private void MainDWSButton_Click(object sender, RoutedEventArgs e)
        {
            var createRestorePoint           = SwitchCreateRestorePoint.IsChecked != null && (bool)SwitchCreateRestorePoint.IsChecked;
            var removeDigTrack               = SwitchDigTrackThelemetry.IsChecked != null && (bool)SwitchDigTrackThelemetry.IsChecked;
            var addSpyToHosts                = SwitchAddSpyHosts.IsChecked != null && (bool)SwitchAddSpyHosts.IsChecked;
            var switchAddSpyIps              = SwitchAddSpyIps.IsChecked != null && (bool)SwitchAddSpyIps.IsChecked;
            var switchDisablePrivateSettings = SwitchDisablePrivateSettings.IsChecked != null && (bool)SwitchDisablePrivateSettings.IsChecked;
            var switchDisableWindowsDefender = SwitchDisableWindowsDefender.IsChecked != null && (bool)SwitchDisableWindowsDefender.IsChecked;
            var switchDefaultPhotoVierwer    = SwitchDefaultPhotoVierwer.IsChecked != null && (bool)SwitchDefaultPhotoVierwer.IsChecked;

            new Thread(() =>
            {
                EnableOrDisableWindow(false);
                if (createRestorePoint)
                {
                    RestorePoint.CreateRestorePoint($"Use Destroy Windows Spying on {DateTime.Now.Day}-{DateTime.Now.Month}-{DateTime.Now.Year}");
                }

                if (removeDigTrack)
                {
                    Logger.Log("Disable telemetry...");
                    DWSFunctions.DigTrackFullRemove();
                    Logger.Log("Delete keylogger...");
                    WindowsUtil.RunCmd("/c reg add \"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search\" /v \"AllowCortana\" /t REG_DWORD /d 0 /f ");
                    Logger.Log("Disable cortana...");

                    foreach (var serviceName in DwsResources.ServicesList)
                    {
                        ServiceSC.DisableService(serviceName);
                    }
                    foreach (var currentTask in DwsResources.Disabletaskslist)
                    {
                        WindowsUtil.ProcStartargs("SCHTASKS", $"/Change /TN \"{currentTask}\" /disable");
                        Logger.Log($"Disabled task: {currentTask}", Logger.LogType.SUCCESS);
                    }
                }

                if (addSpyToHosts)
                {
                    foreach (var currHost in DwsResources.Hostsdomains)
                    {
                        HostsEditor.AddHostToHosts(currHost);
                    }
                }

                if (switchAddSpyIps)
                {
                    foreach (var currentIpAddr in DwsResources.IpAddr)
                    {
                        WindowsUtil.RunCmd($"/c route -p ADD {currentIpAddr} MASK 255.255.255.255 0.0.0.0");
                        WindowsUtil.RunCmd($"/c route -p change {currentIpAddr} MASK 255.255.255.255 0.0.0.0 if 1");
                        WindowsUtil.RunCmd($"/c netsh advfirewall firewall delete rule name=\"{currentIpAddr}_Block\"");
                        WindowsUtil.RunCmd(
                            string.Format(
                                "/c netsh advfirewall firewall add rule name=\"{0}_Block\" dir=out interface=any action=block remoteip={0}",
                                currentIpAddr));
                        Logger.Log($"Add Windows Firewall rule: \"{currentIpAddr}_Block\"");
                    }
                    WindowsUtil.RunCmd("/c netsh advfirewall firewall delete rule name=\"Explorer.EXE_BLOCK\"");
                    WindowsUtil.RunCmd(
                        $"/c netsh advfirewall firewall add rule name=\"Explorer.EXE_BLOCK\" dir=out interface=any action=block program=\"{System.IO.Path.GetPathRoot(Environment.SystemDirectory)}Windows\\explorer.exe\"");
                    WindowsUtil.RunCmd("/c netsh advfirewall firewall delete rule name=\"WSearch_Block\"");
                    WindowsUtil.RunCmd(
                        "/c netsh advfirewall firewall add rule name=\"WSearch_Block\" dir=out interface=any action=block service=WSearch");
                    Logger.Log("Add Windows Firewall rule: \"WSearch_Block\"", Logger.LogType.SUCCESS);
                    Logger.Log("Ip list blocked", Logger.LogType.SUCCESS);
                }

                if (switchDisablePrivateSettings)
                {
                    foreach (var currentRegKey in DwsResources.Regkeyvalandother)
                    {
                        WindowsUtil.SetRegValueHkcu(currentRegKey, "Value", "Deny", RegistryValueKind.String);
                    }
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Search", "CortanaEnabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\InputPersonalization", "RestrictImplicitInkCollection", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\Windows Search", "DisableWebSearch", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\Windows Search", "ConnectedSearchUseWeb", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors", "DisableLocation", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors",
                                                "DisableWindowsLocationProvider", "1", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors", "DisableLocationScripting",
                                                "1", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors", "DisableSensors", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SYSTEM\CurrentControlSet\Services\lfsvc\Service\Configuration", "Status", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(
                        @"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Overrides\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}",
                        "SensorPermissionState", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Siuf\Rules", "NumberOfSIUFInPeriod", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Siuf\Rules", "PeriodInNanoSeconds", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Search", "BingSearchEnabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\TabletPC", "PreventHandwritingDataSharing", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\HandwritingErrorReports",
                                                "PreventHandwritingErrorReports", "1", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\AppCompat", "DisableInventory", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\Personalization", "NoLockScreenCamera", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo", "Enabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo", "Enabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Input\TIPC", "Enabled", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Biometrics", "Enabled", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\CredUI", "DisablePasswordReveal", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync", "SyncPolicy", "5",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Personalization",
                                                "Enabled", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\BrowserSettings",
                                                "Enabled", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Credentials", "Enabled",
                                                "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Language", "Enabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Accessibility", "Enabled",
                                                "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Windows", "Enabled", "0",
                                                RegistryValueKind.DWord);
                    Logger.Log("Private settings disabled", Logger.LogType.SUCCESS);
                }

                if (switchDisableWindowsDefender)
                {
                    try
                    {
                        // REG FILE IMPORT
                        WindowsUtil.ProcStartargs("regedit.exe", $"/s \"{WindowsUtil.ExtractResourceToTemp(Encoding.ASCII.GetBytes(Properties.Resources.windowsdefender_disable), "windowsdefender_disable.reg")}\"");
                        Logger.Log("Disable Windows Defender complete.", Logger.LogType.SUCCESS);
                        WindowsUtil.SetRegValueHklm(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer",
                                                    "SmartScreenEnabled", "Off",
                                                    RegistryValueKind.String);
                        Logger.Log("Disable Smart Screen complete.", Logger.LogType.SUCCESS);
                    }
                    catch (Exception ex)
                    {
                        Logger.Log($"Error disable Windows Defender or Smart Screen. Exception: {ex}",
                                   Logger.LogType.ERROR);
                    }
                }

                if (switchDefaultPhotoVierwer)
                {
                    WindowsUtil.SetRegValueHkcu(@"Software\Classes\.ico", null, "PhotoViewer.FileAssoc.Tiff", RegistryValueKind.String);
                    WindowsUtil.SetRegValueHkcu(@"Software\Classes\.tiff", null, "PhotoViewer.FileAssoc.Tiff", RegistryValueKind.String);
                    WindowsUtil.SetRegValueHkcu(@"Software\Classes\.bmp", null, "PhotoViewer.FileAssoc.Tiff", RegistryValueKind.String);
                    WindowsUtil.SetRegValueHkcu(@"Software\Classes\.png", null, "PhotoViewer.FileAssoc.Tiff", RegistryValueKind.String);
                    WindowsUtil.SetRegValueHkcu(@"Software\Classes\.gif", null, "PhotoViewer.FileAssoc.Tiff", RegistryValueKind.String);
                    WindowsUtil.SetRegValueHkcu(@"Software\Classes\.jpeg", null, "PhotoViewer.FileAssoc.Tiff", RegistryValueKind.String);
                    WindowsUtil.SetRegValueHkcu(@"Software\Classes\.jpg", null, "PhotoViewer.FileAssoc.Tiff", RegistryValueKind.String);
                    Logger.Log("Set Default PhotoViewer complete.", Logger.LogType.SUCCESS);
                }
                Logger.Log("COMPLETE.", Logger.LogType.SUCCESS);
                EnableOrDisableWindow(true);
                if (MessageBox.Show("Complete.\r\nRestart system now?", "Ask", MessageBoxButton.YesNo,
                                    MessageBoxImage.Question) == MessageBoxResult.Yes)
                {
                    Process.Start("shutdown.exe", "-r -t 0");
                }
            }).Start();
        }
 private void EnableWindowsDefenderClick(object sender, RoutedEventArgs e)
 {
     // REG FILE IMPORT
     WindowsUtil.ProcStartargs("regedit.exe", $"/s \"{WindowsUtil.ExtractResourceToTemp(Encoding.ASCII.GetBytes(Properties.Resources.windowsdefender_enable), "windowsdefender_enable.reg")}\"");
     Logger.Log("Enable Windows Defender complete.", Logger.LogType.SUCCESS);
 }
示例#3
0
        private void MainDWSButton_Click(object sender, RoutedEventArgs e)
        {
            var createRestorePoint           = SwitchCreateRestorePoint.IsChecked != null && (bool)SwitchCreateRestorePoint.IsChecked;
            var removeDigTrack               = SwitchDigTrackThelemetry.IsChecked != null && (bool)SwitchDigTrackThelemetry.IsChecked;
            var switchDisablePrivateSettings = SwitchDisablePrivateSettings.IsChecked != null && (bool)SwitchDisablePrivateSettings.IsChecked;
            var switchDisableWindowsDefender = SwitchDisableWindowsDefender.IsChecked != null && (bool)SwitchDisableWindowsDefender.IsChecked;

            new Thread(() =>
            {
                EnableOrDisableWindow(false);
                if (createRestorePoint)
                {
                    RestorePoint.CreateRestorePoint($"Use Destroy Windows Spying on {DateTime.Now.Day}-{DateTime.Now.Month}-{DateTime.Now.Year}");
                }

                if (removeDigTrack)
                {
                    Logger.Log("Disable telemetry...");
                    DWSFunctions.DigTrackFullRemove();
                    Logger.Log("Delete keylogger...");
                    WindowsUtil.RunCmd("/c reg add \"HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search\" /v \"AllowCortana\" /t REG_DWORD /d 0 /f ");
                    Logger.Log("Disable cortana...");

                    foreach (var serviceName in DwsResources.ServicesList)
                    {
                        ServiceSC.DisableService(serviceName);
                    }
                    foreach (var currentTask in DwsResources.Disabletaskslist)
                    {
                        WindowsUtil.ProcStartargs("SCHTASKS", $"/Change /TN \"{currentTask}\" /disable");
                        Logger.Log($"Disabled task: {currentTask}", Logger.LogType.SUCCESS);
                    }
                }

                if (switchDisablePrivateSettings)
                {
                    foreach (var currentRegKey in DwsResources.Regkeyvalandother)
                    {
                        WindowsUtil.SetRegValueHkcu(currentRegKey, "Value", "Deny", RegistryValueKind.String);
                    }
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Search", "CortanaEnabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\InputPersonalization", "RestrictImplicitInkCollection", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\Windows Search", "DisableWebSearch", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\Windows Search", "ConnectedSearchUseWeb", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors", "DisableLocation", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors",
                                                "DisableWindowsLocationProvider", "1", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors", "DisableLocationScripting",
                                                "1", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors", "DisableSensors", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SYSTEM\CurrentControlSet\Services\lfsvc\Service\Configuration", "Status", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(
                        @"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Overrides\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}",
                        "SensorPermissionState", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Siuf\Rules", "NumberOfSIUFInPeriod", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Siuf\Rules", "PeriodInNanoSeconds", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Search", "BingSearchEnabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\TabletPC", "PreventHandwritingDataSharing", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\HandwritingErrorReports",
                                                "PreventHandwritingErrorReports", "1", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\AppCompat", "DisableInventory", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\Personalization", "NoLockScreenCamera", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo", "Enabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo", "Enabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Input\TIPC", "Enabled", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Biometrics", "Enabled", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHklm(@"SOFTWARE\Policies\Microsoft\Windows\CredUI", "DisablePasswordReveal", "1",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync", "SyncPolicy", "5",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Personalization",
                                                "Enabled", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\BrowserSettings",
                                                "Enabled", "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Credentials", "Enabled",
                                                "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Language", "Enabled", "0",
                                                RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Accessibility", "Enabled",
                                                "0", RegistryValueKind.DWord);
                    WindowsUtil.SetRegValueHkcu(@"SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Windows", "Enabled", "0",
                                                RegistryValueKind.DWord);
                    Logger.Log("Private settings disabled", Logger.LogType.SUCCESS);
                }

                if (switchDisableWindowsDefender)
                {
                    try
                    {
                        // REG FILE IMPORT
                        WindowsUtil.ProcStartargs("regedit.exe", $"/s \"{WindowsUtil.ExtractResourceToTemp(Encoding.ASCII.GetBytes(Properties.Resources.windowsdefender_disable), "windowsdefender_disable.reg")}\"");
                        Logger.Log("Disable Windows Defender complete.", Logger.LogType.SUCCESS);
                        WindowsUtil.SetRegValueHklm(@"SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer",
                                                    "SmartScreenEnabled", "Off",
                                                    RegistryValueKind.String);
                        Logger.Log("Disable Smart Screen complete.", Logger.LogType.SUCCESS);
                    }
                    catch (Exception ex)
                    {
                        Logger.Log($"Error disabling Windows Defender or Smart Screen. Exception: {ex}",
                                   Logger.LogType.ERROR);
                    }
                }

                Logger.Log("COMPLETE.", Logger.LogType.SUCCESS);
                EnableOrDisableWindow(true);
                if (MessageBox.Show("Complete.\r\nRestart system now?", "Ask", MessageBoxButton.YesNo,
                                    MessageBoxImage.Question) == MessageBoxResult.Yes)
                {
                    Process.Start("shutdown.exe", "-r -t 0");
                }
            }).Start();
        }