[REPO] Windows 10 TELEMETRY REPOSITORY

Discussion in 'Windows 10' started by Yen, Aug 4, 2015.

  1. DirtyAngelicaSecured

    Mar 30, 2020
    101
    17
    10
    #1301 DirtyAngelicaSecured, May 16, 2021
    Last edited: May 16, 2021
    Nevermind, figured it out!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. Tep

    Tep MDL Novice

    Jul 28, 2019
    1
    0
    0
    #1302 Tep, May 19, 2021
    Last edited: May 20, 2021
    Your software is very promising lakrispipe, because the solution is not integrated with the operating system or changes can be made without notice : a overlay and a transparent control of the registry !

    The new keys introduced by the updates must be discriminated or marked: they will be easier to examine in view of their activation/deactivation/deletion with maintain of deletion if necessary.

    And a event/key/function reference manual will surely be useful.

    The existing solutions are not hyper-specialised like yours or are part of a heavy security suite (solarwinds registry-monitoring) or very simple (StartupEye Registry Monitor = which only monitors the startup line of the registry).





     
  3. fsound

    fsound MDL Novice

    Apr 3, 2015
    34
    18
    0
    Just curious: have there been approaches to port (copy, patch) the missing functions from the Enterprise version to the Professional version? I bet, those are just a bunch of DLLs, as we've had in the past, e.g. RDP.
     
  4. (\_/)^(\_/)

    (\_/)^(\_/) MDL Member

    May 31, 2020
    1,742
    1,478
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Aldegard

    Aldegard MDL Novice

    Aug 19, 2021
    23
    13
    0
    #1307 Aldegard, Aug 24, 2021
    Last edited: Aug 24, 2021
    Debloat Task Manager.

    Disable Microsoft Text Input Application:
    Code:
    reg add "HKLM\SOFTWARE\Microsoft\Input" /v InputServiceEnabled /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Microsoft\Input" /v InputServiceEnabledForCCI /t REG_DWORD /d 0 /f
    Disable CTF Loader:
    Code:
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\TabletInputService" /v Start /t REG_DWORD /d 4 /f
    Disable Security Health Service:
    Code:
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\SecurityHealthService" /v Start /t REG_DWORD /d 4 /f
     
  6. wacamole

    wacamole MDL Novice

    May 31, 2010
    16
    1
    0
    :roflmao: perfect example hahaha
     
  7. Aldegard

    Aldegard MDL Novice

    Aug 19, 2021
    23
    13
    0
    #1309 Aldegard, Sep 1, 2021
    Last edited: Sep 1, 2021
    The old rule for disabling Multicast DNS is not enough anymore. Add one more. Like this (new and old):
    Code:
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" /v EnableMDNS /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" /v EnableMulticast /t REG_DWORD /d 0 /f
    The same concerns Microsoft NCSI. Old rule not enough anymore. Now when you turn on PC Windows sometimes phone to "dns.msftncsi.com". Maybe someone knows a new rule to disable it ?
     
  8. (\_/)^(\_/)

    (\_/)^(\_/) MDL Member

    May 31, 2020
    1,742
    1,478
    60
    Its the most wanted & awaited rule to disable msftncsi dns dns.msftncsi.com calling M$ after every 10-30 minutes interval if it could be switched off then i am sure no any telemetry reg tweak or any gpo tweak is needeed as it will completly break user os calling m$ via his or her router local address to remote address.

    Nice find you are a Gem ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. case-sensitive

    case-sensitive MDL Expert

    Nov 7, 2013
    1,096
    437
    60
    @ Clarity ---- >

    The old one is reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" /v EnableMulticast /t REG_DWORD /d 0 /f

    The new one is reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient" /v EnableMDNS /t REG_DWORD /d 0 /f

    ?
     
  10. Aldegard

    Aldegard MDL Novice

    Aug 19, 2021
    23
    13
    0
    #1312 Aldegard, Sep 2, 2021
    Last edited: Sep 2, 2021
    Yes. To completely disable Multicast, they should be both applied. They work only in a pair.

    I see an attempt to connect to the dns.msftncsi.com takes place only during the OS boot process. Newer more after. Definitely you have not everything is disabled. Try this:

    Code:
    reg add "HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet" /v EnableActiveProbing /t REG_DWORD /d 0 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator" /v NoActiveProbe /t REG_DWORD /d 1 /f
    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator" /v DisablePassivePolling /t REG_DWORD /d 1 /f
     
  11. (\_/)^(\_/)

    (\_/)^(\_/) MDL Member

    May 31, 2020
    1,742
    1,478
    60
    IF YOU CAN CROSS CHECK YOUR ROUTER LOGS THEN YOU WILL BE ABLE TO SEE HOW MANY TIMES IT REQUESTED YOUR SYSTEM TO CONNECT TO IT IN A SINGLE DAY WITHOUT ANY REBOOT.
    PL DO CROSS CHECK.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. (\_/)^(\_/)

    (\_/)^(\_/) MDL Member

    May 31, 2020
    1,742
    1,478
    60
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. Aldegard

    Aldegard MDL Novice

    Aug 19, 2021
    23
    13
    0
    I`m using Windows Server 2022 with my own DNS server on it with enabled logging all dns requests. It`s empty. I`m fully disable all microsoft &^%$ on this moment (except this NCIS on boot). I have a lot of experience with disabling this &^%$

    I only realized that I never applied all three rules for NCSI together. I need to trace it can help with "boot connections".
     
  14. (\_/)^(\_/)

    (\_/)^(\_/) MDL Member

    May 31, 2020
    1,742
    1,478
    60
    yes Thatswhy i already Said "You are a Gem" Awesome ;)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  15. freddie-o

    freddie-o MDL Addicted

    Jul 29, 2009
    935
    1,212
    30
    #1317 freddie-o, Sep 4, 2021
    Last edited: Dec 13, 2021
    How I disable/minimize telemetry in Windows 10 Enterprise -- OFFLINE
    (The script mounts the install.wim, loads the Registry hives, applies the registry modifications, unloads the Registry hives then unmounts the install.wim)

    In case someone decides to apply this script. Do not just copy-paste-and-run the script. Understand what each entry does. They may not all apply to your scenario.

    Code:
    @echo off
    
    rem == create mount folder  ==
    mkdir mount
    
    rem == mount install.wim ==
    dism /mount-wim /wimfile:install.wim /index:1 /mountdir:mount
    
    rem == modify the registry ==
    rem == disable microsoft defender, notifications, updates and malicious software removal tool ==
    reg load HKLM\SOFTHIVE mount\Windows\System32\config\SOFTWARE
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender Security Center\Systray" /v "HideSystray" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender Security Center\Notifications" /v "DisableNotifications" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender Security Center\Notifications" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\MRT" /v "DontOfferThroughWUAU" /t REG_DWORD /d "1" /f
    reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MRT.exe" /f
    
    rem == disable telemetry ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\InternetManagement" /v "RestrictCommunication" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\SQMClient\Windows" /v "CEIPEnable" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppCompat" /v "AITEnable" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppCompat" /v "DisableInventory" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\PCHealth\ErrorReporting" /v "DoReport" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Error Reporting" /v "LoggingDisabled" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Classes\AppID\slui.exe" /v "NoGenTicket" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform" /v "NoGenTicket" /t REG_DWORD /d "1" /f
    
    rem == delete telemetry scheduled tasks ==
    reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience" /f
    reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Autochk" /f
    reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program" /f
    reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Feedback" /f                                                                                                                   
    reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender" /f
    reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting" /f
    
    rem == disable cortana ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "DisableWebSearch" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchPrivacy" /t REG_DWORD /d "3" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchSafeSearch" /t REG_DWORD /d "3" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWeb" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\default\Experience\AllowCortana" /v "value" /t REG_DWORD /d "0" /f
    
    rem == disable windows network connectivity status indicator (ncsi) ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator" /v "NoActiveProbe" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\default\Connectivity\DisallowNetworkConnectivityActiveTests" /v "value" /t REG_DWORD /d "1" /f
    
    rem == disable smartscreen ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\default\Browser\AllowSmartScreen" /v "value" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControlEnabled" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControl" /t REG_SZ /d "Anywhere" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "Enabled" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "EnabledV8" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3" /v "2301" /t REG_DWORD /d "3" /f
    
    rem == disable onedrive ==
    reg add "HKLM\SOFTHIVE\Microsoft\OneDrive" /v "PreventNetworkTrafficPreUserSignIn" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\default\System\DisableOneDriveFileSync" /v "value" /t REG_DWORD /d "1" /f
    
    rem == disable advertising info and accessing my language list ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AdvertisingInfo" /v "DisabledByGroupPolicy" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\RunOnce" /v "HttpAcceptLanguageOptOut" /t REG_SZ /d "reg add \"HKCU\Control Panel\International\User Profile\" /v \"HttpAcceptLanguageOptOut\" /t REG_DWORD /d \"1\" /f" /f
    
    rem == disable inking & typing personalization ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\InputPersonalization" /v "AllowInputPersonalization" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\TextInput" /v "AllowLinguisticDataCollection" /t REG_DWORD /d "0" /f
    
    rem == disable diagnostics & feedback ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "DisableEnterpriseAuthProxy" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\default\System\AllowTelemetry" /v "value" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "MaxTelemetryAllowed" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "MicrosoftEdgeDataOptIn" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d "1" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "DoNotShowFeedbackNotifications" /t REG_DWORD /d "1" /f
    
    rem == disable activity history ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "EnableActivityFeed" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "PublishUserActivities" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "UploadUserActivities" /t REG_DWORD /d "0" /f
    
    rem == disable location ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocation" /t REG_DWORD /d "1" /f
    
    rem == disable access to notifications ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" /v "NoCloudApplicationNotification" /t REG_DWORD /d "1" /f
    
    rem == disable access to messaging ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Messaging" /v "AllowMessageSync" /t REG_DWORD /d "0" /f
    
    rem == disable app permissions ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsGetDiagnosticInfo" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsRunInBackground" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessTrustedDevices" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessTasks" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsSyncWithDevices" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessRadios" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessPhone" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessNotifications" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMotion" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMicrophone" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMessaging" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessLocation" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessEmail" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessContacts" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCallHistory" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCalendar" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessAccountInfo" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsActivateWithVoice" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsActivateWithVoiceAboveLock" /t REG_DWORD /d "2" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\broadFileSystemAccess" /v "Value" /t REG_SZ /d "Deny" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\cellularData" /v "Value" /t REG_SZ /d "Deny" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\documentsLibrary" /v "Value" /t REG_SZ /d "Deny" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\location" /v "Value" /t REG_SZ /d "Deny" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone" /v "Value" /t REG_SZ /d "Deny" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\picturesLibrary" /v "Value" /t REG_SZ /d "Deny" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\videosLibrary" /v "Value" /t REG_SZ /d "Deny" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam" /v "Value" /t REG_SZ /d "Deny" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\wifiData" /v "Value" /t REG_SZ /d "Deny" /f
    
    rem == disable find my device ==
    reg add "HKLM\SOFTHIVE\Policies\Microsoft\FindMyDevice" /v "AllowFindMyDevice" /t REG_DWORD /d "0" /f
    reg add "HKLM\SOFTHIVE\Microsoft\Settings\FindMyDevice" /v "LocationSyncEnabled" /t REG_DWORD /d "0" /f
    reg unload HKLM\SOFTHIVE
    
    rem == disable windows network connectivity status indicator (ncsi) ==
    reg load HKLM\SYSHIVE mount\Windows\System32\config\SYSTEM
    reg add "HKLM\SYSHIVE\ControlSet001\Services\NlaSvc\Parameters\Internet" /v "EnableActiveProbing" /t REG_DWORD /d "0" /f
    
    rem == delete telemetry services ==
    reg delete "HKLM\SYSHIVE\ControlSet001\Services\DiagTrack" /f
    reg delete "HKLM\SYSHIVE\ControlSet001\Services\diagnosticshub.standardcollector.service" /f
    reg delete "HKLM\SYSHIVE\ControlSet001\Services\dmwappushservice" /f
    reg delete "HKLM\SYSHIVE\ControlSet001\Services\WinDefend" /f
    reg unload HKLM\SYSHIVE
    
    rem == disable smartscreen for store and apps ==
    reg load HKLM\NTUSER mount\Users\Default\NTUSER.DAT
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /v "PreventOverride" /t REG_DWORD /d "1" /f
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows Security Health\State" /v "AppAndBrowser_StoreAppsSmartScreenOff" /t REG_DWORD /d "0" /f
    
    rem == disable smartscreen for microsoft edge ==
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Edge\SmartScreenEnabled" /ve /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Edge\SmartScreenPuaEnabled" /ve /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows Security Health\State" /v "AppAndBrowser_EdgeSmartScreenOff" /t REG_DWORD /d "0" /f
    
    rem == disable typing insights ==
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Input\Settings" /v "InsightsEnabled" /t REG_DWORD /d "0" /f
    
    rem == disable advertising info and tracking app launches ==
    reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Start_TrackProgs" /t REG_DWORD /d "0" /f
    
    rem == disable speech recognition ==
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy" /v "HasAccepted" /t REG_DWORD /d "0" /f
    
    rem == disable inking & typing personalization ==
    reg add "HKLM\NTUSER\Software\Microsoft\Input\TIPC" /v "Enabled" /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\Software\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d "1" /f
    reg add "HKLM\NTUSER\Software\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d "1" /f
    reg add "HKLM\NTUSER\Software\Microsoft\InputPersonalization\TrainedDataStore" /v "HarvestContacts" /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\Software\Microsoft\Personalization\Settings" /v "AcceptedPrivacyPolicy" /t REG_DWORD /d "0" /f
    
    rem == disable diagnostics & feedback ==
    reg add "HKLM\NTUSER\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /v "DisableTailoredExperiencesWithDiagnosticData" /t REG_DWORD /d "1" /f
    reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\Privacy" /v "TailoredExperiencesWithDiagnosticDataEnabled" /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Siuf\Rules" /v "NumberOfSIUFInPeriod" /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Siuf\Rules" /v "PeriodInNanoSeconds" /t REG_DWORD /d "0" /f
    
    rem == disable search permissions ==
    reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\SearchSettings" /v "SafeSearchMode" /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\SearchSettings" /v "IsMSACloudSearchEnabled" /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\SearchSettings" /v "IsAADCloudSearchEnabled" /t REG_DWORD /d "0" /f
    reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\SearchSettings" /v "IsDeviceSearchHistoryEnabled" /t REG_DWORD /d "0" /f
    
    rem == disable onedrive from installing ==
    reg delete "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" /v "OneDriveSetup" /f
    reg unload HKLM\NTUSER
    rem == done editing registry ==
    
    rem == unmount wim ==
    dism /unmount-wim /mountdir:mount /commit
    
    rem == delete mount folder  ==
    rd /s /q mount
    
    pause
    exit
    

     
  16. (\_/)^(\_/)

    (\_/)^(\_/) MDL Member

    May 31, 2020
    1,742
    1,478
    60
    Very Nice . Keep it up.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. Techville

    Techville MDL Novice

    Jan 28, 2021
    3
    0
    0
    Hi,

    I have win 10 enterprise LTSC installed and have set telemetry level to 0 = security. Also gone through settings -- Privacy and disabled nearly everything.


    Is that the best I can do ? I couldn't work out if the additional steps atr the top of this thread were in addition or instead of

    I have reluctantly migrated from Windows 8.1 and I am hoping I now have (more or less) the same level or privacy. Is that true ?

    BTW in setting telemetry to 0, do MS just collect the same level of data as in basic telemetry ?


    1. Operating system name and version, locale.
    2. Date and time.
    3. Locally defined, unique ID for device, and device class (e.g. Server or Desktop).
    4. Various unique user, machine and application identifiers.
    5. Various information about the system, both in hash form and strings, e.g. OEM manufacturer information, device name, TMP version, active microphones, firmware, networking information, license state, license key, processor, speech settings, storage, display, and more. (see Census listings there).


    Thanks