Provisioned apps (Windows apps) are not reinstalled with CU. You can remove all of them even in 2004 with just one Powershell command. If removed with MSMG or NTLite I am not sure if the apps are not reinstalled because with them more things are removed. And you can prevent system apps from being deployed. Corporate use tools supported by microsoft. Powershell/Dism to remove apps and the rest is disabled via script and group policies. Removing components is no longer interesting as it does not decrease the size of install.wim from 1809 onwards with the advent of the PSFX format for updates and the need to keep component files in WinSxS so as not to break Windows Update.
I agree to a point. There are other reasons. I installed a vanilla W10, disabled every feature I could, and Windows 10 still sends several hundreds of megabytes of telemetry back to several dozen IPs non-stop. Several processes continue to run which thrash the HDDs/SSDs. The total processes is well over 100, the system feels less responsive even with a 970 Pro SSD. My 1809 trimmed image on the other hand runs 57 processes, feels much more responsive, and sends less than 40mb of data to M$ IPs each day.My CPU averages 0.5%-1.0% utilization on idle and the activity on my drives is negligible compared to a vanilla image with everything disabled. FPS in some games are noticeably better too Now it is possible I missed something when disabling stuff via registry, services, secpol and GPO, as I'm most definitely not an expert at this stuff, but I'm fairly confident I got most stuff. Size doesn't matter. If size were the only driving reason for removing components then yes, that would be quite pointless.
The latest version of toolkit helper does not work for v1909, build 18362.30, full iso name 18362.30.190401-1528.19h1_release_svc_refresh_clientbusiness_vol_x64fre_en-us. I'm using the Enterprise VL image in the index of this build and component removal does not work, and toolkit helper says it only works for v1803 and v1909 and I'm using v1909 but it doesn't work. The latest MSMG Toolkit doesn't work for component removal even though I've read through this thread you have said that the newest version of toolkithelper works but it doesn't. Neither the old version, or the latest released version copied into MSMG. Someone please explain how the hell I'm supposed to be able to remove components from this build that says is supported but apparently is not????
18362.30 is v1903, for component removal the Toolkit requires the v1909 (18363.418) as base and also does work with the latest CU. - Mount the 18362.30 image. - Copy all the required latest updates including the v1909 Enablement package to WHD folder structure in ToolKit. - Integrate using the Toolkit's WHD Update Pack Menu. - Remove the Components using the ToolKit's Remove->Windows Components Menu.
Pro should be sufficient for average user but if you go for Enterprise you will get the option to set the Telemetry level to security only.
You misled me when I talked about Windows Server; I meant that it can be deleted through PowerShell on Windows 10. It cannot be deleted by standard Windows tools. Or is all this possible? p.s. All my attempts are unsuccessful, in that case!
May be I miss read your query, well be it Windows 7, 8, 8.1 or 10 (Client, Embedded and Server) the standard packages listed by the below command can be removed by standard DISM tool. Code: Dism /Online /Get-Packages The packages present in C:\Windows\Servicing\Packages and not listed by the above command needs a small registry modification which can be done by standard regedit.exe tool to make them visible with the above command and then it can be removed using the DISM. I do know the PowerShell uses the DISM Cmdlet's to handle the packages but I don't know whether it can handle the packages for whom there's no associated .mum files. So my answer for removal of packages like Cortana, Smartscreen using the standard DISM tool is not possible.
registry tweak? Okay, I think I have to limit myself to a normal shutdown. There is one good news, they are unlikely to change Trustedinstaller, because it can cause a global problem. Code: reg load "HKLM\TK_SOFTWARE" "%~dp0mount\Windows\System32\config\SOFTWARE" reg add "HKLM\TK_SOFTWARE\Microsoft\Windows Defender\Features" /v "TamperProtection" /t REG_DWORD /d "0" /f >nul 2>&1 reg add "HKLM\TK_SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f >nul 2>&1 reg unload "HKLM\TK_SOFTWARE" Will it be enough for a complete shutdown or not? This question arose on its own, because the defender’s settings seem endless. For example, a small part of them ... Code: + Computer Configuration > Administrative Templates > Windows Components > File Explorer: + Double-click "Configure Windows Defender SmartScreen" : Disabled -> OK reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t REG_DWORD /d "0" /f ------------------------ + Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus: + Double-click "Turn Off Windows Defender Antivirus" : Enabled -> OK reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f ------------------------ + Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > MAPS: + Double-click "Join Microsoft MAPS" : Enabled; in the options select "Disabled" -> OK + Double-click "Send file samples when further analysis is required": Enabled; in the options select "Never send" -> OK reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpynetReporting" /t "REG_DWORD" /d "0" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SubmitSamplesConsent" /t "REG_DWORD" /d "2" /f ------------------------ + Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen: + Double-click "Configure Windows Defender SmartScreen" : Disabled -> OK reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t "REG_DWORD" /d "0" /f
The below tweak will make the package Windows-Defender-Client-Package~31bf3856ad364e35~amd64~~10.0.18362.1 visible to DISM for removal. Code: reg add "HKLM\TK_SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Windows-Defender-Client-Package~31bf3856ad364e35~amd64~~10.0.18362.1" /v Visibility /t REG_DWORD /d 1 /f reg add "HKLM\TK_SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Windows-Defender-Client-Package~31bf3856ad364e35~amd64~~10.0.18362.1" /v DefVis /t REG_DWORD /d 2 /f reg delete "HKLM\TK_SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\Packages\Windows-Defender-Client-Package~31bf3856ad364e35~amd64~~10.0.18362.1\Owners" /f then the Windows-Defender-Client-Package~31bf3856ad364e35~amd64~~10.0.18362.1 package can be removed using the below DISM command. Code: dism /online /remove-package /packagename:Windows-Defender-Client-Package~31bf3856ad364e35~amd64~~10.0.18362.1 The below tweaks are sufficient to disable Defender and SmartScreen Code: ; Disable SmartScreen Filter [HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter] "EnabledV9"=dword:00000000 ; Disable Microsoft SpyNet membership [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet] "SpyNetReporting"=dword:00000000 ; Disable submitting data samples to Microsoft [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet] "SubmitSamplesConsent"=dword:00000002 ; Disable reporting of malware infection information [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT] "DontReportInfectionInformation"=dword:00000001 ; Disable Windows Defender [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 ; Disable Windows Defender Realtime Monitoring [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] "DisableRealtimeMonitoring"=dword:00000001 ; Disable Windows Defender Realtime Monitoring [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection] "DisableBehaviorMonitoring"=dword:00000001 "DisableOnAccessProtection"=dword:00000001 "DisableScanOnRealtimeEnable"=dword:00000001 ; Disable Windows Defender Tamper Protection [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features] "TamperProtection"=dword:00000000
oh you misunderstood me. i mean i already use both editions. was wondering what iso source you use (i'd just use the same to be sure things work) ill assume this works: 19577.1000.200228-1439.RS_PRERELEASE_CLIENTMULTICOMBINED_UUP_X64FRE_EN-US.ISO
Well I don't really use the insider preview builds until it's very near to the RTM stage, right now I'm using the W10 v2004 (19041).
hello, thanks for making this toolkit. i am confused tho. can i use this toolkit on the windows version that comes with the windows ISO that i download from microsoft website right now? or should i go look for an older ISO. i don't know the latest build number that comes from a fresh downloaded ISO. please let me know if i'm good to go or if i should wait for a toolkit update. thanks again!
Download 18363.418 ESD file from here: https://forums.mydigitallife.net/threads/windows-10-esd-repository.59082/#post-992532 Convert ESD file to ISO using the ESD Decrypter here: https://forums.mydigitallife.net/threads/windows-10-esd-repository.59082/#post-992731 This is how I create my base ISO image for working with MSMG ToolKit. The only time I have problems is my own fault, for example if I use wrong version.
@MSMG I do know that this ToolKit does not fully support 19041.84 yet, but I do hope that finding possible bugs now helps in the future! From the Integrate Menu, both options 3 (Windows Features) and 5 (Windows Custom Features) take me to the same Integrate Windows Custom Features Menu. Spoiler: Integrate Windows Custom Features Menu =============================================================================== MSMG ToolKit - Integrate Windows Custom Features Menu =============================================================================== [1] Microsoft Terminal Server Patch [2] Custom Themes UxTheme Patch [3] Custom Windows Recovery Environment (WinRE) [4] Custom Default User Account Pictures [5] Custom System Files [6] Microsoft Win32Calc Metro Skin [7] Windows Photo Viewer Metro Skin [8] Windows Media Player Metro Skin [X] Go Back =============================================================================== Enter Your Choice : Spoiler: Source Image Information ------------------------------------------------------------------------------- ####Source Image Information################################################### ------------------------------------------------------------------------------- Image : Install.wim Image Index No : 1 Image Name : Windows 10 Enterprise Image Description : Windows 10 Enterprise Image Architecture : x64 Image Version : 10.0.19041 Image Service Pack Build : 84 Image Service Pack Level : 0 Image Build : 19041 Image Edition : Enterprise Image Flag : Enterprise Image Installation Type : Client Image Default Language : en-GB As expected, unable to remove any components. I do not feel comfortable using the command prompt to workaround this. Thank you once more for your good work and patience with me!
what are these "required updates" specifically? what KBs? *edit*--nevermind, this one works as-is 18363.592.200109-2252.19H2_RELEASE_SVC_REFRESH_CLIENTENTERPRISE_VOL_X64FRE_EN-US, which is what I was looking for to begin with. the whole point of removing components and such is to not add anything at all to the image including updates.