
||||
echo "Removing Windows Defender context menu item"
|
||||
si "HKLM:\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780}\InprocServer32" ""
|
||||
# Description:
|
||||
# This script disables Windows Defender.
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
|
||||
|
||||
$tasks = @(
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Cleanup"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan"
|
||||
"\Microsoft\Windows\Windows Defender\Windows Defender Verification"
|
||||
)
|
||||
|
||||
foreach ($task in $tasks) {
|
||||
$parts = $task.split('\')
|
||||
$name = $parts[-1]
|
||||
$path = $parts[0..($parts.length-2)] -join '\'
|
||||
|
||||
echo "Trying to disable scheduled task $name"
|
||||
Disable-ScheduledTask -TaskName "$name" -TaskPath "$path"
|
||||
}
|
||||
|
||||
echo "Disabling Windows Defender via Group Policies"
|
||||
force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender"
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableAntiSpyware" 1
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender" "DisableRoutinelyTakingAction" 1
|
||||
force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection"
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows Defender\Real-Time Protection" "DisableRealtimeMonitoring" 1
|
||||
|
||||
echo "Removing Windows Defender context menu item"
|
||||
si "HKLM:\SOFTWARE\Classes\CLSID\{09A47860-11B0-4DA5-AFA5-26D86198A780}\InprocServer32" ""
|
||||
|
@ -1,100 +1,101 @@
|
||||
# Description:
|
||||
# This script will try to fix many of the privacy settings for the user. This
|
||||
# is work in progress!
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
|
||||
|
||||
echo "Elevating priviledges for this process"
|
||||
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
|
||||
|
||||
echo "Defuse Windows search settings"
|
||||
Set-WindowsSearchSetting -EnableWebResultsSetting $false
|
||||
|
||||
echo "Set general privacy options"
|
||||
sp "HKCU:\Control Panel\International\User Profile" "HttpAcceptLanguageOptOut" 1
|
||||
mkdir -Force "HKCU:\Printers\Defaults"
|
||||
sp "HKCU:\Printers\Defaults" "NetID" "{00000000-0000-0000-0000-000000000000}"
|
||||
mkdir -Force "HKCU:\SOFTWARE\Microsoft\Input\TIPC"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Input\TIPC" "Enabled" 0
|
||||
mkdir -Force "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" "Enabled" 0
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" "EnableWebContentEvaluation" 0
|
||||
|
||||
echo "Disable synchronisation of settings"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "BackupPolicy" 0x3c
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "DeviceMetadataUploaded" 0
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "PriorLogons" 1
|
||||
$groups = @(
|
||||
"Accessibility"
|
||||
"AppSync"
|
||||
"BrowserSettings"
|
||||
"Credentials"
|
||||
"DesktopTheme"
|
||||
"Language"
|
||||
"PackageState"
|
||||
"Personalization"
|
||||
"StartLayout"
|
||||
"Windows"
|
||||
)
|
||||
foreach ($group in $groups) {
|
||||
mkdir -Force "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\$group"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\$group" "Enabled" 0
|
||||
}
|
||||
|
||||
echo "Set privacy policy accepted state to 0"
|
||||
mkdir -Force "HKCU:\SOFTWARE\Microsoft\Personalization\Settings"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Personalization\Settings" "AcceptedPrivacyPolicy" 0
|
||||
|
||||
echo "Do not scan contact informations"
|
||||
mkdir -Force "HKCU:\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore" "HarvestContacts" 0
|
||||
|
||||
echo "Inking and typing settings"
|
||||
mkdir -Force "HKCU:\SOFTWARE\Microsoft\InputPersonalization"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\InputPersonalization" "RestrictImplicitInkCollection" 1
|
||||
sp "HKCU:\SOFTWARE\Microsoft\InputPersonalization" "RestrictImplicitTextCollection" 1
|
||||
|
||||
echo "Microsoft Edge settings"
|
||||
mkdir -Force "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main"
|
||||
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" "DoNotTrack" 1
|
||||
mkdir -Force "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\User\Default\SearchScopes"
|
||||
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\User\Default\SearchScopes" "ShowSearchSuggestionsGlobal" 0
|
||||
mkdir -Force "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead"
|
||||
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" "FPEnabled" 0
|
||||
mkdir -Force "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter"
|
||||
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" "EnabledV9" 0
|
||||
|
||||
echo "Disable background access of default apps"
|
||||
foreach ($key in (ls "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications")) {
|
||||
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\" + $key.PSChildName) "Disabled" 1
|
||||
}
|
||||
|
||||
echo "Denying device access"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "Type" "LooselyCoupled"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "Value" "Deny"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "InitialAppValue" "Unspecified"
|
||||
foreach ($key in (ls "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global")) {
|
||||
if ($key.PSChildName -EQ "LooselyCoupled") {
|
||||
continue
|
||||
}
|
||||
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "Type" "InterfaceClass"
|
||||
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "Value" "Deny"
|
||||
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "InitialAppValue" "Unspecified"
|
||||
}
|
||||
|
||||
echo "Disable location sensor"
|
||||
mkdir -Force "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Permissions\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Permissions\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}" "SensorPermissionState" 0
|
||||
|
||||
echo "Disable submission of Windows Defender findings (w/ elevated privileges)"
|
||||
Takeown-Registry("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet")
|
||||
sp "HKLM:\SOFTWARE\Microsoft\Windows Defender\Spynet" "SpyNetReporting" 0
|
||||
sp "HKLM:\SOFTWARE\Microsoft\Windows Defender\Spynet" "SubmitSamplesConsent" 0
|
||||
|
||||
echo "Do not share wifi networks"
|
||||
$user = New-Object System.Security.Principal.NTAccount($env:UserName)
|
||||
$sid = $user.Translate([System.Security.Principal.SecurityIdentifier]).value
|
||||
mkdir -Force ("HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\" + $sid)
|
||||
sp ("HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\" + $sid) "FeatureStates" 0x33c
|
||||
sp "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseCredShared" 0
|
||||
sp "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseOpen" 0
|
||||
# Description:
|
||||
# This script will try to fix many of the privacy settings for the user. This
|
||||
# is work in progress!
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
|
||||
|
||||
echo "Elevating priviledges for this process"
|
||||
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
|
||||
|
||||
echo "Defuse Windows search settings"
|
||||
Set-WindowsSearchSetting -EnableWebResultsSetting $false
|
||||
|
||||
echo "Set general privacy options"
|
||||
sp "HKCU:\Control Panel\International\User Profile" "HttpAcceptLanguageOptOut" 1
|
||||
force-mkdir "HKCU:\Printers\Defaults"
|
||||
sp "HKCU:\Printers\Defaults" "NetID" "{00000000-0000-0000-0000-000000000000}"
|
||||
force-mkdir "HKCU:\SOFTWARE\Microsoft\Input\TIPC"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Input\TIPC" "Enabled" 0
|
||||
force-mkdir "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" "Enabled" 0
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" "EnableWebContentEvaluation" 0
|
||||
|
||||
echo "Disable synchronisation of settings"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "BackupPolicy" 0x3c
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "DeviceMetadataUploaded" 0
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" "PriorLogons" 1
|
||||
$groups = @(
|
||||
"Accessibility"
|
||||
"AppSync"
|
||||
"BrowserSettings"
|
||||
"Credentials"
|
||||
"DesktopTheme"
|
||||
"Language"
|
||||
"PackageState"
|
||||
"Personalization"
|
||||
"StartLayout"
|
||||
"Windows"
|
||||
)
|
||||
foreach ($group in $groups) {
|
||||
force-mkdir "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\$group"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\$group" "Enabled" 0
|
||||
}
|
||||
|
||||
echo "Set privacy policy accepted state to 0"
|
||||
force-mkdir "HKCU:\SOFTWARE\Microsoft\Personalization\Settings"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Personalization\Settings" "AcceptedPrivacyPolicy" 0
|
||||
|
||||
echo "Do not scan contact informations"
|
||||
force-mkdir "HKCU:\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore" "HarvestContacts" 0
|
||||
|
||||
echo "Inking and typing settings"
|
||||
force-mkdir "HKCU:\SOFTWARE\Microsoft\InputPersonalization"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\InputPersonalization" "RestrictImplicitInkCollection" 1
|
||||
sp "HKCU:\SOFTWARE\Microsoft\InputPersonalization" "RestrictImplicitTextCollection" 1
|
||||
|
||||
echo "Microsoft Edge settings"
|
||||
force-mkdir "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main"
|
||||
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" "DoNotTrack" 1
|
||||
force-mkdir "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\User\Default\SearchScopes"
|
||||
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\User\Default\SearchScopes" "ShowSearchSuggestionsGlobal" 0
|
||||
force-mkdir "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead"
|
||||
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" "FPEnabled" 0
|
||||
force-mkdir "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter"
|
||||
sp "HKCU:\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" "EnabledV9" 0
|
||||
|
||||
echo "Disable background access of default apps"
|
||||
foreach ($key in (ls "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications")) {
|
||||
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications\" + $key.PSChildName) "Disabled" 1
|
||||
}
|
||||
|
||||
echo "Denying device access"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "Type" "LooselyCoupled"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "Value" "Deny"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\LooselyCoupled" "InitialAppValue" "Unspecified"
|
||||
foreach ($key in (ls "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global")) {
|
||||
if ($key.PSChildName -EQ "LooselyCoupled") {
|
||||
continue
|
||||
}
|
||||
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "Type" "InterfaceClass"
|
||||
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "Value" "Deny"
|
||||
sp ("HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\" + $key.PSChildName) "InitialAppValue" "Unspecified"
|
||||
}
|
||||
|
||||
echo "Disable location sensor"
|
||||
force-mkdir "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Permissions\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Permissions\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}" "SensorPermissionState" 0
|
||||
|
||||
echo "Disable submission of Windows Defender findings (w/ elevated privileges)"
|
||||
Takeown-Registry("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet")
|
||||
sp "HKLM:\SOFTWARE\Microsoft\Windows Defender\Spynet" "SpyNetReporting" 0 # write-protected even after takeown ?!
|
||||
sp "HKLM:\SOFTWARE\Microsoft\Windows Defender\Spynet" "SubmitSamplesConsent" 0
|
||||
|
||||
echo "Do not share wifi networks"
|
||||
$user = New-Object System.Security.Principal.NTAccount($env:UserName)
|
||||
$sid = $user.Translate([System.Security.Principal.SecurityIdentifier]).value
|
||||
force-mkdir ("HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\" + $sid)
|
||||
sp ("HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features\" + $sid) "FeatureStates" 0x33c
|
||||
sp "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseCredShared" 0
|
||||
sp "HKLM:\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\features" "WiFiSenseOpen" 0
|
||||
|
@ -1,118 +1,79 @@
|
||||
# Description
|
||||
# This script will apply MarkC's mouse acceleration fix (for 100% DPI) and
|
||||
# disable some accessibility features regarding keyboard input. Additional
|
||||
# some UI elements will be changed.
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
|
||||
|
||||
echo "Elevating priviledges for this process"
|
||||
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
|
||||
|
||||
echo "Apply MarkC's mouse acceleration fix"
|
||||
sp "HKCU:\Control Panel\Mouse" "MouseSensitivity" "10"
|
||||
sp "HKCU:\Control Panel\Mouse" "MouseSpeed" "0"
|
||||
sp "HKCU:\Control Panel\Mouse" "MouseThreshold1" "0"
|
||||
sp "HKCU:\Control Panel\Mouse" "MouseThreshold2" "0"
|
||||
sp "HKCU:\Control Panel\Mouse" "SmoothMouseXCurve" ([byte[]](0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0xC0, 0xCC, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x80, 0x99, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x66, 0x26, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x33, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00))
|
||||
sp "HKCU:\Control Panel\Mouse" "SmoothMouseYCurve" ([byte[]](0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x38, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x70, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xA8, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0xE0, 0x00, 0x00, 0x00, 0x00, 0x00))
|
||||
|
||||
echo "Disable mouse pointer hiding"
|
||||
sp "HKCU:\Control Panel\Desktop" "UserPreferencesMask" ([byte[]](0x9e,
|
||||
0x1e, 0x06, 0x80, 0x12, 0x00, 0x00, 0x00))
|
||||
|
||||
echo "Disable easy access keyboard stuff"
|
||||
sp "HKCU:\Control Panel\Accessibility\StickyKeys" "Flags" "506"
|
||||
sp "HKCU:\Control Panel\Accessibility\Keyboard Response" "Flags" "122"
|
||||
sp "HKCU:\Control Panel\Accessibility\ToggleKeys" "Flags" "58"
|
||||
|
||||
echo "Restoring old volume slider"
|
||||
mkdir -Force "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\MTCUVC"
|
||||
sp "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\MTCUVC" "EnableMtcUvc" 0
|
||||
|
||||
echo "Setting folder view options"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "Hidden" 1
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "HideFileExt" 0
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "HideDrivesWithNoMedia" 0
|
||||
|
||||
echo "Setting default explorer view to This PC"
|
||||
sp "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "LaunchTo" 1
|
||||
|
||||
# Explorer will throw an error if quick acess is removed and default view has
|
||||
# not been changed to This PC.
|
||||
#echo "Removing Quick Access from explorer"
|
||||
#Takeown-Registry("HKEY_CLASSES_ROOT\CLSID\{679f85cb-0220-4080-b29b-5540cc05aab6}\ShellFolder")
|
||||
#New-PSDrive -PSProvider "Registry" -Root "HKEY_CLASSES_ROOT" -Name "HKCR"
|
||||
#sp "HKCR:\CLSID\{679f85cb-0220-4080-b29b-5540cc05aab6}\ShellFolder" "Attributes" 0xa0600000
|
||||
#Remove-PSDrive "HKCR"
|
||||
|
||||
echo "Removing user folders under This PC"
|
||||
# Remove Desktop from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}"
|
||||
# Remove Documents from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}"
|
||||
# Remove Downloads from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}"
|
||||
# Remove Music from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}"
|
||||
# Remove Pictures from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}"
|
||||
# Remove Videos from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}"
|
||||
|
||||
echo "Disabling login screen background image"
|
||||
mkdir -Force "HKLM:\Software\Policies\Microsoft\Windows\System"
|
||||
sp "HKLM:\Software\Policies\Microsoft\Windows\System" "DisableLogonBackgroundImage" 1
|
||||
|
||||
echo "Disabling new lock screen"
|
||||
mkdir -Force "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization"
|
||||
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization" "NoLockScreen" 1
|
||||
|
||||
echo "Disable startmenu search features"
|
||||
mkdir -Force "HKLM:\Software\Policies\Microsoft\Windows\Windows Search"
|
||||
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" AllowCortana 0
|
||||
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" DisableWebSearch 1
|
||||
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" AllowSearchToUseLocation 0
|
||||
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search\" ConnectedSearchUseWeb 0
|
||||
|
||||
echo "Disable AutoRun"
|
||||
mkdir -Force "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" "NoDriveTypeAutoRun" 0xff
|
||||
mkdir -Force "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer"
|
||||
sp "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" "NoDriveTypeAutoRun" 0xff
|
||||
|
||||
#echo "Disabling tile push notification"
|
||||
#mkdir -Force "HKCU:\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications"
|
||||
#sp "HKCU:\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" "NoTileApplicationNotification" 1
|
||||
|
||||
#echo "Disabling screen saver"
|
||||
#sp "HKCU:\Control Panel\Desktop\" "ScreenSaveActive" "0"
|
||||
|
||||
#echo "Use legacy advanced boot menu"
|
||||
#bcdedit.exe /set `{current`} bootmenupolicy Legacy
|
||||
|
||||
# src: https://social.technet.microsoft.com/Forums/en-US/fa742f1a-38be-4ca2-9660-da58068214ed
|
||||
echo "Remove all tiles from start menu"
|
||||
$e = (New-Object -Com Shell.Application).NameSpace('shell:::{4234d49b-0245-4df3-b780-3893943456e1}')
|
||||
$e.Items() | %{$_.Verbs()} | ?{$_.Name.replace('&','') -match 'Unpin from Start'} | %{$_.DoIt()}
|
||||
# Description
|
||||
# This script will apply MarkC's mouse acceleration fix (for 100% DPI) and
|
||||
# disable some accessibility features regarding keyboard input. Additional
|
||||
# some UI elements will be changed.
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
|
||||
|
||||
echo "Elevating priviledges for this process"
|
||||
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege)
|
||||
|
||||
echo "Apply MarkC's mouse acceleration fix"
|
||||
sp "HKCU:\Control Panel\Mouse" "MouseSensitivity" "10"
|
||||
sp "HKCU:\Control Panel\Mouse" "MouseSpeed" "0"
|
||||
sp "HKCU:\Control Panel\Mouse" "MouseThreshold1" "0"
|
||||
sp "HKCU:\Control Panel\Mouse" "MouseThreshold2" "0"
|
||||
sp "HKCU:\Control Panel\Mouse" "SmoothMouseXCurve" ([byte[]](0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0xC0, 0xCC, 0x0C, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x80, 0x99, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x66, 0x26, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x33, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00))
|
||||
sp "HKCU:\Control Panel\Mouse" "SmoothMouseYCurve" ([byte[]](0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x38, 0x00, 0x00, 0x00, 0x00, 0x00,
|
||||
0x00, 0x00, 0x70, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xA8, 0x00, 0x00,
|
||||
0x00, 0x00, 0x00, 0x00, 0x00, 0xE0, 0x00, 0x00, 0x00, 0x00, 0x00))
|
||||
|
||||
echo "Disable mouse pointer hiding"
|
||||
sp "HKCU:\Control Panel\Desktop" "UserPreferencesMask" ([byte[]](0x9e,
|
||||
0x1e, 0x06, 0x80, 0x12, 0x00, 0x00, 0x00))
|
||||
|
||||
echo "Disable easy access keyboard stuff"
|
||||
sp "HKCU:\Control Panel\Accessibility\StickyKeys" "Flags" "506"
|
||||
sp "HKCU:\Control Panel\Accessibility\Keyboard Response" "Flags" "122"
|
||||
sp "HKCU:\Control Panel\Accessibility\ToggleKeys" "Flags" "58"
|
||||
|
||||
echo "Restoring old volume slider"
|
||||
force-mkdir "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\MTCUVC"
|
||||
sp "HKLM:\Software\Microsoft\Windows NT\CurrentVersion\MTCUVC" "EnableMtcUvc" 0
|
||||
|
||||
echo "Setting folder view options"
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "Hidden" 1
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "HideFileExt" 0
|
||||
sp "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "HideDrivesWithNoMedia" 0
|
||||
|
||||
echo "Setting default explorer view to This PC"
|
||||
sp "HKCU:\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" "LaunchTo" 1
|
||||
|
||||
echo "Removing user folders under This PC"
|
||||
# Remove Desktop from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}"
|
||||
# Remove Documents from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}"
|
||||
# Remove Downloads from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{374DE290-123F-4565-9164-39C4925E467B}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}"
|
||||
# Remove Music from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{1CF1260C-4DD0-4ebb-811F-33C572699FDE}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}"
|
||||
# Remove Pictures from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}"
|
||||
# Remove Videos from This PC
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}"
|
||||
rm "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{A0953C92-50DC-43bf-BE83-3742FED03C9C}"
|
||||
rm "HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}"
|
||||
|
||||
#echo "Disabling tile push notification"
|
||||
#force-mkdir "HKCU:\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications"
|
||||
#sp "HKCU:\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" "NoTileApplicationNotification" 1
|
||||
|
@ -1,23 +1,25 @@
|
||||
# Description:
|
||||
# This script optimizes Windows updates by disabling automatic download and
|
||||
# seeding updates to other computers.
|
||||
|
||||
echo "Disable automatic download and installation of Windows updates"
|
||||
mkdir -Force "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU"
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "NoAutoUpdate" 0
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "AUOptions" 2
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "ScheduledInstallDay" 0
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "ScheduledInstallTime" 3
|
||||
|
||||
echo "Disable seeding of updates to other computers via Group Policies"
|
||||
mkdir -Force "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization"
|
||||
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" "DODownloadMode" 0
|
||||
|
||||
#echo "Disabling automatic driver update"
|
||||
#sp "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DriverSearching" "SearchOrderConfig" 0
|
||||
|
||||
echo "Disable 'Updates are available' message"
|
||||
takeown /F "$env:WinDIR\System32\MusNotification.exe"
|
||||
icacls "$env:WinDIR\System32\MusNotification.exe" /deny "Everyone:(X)"
|
||||
takeown /F "$env:WinDIR\System32\MusNotificationUx.exe"
|
||||
icacls "$env:WinDIR\System32\MusNotificationUx.exe" /deny "Everyone:(X)"
|
||||
# Description:
|
||||
# This script optimizes Windows updates by disabling automatic download and
|
||||
# seeding updates to other computers.
|
||||
#
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
|
||||
|
||||
echo "Disable automatic download and installation of Windows updates"
|
||||
force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU"
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "NoAutoUpdate" 0
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "AUOptions" 2
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "ScheduledInstallDay" 0
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\WindowsUpdate\AU" "ScheduledInstallTime" 3
|
||||
|
||||
echo "Disable seeding of updates to other computers via Group Policies"
|
||||
force-mkdir "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization"
|
||||
sp "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" "DODownloadMode" 0
|
||||
|
||||
#echo "Disabling automatic driver update"
|
||||
#sp "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DriverSearching" "SearchOrderConfig" 0
|
||||
|
||||
echo "Disable 'Updates are available' message"
|
||||
takeown /F "$env:WinDIR\System32\MusNotification.exe"
|
||||
icacls "$env:WinDIR\System32\MusNotification.exe" /deny "Everyone:(X)"
|
||||
takeown /F "$env:WinDIR\System32\MusNotificationUx.exe"
|
||||
icacls "$env:WinDIR\System32\MusNotificationUx.exe" /deny "Everyone:(X)"
|
||||
|
@ -1,55 +1,56 @@
|
||||
# Description:
|
||||
# This script will remove and disable OneDrive integration.
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
|
||||
|
||||
echo "Kill OneDrive process"
|
||||
taskkill.exe /F /IM "OneDrive.exe"
|
||||
taskkill.exe /F /IM "explorer.exe"
|
||||
|
||||
echo "Remove OneDrive"
|
||||
if (Test-Path "$env:systemroot\System32\OneDriveSetup.exe") {
|
||||
& "$env:systemroot\System32\OneDriveSetup.exe" /uninstall
|
||||
}
|
||||
if (Test-Path "$env:systemroot\SysWOW64\OneDriveSetup.exe") {
|
||||
& "$env:systemroot\SysWOW64\OneDriveSetup.exe" /uninstall
|
||||
}
|
||||
|
||||
echo "Removing OneDrive leftovers"
|
||||
rm -Recurse -Force -ErrorAction SilentlyContinue "$env:localappdata\Microsoft\OneDrive"
|
||||
rm -Recurse -Force -ErrorAction SilentlyContinue "$env:programdata\Microsoft OneDrive"
|
||||
rm -Recurse -Force -ErrorAction SilentlyContinue "$env:userprofile\OneDrive"
|
||||
rm -Recurse -Force -ErrorAction SilentlyContinue "C:\OneDriveTemp"
|
||||
|
||||
echo "Disable OneDrive via Group Policies"
|
||||
mkdir -Force "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive"
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive" "DisableFileSyncNGSC" 1
|
||||
|
||||
echo "Remove Onedrive from explorer sidebar"
|
||||
New-PSDrive -PSProvider "Registry" -Root "HKEY_CLASSES_ROOT" -Name "HKCR"
|
||||
mkdir -Force "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
|
||||
sp "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
|
||||
mkdir -Force "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
|
||||
sp "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
|
||||
Remove-PSDrive "HKCR"
|
||||
|
||||
# Thank you Matthew Israelsson
|
||||
echo "Removing run hook for new users"
|
||||
reg load "hku\Default" "C:\Users\Default\NTUSER.DAT"
|
||||
reg delete "HKEY_USERS\Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OneDriveSetup" /f
|
||||
reg unload "hku\Default"
|
||||
|
||||
echo "Removing startmenu entry"
|
||||
rm -Force -ErrorAction SilentlyContinue "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk"
|
||||
|
||||
echo "Restarting explorer"
|
||||
start "explorer.exe"
|
||||
|
||||
echo "Waiting for explorer to complete loading"
|
||||
sleep 10
|
||||
|
||||
echo "Removing additional OneDrive leftovers"
|
||||
foreach ($item in (ls "$env:WinDir\WinSxS\*onedrive*")) {
|
||||
Takeown-Folder $item.FullName
|
||||
rm -Recurse -Force $item.FullName
|
||||
}
|
||||
# Description:
|
||||
# This script will remove and disable OneDrive integration.
|
||||
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\force-mkdir.psm1
|
||||
Import-Module -DisableNameChecking $PSScriptRoot\..\lib\take-own.psm1
|
||||
|
||||
echo "Kill OneDrive process"
|
||||
taskkill.exe /F /IM "OneDrive.exe"
|
||||
taskkill.exe /F /IM "explorer.exe"
|
||||
|
||||
echo "Remove OneDrive"
|
||||
if (Test-Path "$env:systemroot\System32\OneDriveSetup.exe") {
|
||||
& "$env:systemroot\System32\OneDriveSetup.exe" /uninstall
|
||||
}
|
||||
if (Test-Path "$env:systemroot\SysWOW64\OneDriveSetup.exe") {
|
||||
& "$env:systemroot\SysWOW64\OneDriveSetup.exe" /uninstall
|
||||
}
|
||||
|
||||
echo "Removing OneDrive leftovers"
|
||||
rm -Recurse -Force -ErrorAction SilentlyContinue "$env:localappdata\Microsoft\OneDrive"
|
||||
rm -Recurse -Force -ErrorAction SilentlyContinue "$env:programdata\Microsoft OneDrive"
|
||||
rm -Recurse -Force -ErrorAction SilentlyContinue "$env:userprofile\OneDrive"
|
||||
rm -Recurse -Force -ErrorAction SilentlyContinue "C:\OneDriveTemp"
|
||||
|
||||
echo "Disable OneDrive via Group Policies"
|
||||
force-mkdir "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive"
|
||||
sp "HKLM:\SOFTWARE\Wow6432Node\Policies\Microsoft\Windows\OneDrive" "DisableFileSyncNGSC" 1
|
||||
|
||||
echo "Remove Onedrive from explorer sidebar"
|
||||
New-PSDrive -PSProvider "Registry" -Root "HKEY_CLASSES_ROOT" -Name "HKCR"
|
||||
mkdir -Force "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
|
||||
sp "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
|
||||
mkdir -Force "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
|
||||
sp "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" "System.IsPinnedToNameSpaceTree" 0
|
||||
Remove-PSDrive "HKCR"
|
||||
|
||||
# Thank you Matthew Israelsson
|
||||
echo "Removing run hook for new users"
|
||||
reg load "hku\Default" "C:\Users\Default\NTUSER.DAT"
|
||||
reg delete "HKEY_USERS\Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OneDriveSetup" /f
|
||||
reg unload "hku\Default"
|
||||
|
||||
echo "Removing startmenu entry"
|
||||
rm -Force -ErrorAction SilentlyContinue "$env:userprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk"
|
||||
|
||||
echo "Restarting explorer"
|
||||
start "explorer.exe"
|
||||
|
||||
echo "Waiting for explorer to complete loading"
|
||||
sleep 10
|
||||
|
||||
echo "Removing additional OneDrive leftovers"
|
||||
foreach ($item in (ls "$env:WinDir\WinSxS\*onedrive*")) {
|
||||
Takeown-Folder $item.FullName
|
||||
rm -Recurse -Force $item.FullName
|
||||
}
|
||||
|
Loading…
Reference in New Issue