@freddie-o Have your scripts been tested with W10/11 Home/Pro variants? And if I actually want to enable something I can just go to each section and remove lines?
Yes. Lately I've been switching between Home and Pro Although I noticed in Home, there are some executables that are phoning Home so I added these lines to the script Code: rem == disable executables that collect and transmit data == reg add "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\CompatTelRunner.exe" /v "Debugger" /t REG_SZ /d "%windir%\System32\systray.exe" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DeviceCensus.exe" /v "Debugger" /t REG_SZ /d "%windir%\System32\systray.exe" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SIHClient.exe" /v "Debugger" /t REG_SZ /d "%windir%\System32\systray.exe" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\WaaSMedicAgent.exe" /v "Debugger" /t REG_SZ /d "%windir%\System32\systray.exe" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wsqmcons.exe" /v "Debugger" /t REG_SZ /d "%windir%\System32\systray.exe" /f You can modify the script anyway you want but I won't be able to help you there
I was surprised once using Windows Home that Windows Update started working and downloading some updates and drivers I am not sure but I think if "WaaSMedicAgent.exe" phones Home it will restore Windows Update Services
Thanks! Yea i really dont care about Home but I know some who still uses it. Understandably you cant support something I'm doing on my own I can use sc config to pre disable (or set to manual) services here also right
Hi @freddie-o, If I wanted to restore native Microphone functions, would all I have to do is remove these two lines from the script? I did a control + f for "microphone" and these were the only lines it found. Code: reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMicrophone" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone" /v "Value" /t REG_SZ /d "Deny" /f Thank you
Why not test on a running OS first to check It looks to me like you're adding a Store App that will use the microphone? So that's another thing to consider if it does not work But as I said
Added more registry entries to disable AI telemetry in Windows 11 -- Recall snapshots and AI data logging/telemetry https://forums.mydigitallife.net/th...lemetry-repository.63874/page-66#post-1686849
Yes, I think WaaSMEdicAgent essentially does something similar to sfc /scannow and tries to repair the customised windows image, downloading and adding back in what thinks is missing e.g windows update etc. This led me to another issue when you add cab updates to the iso image via this script. The script will remove telemetry etc (incl wassmedic) but then later, when we go to install using the new custom iso, the install sequence applies the cab updates during install which can then re-install some of the telemetry we took out or reset the registry entries to what windows wants, e.g restarts Waasmedic service. So I think updates have to be installed before we run the bulk of telemetry script or else we run the risk on undoing some of the scripts work. I thought about moving the cab (include package) code to the start of the script but it doesn;t really matter where it is on the script as all it does is add the cab package, the update doesn;t actually get installed untill installation which is when it may re-install some of the packages,services or reg entries that we already removed. I think what needs to happen is that the update has to be actaully applied to the mounted wim file as an update, not just appending the cab package for the iso to update later during install. Any thoughts?
Based on my observation "WaaSMedicAgent.exe" phones home only in Windows Home editions. It could have been this or "DISM /Online /Cleanup-Image /RestoreHealth" that restores Windows Update Services --- I haven't been able to reproduce the "problem" again after blocking WaaSMedicAgent (it might also be a while before I play with Windows Home again) I also add Windows updates during but before disabling telemetry and haven't noticed any registry changes yet after a clean install I have a few updates to the scripts so I will be updating them soon which will include WaaSMedicAgent just to be safe
Yes, I see now the spynet refs are already in, yes. The reason I added is that my post script installed OS registry is still showing SpynetReporting=2 and SubmitSamplesConsent=1. Strange. I will do some testing over next couple weeks when I get some time and report back if this isn;t just something weird going on my end, possibly the cab update issue i mentioned earlier? Would need to run the script with and without my cabs and compare.
I'm in the process of going through the entire "disable_telemetry" scripts but this may take some time so they might come in installments. The first update already has quite a few changes -- like I removed entries that are not directly or critical to telemetry being sent to MS
Ok, I got to the bottom of why I thought the script wasn't changing value. There are 2 spynet references in registry. I was looking at "Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet" in here it is still active. The script changes Computer\HKEY_LOCAL_MACHINE\Policies\Microsoft\Windows Defender\Spynet. So, the script policy changes are being overridden? Maybe "LocalSettingOverrideSpynetReporting" or "TamperProtection" is stopping the settings being applied?
There should be 4 Code: reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Spynet" /v "LocalSettingOverrideSpynetReporting" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Spynet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Spynet" /v "SpynetReporting" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Spynet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f Spoiler "LocalSettingOverrideSpynetReporting" or "TamperProtection" don't matter when the registry keys are applied offline on a mounted image. and once you boot into Windows... Defender is completely disabled
Finally finished going through disable_telemetry scripts and a lot of changes were made A lot of registry policies were added/expanded for more telemetry hardening and a lot of policies were removed that were either non-critical, obsolete, unnecessary or even unrelated to disabling telemetry I'll be testing the script asap and then release them if and when all goes well
Ok, do you know why "Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Spynet" values are still active after setting the Computer\HKEY_LOCAL_MACHINE\Policies\Microsoft\Windows Defender\Spynet values using offline script?