additions and bug fixes

Author: backslashspace

Logging/Logging.cs

@@ -24,12 +24,22 @@ internal static class Log
 
         internal sealed class Options
         {
-            internal static Options Default() => new(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location));
-
             internal const Int32 DEFAULT_PADDING_WIDTH = 52;
             internal const String FILENAME_FORMAT = "yyyy.MM.dd";
             internal const String TIME_FORMAT = "dd.MM.yyyy HH:mm:ss";
 
+            public Options()
+            {
+                LogDirectoryPath = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location);
+                Padding = DEFAULT_PADDING_WIDTH;
+                TimeFormat = TIME_FORMAT;
+                FilenameFormat = FILENAME_FORMAT;
+                DefaultTextColor = Console.ForegroundColor;
+                AllocateConsoleInReleaseMode = false;
+
+                Initialized = true;
+            }
+
             internal Options(String logDirectoryPath, Int32 padding = DEFAULT_PADDING_WIDTH, String timeFormat = TIME_FORMAT, String filenameFormat = FILENAME_FORMAT, Boolean allocateConsoleInReleaseMode = false)
             {
                 LogDirectoryPath = logDirectoryPath;

OS Stimulator.csproj

@@ -184,7 +184,6 @@
       <LastGenOutput>Resources.Designer.cs</LastGenOutput>
     </EmbeddedResource>
     <None Include="App\app.manifest" />
-    <None Include="ClassDiagram1.cd" />
     <None Include="packages.config" />
     <None Include="Properties\Settings.settings">
       <Generator>SettingsSingleFileGenerator</Generator>

Program/Applications/Codecs.cs

@@ -42,10 +42,17 @@ private static async Task Codecs() => await Task.Run(() =>
 
                 for (Int32 i = 0; i < files.Length; ++i)
                 {
-                    Log.FastLog("Installing: " + files[i], LogSeverity.Info, CODECS_SOURCE);
-                    PowerShell.Create().AddCommand("Add-AppPackage")
-                                .AddParameter("-Path", files[i])
-                                .Invoke();
+                    try
+                    {
+                        Log.FastLog("Installing: " + files[i], LogSeverity.Info, CODECS_SOURCE);
+                        PowerShell.Create().AddCommand("Add-AppPackage")
+                                    .AddParameter("-Path", files[i])
+                                    .Invoke();
+                    }
+                    catch (Exception exception)
+                    {
+                        Log.FastLog($"Failed to install {files[i]}: " + exception.Message, LogSeverity.Warning, CODECS_SOURCE);
+                    }   
                 }
 
                 Log.FastLog("Done", LogSeverity.Info, CODECS_SOURCE);

Program/Applications/ImageGlass.cs

@@ -1,5 +1,6 @@
 using BSS.Logging;
 using System;
+using System.Diagnostics;
 using System.IO;
 using System.Threading.Tasks;
 
@@ -13,6 +14,23 @@ private static async Task ImageGlass() => await Task.Run(() =>
         {
             try
             {
+                Process[] processes = Process.GetProcessesByName("ImageGlass");
+                if (processes != null && processes.Length != 0)
+                {
+                    System.Windows.Forms.DialogResult result = System.Windows.Forms.MessageBox.Show(
+                    $"{processes.Length} instances open, end all tasks?",
+                    IMAGEGLASS_SOURCE,
+                    System.Windows.Forms.MessageBoxButtons.YesNo,
+                    System.Windows.Forms.MessageBoxIcon.Question);
+
+                    if (result != System.Windows.Forms.DialogResult.Yes) return;
+
+                    for (Int32 i = 0; i < processes.Length; ++i)
+                    {
+                        processes[i].Kill();
+                    }
+                }
+
                 Log.FastLog("Installing " + IMAGEGLASS_SOURCE, LogSeverity.Info, IMAGEGLASS_SOURCE);
 
                 if (!File.Exists(RunContextInfo.ExecutablePath + "\\assets\\ImageGlass\\ImageGlass_x64.msi")

Program/Applications/Notepad++.cs

@@ -1,6 +1,7 @@
 using BSS.Logging;
 using Microsoft.Win32;
 using System;
+using System.Diagnostics;
 using System.IO;
 using System.IO.Compression;
 using System.Threading.Tasks;
@@ -15,6 +16,23 @@ private static async Task InstallNotepadPlusPlus() => await Task.Run(() =>
         {
             try
             {
+                Process[] processes = Process.GetProcessesByName("notepad++");
+                if (processes != null && processes.Length != 0)
+                {
+                    System.Windows.Forms.DialogResult result = System.Windows.Forms.MessageBox.Show(
+                    $"{processes.Length} instances open, end all tasks?",
+                    "Notepad++",
+                    System.Windows.Forms.MessageBoxButtons.YesNo,
+                    System.Windows.Forms.MessageBoxIcon.Question);
+
+                    if (result != System.Windows.Forms.DialogResult.Yes) return;
+
+                    for (Int32 i = 0; i < processes.Length; ++i)
+                    {
+                        processes[i].Kill();
+                    }
+                }
+
                 Log.FastLog("Installing Notepad++", LogSeverity.Info, NOTEPADPLUSPLUS_SOURCE);
 
                 Util.KillExplorer(true);

Program/Miscellaneous/NGEN.cs

@@ -21,7 +21,7 @@ private static async Task NGEN() => await Task.Run(() =>
                     {
                         if (File.Exists(runtimes[i] + "\\ngen.exe"))
                         {
-                            Log.FastLog($"Starting{runtimes[i]}\\ngen.exe executeQueuedItems", LogSeverity.Info, NGEN_SOURCE);
+                            Log.FastLog($"Starting {runtimes[i]}\\ngen.exe executeQueuedItems", LogSeverity.Info, NGEN_SOURCE);
                             Util.Execute.Process(new(runtimes[i] + "\\ngen.exe", "executeQueuedItems", true, true, true));
                         }
                     }
@@ -34,7 +34,7 @@ private static async Task NGEN() => await Task.Run(() =>
                     {
                         if (File.Exists(runtimes[i] + "\\ngen.exe"))
                         {
-                            Log.FastLog($"Starting{runtimes[i]}\\ngen.exe executeQueuedItems", LogSeverity.Info, NGEN_SOURCE);
+                            Log.FastLog($"Starting {runtimes[i]}\\ngen.exe executeQueuedItems", LogSeverity.Info, NGEN_SOURCE);
                             Util.Execute.Process(new(runtimes[i] + "\\ngen.exe", "executeQueuedItems", true, true, true));
                         }
                     }

Program/Privacy_and_Security/Privacy.cs

@@ -37,7 +37,8 @@ private async static Task Privacy()
                 new(true, false, "Deactivate cross device message and clipboard sync",                              null!),
                 new(true, false, "Deactivate Cortana",                                                              null!),
                 new(true, false, "Deactivate reports to SpyNet",                                                    null!),
-                new(true, false, "Don't remember recently opened files",                                            null!),
+                new(true, false, "*Don't remember and show recently opened files",                                  "WIN + R will not keep track of entered commands"),
+                new(true, false, "Deactivate Lock scree tips and tricks",                                           null!),
             ];
 
             OptionSelector optionSelector = new("Privacy", options, new(true, 0, "privacy.cfg"));
@@ -440,16 +441,16 @@ await Task.Run(() =>
                     {
                         Log.FastLog("[MACHINE][USER] Deactivating Cortana", LogSeverity.Info, PRIVACY_SOURCE);
 
-                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search", "AllowCortana ", 0, RegistryValueKind.DWord);
-                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search", "AllowCortanaAboveLock ", 0, RegistryValueKind.DWord);
-                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\InputPersonalization", "AllowInputPersonalization ", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search", "AllowCortana", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search", "AllowCortanaAboveLock", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\InputPersonalization", "AllowInputPersonalization", 0, RegistryValueKind.DWord);
 
-                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Windows Search", "CortanaConsent ", 0, RegistryValueKind.DWord);
-                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Personalization\Settings", "AcceptedPrivacyPolicy ", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Windows Search", "CortanaConsent", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Personalization\Settings", "AcceptedPrivacyPolicy", 0, RegistryValueKind.DWord);
 
-                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\InputPersonalization", "RestrictImplicitTextCollection ", 0, RegistryValueKind.DWord);
-                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\InputPersonalization", "RestrictImplicitInkCollection ", 0, RegistryValueKind.DWord);
-                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\InputPersonalization\TrainedDataStore", "HarvestContacts ", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\InputPersonalization", "RestrictImplicitTextCollection", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\InputPersonalization", "RestrictImplicitInkCollection", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\InputPersonalization\TrainedDataStore", "HarvestContacts", 0, RegistryValueKind.DWord);
 
 
                     }
@@ -465,9 +466,9 @@ await Task.Run(() =>
                     {
                         Log.FastLog("[MACHINE] Deactivating reports to SpyNet", LogSeverity.Info, PRIVACY_SOURCE);
 
-                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Spynet", "SubmitSamplesConsent ", 2, RegistryValueKind.DWord);
-                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Spynet", "SpyNetReporting ", 0, RegistryValueKind.DWord);
-                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT", "DontReportInfectionInformation ", 1, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Spynet", "SubmitSamplesConsent", 2, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Spynet", "SpyNetReporting", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT", "DontReportInfectionInformation", 1, RegistryValueKind.DWord);
                     }
                 }
                 catch (Exception exception)
@@ -479,16 +480,40 @@ await Task.Run(() =>
                 {
                     if (optionSelector.Result.UserSelection[24])
                     {
-                        Log.FastLog("[USER] Don't remember recently opened files", LogSeverity.Info, PRIVACY_SOURCE);
+                        Log.FastLog("[USER] Don't remember and show recently opened files", LogSeverity.Info, PRIVACY_SOURCE);
 
-                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", "Start_TrackDocs ", 0, RegistryValueKind.DWord);
+                        RegistryKey key = Registry.CurrentUser.OpenSubKey("Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RecentDocs", true);
+                        key?.DeleteValue("MRUListEx", false);
+
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer", "ShowFrequent", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer", "ShowRecent", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer", "ShowRecommendations", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer", "ShowCloudFilesInQuickAccess", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Start", "ShowRecentList", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced", "Start_TrackDoc", 0, RegistryValueKind.DWord);
                     }
                 }
                 catch (Exception exception)
                 {
                     Log.FastLog("[USER] Don't remember recently opened files failed with: " + exception.Message, LogSeverity.Error, PRIVACY_SOURCE);
                 }
 
+                try
+                {
+                    if (optionSelector.Result.UserSelection[25])
+                    {
+                        Log.FastLog("[USER] Disabling lock screen tips and tricks", LogSeverity.Info, PRIVACY_SOURCE);
+
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager", "SubscribedContent-338387Enabled", 0, RegistryValueKind.DWord);
+                        Registry.SetValue(@"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager", "RotatingLockScreenOverlayEnabled", 0, RegistryValueKind.DWord);
+                        
+                    }
+                }
+                catch (Exception exception)
+                {
+                    Log.FastLog("[USER] Disabling lock screen tips and tricks failed with: " + exception.Message, LogSeverity.Error, PRIVACY_SOURCE);
+                }
+
                 Util.RestartExplorerForUser();
             });
 

Program/Privacy_and_Security/SystemSecurity/Harden.cs

@@ -31,7 +31,7 @@ private async static Task Harden()
                new(false, false, "Set default app for .cmd to notepad",                             null!),
                new(true, false, "Set default app for .vbs to notepad",                              null!),
                new(true, false, "Set default app for .vbe to notepad",                              null!),
-               new(true, false, "*Block system apps in firewall (see tooltip) ,  ",                 "notepad.exe, regsvr32.exe, mshta.exe, wscript.exe, cscript.exe, runscripthelper.exe, hh.exe"),
+               new(true, false, "*Block system apps in firewall (see tooltip)",                 "notepad.exe, regsvr32.exe, mshta.exe, wscript.exe, cscript.exe, runscripthelper.exe, hh.exe"),
                new(true, false, "Deactivate anonymous Sam-Account enumeration",                     null!),
                new(true, false, "Activate Anti-spoof for facial recognition",                       null!),
                new(true, false, "Deactivate camera on locked screen",                               null!),

Program/Privacy_and_Security/SystemSecurity/VBS.cs

@@ -88,29 +88,20 @@ private static void EnableVBS()
         private static void DisableVBS()
         {
             RegistryKey controlLsa = Registry.LocalMachine.OpenSubKey("SYSTEM\\CurrentControlSet\\Control\\Lsa", true);
-            controlLsa.DeleteValue("LsaCfgFlags", false);
+            controlLsa?.DeleteValue("LsaCfgFlags", false);
 
             RegistryKey windowsDeviceGuard = Registry.LocalMachine.OpenSubKey("Software\\Policies\\Microsoft\\Windows\\DeviceGuard", true);
-            windowsDeviceGuard.DeleteValue("RequirePlatformSecurityFeatures", false);
-            windowsDeviceGuard.DeleteValue("ConfigureKernelShadowStacksLaunch", false);
-            windowsDeviceGuard.DeleteValue("ConfigureSystemGuardLaunch", false);
-            windowsDeviceGuard.DeleteValue("MachineIdentityIsolation", false);
-            windowsDeviceGuard.DeleteValue("LsaCfgFlags", false);
-            windowsDeviceGuard.DeleteValue("HVCIMATRequired", false);
-            windowsDeviceGuard.DeleteValue("HypervisorEnforcedCodeIntegrity", false);
-            windowsDeviceGuard.DeleteValue("EnableVirtualizationBasedSecurity", false);
-
-            RegistryKey controlDeviceGuard = Registry.LocalMachine.OpenSubKey("System\\ControlSet001\\Control\\DeviceGuard", true);
-            controlDeviceGuard.DeleteValue("Locked", false);
-            controlDeviceGuard.DeleteValue("EnableVirtualizationBasedSecurity", false);
-
-            RegistryKey hypervisorEnforcedCodeIntegrity = Registry.LocalMachine.OpenSubKey("System\\ControlSet001\\Control\\DeviceGuard\\Scenarios\\HypervisorEnforcedCodeIntegrity", true);
-            hypervisorEnforcedCodeIntegrity.DeleteValue("Locked", false);
-            hypervisorEnforcedCodeIntegrity.DeleteValue("HVCIMATRequired", false);
-            hypervisorEnforcedCodeIntegrity.DeleteValue("Enabled", false);
-
-            RegistryKey kernelShadowStacks = Registry.LocalMachine.OpenSubKey("System\\ControlSet001\\Control\\DeviceGuard\\Scenarios\\KernelShadowStacks", true);
-            kernelShadowStacks.DeleteValue("Enabled", false);
+            windowsDeviceGuard?.DeleteValue("RequirePlatformSecurityFeatures", false);
+            windowsDeviceGuard?.DeleteValue("ConfigureKernelShadowStacksLaunch", false);
+            windowsDeviceGuard?.DeleteValue("ConfigureSystemGuardLaunch", false);
+            windowsDeviceGuard?.DeleteValue("MachineIdentityIsolation", false);
+            windowsDeviceGuard?.DeleteValue("LsaCfgFlags", false);
+            windowsDeviceGuard?.DeleteValue("HVCIMATRequired", false);
+            windowsDeviceGuard?.DeleteValue("HypervisorEnforcedCodeIntegrity", false);
+            windowsDeviceGuard?.DeleteValue("EnableVirtualizationBasedSecurity", false);
+
+            RegistryKey controlDeviceGuard = Registry.LocalMachine.OpenSubKey("System\\ControlSet001\\Control", true);
+            controlDeviceGuard?.DeleteSubKeyTree("DeviceGuard", false);
 
             Log.FastLog($"Removed VBS config values from the registry, a restart is needed to apply the changes. You may want check the status with msinfo32 | consider using 'bcdedit /set hypervisorlaunchtype off'", LogSeverity.Info, VBS_SOURCE);