Symantec Endpoint Protection Trellix ( aka mcafee ) Endpoint Security + + + # How-to configure Firewall and disable Telemetry in Symantec Endpoint Protection https://forums.mydigitallife.net/th...lemetry-repository.63874/page-73#post-1724179
In the occupied German Empire and controlled by the Allied Government of the Federal Republic of Germany
Freddie-o Could you add a note to your original script post to say these are the lines which need to be removed if you want to use OOBE: ------------------------------------------------------------------- From "delete telemetry scheduled tasks" section: reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CloudExperienceHost" /f From "delete telemetry services" section: reg delete "HKLM\SYSHIVE\ControlSet001\Services\DiagTrack" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\dmwappushservice" /f ------------------------------------------------------------------ Finally: At the end of the script delete this entry. rem == create panther folder and add unnatend.xml == mkdir mount\Windows\Panther copy /y unattend.xml mount\Windows\Panther ------------------------------------------------------------------- It may help those less familiar with it.
Freddie-o You've got it back-to-front, removing those lines will ENABLE OOBE not get you stuck in OOBE. If you keep them in the script you will need to use your unattend.xml
thatswhat i was thinking as cloudexperiencehost task is needed for oobe post phase or else will result in error so that one will use unattend to bypass machine as well as user oobe in xml tags of <oobe> but i was keeping myself restricted so that freddie-o will not think that i am trying to do bad for him . he has done a great job via sharing this telemetry removal script on MDL as well as dmwappushseevice is needed for oobe as well as sysprep phase.
Ok, this is a somewhat new script and in itself so okay! I can use it then but still for LTSC 2021!??
Ok, so it doesn't matter what file type it is, dism handles all file types. I didn't know that, didn't come up anywhere!
No but i suggested you for your query regarding windows Updates nothing else ie either in form of extracted cabs from msu itself or either msu itself the same way.
Extract the cabs from the msu then add them as TrustedInstaller Spoiler run_as_trustedinstaller.cmd Code: @echo off pushd "%~dp0" "%~dp0PowerRun_x64.exe" add-package.cmd add-package.cmd Code: @echo off rem == add latest servicing stack update == dism /online /add-package:SSU-19041.1525-x64.cab /norestart rem == add latest cumulative update == dism /online /add-package:Windows10.0-KB5010342-x64.cab /norestart rem == add latest .NET framework 3.5 and 4.8 update == dism /online /add-package:Windows10.0-KB5009467-x64-NDP48.cab /norestart pause
Windows Server 2022 disable_telemetry.cmd Code: @echo off rem == create mount and scratch folders == mkdir mount mkdir temp rem == mount install.wim == dism /mount-wim /wimfile:install.wim /index:1 /mountdir:mount rem == load registry hives to disable telemetry == reg load HKLM\SOFTHIVE mount\Windows\System32\config\SOFTWARE rem == disable windows defender, notifications, updates and malicious software removal tool == reg add "HKLM\SOFTHIVE\Microsoft\Windows Defender\Features" /v "TamperProtection" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender" /v "PUAProtection" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtimeMonitoring" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "LocalSettingOverrideDisableRealtimeMonitoring" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Reporting" /v "WppTracingLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableGenericRePorts" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Reporting" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Spynet" /v "LocalSettingOverrideSpynetReporting" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Spynet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Spynet" /v "SpynetReporting" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Spynet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection" /v "EnableNetworkProtection" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Windows Defender/Operational" /v "Enabled" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender Security Center\Systray" /v "HideSystray" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\MRT" /v "DontOfferThroughWUAU" /t REG_DWORD /d "1" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MRT.exe" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Run" /v "SecurityHealth" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender Security Center\Notifications" /v "DisableNotifications" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender Security Center\Notifications" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f rem == disable smartscreen == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\default\Browser\AllowSmartScreen" /v "value" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControlEnabled" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControl" /t REG_SZ /d "Anywhere" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "Enabled" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "EnabledV8" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Internet Explorer\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Edge" /v "SmartScreenEnabled" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3" /v "2301" /t REG_DWORD /d "3" /f rem == disable windows firewall == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\IPSec\ICFv4" /v "BypassFirewall" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\WindowsFirewall\DomainProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\WindowsFirewall\PublicProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\WindowsFirewall\StandardProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f rem == disable windows update, delivery optimization and reserved storage == reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoWindowsUpdate" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\WindowsUpdate" /v "SetDisableUXWUAccess" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\WindowsUpdate" /v "DoNotConnectToWindowsUpdateInternetLocations" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\WindowsUpdate" /v "WUServer" /t REG_SZ /d "\" \"" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\WindowsUpdate" /v "WUStatusServer" /t REG_SZ /d "\" \"" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\WindowsUpdate" /v "UpdateServiceUrlAlternate" /t REG_SZ /d "\" \"" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "UseWUServer" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DeliveryOptimization" /v "DODownloadMode" /t REG_DWORD /d "99" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" /v "DODownloadMode" /t REG_DWORD /d "99" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\ReserveManager" /v "ShippedWithReserves" /t REG_DWORD /d "0" /f rem == disable retrieving device metadata for installed devices from the internet == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Device Metadata" /v "PreventDeviceMetadataFromNetwork" /t REG_DWORD /d "1" /f rem == disable recording of event logging and tracing == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{F9C77450-3A41-477E-9310-9ACD617BD9E3}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{F9C77450-3A41-477E-9310-9ACD617BD9E3}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{728EE579-943C-4519-9EF7-AB56765798ED}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{728EE579-943C-4519-9EF7-AB56765798ED}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{1A6364EB-776B-4120-ADE1-B63A406A76B5}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{1A6364EB-776B-4120-ADE1-B63A406A76B5}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{5794DAFD-BE60-433f-88A2-1A31939AC01F}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{5794DAFD-BE60-433f-88A2-1A31939AC01F}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{0E28E245-9368-4853-AD84-6DA3BA35BB75}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{0E28E245-9368-4853-AD84-6DA3BA35BB75}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{7150F9BF-48AD-4da4-A49C-29EF4A8369BA}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{7150F9BF-48AD-4da4-A49C-29EF4A8369BA}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{A3F3E39B-5D83-4940-B954-28315B82F0A8}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{A3F3E39B-5D83-4940-B954-28315B82F0A8}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{6232C319-91AC-4931-9385-E70C2B099F0E}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{6232C319-91AC-4931-9385-E70C2B099F0E}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{74EE6C03-5363-4554-B161-627540339CAB}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{74EE6C03-5363-4554-B161-627540339CAB}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{E47248BA-94CC-49c4-BBB5-9EB7F05183D0}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{E47248BA-94CC-49c4-BBB5-9EB7F05183D0}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{17D89FEC-5C44-4972-B12D-241CAEF74509}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{17D89FEC-5C44-4972-B12D-241CAEF74509}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{3A0DBA37-F8B2-4356-83DE-3E90BD5C261F}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{3A0DBA37-F8B2-4356-83DE-3E90BD5C261F}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{6A4C88C6-C502-4f74-8F60-2CB23EDC24E2}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{6A4C88C6-C502-4f74-8F60-2CB23EDC24E2}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{E62688F0-25FD-4c90-BFF5-F508B9D2E31F}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{E62688F0-25FD-4c90-BFF5-F508B9D2E31F}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{E5094040-C46C-4115-B030-04FB2E545B00}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{E5094040-C46C-4115-B030-04FB2E545B00}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{B087BE9D-ED37-454f-AF9C-04291E351182}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{B087BE9D-ED37-454f-AF9C-04291E351182}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{AADCED64-746C-4633-A97C-D61349046527}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{AADCED64-746C-4633-A97C-D61349046527}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{91FBB303-0CD5-4055-BF42-E512A681B325}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{91FBB303-0CD5-4055-BF42-E512A681B325}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{C418DD9D-0D14-4efb-8FBF-CFE535C8FAC7}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{E4F48E54-F38D-4884-BFB9-D4D2E5729C18}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{E4F48E54-F38D-4884-BFB9-D4D2E5729C18}" /v "TraceLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}" /v "LogLevel" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Group Policy\{BC75B1ED-5833-4858-9BB8-CBF0B166DF9D}" /v "TraceLevel" /t REG_DWORD /d "0" /f rem == restrict internet communication == reg add "HKLM\SOFTHIVE\Policies\Microsoft\InternetManagement" /v "RestrictCommunication" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoPublishingWizard" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform" /v "NoGenTicket" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Messenger\Client" /v "CEIP" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\PCHealth\ErrorReporting" /v "DoReport" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoInternetOpenWith" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Internet Connection Wizard" /v "ExitOnMSICW" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\EventViewer" /v "MicrosoftEventVwrDisableLinks" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Registration Wizard Control" /v "NoRegistration" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\SearchCompanion" /v "DisableContentFileUpdates" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DriverSearching" /v "DontSearchWindowsUpdate" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\WindowsUpdate" /v "DisableWindowsUpdateAccess" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\SQMClient\Windows" /v "CEIPEnable" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator" /v "NoActiveProbe" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\WMDRM" /v "DisableOnline" /t REG_DWORD /d "1" /f rem == prevent computer from sending data to microsoft regarding its activation state == reg add "HKLM\SOFTHIVE\Classes\AppID\slui.exe" /v "NoGenTicket" /t REG_DWORD /d "1" /f rem == disable error reporting == reg add "HKLM\SOFTHIVE\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Error Reporting" /v "DontSendAdditionalData" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Error Reporting" /v "LoggingDisabled" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\PCHealth\ErrorReporting" /v "IncludeKernelFaults" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\PCHealth\ErrorReporting" /v "AllOrNone" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\PCHealth\ErrorReporting" /v "IncludeMicrosoftApps" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\PCHealth\ErrorReporting" /v "IncludeWindowsApps" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\PCHealth\ErrorReporting" /v "IncludeShutdownErrs" /t REG_DWORD /d "0" /f rem == disable experimentation to study user preferences or device behavior == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\PreviewBuilds" /v "EnableConfigFlighting" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\PreviewBuilds" /v "EnableExperimentation" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\PreviewBuilds" /v "AllowBuildPreview" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\current\Device\System" /v "AllowExperimentation" /t REG_DWORD /d "0" /f rem == delete telemetry scheduled tasks == reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppID" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\AppxDeploymentClient" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Autochk" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\CloudExperienceHost" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Customer Experience Improvement Program" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Device Information" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Diagnosis" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskDiagnostic" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\DiskFootprint" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Flighting" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maps" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\NetTrace" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Offline Files" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Power Efficiency Diagnostics" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PushToInstall" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Ras" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Registry" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Synchronization" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Time Zone" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\User Profile Service" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Defender" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Filtering Platform" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator" /f reg delete "HKLM\SOFTHIVE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WaaSMedic" /f rem == disable cortana == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\default\Experience\AllowCortana" /v "value" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "AllowCloudSearch" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "DisableWebSearch" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchPrivacy" /t REG_DWORD /d "3" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchSafeSearch" /t REG_DWORD /d "3" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWeb" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Windows Search" /v "DeviceHistoryEnabled" /t REG_DWORD /d "0" /f rem == disable windows network connectivity status indicator (ncsi) == reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\default\Connectivity\DisallowNetworkConnectivityActiveTests" /v "value" /t REG_DWORD /d "1" /f rem == disable advertising info and accessing my language list == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AdvertisingInfo" /v "DisabledByGroupPolicy" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "EnableCdp" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\RunOnce" /v "HttpAcceptLanguageOptOut" /t REG_SZ /d "reg add \"HKCU\Control Panel\International\User Profile\" /v \"HttpAcceptLanguageOptOut\" /t REG_DWORD /d \"1\" /f" /f rem == disable typing insights & inking and typing personalization == reg add "HKLM\SOFTHIVE\Policies\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\InputPersonalization" /v "AllowInputPersonalization" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\TextInput" /v "AllowLinguisticDataCollection" /t REG_DWORD /d "0" /f rem == disable diagnostics & feedback == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "DisableEnterpriseAuthProxy" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "DoNotShowFeedbackNotifications" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "DisableOneSettingsDownloads" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "AllowCommercialDataPipeline" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "AllowDesktopAnalyticsProcessing" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\DataCollection" /v "AllowDeviceNameInTelemetry" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\PolicyManager\default\System\AllowTelemetry" /v "value" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "MaxTelemetryAllowed" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "MicrosoftEdgeDataOptIn" /t REG_DWORD /d "0" /f rem == disable cloud content == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\CloudContent" /v "DisableConsumerAccountStateContent" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\CloudContent" /v "DisableSoftLanding" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d "1" /f rem == disable application compatibility telemetry == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppCompat" /v "AITEnable" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppCompat" /v "DisableInventory" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppCompat" /v "DisablePCA" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppCompat" /v "DisableUAR" /t REG_DWORD /d "1" /f rem == disable activity history == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "EnableActivityFeed" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "PublishUserActivities" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "UploadUserActivities" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "AllowCrossDeviceClipboard" /t REG_DWORD /d "0" /f rem == disable location and sensors == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocation" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocationScripting" /t REG_DWORD /d "1" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableSensors" /t REG_DWORD /d "1" /f rem == block applications from being able to poll and connect to the windows push notification service (WNS) == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" /v "NoCloudApplicationNotification" /t REG_DWORD /d "1" /f rem == disable access to messaging == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\Messaging" /v "AllowMessageSync" /t REG_DWORD /d "0" /f rem == disable app permissions == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsGetDiagnosticInfo" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsRunInBackground" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessTrustedDevices" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessTasks" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsSyncWithDevices" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessRadios" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessPhone" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessNotifications" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMotion" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMicrophone" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMessaging" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessLocation" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessEmail" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessContacts" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCallHistory" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCalendar" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessAccountInfo" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsActivateWithVoice" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsActivateWithVoiceAboveLock" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessGraphicsCaptureProgrammatic" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\broadFileSystemAccess" /v "Value" /t REG_SZ /d "Deny" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\cellularData" /v "Value" /t REG_SZ /d "Deny" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\documentsLibrary" /v "Value" /t REG_SZ /d "Deny" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\location" /v "Value" /t REG_SZ /d "Deny" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone" /v "Value" /t REG_SZ /d "Deny" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\picturesLibrary" /v "Value" /t REG_SZ /d "Deny" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\videosLibrary" /v "Value" /t REG_SZ /d "Deny" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam" /v "Value" /t REG_SZ /d "Deny" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\wifiData" /v "Value" /t REG_SZ /d "Deny" /f rem == disable find my device == reg add "HKLM\SOFTHIVE\Policies\Microsoft\FindMyDevice" /v "AllowFindMyDevice" /t REG_DWORD /d "0" /f reg add "HKLM\SOFTHIVE\Microsoft\Settings\FindMyDevice" /v "LocationSyncEnabled" /t REG_DWORD /d "0" /f rem == prevent windows from setting the time automatically == reg add "HKLM\SOFTHIVE\Policies\Microsoft\W32time\TimeProviders\NtpClient" /v "Enabled" /t REG_DWORD /d "0" /f rem == disable updates to the disk failure prediction model == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\StorageHealth" /v "AllowDiskHealthModelUpdates" /t REG_DWORD /d "0" /f rem == prevent syncing settings to and from this PC == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisableApplicationSettingSync" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisableAppSyncSettingSync" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisableWebBrowserSettingSync" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisableDesktopThemeSettingSync" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisableSettingSync" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisableWindowsSettingSync" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisableCredentialsSettingSync" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisablePersonalizationSettingSync" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisableStartLayoutSettingSync" /t REG_DWORD /d "2" /f reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\SettingSync" /v "DisableSettingSyncUserOverride" /t REG_DWORD /d "1" /f rem == disable teredo == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\TCPIP\v6Transition" /v "Teredo_State" /t REG_SZ /d "Disabled" /f rem == turn off apps for websites == reg add "HKLM\SOFTHIVE\Policies\Microsoft\Windows\System" /v "EnableAppUriHandlers" /t REG_DWORD /d "0" /f rem == prevent SystemApps with telemetry from getting deployed == set key=HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\InboxApplications for %%i in ( AppRep.ChxApp CloudExperienceHost SecHealthUI Client.CBS ) do ( for /f %%a in ('reg query "%key%" /f %%i /k ^| find /i "InboxApplications"') do if not errorlevel 1 (reg delete %%a /f) ) rem == keep disabled apps from returning == reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\Microsoft.SecHealthUI_8wekyb3d8bbwe" /f reg add "HKLM\SOFTHIVE\Microsoft\Windows\CurrentVersion\Appx\AppxAllUserStore\Deprovisioned\MicrosoftWindows.Client.CBS_cw5n1h2txyewy" /f rem == hide Microsoft Edge from apps & features == reg delete "HKLM\SOFTHIVE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge" /f reg delete "HKLM\SOFTHIVE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Edge Update" /f reg unload HKLM\SOFTHIVE reg load HKLM\SYSHIVE mount\Windows\System32\config\SYSTEM rem == disable windows firewall == reg add "HKLM\SYSHIVE\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f reg add "HKLM\SYSHIVE\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f reg add "HKLM\SYSHIVE\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" /v "EnableFirewall" /t REG_DWORD /d "0" /f rem == disable windows network connectivity status indicator (ncsi) == reg add "HKLM\SYSHIVE\ControlSet001\Services\NlaSvc\Parameters\Internet" /v "EnableActiveProbing" /t REG_DWORD /d "0" /f rem == delete telemetry services == rem == error reporting == reg delete "HKLM\SYSHIVE\ControlSet001\Services\wercplsupport" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WerSvc" /f rem == indexing == reg delete "HKLM\SYSHIVE\ControlSet001\Services\WSearch" /f rem == location == reg delete "HKLM\SYSHIVE\ControlSet001\Services\lfsvc" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\MapsBroker" /f rem == microsoft edge == reg delete "HKLM\SYSHIVE\ControlSet001\Services\edgeupdate" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\edgeupdatem" /f rem == logging and tracing == reg delete "HKLM\SYSHIVE\ControlSet001\Services\diagnosticshub.standardcollector.service" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\dmwappushservice" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\pla" /f rem == windows defender == reg delete "HKLM\SYSHIVE\ControlSet001\Services\SecurityHealthService" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\Sense" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WdBoot" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WdFilter" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WdNisDrv" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WdNisSvc" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WinDefend" /f rem == windows diagnostics == reg delete "HKLM\SYSHIVE\ControlSet001\Services\DiagTrack" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\DPS" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WdiServiceHost" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WdiSystemHost" /f rem == windows insider == reg delete "HKLM\SYSHIVE\ControlSet001\Services\wisvc" /f rem == windows update == reg delete "HKLM\SYSHIVE\ControlSet001\Services\BITS" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\DoSvc" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\UsoSvc" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WaaSMedicSvc" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\WpnService" /f reg delete "HKLM\SYSHIVE\ControlSet001\Services\wuauserv" /f rem == disable windows firewall service == rem == deleting these services will cause system instability == reg add "HKLM\SYSHIVE\ControlSet001\Services\mpsdrv" /v "Start" /t REG_DWORD /d "4" /f reg add "HKLM\SYSHIVE\ControlSet001\Services\mpssvc" /v "Start" /t REG_DWORD /d "4" /f rem == prevent Windows from setting the time automatically == reg add "HKLM\SYSHIVE\ControlSet001\Services\W32Time\Parameters" /v "Type" /t REG_SZ /d "NoSync" /f rem == delete autologger telemetry == reg delete "HKLM\SYSHIVE\ControlSet001\Control\WMI\Autologger\CloudExperienceHostOobe" /f reg delete "HKLM\SYSHIVE\ControlSet001\Control\WMI\Autologger\Diagtrack-Listener" /f reg delete "HKLM\SYSHIVE\ControlSet001\Control\WMI\Autologger\SQMLogger" /f reg delete "HKLM\SYSHIVE\ControlSet001\Control\WMI\Autologger\WFP-IPsec Trace" /f reg unload HKLM\SYSHIVE reg load HKLM\NTUSER mount\Users\Default\NTUSER.DAT rem == disable smartscreen for microsoft edge == reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Edge\SmartScreenEnabled" /ve /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Edge\SmartScreenPuaEnabled" /ve /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows Security Health\State" /v "AppAndBrowser_EdgeSmartScreenOff" /t REG_DWORD /d "0" /f rem == disable typing insights & handwriting personalization == reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Input\Settings" /v "InsightsEnabled" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Input\Settings" /v "EnableHwkbTextPrediction" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Input\Settings" /v "EnableHwkbAutocorrection2" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\TabletTip\1.7" /v "EnableAutocorrection" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\TabletTip\1.7" /v "EnableSpellchecking" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\TabletTip\1.7" /v "EnableTextPrediction" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\TabletTip\1.7" /v "EnablePredictionSpaceInsertion" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\TabletTip\1.7" /v "EnableDoubleTapSpace" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Policies\Microsoft\Control Panel\International" /v "TurnOffAutocorrectMisspelledWords" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\SOFTWARE\Policies\Microsoft\Control Panel\International" /v "TurnOffHighlightMisspelledWords" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\SOFTWARE\Policies\Microsoft\Control Panel\International" /v "TurnOffInsertSpace" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\SOFTWARE\Policies\Microsoft\Control Panel\International" /v "TurnOffOfferTextPredictions" /t REG_DWORD /d "1" /f rem == disable advertising info and tracking app launches == reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Start_TrackProgs" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoRecentDocsHistory" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoResolveTrack" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoInstrumentation" /t REG_DWORD /d "1" /f rem == disable speech recognition == reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy" /v "HasAccepted" /t REG_DWORD /d "0" /f rem == disable inking & typing personalization == reg add "HKLM\NTUSER\Software\Microsoft\Input\TIPC" /v "Enabled" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\Software\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\Software\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\Software\Microsoft\InputPersonalization\TrainedDataStore" /v "HarvestContacts" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\Software\Microsoft\Personalization\Settings" /v "AcceptedPrivacyPolicy" /t REG_DWORD /d "0" /f rem == disable diagnostics & feedback == reg add "HKLM\NTUSER\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /v "DisableTailoredExperiencesWithDiagnosticData" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\Privacy" /v "TailoredExperiencesWithDiagnosticDataEnabled" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Siuf\Rules" /v "NumberOfSIUFInPeriod" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Siuf\Rules" /v "PeriodInNanoSeconds" /t REG_DWORD /d "0" /f rem == disable search permissions == reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\SearchSettings" /v "SafeSearchMode" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\SearchSettings" /v "IsMSACloudSearchEnabled" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\SearchSettings" /v "IsAADCloudSearchEnabled" /t REG_DWORD /d "0" /f reg add "HKLM\NTUSER\Software\Microsoft\Windows\CurrentVersion\SearchSettings" /v "IsDeviceSearchHistoryEnabled" /t REG_DWORD /d "0" /f rem == turn off all windows spotlight features (personalized experiences) == reg add "HKLM\NTUSER\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsSpotlightFeatures" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /v "DisableCloudOptimizedContent" /t REG_DWORD /d "1" /f rem == hide IndexingOptions from control panel == reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "DisallowCpl" /t REG_DWORD /d "1" /f reg add "HKLM\NTUSER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowCpl" /v "1" /t REG_SZ /d "Microsoft.IndexingOptions" /f reg unload HKLM\NTUSER rem == done disabling telemetry == rem == delete edge browser == for /f %%x in ('dir /b "mount\Program Files (x86)\Microsoft\Edge*"') do (rmdir /q /s "mount\Program Files (x86)\Microsoft\%%x") rem == create panther folder and add unnatend.xml == mkdir mount\Windows\Panther copy /y unattend.xml mount\Windows\Panther rem == unmount wim == dism /unmount-wim /mountdir:mount /commit rem == rebuild the install.wim == dism /Export-Image /SourceImageFile:install.wim /SourceIndex:1 /DestinationImageFile:install2.wim /checkintegrity del /f /q install.wim ren install2.wim install.wim rem == delete mount and scratch folders == rd /s /q mount rd /s /q temp pause exit Original Post Disable Telemetry in Windows 10, 11 & Server (Offline)