def step_10(self):
for key in TaskManager.str_unpack(
os.path.join(
self.user_regpath,
r'\software\($|Wow6432Node\)policies\microsoft\office\15.0\osm'
)):
TaskManager.reg_add(key, 'enablelogging', 'reg_dword', '0', True)
TaskManager.reg_add(key, 'enablefileobfuscation', 'reg_dword', '1',
True)
TaskManager.reg_add(key, 'enableupload', 'reg_dword', '0', True)
for key in TaskManager.str_unpack(
os.path.join(
self.user_regpath,
r'\software\($|Wow6432Node\)policies\microsoft\office\16.0\osm'
)):
TaskManager.reg_add(key, 'enablelogging', 'reg_dword', '0', True)
TaskManager.reg_add(key, 'enablefileobfuscation', 'reg_dword', '1',
True)
TaskManager.reg_add(key, 'enableupload', 'reg_dword', '0', True)
for key in TaskManager.str_unpack(
r'hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\windows\datacollection'
):
TaskManager.reg_add(key, 'allowtelemetry', 'reg_dword', '0', True)
for key in TaskManager.str_unpack(
r'hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\windows\scripteddiagnosticsprovider\policy'
):
TaskManager.reg_add(key, 'enablequeryremoteserver', 'reg_dword',
'0', True)
def step_11(self):
for key in TaskManager.str_unpack(
r'hkey_local_machine\software\($|Wow6432Node\)microsoft\wcmsvc\wifinetworkmanager'
):
TaskManager.reg_add(key, 'wifisensecredshared', 'reg_dword', '0',
True)
TaskManager.reg_add(key, 'wifisenseopen', 'reg_dword', '0', True)
def step_9(self):
for key in TaskManager.str_unpack(
r'hkey_local_machine\software\($|Wow6432Node\)microsoft\windows defender\spynet'
):
TaskManager.reg_add(key, 'spynetreporting', 'reg_dword', '0', True)
TaskManager.reg_add(key, 'submitsamplesconsent', 'reg_dword', '0',
True)
def step_2(self):
for key in TaskManager.str_unpack(
r'hkey_local_machine\software\($|Wow6432Node\)microsoft\windows\currentversion\windowsupdate\auto update'
):
TaskManager.reg_add(key, 'auoptions', 'reg_dword', '2', True)
TaskManager.reg_add(key, 'enablefeaturedsoftware', 'reg_dword',
'0', True)
TaskManager.reg_add(key, 'includerecommendedupdates', 'reg_dword',
'0', True)
def step_0(self):
data = (
r"hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\office\15.0\osm",
r"hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\office\16.0\osm",
r"hkey_local_machine\software\($|Wow6432Node\)microsoft\wcmsvc\wifinetworkmanager",
r"hkey_local_machine\software\($|Wow6432Node\)microsoft\windows\currentversion\windowsupdate\auto update",
r"hkey_local_machine\software\($|Wow6432Node\)microsoft\windows defender\spynet",
r"hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\sqmclient\windows",
r"hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\windows\datacollection",
r"hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\windows\gwx",
r"hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\windows\scripteddiagnosticsprovider\policy",
r"hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\windows\skydrive",
r"hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\windows\windowsupdate",
r"hkey_local_machine\system\currentcontrolset\control\wmi\autologger\autoLogger-diagtrack-listener"
)
for i in TaskManager.str_unpack(data):
if TaskManager.reg_exists(i):
TaskManager.reg_unlock(i)
def step_7(self):
data = (
r"\microsoft\windows\application experience\aitagent",
r"\microsoft\windows\application experience\microsoft compatibility appraiser",
r"\microsoft\windows\application experience\programdataupdater",
r"\microsoft\windows\autochk\proxy",
r"\microsoft\windows\customer experience improvement program\consolidator",
r"\microsoft\windows\customer experience improvement program\kernelceiptask",
r"\microsoft\windows\customer experience improvement program\usbceip",
r"\microsoft\windows\diskdiagnostic\microsoft-windows-diskdiagnosticdatacollector",
r"\microsoft\windows\maintenance\winsat",
r"\microsoft\windows\media center\activatewindowssearch",
r"\microsoft\windows\media center\configureinternettimeservice",
r"\microsoft\windows\media center\dispatchrecoverytasks",
r"\microsoft\windows\media center\ehdrminit",
r"\microsoft\windows\media center\installplayready",
r"\microsoft\windows\media center\mcupdate",
r"\microsoft\windows\media center\mediacenterrecoverytask",
r"\microsoft\windows\media center\objectstorerecoverytask",
r"\microsoft\windows\media center\ocuractivate",
r"\microsoft\windows\media center\ocurdiscovery",
r"\microsoft\windows\media center\pbdadiscovery",
r"\microsoft\windows\media center\pbdadiscoveryw1",
r"\microsoft\windows\media center\pbdadiscoveryw2",
r"\microsoft\windows\media center\pvrrecoverytask",
r"\microsoft\windows\media center\pvrscheduletask",
r"\microsoft\windows\media center\registersearch",
r"\microsoft\windows\media center\reindexsearchroot",
r"\microsoft\windows\media center\sqlliterecoverytask",
r"\microsoft\windows\media center\updaterecordpath",
r"\microsoft\windows\pi\sqm-tasks",
r"\microsoft\windows\power efficiency diagnostics\analyzeSystem",
r"\microsoft\windows\setup\gwx\refreshgwxconfigandcontent",
r"\microsoft\windows\windows error reporting\queuereporting",
)
for i in TaskManager.str_unpack(self.step7_data):
if TaskManager.schtasks_exists(i):
TaskManager.schtasks_disable(i)
def step_13(self):
for key in TaskManager.str_unpack(
r'hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\windows\windowsupdate'
):
TaskManager.reg_add(key, 'disableosupgrade', 'reg_dword', '1',
True)
def step_1(self):
data = (
"0.r.msn.com",
"a.ads1.msn.com",
"a.ads2.msn.com",
"a.rad.msn.com",
"ac3.msn.com",
"act-3-blu.mesh.com",
"activesync.glbdns2.microsoft.com",
"ad.doubleclick.net",
"ads.eu.msn.com",
"ads.msn.com",
"ads.msn.com.nsatc.net",
"ads1.msads.net",
"ads1.msn.com",
"ads2.msn.com",
"ads2.msn.com.c.footprint.net",
"adsmockarc.azurewebsites.net",
"adsyndication.msn.com",
"aidps.atdmt.com",
"aidps.msn.com.nsatc.net",
"aka-cdn-ns.adtech.de",
"analytics.live.com",
"analytics.microsoft.com",
"analytics.msn.com",
"analytics.msnbc.msn.com",
"analytics.r.msn.com",
"appexmapsappupdate.blob.core.windows.net",
"arc2.msn.com",
"arc3.msn.com",
"arc9.msn.com",
"atlas.c10r.facebook.com",
"b.ads1.msn.com",
"b.rad.msn.com",
"bat.bing.com",
"bingads.microsoft.com",
"bl3302.storage.skyprod.akadns.net",
"blu.mobileads.msn.com",
"bn1-2cd.wns.windows.com",
"bn1cd.wns.windows.com",
"bn1wns2011508.wns.windows.com",
"bn2wns1.wns.windows.com",
"bn2wns1b.wns.windows.com",
"bs.eyeblaster.akadns.net",
"bs.serving-sys.com",
"c.atdmt.com",
"c.atdmt.com.nsatc.net",
"c.bing.com",
"c.microsoft.com",
"c.msn.com",
"c.msn.com.nsatc.net",
"c.ninemsn.com.au",
"c.no.msn.com",
"c1.microsoft.com",
"cdn.atdmt.com",
"cdn.content.prod.cms.msn.com",
"cds26.ams9.msecn.net",
"choice.microsoft.com",
"choice.microsoft.com.nsatc.net",
"cmsresources.windowsphone.com",
"col.mobileads.msn.com",
"compatexchange.cloudapp.net",
"content.windows.microsoft.com",
"corp.sts.microsoft.com",
"corpext.msitadfs.glbdns2.microsoft.com",
"cs1.wpc.v0cdn.net",
"dart.l.doubleclick.net",
"db3aqu.atdmt.com",
"dc.services.visualstudio.com",
"dev.virtualearth.net",
"df.telemetry.microsoft.com",
"diagnostics.support.microsoft.akadns.net",
"diagnostics.support.microsoft.com",
"digg.analytics.live.com",
"directory.services.live.com.akadns.net",
"displaycatalog.md.mp.microsoft.com",
"dl.delivery.mp.microsoft.com",
"dmd.metaservices.microsoft.com",
"#dns.msftncsi.com",
"download-ssl.msgamestudios.com",
"ecn.dev.virtualearth.net",
"en-us.appex-rf.msn.com",
"fe2.update.microsoft.com.akadns.net",
"fe3.delivery.dsp.mp.microsoft.com.nsatc.net",
"fe3.delivery.mp.microsoft.com",
"feedback.microsoft-hohm.com",
"feedback.search.microsoft.com",
"feedback.windows.com",
"fesweb1.ch1d.binginternal.com",
"ff4a487e56259f4bd5831e9e30470e83.azr.msnetworkanalytics.testanalytics.net",
"flex.msn.com",
"flex.msn.com.nsatc.net",
"g.msn.com",
"g.msn.com.nsatc.net",
"geo-prod.do.dsp.mp.microsoft.com",
"global.msads.net.c.footprint.net",
"h1.msn.com",
"h2.msn.com",
"help.bingads.microsoft.com",
"i1.services.social.microsoft.com",
"i1.services.social.microsoft.com.nsatc.net",
"inference.location.live.net",
"js.microsoft.com",
"lb1.www.ms.akadns.net",
"licensing.md.mp.microsoft.com",
"live.rads.msn.com",
"livetileedge.dsx.mp.microsoft.com",
"logging.windows.microsoft.com",
"m.adnxs.com",
"m.anycast.adnxs.com",
"mediadiscovery.microsoft.com",
"microsoft-hohm.com",
"#msftncsi.com",
"msnportal.112.2o7.net",
"msntest.serving-sys.com",
"oca.telemetry.microsoft.com",
"oca.telemetry.microsoft.com.nsatc.net",
"onesettings-bn2.metron.live.com.nsatc.net",
"onesettings-cy2.metron.live.com.nsatc.net",
"onesettings-db5.metron.live.com.nsatc.net",
"onesettings-hk2.metron.live.com.nsatc.net",
"otf.msn.com",
"popup.msn.com",
"pre.footprintpredict.com",
"rad.live.com",
"rad.msn.com",
"rad.msn.com.nsatc.net",
"redir.metaservices.microsoft.com",
"reports.wes.df.telemetry.microsoft.com",
"rmads.eu.msn.com",
"rmads.msn.com",
"rpt.rad.msn.com",
"sb.scorecardresearch.com",
"schemas.microsoft.akadns.net",
"secure.adnxs.com",
"secure.anycast.adnxs.com",
"secure.flashtalking.com",
"services.wes.df.telemetry.microsoft.com",
"settings.data.microsoft.com",
"settings-sandbox.data.glbdns2.microsoft.com",
"settings-sandbox.data.microsoft.com",
"settings-ssl.xboxlive.com",
"settings-win.data.microsoft.com",
"sgmetrics.cloudapp.net",
"shell.windows.com",
"siweb.microsoft.akadns.net",
"skyapi.skyprod.akadns.net",
"sls.update.microsoft.com",
"sls.update.microsoft.com.akadns.net",
"sls.update.microsoft.com.nsatc.net",
"sO.2mdn.net",
"spynet.microsoft.com",
"spynet2.microsoft.com",
"spynetalt.microsoft.com",
"sqm.df.telemetry.microsoft.com",
"sqm.microsoft.com",
"sqm.telemetry.microsoft.com",
"sqm.telemetry.microsoft.com.nsatc.net",
"ssw.live.com",
"ssw.live.com.nsatc.net",
"static.2mdn.net",
"static-2mdn-net.l.google.com",
"statsfe1.ws.microsoft.com",
"statsfe1.ws.microsoft.com.nsatc.net",
"statsfe2.update.microsoft.com.akadns.net",
"statsfe2.ws.microsoft.com",
"statsfe2.ws.microsoft.com.nsatc.net",
"storeedgefd.dsx.mp.microsoft.com",
"support.msn.microsoft.akadns.net",
"survey.watson.microsoft.com",
"t.urs.microsoft.com.nsatc.net",
"t0.ssl.ak.dynamic.tiles.virtualearth.net",
"t0.ssl.ak.tiles.virtualearth.net",
"telecommand.telemetry.microsoft.com",
"telecommand.telemetry.microsoft.com.nsatc.net",
"telemetry.appex.bing.net",
"telemetry.appex.search.prod.ms.akadns.net",
"telemetry.microsoft.com",
"telemetry.urs.microsoft.com",
"tile-service.weather.microsoft.com",
"tlu.dl.delivery.mp.microsoft.com",
"udc.msn.com",
"urs.microsoft.com",
"version.hybrid.api.here.com",
"view.atdmt.com",
"vortex.data.microsoft.com",
"vortex-bn2.metron.live.com.nsatc.net",
"vortex-cy2.metron.live.com.nsatc.net",
"vortex-hk2.metron.live.com.nsatc.net",
"vortex-sandbox.data.glbdns2.microsoft.com",
"vortex-sandbox.data.microsoft.com",
"vortex-win.data.microsoft.com",
"w3.b.cap-mii.net",
"watson.live.com",
"watson.microsoft.com",
"watson.microsoft.com.nsatc.net",
"watson.ppe.telemetry.microsoft.com",
"watson.telemetry.microsoft.com",
"watson.telemetry.microsoft.com.nsatc.net",
"wes.df.telemetry.microsoft.com",
"win10.ipv6.microsoft.com.nsatc.net",
"www.modern.ie",
"www.msftncsi.com",
)
for i in TaskManager.str_unpack(data):
TaskManager.add_host('0.0.0.0', i)
def step_8(self):
for key in TaskManager.str_unpack(
r'hkey_local_machine\software\($|Wow6432Node\)policies\microsoft\windows\skydrive'
):
TaskManager.reg_add(key, 'disablefilesync', 'reg_dword', '1', True)
def step_4(self):
for key in TaskManager.str_unpack(
r'hkey_local_machine\software\($|Wow6432Node\)microsoft\sqmclient\windows'
):
TaskManager.reg_add(key, 'ceipenable', 'reg_dword', '0', True)
