You need to add this to the setupcomplete.cmd file. Moreover, this is the same as editing the image offline (i.e. tweaks for all users), but most importantly these settings can always be undone by having the original image at hand. I'm telling you from personal experience, don't put everything, only the essentials first. For example, if you disable the Windows Defender and Tamper Protection in an offline image, they will apply without hindrance, if not disable protection then in this case it makes sense to do it!
sergey130270, Code: Sources https://forums.mydigitallife.net/threads/app-o-o-shutup10.64401/page-14 Windows Registry Editor Version 5.00 ; ### Privacy ### ; Disable sharing of handwriting data [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\TabletPC] "PreventHandwritingDataSharing"=dword:00000001 ; Disable sharing of handwriting error reports [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\HandwritingErrorReports] "PreventHandwritingErrorReports"=dword:00000001 ; Disable Inventory Collector [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat] "DisableInventory"=dword:00000001 ; Disable camera in logon screen [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Personalization] "NoLockScreenCamera"=dword:00000001 ; Disable and reset Advertising ID and info for the machine [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo] "Enabled"=dword:00000000 ; Disable and reset Advertising ID and info for the current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo] "Enabled"=dword:00000000 ; Disable transmission of typing information [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Input\TIPC] "Enabled"=dword:00000000 ; Disable conducting experiments with this machine by Microsoft [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\System] "AllowExperimentation"=dword:00000000 ; Disable advertisements via Bluetooth [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\Bluetooth] "AllowAdvertising"=dword:00000000 ; Disable the Windows Customer Experience Improvement Program [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SQMClient\Windows] "CEIPEnable"=dword:00000000 ; Disable backup of text messages into the cloud [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Messaging] "AllowMessageSync"=dword:00000000 ; Disable suggestions in the timeline [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] "SubscribedContent-353698Enabled"=dword:00000000 ; Disable suggestions in Start [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] "SubscribedContent-338388Enabled"=dword:00000000 ; Disable tips, tricks and suggestions when using Windows [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] "SubscribedContent-338388Enabled"=dword:00000000 "SubscribedContent-338389Enabled"=dword:00000000 ; Disable showing suggested content in the Settings app [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] "SubscribedContent-338393Enabled"=dword:00000000 "SubscribedContent-353694Enabled"=dword:00000000 "SubscribedContent-353696Enabled"=dword:00000000 ; Disable Windows Error Reporting [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting] "Disabled"=dword:00000001 ; Disable biometrical features [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Biometrics] "Enabled"=dword:00000000 ; Disable app notifications [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications] "ToastEnabled"=dword:00000000 ; Disable access to local language for browsers [HKEY_CURRENT_USER\Control Panel\International\User Profile] "HttpAcceptLanguageOptOut"=dword:00000001 ; Disable text suggestions when typing on the software keyboard [HKEY_CURRENT_USER\SOFTWARE\Microsoft\TabletTip\1.7] "EnableTextPrediction"=dword:00000000 ; Disable sending URLs from apps to Windows Store [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost] "EnableWebContentEvaluation"=dword:00000000 ; ### Activity History and Clipboard ### ; Disable recordings of user activity [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "EnableActivityFeed"=dword:00000000 ; Disable storing users activity on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "PublishUserActivities"=dword:00000000 ; Disable the submission of user activities to Microsoft [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "UploadUserActivities"=dword:00000000 ; Disable storage of clipboard history for whole machine [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "AllowClipboardHistory"=dword:00000000 ; Disable storage of clipboard history for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Clipboard] "EnableClipboardHistory"=dword:00000000 ; Disable the transfer of the clipboard to other devices via the cloud [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System] "AllowCrossDeviceClipboard"=dword:00000000 ; ### App Privacy ### ; Disable app access to user account information on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userAccountInformation] "Value"="Deny" ; Disable app access to user account information for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userAccountInformation] "Value"="Deny" ; Disable Windows tracking of app starts [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackProgs"=dword:00000000 ; Disable app access to diagnostics information on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appDiagnostics] "Value"="Deny" ; Disable app access to diagnostics information for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appDiagnostics] "Value"="Deny" ; Disable app access to device location on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\location] "Value"="Deny" ; Disable app access to device location for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\location] "Value"="Deny" ; Disable app access to camera on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam] "Value"="Deny" ; Disable app access to camera for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam] "Value"="Deny" ; Disable app access to microphone on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone] "Value"="Deny" ; Disable app access to microphone for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone] "Value"="Deny" ; Disable app access to use voice activation for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Speech_OneCore\Settings\VoiceActivation\UserPreferenceForAllApps] "AgentActivationEnabled"=dword:00000000 ; Disable app access to use voice activation when device is loacked for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Speech_OneCore\Settings\VoiceActivation\UserPreferenceForAllApps] "AgentActivationEnabled"=dword:00000000 ; Disable app access to notifications on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userNotificationListener] "Value"="Deny" ; Disable app access to notificationse for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userNotificationListener] "Value"="Deny" ; Disable app access to motion on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\activity] "Value"="Deny" ; Disable app access to movements for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\activity] "Value"="Deny" ; Disable app access to contacts on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\contacts] "Value"="Deny" ; Disable app access to contacts for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\contacts] "Value"="Deny" ; Disable app access to appointments on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appointments] "Value"="Deny" ; Disable app access to appointments for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appointments] "Value"="Deny" ; Disable app access to phone calls on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCall] "Value"="Deny" ; Disable app access to phone calls for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCall] "Value"="Deny" ; Disable app access to call history on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCallHistory] "Value"="Deny" ; Disable app access to call history for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCallHistory] "Value"="Deny" ; Disable app access to email on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\email] "Value"="Deny" ; Disable app access to email for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\email] "Value"="Deny" ; Disable app access to tasks on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userDataTasks] "Value"="Deny" ; Disable app access to tasks for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userDataTasks] "Value"="Deny" ; Disable app access to messages on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\chat] "Value"="Deny" ; Disable app access to messages for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\chat] "Value"="Deny" ; Disable app access to radios on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\radios] "Value"="Deny" ; Disable app access to radios for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\radios] "Value"="Deny" ; Disable app access to unpaired bluetooth devices on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\bluetoothSync] "Value"="Deny" ; Disable app access to unpaired bluetooth devices for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\bluetoothSync] "Value"="Deny" ; Disable app access to documents on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\documentsLibrary] "Value"="Deny" ; Disable app access to documents for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\documentsLibrary] "Value"="Deny" ; Disable app access to images on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\picturesLibrary] "Value"="Deny" ; Disable app access to images for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\picturesLibrary] "Value"="Deny" ; Disable app access to videos on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\videosLibrary] "Value"="Deny" ; Disable app access to videos for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\videosLibrary] "Value"="Deny" ; Disable app access to the file system on this device [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\broadFileSystemAccess] "Value"="Deny" ; Disable app access to the file system for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\broadFileSystemAccess] "Value"="Deny" ; Disable app access to unpaired cellular devices on this device [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\cellularData] "Value"="Deny" ; Disable app access to unpaired cellular devices for current user [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\cellularData] "Value"="Deny" ; Disable app access to eye tracking on this device [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\gazeInput] "Value"="Deny" ; Disable app access to eye tracking for current user [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\gazeInput] "Value"="Deny" ; Prohibit apps from running in the background [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications] "GlobalUserDisabled"=dword:00000001 ; ### Security ### ; Disable password reveal button [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CredUI] "DisablePasswordReveal"=dword:00000001 ; Disable user steps recorder [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat] "DisableUAR"=dword:00000001 ; Disable telemetry (1 of 3) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DiagTrack] "Start"=dword:00000004 ; Disable telemetry (2 of 3) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dmwappushservice] "Start"=dword:00000004 ; Disable telemetry (3 of 3) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\WMI\Autologger\AutoLogger-Diagtrack-Listener] "Start"=dword:00000000 ; Disalbe Windows Media Player usage tracking [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsMediaPlayer] "PreventCDDVDMetadataRetrieval"=dword:00000001 ; Disable Internet access of Windows Media Digital Rights Management (DRM) [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WMDRM] "DisableOnline"=dword:00000001 ; ### Microsoft Edge Chromium #### ; Disable tracking in the web [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "ConfigureDoNotTrack"=dword:00000001 ; Disable check for saved payment method by sites [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "PaymentMethodQueryEnabled"=dword:00000000 ; Disable sending info about website visited [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "SendSiteInfoToImproveServices"=dword:00000000 ; Disable sending data about browser usage [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "MetricsReportingEnabled"=dword:00000000 ; Disable personalizing advertising, search, news and other services [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "PersonalizationReportingEnabled"=dword:00000000 ; Disable automatic completion of web address in address bar [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "AddressBarMicrosoftSearchInBingProviderEnabled"=dword:00000000 ; Disalbe user feedback in toolbar [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "UserFeedbackAllowed"=dword:00000000 ; Disable storing and autocompleting of credit card data on websites [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "AutofillCreditCardEnabled"=dword:00000000 ; Disable form suggestions [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "AutofillAddressEnabled"=dword:00000000 ; Disalbe suggestions from local providers [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "LocalProvidersEnabled"=dword:00000000 ; Disable search and website sugggestions [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "SearchSuggestEnabled"=dword:00000000 ; Disalbe use of web service to resolve navigation errors [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "ResolveNavigationErrorsUseWebService"=dword:00000000 ; Disalbe suggestion of similar sites when website cannot be found [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "AlternateErrorPagesEnabled"=dword:00000000 ; Disable preload of pages for faster browsing and searching [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "NetworkPredictionOptions"=dword:00000002 ; Disable SmartScreen Filter [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Edge] "SmartScreenEnabled"=dword:00000000 ; ### Microsoft Edge #### ; Disable tracking in the web [HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main] "DoNotTrack"=dword:00000001 ; Dsiable page prediction [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead] "FPEnabled"=dword:00000000 ; Disable search and website suggestions [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main] "ShowSearchSuggestionsGlobal"=dword:00000000 ; Disable Cortana in Microsoft Edge [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI] "EnableCortana"=dword:00000000 ; Disable automatic completion of web address in address bar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\Browser] "AllowAddressBarDropdown"=dword:00000000 ; Disable showing search history [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI\ShowSearchHistory] @=dword:00000000 ; Disable user feedback in toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge] "UserFeedbackAllowed"=dword:00000000 ; Disable storing and autocompleting of credit card data on websites [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge] "AutofillCreditCardEnabled"=dword:00000000 ; Disable form suggestions [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main] "Use FormSuggest"="no" ; Disable sites saving protected media licenses on my device [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy] "EnableEncryptedMediaExtensions"=dword:00000000 ; Do not optimize web search results on the task bar for screen reader [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main] "OptimizeWindowsSearchResultsForScreenReaders"=dword:00000000 ; Disable Microsoft Edge launch in the background [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main] "AllowPrelaunch"=dword:00000000 ; Disable loading the start and new tab pages in the background [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader] "AllowTabPreloading"=dword:00000000 ; Disable SmartScreen Filter [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter] "EnabledV9"=dword:00000000 ; ### Synchronization of Windows Settings ### ; Disable synchronization of all settings [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync] "SyncPolicy"=dword:00000005 ; Disable synchronization of design settings [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Personalization] "Enabled"=dword:00000000 ; Disable synchronization of browser settings [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\BrowserSettings] "Enabled"=dword:00000000 ; Disable synchronization of credentials (passwords) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Credentials] "Enabled"=dword:00000000 ; Disable synchronization of language settings [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Language] "Enabled"=dword:00000000 ; Disable synchronization of accessibility settings [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Accessibility] "Enabled"=dword:00000000 ; Disable synchronization of advanced Windows settings [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Windows] "Enabled"=dword:00000000 ; ### Cortana ### ; Disable and reset Cortana [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Windows Search] "CortanaConsent"=dword:00000000 ; Disable Input Personalization (1 of 4) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Personalization\Settings] "AcceptedPrivacyPolicy"=dword:00000000 ; Disable Input Personalization (2 of 4) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\InputPersonalization] "RestrictImplicitInkCollection"=dword:00000001 ; Disable Input Personalization (3 of 4) "RestrictImplicitTextCollection"=dword:00000001 ; Disable Input Personalization (4 of 4) [HKEY_CURRENT_USER\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore] "HarvestContacts"=dword:00000000 ; Disable online speech recognition [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\InputPersonalization] "AllowInputPersonalization"=dword:00000000 ; Cortana and search are disallowed to use location [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search] "AllowSearchToUseLocation"=dword:00000000 ; Disable web search from Windows Desktop Search [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search] "DisableWebSearch"=dword:00000001 ; Disable display web results in Search [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search] "ConnectedSearchUseWeb"=dword:00000000 ; Disable download and updates of speech recognition and speech synthesis models [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Speech_OneCore\Preferences] "ModelDownloadAllowed"=dword:00000000 ; Disable cloud search [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search] "AllowCloudSearch"=dword:00000000 ; #### Location Services #### ; Disable functionality to locate the system [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors] "DisableLocation"=dword:00000001 "DisableWindowsLocationProvider"=dword:00000001 ; Disable scripting functionality to locate the system [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors] "DisableLocationScripting"=dword:00000001 ; Disable sensors for locating the system and it's orientation [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors] "DisableSensors"=dword:00000001 ; Disable Windows Geolocation Service [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\lfsvc\Service\Configuration] "Status"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Sensor\Overrides\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}] "SensorPermissionState"=dword:00000000 ; ### User Behavior ### ; Disable application telemetry [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection] "AllowTelemetry"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection] "AllowTelemetry"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\AppCompat] "AITEnable"=dword:00000000 ; Disable diagnostic data from customizing user experiences for whole machine [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Privacy] "TailoredExperiencesWithDiagnosticDataEnabled"=dword:00000000 ; Disable the user of diagnostic data for a tailor-made user experience for current user [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Privacy] "TailoredExperiencesWithDiagnosticDataEnabled"=dword:00000000 ; ### Windows Update ### ; Disable Windows Update via peer-to-peer [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config] "DODownloadMode"=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization] "DODownloadMode"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization] "SystemSettingsDownloadMode"=dword:00000000 ; Disable updates to the speech recognition and speech synthesis modules [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Speech] "AllowSpeechModelUpdate"=dword:00000000 ; Activate deferring of upgrades [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate] "DeferUpgrade"=dword:00000001 "DeferUpgradePeriod"=dword:00000001 "DeferUpdatePeriod"=dword:00000000 ; Disable automatic downloading manufacturers apps and icons for devices [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Device Metadata] "PreventDeviceMetadataFromNetwork"=dword:00000001 ; Disable automatic driver updates through Windows Update [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate] "ExcludeWUDriversInQualityUpdate"=dword:00000001 ; Disable automatic app updates through Windows Update [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate] "AutoDownload"=dword:00000002 ; Disable automatic Windows Update [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU] "NoAutoUpdate"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\wuauserv] "Start"=dword:00000004 ; Disable Windows Updates for other prodcuts (e.g. Microsoft Office) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\7971f918-a847-4430-9279-4a52d1efe18d] "RegisteredWithAU"=dword:00000000 ; ### Windows Explorer ### ; Disable occassionally showing app suggestions in Start menu [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] "SystemPaneSuggestionsEnabled"=dword:00000000 ; Do not show recently opened items in Jump Lists on "Start" or the taskbar [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=dword:00000000 ; Disable ads in Windows Explorer or OneDrive [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "ShowSyncProviderNotifications"=dword:00000000 ; Disable OneDrive access to network before login [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\OneDrive] "PreventNetworkTrafficPreUserSignIn"=dword:00000001 ; Disable Microsoft OneDrive [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\OneDrive] "DisableFileSyncNGSC"=dword:00000001 ; ### Windows Defender and Microsoft SpyNet ### ; Disable Microsoft SpyNet membership [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet] "SpyNetReporting"=dword:00000000 ; Disable submitting data samples to Microsoft [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet] "SubmitSamplesConsent"=dword:00000002 ; Disable reporting of malware infection information [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT] "DontReportInfectionInformation"=dword:00000001 ; Disable Windows Defender [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 ; Disable Windows Defender Realtime Monitoring [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] "DisableRealtimeMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection] "DisableBehaviorMonitoring"=dword:00000001 "DisableOnAccessProtection"=dword:00000001 "DisableScanOnRealtimeEnable"=dword:00000001 ; Disable Windows Defender Tamper Protection [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features] "TamperProtection"=dword:00000000 ; Disable showing Windows Defender icon in system tray [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Systray] "HideSystray"=dword:00000001 ; ### Lock Screen ### ; Disable Windows Spotlight [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] "RotatingLockScreenEnabled"=dword:00000000 ; Disable fun facts, tips, tricks and more on your lock screen [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] "RotatingLockScreenOverlayEnabled"=dword:00000000 ; Disable notifications on lock screen [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings] "NOC_GLOBAL_SETTING_ALLOW_TOASTS_ABOVE_LOCK"=dword:00000000 ; ### Miscellaneous ### ; Disable feedback reminders [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Siuf\Rules] "NumberOfSIUFInPeriod"=dword:00000000 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Siuf\Rules] "PeriodInNanoSeconds"=dword:00000000 ; Disable automatic installation of recommended Windows Store Apps [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] "SilentInstalledAppsEnabled"=dword:00000000 ; Disable tips, tricks and suggestions while using Windows [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager] "SoftLandingEnabled"=dword:00000000 ; Disable extension of Windows 10 search with Bing [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search] "BingSearchEnabled"=dword:00000000 ; Disable Key Management Service Online Activation [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform] "NoGenTicket"=dword:00000001 ; Disable automatic download and update of map data [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Maps] "AutoDownloadAndUpdateMapData"=dword:00000000 ; Disable unsolicited network traffic on the offline maps settings page [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Maps] "AllowUntriggeredNetworkTrafficOnSettingsPage"=dword:00000000 ; Disable People icon in the taskbar [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\People] "PeopleBand"=dword:00000000 ; Disable searcg box in task bar [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search] "SearchboxTaskbarMode"=dword:00000000 ; Disable Network Connectivity Status Indicator [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NlaSvc\Parameters\Internet] "EnableActiveProbing"=dword:00000000
Code: sergey130270, @echo off :: ##### O&O ShutUp10 ##### reg load "HKU\HKCU_DEFAULT" "%SystemDrive%\Users\Default\NTUSER.DAT" :: ### Privacy ### :: Disable sharing of handwriting data reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\TabletPC" /v "PreventHandwritingDataSharing" /t "REG_DWORD" /d "1" /f :: Disable sharing of handwriting error reports reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\HandwritingErrorReports" /v "PreventHandwritingErrorReports" /t "REG_DWORD" /d "1" /f :: Disable Inventory Collector reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppCompat" /v "DisableInventory" /t "REG_DWORD" /d "1" /f :: Disable camera in logon screen reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /v "NoLockScreenCamera" /t "REG_DWORD" /d "1" /f :: Disable and reset Advertising ID and info for the machine reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t "REG_DWORD" /d "0" /f :: Disable and reset Advertising ID and info for the current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t "REG_DWORD" /d "0" /f :: Disable transmission of typing information reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Input\TIPC" /v "Enabled" /t "REG_DWORD" /d "0" /f :: Disable conducting experiments with this machine by Microsoft reg add "HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\System" /v "AllowExperimentation" /t "REG_DWORD" /d "0" /f :: Disable advertisements via Bluetooth reg add "HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Bluetooth" /v "AllowAdvertising" /t "REG_DWORD" /d "0" /f :: Disable the Customer Experience Improvement Program reg add "HKLM\SOFTWARE\Microsoft\SQMClient\Windows" /v "CEIPEnable" /t "REG_DWORD" /d "0" /f :: Disable backup of text messages into the cloud reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Messaging" /v "AllowMessageSync" /t "REG_DWORD" /d "0" /f :: Disable suggestions in the timeline reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353698Enabled" /t "REG_DWORD" /d "0" /f :: Disable suggestions in Start reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t "REG_DWORD" /d "0" /f :: Disable tips, tricks and suggestions when using Windows * reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t "REG_DWORD" /d "0" /f reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t "REG_DWORD" /d "0" /f :: Disable showing suggested content in the Settings app reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t "REG_DWORD" /d "0" /f reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353694Enabled" /t "REG_DWORD" /d "0" /f reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353696Enabled" /t "REG_DWORD" /d "0" /f :: Disable the possibility of suggesting to finish the setup of the device reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\UserProfileEngagement" /v "ScoobeSystemSettingEnabled" /t "REG_DWORD" /d "0" /f :: Disable Windows Error Reporting reg add "HKLM\SOFTWARE\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f :: Disable biometrical features reg add "HKLM\SOFTWARE\Policies\Microsoft\Biometrics" /v "Enabled" /t REG_DWORD /d "0" /f :: Disable app notifications reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\PushNotifications" /v "ToastEnabled" /t "REG_DWORD" /d "0" /f :: Disable access to local language for browsers reg add "HKU\HKCU_DEFAULT\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t "REG_DWORD" /d "1" /f :: Disable text suggestions when typing on the software keyboard reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\TabletTip\1.7" /v "EnableTextPrediction" /t "REG_DWORD" /d "0" /f :: Disable sending URLs from apps to Windows Store reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t "REG_DWORD" /d "0" /f :: ### Activity History and Clipboard ### :: Disable recordings of user activity reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "EnableActivityFeed" /t "REG_DWORD" /d "0" /f :: Disable storing users activity on this device reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "PublishUserActivities" /t "REG_DWORD" /d "0" /f :: Disable the submission of user activities to Microsoft reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "UploadUserActivities" /t "REG_DWORD" /d "0" /f :: Disable storage of clipboard history for whole machine reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t "REG_DWORD" /d "0" /f :: Disable storage of clipboard history for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Clipboard" /v "EnableClipboardHistory" /t "REG_DWORD" /d "0" /f :: Disable the transfer of the clipboard to other devices via the cloud reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowCrossDeviceClipboard" /t "REG_DWORD" /d "0" /f :: ### App Privacy ### :: Disable app access to user account information on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userAccountInformation" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to user account information for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userAccountInformation" /v Value /d "Deny" /t "REG_SZ" /f :: Disable Windows tracking of app starts * reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Start_TrackProgs" /t "REG_DWORD" /d "0" /f :: Disable app access to diagnostics information on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appDiagnostics" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to diagnostics information for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appDiagnostics" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to device location on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\location" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to device location for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\location" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to camera on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to camera for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to microphone on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to microphone for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to use voice activation for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Speech_OneCore\Settings\VoiceActivation\UserPreferenceForAllApps" /v "AgentActivationEnabled" /t "REG_DWORD" /d "0" /f :: Disable app access to use voice activation when device is locked for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Speech_OneCore\Settings\VoiceActivation\UserPreferenceForAllApps" /v "AgentActivationOnLockScreenEnabled" /t "REG_DWORD" /d "0" /f :: Disable app access to notifications on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userNotificationListener" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to notifications for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userNotificationListener" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to motion on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\activity" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to movements for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\activity" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to contacts on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\contacts" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to contacts for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\contacts" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to calendar on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appointments" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to calendar for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appointments" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to phone calls on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCall" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to phone calls for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCall" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to call history on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCallHistory" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to call history for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCallHistory" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to email on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\email" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to email for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\email" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to tasks on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userDataTasks" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to tasks for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userDataTasks" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to messages on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\chat" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to messages for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\chat" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to radios on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\radios" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to radios for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\radios" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to unpaired bluetooth devices on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\bluetoothSync" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to unpaired bluetooth devices for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\bluetoothSync" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to documents on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\documentsLibrary" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to documents for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\documentsLibrary" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to images on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\picturesLibrary" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to images for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\picturesLibrary" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to videos on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\videosLibrary" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to videos for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\videosLibrary" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to the file system on this device reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\broadFileSystemAccess" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to the file system for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\broadFileSystemAccess" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to unpaired cellular devices on this device reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\cellularData" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to unpaired cellular devices for current user reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\cellularData" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to eye tracking on this device reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\gazeInput" /v Value /d "Deny" /t "REG_SZ" /f :: Disable app access to eye tracking for current user reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\gazeInput" /v Value /d "Deny" /t "REG_SZ" /f :: Prohibit apps from running in the background reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t "REG_DWORD" /d "1" /f :: ### Security ### :: Disable password reveal button reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\CredUI" /v "DisablePasswordReveal" /t "REG_DWORD" /d "1" /f :: Disable user steps recorder reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppCompat" /v "DisableUAR" /t "REG_DWORD" /d "1" /f :: Disable telemetry :: reg add "HKLM\SYSTEM\ControlSet001\Control\WMI\Autologger\AutoLogger-Diagtrack-Listener" /v "Start" /t REG_DWORD /d "0" /f :: reg add "HKLM\SYSTEM\ControlSet001\Services\DiagTrack" /v "Start" /t REG_DWORD /d "4" /f :: reg add "HKLM\SYSTEM\ControlSet001\Services\dmwappushservice" /v "Start" /t REG_DWORD /d "4" /f :: Disable Windows Media Player usage tracking reg add "HKLM\SOFTWARE\Policies\Microsoft\WindowsMediaPlayer /v "PreventCDDVDMetadataRetrieval" /t "REG_DWORD" /d "1" /f :: Disable Internet access of Windows Media Digital Rights Management (DRM) reg add "HKLM\SOFTWARE\Policies\Microsoft\WMDRM" /v "DisableOnline" /t "REG_DWORD" /d "1" /f :: ### Microsoft Edge (new version based on Chromium) #### :: Disable tracking in the web reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "ConfigureDoNotTrack" /t REG_DWORD /d "1" /f :: Disable check for saved payment method by sites reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "PaymentMethodQueryEnabled" /t REG_DWORD /d "0" /f :: Disable sending info about website visited reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "SendSiteInfoToImproveServices" /t REG_DWORD /d "0" /f :: Disable sending data about browser usage reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "MetricsReportingEnabled" /t REG_DWORD /d "0" /f :: Disable personalizing advertising, search, news and other services reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "PersonalizationReportingEnabled" /t REG_DWORD /d "0" /f :: Disable automatic completion of web address in address bar reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "AddressBarMicrosoftSearchInBingProviderEnabled" /t REG_DWORD /d "0" /f :: Disable user feedback in toolbar reg add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "UserFeedbackAllowed" /t REG_DWORD /d "0" /f :: Disable storing and autocompleting of credit card data on websites reg add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /v "AutofillCreditCardEnabled" /t REG_DWORD /d "0" /f :: Disable form suggestions reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "AutofillAddressEnabled" /t REG_DWORD /d "0" /f :: Disable suggestions from local providers reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "LocalProvidersEnabled" /t REG_DWORD /d "0" /f :: Disable search and website sugggestions reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "SearchSuggestEnabled" /t REG_DWORD /d "0" /f :: Disable use of web service to resolve navigation errors reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "ResolveNavigationErrorsUseWebService" /t REG_DWORD /d "0" /f :: Disable suggestion of similar sites when website cannot be found reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "AlternateErrorPagesEnabled" /t REG_DWORD /d "0" /f :: Disable preload of pages for faster browsing and searching reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "NetworkPredictionOptions" /t REG_DWORD /d "2" /f :: Disable SmartScreen Filter reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "SmartScreenEnabled" /t REG_DWORD /d "0" /f :: ### Microsoft Edge (legacy version) ### :: Disable tracking in the web reg add "HKU\HKCU_DEFAULT\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /v "DoNotTrack" /t REG_DWORD /d "1" /f :: Disable page prediction reg add "HKU\HKCU_DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\FlipAhead" /v "FPEnabled" /t REG_DWORD /d "0" /f :: Disable search and website suggestions reg add "HKU\HKCU_DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main" /v "ShowSearchSuggestionsGlobal" /t REG_DWORD /d "0" /f :: Disable Cortana in Microsoft Edge reg add "HKU\HKCU_DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ServiceUI" /v "EnableCortana" /t REG_DWORD /d "0" /f :: Disable automatic completion of web address in address bar reg add "HKLM\SOFTWARE\Microsoft\PolicyManager\current\device\Browser" /v "AllowAddressBarDropdown" /t REG_DWORD /d "0" /f :: Disable user feedback in toolbar reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "UserFeedbackAllowed" /t REG_DWORD /d "0" /f :: Disable storing and autocompleting of credit card data on websites reg add "HKU\HKCU_DEFAULT\SOFTWARE\Policies\Microsoft\Edge" /v "AutofillCreditCardEnabled" /t REG_DWORD /d "0" /f :: Disable sites saving protected media licenses on my device reg add "HKU\HKCU_DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Privacy" /v "EnableEncryptedMediaExtensions" /t REG_DWORD /d "0" /f :: Do not optimize web search results on the task bar for screen reader reg add "HKU\HKCU_DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main /v "OptimizeWindowsSearchResultsForScreenReaders" /t REG_DWORD /d "0" /f :: Disable Microsoft Edge launch in the background reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main" /v "AllowPrelaunch" /t "REG_DWORD" /d "0" /f :: Disable loading the start and new tab pages in the background reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader" /v "AllowTabPreloading" /t "REG_DWORD" /d "0" /f :: Disable SmartScreen Filter reg add "HKU\HKCU_DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d "0" /f :: ### Synchronization of Windows Settings ### :: Disable synchronization of all settings reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync" /v "SyncPolicy" /t "REG_DWORD" /d "5" /f :: Disable synchronization of design settings reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Personalization" /v "Enabled" /t "REG_DWORD" /d "0" /f :: Disable synchronization of browser settings reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\BrowserSettings" /v "Enabled" /t "REG_DWORD" /d "0" /f :: Disable synchronization of credentials (passwords) reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Credentials" /v "Enabled" /t "REG_DWORD" /d "0" /f :: Disable synchronization of language settings reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Language" /v "Enabled" /t "REG_DWORD" /d "0" /f :: Disable synchronization of accessibility settings reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Accessibility" /v "Enabled" /t "REG_DWORD" /d "0" /f :: Disable synchronization of advanced Windows settings reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Windows" /v "Enabled" /t "REG_DWORD" /d "0" /f :: ### Cortana (Personal Assistant) ### :: Disable and reset Cortana reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Windows Search" /v "CortanaConsent" /t "REG_DWORD" /d "0" /f :: Disable Input Personalization reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Personalization\Settings" /v "AcceptedPrivacyPolicy" /t "REG_DWORD" /d "0" /f reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t "REG_DWORD" /d "1" /f reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t "REG_DWORD" /d "1" /f reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\InputPersonalization\TrainedDataStore" /v "HarvestContacts" /t "REG_DWORD" /d "0" /f :: Disable online speech recognition reg add "HKLM\SOFTWARE\Policies\Microsoft\InputPersonalization" /v "AllowInputPersonalization" /t REG_DWORD /d "0" /f :: Cortana and search are disallowed to use location reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d "0" /f :: Disable web search from Windows Desktop Search reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "DisableWebSearch" /t REG_DWORD /d "1" /f :: Disable display web results in Search reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWeb" /t REG_DWORD /d "0" /f :: Disable download and updates of speech recognition and speech synthesis models reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "ModelDownloadAllowed" /t REG_DWORD /d "0" /f :: Disable cloud search reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /v "AllowCloudSearch" /t REG_DWORD /d "0" /f :: ### Location Services ### :: Disable functionality to locate the system reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocation" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableWindowsLocationProvider" /t REG_DWORD /d "1" /f :: Disable scripting functionality to locate the system reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocationScripting" /t REG_DWORD /d "1" /f :: ### User Behavior ### :: Disable application telemetry reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppCompat" /v "AITEnable" /t "REG_DWORD" /d "0" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f :: Disable diagnostic data from customizing user experiences for whole machine reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Privacy" /v "TailoredExperiencesWithDiagnosticDataEnabled" /t "REG_DWORD" /d "0" /f :: Disable the user of diagnostic data for a tailor-made user experience for current user reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Privacy" /v "TailoredExperiencesWithDiagnosticDataEnabled" /t "REG_DWORD" /d "0" /f :: ### Windows Update ### :: Disable Windows Update via peer-to-peer reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" /v "DODownloadMode" /t "REG_DWORD" /d "0" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /v "DODownloadMode" /t "REG_DWORD" /d "0" /f reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization" /v "SystemSettingsDownloadMode" /t "REG_DWORD" /d "0" /f :: Disable updates to the speech recognition and speech synthesis modules reg add "HKLM\SOFTWARE\Policies\Microsoft\Speech" /v "AllowSpeechModelUpdate" /t REG_DWORD /d "0" /f :: Activate deferring of upgrades reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "DeferUpgrade" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "DeferUpgradePeriod" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "DeferUpdatePeriod" /t REG_DWORD /d "0" /f :: Disable automatic downloading manufacturers apps and icons for devices reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Device Metadata" /v "PreventDeviceMetadataFromNetwork" /t REG_DWORD /d "1" /f :: Disable automatic driver updates through Windows Update reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "ExcludeWUDriversInQualityUpdate" /t REG_DWORD /d "1" /f :: Disable automatic app updates through Windows Update reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /v "AutoDownload" /t REG_DWORD /d "2" /f :: Disable automatic Windows Update reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d "1" /f :: reg add "HKLM\SYSTEM\ControlSet001\Services\wuauserv" /v "Start" /t REG_DWORD /d "4" /f :: Disable Windows Updates for other prodcuts (e.g. Microsoft Office) reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\7971f918-a847-4430-9279-4a52d1efe18d" /v "RegisteredWithAU" /t REG_DWORD /d "0" /f :: ### Windows Defender and Microsoft SpyNet ### :: Disable Microsoft SpyNet membership reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SpyNetReporting" /t REG_DWORD /d "0" /f :: Disable submitting data samples to Microsoft reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f :: Disable reporting of malware infection information reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d "1" /f :: Disable Windows Defender reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f :: Disable Windows Defender Realtime Monitoring reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtimeMonitoring" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScanOnRealtimeEnable" /t REG_DWORD /d "1" /f :: Disable showing Windows Defender icon in system tray reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center\Systray" /v "HideSystray" /t REG_DWORD /d "1" /f :: ### Windows Explorer ### :: Disable occassionally showing app suggestions in Start menu reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d "0" /f :: Do not show recently opened items in Jump Lists on "Start" or the taskbar reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Start_TrackDocs" /t REG_DWORD /d "0" /f :: Disable ads in Windows Explorer or OneDrive reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowSyncProviderNotifications" /t REG_DWORD /d "0" /f :: Disable OneDrive access to network before login reg add "HKLM\SOFTWARE\Microsoft\OneDrive" /v "PreventNetworkTrafficPreUserSignIn" /t REG_DWORD /d "1" /f :: Disable Microsoft OneDrive reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d "1" /f :: ### Lock Screen ### :: Disable Windows Spotlight reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "RotatingLockScreenEnabled" /t REG_DWORD /d "0" /f :: Disable fun facts, tips, tricks and more on your lock screen reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "RotatingLockScreenOverlayEnabled" /t REG_DWORD /d "0" /f :: Disable notifications on lock screen reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings" /v "NOC_GLOBAL_SETTING_ALLOW_TOASTS_ABOVE_LOCK" /t REG_DWORD /d "0" /f :: ### Miscellaneous ### :: Disable feedback reminders reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Siuf\Rules" /v "NumberOfSIUFInPeriod" /t REG_DWORD /d "0" /f reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Siuf\Rules" /v "PeriodInNanoSeconds" /t REG_DWORD /d "0" /f :: Disable automatic installation of recommended Windows Store Apps reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d "0" /f :: Disable tips, tricks and suggestions while using Windows reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d "0" /f :: Disable extension of Windows 10 search with Bing reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "BingSearchEnabled" /t REG_DWORD /d "0" /f :: Disable Key Management Service Online Activation reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform" /v "NoGenTicket" /t REG_DWORD /d "1" /f :: Disable automatic download and update of map data reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Maps" /v "AutoDownloadAndUpdateMapData" /t REG_DWORD /d "0" /f :: Disable unsolicited network traffic on the offline maps settings page reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Maps" /v "AllowUntriggeredNetworkTrafficOnSettingsPage" /t REG_DWORD /d "0" /f :: Disable People icon in the taskbar reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\People" /v "PeopleBand" /t REG_DWORD /d "0" /f :: Disable search box in taskbar reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d "0" /f :: Disable search box in taskbar reg add "HKU\HKCU_DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d "0" /f :: Disable Network Connectivity Status Indicator reg add "HKLM\SYSTEM\ControlSet001\Services\NlaSvc\Parameters\Internet" /v "EnableActiveProbing" /t REG_DWORD /d "0" /f reg unload "HKU\HKCU_DEFAULT" del /F /Q /A "%SystemDrive%\Users\Default\NTUSER.DAT*.blf" del /F /Q /A "%SystemDrive%\Users\Default\NTUSER.DAT*.regtrans-ms" exit
sergey130270, Sorry for the minor inconvenience (exceeded the text limit)! p.s You can see, your problem is easily solved by looking at it from all angles!
MSMG is a great integration tool. Congratulations to all involved! Is there a possibility of this tool, in next release, add option in to remove bloatware apps (listed bellow) in "Remove Windows Components" > "Select Windows Components" > "Windows App" menu? Code: SpotifyAB.SpotifyMusic Microsoft News Microsoft To Do: Lists, Tasks & Reminders Is it possible to also integrate the latest version of Microsoft Edge Chromium (91.0.864.37) in WIM source? Regards!
Thank you, ISO is from MS, It is version 19041. I have also Tried an ESD on this site. I convert them to a WIM, and only use option 7 for Windows Apps. Then convert back to esd, don't clean image and make an ISO. I get errors on sfc/scannow all the time.
Hi, i wanted to use the toolkit to customize an image. I read the readme first, and read about the tool beforehand, so I don't mess something up. I used version 11.5. Icopied the files from the windows img to the toolkits DVD folder and converted the eds file to wim. So far so good. I started removing services. But now, the f**kup. After selected all the stuff i wanted to have removed and then used the second option to actually apply the changes. ALL THE CHANGES GOT APPLIED TO MY HOST OPERATION SYSTEM. But why? I selected the image as the source and got no warnings etc, nothing. I dunno what happend there, there arent any log files either (Logs folder is empty) Anyone can give me a hint what I did wrong ?
Dear friends and @MSMG I try to work on 19043.1023.210518-2328.21H1_RELEASE_SVC_PROD3_CLIENTMULTI_X64FRE, but it ask for this package... =============================================================================== MSMG ToolKit - Integrate Windows Data Deduplication =============================================================================== Windows Data Deduplication Pack folder is missing the below file... "Microsoft-Windows-FileServer-ServerCore-Package~31bf3856ad364e35~amd64~~10.0.19043.1.cab" Please copy the above file to <Packs\Dedup\w10\10.0.19043> folder... =============================================================================== Can anyone share it? Thanks in advanced Regards @JeepWillys58
Hi dear friend @graver.x I don't think so, because when I copy all 10.0.19041 folder content and rename the folder to 10.0.19043 and also all content it works... We'll see when we're done if the iso will work perfectly or not... Thanks anyway to replay. That you and all yours be safe and healtly! Regards, @JeepWillys58
I have begun building the now released 21H1 images. As usual, the ISO's have been made from uupdump site. MSMG runs were flawless on three images, spanish MX x86,x64 and US English x64. After deployment an SFC check was done to confirm the reported SFC errors. Indeed there are, so I took a look at the CBS log: Code: 2021-06-01 17:57:55, Info CSI 000001bc Warning: Overlap: Directory \??\C:\Program Files (x86)\ is owned twice or has its security set twice Original owner: Microsoft-Windows-shell32, version 10.0.19041.964, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} New owner: Microsoft-Windows-shell32, version 10.0.19041.964, arch Host= amd64 Guest= x86, nonSxS, pkt {l:8 b:31bf3856ad364e35} So it seems the issue is related to duplicate permission entries. I don't think this is something critical, and the configured system works fine. Cheers.
Supern00b, after removing the components and installing the system, did you check the integrity of the component store? dism /online /cleanup-image /scanhealth It would be interesting to compare with my test result.
But you confirm it yourself: If the word "error" confuses you, you can call it a small flaw. So is the Microsoft-Windows-FileServer-ServerCore-Package~31bf3856ad364e35~amd64~~10.0.19043 .1.cab component apparently does not exist, but there is Microsoft-Windows-FileServer-ServerCore-Package~31bf3856ad364e35~amd64~~10.0.19041.1.cab Thank you, my friend, and I reciprocate: peace and health to you and your family!
@Panthera 0x80070006 errors in DISM.log can indicate insufficient memory RAM available. Check also, if your antivirus software or MsMpEng.exe process (Microsoft Malware Protection Engine - Windows Defender) is not causing interference.
Yes, I know, and to make it works I create a new folder Packs\Dedup\w10\10.0.19043 I copied all the content from 10.0.19041 and renamed everything to xxxx-10.0.19043 and, to my surprise, it worked and merged all the renamed packages as if they were legitimate they existed...
yes it worked because 19042 and 19043 are based on 19041, because what I do in my script, if all that is greater than 19041 I define as 19041, for you to take the test, when mounted the image of a stop in it and VA SERVICING FLOOR AND VERA SO A few things may, for almost everything and 19041
Done. No errors at all. Image is localized es-MX. Packages removed: Spoiler 3DViewer Maps MapControl OneDrive FirstLogonAnimation AssignedAccess CEIP_SQM KernelDebugging UnifiedTelemetryClient WindowsInsiderHub MultiPointConnector DeviceLockdown EaseOfAccessThemes SecurityCenter StepsRecorder SystemRestore WindowsBackup AADBrokerPlugin AssignedAccessLockApp CBSPreview ContentDeliveryManager ECApp NarratorQuickStart ParentalControls PeopleExperienceHost QuickAssist RetailDemoContent SecureAssessmentBrowser SkypeORTC SmartScreen WindowsDefender WindowsMixedReality MixedRealityPortal WindowsReaderPDF XboxGameCallableUI BingWeather CommunicationsApps Cortana FeedbackHub GetHelp Getstarted OfficeHub OfficeOneNote People Photos Paint3D ScreenSketch SkypeApp SolitaireCollection StickyNotes WalletService XboxApp YourPhone ZuneMusic ZuneVideo Cheers.