safe boot mandatory

3 years ago · f80e8adc91
parent e3346b67e1
commit f80e8adc91
2 changed files with 49 additions and 34 deletions
--- a/src/TJprojMain-remover/TJprojMain-remover/Program.cs
+++ b/src/TJprojMain-remover/TJprojMain-remover/Program.cs
@ -9,18 +9,21 @@ namespace TJprojMain_remover
 {
    class Program
    {
-        private const string AUTOSTART_REGKEY = @"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run";
-
+        private const string AUTOSTART_REGKEY = @"SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run";
+        private const string AUTOSTART_REGKEY2 = @"SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce";

        static void Main(string[] args)
        {
            Log.Info("TJprojMain-remover by VollRagm", ConsoleColor.Blue);
-            CheckSafeBoot();
+            Console.WriteLine();

+            CheckSafeBoot();
            DisableAutostart();
+
            RemoveFiles();

            Log.Info("Done.");
+            Console.ReadLine();
        }

        static void CheckSafeBoot()
@ -28,41 +31,55 @@ namespace TJprojMain_remover
            var safeBoot = Utils.IsSafeMode();
            if (!safeBoot)
            {
-                var proceed = Log.QueryYesNo("You did not boot into safe mode, which means that the process is running and cannot be deleted. Do you wish to try anyways? (y/n): ");
-                if (!proceed)
-                {
-                    Log.Info("Here is how to boot into safe mode: https://www.digitalcitizen.life/4-ways-boot-safe-mode-windows-10/");
-                    Console.ReadLine();
-                    Environment.Exit(0);
-                }
+                Log.Critical("You did not boot into safe mode, which means that the processes cannot be deleted.");
+                Log.Info("Here is how to boot into safe mode: https://www.digitalcitizen.life/4-ways-boot-safe-mode-windows-10/");
+                Console.ReadLine();
+                Environment.Exit(0);
            }
        }

-        static void DisableAutostart()
+        static bool DisableAutostart()
        {
-            Log.Info("Disabling Autostart...");
+            Log.Info("Removing autostart registry keys...");
+            Console.WriteLine();
+            bool success = false;
            try
            {
-                Utils.RegRemoveIfExists(AUTOSTART_REGKEY, "svchost");
-                Utils.RegRemoveIfExists(AUTOSTART_REGKEY, "Explorer");
+              
+                success |= Utils.RegRemoveIfExists(AUTOSTART_REGKEY, "svchost");
+                success |= Utils.RegRemoveIfExists(AUTOSTART_REGKEY, "Explorer");
+
+                success |= Utils.RegRemoveIfExists(AUTOSTART_REGKEY2, "svchost");
+                success |= Utils.RegRemoveIfExists(AUTOSTART_REGKEY2, "Explorer");
                Console.WriteLine();
+                
            }
            catch (Exception ex)
            {
                Log.Error("Failed to remove autostart keys: " + ex.Message);
            }
+            if (success)
+            {
+                Log.Info("Removed Autostart keys successfully!");
+            }
+            return success;
        }

        static void RemoveFiles()
        {
+            Console.WriteLine();
            try
            {
-                Utils.FRemoveIfExists(@"C:\Windows\Resources\svchost.exe", true);
-                Utils.FRemoveIfExists(@"C:\Windows\Resources\spoolsv.exe", true);
-                Utils.FRemoveIfExists(@"C:\Windows\Resources\explorer.exe", true);
-                Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\icsys.icn.exe", true);
-                Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\icsys.icn", false);
-                Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\tjcm.cmn", true);
+                Utils.Unhide(@"C:\Windows\Resources\*.*");
+                Utils.Unhide(@"C:\Windows\Resources\Themes\*.*");
+
+
+                Utils.FRemoveIfExists(@"C:\Windows\Resources\svchost.exe");
+                Utils.FRemoveIfExists(@"C:\Windows\Resources\spoolsv.exe");
+                Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\explorer.exe");
+                Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\icsys.icn.exe");
+                Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\icsys.icn");
+                Utils.FRemoveIfExists(@"C:\Windows\Resources\Themes\tjcm.cmn");
                Console.WriteLine();

            }catch(Exception ex)
--- a/src/TJprojMain-remover/TJprojMain-remover/Utils.cs
+++ b/src/TJprojMain-remover/TJprojMain-remover/Utils.cs
@ -22,22 +22,29 @@ namespace TJprojMain_remover
            return GetSystemMetrics(SM_CLEANBOOT) != 0;
        }

-        public static void RegRemoveIfExists(string key, string name)
+        public static bool RegRemoveIfExists(string key, string name)
        {
-            using (RegistryKey regKey = Registry.CurrentUser.OpenSubKey(key, writable: true))
+            using (RegistryKey regKey = Registry.LocalMachine.OpenSubKey(key, writable: true))
            {
                if (regKey != null)
                {
                    if (regKey.GetValue(name) != null)
                    {
                        regKey.DeleteValue(name);
-                        Log.Critical($"Registry key {name} found and removed!");
+                        Log.Critical($"Registry key {name} found and autostart entry removed!");
+                        return true;
                    }
                    else
                    {
-                        Log.Error($"Registry key {name} not found!");
+                        Log.Error($"Registry key {name} not found, searching elsewhere...");
+                        return false;
                    }
                }
+                else
+                {
+                    Log.Error("Registry Key not found!");
+                    return false;
+                }
            }

        }
@ -47,21 +54,12 @@ namespace TJprojMain_remover
            Process.Start("attrib", $"-r -a -s -h \"{path}\"");
        }

-        public static void FRemoveIfExists(string path, bool processCheck = false)
+        public static void FRemoveIfExists(string path)
        {
            try
            {
                if (File.Exists(path))
                {
-                    if (processCheck)
-                    {
-                        try
-                        {
-                            var processes = Process.GetProcessesByName(new FileInfo(path).Name);
-                            processes.Where(x => new FileInfo(x.MainModule.FileName).FullName == new FileInfo(path).FullName).FirstOrDefault().Kill();
-                        }
-                        catch { }
-                    }
                    File.Delete(path);
                    Log.Critical($"Removed {path} successfully!");
                }