Skip to main content

1099 docs tagged with "windows"

View all tags

Advanced settings

This category configures Windows using 3 scripts. The category includes 3 subscripts.

Block Cortana and Live Tiles hosts

This script blocks specific hosts associated with Cortana and Live Tiles, thereby enhancing your preventing updates to Cortana's greetings, tips, and Live Tiles. Cortana and Live Tiles, part of the Universal Windows Platform (UWP), enable voice-activated app control and deliver timely information directly to users: directly on the Start menu, without opening the app. The Live Tiles feature, once available on Windows 8.1 and 10, has been replaced by the Widgets feature in Windows 11. ...

Block Dropbox telemetry hosts

This script prevents your computer from sending personal data to Dropbox's data collection servers, improving your privacy. Dropbox collects data such as: creation or when upgrading plans. Account Information: Includes your name, email, phone number, payment details, and address shared during account • Your Files: Covers data on files you save in Dropbox, their usage, and details. • Contacts: If granted access, Dropbox stores contacts. • Usage Information: Tracks how you use Drop...

Block Edge experimentation hosts

This script blocks the connection between Microsoft Edge and the Experimentation and Configuration Service (ECS). ECS delivers various updates to Microsoft Edge, including configurations, feature rollouts, and experiments: These settings are uniform for all users, based on their platforms and channels, and can enable or disable features as necessary. These features are not visible to all users and are activated or deactivated through experiment flags. Configurations aim to ensure the product...

Block Edge third party cookies

This script blocks third-party cookies in Microsoft Edge, enhancing your privacy by reducing tracking across various webpages. It prevents websites from setting cookies unless they match the domain in the address bar. This action limits potential tracking activities by third-party entities, which could otherwise track your web activities and gather information about you. Third-party cookies are enabled and not blocked by default on Edge. Disabling third-party cookies may impact the performance o...

Block location data sharing hosts

This script improves user privacy by disabling the transmission of location data to Microsoft's servers. Location data is utilized by various Windows applications, including the Camera app, to provide location-based services. However, the collection of such data raises privacy concerns as it involves transmitting potentially sensitive information such as OS version, device details, nearby wireless access points (including MAC addresses and signal strengths), and various unique identifiers. Sendi...

Block maps data and updates hosts

This script blocks servers that update offline maps and provide Bing Maps APIs for geospatial and location services. This action enhances privacy by preventing the transmission of your location data to Microsoft. Blocked Hosts - The blocked hosts are: "maps.windows.com" • "dev.virtualearth.net" • "ecn.dev.virtualearth.net" • "ecn-us.dev.virtualearth.net" • "weathermapdata.blob.core.windows.net" The following hosts are excluded (not blocked): Blocking this host impacts several features, including...

Block Microsoft connectivity check hosts (breaks internet connection status, captive portals)

This script prevents Windows from connecting to Microsoft connectivity check URLs. This script enhances your privacy by blocking specific hosts that Microsoft uses to collect your IP address. The blocked hosts are: "msftncsi.com" • "www.msftncsi.com" • "dns.msftncsi.com" • "ipv6.msftncsi.com" • "msftconnecttest.com" • "www.msftconnecttest.com" • "ipv6.msftconnecttest.com" However, this script may cause several side effects: It disrupts captive portal (hotspot) detection. • It impairs functionali...

Block OneNote Live Tile hosts

This script blocks the communication used by OneNote Live Tile. It enhances privacy by preventing OneNote from retrieving live data updates, which might include user-specific content or usage patterns. Live Tiles, a feature within UWP apps, automatically collect and display updated information directly on the Start menu, without opening the app. The Live Tiles feature, once available on Windows 8.1 and 10, has been replaced by the Widgets feature in Windows 11. Blocked Hosts - The blocke...

Block Photos app sync hosts

This script blocks connections to hosts the Photos app uses to download configuration files and interact with the shared infrastructure of the Office 365 portal, including browser-based Office applications. Blocked Hosts - The blocked hosts are: "evoke-windowsservices-tas.msedge.net"

Block remote configuration sync hosts

This script blocks specific hosts used by applications, such as "System Initiated User Feedback" and the "Xbox" app, to dynamically update their configuration These endpoints play a crucial role in remotely configuring diagnostics-related settings and data collection. For instance, they allow for the remote blocking of events being sent back to Microsoft or enrolling a device in the Windows diagnostic data processor configuration. Blocking these hosts can enhance your privacy by preventing certa...

Block Spotify Live Tile hosts

This script enhances privacy by preventing the Spotify application from fetching and displaying live updates on its Live Tile. Spotify, known for being pre-installed with Windows, can collect data in the background without user consent. This script stops the transmission of real-time data to the Spotify Live Tile, which may contain user-specific content or usage patterns. Live Tiles, a feature within UWP apps, automatically collect and display updated information directly on the Start menu, ...

Block Spotlight ads and suggestions hosts

This script blocks specific hosts used by Windows Spotlight to retrieve metadata, which includes image references, app suggestions, Microsoft account notifications, and Windows tips. Windows Spotlight aims to deliver dynamic content on the lock screen and other parts of the Windows interface, such as personalized ads and tips. By blocking these hosts, the script effectively prevents Windows Spotlight from downloading new lock screen images, app suggestions, account notifications, and tips. It im...

Block telemetry and user experience hosts

This script improves privacy by blocking data sharing to the Windows Connected User Experiences and Telemetry component. This component is responsible for collecting and transmitting diagnostic data and usage information to Microsoft, which is used to identify and fix problems, enhancing product and service offerings. While the collection of this data is intended to improve user experience by allowing Microsoft to address issues and enhance functionality, it raises privacy concerns for users w...

Block third-party app hosts

This category includes scripts that block network connections to third-party applications that collect data. These scripts stop your system from sending data to third parties, thereby protecting your personal information and possibly improving system performance by cutting down on superfluous data transfers.

Block tracking hosts

This category includes scripts that enhance privacy by blocking communications with hosts known for tracking and data collection. A host is a domain name serving as an address for a computer or resource on the Internet. These hosts are often used by software applications, operating systems, and services to collect data, which can include personal information, usage patterns, and more. By modifying the hosts file (a simple text file on your computer that maps domain names to IP addresses)...

Block Weather Live Tile hosts

This script blocks the communication used by Weather app and its Live Tile feature. Live Tiles, a feature within UWP apps, automatically collect and display updated information directly on the Start menu, without opening the app. The Live Tiles feature, once available on Windows 8.1 and 10, has been replaced by the Widgets feature in Windows 11. Blocked Hosts - The blocked hosts are: "tile-service.weather.microsoft.com"

Block Windows crash report hosts

This script prevents Windows from sending crash reports to Microsoft, enhancing your privacy. Windows Error Reporting (WER) creates minidumps (small memory snapshots at crash time) and sends them to Microsoft. Although intended to improve software by analyzing crash data, this feature raises privacy concerns such as: Inclusion of sensitive information within the dumps, such as personal data and passwords. • Data sharing with Microsoft and other third parties through the Windows Desktop Applicati...

Block Windows error reporting hosts

This script improves your privacy by preventing "Windows Error Reporting (WER)" from sending data about hardware and software issues back to Microsoft. WER is designed to collect diagnostic information and report it back to Microsoft, aiming to improve user experience by offering solutions to encountered problems. However, this feature can inadvertently expose sensitive system information. By default, error reporting information is sent to Microsoft, which may include details that users prefer t...

Clear "Cryptographic Services" diagnostic traces

This script removes specific files associated with the "Cryptographic Services". The files include: "%SYSTEMROOT%\\System32\\catroot2\\dberr.txt" • "%SYSTEMROOT%\\System32\\catroot2.log" • "%SYSTEMROOT%\\System32\\catroot2.jrs" • "%SYSTEMROOT%\\System32\\catroot2.edb" • "%SYSTEMROOT%\\System32\\catroot2.chk" The "Cryptographic Services" ("CryptSvc") service manages services such as key management for the computer. This service is used by different features, including Windows Updates. There is no official d...

Clear Adobe recent file history

This script removes the list of recently opened files in Adobe software. Adobe programs store a list of recently used files in the Windows registry. Each entry is labeled with a timestamp and includes details about the file opened at that specific time. This information can reveal a user's file activity patterns, potentially compromising privacy. By deleting these entries, the script: 1. Enhances privacy by eliminating traces of your recent file activity in Adobe programs. 2. May slightly improv...

Clear all Firefox user information and preferences

This script performs a reset of Mozilla Firefox, erasing all user profiles, settings, and personalized data to restore the browser to its default state. Firefox user profiles, encompassing bookmarks, browsing history, passwords, extensions, themes, and preferences. These folders are in: "C:\\Documents and Settings\\\\Application Data\\Mozilla\\Firefox\\Profiles\\" on Windows XP and earlier, • "%APPDATA%\\Mozilla\\Firefox\\Profiles\\" on Windows 10 an...

Clear browser history

This category configures Windows using 17 scripts. These scripts are organized in 4 categories. The category includes 1 subscripts and 4 subcategories that include more scripts and categories.

Clear Chrome history

This category configures Windows using 3 scripts. The category includes 3 subscripts.

Clear Chrome user data

This script configures Windows using Batch (batchfile). It runs ":: Clear directory contents :...".

Clear Defender scan (protection) history

This script deletes the scan history kept by Microsoft Defender on your computer. Microsoft Defender logs detected threats but also gathers and stores data about various other files it scans. While removing this history enhances your privacy, it might decrease security, as these logs assist in monitoring threats. By eliminating traces of your system's files, activities and any threats detected, you ensure no residual data can be utilized to study or analyze your computer's activities, thus prote...

Clear diagnostics tracking logs

This script deletes primary telemetry files in Windows. These files store event trace logs that are collected by the "DiagTrack" service. This service is also known as "Diagnostics Tracking Service" or "Connected User Experiences and Telemetry" service. These files are stored as Event Trace Log (".etl") files, also known as a trace logs. Contents of these files are transmitted to Microsoft servers. This services uses AutoLogger logs. AutoLogger allows saving trace logs early in the operating...

Clear DirectX recent application history

This script removes the most recent application usage data stored by DirectX to enhance privacy. DirectX is a set of Windows components that helps software (often games and multimedia applications) to work directly with video and audio hardware. It logs the most recent application data in the system registry. Attackers exploit this information to gather insights about a target's system or network. Forensic analysts use this information to study your behavior. This script enhances your privacy by...

Clear File Explorer address bar history

This script clears the history of paths you've typed in the File Explorer address bar. Windows stores recent paths entered in File Explorer (formerly known as Windows Explorer). This specifically targets paths that have been manually typed into the Address Bar. These can be file or folder locations. Windows saves up to 25 of these entries. The paths are saved upon closing the File Explorer window. This stored data includes: Full path typed • Date and time of entry This information may pose priva...

Clear Firefox browsing history (URLs, downloads, bookmarks, visits, etc.)

This script targets the Firefox browsing history, including URLs, downloads, bookmarks, and site visits, by deleting specific database entries. Firefox stores various user data in a file named "places.sqlite". This file includes: Annotations, bookmarks, and favorite icons ("mozannoattributes", "mozannos", "mozfavicons") • Browsing history, a record of pages visited ("mozplaces", "mozhistoryvisits") • Keywords and typed URLs ("mozkeywords", "mozinputhistory") • Item annotations (`moz_item...

Clear Firefox history

This category encompasses a series of scripts aimed at helping users manage and delete their browsing history and related data in Mozilla Firefox. The scripts are designed to target different aspects of user data stored by Firefox, providing users options for maintaining privacy and freeing up disk space.

Clear Internet Explorer typed URLs

This script deletes recently typed or pasted URLs from Internet Explorer's history. Internet Explorer stores typed URLs. It enables AutoComplete, which automatically suggests and fills in web addresses as you type. It's also used for populating the URL drop-down menu with previously visited sites. This data includes: Typed URLs: Web addresses entered in the address bar • Typed filepaths: Files or folders typed on some versions of Internet Explorer. • Visit dates: The most recent acce...

Clear Java cache

This script configures Windows using Batch (batchfile). It runs ":: Clear directory contents :...".

Clear logs for pending/unsuccessful file rename operations

This script is used to clear the log files created by Windows whenever there are pending file rename operations that are not successfully completed. The logged operations might include renaming, moving or deleting a file that is currently in use.

Clear logs generated by Disk Cleanup Tool ("cleanmgr.exe")

This script is used to clear the log files generated by the Disk Cleanup Tool (cleanmgr.exe). These logs are generated when the Disk Cleanup Tool is used to free up disk space. Log files for this tool are stored in "C:\\Windows\\System32\\LogFiles\\setupcln\\". Erasing these logs can enhance user privacy by removing traces of the cleanup process. These logs are known to be used in forensic analysis.

Clear Microsoft Paint recent files history

This script removes the list of recently used files in Microsoft Paint. When you open or save an image file in Paint ("mspaint.exe"), it adds the image to the File > Recent pictures history list. This list provides quick access to recently used files but also creates a record of your Paint usage. The Paint registry keys are created only after you use the application. These keys store information such as: File names of recently opened images • Dates when images were last closed • Other relate...

Clear network drive mapping history

This script removes the history of mapped network drives from your system. Windows allows users to map network drives, which assigns a drive letter to a shared folder on a remote system. This makes accessing shared resources easier, as if they were local drives. When you map a network drive, Windows stores information about it. These stored details includes: The network path (UNC) of the mapped drive • When the drive was last accessed • Other mapped drive paths While convenient, this stored info...

Clear offline Visual Studio usage telemetry data

This script removes offline telemetry data in Visual Studio to enhance privacy and potentially improve system performance. These telemetry files, known as SQM (Service Quality Monitoring or Software Quality Metrics), contain details about application usage, errors, and performance. SQM files are created and used by Microsoft to gather data for the Microsoft Customer Experience Improvement Program. When offline, Visual Studio stores these files in the user's local application data folder. Rem...

Clear OneDrive environment variable

Since Windows 10 1809, Microsoft introduced "%ONEDRIVE%" environment variable to reach OneDrive through an alias. This variable is redundant when OneDrive is undesired. This script deletes "OneDrive" environment variable. "OneDrive" key at "HKCU\\Environment" is found on both Windows 10 (since 21H2, missing in 20H2) and Windows 11 (since 23H2).

Clear prefetch folder

This script deletes the contents of "%SYSTEMROOT%\\Prefetch\\*", typically pointing to "C:\\Windows\\Prefetch\\". What is Prefetch? Introduced in Windows XP, Prefetch was developed by Windows to expedite application startup and the boot process. It works by preemptively loading data and code pages into memory from the disk before requests, monitoring application's startup page faults, and storing the gathered data in the Prefetch directory. Why Clear the Prefetch Directory? Over time, many fi...

Clear privacy.sexy activity logs

This script removes log files generated by the privacy.sexy desktop application. Different from the web version, the desktop application records logs for troubleshooting. Additionally, these logs offer auditing and transparency for security. Deleting these logs can help maintain your privacy by ensuring there are no records of the application's activities on your system.

Clear privacy.sexy data

This category offers scripts to remove data left by the privacy.sexy desktop application, helping you ensure your privacy by eliminating all traces of use. The web application version of privacy.sexy does not create or store user data on your device, so this category is applicable to desktop application users only. These scripts are designed for anyone wanting to ensure their script activities leave no trace on their systems.

Clear privacy.sexy script history

This script removes script files generated by the privacy.sexy desktop application. The desktop version executes scripts directly on your device, saving a script file for execution, troubleshooting, and security. By running this script, you remove the executed script files, enhancing your privacy by ensuring that there is no residual data that could reveal your usage patterns or preferences.

Clear Quick Access lists

This category focuses on managing Jump Lists in Windows. This feature was first introduced with Windows 7 in July 2009 and has been included in subsequent versions. These lists are found in the Start Menu or Taskbar and provide quick access to recently opened files and folders. The privacy concern with Jump Lists is their detailed recording of user activities. They store data such as file names, directory paths, MAC (Modified, Accessed, Created) timestamps, network information, volume names, and...

Clear Quick Access pinned items

This script removes "CustomDestinations" Jump List files in Windows. These files are hidden and located in "%APPDATA%\\Microsoft\\Windows\\Recent\\CustomDestinations". "CustomDestinations" files are created by different applications to enable users to pin items such as tasks and files or applications. This includes tasks like opening a new browser window or creating a new spreadsheet, as well as files and applications frequently used. They are commonly used by web browsers and media players to store...

Clear Quick Access recent files

This script clears the "AutomaticDestinations" Jump List files in Windows. It improves user privacy by removing traces of recent file and application usage. These files are automatically created when a user opens a file or an application. They help users quickly access recently or frequently used items, usually via the Windows taskbar. They are hidden and do not appear in Windows Explorer. The files are located in "%APPDATA%\\Microsoft\\Windows\\Recent\\AutomaticDestinations". These files are identi...

Clear recent activity

This category includes scripts that erase traces of recent user activities on Windows. These scripts enhance privacy by removing records of accessed files, used applications, and changed system settings. Clearing recent activity is crucial for protecting your privacy. Your computer keeps detailed logs of your actions, creating a digital footprint that can reveal sensitive information about your habits, interests, and personal life. This data can be exploited by cybercriminals, aggressive markete...

Clear recent application history

This script removes the list of recently opened applications from the Windows Registry. Windows keeps track of applications used to open or save files in the "Open" and "Save" dialog boxes. This information includes: The last program used to access files in these dialogs • Timestamps of when programs were executed (in Windows Vista and later) • The order of entries, from most recently used • The folder location of the last file accessed by each application Digital forensic analysts often use thi...

Clear recent files and folders history

This script enhances privacy by removing traces of recently accessed files and folders from the Windows system. Windows automatically tracks and stores information about files and folders accessed by users. This data is maintained in various registry keys and includes details such as file names, types, access dates, and full paths. This information persists even after the original files or folders are deleted. This data is commonly used for forensic analysis to study your behavior. It can reveal...

Clear Safari cache

This script configures Windows using Batch (batchfile). It runs ":: Delete files matching pattern:...".

Clear Safari cookies

This script configures Windows using Batch (batchfile). It runs ":: Delete files matching pattern:...".

Clear Safari history

This category configures Windows using 4 scripts. The category includes 4 subscripts.

Clear Server-initiated Healing Events system logs

These are logs related to Windows Update. It stores event trace log (ETL) files. While the logs are largely technical, like many diagnostic logs, there's a potential for some data that could be considered personally identifiable information (PII), such as usernames or machine names, to be included. From a forensic standpoint, they offer valuable data for reconstructing system events related to software updates : any that were automatically remediated. when reconstructing events leading up to a p...

Clear Steam cache

This script configures Windows using Batch (batchfile). It runs ":: Clear directory contents :...".

Clear Steam data

This category configures Windows using 3 scripts. The category includes 3 subscripts.

Clear Steam dumps

This script configures Windows using Batch (batchfile). It runs ":: Clear directory contents :...".

Clear Steam traces

This script configures Windows using Batch (batchfile). It runs ":: Clear directory contents :...".

Clear System Resource Usage Monitor (SRUM) data

This script deletes the Windows System Resource Usage Monitor (SRUM) database file. SRUM tracks the usage of desktop applications, services, Windows applications, and network connections. SRUM stores its file at "C:\\Windows\\System32\\sru\\SRUDB.dat". Before deleting the file, the script temporarily stops the Diagnostic Policy Service (DPS). The DPS helps Windows detect and solve problems with its components. Stopping this service is required as modifications to the SRUM file require it to be turne...

Clear temporary system folder

This script eliminates the contents of the "%SYSTEMROOT%\\Temp\\" directory, also known as the Windows Temp directory. This directory is located within the Windows system folder "%SystemDrive%\\Windows\\Temp\\". It is used by the system and system-level processes to store temporary files, including those generated by the operating system and other system-level software. This folder, protected by specific access control lists (ACL), is accessible only to system-level accounts. Known for being utilized...

Clear temporary user folder

This script deletes the contents of the "%TEMP%\\" (or "%LOCALAPPDATA%\\Temp\\", "%TMP%\\") directory, used by applications and processes to store temporary files. This directory is situated within the user profile "%SystemDrive%\\Users\\\\AppData\\Local\\Temp". Only the respective profile user can read and write to this folder. This folder's usage for understanding user behavior in forensics raises privacy concerns. Its content deletion, a regular operation performed by Windows system tools li...

Clear temporary Windows files

This category covers removal of temporary Windows files. It is recommended to clean these files as they can be used for unauthorized analysis of user behavior and system usage. They may also potentially host malicious software. Eliminating these files significantly enhances the security and privacy of the system. Microsoft advises this cleanup for enhanced security. Besides enhancing security, removing these files also frees up disk space. However, removing temporary files might lead to a slight...

Clear third-party application data

This category configures Windows using 19 scripts. These scripts are organized in 5 categories. The category includes 4 subscripts and 3 subcategories that include more scripts and categories.

Clear thumbnail cache

This script configures Windows using Batch (batchfile). It runs ":: Delete files matching pattern:...".

Clear Visual Studio 2010 license

This script removes the license information for Visual Studio 2010. Visual Studio 2010 is an integrated development environment (IDE) by Microsoft. It simplifies creating, debugging, and deploying applications. It was released in 2010. Its official support ended in 2015, and extended support ended in October 2020. This means it's no longer receiving security updates or bug fixes, making it potentially vulnerable. The script removes the license associated with Visual Studio 2010's product GUID: `...

Clear Visual Studio 2013 license

This script removes the license information for Visual Studio 2013. Visual Studio 2013 is an integrated development environment (IDE) by Microsoft. It was released in October 2013. It introduced roaming support, notifications, improved update experience, and various productivity enhancements. It improved the interface, added coding shortcuts, supported Windows apps development, combined web development tools, enabled cloud testing, and enhanced team collaboration. Microsoft ended official suppor...

Clear Visual Studio 2015 license

This script removes the license information for Visual Studio 2015. Visual Studio 2015 is an integrated development environment (IDE) by Microsoft. It was released on July 20, 2015. Visual Studio 2015 improved support for various programming languages and platforms, especially for mobile and cross-platform development. It offered enhanced setup customization for lighter and quicker installations, and integrated a streamlined account management experience. It included tools for developing Android...

Clear Visual Studio 2017 license

This script removes the license information for Visual Studio 2017. Visual Studio 2017 is an integrated development environment (IDE) created by Microsoft. It was released on March 7, 2017. Visual Studio 2017 focuses on improving performance with a faster, more efficient lightweight installation process. It enhances cloud and mobile development, providing integrated tools for .NET Core, Azure applications, Docker containers, and streamlined mobile app creation for Android, iOS, and Windows. Micr...

Clear Visual Studio 2019 license

This script removes the license information for Visual Studio 2019. Visual Studio 2019 is an integrated development environment (IDE) developed by Microsoft. It was released on April 2, 2019. Visual Studio 2019 improves productivity with enhanced performance, code cleanup tools, and more efficient search functionality. It facilitates collaboration through Git-focused workflows and integrated code reviews. The IDE also offers advanced debugging capabilities, including memory optimization and auto...

Clear Visual Studio 2022 license

This script removes the license information for Visual Studio 2022. Visual Studio 2022 is an integrated development environment (IDE) by Microsoft for software development. It was released on November 8, 2021. Visual Studio 2022 introduces AI-powered enhancements such as IntelliSense and IntelliCode for smarter, faster coding, alongside GitHub Copilot for improved code completion and debugging. It also offers improved productivity with a 64-bit IDE, better cross-platform development tools, and a...

Clear Visual Studio licenses

This category removes locally stored Visual Studio license information to enhance privacy. Visual Studio is an integrated development environment (IDE) for writing, editing, debugging, and building code. It offers tools like compilers, code completion, and supports various programming languages and platforms. Visual Studio stores a local copy of your license information. It remains even after uninstalling the software. This applies to both purchased products and free trials. The stored data may ...

Clear Visual Studio telemetry and feedback data

These scripts delete data about you and your behavior that's locally stored by Visual Studio on your computer. These do not clear data that's already collected in Microsoft servers, but it can prevent sending more data by deleting data waiting to be sent.

Clear Visual Studio telemetry data

"vstelemetry" is a folder created by both Visual Studio and also by SQL Server Management Studio to store telemetry data. There has been security vulnerabilities through these folders that were patched in 2020 by Microsoft.

Clear Visual Studio temporary telemetry and log data

These logs area created by different tools that Visual Studio uses such as its launcher, installer or data collection agents. Folders include "VSFaultInfo", "VSFeedbackPerfWatsonData", "VSFeedbackCollector", "VSFeedbackVSRTCLogs", "VSRemoteControl", "VSFeedbackIntelliCodeLogs", "VSTelem", "VSTelem.Out". There are more log and cache data stored by Visual Studio, but not all of them come with privacy implications. These files can be useful for faster loading, so this script removes only the sensit...

Clear Visual Studio usage data

Visual Studio is an integrated development environment (IDE) from Microsoft that is used to develop software. Visual Studio store data such as your usage of the software and also information about your hardware. The data is stored both in Microsoft cloud and locally on computer. These scripts allow you to delete the local data that might reveal your personally identifiable data about you or the way you use the product.

Clear Webpage Icons

This script configures Windows using Batch (batchfile). It runs ":: Delete files matching pattern:...".

Clear Windows log and caches

This category configures Windows using 23 scripts. These scripts are organized in 2 categories. The category includes 4 subscripts and 1 subcategories that include more scripts and categories.

Clear Windows Media Player recent activity history

This script clears the recent activity history in Windows Media Player. Windows Media Player automatically stores files and URLs you recently played for easy access through the history list. It also stores recently added radio station entries. This data can be exploited by attackers to gather information about you. The script improves privacy by removing traces of your media consumption habits. It may also enhance system performance by clearing unnecessary data. This script mimics the Tools > ...

Clear Windows Registry favorite locations

This script removes saved favorite locations in the Windows Registry Editor. The Windows Registry Editor ("regedit") allows users to save frequently accessed registry locations as favorites. This information is typically used by forensic analysts to study your behavior. Clearing these favorites removes traces of your commonly accessed registry locations, enhancing your privacy. It may also improve system performance by reducing unnecessary data in the registry. This script deletes all values und...

Clear Windows Registry last-accessed key

This script removes the record of the last visited Windows Registry key. The Windows Registry stores the location of the last key visited using "regedit.exe". This information is used to open the registry at the same location when "regedit.exe" is started again. Forensic analysts often use this data to study user behavior and activity. By clearing this information, you improve your privacy by reducing traces of your system interactions. This script may also improve system performance by reduci...

Clear Windows Registry recent activity

This category focuses on removing specific types of usage data from the Windows Registry to enhance privacy and improve system performance. The Windows Registry is a hierarchical database that stores settings, configurations, and options for the operating system, installed applications, and user preferences. It's like a central storage system for Windows and its programs. As users interact with their system and software, usage data and traces accumulate in the registry. This information is often...

Clear Windows Run command history

This script clears the Most Recently Used (MRU) list in Windows Run. Windows Run is a utility that allows users to quickly open programs, files, folders, and web pages. It's also known as the Windows Run dialog box, Windows Command Window, Windows Run Box, Windows Run utility, and Windows Run window. You can access it by: Pressing Windows logo key + R • Searching for Run in the Start Menu • Running specific commands: • "explorer shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}" • `SYST...

Clear Windows Search history

This script clears Windows search history to enhance privacy. Windows records search keywords used on your device. This data includes search terms and dates. It's used in forensic analysis to study user behavior. Clearing search history improves privacy by removing this potentially sensitive information. It may also improve system performance by freeing up storage space. Technical Details - The script enhances privacy by deleting this tracking information from the following locations: Used by Wi...

Clear Windows setup logs

This script configures Windows using Batch (batchfile). It runs ":: Delete files matching pattern:...".

Clear Windows system log files

This category configures Windows using 19 scripts. These scripts are organized in 1 categories. The category includes 14 subscripts and 1 subcategories that include more scripts and categories.

Clear Windows update files

This script clears the contents of the "%SYSTEMROOT%\\SoftwareDistribution\\" directory. This action is sometimes called resetting the Windows Update Agent or resetting Windows Update components by Microsoft. This directory contains Windows Update files. It includes logs of Windows updates, downloaded updates, and database files related to the updates. Over time, the size of this folder can increase, leading to potential disk space issues. Clearing this directory can help free up disk space. T...

Clear Windows update installation logs

This script is used to clear the log files created during the Windows update installation process. This includes both the actions log ("setupact.log") and the error log ("setuperr.log"). These files contains information about initializing setup and typically used if setup fails to launch.

Clear WordPad recent file history

This script removes the most recently used (MRU) file list from WordPad, enhancing user privacy. WordPad stores the names and paths of recently opened files. Unlike Microsoft Office Word, WordPad doesn't offer a built-in feature to clear this list. This data can be used in forensic investigations to analyze user behavior. The stored information includes: File Name: The name of the file opened in WordPad • File Path: The complete path to the file • File Modified Date/Time: When the MR...

Configure browsers

This category includes scripts that enhance privacy by adjusting browsers to prevent tracking, minimize data leaks, and restrict personalized ads. These changes help protect user privacy across different web browsers and optimize system performance by reducing privacy-invasive processing.

Configure Chrome

This category contains scripts that adjust Google Chrome settings to enhance privacy, security, and potentially improve system performance Google Chrome collects a variety of data: Browsing Data: URLs, cached content, and IP addresses from visited pages. • Personal Information and Passwords: Data used to autofill forms and sign into sites. • Cookies and Site Data: Information from websites you visit. • Download Records: Details of your internet downloads. • Usage Statistics and...

Configure Edge

This category contains scripts that adjust Microsoft Edge settings to enhance privacy, security, and potentially improve system performance This category is designed for Chromium-based Edge only, not for legacy Edge. Edge (Chromium) is the current version of Microsoft Edge, replacing Edge (Legacy). It comes pre-installed on all Windows versions starting from Windows 10 20H2. Older versions are automatically upgraded to Edge (Chromium) through Windows updates. Edge collects personal data, includi...

Configure Edge (Legacy)

This category contains scripts for configuring Edge (Legacy). Edge (Legacy) has been replaced by Edge (Chromium). It is no longer included on modern Windows versions starting with Windows 10 20H2. Additionally, it is systematically removed from older Windows versions through updates.

Configure Firefox

This category provides scripts for enhancing Firefox privacy by limiting data shared with Mozilla.

Configure how downloaded files are handled

These scripts configures Attachment Manager included in Windows that takes further actions for files that you receive or download such as storing classification metadata and notifying other software.

Configure programs

This category configures Windows using 111 scripts. These scripts are organized in 22 categories. The category includes 5 subscripts and 9 subcategories that include more scripts and categories.

Disable "Adobe Acrobat Update Service" service

This script disables the "AdobeARMservice" service. This service is officially named "Adobe Acrobat Update Service". It starts automatically when your PC boots, runs in the background, and installs updates if found. Its primary function is to keep your Adobe software up to date. Disabling this service can help optimize your system's performance and reduce unwanted data collection. Overview of default service statuses - "AdobeARMservice" (tested on Adobe Acrobat version 23.006): | OS Version | St...

Disable "Adobe Acrobat Update Task" scheduled task

This script disables the "Adobe Acrobat Update Task" scheduled task. It is responsible for keeping your Adobe Reader and Acrobat applications up to date with the latest enhancements and security fixes. By disabling it, you reduce the system's exposure to potential vulnerabilities, though at the cost of not receiving automatic updates in the background. Overview of default task statuses - "\\Adobe Acrobat Update Task" (tested on Adobe Acrobat version 23.006): | OS Version | Default status | ...

Disable "Adobe Update Service" service

This script disables the "adobeupdateservice" service. This service is responsible for updating Creative Cloud desktop apps. It runs continuously in the background. It manages the privileges required for various actions, such as installing app updates and syncing fonts. This allows Adobe to perform its actions without prompting you for your system password or approval. This service has had vulnerabilities in the past, including the Privilege Escalation Unquoted Service Path vulnerability, making...

Disable "Connected User Experiences and Telemetry" ("DiagTrack") service

Details: Connected User Experiences and Telemetry - Windows 10 Service - batcmd.com | batcmd.com Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 21H1) | 🟢 Running | Automatic | | Windows 11 (≥ 22H2) | 🟢 Running | Automatic |

Disable "Delivery Optimization" service (breaks Microsoft Store downloads)

Delivery Optimization is a Windows feature that provides the Windows Updates through peer-to-peer sharing. In simple terms, instead of solely relying on Microsoft's servers for updates, your computer can also fetch them from other devices that already possess the necessary files. The "Delivery Optimization" service manages these content delivery tasks. It orchestrates the retrieval of updates both from other Windows users. In doing so, it connects to various Microsoft service points to collect d...

Disable "Device User" task

This script disables the "Device User" scheduled task. According to the Task Scheduler, this task triggers the execution of the "%SYSTEMROOT%\\System32\\devicecensus.exe UserCxt" command in Windows 10 and 11. This component collects device and configuration data, which is then sent to Microsoft. By disabling this task, users can prevent this specific data collection process, enhancing their privacy. Overview of default task statuses - "\\Microsoft\\Windows\\Device Information\\Device User": | OS Versi...

Disable "Device" task

This script disables the "Device" scheduled task. According to the Task Scheduler, this task triggers the execution of the "%SYSTEMROOT%\\System32\\devicecensus.exe SystemCxt" command in Windows 10 and 11. This component collects device and configuration data, which is then sent to Microsoft. By disabling this task, users can prevent this specific data collection process, enhancing their privacy. Overview of default task statuses - "\\Microsoft\\Windows\\Device Information\\Device": | OS Version ...

Disable "Diagnostic Execution Service" ("diagsvc")

Details: Diagnostic Execution Service - Windows 10 Service - batcmd.com Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 21H1) | 🔴 Stopped | Manual | | Windows 11 (≥ 22H2) | 🔴 Stopped | Manual |

Disable "Diagnostics Hub Standard Collector" service

Details: Microsoft (R) Diagnostics Hub Standard Collector Service - Windows 10 Service - batcmd.com | batcmd.com Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 21H1) | 🔴 Stopped | Manual | | Windows 11 (≥ 22H2) | 🔴 Stopped | Manual |

Disable "Direct Play" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "DirectPlay" | | Display name | DirectPlay | | Description | Enables the installation of DirectPlay component. | | Default (Windows 11 ≥ 23H2) | 🔴 Disabled | | Default (Windows 10 ≥ 22H2) | 🔴 Disabled |

Disable "Dropbox Update Service" services

Dropbox operates using two Windows services, "dbupdate" and "dbupdatem", to manage automatic updates. Disabling these services can help enhance privacy and optimize system performance. Overview of default service statuses - "dbupdate" (Dropbox Update Service, tested on Dropbox version 184.4): | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 22H2) | 🔴 Stopped | Automatic | | Windows 11 (≥ 22H2) | 🔴 Stopped | Automatic | "dbupdatem" (Dropbox Update Service,...

Disable "ExploitGuard MDM policy Refresh" task

This script disables the "ExploitGuard MDM policy Refresh" scheduled task. The task is originally described in the Task Scheduler as: "Task for applying changes to the machine's Exploit Protection settings". Windows Defender Exploit Guard is a security feature in Windows, designed to prevent potential intrusions. It encompasses various components such as "Attack Surface Reduction (ASR)", "Network protection", "Controlled folder access", and "Exploit protection". Specifically, the "ExploitGuard M...

Disable "Firewall & network protection" section in "Windows Security"

This script hides the "Firewall & network protection" section in the "Windows Security" interface. Previously, this interface was called "Windows Defender Security Center". The "Firewall & network protection" section provides details about the device's firewalls and network connections. It shows the status of both the Windows Defender Firewall and any other third-party firewalls. However, after using this script, users will no longer see this section in the "Windows Security" interface. This scr...

Disable "Google Update Service" services

This script disables the "Google Update Service" services. These services are identified as "gupdate" and "gupdatem". They are responsible for keeping Google software up to date by initiating updates. They are linked to the "GoogleUpdate.exe" executable located in the "%PROGRAMFILES%\\Google\\Update" directory. The services operate based on a client/service model, where the client requests services to conduct updates. Despite both services being named "Google Update Service", they are associated w...

Disable "Hyper-V GUI Management Tools" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Microsoft-Hyper-V-Management-Clients" | | Display name | Hyper-V GUI Management Tools | | Description | Includes the Hyper-V Manager snap-in and Virtual Machine Connection tool. | | Default (Windows 11 ≥ 23H2) | 🔴 Disabled | | Default (Windows 10 ≥ 22H2) | 🔴 Disabled |

Disable "Hyper-V Management Tools" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Microsoft-Hyper-V-Tools-All" | | Display name | Hyper-V Management Tools | | Description | Includes GUI and command-line tools for managing Hyper-V. | | Default (Windows 11 ≥ 23H2) | 🔴 Disabled | | Default (Windows 10 ≥ 22H2) | 🔴 Disabled |

Disable "Hyper-V Module for Windows PowerShell" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Microsoft-Hyper-V-Management-PowerShell" | | Display name | Hyper-V Module for Windows PowerShell | | Description | Includes Windows PowerShell cmdlets for managing Hyper-V. | | Default (Windows 11 ≥ 23H2) | 🔴 Disabled | | Default (Windows 10 ≥ 22H2) | 🔴 Disabled |

Disable "Hyper-V" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Microsoft-Hyper-V-All" | | Display name | Hyper-V | | Description | Provides services and management tools for creating and running virtual machines and their resources. | | Default (Windows 11 ≥ 23H2) | 🔴 Disabled | | Default (Windows 10 ≥ 22H2) | 🔴 Disabled |

Disable "Internet Explorer" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Internet-Explorer-Optional-amd64", "Internet-Explorer-Optional-x84", "Internet-Explorer-Optional-x64" | | Display name | Internet Explorer 11 | | Description | Finds and displays information and Web sites on the Internet. | | Default (Windows 11 ≥ 23H2) | 🟡 Missing | | Default (Windows 10 ≥ 22H2) | 🟢 Enabled (or 🟡 Missing based on architecture) |

Disable "Internet Printing Client" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Printing-Foundation-InternetPrinting-Client" | | Display name | Internet Printing Client | | Description | Enables clients to use HTTP to connect to printers on Web print servers | | Default (Windows 11 ≥ 23H2) | 🟢 Enabled | | Default (Windows 10 ≥ 22H2) | 🟢 Enabled |

Disable "Inventory Collector" task

This script disables the "Inventory Collector" task on your computer. The Inventory Collector is a feature in Windows that gathers data about the applications, files, devices, and drivers on your system and sends this information to Microsoft. This process is used to help solve compatibility problems, ensuring that your software and hardware work together without issues. Running this script will turn off the Inventory Collector, ensuring no data is sent to Microsoft. It also stops the collection...

Disable "Legacy Components" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "LegacyComponents" | | Display name | Legacy Components | | Description | Controls legacy components in Windows. | | Default (Windows 11 ≥ 23H2) | 🔴 Disabled | | Default (Windows 10 ≥ 22H2) | 🔴 Disabled |

Disable "Logitech Gaming Registry Service"

Overview of default service statuses - "LogiRegistryService" (tested on Logitech Gaming Software version on 04.49): | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 22H2) | 🟢 Running | Automatic | | Windows 11 (≥ 22H2) | 🟢 Running | Automatic |

Disable "LPD Print Service" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Printing-Foundation-LPDPrintService" | | Display name | LPD Print Service | | Description | Makes your Windows computer work as a Line Printer Daemon (LPD) and Remote Line Printer client | | Default (Windows 11 ≥ 23H2) | 🔴 Disabled | | Default (Windows 10 ≥ 22H2) | 🔴 Disabled |

Disable "LPR Port Monitor" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Printing-Foundation-LPRPortMonitor" | | Display name | LPR Port Monitor | | Description | Enables clients to print to TCP/IP printers connected to a Unix (or VAX) server | | Default (Windows 11 ≥ 23H2) | 🔴 Disabled | | Default (Windows 10 ≥ 22H2) | 🔴 Disabled |

Disable "Malicious Software Reporting Tool" diagnostic data

This script prevents Microsoft's Malicious Software Reporting Tool (MSRT) from transmitting diagnostic data. Malicious Software Reporting Tool is a component of the Malicious Software Removal Tool (MSRT). The MSRT is designed to detect and remove specific, prevalent malware from Windows computers. The tool is integrated into Defender Antivirus. It's also downloaded and run automatically by Windows Update in the background. This tool raises significant privacy concerns: to track citiz...

Disable "Media Features" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "MediaPlayback" | | Display name | Media Features | | Description | Controls media features such as Windows Media Player. | | Default (Windows 11 ≥ 23H2) | 🟢 Enabled | | Default (Windows 10 ≥ 22H2) | 🟢 Enabled |

Disable "Microsoft Defender Antivirus Network Inspection System Driver" service

https://web.archive.org/web/20240314062056/https://batcmd.com/windows/10/services/wdnisdrv/ • https://web.archive.org/web/20240609145030/https://learn.microsoft.com/en-us/defender-endpoint/troubleshoot-onboarding?view=o365-worldwide Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 22H2) | 🟢 Running | Manual | | Windows 11 (≥ 23H2) | 🔴 Stopped | Manual |

Disable "Microsoft Office Subscription Heartbeat" task

This script disables the "Microsoft Office Subscription Heartbeat" scheduled task. The primary function of the Office Subscription Heartbeat task is to periodically check the subscription status of Microsoft Office products, verifying their licenses are active and valid. This task actively communicates with Microsoft servers, transmitting Microsoft account data for license verification. Disabling this task improves privacy as it prevents these regular communications and data transmissions, thoug...

Disable "Microsoft Print to PDF" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Printing-PrintToPDFServices-Features" | | Display name | Microsoft Print to PDF | | Description | Provides binaries on the system for creating the Microsoft Print to PDF Print Queue | | Default (Windows 11 ≥ 23H2) | 🟢 Enabled | | Default (Windows 10 ≥ 22H2) | 🟢 Enabled |

Disable "Microsoft XPS Document Writer" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Printing-XPSServices-Features" | | Display name | Microsoft XPS Document Writer | | Description | Provides binaries on the system for creating the XPS Document Writer Print Queue. | | Default (Windows 11 ≥ 23H2) | 🔴 Disabled | | Default (Windows 10 ≥ 22H2) | 🟢 Enabled |

Disable "Net.TCP Port Sharing" feature

This script disables the "Net.TCP Port Sharing" feature. This feature is part of Windows Communication Foundation (WCF). This feature enables multiple WCF applications to share the same TCP port. It manages incoming connections and routes them to the appropriate application based on the destination address found in the message stream. This increases the system's attack surface: access by attackers if compromised. When applications share the same port, more applications are exposed to network tra...

Disable "Network List Service (NLS)" service (breaks connectivity status, network identification, network connection icon, connectivity with some Microsoft apps)

This script disables "Network List Service (NLS)" service. This service is technically identified as "netprofm". NLS collects and stores properties for connected networks and notifies applications of changes. It manages network-related information similarly to how a computer caches domain name IP addresses. Benefits of disabling NLS: Disabling this service halts communication with Microsoft servers for connectivity detection. Any service or application is a potential point of attack. It's a secu...

Disable "Network Location Awareness (NLA)" service (breaks auto-reconnect, connectivity status, network identification)

This script disables the Network Location Awareness (NLA) service. NLA collects and stores network configuration information and notifies programs of changes. This data collection can pose privacy concerns. It determines network connectivity type and properties, helping Windows manage connections. NLA uses the Network Connectivity Status Indicator (NCSI) to assess internet connectivity. NCSI is responsible for detecting Internet connectivity status. Key functions of NLA: Generates unique identif...

Disable "Nvidia Telemetry Container" service

Disable Nvidia Telemetry tracking on Windows - gHacks Tech News Overview of default service statuses - "NvTelemetryContainer" (tested on driver version 497.09 on Windows 11 23H2): | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 11 (≥ 21H2) | 🟡 Missing | N/A |

Disable "NVIDIA telemetry monitor" task

This script disables the "NVIDIA telemetry monitor" scheduled task related to the "NvTmMon" process. The telemetry monitor collects and sends data to NVIDIA. Turning off this task prevents "C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvTmMon.exe" from running and transmitting data. Overview of default task statuses - "\\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}": | OS Version | Default status | | ---------------- | -------------- | | Windows 10 22H2 | 🟡 N/A (missing) | | Win...

Disable "NVIDIA Telemetry Report on Logon" task

This script disables the "NVIDIA Telemetry Report on Logon" scheduled task, associated with the "NvTmRep" process. This process is also known as "NVIDIA crash and telemetry reporter". When enabled, this task executes the "C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvTmRep.exe --logon" program during user logon, sending telemetry data. Overview of default task statuses - "\\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}": | OS Version | Default status | | ---------------- |...

Disable "NVIDIA Telemetry Report" task

This script disables the "NVIDIA Telemetry Report" scheduled task, which is related to the "NvTmRep" process. This process is called "NVIDIA crash and telemetry reporter". Disabling it stops the "C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvTmRep.exe" program from executing and reporting data. Overview of default task statuses - "\\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}": | OS Version | Default status | | ---------------- | -------------- | | Windows 10 22H2 | 🟡 N/A (mis...

Disable "PerformRemediation" task

This script disables the "PerformRemediation" scheduled task in Windows. This task performs recovery actions for update-related services to ensure they run in a supported configuration. Disabling this task enhances privacy by reducing automatic system changes and limiting data collection related to updates. It enhances control over system settings, letting users manage update configuration tasks without being overridden by the system. It improves performance by preventing unnecessary background ...

Disable "Print and Document Services" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Printing-Foundation-Features" | | Display name | Print and Document Services | | Description | Enable print, fax, and scan tasks on this computer | | Default (Windows 11 ≥ 23H2) | 🟢 Enabled | | Default (Windows 10 ≥ 22H2) | 🟢 Enabled |

Disable "Program Compatibility Assistant (PCA)" feature

This script disables the Program Compatibility Assistant (PCA) feature in Windows. The purposes include: application is detected, the PCA will prompt the user with recommended solutions. already aware of application compatibility issues. Enhances privacy by stopping the continuous monitoring and data collection by PCA. The PCA monitors applications run by the user. • Users gain more control over their system by manually managing application compatibility issues. When a potential compatibility is...

Disable "Program Compatibility Assistant Service" ("PcaSvc")

This script disables the "Program Compatibility Assistant Service" ("PcaSvc") in Windows. The "PcaSvc" assists the Program Compatibility Assistant (PCA) in monitoring programs installed and run by the user, detecting known compatibility problems, and aiding in Windows appraiser data collection. By disabling this service, the script prevents PCA from functioning, thereby halting application monitoring and data collection, leading to enhanced user privacy. This script turns off the "PcaSvc" which ...

Disable "Razer Game Scanner Service"

This script disables the "Razer Game Scanner Service". The service is part of the Razer Synapse software suite. It runs the "GameScannerService.exe" process. This process scans your computer for installed games to optimize Razer device settings and saves all settings to the cloud. Disabling this service enhances privacy by preventing data transmission to Razer servers. It also improves system performance by reducing heavy resource usage. Recent versions of the Razer Synapse software no longe...

Disable "Report policies" task

This script disables the "Report policies" scheduled task. This task might be responsible for reporting policy-related information to Windows Update or other system management tools. According to the Task Scheduler, this task executes "%SYSTEMROOT%\\System32\\UsoClient.exe ReportPolicies". Overview of default task statuses - "\\Microsoft\\Windows\\UpdateOrchestrator\\Report policies": | OS Version | Default status | | ---------------- | ------ | | Windows 10 22H2 | 🟢 Ready | | Windows 11 22H2 ...

Disable "RestoreDevice" task

This script disables the "RestoreDevice" scheduled task. This task is involved in restoring device settings or drivers as part of update processes. Overview of default task statuses - "\\Microsoft\\Windows\\InstallService\\RestoreDevice": | OS Version | Default status | | ---------------- | ------ | | Windows 10 22H2 | 🟡 N/A (missing) | | Windows 11 22H2 | 🟡 N/A (missing) | | Windows 11 23H2 | 🟢 Ready |

Disable "Scan Management" feature

This feature has been part of older versions on Windows. Overview of default feature statuses - | | | | ---- | --- | | Feature name | "ScanManagementConsole" | | Display name | Scan Management | | Description | Manages distributed scanners, scan processes, and scan servers. | | Default (Windows 11 ≥ 23H2) | 🟡 Missing | | Default (Windows 10 ≥ 22H2) | 🟡 Missing |: "Unattended Windows Setup Reference | systemscenter.ru" https://web.archive.org/web/20240406125031/https://syst...

Disable "ScanForUpdates" task

This script disables the "ScanForUpdates" scheduled task. This task is responsible for performing update scans. Microsoft officially documents this task as part of the Windows updates process. Microsoft suggests disabling this task as a measure to reduce data collection and improve performance. This recommendation is also supported by Citrix for optimization purposes. Overview of default task statuses - "\\Microsoft\\Windows\\InstallService\\ScanForUpdates": | OS Version | Default status | | -...

Disable "ScanForUpdatesAsUser" task

This script disables the "ScanForUpdatesAsUser" scheduled task. This task is responsible for performing update scans under user-specific contexts. Microsoft officially documents this task as part of the Windows updates process. Microsoft suggests disabling this task as a measure to reduce data collection and improve performance. This recommendation is also supported by Citrix for optimization purposes. Overview of default task statuses - "\\Microsoft\\Windows\\InstallService\\ScanForUpdatesAsUser": ...

Disable "Schedule Maintenance Work" task

This script disables the "Schedule Maintenance Work" scheduled task. This task is responsible for performing maintenance activities related to Windows Update, such as cleanup operations or preparation steps for update installations. According to the Task Scheduler, this task executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartMaintenanceWork". Overview of default task statuses - "\\Microsoft\\Windows\\UpdateOrchestrator\\Schedule Maintenance Work": | OS Version | Default status | | ------------...

Disable "Schedule Scan Static Task" task

This script disables the "Schedule Scan Static Task" scheduled task. This task is responsible for running update scans at static, predefined intervals. According to the Task Scheduler, this task conducts a scheduled Windows Update scan. It executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartScan". Overview of default task statuses - "\\Microsoft\\Windows\\UpdateOrchestrator\\Schedule Scan Static Task": | OS Version | Default status | | ---------------- | ------ | | Windows 10 22H2 | 🟢 Ready | ...

Disable "Schedule Scan" task

This script disables the "Schedule Scan" scheduled task. This task responsible for periodically scanning for Windows updates. According to the Task Scheduler, this task executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartScan". Overview of default task statuses - "\\Microsoft\\Windows\\UpdateOrchestrator\\Schedule Scan": | OS Version | Default status | | ---------------- | ------ | | Windows 10 22H2 | 🟢 Ready | | Windows 11 22H2 | 🟢 Ready | | Windows 11 23H2 | 🟢 Ready |

Disable "Schedule Wake To Work" task

This script disables the "Schedule Wake To Work" scheduled task. This task is responsible for waking the computer from sleep or low-power mode to perform Windows updates. According to the Task Scheduler, this task executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartWork". Overview of default task statuses - "\\Microsoft\\Windows\\UpdateOrchestrator\\Schedule Wake To Work": | OS Version | Default status | | ---------------- | ------ | | Windows 10 22H2 | 🔴 Disabled | | Windows 11 22H2 | 🔴 Disa...

Disable "Schedule Work" task

This script disables the "Schedule Work" scheduled task. This task is responsible for scheduling and initiating Windows updates processes at predetermined times. According to the Task Scheduler, this task executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartWork". Overview of default task statuses - "\\Microsoft\\Windows\\UpdateOrchestrator\\Schedule Work": | OS Version | Default status | | ---------------- | ------ | | Windows 10 22H2 | 🔴 Disabled | | Windows 11 22H2 | 🔴 Disabled | | Windows ...

Disable "Scheduled Start" task

This script disables the "Scheduled Start" scheduled task. This task initiates the Windows Update service at predetermined times or under specific conditions to perform tasks like checking for and installing updates. According to the Task Scheduler, this task initiates the Windows Update service for scheduled operations like scans. It executes "%SYSTEMROOT%\\System32\\sc.exe start wuauserv". Overview of default task statuses - "\\Microsoft\\Windows\\WindowsUpdate\\Scheduled Start": | OS Version ...

Disable "SmartRetry" task

This script disables the "SmartRetry" scheduled task. This task handles the automatic retrying of failed updates, attempting to redownload or reinstall updates that didn't install successfully on the first try. Microsoft officially documents this task as part of the Windows updates process. Microsoft suggests disabling this task as a measure to reduce data collection and improve performance. This recommendation is also supported by Citrix for optimization purposes. Overview of default task statu...

Disable "SMB Direct" feature

This script disables "SMB Direct" feature. SMB Direct improves file transfer speeds across networks by utilizing network adapters that are Remote Direct Memory Access (RDMA) capable. Although not inherently insecure, maintaining unnecessary software can increase the attack surface, especially if the underlying RDMA hardware has vulnerabilities. Overview of default feature statuses - | | | | ---- | --- | | Feature name | "SMB Direct" | | Display name | SMB Direct | | Description | ...

Disable "Start Oobe Expedite Work" task

This script disables the "Start Oobe Expedite Work" scheduled task. This task is responsible for performing tasks related to the "out-of-box experience" (OOBE) in Windows, such as updating system settings, applications, or features soon after a system update or initial setup. According to the Task Scheduler, its purpose is to perform a scheduled Windows Update scan. It executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartWork". Overview of default task statuses - `\\Microsoft\\Windows\\UpdateOrchestr...

Disable "StartOobeAppsScan_LicenseAccepted" task

This script disables the "StartOobeAppsScanLicenseAccepted" scheduled task. This task is responsible for initiating a scan of applications as part of the OOBE process, after a license agreement is accepted, verifying that apps are up-to-date. According to the Task Scheduler, its purpose is to perform a scheduled Windows Update scan. It executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartOobeAppsScan". Overview of default task statuses - `\\Microsoft\\Windows\\UpdateOrchestrator\\StartOobeAppsScanLi...

Disable "StartOobeAppsScan_OobeAppReady" task

This script disables the "StartOobeAppsScanOobeAppReady" scheduled task. This task is responsible for scanning applications during the OOBE phase, verifying that apps are ready for use after system updates. According to the Task Scheduler, it performs a scheduled Windows Update scan. It executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartOobeAppsScan". Overview of default task statuses - "\\Microsoft\\Windows\\UpdateOrchestrator\\StartOobeAppsScanOobeAppReady": | OS Version | Default status |...

Disable "StartOobeAppsScanAfterUpdate" task

This script disables the "StartOobeAppsScanAfterUpdate" scheduled task. This task is responsible for scanning applications following a system update, as part of the OOBE process, to verify that all applications are compatible with the new update. According to the Task Scheduler, it performs a scheduled Windows Update scan. It executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartOobeAppsScanAfterUpdate". Overview of default task statuses - `\\Microsoft\\Windows\\UpdateOrchestrator\\StartOobeAppsScanAft...

Disable "Telnet Client" feature

This script disables the Telnet Client feature in Windows. The Telnet Client enables remote server connections. It is inherently insecure because it transmits all data, including sensitive credentials, in clear text without encryption. This lack of encryption makes it vulnerable to interception and misuse. Due to these security flaws, entities such as NIST, Department of Defense and Microsoft recommend removing or disabling this feature. Although this feature is disabled by default in newer ...

Disable "TFTP Client" feature

This script disables the "TFTP Client" feature. The TFTP Client supports file transfers using the Trivial File Transfer Protocol (TFTP). TFTP protocol is insecure because it lacks authentication and encryption capabilities. This makes data transferred via TFTP vulnerable to eavesdropping and tampering. Although TFTP's simplicity can be advantageous in certain contexts, such as configuring network devices, its security risks generally outweigh these benefits. Disabling it helps mitigate the ris...

Disable "Update Orchestrator Service" ("UsoSvc")

This script disables the Update Orchestrator Service, also known as "Update Orchestrator Service for Windows Update". This service is in charge of managing the download and installation of Windows updates. By default, the service is enabled and set to start up manually. While updates can be crucial for the security of your system, this service can sometimes install them without your approval. This lack of control can pose risks to your privacy, as data might be sent from your system without your...

Disable "UpdateModelTask" task

This script disables the "UpdateModelTask Work" scheduled task. This task is responsible for updating Machine Learning (ML) models related to Windows Updates. According to the Task Scheduler, its purpose is to update ML models and it executes "%SYSTEMROOT%\\System32\\UsoClient.exe StartModelUpdates". Microsoft suggests disabling it for performance optimization and reduced data collection. Overview of default task statuses - "\\Microsoft\\Windows\\UpdateOrchestrator\\UpdateModelTask": | OS Version ...

Disable "USO_UxBroker" task

This script disables the "USO_UxBroker" scheduled task. This task is related to the User Experience (UX) Broker process in Windows, managing user notifications or interactions required after an update. According to the Task Scheduler, this task is responsible for triggering a system reboot following update installations. It executes "%SYSTEMROOT%\\System32\\MusNotification.exe". Disabling this task is recommended to reduce data collection and enhance system performance. Overview of default task st...

Disable "UUS Failover Task" task

This script disables the "UUS Failover Task" scheduled task. This task is responsible for the failover mechanism for updates, designed to handle scenarios where a primary update process fails or encounters issues. According to the Task Scheduler, this task is responsible for performing a scheduled Windows Update scan. It executes "%SYSTEMROOT%\\System32\\UsoClient.exe HandleUusFailoverSignal". Overview of default task statuses - "\\Microsoft\\Windows\\UpdateOrchestrator\\UUS Failover Task": | OS Versi...

Disable "Visual Studio Standard Collector Service"

Visual Studio Standard Collector Service is a service that is part of Microsoft Visual Studio and .NET Log Collection Tool. This service collects logs for Diagnostics Hub just like Diagnostic Hub Standard Collector. It has been known to be vulnerable to privilege elevation. Disabling this service is recommended because otherwise it would: Increase the attack surface of your computer, maki...

Disable "WakeUpAndContinueUpdates" task

This script disables the "WakeUpAndContinueUpdates" scheduled task. This task is responsible for waking the computer from sleep to continue or complete pending updates. Overview of default task statuses - "\\Microsoft\\Windows\\InstallService\\WakeUpAndContinueUpdates": | OS Version | Default status | | ---------------- | ------ | | Windows 10 22H2 | 🔴 Disabled | | Windows 11 22H2 | 🔴 Disabled | | Windows 11 23H2 | 🔴 Disabled |

Disable "WakeUpAndScanForUpdates" task

This script disables the "WakeUpAndScanForUpdates" scheduled task. This task is responsible for waking up the system at scheduled times to check for Windows updates. Overview of default task statuses - "\\Microsoft\\Windows\\InstallService\\WakeUpAndScanForUpdates": | OS Version | Default status | | ---------------- | ------ | | Windows 10 22H2 | 🔴 Disabled | | Windows 11 22H2 | 🔴 Disabled | | Windows 11 23H2 | 🔴 Disabled |

Disable "Windows Biometric Service"

Details: Security guidelines for system services in Windows Server 2016 | Microsoft Learn | learn.microsoft.com • Windows Biometric Service - Windows 10 Service - batcmd.com | batcmd.com Ove...

Disable "Windows Defender Advanced Threat Protection Service" service

https://web.archive.org/web/20240314091443/https://batcmd.com/windows/10/services/sense/ Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 22H2) | 🔴 Stopped | Manual | | Windows 11 (≥ 23H2) | 🔴 Stopped | Manual |

Disable "Windows Defender Firewall Authorization Driver" service (breaks Microsoft Store, "netsh advfirewall", winget, Windows Sandbox, Docker, WSL)

This script disables the Windows Defender Firewall Authorization Driver service. This service is a kernel mode driver crucial for inspecting network traffic entering and exiting your computer. Disabling this service can enhance privacy by reducing Microsoft's capability to monitor and analyze your network traffic. It also improves system performance by decreasing background resource consumption. The driver is identified by the file "mpsdrv.sys". This file is a component of Microsoft Protec...

Disable "Windows Defender Firewall" service (breaks Microsoft Store, "netsh advfirewall", winget, Windows Sandbox, Docker, WSL)

This script disables the Windows Defender Firewall service (identified as "MpsSvc"). This component acts as a gatekeeper for your computer, filtering incoming and outgoing network traffic based on established security rules to prevent unauthorized access. This service runs the firewall component of Windows. It starts automatically and runs the "%SYSTEMROOT%\\System32\\MPSSVC.dll" driver. This file is also referred to as Microsoft Protection Service. Beyond firewall functionality, it plays ...

Disable "Windows Fax and Scan" feature

This feature has been part of older versions on Windows. Overview of default feature statuses - | | | | ---- | --- | | Feature name | "FaxServicesClientPackage" | | Display name | Windows Fax and Scan | | Description | Enable fax and scan tasks on this computer | | Default (Windows 11 ≥ 23H2) | 🟡 Missing | | Default (Windows 10 ≥ 22H2) | 🟡 Missing |: "Unattended Windows Setup Reference | systemscenter.ru" https://web.archive.org/web/20240406125031/https://systemscenter.ru/...

Disable "Windows Insider Service"

Details: Security guidelines for system services in Windows Server 2016 | Microsoft Learn | learn.microsoft.com • Windows Insider Service - Windows 10 Service - batcmd.com | batcmd.com Overview o...

Disable "Windows Media Player Network Sharing Service" ("WMPNetworkSvc")

Details: Windows Media Player Network Sharing Service - Windows 10 Service - batcmd.com | batcmd.com Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 22H2) | 🔴 Stopped | Manual | | Windows 11 (≥ 22H2) | 🔴 Stopped | Manual |

Disable "Windows Media Player" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "WindowsMediaPlayer" | | Display name | Windows Media Player | | Description | Windows Media Player | | Default (Windows 11 ≥ 23H2) | 🟢 Enabled | | Default (Windows 10 ≥ 22H2) | 🟢 Enabled |

Disable "Windows Search" feature

Overview of default feature statuses - | | | | ---- | --- | | Feature name | "SearchEngine-Client-Package" | | Display name | Windows Search | | Description | Provides content indexing, property caching, and search results for files, e-mail, and other content. | | Default (Windows 11 ≥ 23H2) | 🟢 Enabled | | Default (Windows 10 ≥ 22H2) | 🟢 Enabled |

Disable "Windows Security Health Host" process

This script disables the Windows Security Health Host. The Windows Security Health Host monitors and reports on the Windows operating system's security status. It continuously checks system security aspects like Defender antivirus, firewall status, and the presence of the latest security patches. It automatically starts with Windows and runs in the background. By disabling this process, the script may improve privacy by preventing the constant monitoring and reporting of system security status. ...

Disable "Windows Security Service" interactions

This script disables the Security Health Service's COM objects, which prevents the Windows Security Center from running. Security Health Service is also known as Windows Security Service or Windows Security Health Service. It is a fundamental component of Windows security features. The script disables various Component Object Model (COM) objects related to this service. COM (Component Object Model) is a system enabling interaction between software components in Windows. Disabling the...

Disable "Windows Security Service" service

This script disables the Windows Security Service, a component that manages various Windows security features. This service is known as Windows Security Service, "SecurityHealthService" or Windows Security Health Service. It provides device protection and system health information. This service is part of the Windows Security interface. Windows Security is a centralized interface managing various Windows security features. In earlier Windows versions, this interface was called ...

Disable "Windows Security" status reporting integrations

This script disables the Windows Security APIs, which are used by Windows and third-party security software to report system security status. These APIs are known as Windows Security APIs, or Windows Security Center APIs. They allow security software to communicate with the Windows Security app. This app monitors the system's security status and provides alerts about potential vulnerabilities. Disabling these APIs can improve privacy by preventing the collection and reporting of security...

Disable "Windows Update Medic Service" ("WaaSMedicSvc")

This script disables the Windows Update Medic Service ("WaaSMedicSvc") and removes its associated files and registry entries. This service runs continuously in the background and maintains Windows Update components. Disabling this service prevents it from reverting your Windows Update settings, such as re-enabling automatic updates without your permission. This gives you more control over your system's update behavior and settings. This script enhances your privacy by reducing data transmission ...

Disable "Windows Update" ("wuauserv") service

This script turns off the Windows Update service, which is technically known as Windows Update Agent. By disabling this service, the automatic detection, download, and installation of updates for both Windows and other installed programs are halted. Update can often come bundled with changes that could affect your privacy settings or introduce features that collect more of your data. Taking control of when and how updates are applied provides you with the opportunity to review any changes before...

Disable "Work Folders Client" feature

See: Work Folders overview | Microsoft Learn | learn.microsoft.com Overview of default feature statuses - | | | | ---- | --- | | Feature name | "WorkFolders-Client" | | Display name | Work Folders Client | | Description | Allows file synchronization with a configured file server. | | Default (Windows 11 ≥ 23H2) | 🟢 Enabled | | Default (W...

Disable "XPS Viewer" feature

This feature has been part of older versions on Windows. Overview of default feature statuses - | | | | ---- | --- | | Feature name | "Xps-Foundation-Xps-Viewer" | | Display name | XPS Viewer | | Description | Allows you to read, copy, print, sign, and set permissions for XPS documents. | | Default (Windows 11 ≥ 23H2) | 🟡 Missing | | Default (Windows 10 ≥ 22H2) | 🟡 Missing |: "Unattended Windows Setup Reference | systemscenter.ru" https://web.archive.org/web/20240406125031...

Disable active connectivity tests (breaks internet connection status, captive portals)

This script prevents Network Connectivity Status Indicator (NCSI) from performing active connectivity checks. Active Probing Overview - NCSI checks internet connectivity by requesting and downloading specific web pages. This process is also known as active probing or active tests. Active probing checks internet connection by accessing certain URLs: "http://www.msftconnecttest.com/connecttest.txt". • "http://www.msftconnecttest.com/redirect". • "http://www.msftncsi.com/ncsi.txt" (on earlier v...

Disable Adobe background automatic updates

This category includes scripts designed to disable Adobe's background automatic update services and tasks. These automatic updates run in the background, typically starting up with your PC, and work to keep your Adobe software up to date. By disabling them, you optimize your system's performance, reduce unwanted data collection, and minimize your vulnerability surface. These scripts only disable automatic updates; manual updates are still possible.

Disable all Security and Maintenance notifications

This script disables all Security and Maintenance notifications in Windows, potentially enhancing privacy but also reducing system security awareness. Security and Maintenance was formerly called Action Center. This interface manages and centralizes Windows security and maintenance settings It notifies users about key system events, security risks, and maintenance issues. Windows automatically checks for security and maintenance issues and sends notifications by default. This script disa...

Disable all Windows Security notifications

This script disables all notifications generated by Windows Security. Windows Security is a built-in Windows feature that offers a unified interface for various security products, including Defender Antivirus. This interface was previously called Security Center. By default, local users are notified by Windows Security. This script blocks these notifications. This script may enhance your privacy by reducing visible security-related information on your screen. It may also slightly imp...

Disable anonymous access to named pipes and shares

This script restricts anonymous access to Named Pipes and Shares. It reduces security risks by preventing unauthorized access. Named Pipes allow programs on a computer or network to communicate with each other. Anonymous access lets users connect to services without a username or password, increasing the risk of unauthorized access. It configures the "HKLM\\SYSTEM\\CurrentControlSet\\Services\\LanManServer\\Parameters!restrictnullsessaccess" registry setting to control null session access, which ...

Disable anonymous enumeration of shares

This script disables the anonymous enumeration of shares to prevent unauthorized users from listing account names and shared resources, which could serve as a roadmap for attackers. It configures the "HKLM\\SYSTEM\\CurrentControlSet\\Control\\LSA!restrictanonymous" registry key to ensure that such enumeration is blocked, improving system security against potential breaches.

Disable Antimalware Scan Interface (AMSI)

This category contains scripts that disable various components of the Antimalware Scan Interface (AMSI) in Windows. AMSI is a standard interface that allows applications and services to integrate with antimalware products on Windows systems. It functions as an interception engine, enabling software to work with Defender and other antivirus solutions to detect potentially malicious scripts and content. Key features of AMSI include: Scanning scripts and macros for malicious content before executio...

Disable Antimalware Scan Interface (AMSI) for current user

This script disables the Antimalware Scan Interface (AMSI) for the current user, preventing the integration of applications and services with antimalware products. AMSI is a standard interface that integrates applications and services with antimalware products on Windows machines. It helps detect potentially malicious scripts, such as harmful PowerShell commands or Microsoft Office macros, even if they are obfuscated. When AMSI is enabled, antivirus programs can scan scripts before they run. If ...

Disable app access to "Documents" folder

This script prevents Windows apps from accessing the Documents folder. It restricts app access to document files without user consent. After running this script, apps can still access the files when explicitly permitted. This script enhances your privacy and security by preventing unauthorized app access. This script configures: Privacy settings user interface ("documentsLibrary")

Disable app access to "Music" folder

This script prevents Windows apps from accessing the Music folder. It restricts app access to audio files without user consent. After running this script, apps can still access the files when explicitly permitted. This script enhances your privacy and security by preventing unauthorized app access. This script configures: Privacy settings user interface ("musicLibrary")

Disable app access to "Pictures" folder

This script prevents Windows apps from accessing the Pictures folder. It restricts app access to photos and images without user consent. After running this script, apps can still access the files when explicitly permitted. This script enhances your privacy and security by preventing unauthorized app access. This script configures: Privacy settings user interface ("picturesLibrary")

Disable app access to "Videos" folder

This script prevents Windows apps from accessing the Videos folder. It restricts app access to video files without user consent. After running this script, apps can still access the files when explicitly permitted. This script enhances your privacy and security by preventing unauthorized app access. This script configures: Privacy settings user interface ("videosLibrary")

Disable app access to account information, name, and picture

This script prevents Windows apps from accessing account information. This includes your name and picture. By limiting this access, the script enhances your privacy by protecting against potential misuse of personal details by apps. This script configures: Windows policy ("LetAppsAccessAccountInfo") • Privacy settings user interface ("C1D23ACC-752B-43E5-8448-8D0E519CD6D6", "userAccountInformation")

Disable app access to Bluetooth devices

This category enhances user privacy by blocking unauthorized access to Bluetooth devices through Windows apps. It restricts Bluetooth connections, preventing apps from initiating unwanted communication or data exchange.

Disable app access to calendar

This script prevents Windows apps from accessing the calendar data. This includes information about appointments from your synced network accounts. It protects personal schedule by preventing apps from automatically creating, reading or writing to calendars without explicit user permission. This script configures: Windows policy ("LetAppsAccessCalendar") • Privacy settings user interface ("D89823BA-7180-4B81-B50C-7E471E6121A3", "appointments")

Disable app access to call history

This script prevents Windows apps from accessing your call history. It protects past communication records by blocking apps from automatically reading and deleting call history without explicit user permission. This script configures: Windows policy ("LetAppsAccessCallHistory") • Privacy settings user interface ("8BC668CF-7728-45BD-93F8-CF2B3B41D7AB", "phoneCallHistory")

Disable app access to camera

This script prevents Windows apps from accessing the camera. By disabling access, it ensures that no app can use the camera to capture photos or videos without explicit user permission, thereby protecting privacy. This script configures: Windows policy ("LetAppsAccessCamera") • Privacy settings user interface ("E5323777-F976-4f5b-9B55-B94699C46E44", "webcam")

Disable app access to email

This script prevents Windows apps from accessing email. It protects your privacy by blocking apps from automatically reading, sending, organizing emails without your permission. This script configures: Windows policy ("LetAppsAccessEmail") • Privacy settings user interface ("9231CB4C-BF57-4AF3-8C55-FDA7BFCC04C5", "email")

Disable app access to eye tracking

This script prevents Windows apps from accessing the eye tracker. This script improves privacy by blocking apps from tracking users' eye automatically without explicit user instruction. This script configures: Windows policy ("LetAppsAccessGazeInput") • Privacy settings user interface ("gazeInput")

Disable app access to human presence

This script prevents Windows apps from accessing presence sensing. Presence data includes information on user presence and engagement. This data could potentially be used to infer user behavior or activities. This script improves privacy by blocking apps from Presence Sensors on the device without explicit user instruction. This script configures: Windows policy ("LetAppsAccessHumanPresence") • Privacy settings user interface ("humanPresence")

Disable app access to information about other apps

This script prevents Windows apps from accessing diagnostic information about other apps. This includes details like user names, package information, memory usage, and account names for any running UWP apps. This script configures: Windows policy ("LetAppsGetDiagnosticInfo") • Privacy settings user interface ("2297E4E2-5DBE-466D-A12B-0F8286F0D9CA", "appDiagnostics")

Disable app access to input devices

This script prevents apps from accessing Human Interface Device (HID) capabilities. HIDs include a wide range of devices such as keyboards, mice, and other input devices that can communicate directly with the system. By restricting access, the script ensures that applications cannot intercept or record input data from these devices, thereby safeguarding user interactions. This script configures: Privacy settings user interface ("humanInterfaceDevice")

Disable app access to location

This script prevents Windows apps from accessing your location. It restricts access to location-specific network information and sensors, enhancing your privacy and security. This script configures: Windows policy ("LetAppsAccessLocation") • Privacy settings user interface ("BFA794E4-F964-4FDB-90F6-51056BFE4B44", "location") • Location Services ("E6AD100E-5F4E-44CD-BE0F-2265D88D14F5", "lfsvc")

Disable app access to messaging (SMS / MMS)

This script prevents Windows apps from accessing messages, securing message content from unauthorized access and improving privacy. It protects your privacy by blocking apps from automatically reading, storing, sending, or deleting SMS/MMS messages without your permission. This script configures: Windows policy ("LetAppsAccessMessaging") • Privacy settings user interface ("992AFA70-6F47-4148-B3E9-3003349C1548", "21157C1F-2651-4CC1-90CA-1F28B02263F6", "chat")

Disable app access to microphone (breaks Sound Recorder)

This script prevents Windows apps from accessing the microphone. It enhances privacy by preventing apps from recording audio, which may include sensitive conversations. This script configures: Windows policy ("LetAppsAccessMicrophone") • Privacy settings user interface ("2EEF81BE-33FA-4800-9670-1CD474972C3F", "microphone")

Disable app access to motion activity

This script prevents Windows apps from accessing motion data. By running this script, you improve your privacy by preventing apps from automatically tracking physical movements without permission. This script configures: Windows policy ("LetAppsAccessMotion"). • Privacy settings user interface ("activity").

Disable app access to notifications

This script prevents Windows apps from accessing notifications. It enhances privacy by ensuring that apps cannot access or manage notifications without explicit user permission. Notifications can contain personal or sensitive information. This script configures: Windows policy ("LetAppsAccessNotifications") • Privacy settings user interface ("52079E78-A92B-413F-B213-E8FE35712E72", "userNotificationListener")

Disable app access to paired Bluetooth devices

This script prevents Windows apps from accessing paired Bluetooth devices. This script improves your privacy by preventing apps from automatically interacting with paired Bluetooth devices, thus blocking unauthorized data exchanges without your permission. This script configures: Privacy settings user interface ("bluetooth")

Disable app access to personal files

This script restricts app access to the broader file system. It restricts app access to files that the user has access to without user consent. After running this script, apps can still access the files when explicitly permitted. This script enhances your privacy and security by preventing unauthorized app access. This script configures: Privacy settings user interface ("broadFileSystemAccess")

Disable app access to personal information

This category enhances your privacy by restricting app access to sensitive personal data. These scripts enable you to enforce the principle of least privilege ensuring that apps only have access to the information absolutely necessary for their legitimate function, thereby minimizing potential data misuse. It specifically targets UWP (Universal Windows Platform) apps. These apps can be both native system apps and third-party apps. They are typically available through the Microsoft Store. These...

Disable app access to phone

This category contains scripts that restrict app access to phone-related functionalities. They protect your privacy and security by ensuring communication details remain private and are accessible only when necessary.

Disable app access to phone calls (breaks phone calls through Phone Link)

This script prevents Windows apps from accessing phone calls. This includes reading phone call data and making phone calls. By controlling app permissions related to phone functionalities, it ensures that your personal communication remains private and secure, requiring explicit user approval before any app can interact with phone calls. The restrictions include: Preventing apps from accessing phone call data, including metadata and call triggers. • Disallowing apps from managing spam filters, s...

Disable app access to physical movement

This script prevents Windows apps from accessing spatial perception data. This includes movement of the user's head, hands, motion controllers, and other tracked objects, as well as nearby surfaces. This data may be accessed while the apps are running in the background. This script enhances privacy by preventing apps from accessing body-related data automatically , without explicit user permission. This script configures: Windows policy ("LetAppsAccessBackgroundSpatialPerception") • Privacy sett...

Disable app access to radios

This script prevents Windows apps from controlling radios, improving privacy by preventing unauthorized use or toggling of these components. This script ensures that apps cannot toggle device radios such as Wi-Fi and Bluetooth without your explicit consent. This script configures: Windows policy ("LetAppsAccessRadios") • Privacy settings user interface ("A8804298-2D5F-42E3-9531-9C8C39EB29CE", "radios")

Disable app access to screen capture

This script restricts Windows apps from taking screenshots of the user's screen. This script improves privacy by blocking apps from taking screenshots programmatically, and without showing a screenshot border, without explicit user instruction. This script configures: Windows policy ("LetAppsAccessGraphicsCaptureProgrammatic", "LetAppsAccessGraphicsCaptureWithoutBorder") • Privacy settings user interface ("graphicsCaptureProgrammatic", "graphicsCaptureWithoutBorder")

Disable app access to tasks

This script prevents Windows apps from accessing task data. These task items may be stored by Exchange ActiveSync (EAS) connections and other provider apps. This script protects your privacy by preventing unauthorized access without your permission to your task information. This script configures: Windows policy ("LetAppsAccessTasks") • Privacy settings user interface ("E390DF20-07DF-446D-B962-F5C953062741", "userDataTasks")

Disable app access to trusted devices

This script prevents Windows apps from accessing trusted devices. It restricts apps from automatically connecting to or controlling trusted devices without your permission, enhancing privacy protection. This script configures: Windows policy ("LetAppsAccessTrustedDevices")

Disable app access to unpaired Bluetooth devices

This script prevents Windows apps from accessing unpaired Bluetooth devices. This script protects your privacy by blocking apps from automatically sharing and synchronizing information with wireless devices that don't explicitly pair with your PC, preventing unauthorized data exchange without your permission. This script configures: Privacy settings user interface ("bluetoothSync")

Disable app access to unpaired wireless devices

This script prevents Windows apps from communicating with unpaired wireless devices. It prevents automatic sharing and synchronization of information with devices that aren't paired. For example, these devices can be gaming consoles (e.g., Xbox One), phones, TVs, tablets. By preventing apps from sending or receiving data from such devices, this script protects your security and privacy. This script configures: Windows policy ("LetAppsSyncWithDevices") • Privacy settings user interface (`LooselyC...

Disable app access to voice activation

This script prevents Windows apps from voice activation. This script improves privacy by preventing apps from being activated and from continuing to listen automatically while the device is locked without explicit user instruction. This protects your security against potential eavesdropping or accidental triggering of applications. This script configures: Windows policy ("LetAppsActivateWithVoice") • Privacy settings user interface ("AgentActivationEnabled")

Disable app access to voice activation on locked system

This script prevents Windows apps from voice activation when the system is locked. This script improves privacy by preventing apps from being activated and from continuing to listen automatically while the device is locked without explicit user instruction. This protects your security against potential eavesdropping or accidental triggering of applications. This script configures: Windows policy ("LetAppsActivateWithVoiceAboveLock") • Privacy settings user interface ("AgentActivationEnabled")

Disable app access to your contacts

This script prevents Windows apps from accessing your contact list. Your contact list may include sensitive details synced from various networks. This script improves privacy by safeguarding personal and sensitive details in your contact list by restrictings applications from automatically accessing it. This script configures: Windows policy ("LetAppsAccessContacts") • Privacy settings user interface ("7D7E8402-7C54-4821-A34E-AEEFD62DED93", "contacts")

Disable app access to your files

This category limits the access of Windows apps to various user-specific folders and other file systems. It enhances privacy by restricting apps from accessing and manipulating files without explicit user permission.

Disable app usage tracking

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable app voice activation

This category safeguards against unauthorized app activation via voice commands. It includes measures to disable voice activation for apps, ensuring that apps cannot be triggered by voice and start listening without explicit user permission. This protects your security against potential eavesdropping or accidental triggering of applications.

Disable application backup data gathering ("MareBackup")

This script disables the "MareBackup" scheduled task. According to the Task Scheduler, this task gathers Win32 application data for backups. It executes "%SYSTEMROOT%\\System32\\CompatTelRunner.exe". Although this task is intended for backup and system reliability, some users may prefer limiting the amount of data collected by Windows, thus enhancing their privacy. Overview of default task statuses - "\\Microsoft\\Windows\\Application Experience\\MareBackup": | OS Version | Default status | | --...

Disable Application Compatibility Engine

This script disables the Application Compatibility Engine on Windows systems. The Application Compatibility Engine examines a compatibility database every time an application starts. If it finds a match for the application, it either applies compatibility fixes or displays a help message for known problems with the application. This process may inadvertently reveal data about the applications you run on your system, especially if the query functions are intercepted. Moreover, this database can b...

Disable Application Compatibility Framework

This category disables the Application Compatibility (AppCompat) framework on Windows. The Application Compatibility (AppCompat) framework is a feature in Windows that collects data about application compatibility. This includes gathering information about application crashes, issues, and other operational details to help improve the compatibility of applications on Windows. It is controlled by a set of policies within the Microsoft Windows operating system aimed at enabling applications designe...

Disable Application Experience data collection

Application Experience comprises services and tasks that help applications, including older ones, run smoothly. These components collect and send telemetry data to Microsoft, potentially impacting user privacy. Scripts under this category aim to enhance user privacy, data protection, and protect the system from potential vulnerabilities. They also optimize system performance by removing non-essential operating system components. However, disabling Application Experience could influence the perfo...

Disable Application Impact Telemetry (AIT)

This script disables Application Impact Telemetry (AIT). Application Impact Telemetry (AIT) is a function that tracks the usage of certain Windows system components by various applications. Turning this feature off stops the collection of usage data, enhancing your privacy by ensuring that your usage patterns and behaviors are not sent to external servers. Disabling telemetry will take effect on any newly launched applications. To ensure that telemetry collection has stopped for all applications...

Disable application usage tracking ("AitAgent")

This script disables the "AitAgent" scheduled task. "AitAgent" is a task that is part of the Microsoft Customer Experience Improvement Program, which aggregates and uploads Application Telemetry information if the user has opted in. This task is part of Application Experience as per its registry location ("Microsoft\\Windows\\Application Experience\\AitAgent") and VMWare's documentation. Governments of various countries, including Argentina and the United States (via VMWare), recommend disabling th...

Disable auto-scans

This category configures Windows using 5 scripts. The category includes 5 subscripts.

Disable automatic cloud configuration downloads

This script turns off the OneSettings service, a feature from Microsoft that downloads configuration settings. This action can enhance the privacy and security of your Windows desktop environment by managing a feature called the Services Configuration. Services Configuration is a mechanism that various Windows components and apps use to update their settings dynamically. By default, Windows periodically tries to connect with the OneSettings service to download configuration settings. This script...

Disable automatic daily installation of Windows updates

This script stops Windows from automatically installing updates every day. By doing so, you gain control over when update happen on your computer. By default, Windows is set to automatically update every day. Having control over the update timing allows you to review what is being changed, thereby protecting your privacy and enhancing your system's security. Technically, what the script does is remove a specific setting in the computer's system registry, the "ScheduledInstallDay" key from `HKLM\\...

Disable automatic installation of Edge

This script prevents the automatic installation of Edge (Chromium) via Windows Update. Microsoft Edge (Chromium), designed to replace Edge (Legacy), is automatically distributed to devices running Windows 10 version 1803 or newer. This script does not impact Windows 10, version 20H2 and later. Windows 10 version 20H2 and later already include Edge (Chromium) by default. This script only blocks the automatic installation of Edge (Chromium) through Windows Update, without affecting other installat...

Disable automatic installation of Edge across all channels

This script disables the automatic installation of Microsoft Edge across all update channels, enhancing user control over their systems and privacy. Microsoft Edge offers four update channels—Stable, Beta, Dev, and Canary—each designed with different stability levels and update frequencies. This script blocks automatic installations for all these channels. This allows users to manually manage their updates and potentially reduce exposure to unstable or privacy-intrusive software. This script app...

Disable automatic installation of Edge and WebView

This category contains scripts that prevent the automatic installation of Microsoft Edge, allowing users to maintain control over software installations on their systems. These scripts help ensure that Edge and its components like WebView and WebView2 are only installed when explicitly approved by the user, which can significantly enhance privacy and security. Automatic installations can potentially introduce unwanted features or security vulnerabilities, and by preventing these installations, u...

Disable automatic installation of WebView and WebView2

This script prevents the automatic installation of Microsoft Edge WebView and WebView2 components. By default, the WebView2 Runtime is installed automatically through Microsoft Edge Update. After applying this script, automatic installation of the WebView2 Runtime via Microsoft Edge Update is blocked. This improves your privacy and control over installed software on your system. This script configures the "Install{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}" policy.

Disable automatic installation of Windows updates without user consent

This script changes how your Windows computer handles automatic updates by modifying the "AUOptions" registry key. After running this script, your computer will notify you before downloading any updates. In the default setup, your Windows system is configured to download and install updates automatically without notifying you. This means that new updates could be installed on your system without your explicit approval. By forcing Windows to notify you before downloading updates, this script hand...

Disable automatic OneDrive installation

This script prevents OneDrive from automatically reinstalling itself. OneDrive, Microsoft's cloud storage service, can automatically reinstall itself after being uninstalled on older Windows 10 versions. This is done through a startup entry that runs "OneDriveSetup.exe", which silently installs OneDrive when a user logs in. The script enhances privacy by stopping OneDrive from reinstalling without user consent. This prevents unwanted data collection and synchronization. It also boosts system per...

Disable automatic Software Quality Metrics (SQM) data transmission

This script disables the "Proxy" scheduled task. This task sends Software Quality Metrics (SQM) data to Microsoft. SQM stands for "Software Quality Metrics", also known as "Software Quality Management". It is part of Microsoft's telemetry framework, gathering and sending usage and performance data to Microsoft. This task specifically collects and sends "autochk" SQM data. "autochk" is a Windows tool that checks file system integrity before Windows starts. This task enables features of the Custom...

Disable automatic system compatibility checks (Microsoft Compatibility Appraiser)

This category covers disabling of the Microsoft Compatibility Appraiser. This tool checks your computer's software and hardware compatibility with the latest Windows updates, including major upgrades such as Windows 11. It scans your system, collecting detailed information about your apps and devices to ensure everything will work smoothly with potential updates. This process helps Microsoft improve Windows and keep your system running efficiently with the latest features. However, it sends subs...

Disable automatic updates

Disabling automatic updates is often considered counterintuitive when it comes to securing your system. However, there are substantial arguments to consider this option if you're privacy-centric: 1. Patching and Pre-Approval: Manual control over update deployment allows for pre-emptive approval of patches. This strategy is useful in environments requiring the highest level of security. For instance, military agencies frequently employ air-gapped systems that mandate careful review of each up...

Disable Automatic Updates (AU) feature

This script disables the Automatic Updates feature on Windows. Automatic Updates downloads and installs updates without requiring explicit user permission. When enabled, it automatically checks for updates from the Windows Update website whenever you are online. By default, Automatic Updates is enabled. Disabling Automatic Updates provides users control over when and how updates are installed. This enhances privacy by minimizing automatic data transfers to Microsoft servers. However, disabling A...

Disable automatically enabling Windows Update Medic Service

This script disables the "upfc.exe" process, preventing it from automatically re-enabling Windows updates. "upfc.exe" is found at "%SYSTEMROOT%\\System32\\upfc.exe". This executable is identified by Microsoft as "Updateability From SCM". SCM refers to the "Service Control Manager (SCM)", a special system process also known as "services.exe". "upfc.exe" is automatically launched by SCM during system startup. It is part of the Windows Update self-healing mechanism. It recovers Windows Update Medic S...

Disable AutoPlay and AutoRun

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable background application compatibility checks (Application Experience scheduled tasks)

This category focuses on disabling scheduled tasks related to Application Experience. These tasks aim to improve user experience by identifying compatibility issues with older software and boosting application performance. However, they also collect and transmit telemetry data to Microsoft. Disabling them can optimize system performance, reduce unwanted data collection, and lower security risks. To view all the scheduled tasks related to Application Experience, you can use the following PowerShe...

Disable background clipboard data collection ("cbdhsvc") (breaks clipboard history and sync)

This script disables "cbdhsvc" also known as "Clipboard User Service". This service is responsible for clipboard history and synchronization across devices. Microsoft acknowledges that disabling this service does not adversely affect the system's core functionality. Disabling this service enhances your security by reducing your system's vulnerability surface. This service has been historically susceptible to vulnerabilities such as Privilege Escalation vulnerability. Turning off "cbdhsvc" also h...

Disable background customer experience data collection

This category includes scripts that disable scheduled tasks from the Windows Customer Experience Improvement Program (CEIP). The CEIP, designed by Microsoft, collects background data on user interactions with its products. This data collection is executed through multiple background tasks that transmit usage data to Microsoft. Scripts in this category stop these tasks, thereby reducing data transmission to Microsoft, enhancing privacy, and improving system performance. Use the following PowerShe...

Disable backtracking

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable basic authentication in WinRM

This script configures the Windows Remote Management (WinRM) client to disable basic authentication. Basic authentication is a security protocol where a user provides a username and password in plain text for verification. It improves security by preventing the interception and misuse of plain text passwords. It achieves this by modifying the "HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows\\WinRM\\Client!AllowBasic" registry key. While WinRM clients do not use Basic authentication by default, this s...

Disable behavior monitoring

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Disable Bing search and recent search suggestions (breaks search history)

This script improves privacy by disabling Bing search in the Start menu and recent search suggestions in File Explorer. By default, Windows 10's Search Box includes suggestions from the Internet, alongside local search results. This script limits the search results to your local machine, improving privacy by not sending data to Microsoft servers. The script: Stops Bing web search integration in the Start menu. • Disables recent search suggestions in File Explorer. • Prevents search entries from ...

Disable Bing search in start menu

This script disables the Bing search integration in the Windows Start menu search function. In Windows, typing in the Start menu search box displays results from the web via Bing, in addition to local search results. By preventing the search function from sending queries to Microsoft servers, this script enhances user privacy and optimizes system performance by reducing the search workload. Running this script prevents such web searches by modifying the `HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVe...

Disable biometric logon

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable Bluetooth usage data collection

This script disables the "BthSQM" scheduled task. This task is part of the Bluetooth Customer Experience Improvement Program (CEIP). The BthSQM task collects and sends data about your Bluetooth usage to Microsoft. This data transmission compromises your privacy. Microsoft has suggested disabling this task as an optimization measure for Windows. Disabling this task stops the transmission of your Bluetooth usage data to Microsoft, enhancing your privacy. It may also improve system performance by r...

Disable built-in Windows features

This category configures Windows using 20 scripts. These scripts are organized in 4 categories. The category includes 8 subscripts and 2 subcategories that include more scripts and categories.

Disable catch-up full scans

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Disable catch-up quick scans

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Disable census data collection

This category focuses on disabling Windows Census. Windows Census is a component that collects device configuration data. This configuration data includes your operating system, region, language, and hardware architecture. Microsoft uses this data to determine which updates are appropriate for your system. Disabling Census enhances privacy by preventing the collection and transmission of device data to Microsoft. However, this may affect Windows' ability to provide tailored updates.

Disable Chrome metrics reporting

This script disables Chrome's metrics reporting, enhancing user privacy and system performance. By default, Chrome may send anonymous usage and crash-related data to Google. If no user preference is set, Chrome follows the initial choice made during installation or first run. This script ensures that anonymous reporting of usage and crash-related data is stopped, preventing this data from being sent to Google. Additionally, it locks this setting, making it immutable by users. Disabling this feat...

Disable Chrome system cleanup scans

This script disables Chrome system cleanup scans to enhance user privacy and improve system performance. By default, Chrome Cleanup Tool periodically scans the system for unwanted software and prompts the user for removal. This feature can also be manually triggered from the "chrome://settings/cleanup" page. Running this script stops the Chrome Cleanup Tool from performing system scans and cleanups, which protects your system's information from being analyzed and shared. It also disables the man...

Disable clipboard data collection

This category includes scripts that focus on disabling various aspects of clipboard data collection in Windows. The clipboard is a critical component of the operating system, often containing sensitive data such as usernames, passwords, and other personal information. However, features such as clipboard history and device synchronization can significantly increase privacy and security risks. By default, Windows tends to store clipboard data in an unencrypted format, making it easily accessible t...

Disable clipboard history

This script deactivates the clipboard history feature in Windows, a feature that is enabled by default. Regularly, users copy sensitive data such as usernames and passwords to their clipboard, making clipboard history valuable to attackers for gathering information for post-exploitation activities like lateral movement. Microsoft introduced clipboard history in the Windows 10 October 2018 Update, offering enhanced functionality, including multi-device sync and customizable history management. De...

Disable Cloud Clipboard (breaks clipboard sync)

This script disables the Cloud Clipboard feature, also known as the cross-device clipboard. The Cloud Clipboard, introduced in the Windows 10 October 2018 Update, synchronizes clipboard contents across Windows devices. While this feature enhances usability, it can pose a privacy risk as sensitive information like passwords or credit card details might be inadvertently synchronized and stored on Microsoft servers. Disabling Cloud Clipboard is recommended in secure environments where clipboard dat...

Disable cloud sync

This category configures Windows using 10 scripts. The category includes 10 subscripts.

Disable collection of Edge browsing data for Desktop Analytics

This script configures Microsoft Edge to prevent it from sending your browsing history data to Desktop Analytics. This browsing data can include information from either your intranet or internet history, or both. When you use Microsoft Edge for browsing, it can collect and send your browsing history to Desktop Analytics, a Microsoft service that helps enterprises to analyze and improve their IT environment. If this setting is disabled, Microsoft Edge does not send any browsing history data, ther...

Disable commercial usage of collected data

This protects your privacy by placing a limit on the commercial usage of your data. It manages how Windows diagnostic data is handled by controlling whether Microsoft is a processor or controller for Windows diagnostic data collected from your device. In the default setting, Microsoft operates as the controller of this diagnostic data, thus enabling it to use the data for commercial purposes. This script alters that setting to limit the commercial usage of your data. This script does not affect ...

Disable compatibility adjustment data sharing ("SdbinstMergeDbTask")

This script disables the "SdbinstMergeDbTask" scheduled task. The 'SdbinstMergeDbTask' task merges pending shim application compatibility databases, as described in Task Scheduler (Windows 11 22H2), facilitating the running of older software on newer Windows versions. According to Task Scheduler (Windows 11 22H2), the task utilizes the "sdbinst.exe" tool. This tool is known as the "Application Compatibility Database Installer". It is part of the Application Compatibility Toolkit (ACT). It allows...

Disable connectivity checks

This category contains scripts that disable various connectivity checks performed by Windows. Connectivity checks allow Windows to assess network status and quality. These checks involve communication with Microsoft servers, which may raise privacy concerns. Disabling these checks reduces data sent to Microsoft, potentially enhancing your privacy. Connectivity checks are considered noise because they constantly generate small amounts of network traffic. Noise in networking refers to exce...

Disable Copilot access

This script disables Copilot access on your computer, enhancing your privacy. It prevents the Copilot feature from activating or being suggested for use locally. When activated, Copilot can access and process a vast array of personal data, potentially leading to privacy concerns. By setting your local user's eligibility status to "ineligible" this script effectively removes the possibility of Copilot being automatically offered or activated on your system. It works by adjusting the `HKCU\\Softwar...

Disable Copilot auto-launch on start

This script stops the Copilot feature from automatically starting up with Windows, providing a more controlled and resource-efficient computing experience. With the release of Windows 11 builds 25992 (Canary) and 23615 (Dev), users encountered a new functionality that would auto-launch Copilot on wider screens. This script modifies the "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Notifications\\Settings!AutoOpenCopilotLargeScreens" registry key to configure this setting. This script ensures Co...

Disable Copilot feature

This script deactivates the Windows Copilot feature, enhancing user privacy and potentially improving system performance. By default, Copilot is enabled and appears on the taskbar when available. Disabling Windows Copilot prevents it from appearing on the taskbar and stops it from functioning. This action is useful for users who prioritize privacy and system performance, as it eliminates a potential channel for data sharing with Microsoft servers and reduces the attacks on language models. Read ...

Disable Copilot in Edge

This category contains scripts to disable Copilot features in Microsoft Edge. Copilot, initially known as Bing Chat, integrates generative AI into Edge. Despite its capabilities, it raises significant privacy and security concerns: Microsoft may retain chat data, which could include sensitive information. It also collects personal data, such as URLs, page titles, user queries, and browsing context. Language models like those used in Copilot are susceptible to specific attacks and vulnerabiliti...

Disable Cortana activity history

This category focuses on preventing Cortana from storing and displaying user interaction history. When enabled, Cortana collects data on user activities, such as interactions with the assistant and search queries, to personalize the user experience. This collection can be a privacy concern as it involves the retention and potential analysis of personal behavior patterns. By disabling this feature, users can prevent their activity history from being used for customization or other purposes, there...

Disable Cortana data collection

This category targets the reduction of Cortana's data collection practices. Cortana, Microsoft's digital assistant, integrates deeply with Windows Search to provide personalized assistance based on user data. By disabling Cortana's data collection features, this category aims to enhance user privacy by preventing the sharing of sensitive information with Microsoft. The scripts within this category provide users with the tools to limit Cortana's reach into their personal data, thereby fostering a...

Disable Cortana experience

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable Cortana voice listening

This category is designed to stop Cortana from listening for voice commands. By default, Cortana can actively listen for voice input, which may include capturing and processing speech patterns and potentially sensitive spoken content. This capability raises privacy issues as voice data is often processed and stored remotely. Disabling Cortana's voice listening features ensures that conversations or background noises are not inadvertently recorded or analyzed, providing users with a greater level...

Disable customer experience data consolidation

This script disables the "Consolidator" scheduled task. The "Consolidator" task is a part of the Windows Customer Experience Improvement Program (CEIP). When enabled, this task collects and sends usage data to Microsoft. Introduced in Windows Vista, this task is present in later Windows versions. Disabling this task offers several benefits: Microsoft states that disabling this task stops Windows data collection. The governments of Poland and Argentina recommend disabling it for privacy Microsoft...

Disable customer experience data uploads

This script disables the "Uploader" scheduled task. This task is part of the Windows Customer Experience Improvement Program (CEIP). The Uploader task transfers CEIP data to Microsoft. The data is sent every 19 to 24 hours. Disabling this task prevents automatic sharing of your usage data with Microsoft, enhancing your privacy. The Government of Vietnam recommends disabling this task to reduce data collection. Disabling the task may also improve system performance by reducing background processe...

Disable Customer Experience Improvement Program

This script disables the Windows Customer Experience Improvement Program (CEIP). CEIP collects user interaction data with Windows. This includes hardware configurations (e.g., processor count, screen resolution), system performance, reliability metrics, and user behaviors like folder creation on the desktop. It also tracks usage of features such as the Event Viewer and Remote Assistance. Collected data is used by Microsoft to identify software trends and user patterns. This data is stored on Mic...

Disable Customer Experience Improvement Program data collection

This script disables the Windows Customer Experience Improvement Program (CEIP). CEIP collects details on users' hardware setups and software usage to analyze trends. Disabling CEIP through this script means all users on the computer are opted out. This enhances privacy by ensuring that data is neither stored locally nor shared with Microsoft. Additionally, turning off CEIP improves system performance by reducing background data collection. Security frameworks such as the CIS Center for Internet...

Disable Customer Experience Improvement Program data uploads

This script disables the upload of data to Microsoft's Customer Experience Improvement Program (CEIP). By stopping this data upload, you gain greater control over your personal information and ensure that your usage habits remain private. Additionally, this action can boost system performance by reducing unnecessary data transmission. This script modifies the Windows Registry key "HKLM\\Software\\Microsoft\\SQMClient!UploadDisableFlag". This change effectively prevents user data from being transmit...

Disable daily compatibility data collection ("Microsoft Compatibility Appraiser" task)

This script disables the "Microsoft Compatibility Appraiser" scheduled task. The "Microsoft Compatibility Appraiser" is a default scheduled task in Windows. It collects program telemetry information for participants in the Microsoft Customer Experience Improvement Program, and it maintains this data collection across computer reboots. Running at least daily, this task assesses your system's eligibility for Windows 11 upgrades. By disabling this task, the script helps in optimizing computer perfo...

Disable Defender

This category offers scripts to disable Windows security components related to Defender. Defender is also referred to as Microsoft Defender or Windows Defender. Although designed to protect you, its features may compromise your privacy and decrease computer performance. Privacy concerns include: This allows Microsoft to collect and potentially access your sensitive information. This prevents users from controlling what data Microsoft collects about them. This discourages users from using...

Disable Defender Antivirus

This category provides scripts to disable Defender Antivirus. Defender Antivirus, integrated into Windows, provides protection against viruses, ransomware, and other types of malware. Disabling Defender Antivirus may improve system performance and privacy by stopping related data collection However, disabling it may severely compromise your system's security if not complemented by proper security practices. Carefully consider the trade-off before proceeding. Defender Antivirus comes with fol...

Disable Defender Antivirus "Block at First Sight" feature

This script disables the "Block at first sight". Block at first sight is Defender Antivirus feature. It protects against threats by quickly detecting and blocking new malware. When Defender Antivirus encounters a suspicious file it can't identify, it consults its cloud protection backend. The cloud backend uses heuristics, machine learning, and automated analysis to identify malicious files. This back-end is part of Cloud Protection. It is also known as Microsoft Active Protection Serv...

Disable Defender Antivirus "Extended Cloud Check" feature

This script disables the extended cloud check feature in Defender Antivirus by reducing its timeout. The extended cloud check is a Defender Antivirus feature. It allows Defender to block a suspicious file for up to 60 seconds while it is scanned in the cloud to verify its safety. This script reduces the extended cloud check timeout to 0, effectively disabling the feature. This maintains the standard (default) time, which is 10 seconds. This feature is part of Microsoft MAPS, also known as SpyNet...

Disable Defender Antivirus aggressive cloud protection

This script disables the aggressive cloud protection setting in Microsoft Defender Antivirus. Cloud protection delivers faster protection to devices compared to traditional security intelligence updates. It works on different aggressiveness levels in blocking and scanning suspicious files. This feature applies to both Microsoft Defender Antivirus and Microsoft Defender for Endpoint. By default, the protection level is unconfigured. This default state provides the least protection. Th...

Disable Defender Antivirus AMSI provider

This script disables the Antimalware Scan Interface (AMSI) provider for Defender. The AMSI provider is part of the Antimalware Scan Interface (AMSI). AMSI adds security against malicious scripts in Windows. It enables various antivirus programs to scan for script-based attacks. AMSI provides interface to integrate antimalware modules. By default, Defender uses AMSI to block potentially harmful PowerShell scripts, JavaScript, and VBA macros. Windows registers an AMSI provider for Defender A...

Disable Defender Antivirus antimalware engine

This script disables Defender's main virus-scanning component ("MpEngine.dll"). Microsoft refers to this component as Microsoft Malware Protection Engine. This is a core component of Defender Antivirus. It is enabled by default on Windows. It scans, detects, and removes malware using Microsoft's antivirus technology. The engine monitors system activity by: Scanning files, memory, emails, and web downloads • Analyzing system processes and registry keys • Tracking network activity • Collec...

Disable Defender Antivirus automatic file submission to Microsoft

This script disables Defender's automatic submission of file samples to Microsoft for analysis. Automatic file submission is a feature of Defender Antivirus. By default, Defender automatically sends 'safe' file samples to Microsoft for analysis. This action is part of Microsoft's Advanced Protection Service (MAPS). Previously, this service was known as Microsoft SpyNet. It is now referred to as cloud protection. This automatic collection and submission can include your personal i...

Disable Defender Antivirus Azure data collection

This script disables the Azure data collection library by removing "MpAzSubmit.dll" Microsoft refers to this library as the MpAzSubmit Module and Microsoft Malware Protection. This file is responsible for: Sending data to Azure storage • HTTP communications and REST APIs • It logs events and errors This script enhances privacy by preventing Defender Antivirus from sending potentially sensitive data to Microsoft's cloud services. It may also slightly improve boot performance by reduci...

Disable Defender Antivirus boot driver

This script disables the Windows Defender boot driver ("WdBoot") to reduce system monitoring and enhance your privacy and control. This driver is also known as: Windows Defender Boot Driver • Microsoft Defender Antivirus Boot Driver • Early Launch Anti-malware (ELAM) boot driver • Windows Defender ELAM Driver • Microsoft antimalware boot driver • Early Launch Antimalware (ELAM) driver Microsoft introduced this driver as a security feature in Windows 8. As a default component in Windows, the driv...

Disable Defender Antivirus cache maintenance task

This script disables the Defender Antivirus cache maintenance task scheduled task. Microsoft refers to this task as: Windows Defender Cache Maintenance • Periodic maintenance task This task is a Defender Antivirus component. The task is scheduled to periodically maintain the cache used by Defender Antivirus. Cache maintenance involves managing temporary files that Microsoft Defender is either scanning or has quarantined. Disabling this task prevents the system from automatically clearing the...

Disable Defender Antivirus cleanup task

This script disables the Defender Antivirus cleanup scheduled task. Microsoft refers to this task as: Windows Defender Cleanup • Periodic cleanup task This task is a Defender Antivirus component. It is used by Defender to remove unnecessary files, such as corrupted or quarantined items. Disabling this task may enhance your privacy by preserving potentially sensitive quarantined files for manual review and simplifying system activity monitoring. It may also improve system performance by preve...

Disable Defender Antivirus cloud protection

This category contains scripts that disable or limit Microsoft Defender's cloud-based protection features. Microsoft Defender's cloud protection is also known as Microsoft MAPS (Microsoft Active Protection Service) or Microsoft SpyNet. It is an online community that helps detect and prevent the spread of malware. These features automatically collect data and send it to Microsoft. They leverage user data to identify potentially malicious programs, sharing details such as file information, IP addr...

Disable Defender Antivirus cloud protection reporting

This script disables Microsoft Defender's cloud protection reporting. Cloud protection is was previously also known as Microsoft MAPS (Microsoft Active Protection Service). It was previously known as Windows Defender Antivirus Cloud Protection Service and Microsoft Defender Antivirus Cloud Protection Service. It's a feature of Defender Antivirus. This feature creates an online community that helps users address potential threats and prevent new malicious software. Participation in ...

Disable Defender Antivirus cloud-based notifications

This script disables notifications that can turn off security intelligence in Microsoft Defender. This script prevents the antimalware service from receiving notifications to disable individual security intelligence. Security intelligence is updated information that helps antivirus software detect and protect against the latest threats, working with cloud-based protection. The antimalware service, also known as Microsoft Defender Antivirus, is essential to both Microsoft Defender and Microso...

Disable Defender Antivirus command-line library

This script disables "MpClient.dll", the Defender Antivirus command-line library. Microsoft refers to this library as the Client Interface. It's a crucial component of Defender Antivirus. It allows Windows and third-party processes to manage Defender Antivirus. It contains functions for: Scanning for viruses • Detecting threats • Updating the antivirus • Configuring antivirus features • Submitting samples and telemetry data • Managing exclusions and Defender Exploit Guard • L...

Disable Defender Antivirus command-line utility

This script disables the "MpCmdRun.exe" process. This process is also known as the Microsoft Defender Antivirus command-line utility. The utility is part of Defender for Endpoint and Defender Antivirus. It automates Defender Antivirus tasks. It runs scheduled background tasks automatically. It can be used to: Start scans • Start diagnostic tracing • Capture and save network input • Collect diagnostic data • Manage security signatures • Manage quarantined items • Verify Defender...

Disable Defender Antivirus communication module

This script removes the "MpCommu.dll" library, disabling its functionality. Microsoft refers to this library as Communication Module. This library is a component of Defender Antivirus service. It performs several network-related functions: updates and interacting with Windows Update. Communicates with Microsoft servers over HTTP/HTTPS using REST/SOAP APIs and proxy support. • Manages updates, including scheduling and downloading antimalware definition • Submits reports to SpyNet,...

Disable Defender Antivirus copy accelerator library

This script removes the Defender Antivirus copy accelerator library ("MpDetoursCopyAccelerator"). This library is referred to by Microsoft as Malware Protection Copy Accelerator Detours Dll. It is a component of Defender Antivirus service. This component monitors and intercepts file copy operations, potentially blocking the copying of certain files. It optimizes scanning by examining copied files for potential threats after a certain number of files have been transferred. The library use...

Disable Defender Antivirus copy accelerator utility

This script disables the "MpCopyAccelerator.exe" process. This process is called the Microsoft Malware Protection Copy Accelerator Utility. It is part of Defender Antivirus service, introduced in update KB4052623, version 4.18.2201.10 update. It monitors and intercepts file copy operations to enhance security. It logs copy operations and sends the data to Microsoft as part of its Asimov telemetry. Asimov is a Microsoft feedback mechanism that tracks user activity in real time. Th...

Disable Defender Antivirus data storage location

This script removes a configuration value that controls where Defender stores its data. This is a configuration related to Defender Antivirus. Windows configures this setting when installing Defender Antivirus service. It specifies where data, including virus definition databases and other detection files, is installed. It is used by various Defender components like "MpClient.dll", "MpSvc.dll", "MsMpEng.exe" and "MpCmdRun.exe". Deleting this value enhances privacy by preventing these compone...

Disable Defender Antivirus device filter driver

This script disables Defender's device monitoring by removing the driver file "WdDevFlt.sys". Microsoft refers to this file as Microsoft antimalware device filter driver. This driver belongs to Defender Antivirus. It allows Defender to monitor devices you connect, including USB drives, displays, and audio devices. This script improves privacy by: Preventing Defender from monitoring device connections and activities • Reducing tracking of device activity at the system level • Limiting dat...

Disable Defender Antivirus DLP command-line utility

This script disables the "MpDlpCmd.exe" process. The executable "MpDlpCmd.exe" is the Microsoft Endpoint DLP command-line utility. The process is part of Defender Antivirus and Defender for Endpoint. It offers Data Loss Prevention (DLP) features. DLP is designed to prevent unauthorized sharing or leakage of sensitive data. The utility: Monitors and controls data sharing within an organization • Blocks file operations and requires users to justify their actions based on security polic...

Disable Defender Antivirus Endpoint Data Loss Prevention (DLP) module

This script disables "EndpointDlp.dll", the endpoint data loss prevention (DLP) library. This library is part of Defender Antivirus, and belongs to its service component. Microsoft refers to this library as Microsoft Endpoint Data Leak Prevention Library. It aims to prevent sensitive data from leaving an organization's network. It provides functions for process on Windows to monitor and control the flow of data. It allows applications to notify the operating system before and after handl...

Disable Defender Antivirus file activity monitoring

This category contains scripts that disable various file activity monitoring features of Defender Antivirus. These features are designed to protect your system by monitoring file activities, but they may also compromise your privacy and affect system performance. Disabling these components enhances privacy by limiting the collection of data about your system, usage, and files. These scripts may also improve system performance during file operations. However, disabling these features may redu...

Disable Defender Antivirus file activity tracking library

This script removes the "MpDetours.dll" library, effectively disabling its functionality. "MpDetours.dll" is called Malware Protection Detours Dll by Microsoft. It is part of Defender Antivirus service. It is a library designed to offer runtime protection and enforce security policies. The library monitors and controls system operations to prevent unauthorized access and data leaks. It achieves this by intercepting actions and enforcing security policies. It specifically monitors: Contro...

Disable Defender Antivirus file risk estimation library

This script disables the file risk estimation library, "winshfhc.dll". This library is a component of Defender Antivirus service. It is officially named File Risk Estimation. It is responsible for: Generalizing system imaging or deployment • Logging system data • Configuring registry entries for Defender Antivirus • Performing cleanup operations related to Defender Antivirus • Interacting with Windows Security Disabling this library may enhance your privacy by reducing system...

Disable Defender Antivirus interface

This script disables the Defender Antivirus interface. This script keeps the Antimalware User Interface (AM UI) hidden from users. This prevents user interactions with the Defender Antivirus interface. Several reasons to hide the antivirus interface: Minimizing Defender's visible interactions can potentially limit the extent of user data shared with Microsoft, whether you're using Defender or disabling it for an alternative solution. Hiding the interface prevents users from starting and pausing ...

Disable Defender Antivirus license verification

This script disables the license module library of Defender Antivirus. This component is known as the License Module. It is a component of Defender Antivirus service, formerly known as System Center Endpoint Protection. This library manages licensing aspects, such as product validation and configuration management. It is involved in online verification of digital certificates and time stamps. It's also part of Defender Offline's lightweight scanner. By disabling this library,...

Disable Defender Antivirus management

This category contains scripts that disable Defender Antivirus management capabilities. Defender Antivirus uses management features to control how it works, collect system data, and change settings on your device or remotely. These management features let system administrators monitor, configure, and control Defender's behavior across multiple devices. Defender needs these features to perform tasks like automated virus scans. Disabling these management features enhances privacy by: Preventing Wi...

Disable Defender Antivirus minifilter driver

This script disables Defender's core monitoring component that tracks and controls your system activities. This component has several names, including: Windows Defender Mini-Filter Driver • Microsoft antimalware file system filter driver • Microsoft Defender Antivirus On-Access Malware Protection Mini-Filter Driver • Windows Defender Real-Time scanning filesystem filter driver • Windows Defender On-Access Malware Protection Mini-Filter Driver • Microsoft Defender Antivirus Mini-Filter Driver Thi...

Disable Defender Antivirus network inspection service

This script disables the Defender Antivirus Network Inspection Service ("WdNisSvc") and its process, "NisSrv.exe". This service is also known as: Microsoft Defender Antivirus Network Inspection Service • Windows Defender Antivirus Network Inspection Service • Windows Defender Network Inspection Service • NIS This service inspects network traffic to detect known vulnerabilities, aiming to protect against network-based attacks. It is part of Defender Antivirus and Defende...

Disable Defender Antivirus notifications

This category contains scripts to disable various notifications from Defender Antivirus. Defender Antivirus, built into Windows, protects your device from malware and other threats. It analyzes your data using machine learning and cloud-based protection technologies. This data analysis raises privacy concerns. Key features of Defender Antivirus include: Real-time protection against known and new threats • Behavior-based detection to identify suspicious activities Defender Antivirus typically...

Disable Defender Antivirus push notifications

This script disables notifications from Defender Antivirus. By default, Defender Antivirus notifies you of potential threats and system status. This script disables these notifications. Disabling these notifications may enhance privacy by limiting visible information on your system's security status. It may also slightly improve system performance by reducing background processes related to notification display. However, this action may reduce your security awareness, potentially leaving your sy...

Disable Defender Antivirus real-time protection module

This script disables the Defender Antivirus Real-time Protection (RTP) module by removing its core library, "MpRtp.dll". The "MpRtp.dll" library is also known as AntiMalware Realtime Monitor. It is a crucial component of Defender Antivirus. It works with the Microsoft Defender Antivirus Mini-Filter Driver ("WdFilter.sys") to intercept and scan file operations. It functions as the Real-time Protection module. It constantly monitors your system for threats. It includes features...

Disable Defender Antivirus real-time security intelligence updates

This script disables the real-time security intelligence updates in Defender. Real-time security intelligence updates are a feature of Defender Antivirus. They are part of Microsoft Active Protection Service (MAPS). MAPS is also known as Microsoft SpyNet or cloud protection. This service collects and sends personal data and other information to Microsoft. When enabled, if Defender encounters an unknown file and MAPS has new intelligence on a threat involving that file, it immediately...

Disable Defender Antivirus remote commands

This script disables Defender's remote management capabilities. The script specifically targets a component known as the Microsoft Security Client Antimalware Provider. This component allows PowerShell to manage Defender remotely, often through System Center Endpoint Protection (SCEP). Disabling this component enhances your privacy by preventing remote access to your Defender settings and data. It may also enhance system performance by reducing background processes associated with remote...

Disable Defender Antivirus remote configuration

This script disables Windows Defender's ability to receive remote configurations. Windows Defender Management uses this feature to remotely control Defender's behavior. It uses a Configuration Service Provider (CSP) as an interface between the device's settings and specified configurations. CSPs, like Group Policy client-side extensions, enable reading, setting, modifying, or deleting settings for specific features. Mobile device management (MDM) service providers commonly use these CSPs. Disabl...

Disable Defender Antivirus remote experimentation and configurations

This script disables the remote configurations and experimentation features of the Microsoft Defender Core service. It enhances privacy by limiting the data Microsoft collects about your system and usage habits. It may improve system performance by reducing background processes related to these features. Disabling this feature may affect Microsoft's ability to improve the Defender product. This script specifically targets the Microsoft Defender Core Service. This service is a part of Defender ...

Disable Defender Antivirus remote management

This category contains scripts to disable remote management capabilities of Defender Antivirus. Remote management allows administrators or management systems to control Defender settings and receive information remotely. This includes applying configurations, running scans, and collecting device security data. Disabling remote management enhances your privacy by: Preventing remote access to your Defender settings and data. • Reducing the amount of information shared with management systems. • Gi...

Disable Defender Antivirus scheduled scan task

This script disables the Defender Antivirus scheduled scan scheduled task. Microsoft refers to this task as: Windows Defender Scheduled Scan • Periodic scan task This task is a component of Defender Antivirus. It performs automatic regular antivirus scans. Disabling this task may enhance your privacy by giving you more control over when and how often your system is scanned. It may also improve system performance by reducing background processes. However, regular scans are a key part of maint...

Disable Defender Antivirus scheduled tasks

This category contains scripts to disable maintenance tasks of Defender Antivirus. Scheduled tasks are automated operations that Windows runs at specific times or events. Defender uses these tasks to maintain its antivirus service. Disabling these tasks enhances privacy by: Stopping automatic data collection • Giving you control over data collection and deletion Disabling these tasks can also improve system performance by: Reducing background processes • Decreasing boot time • Reducing resou...

Disable Defender Antivirus service

This category disables the Defender Antivirus service and its related components. This service is also referred to as Microsoft Defender Antivirus Service and Windows Defender Service. It is a core component of Microsoft Defender Antivirus, essential for its operation. Using these scripts offers two benefits: Enhanced Privacy: Limits Microsoft's data collection on your files and system activity. • Improved Performance: Reduces system resource usage by limiting background processe...

Disable Defender Antivirus service (breaks "Set-MpPreference" cmdlet)

This script disables the Microsoft Defender Antivirus Service and its associated process ("MsMpEng.exe"). This service is known both as Microsoft Defender Antivirus Service and Windows Defender Service. It is the primary component of Defender Antivirus, essential for its functionality. Disabling this service has the following benefits: It enhances privacy by preventing Microsoft from collecting data about your system and files for malware analysis. • It improves system performance by...

Disable Defender Antivirus service active state

This script disables the running state of the Defender Antivirus service. Setting the service to 'not running' prevents activation of any components dependent on the Defender service (also called the Antimalware Service). This gives you more control over Defender's operations. This script enhances privacy by preventing Defender Antivirus from running in the background, which stops potential unwanted data collection and system scans. It may also boost system performance by stopping Defender A...

Disable Defender Antivirus service always-on state

This script configures Windows to stop the Defender Antivirus service when antivirus protection is disabled. The Microsoft Defender Antivirus service was formerly called the Antimalware Service. This service is one of the core components of Defender Antivirus. It raises privacy concerns because it sends files to Microsoft servers for analysis. By default, Windows stops this service when antivirus features are disabled. This script enforces this default behavior to consistently and persis...

Disable Defender Antivirus service automatic launch

This script prevents the Defender Antivirus service from starting automatically. By default, Windows may automatically start the Defender Antivirus service (also called the Antimalware Service) under specific conditions. This script allows you to control when the service runs. This script enhances privacy by preventing unexpected Defender Antivirus scans and data collection. It may improve system performance by stopping the service from using system resources without your permission. However...

Disable Defender Antivirus service communication with apps

This script prevents Defender Antivirus from communicating with other applications. The script blocks communication by removing components that allow Defender Antivirus to share data with other programs. Windows enables applications to communicate and share data using interprocess communications (IPC). This communication is achieved through the Component Object Model (COM). COM lets programs communicate and share data with other programs. Programs communicate across computer networks. Th...

Disable Defender Antivirus service high-priority startup

This script configures Defender Antivirus to start with a lower priority. By default, Windows runs the Defender Antivirus service (also called the Antimalware Service) with normal priority. This script changes the startup priority to low. This enhances privacy by reducing background scanning and potentially limiting data collection during Windows startup. It may improve system performance by reducing resource usage for the antivirus during startup. Lowering the priority may delay antivir...

Disable Defender Antivirus service in Safe Mode

This script disables Defender Antivirus from running in Safe Mode. Safe Mode is also known as Safe Boot. It starts Windows in a limited state where only essential services and drivers are loaded. By default, the Defender Antivirus service is set to run in this mode. This script improves privacy in Safe Mode by preventing Defender Antivirus from: Collecting system data • Scanning files • Sending telemetry data to Microsoft This also increases system speed in Safe Mode by reducing back...

Disable Defender Antivirus service module

This script disables "MpSvc.dll". Microsoft refers to "MpSvc.dll" as the Service Module. It is part of Defender Antivirus service. It manages essential Defender Antivirus functions, including: Scans: Monitors files in real-time, protects network, manages scans • Updates: Downloads new virus definitions • Threats: Finds and removes malware • Telemetry: Collects and sends data to Microsoft • Integrations: Works with Windows Security Center and antimalware scanning (...

Disable Defender Antivirus taskbar notifications

This script disables Defender Antivirus-related notifications on the Windows taskbar. It removes taskbar integrations (AppUserModelId) for Defender components. AppUserModelIds link processes, files, and windows to specific applications, organizing them on the Windows taskbar, managing Jump Lists, and controlling pinning. This script may enhance privacy by reducing the visibility of antivirus-related information on your desktop. It may also slightly improve system performance by disabling these...

Disable Defender Antivirus telemetry

This script disables telemetry collection by Defender, enhancing user privacy. By default, Microsoft collects telemetry data from Microsoft Defender Antivirus and other Defender software. This data collection is referred to as 1DS telemetry. Microsoft's One Data Strategy (1DS) centralizes and collects telemetry from various Microsoft services and tools. The strategy collects data from various Microsoft services and tools. The Microsoft Defender Core Service collects telemetry for Microsoft Defen...

Disable Defender Antivirus UAC AMSI provider

This script disables the Defender UAC (User Account Control) AMSI (Antimalware Scan Interface) provider. The UAC AMSI provider allows Defender to scan and analyze UAC elevation requests for potential security threats. UAC manages the elevation of privileges for executables, COM objects, MSI packages, and ActiveX installations. UAC elevation on Windows is a security feature that asks for permission before allowing changes that could affect the system's operation. Disabling this provider may enhan...

Disable Defender Antivirus verification task

This script disables the Defender Antivirus verification scheduled task. Microsoft refers to this task as: Windows Defender Verification • Periodic verification task This task is a Defender Antivirus component. It checks for issues with Defender, such as update problems or system file errors. It is also linked to the creation of daily system restore points. Disabling this task may improve privacy by reducing the system state data stored on the device. It may also boost system performance by ...

Disable Defender Antivirus Watson event reporting

This script prevents Defender from sending Watson events to Microsoft. Watson events are automatically sent reports to Microsoft when a program or service crashes or fails. By default, these reports are sent automatically. This script specifically targets reporting behavior of Defender Antivirus without affecting other applications or services that may use Watson events. Disabling Watson events enhances privacy by preventing the automatic submission of potentially sensitive information about...

Disable Defender Antivirus WMI management

This script disables Defender's ability to be managed through Windows Management Instrumentation (WMI). WMI enables the management and automation of tasks on Windows computers. WMI is primarily used for remote management and monitoring but it can also operate locally. Disabling Defender's WMI management enhances privacy by preventing unauthorized remote modifications to Defender settings. It may also improve system performance by reducing background processes related to WMI management. However, ...

Disable Defender Application Guard isolation

This script disables the deprecated Defender Application Guard feature, which isolates applications to enhance security. Application Guard uses Windows Hypervisor to create a secure virtual environment for certain apps. This isolation protects the system kernel and other applications from threats due to improper user interactions or vulnerabilities in isolated apps. Microsoft deprecated the Application Guard feature in 2023 and no longer provides updates. Disabling this feature may improve p...

Disable Defender Application Guard remote configuration

This script disables Defender Application Guard's remote configuration capability. Defender Application Guard uses virtualization to isolate untrusted websites and files. As of 2023, Microsoft has discontinued support and updates for the Application Guard feature. This feature can be configured remotely using tools like Microsoft Intune. Remote management of this feature is done through Configuration Service Providers (CSPs). Disabling this feature enhances privacy by preventing remote modificat...

Disable Defender auto-exclusions

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Disable Defender data collection

This category features scripts designed to reduce or eliminate data collection by Defender. Disabling these features enhances privacy by limiting the information shared with Microsoft. Although Microsoft Defender offers security benefits, it also collects data for analysis, service improvement, and threat detection. However, this data collection may raise privacy concerns for users. The scripts in this category allow you to: 1. Minimize the data sent to Microsoft about your system and Defender u...

Disable Defender Exploit Guard

This category disables Defender Exploit Guard, potentially enhancing privacy and system performance. Exploit Guard is also called Windows Defender Exploit Guard or Microsoft Defender Exploit Guard. This component has been a built-in feature of Windows 10 since version 1709. It's the successor to the Enhanced Mitigation Experience Toolkit (EMET). Exploit Guard uses Microsoft Cloud for machine learning and to check websites and IP addresses. Disabling it may enhance privacy by preventi...

Disable Defender Firewall

This category provides scripts to disable the Defender Firewall. This firewall serves as a security gate for your computer. It controls network traffic to and from a computer. It blocks all incoming traffic by default and allows outgoing traffic. It enables users to block connections. For enhanced security, users can require a VPN for all connections with IPSec rules. This can protect your computer from unauthorized access. Microsoft has renamed the firewall several times to reflect branding cha...

Disable Defender Firewall "Windows Defender Firewall with Advanced Security"

This script disables the Windows Defender Firewall with Advanced Security (WFAS) management interface. The Windows Defender Firewall with Advanced Security (WFAS) is a Microsoft Management Console (MMC) snap-in offering advanced configuration options for your firewall. It can be accessed locally or through group policies by typing "wf.msc" in the Start menu. The Microsoft Management Console (MMC) acts as a toolbox for managing various Windows components, including hardware, software, and...

Disable Defender Firewall Control Panel applet

This script disables the Windows Defender Firewall Control Panel applet, restricting access to firewall settings through this specific interface. The Windows Defender Firewall Control Panel applet is a tool for configuring the Defender Firewall. It can be accessed by typing "firewall.cpl" in the Start menu and pressing Enter. Disabling this applet enhances security by reducing the attack surface and potential vulnerabilities in the firewall's configuration interface. This action preserve...

Disable Defender Firewall services and drivers

This section contains scripts to disable the essential services and drivers of Defender Firewall. Defender Firewall uses services and drivers to operate. Services run background tasks, while drivers help hardware and software communicate. Even with the firewall disabled in settings, its services and drivers continue running, potentially monitoring network traffic and consuming resources. These scripts directly disable these components, bypassing standard Windows settings and their limitations. D...

Disable Defender for Endpoint

This category provides scripts to disable Defender for Endpoint, a security platform that impacts user privacy. Defender for Endpoint is officially known as Microsoft Defender for Endpoint. It was previously called Microsoft Defender Advanced Threat Protection (ATP). It is designed to protect enterprise networks from advanced threats. An advanced threat, also known as an Advanced Persistent Threat (APT), is a type of cyber attack that uses continuous, covert, and sophisticated me...

Disable Defender for Endpoint remote configuration

This script disables remote configuration for Microsoft Defender for Endpoint, enhancing privacy and local control over your device's security settings. Microsoft Defender for Endpoint is a security suite designed to protect devices from cyber threats. Some components are included by default on Windows without requiring user opt-in. Remote configuration allows administrators to manage and update settings across multiple devices. This feature is typically used in work or school environments where...

Disable Defender interface background services

This category provides scripts to disable background services supporting Defender interface elements. These services enable real-time updates and interactions with Defender's security features. Disabling these services may: Reduce system resource usage • Minimize background processes related to the Defender interface • Limit potential data collection associated with Defender's user interface However, this action may also: Prevent certain security notifications from appearing • Limit your ability...

Disable Defender scan options

This category configures Windows using 5 scripts. These scripts are organized in 1 categories. The category includes 3 subscripts and 1 subcategories that include more scripts and categories.

Disable Defender scans

This category configures Windows using 29 scripts. These scripts are organized in 8 categories. The category includes 6 subcategories that include more scripts and categories.

Disable Defender services and drivers

This category configures Windows using 15 scripts. These scripts are organized in 1 categories. The category includes 4 subscripts and 1 subcategories that include more scripts and categories.

Disable Defender Shell Service

This script disables a system service that operates in the background, monitoring your device and providing security notifications. This service is named Defender Shell Service, also referred to as Security Health SSO. It is a component of *Windows Security (formerly Windows Defender Security Center). It operates in the background, scanning your device for threats and sending notifications as necessary. The service is associated with the "SecurityHealthSystray.exe" process, which...

Disable Defender System Guard

This category disables Defender System Guard, a security feature in Windows. This feature is referred to as Windows Defender System Guard, System Guard, and internally within Microsoft as Octagon. Introduced in Windows 10, version 1709, it is a set of system integrity features. System Guard acts as an anti-tampering mechanism. It is a Windows component that protects system integrity during startup and runtime. It is included as part of the Defender for Endpoint suite. It ...

Disable Defender updates

This category configures Windows using 15 scripts. These scripts are organized in 2 categories. The category includes 4 subscripts and 1 subcategories that include more scripts and categories.

Disable Desktop Analytics telemetry

Desktop Analytics is a cloud-based service that provides insights about Windows devices in an organization. The service provides insight and intelligence from user data. Desktop Analytics collects diagnostic data from enrolled Windows devices and sends it to Microsoft cloud services. It creates an inventory of apps running in an organization. This data provides insights about application compatibility and pilot identification to help IT administrators in organizations evaluate the readiness and ...

Disable device and configuration data collection tool

This script prevents the execution of "devicecensus.exe", also known as the "device and configuration data collection tool". This tool is located at "%SYSTEMROOT%\\System32\\DeviceCensus.exe" and is responsible for gathering data used for compatibility updates. Disabling this tool helps keeping the device's data private and preventing its usage for diagnostic collections or determining update applicability.

Disable device sensors

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable diagnostic and usage telemetry

This script improves your privacy by blocking the transmission of diagnostic and usage telemetry data from your Windows device. This includes data about your device's usage, app compatibility, and system performance, which can be sensitive in nature. By stopping this data from being sent, you reduce the amount of personal information that could potentially be accessed by third parties. The script works by configuring the Group Policy Object (GPO) and Local Policy preferences, which essentially g...

Disable diagnostics data processing for Business cloud

This script controls whether diagnostic data from your device is processed by Windows Update for Business cloud. If enabled, the script can enhance privacy by ensuring that diagnostic data from your device is not processed by the Windows Update for Business cloud (WufB), an update management service provided by Microsoft. This service typically helps businesses manage updates on their devices efficiently. But if privacy is a concern, you can opt to disable it. The policy is applicable to devices...

Disable Diagnostics Hub log collection

This script disables log collection by the Diagnostics Hub in Visual Studio. The Diagnostics Hub is a feature that allows running multiple performance analysis tools simultaneously. This feature collects extensive data including CPU usage, user interface responsiveness, and energy consumption.. It presents data from multiple tools on a shared timeline, showing relationships between different performance metrics. The Diagnostics Hub collects additional logs. Microsoft recommends stopping this col...

Disable disk diagnostic data collection

This script disables the "Microsoft-Windows-DiskDiagnosticDataCollector" scheduled task. This task collects and sends disk and system data to Microsoft. It primarily affects users in the Customer Experience Program. When this task runs, it: This feature fixes specific computer problems identified by the Diagnostic Policy Service (DPS). Uses the Windows Diagnostic Infrastructure (WDI) Resolution host feature. • It launches the Windows Disk Diagnostic User Resolver Wizard ("dfdwiz.exe"...

Disable disk diagnostic user notifications

This script disables the "Microsoft-Windows-DiskDiagnosticResolver" scheduled task. This task warns users about faults reported by hard disks that support S.M.A.R.T. (Self-Monitoring, Analysis, and Reporting Technology). This task is disabled by default. However, it is automatically enabled by the Diagnostic Policy Service when a S.M.A.R.T. fault is detected. It runs "%SYSTEMROOT%\\System32\\DFDWiz.exe". This executable is known as "Windows Disk Diagnostic User Resolver". Disabling this task e...

Disable Downloaded Maps Manager

This script disables the Downloaded Maps Manager ("MapsBroker") service. This service manages downloaded maps. Disabling this service prevents apps from accessing maps, enhancing privacy by limiting access to sensitive location data Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 22H2) | 🔴 Stopped | Automatic | | Windows 11 (≥ 23H2) | 🔴 Stopped | Automatic |

Disable Dropbox automatic updates scheduled tasks

This script disables the scheduled tasks that Dropbox uses to trigger updates. These tasks, named "DropboxUpdateTaskMachineUA" and "DropboxUpdateTaskMachineCore", are referred to as "Dropbox Update tasks" by Dropbox. Disabling these scheduled tasks can further enhance privacy and optimize system performance. Dropbox disables these tasks for enterprise installations by default. Overview of default task statuses - "\\DropboxUpdateTaskMachineCore" (tested on Dropbox version 184.4): | OS Version ...

Disable Dropbox background automatic updates

This category focuses on disabling continuous background processes related to automatic updates of Dropbox. Although these processes are intended to keep Dropbox up to date, they can be intrusive and use system resources unnecessarily. Disabling them does not prevent updates, but stops the automatic background processes that are running constantly, contributing to both privacy and system optimization. Users have to manually update Dropbox to ensure they have the latest version and security featu...

Disable e-mail scanning

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Disable Edge "Find on Page" data collection

This script stops Edge from sending data to Microsoft during 'Find on Page' searches, enhancing privacy. 'Find on Page' allows users to search for text on a webpage, highlighting matches and suggesting related terms. This feature sends data to Microsoft for processing. This data transmission is enabled by default. The data includes the text of the webpage, search terms, and a service token. Sharing browsing and search history may expose data to third parties. After applying this script, the 'Fin...

Disable Edge (Legacy) Books telemetry

This script prevents Microsoft Edge (Legacy) from sending additional telemetry data from the Books tab. By default, Edge collects basic telemetry data based on your device settings. This script ensures that only this basic telemetry is collected, and no extra data is transmitted when accessing the Books feature. This script configures the "EnableExtendedBooksTelemetry" Edge policy. This script only applies to Edge (Legacy) and does not impact newer versions of Edge.

Disable Edge (Legacy) Live Tile data collection

This script disables Live Tile data collection in Edge (Legacy). Live Tiles, a feature within UWP apps, automatically collect and display updated information directly on the Start menu, without opening the app. The Live Tiles feature, once available on Windows 8.1 and 10, has been replaced by the Widgets feature in Windows 11. By default, pinning a Live Tile to the Start menu allows Microsoft Edge to collect and send metadata to Microsoft. This script prevents Edge from sending this meta...

Disable Edge (Legacy) search suggestions

This script disables the search suggestions feature in the Address bar of Edge (Legacy). By default, typing in the Address bar of Edge (Legacy) displays search suggestions, potentially compromising privacy by sending typed data to Microsoft. This script prevents such data sharing by disabling the search suggestions feature. As a result, users will no longer receive search suggestions when typing in the Address bar, thereby enhancing privacy. Disabling this feature reduces potential privacy risks...

Disable Edge (Legacy) SmartScreen

This script disables the SmartScreen feature in Edge (Legacy). Edge (Legacy) uses the Windows Defender SmartScreen by default to protect users from phishing scams and malicious software. This feature is enabled by default and cannot be turned off by users. This script disables SmartScreen and prevents users from turning it back on. As a result, users will not receive alerts about potential threats. Disabling this feature reduces potential privacy risks by preventing data sharing. This may also i...

Disable Edge address data storage

This script disables the AutoFill feature for addresses in Microsoft Edge, ensuring that address data is not stored or automatically completed in web forms. The AutoFill feature, by default, allows users to quickly complete address forms using previously stored information. Running this script results in: No new address information being saved. • AutoFill not suggesting or filling in any previously stored address information. • AutoFill remaining inactive for address forms, except in payment and...

Disable Edge Adobe Acrobat subscription ads

This script removes the Adobe Acrobat subscription button from Microsoft Edge's PDF viewer. In 2023, Microsoft integrated Adobe's PDF viewer into Edge and added a subscription button for purchasing Acrobat services. This button is visible by default and prompts users to subscribe to Adobe Acrobat, offering access to premium features. This script conceals the subscription button, thus preventing direct prompts to purchase Adobe's premium services from the PDF viewer. This action creates a cleaner...

Disable Edge ads

Overview - This category blocks several types of advertisements in Microsoft Edge, such as promotional suggestions, notifications, and recommendations. Impact - Provides a cleaner, less distracting browsing experience. Enhances privacy by reducing potential tracking mechanisms. Improves system performance by reducing unnecessary processing. User Experience: • Privacy: • Performance: Scope - Disables only those ads that can be suppressed without affecting other features. Blocks ads se...

Disable Edge and WebView2 automatic updates

This category encompasses scripts that disable automatic updates for Microsoft Edge and its WebView2 component. Disabling updates for Edge and WebView2 prevents automatic download and installation of new versions and patches. Both Edge and WebView2 share the same mechanisms for updates. This mechanism is a way Microsoft collects user data. WebView2 uses Edge technologies to render web content within applications. It's widely integrated across various software products. This widespread integratio...

Disable Edge automatic startup

This script disables the Startup Boost feature in Microsoft Edge. Startup Boost enables Edge to launch more quickly by allowing certain processes to start at OS sign-in. It keeps running in the background even after all browser windows are closed. While this can decrease the browser's start time, it might also pose privacy and security risks. Disabling this feature prevents Edge from starting automatically with your computer, enhancing privacy by stopping the background processes that could tran...

Disable Edge automatic update checks

This script stops the Microsoft Edge Update agent from automatically checking for updates. This script prevents the Microsoft Edge Update agent from performing any automatic update checks. This includes updates for all Edge applications, including WebView2. Disabling these updates enhances privacy by eliminating the regular network activity initiated by Microsoft Edge Update. It can also improve performance due to the reduction of background network operations. If you choose not to run this scri...

Disable Edge automatic update scheduled tasks

This script stops Microsoft Edge from updating automatically by disabling specific scheduled tasks. Specifically, it targets two tasks: "MicrosoftEdgeUpdateTaskMachineCore" • "MicrosoftEdgeUpdateTaskMachineUA" These tasks: Start Edge at logon • Run updates at least every hour • Update Edge and its WebView2 components Disabling these tasks: Enhances privacy by preventing automatic data transmission for updates. • Improves system performance by reducing background tasks. • Reduces your attack surf...

Disable Edge automatic update services

This script disables services responsible for automatically updating Microsoft Edge. It disables the "edgeupdate" and "edgeupdatem" services. These services keep your Microsoft software up to date. Disabling these services: Enhances privacy by stopping automatic data transmission, preventing background data collection. • Improves system performance by reducing background processes. • Allows more control over which updates are installed. Keep in mind: Security vulnerabilities and issues in Edge w...

Disable Edge automatic updates across all channels

This script prevents Microsoft Edge from automatically updating across all channels. Microsoft Edge offers four update channels—Stable, Beta, Dev, and Canary—each designed with different stability levels and update frequencies. This script disables updates for all of these channels. This script applies only to Windows devices within a Microsoft Active Directory domain or managed in similar way. It is effective only on computers under organizational management, such as those in workplaces or scho...

Disable Edge Bing ads

This script blocks all advertisements on Bing when using Edge, enhancing the search experience by eliminating interruptions and unwanted content. By default, "bing.com" displays ads within search results. This intrudes on privacy by tracking user behavior. This script blocks these ads, providing a cleaner and more private search environment. It also sets the SafeSearch filter to 'Strict'. This limits adult content for safer browsing, particularly in educational settings. The 'Strict' setting may...

Disable Edge Bing suggestions in address bar

This script disables suggestions from Microsoft Search in Bing within the address bar. This enhances privacy by reducing unsolicited data sharing with Bing. By default, Microsoft Edge may display results powered by Microsoft Search in Bing within the address bar suggestions. This occurs even if Bing is not the default search provider. This feature can raise privacy concerns, as it involves sending query data to Bing. This script stops the display of Microsoft Search in Bing suggestions in the ad...

Disable Edge browsing history collection for ads

This script stops Microsoft from personalizing ads and content using your browsing data across its services, thereby enhancing your privacy. Microsoft Edge collects and transmits your browsing history, favorites, usage data, and other web activities to Microsoft. This data is used to personalize advertisements and content to your interests. This information is shared with other Microsoft services, such as Microsoft Edge, Bing, and News. For instance, based on your activity, Microsoft may show yo...

Disable Edge Collections feature

This script disables the Collections feature in Microsoft Edge. By default, if this script is not executed, users can access and use the Collections feature in Microsoft Edge. The Collections feature in Edge compiles and manages web content—articles, images, and videos—for activities like shopping, trip planning, or research. This feature syncs across devices when logged into Microsoft Edge, keeping your collections updated no matter where you access the browser. The Collections feature enables ...

Disable Edge Copilot access on new tab page

This script disables the Copilot access on the new tab page of Microsoft Edge. Originally known as Bing Chat, Copilot is a generative AI solution developed by Microsoft, integrated directly into the Edge browser. By default, the new tab page in Edge features two access points to Copilot: within the search box and in the Bing Autosuggest drawer upon clicking. Without this script, these Copilot entry-points remain active, offering AI-driven assistance directly from the new tab page. Running this s...

Disable Edge Copilot and Hubs Sidebar

This script enhances your privacy and system performance by disabling multiple linked features in Microsoft Edge. This script primarily disables the Hubs Sidebar. This is a launcher bar on the right side of Microsoft Edge's screen. By default, the Sidebar is visible, but running this script will permanently hide it. Disabling the Hubs Sidebar also deactivates the following features: This feature was known as Bing Chat, Discover in Edge, Bing Discover, Discover app, *Discover experien...

Disable Edge Copilot browsing data collection

This script limits data access for Copilot in Microsoft Edge to enhance user privacy. This script blocks Copilot's access to web pages in the Edge sidebar. This stops Microsoft from collecting page contents, browser history, and user preferences. Otherwise, this data would automatically be sent to Bing. This setting is specific to Microsoft Entra ID profiles, previously called AAD profiles. Additionally, this script applies to "Copilot with Commercial Data Protection" By default, Copilot has acc...

Disable Edge diagnostic data sending

This script disables the sending of diagnostic data in Edge. This script blocks all diagnostic data related to your browser usage, including websites visited, feature usage, and browser configuration. Disabling this telemetry reduces potential privacy risks by preventing data sharing with third parties. This may also improve system performance by reducing processing workload. This script configures the "DiagnosticData" policy. Changes will take effect after restarting the browser.

Disable Edge experimentation and remote configuration

This script disables the Experimentation and Configuration Service in Microsoft Edge, effectively stopping automatic updates and data exchanges that are typically used for testing new features and optimizing the user experience. This service sends payloads to Edge that may contain experimental features and settings recommendations designed to improve user experience. It may also change the browser's behavior on specific websites, for example, by overriding the User Agent string. By default, the ...

Disable Edge external connectivity checks

This script disables the automatic use of a web service for resolving navigation errors in Microsoft Edge. By default, Microsoft Edge contacts a web service to diagnose connectivity issues, especially in public networks such as those in hotels and airports. This functionality can unintentionally reveal network-related information, potentially including sensitive personal data. The Center for Internet Security (CIS) recommends deactivating this feature to prevent potential privacy breaches and se...

Disable Edge failed page data collection and suggestions

This script prevents Microsoft Edge from sending data to Microsoft and suggesting alternatives when URLs fail to load. By default, Edge contacts a web service to suggest URLs and searches upon encountering network errors like DNS failures. This feature presents several privacy concerns, including: Exposing the websites a user visits • Redirecting to potentially malicious sites if the service is compromised. Authorities like The Defense Information Systems Agency (DISA) recommend this script for ...

Disable Edge Family Safety settings

This script disables the Family Safety settings in Microsoft Edge. Microsoft Family Safety collects personal information such as names, email addresses, birth dates, and other diagnostic data. By default, Edge features a dedicated family settings page and offers a Kids Mode for safer browsing experiences tailored for children. This script: Removes the Family page from the settings menu, which provides information on features associated with Microsoft Family Safety. • Blocks navigation to the `ed...

Disable Edge feature ads

This script disables promotional notifications and feature recommendations in Microsoft Edge, providing a distraction-free browsing experience. By default, Microsoft Edge may show notifications encouraging users to explore various features, such as using vertical tabs for improved tab management. These notifications typically appear in situations like having multiple tabs open, and can include suggestions to link Edge with a smartphone or to use Bing as a search engine in Chrome. Running this sc...

Disable Edge Feedback

This script disables the Edge Feedback feature in Microsoft Edge, enhancing user privacy by preventing feedback and data from being sent to Microsoft. The feature is enabled by default and cannot be disabled through standard browser settings. When signed into Microsoft Edge with a work or school account, feedback is linked to the user's account and organization, potentially exposing sensitive information. Disabling this feature addresses privacy concerns by ensuring that feedback does not inadve...

Disable Edge Follow feature

This script disables the Follow feature in Microsoft Edge. The Follow feature in Edge allows users to receive updates from influencers, websites, or topics directly in the browser. By default, this feature is enabled. The feature sends the URLs of websites you visit to Microsoft's Bing API, compromising privacy. It risks exposing sensitive information, such as search terms and personal details. It creates a personalized feed in Edge's Collections by collecting browsing data. To protect privacy, ...

Disable Edge in-app support

This script disables the in-app support feature of Microsoft Edge. The in-app support allows users to contact Microsoft support directly from the browser. This feature is enabled by default, activating the Microsoft Rewards experience in Edge. It cannot be disabled by users through the standard browser settings. This feature leads to sharing of browser usage data with Microsoft. Microsoft support agents directly from the browser. Authorities like The Center for Internet Security (CIS) recommend ...

Disable Edge Insider ads

This script disables Microsoft Edge Insider promotions to create a cleaner and more streamlined browser experience. By default, Edge displays content promoting its Insider channels on the "About Microsoft Edge" settings page. Running this script prevents these promotional materials from appearing. Disabling these ads helps maintain a more private and less cluttered browsing interface. Microsoft recommends this script for users who favor a streamlined browser setup without unsolicited suggestions...

Disable Edge Microsoft Rewards

This script disables Microsoft Rewards in Edge. This feature is enabled by default, activating the Microsoft Rewards experience in Edge. Users participating in search and earn markets will notice this feature within their Microsoft Edge user profile. Microsoft Rewards encourages users to earn points through Bing searches, which can be redeemed for items at the Microsoft Store. However, this feature involves tracking user activities, which may pose privacy risks by potentially sharing sensitive d...

Disable Edge payment data storage and ads

This script disables Microsoft Edge's AutoFill feature for payment data and suppresses payment-related advertisements, enhancing privacy by preventing the storage and suggestion of unsolicited financial information. By default, Microsoft Edge allows users to save and autofill payment information, such as credit and debit card details, for quicker transactions in web forms. This script prevents the browser from storing new payment data and stops suggestions for financial instruments like 'Buy Now...

Disable Edge promotional pages

This script disables full-tab promotional content in Microsoft Edge. By default, Microsoft Edge may display full-tab content. These promotions may include product feature highlights, sign-in assistance, default browser selection, or tutorials on new features. This content can include welcome pages and educational material. Running this script modifies the "PromotionalTabsEnabled" policy to prevent Microsoft Edge from showing this type of promotional content. After executing the script, Edge will...

Disable Edge quick links on the new tab page

This script disables the display of quick links on the new tab page in Microsoft Edge. By default, Microsoft Edge displays quick links on the new tab page. This feature provides one-click access to your most frequently visited sites by automatically adding them to this menu. Running this script will hide these quick links and disable the user's ability to modify this setting in the NTP settings flyout. This may reduce convenience as users will need to manually enter website addresses, but it enh...

Disable Edge remote background images on new tab page

This script disables background images recevied by Microsoft servers on new tab. By default, if you do not run this script, all background image types on the new tab page are enabled. It allows using custom image disabling only daily background image type. Disabling this feature removes unecessary network traffic with Microsoft servers that may leak data and your usage of behavior. It also optimizes system by simplifying the browser usage and removing nunnecssary network traffic. This script con...

Disable Edge search and site suggestions

This script disables search suggestions based on typed characters in Microsoft Edge, enhancing user privacy by preventing typed data collection. When you type in the address bar, Microsoft Edge sends characters to Microsoft servers to provide search and site suggestions. This data-sharing feature is enabled by default. Running this script prevents these suggestions from appearing. It ensures your inputs remain private and are not used to generate suggestions or telemetry. Authorities like The De...

Disable Edge Search bar on desktop

This script disables the Search bar feature. This feature is formerly known as Edge bar and Web Widget. This feature allows users to perform web searches directly from their desktop or within applications. The search is powered by Bing, or the default search engine of Microsoft Edge. It provides search and URL suggestions. It also displays personalized news and content such as headlines, weather, sports, traffic, along with some tools. Users can access the Search bar from the "More t...

Disable Edge Shopping Assistant

This script disables Microsoft Edge's shopping features. Microsoft refers to these features as shopping assistant, shopping features, or Microsoft Shopping. These features allow users to compare prices, receive coupons, and use autofill during checkout to speed up the process. They also provide notifications for coupons and rebates when shopping online. Disabling these features addresses several privacy concerns: Microsoft collects extensive data about users' shopping habits and online act...

Disable Edge sign-in prompt on new tab page

This script removes the sign-in prompt from the new tab page in Microsoft Edge to minimize distractions and protect your privacy. By default, Microsoft Edge shows a sign-in prompt on the new tab page, asking users to log in. This prompt, which resembles advertising, can compromise your privacy by encouraging the sharing of personal information. After applying this script, the sign-in prompt will no longer appear on the new tab page. This change leads to a cleaner and more private browsing enviro...

Disable Edge site information gathering from Bing

This script disables the Site Safety Services in Microsoft Edge. By default, this service displays top site information in the page information dialog. Clicking the lock icon in the address bar causes Edge to retrieve detailed site information from Microsoft Bing. Although intended to enhance security by providing detailed website information, this feature also collects data about your visits, posing privacy risks. This script stops Edge from displaying this information, enhancing your privacy b...

Disable Edge SmartScreen

This script disables the SmartScreen feature in Edge. SmartScreen warns against potential phishing scams and malicious software. By default, Microsoft Defender SmartScreen is active, but users can opt out. Once you run this script, Microsoft Defender SmartScreen will be turned off. Disabling this feature reduces potential privacy risks by preventing data sharing. This may also improve system performance by reducing processing workload. While disabling this feature increases user autonomy and pri...

Disable Edge SmartScreen checks on downloads from trusted sources

This script lets you configure whether Microsoft Defender SmartScreen checks download reputation from a trusted source. Edge determines a trusted source by checking its Internet zone. If the source comes from the local system, intranet, or trusted sites zone, then the download is considered trusted and safe. By default, if you do not run this script, Microsoft Defender SmartScreen checks the download's reputation regardless of source. Once you run this script, Microsoft Defender SmartScreen does...

Disable Edge SmartScreen DNS requests

This script stops Microsoft Defender SmartScreen from making DNS requests. By default, Microsoft Defender SmartScreen sends DNS requests to identify potentially harmful websites, like those involved in phishing or malware. Disabling DNS requests stops SmartScreen from obtaining IP addresses, which enhances privacy by reducing IP data sharing. This script also improves security by reducing dependence on DNS servers. Disabling DNS requests mitigates a security risk: if DNS fails to resolve a websi...

Disable Edge SmartScreen for potentially unwanted apps

This script disables Edge's SmartScreen feature that targets potentially unwanted applications (PUAs). Edge's SmartScreen PUA feature aims to protect against adware, coin miners, bundleware, and other low-reputation software. This feature warns users about potentially harmful applications. This feature is off by default. This script keeps the feature inactive, preventing automatic or unintended activations. Disabling this feature reduces potential privacy risks by preventing data sharing. This m...

Disable Edge spotlight recommendations

This script disables spotlight recommendations in Microsoft Edge to enhance privacy protection. By default, Microsoft Edge offers spotlight experiences and recommendations. These include personalized background images, text, suggestions, notifications, and tips based on your browsing activities. These features collect data about you and your interactions with Microsoft services. Disabling these recommendations helps protect your privacy by preventing Microsoft from using your browsing data to pe...

Disable Edge telemetry

This category includes scripts that enhance privacy by disabling Microsoft Edge telemetry. Telemetry is the automatic collection and sharing of data about you and your usage patterns of a software. These scripts prevent the automatic transmission of diagnostic and usage data to Microsoft, optimize system performance by reducing background data transmission, and safeguard personal data by limiting third-party sharing.

Disable Edge top sites and sponsored links on new tab page

This script disables the display of default top sites and sponsored links on Microsoft Edge's new tab page, enhancing privacy by eliminating commercial content and preventing the exposure of your frequently visited sites. By default, Microsoft Edge displays tiles of frequently visited sites, known as top sites, on the new tab page. These sites, saved from your browsing history, facilitate quick access to frequently visited destinations. The display also includes sponsored links, which are advert...

Disable Edge update executable

This script disables the Microsoft Edge Update executable to enhance your privacy and control over system updates. "MicrosoftEdgeUpdate.exe" is responsible for updating Microsoft Edge as part of the Microsoft Edge Update system. It's also responsible for updating Edge WebView2. Blocking this executable: Enhances privacy by preventing communication with the update server. • Increases security by giving you control over software installations. • Boosts system performance by reducing background pro...

Disable Edge WebView and WebView2 updates

This script disables automatic updates for Microsoft Edge WebView components. Microsoft Edge WebView and WebView2 Runtime are components that enable applications to display web content. By default, these components receive updates automatically. Running this script will prevent automatic downloading and application of updates for both older WebView and newer WebView2. This action might lead to compatibility issues with applications relying on the latest features of WebView. This script configure...

Disable enabling of Cortana

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable enterprise/business focused data collection

This category contains scripts to disable data collection capabilities focused on enterprise/business uses. The scripts target various Windows features like Desktop Analytics, Windows Update for Business, and Azure services. These capabilities are meant to provide insights for IT administrators but collect and transmit data from end user devices. By disabling these enterprise/business focused data collection features, you can increase privacy and reduce data sharing from your personal device. Ho...

Disable error reporting

This script disables the Windows Error Reporting (WER) feature. Windows Error Reporting collects and sends error logs from your computer to Microsoft, which can be a potential privacy concern for users. By disabling it, this script ensures that your system errors remain local to your machine and are not sent to external servers. Here's a breakdown of what the script does: 1. Registry Changes: The script modifies specific registry entries to disable the WER functionality and its related setti...

Disable Firefox background browser checks

This script stops Firefox from automatically checking its default browser status and reporting to Mozilla every 24 hours by disabling specific scheduled tasks that initiate Firefox's Default Browser Agent. It protects your privacy by preventing regular data sharing. Overview of default task statuses - "\\Mozilla\\Firefox Default Browser Agent 308046B0AF4A39CB" (tested on version 118): | OS Version | Default status | | ---------------- | -------------- | | Windows 10 22H2 | 🟢 Ready | | Win...

Disable Firefox default browser and system data reporting

This script disables the Firefox Default Browser Agent. The agent collects and sends information about the user's default browser to Mozilla Disabling it halts the transmission of details such as the currently set default browser, the previous one, and the operating system's locale and version number. This enhances privacy by preventing browser preferences and usage data from being shared with Mozilla. The script configures "HKLM\\SOFTWARE\\Policies\\Mozilla\\Firefox!DisableDefaultBrowserAgent" re...

Disable Firefox telemetry data collection

This script disables Firefox's telemetry to prevent the collection and transmission of browser performance and usage data to Mozilla. Disabling telemetry prevents both the storage and transmission of this data, ensuring users' browsing habits remain private. The telemetry is disabled by configuring "HKLM\\SOFTWARE\\Policies\\Mozilla\\Firefox!DisableTelemetry" registry key.

Disable Google automatic updates scheduled tasks (breaks Google Credential Provider)

This script disables the scheduled tasks used by Google to automatically update its software on Windows. The Google Update service creates two main tasks: "GoogleUpdateTaskMachineCore": Initiates automatic updates. • "GoogleUpdateTaskMachineUA": Corresponds to "Updates app". In newer versions of the Google Update service, these task names have random suffixes appended to them. Both of these tasks call the executable file "C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe". This process is of...

Disable Google background automatic updates

This category includes scripts to manage the automatic updates of various Google products in background. These products include Google Chrome, Google Earth, along with other applications. This category aims to give users control over the automatic update processes running in the background, without disabling manual updates or affecting the overall functionality of Google products. Google Chrome checks for, downloads, and installs updates in the background, without requiring user interaction. Thi...

Disable hibernation for faster startup and to avoid sensitive data storage

This script commands your system to deactivate the hibernation feature. Hibernate is a power-saving state that saves your current work and turns off the computer. When your computer hibernates, it saves the contents of its RAM to your hard disk and powers off the machine. Upon starting again, your computer can restore all the open programs and documents from your hard disk to its RAM. If hibernation mode is enabled, sensitive data stored in RAM are be written to disk. The memory can contain priv...

Disable hidden remote file access via administrative shares (breaks remote system management software)

This script improves your privacy and security by disabling Windows administrative shares, which are typically used for remote access to your computer's file system. Windows automatically creates hidden administrative shares, such as "C$" and "D$", that allow system administrators remote access to every disk volume on your computer. These shares are often targeted as potential attack vectors. Disabling administrative shares is generally a good practice for enhancing security. It is recommended b...

Disable iFilters and protocol handlers

This script enhances the security of Windows Desktop Search by restricting the use of iFilters and protocol handlers. These components enhance Windows search capabilities by enabling the indexing of specific file types and the processing of various file protocols. By default, Windows Desktop Search can use any installed iFilters and protocol handlers, which might pose a security risk if untrusted components are used. The script configures the system to only use iFilters and protocol handlers tha...

Disable insecure "DES" cipher

This script disables the "DES 56/56" cipher, also known as DES 56 or 56-bit DES. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Microsoft, NIST (FIPS), CIS, Federal Office for Information Security (BSI), OWASP, and NSA (National Security Agency) consider this cipher weak and either discou...

Disable insecure "DTLS 1.0" protocol

This script disables the DTLS 1.0 protocol. This protocol is identified as "DTLS 1.0" on Windows. It is enabled by default. DTLS (Datagram Transport Layer Security) provides secure communication over the UDP protocol. Based on the TLS protocol, DTLS offers equivalent security measures. Common uses include online gaming, DNS lookups, and VPN services. It is considered insecure and has been deprecated by Microsoft due to its vulnerabilities. It's based on TLS 1.1, which is also deprecated and in...

Disable insecure "LM & NTLM" protocols

This script improves security by setting the LanMan authentication level to send NTLMv2 responses only, refusing LM and NTLM, which are older and less secure methods. While Kerberos v5 is the default authentication protocol for domain accounts, NTLM is still used for compatibility with older systems and for authenticating logons to standalone computers. The script modifies the "HKLM\\System\\CurrentControlSet\\Control\\Lsa!LmCompatibilityLevel" registry key to enforce this security measure.

Disable insecure "MD5" hash

This script disables the use of the "MD5" hash algorithm during the SSL/TLS handshake process. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. This algorithm is vulnerable to collision attacks. This vulnerability enables attackers to spoof content, perform phishing, or execute man-in-the-middle attacks. Conseq...

Disable insecure "NetBios" protocol

This script enhances your network's security by turning off NetBIOS over TCP/IP for all network interfaces. NetBIOS is a protocol primarily used for backward compatibility with older Windows systems. NetBIOS and LLMNR are susceptible to hacking techniques like spoofing and man-in-the-middle attacks, risking your credentials and unauthorized network access. NetBIOS was initially created for communication between applications in small networks. Its lack of authentication makes it easy for attacker...

Disable insecure "NULL" cipher

This script disables the "NULL" cipher. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. This algorithm provides no encryption, leaving data completely unprotected. Authorities like Microsoft, NIST (FIPS), CIS, and Federal Office for Information Security (BSI), NSA (National Security Agency) classify this algor...

Disable insecure "RC2" ciphers

This script disables RC2 ciphers. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Microsoft, NIST (FIPS), CIS, Federal Office for Information Security (BSI), OWASP, and NSA (National Security Agency) classify this algorithm as weak and recommend against its use. By disabling RC2, the script en...

Disable insecure "RC4" ciphers

This script disables the RC4 ciphers. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Microsoft, NIST (FIPS), CIS, Federal Office for Information Security (BSI), OWASP, and NSA (National Security Agency) classify this algorithm as weak and recommend against its use. This script disables these ...

Disable insecure "SHA-1" hash

This script disables "SHA" hash algorithm, also known as Secure Hash Algorithm (SHA-1). This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. This algorithm is vulnerable to collision attacks. This vulnerability enables attackers to spoof content, perform phishing, or execute man-in-the-middle attacks. Consequentl...

Disable insecure "SMBv1" protocol

This script improves network security by disabling the outdated SMBv1 protocol. SMBv1, or Server Message Block version 1, is an outdated network protocol developed for file and printer sharing across networks. This protocol is well-known for its vulnerabilities to cyber attacks. Microsoft deprecated SMBv1 in 2014. Since 2007, newer and more secure versions of this protocol have replaced SMBv1 in modern versions of Windows. It is still enabled by default in older Windows versions. Microso...

Disable insecure "SSL 2.0" protocol

This script disables the SSL 2.0 protocol. This protocol is identified as "SSL 2.0" on Windows, and also known as SSL2. Modern Windows systems no longer include SSL 2.0 due to its security flaws. It was previously enabled by default, posing significant security risks from well-known vulnerabilities. Authorities like NIST (FIPS), NSA (National Security Agency), PCI Security Standards Council, IETF, and Federal Office for Information Security (BSI) recommend disabling this insecure and obsolete ...

Disable insecure "SSL 3.0" protocol

This script disables the SSL 3.0. This protocol is identified as "SSL 3.0" on Windows, and also known as SSL3 or SSLv3. Modern Windows systems disable SSL 3.0 by default due to its security flaws. It was previously enabled by default, posing significant security risks from well-known vulnerabilities, including the POODLE and BEAST attacks. Authorities like NIST (FIPS), IETF, Apple, PCI Security Standards Council, Federal Office for Information Security (BSI), Office of the Chief Information ...

Disable insecure "TLS 1.0" protocol

This script disables the TLS 1.0 protocol. This protocol is identified as "TLS 1.0" on Windows. Although deprecated and unsupported in newer Windows versions, it remains enabled by default in older versions. This protocol has well-documented security vulnerabilities, including security attacks such as BEAST and Klima. Major browsers, including Safari, Firefox, Chrome and Edge, now disable this protocol by default. Authorities like NIST (FIPS), IETF, NSA (National Security Agency), Apple, Mozilla...

Disable insecure "TLS 1.1" protocol

This protocol is identified as "TLS 1.1" on Windows. Although deprecated and unsupported in newer Windows versions, it remains enabled by default in older versions. This protocol contains fundamental well-documented security vulnerabilities. Major browsers, including Safari, Firefox, Chrome and Edge, now disable this protocol by default. Authorities like NIST (FIPS), IETF, NSA (National Security Agency), Apple, Mozilla, Microsoft, Google, PCI Security Standards Council, Federal Office for Inform...

Disable insecure "Triple DES" cipher

This script disables the "Triple DES 168" ("Triple DES 168/168" before Windows Vista) cipher, also known as 3DES, The Triple Data Encryption Algorithm (TDEA) and TDES. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. Authorities like Apple, NIST Federal Office for Information Security (BSI), NSA (Nation...

Disable insecure ciphers

This category improves network security by disabling outdated and less secure cipher suites. Cipher suites are sets of cryptographic algorithms used to secure network connections. They include ciphers, known as bulk encryption algorithms or simply bulk ciphers. Ciphers encrypt messages exchanged between clients and servers. Using outdated cipher suites exposes data to risks of interception and tampering during transmission. Disabling insecure ciphers meets security standards set ...

Disable insecure connections

This category includes scripts designed to enhance users' security and privacy by disabling outdated or vulnerable connections across the system. It safeguards data against interception, unauthorized access, and attacks that exploit outdated technology vulnerabilities, including man-in-the-middle attacks and data breaches. By disabling these insecure connections, these scripts follow cybersecurity best practices and recommendations. Although Windows supports insecure connections for compatibilit...

Disable insecure connections from .NET apps

This script improves security by enforcing secure network connections across all .NET applications. By setting the "SchUseStrongCrypto" configuration, it prevents the use of outdated and insecure connections, including: Protocols weaker than TLS 1.1 and TLS 1.2. • Cipher algorithms such as RC4, NULL, DES, and export suites. • Hash algorithms like MD5. Authorities like Microsoft, and Department of Defense (DoD) recommend this configuration as part of their security guidelines. This script applies...

Disable insecure hashes

This category includes scripts to disable insecure hash algorithms during cryptographic operations. Hash algorithms are essential for internet security, electronic banking, and document signing. Insecure hashes, however, are susceptible to collision attacks. This vulnerability enables attackers to spoof content, perform phishing, or execute man-in-the-middle attacks. Consequently, an attacker could intercept or modify data transmitted over what is believed to be a secure connection, without bein...

Disable insecure protocols

This category focuses on enhancing user privacy by disabling legacy and insecure communication protocols. It targets protocols that expose users to security vulnerabilities due to their outdated nature. Retaining obsolete protocols creates a false sense of security because they may seem secure but are vulnerable to exploitation. Authorities like NIST (FIPS), NSA (National Security Agency), Office of the Chief Information Security Officer, Microsoft, Mozilla, PCI Security Standards Council, the C...

Disable insecure remote administration access

This category improves security by disabling insecure remote administration features. Organizations use remote administration tools to manage multiple systems from a central location, performing tasks such as software updates, system checks, and configuration changes. However, if not properly secured, unauthorized users could exploit these tools to access sensitive data or control systems. This category addresses such vulnerabilities by disabling outdated or insecure remote access methods, thus ...

Disable insecure renegotiation

This script enhances your security by reducing risks associated with secure communications. By running this script, you proactively enhance your online privacy and secure against well-known TLS vulnerabilities. TLS secures internet communications. It allows parties such as browsers and websites to update their encryption settings through renegotiation. Without safeguards, attackers could intercept and compromise these communications. Insecure renegotiation can let attackers hijack communicat...

Disable Internet Explorer Customer Experience Improvement Program (CEIP) participation

This script disables the Customer Experience Improvement Program (CEIP) in Internet Explorer. The CEIP allows users to send information about their use of the software to Microsoft. However, the CEIP does not collect users' personal details like names or addresses, only the IP address used to send the data. By applying this script: Users will no longer be able to participate in the CEIP. • The option "Customer Feedback Options" will be removed from the "Help" menu. This script achieves its purpo...

Disable kernel-level customer experience data collection

This script disables the "KernelCeipTask" scheduled task. This task is part of the Windows Customer Experience Improvement Program (CEIP). Its primary role is to collect and send user usage data to Microsoft when a user consents to participate in CEIP. Disabling this task: Improves system reliability and performance • Reduces data collection by Microsoft, enhancing privacy Governments such as Poland and Argentina recommend disabling this task. Microsoft suggests: Turning off this task can improv...

Disable license telemetry

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable local search history (breaks recent suggestions)

This disables the storage and display of search history in Windows. When executed, the script prevents the operating system from storing search queries in the registry. Consequently, suggestions based on previous searches will no longer appear in the search pane. However, suggestions based on local content from apps or Windows itself will remain available. The National Security Agency (NSA) in the USA recommends this setting for enhanced privacy and security. By default, Windows provides search ...

Disable location

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable location scripting

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable Messaging Service

This script disables the Messaging Service ("MessagingService") service. This service supports text messaging and related functions. Disabling this service improves privacy by reducing how the system processes text messages. Users should consider this action if they prioritize privacy and do not use native text messaging features extensively.

Disable metadata retrieval

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable Microsoft Account Sign-in Assistant (breaks Microsoft Store and Microsoft Account sign-in)

This script disables the Microsoft Account Sign-in Assistant ("wlidsvc") service. This service helps users sign in with their Microsoft account, giving access to Microsoft's services and apps. This service connects with Microsoft's cloud for authentication. Formerly known as the "Microsoft Windows Live ID Service", it supported sign-ins for applications such as Office and Windows Live Messenger. Currently, it uses Microsoft Entra (formerly Azure AD) as identity service. It's used to facilita...

Disable Microsoft Data Loss Prevention (DLP) service

This script disables the Microsoft Data Loss Prevention (DLP) service. The service is known by several names: Microsoft Data Loss Prevention Service • Microsoft Endpoint DLP service • Microsoft Purview Data Loss Prevention Service This service is a component of both Defender Antivirus and Defender for Endpoint. It is also included in the larger Microsoft Purview offering. This service provides DLP (Data Loss Prevention) functionality. It helps prevent unauthorized sharing of sensitiv...

Disable Microsoft Defender Core Service

This script disables the Microsoft Defender Core service ("MDCoreSvc"). The Microsoft Defender Core service is a component of Defender Antivirus. It is included in Microsoft Defender for Endpoint suite.. It contributes to the stability and performance of Defender Antivirus. This script improves privacy by disabling this service. It reduces data collection associated with Microsoft Defender Antivirus and Microsoft Defender for Endpoint. It may also increase system performance by removing ...

Disable Microsoft Office client telemetry

This script disables telemetry data collection in Microsoft Office applications. It improves your privacy by preventing Office from sending usage data and diagnostic information to Microsoft. This data may include details about your Office usage patterns, document content, and system information. The script may also improve system performance by reducing background processes related to data collection and transmission. Technical Details - The script modifies registry settings for multiple Office...

Disable Microsoft Office feedback

This script disables feedback collection in Microsoft Office applications. It enhances your privacy by blocking Office from collecting and sending your usage data to Microsoft. This limits the personal information Microsoft receives about how you use Office. It may also slightly boost system performance by removing background processes that collect feedback. Technical Details - This script configures "HKCU\\SOFTWARE\\Microsoft\\Office\\\\Common\\Feedback!Enabled" registry value. It affects Of...

Disable Microsoft Office logging

This script disables logging and data collection features in Microsoft Office applications. It improves your privacy by preventing Office from recording and potentially sharing information about your usage patterns and document activities. This data may include details about the files you open, edit, or create. The script may also improve system performance by reducing background processes related to logging and data collection. Technical Details - This script affects Office versions from 2013 t...

Disable Microsoft Office telemetry

This category includes scripts that disable various telemetry and data collection features in Microsoft Office applications. Microsoft Office collects telemetry data to improve user experience and product functionality. However, this data collection raises privacy concerns. The scripts in this category aim to enhance user privacy by limiting or disabling the transmission of usage data, diagnostic information, and other potentially sensitive details to Microsoft. Disabling Office telemetry will: ...

Disable Microsoft Office telemetry agent

This script disables the scheduled tasks associated with the Office telemetry agent. The Office Telemetry Agent, introduced in Office 2013, collects and uploads a variety of data for monitoring purposes. This data includes runtime logs, properties of Office documents, and other insights from Office applications. Notably, it can upload file names, paths, and document titles in their original format. The data is stored locally before being uploaded to a shared folder (at `%LOCALAPPDATA%\\Microsoft\\...

Disable Microsoft Retail Demo

This script disables the Microsoft Retail Demo ("RetailDemo") service. This service is used to control device activity when the device is in retail demo mode. For personal use, this service is generally redundant, and disabling it strengthens privacy. By turning off this service, you prevent the potential misuse of demo content and settings, ensuring that your device operates under standard conditions without unnecessary exposure to retail demo features. Overview of default service statuses ...

Disable Microsoft Security Client Policy Configuration Tool

This script disables the "ConfigSecurityPolicy.exe" process. This process is also known as Microsoft Security Client Policy Configuration Tool. It was formerly known as Microsoft Security Client Policy Configure. This tool is part of Defender Antivirus, Defender for Endpoint and the Security Configuration Engine. The Security Configuration Engine handles security configuration requests on Windows. The engine functions as an extension of the Local Group Policy Editor f...

Disable Microsoft Security WFP callout driver

This script disables the Microsoft Security WFP callout driver and its associated files. Microsoft refers to this component as Microsoft Security WFP Callout Driver. This is a kernel-mode driver. Windows uses this driver to monitor and control network traffic for security purposes. It is part of the Windows Filtering Platform (WFP). WFP provides a framework for building network filtering applications. It is used by built-in Defender Firewall to filter network packets. It works on...

Disable non-essential network components

This category focuses on disabling or removal of specific networking features. These are generally considered unnecessary or less secure for most users. Disabling these features contributes to a more secure and privacy-focused environment by eliminating potential vulnerabilities and reducing the system's attack surface. These features may utilize outdated protocols or lack robust encryption and authentication methods, making them vulnerable to cyberattacks. If these features are not essential fo...

Disable non-essential services

This category contains scripts designed to enhance privacy by disabling system services that are not essential for your operating system's core functions. A Windows service is a program that runs in the background, automatically starting and operating without direct user interaction, even when no user is logged in. Disabling these services, especially those transmitting data to external parties or running unseen, significantly reduces the risk of unwanted data exposure. Taking these proactive st...

Disable notifications to antivirus programs for downloaded files

This script prevents Windows from sending file attachments to antivirus programs for scanning when opened. Windows registered antivirus programs for downloaded files from Internet or through e-mail attachments. If multiple programs are registered, they will all be notified. This is disabled by default, so even if you do not configure run this script, Windows does not call the registered antivirus programs when file attachments are opened. If it is enabled, Windows blocks file from being opened w...

Disable Nvidia telemetry

This category configures Windows using 8 scripts. These scripts are organized in 1 categories. The category includes 5 subscripts and 1 subcategories that include more scripts and categories.

Disable Nvidia telemetry scheduled tasks

This category contains scripts that disable Nvidia telemetry tasks. Telemetry tasks are programmed to transmit data, which may encompass system performance details or error reports. By disabling these tasks, you can improve your privacy by ensuring your system's data remains confidential and is not shared with external sources.

Disable obtaining updates from other PCs on the Internet (delivery optimization)

Windows Delivery Optimization is a feature introduced by Microsoft to facilitate a more efficient downloading process for Windows updates, upgrades, and applications. Instead of exclusively relying on Microsoft's servers, this feature identifies other PCs on a user's local network or even across the internet that already possess the desired updates or applications. By breaking the download into smaller segments and fetching each from the fastest and most reliable source, which can include other ...

Disable OneDrive scheduled tasks

This script disables the scheduled tasks associated with Microsoft OneDrive that typically run maintenance activities such as auto-updates and data collection. Disabling these tasks impacts OneDrive's automatic background update process. By default, Windows 10 (since 22H2) and Windows 11 (since 22H2) include the following tasks: "OneDrive Standalone Update Task" • "OneDrive Reporting Task" These tasks are enabled by default and lack official documentation from Microsoft. They can be identified b...

Disable OneDrive usage

This script prevents: Keeping OneDrive files in sync with the cloud. • Users from automatically uploading photos and videos from the camera roll folder. • Users from accessing OneDrive from the OneDrive app and file picker. • Windows Store apps from accessing OneDrive using the WinRT API. • OneDrive from appearing in the navigation pane in File Explorer. Setting "DisableFileSyncNGSC" group policy prevents OneDrive from working on both Windows 10 and 11. Windows 8 uses older "DisableFileSync" key...

Disable online tips

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable OS data collection

This category configures Windows using 153 scripts. These scripts are organized in 33 categories. The category includes 14 subscripts and 13 subcategories that include more scripts and categories.

Disable outdated "Windows Defender Security Center" interface

This script disables outdated Defender Antivirus user interface components. The Windows Defender User Experience Host managed communication between Windows components and apps, including the discontinued Windows Defender Security Center. This interface is not present in modern Windows versions, so this script will not affect recent Windows systems. Disabling this component may enhance privacy on older systems by reducing monitoring and data collection from the Defender components. It helps m...

Disable outdated Chrome Software Reporter Tool

This script blocks the execution of the Chrome Software Reporter Tool, enhancing your privacy by preventing unnecessary data transmissions to Google, and boosting system performance through reduced resource consumption. This tool is also known as the Software Reporter Tool, Software Reporter Tool for Chrome Cleanup, Chrome Cleanup Tool and Software Removal Tool. It exists in Google Chrome versions prior to v111. Newer versions of Google Chrome do not include this tool. This tool scans fo...

Disable outdated Defender Application Guard

This category provides scripts to disable the deprecated Defender Application Guard, a feature originally designed to protect business environments. Defender Application Guard is also referred to as Microsoft Defender Application Guard (MDAG). It was formerly known as Windows Defender Application Guard. It uses hardware isolation to protect against internet-based attacks. It creates Hyper-V-enabled containers to isolate potentially harmful content. MDAG consists of two main components: | Com...

Disable outdated Edge automatic image enhancement

This script disables the automatic image enhancement feature. This feature is present in Microsoft Edge versions 97 to 121. It improves image sharpness, color, lighting, and contrast. This feature uploads viewed images online to Microsoft for processing. Starting with version 122, Microsoft Edge has removed this feature, limiting this script's use to versions 97 to 121. This script configures the "EdgeEnhanceImagesEnabled" Edge policy.

Disable outdated Edge Discover button

This script disables the outdated Discover feature in Microsoft Edge. Initially called Bing Chat or Bing Discover, this feature has evolved into what is now known as Copilot. In recent versions of Edge, the Discover button in the toolbar has been replaced with the new Copilot button. This script is applicable only to versions of Edge between 97 and 105. It disables the obsolete Discover feature and button on older versions of Edge. When enabled, this feature used to send URLs to Microsof...

Disable outdated Edge games menu

This script disables the outdated games menu in older versions of Microsoft Edge. The games menu in Microsoft Edge offers one-click access to various free-to-play casual and arcade games, including Microsoft Solitaire, Microsoft Jewel, Microsoft Mahjong, and the Microsoft Edge Surf Game. In modern versions, this menu is integrated into the sidebar. Disabling the games menu leads to a less cluttered browser interface. Microsoft recommends this script for those favoring a streamlined browser setup...

Disable outdated Edge metrics data sending

This script stops Edge from reporting metrics data. This script stops the reporting of usage and crash-related data. This data includes information about how the browser operates and the causes of any failures. Disabling this telemetry potential privacy risks by preventing data sharing with third-parties. This may also improve system performance by reducing processing workload. This script applies to Edge versions between 77 and 89. It does not affect newer versions of Edge as this settings is d...

Disable outdated Edge site information sending

This script prevents Edge from sending site-related information. This prevents the browser from sending site information used to improve Microsoft services. This may might include URLs and page interaction data. Disabling this telemetry potential privacy risks by preventing data sharing with third-parties. This may also improve system performance by reducing processing workload. This script configures the "SendSiteInfoToImproveServices" policy. Changes will take effect after restarting the brows...

Disable outdated Edge SmartScreen library update

This script prevents specific versions of Microsoft Edge from updating to the newer SmartScreen library. This script reverts Microsoft Edge to the previous SmartScreen library, used before version 103. It blocks Edge from loading the new SmartScreen library ("libSmartScreenN"), which is responsible for checking site URLs and application downloads. By running this script, Edge will utilize the older library ("libSmartScreen"). This script is effective only for Microsoft Edge versions 95 to 107. I...

Disable outdated Internet Explorer SmartScreen

This script disables SmartScreen in outdated versions of Internet Explorer. SmartScreen is also known as the Phishing Filter or SmartScreen Filter. It protects users by identifying and blocking malicious web content. Disabling this feature enhances your privacy by preventing the collection of data related to your browsing habits. It can also increase system performance by reducing the computational overhead required to scan and evaluate web content. However, this may also lower your security...

Disable outdated Internet Explorer SmartScreen Filter component

This script disables the outdated Internet Explorer SmartScreen filter ("ieapfltr.dll"). The "ieapfltr.dll" file is also known as Microsoft SmartScreen Filter or Anti-phishing browser solution. It is mainly used by Internet Explorer. Despite the official end of support for Internet Explorer 11 on June 15, 2022, some systems may still have this component. Benefits: By disabling the SmartScreen functionality that monitors user behavior, this script enhances your privacy. It reduces the att...

Disable outdated non-administrator access to Defender threat history

This script disables privacy mode for Defender scans, limiting threat history access to administrators. By default, privacy mode is enabled. When active, it restricts the display of spyware and potentially dangerous programs to administrators only, instead of all users on the computer. It blocks non-administrators from viewing threat history. This is a legacy setting that only affects older versions of Defender Antivirus. It has no impact on current platforms. Limiting threat history to administ...

Disable outdated SmartScreen settings interface

This script disables the SmartScreen settings interface in older Windows versions. It specifically targets and soft-deletes the "SmartScreenSettings.exe" file. Found only in older Windows versions, including Windows 8. Based on tests, this file does not exist in newer versions such as Windows 11 Pro (23H2) or Windows 10 Pro (22H2) and beyond. The "SmartScreenSettings.exe" is a user interface component that displays settings for the SmartScreen filter. Removing this component may enhance privacy ...

Disable outdated Snipping Tool

This script disables the outdated Snipping Tool. This app is enabled by default. The script modifies the "HKLM\\SOFTWARE\\Policies\\Microsoft\\TabletPC!DisableSnippingTool" registry key, preventing the tool from launching and disabling the print screen key activation. After running this script, any attempt to open the Snipping Tool will show this message, confirming its deactivation (tested on Windows 11 and 10): This script does not affect the new Snipping Tool in Windows 11, only the store app ver...

Disable outdated Windows Update tasks

This script disables older scheduled tasks associated with Windows updates, which are no longer present in Windows versions since Windows 10 22H2 and Windows 11 22H2. The script is compatible with Windows 10 and newer versions, skipping any missing tasks on recent systems. These tasks are linked to specific system files and are involved in various update processes, such as downloading and installing updates, rebooting after updates, and more. Disabling these tasks can help reduce unnecessary sys...

Disable participation in IntelliCode data collection

This script prevents IntelliCode in Visual Studio from collecting data. IntelliCode uses AI to suggest code improvements by analyzing usage and error reports. In scenarios like team model training, user code is shared with Microsoft. Opting out does not affect IntelliCode's local suggestion capabilities. By relying on local data models, this script improves privacy, reducing the amount of data shared with Microsoft. The script works by modifying registry keys to disable the feature that sends da...

Disable participation in Visual Studio Customer Experience Improvement Program (VSCEIP)

This script disables participation in the Visual Studio Customer Experience Improvement Program (VSCEIP), enhancing your privacy and system performance. Previously, VSCEIP was known as "PerfWatson" in Visual Studio. It collects information about errors, hardware specifications, and usage patterns in Visual Studio. This data includes crashes, memory dumps, errors, stack traces, CPU and memory usage, interaction telemetry, and other diagnostic data. The collected information is sent to Microsoft s...

Disable passive connectivity tests (breaks internet connection status)

This script stops passive connectivity checks on your Windows device. Passive connectivity tests are also known as Network Connectivity Status Indicator (NCSI) or passive polling. It tracks the network activity of applications on your computer. This feature is turned on by default. These tests run every 15 seconds by default. They use information from received data, such as recently sent or received packets and their Time To Live (TTL) values, to determine network status. When NCSI fails to ...

Disable peering download method for Windows Updates

This script modifies Delivery Optimization's download method for Windows Updates to disable peering. When this script is run, it sets the download method to "0", which means "HTTP only, no peering". As a result, Windows Updates are downloaded solely from the internet and not from other computers on the network (referred to as "peer-to-peer"). Peer-to-peer is a method where multiple computers share data amongst themselves. For Windows Updates, the default setting is for computers within a network...

Disable personal cloud content search in taskbar

This script disables the integration of personal cloud content in the taskbar search box. By default, Windows Search can access and display results from various Microsoft cloud services, including OneDrive, Outlook, Bing, SharePoint for both personal Microsoft accounts and work or school accounts. This means your personal and work-related files stored on Microsoft's cloud platforms can be searched through the Windows Search interface. While this feature increases convenience, it also poses priva...

Disable PowerShell telemetry

This script configures Windows using Batch (batchfile).It can be restored. It runs "setx POWERSHELLTELEMETRYOPTOUT 1".

Disable Print Screen keyboard shortcut for Snipping Tool

This script prevents the Print Screen key from launching the Snipping Tool. This is the default Windows behavior starting from Windows 11 22H2. The script targets the "HKCU\\Control Panel\\Keyboard\\PrintScreenKeyForSnippingEnabled" registry key. This key toggles the setting "Use the Print screen button to open screen snipping" in the control panel. Changing this setting through the user interface also modifies this registry entry. This key is absent by default in modern Windows versions, confirmed...

Disable printing features

This category configures Windows using 8 scripts. These scripts are organized in 2 categories. The category includes 2 subscripts and 2 subcategories that include more scripts and categories.

Disable privacy-invasive indexing

This category is dedicated to preventing privacy-invasive indexing features within Windows. Indexing can include details from emails, documents, and other files that may contain sensitive information. Scripts in this category limit the exposure of personal data through search functionalities. By controlling what and how information is indexed, these scripts help in protecting user privacy against potential data breaches or unauthorized access.

Disable processing of Desktop Analytics

This script ensures that Microsoft does not process Windows diagnostic data from your device. When activated, it modifies a setting known as the Group Policy object on your device. This object is a set of policies that determine how your system operates. The script disables a policy related to Microsoft's Desktop Analytics service. This service is designed to provide insights into the health and usage of your devices but may involve processing diagnostic data. By disabling this policy, the scrip...

Disable Program Compatibility Assistant (PCA)

This category covers disabling the Program Compatibility Assistant (PCA) in Windows. The PCA is designed to help users run desktop applications created for earlier versions of Windows by tracking and identifying known compatibility issues. When an issue is detected, PCA offers the user a recommended fix to help the app run better on Windows. Privacy Implications: 1. Tracking and Monitoring of Application Activities: PCA tracks the activities and behaviors of applications to identify symp...

Disable program data collection and reporting ("ProgramDataUpdater")

This script disables the "ProgramDataUpdater" scheduled task. This component collects and transmits Application Telemetry information for participants in the Microsoft Customer Experience Improvement Program. Running this script improves privacy and security by limiting data transmission, making it suitable for high-security environments. Recommendations to disable or delete this task have been voiced by both the Polish and Argentine governments. Microsoft acknowledges this task as non-essential...

Disable protocol recognition

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable real-time monitoring

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Disable real-time protection

This category configures Windows using 11 scripts. These scripts are organized in 3 categories. The category includes 5 subscripts and 3 subcategories that include more scripts and categories.

Disable Recall

This script disables the Recall feature to address serious privacy concerns. Recall is an AI feature introduced in Windows 11 on Copilot+ PCs. It is designed to capture and store snapshots of your screen and analyze them. This feature allows users to browse and search their past activities, such as images and text. Recall includes a component called 'screenray'. This component analyzes the snapshot's contents and lets you interact with elements within it. This script will also disable the screen...

Disable recent apps

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable remediation actions

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Disable remote access to search index

This disables remote access to the search index of your computer. By executing this script, other computers will no longer be able to query your computer's search index remotely. This means that when others are browsing network shares on your computer, they cannot use its index for searching. By default, without this script, client computers can search using the host's index, which might pose a privacy concern. Implementing this change is crucial for maintaining both the privacy and security of ...

Disable routine remediation

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable saving of zone information in downloaded files

This script disables marking file attachments by using their zone information. The default behavior is for Windows to mark file attachments with their zone information. The zone information of the origin describe whether the file was downloaded from internet, intranet, local, or restricted zone. It is used by Attachment Manager that is included in Windows to help protect the computer from unsafe attachments that can be received with e-mail message or downloaded from Internet. If the Attachment M...

Disable scan actions

This category configures Windows using 3 scripts. The category includes 3 subscripts.

Disable scan heuristics

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable scanning when not idle

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Disable scheduled anti-malware scanner (MRT)

This script disables the scheduled scans by the Malicious Software Removal Tool (MSRT) provided by Microsoft. Starting from version 5.39 in August 2016, MSRT sends a "Heartbeat Report" to Microsoft every time it runs. This behavior occurs even if certain user preferences like the Customer Experience Improvement Program (CEIP) are turned off or if "DiagTrack" is not on the computer. A record of this "Successfully Submitted Heartbeat Report" can be checked in the MRT log, found at `%SYSTEMROOT%\\de...

Disable scheduled automatic updates

This script turns off the automatic installation of Windows updates that are set to occur at a specific time. By doing this, you take back control over when your computer updates itself. The default behavior is to install updates at 3 AM. Windows updates can be important for system security, but automatic installation could occur at inconvenient times and may even restart your computer without prior warning. This could interrupt your tasks and may send data about your system to external servers....

Disable scheduled full-scans

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable scheduled scans

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable script scanning

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Disable search suggestions

This category focuses on enhancing privacy by disabling various search suggestions in Windows, commonly associated with Cortana. Cortana is a digital assistant integrated into Windows Search, capable of collecting extensive personal data to provide its services. This includes your search queries, contact information, location, voice inputs, browsing history, and details from emails, calendars, and communication history. These scripts are designed to limit the amount of personal data shared with ...

Disable search's access to location

This script blocks both the Windows search function and Cortana, Microsoft's virtual assistant, from accessing your device's location data. By default, Microsoft processes location data, impacting user privacy. The U.S. Internal Revenue Service advises restricting access to this data to improve security, given the sensitivity of location information. Once this script is applied, search and Cortana will no longer be able to provide results based on the user's location, thus enhancing privacy. The...

Disable sections in "Windows Security"

This category provides scripts that let you disable specific sections of the "Windows Security" interface. Windows Security provides a centralized location for managing security settings and viewing system status. This interface was introduced in Windows 10, version 1703. It was previously known as Windows Defender Security Center. Windows Security has various sections, and each can be turned off individually. If all sections are disabled, Windows Security will display in a restricted mo...

Disable Secure Boot driver

This script disables the Microsoft Security Core Boot Driver ("msseccore.sys"). This driver is a kernel-mode component that enforces security policies during the boot process. It was introduced in Windows 11 22H2, starting with Insider Preview Build 25188. It operates as a Secure Boot driver. Secure Boot is a feature that prevents unauthorized software from loading at startup and requires compatible hardware. The driver handles several security-related tasks: A malfunction may cause ...

Disable Security and Maintenance

This category includes scripts that disable various components of the Security and Maintenance feature. Security and Maintenance was previously known as Action Center. This feature provides a central interface for managing Windows security and maintenance settings. It monitors and reports on system health, including security threats, software updates, and hardware issues. Disabling these components enhances privacy by reducing system monitoring and data collection associated with sec...

Disable Security and Maintenance Control Panel applet

This script disables the Security and Maintenance feature in the Windows Control Panel. Security and Maintenance (previously Action Center) is a central interface for managing Windows security and maintenance settings. It controls: Security components such as firewall, Internet security settings, and User Account Control (UAC) • Maintenance features as automatic Maintenance, drive status, and file history This interface also displays relevant notifications. After running this...

Disable Security and Maintenance core library

This script disables the Security and Maintenance library, a core component of Windows security monitoring. Security and Maintenance was formerly known as Action Center. It is a central interface for managing Windows security and maintenance settings. By default, Windows automatically checks for security and maintenance issues and sends notifications via this interface. This script disables the "ActionCenter.dll" library, which is responsible for: Managing security and maintenance notifi...

Disable Security and Maintenance desktop features

This script disables the Security and Maintenance desktop integration in Windows. Windows automatically loads certain applications at startup using Shell Service Objects. These objects are loaded early during startup by "explorer.exe", the core shell for Windows. Shell Service Objects handle tasks like file management, system operations, and user interface interactions. The script removes the Security and Maintenance Shell Service Object. This object shows security and health notificatio...

Disable Security and Maintenance notification integrations

This script disables Security and Maintenance integrations that use Component Object Model (COM). Previously, Security and Maintenance was known as Action Center. Component Object Model (COM) enables communication between software components, whether within the same process, on the same computer, or across different computers. By removing registry entries for these integrations, the script prevents Windows from creating and using COM objects related to Security and Maintenance notifica...

Disable Security and Maintenance notifications

This category includes scripts to disable Security and Maintenance notifications in Windows. Security and Maintenance was previously known as the Action Center or Security Center. It serves as a central interface in Windows for managing security and maintenance settings. It alerts users to important system events, security risks, and maintenance issues. Disabling these notifications may enhance privacy by reducing the visibility of system health and security details. It may also slig...

Disable Security and Maintenance push notifications

This script disables all Windows Security and Maintenance notifications, which may enhance privacy but could potentially impact system security. Security and Maintenance was previously known as Action Center. It offers a central interface to manage security and maintenance settings. It's integrated into the Windows Control Panel. It notifies you about important system events and issues. These notifications are enabled by default. Disabling these notifications may enhance privacy by limit...

Disable Security and Maintenance taskbar notifications

This script disables Security and Maintenance-related notifications on the Windows taskbar. It removes taskbar integrations (AppUserModelId) for Action Center and Security and Maintenance components. Security and Maintenance was previously known as Action Center. AppUserModelIds link processes, files, and windows to specific applications, organizing them on the Windows taskbar, managing Jump Lists, and controlling pinning. This script may enhance privacy by reducing the visibility of s...

Disable security event monitoring

This script disables the Microsoft Security Events filter driver ("MsSecFlt.sys"). This driver is known by different names: Microsoft Security Events Component File System Filter Driver • MSSense: Microsoft Defender for Endpoint for EDR Sensor • Microsoft Security Eve Kernel • Microsoft Security Events Component Minifilter • Microsoft Security Events Component Minifilter driver • "MsSecFlt". It is a minifilter that inspects the file system. Minifilter is also known as file system filte...

Disable security notifications

This category contains scripts to disable Windows security notifications. Windows sends security notifications to inform users of potential threats, vulnerabilities, and important security events. These notifications are generated by security components like Windows Security and Defender Antivirus. Disabling these notifications may: Enhance privacy by reducing visible security-related information on your screen • Improve system performance slightly by preventing these alerts from being processed...

Disable sending device name in Windows diagnostic data

This script enhances privacy by ensuring that the name of your device is anonymized in any diagnostic data collected by Microsoft Desktop Analytics. In other words, instead of your actual device name, "Unknown" will appear in the data. Since the release of Windows 10, version 1803, the device name is not included in the diagnostic data by default. This script guarantees that this privacy-enhancing measure remains in place. When implemented, it changes a specific registry setting, `AllowDeviceNam...

Disable server customer experience data assistant

This script disables the "ServerCeipAssistant" scheduled task. This task is part of the "Windows Server Customer Experience Improvement Program". The main function of this task is to collect and send usage and performance data to Microsoft. It runs without requiring user consent to participate in the CEIP. This task poses a significant privacy concern as it can share sensitive information without explicit user approval. Disabling this task prevents data transmission, aligning with best practices...

Disable server role telemetry collection

This script disables the "ServerRoleCollector" scheduled task. This task collects telemetry data about server roles. Server roles are specific functions a server performs for users and other computers within a network, such as providing web services or handling emails. This task is part of the "Windows Server Customer Experience Improvement Program". Disabling this task enhances privacy by preventing CEIP data collection. Additionally, it may improve system performance. The Citrix optimizati...

Disable server role usage data collection

This script disables the "ServerRoleUsageCollector" scheduled task. The task tracks the types and frequency of server role usage. A server role is a combination of software components that allow the server to perform specific functions for users and other computers on a network. This task is located at "\\Microsoft\\Windows\\Customer Experience Improvement Program\\Server\\ServerRoleUsageCollector". The task runs "%SYSTEMROOT%\\System32\\ceipdata.exe -roleusage". Microsoft describes "ceipdata.exe" ...

Disable server-specific customer experience data collection

This category includes scripts that disable specific scheduled tasks related to the Windows Server Customer Experience Improvement Program (CEIP). CEIP is a voluntary program that collects information about how people use Windows Server. It gathers data on: Configuration settings • Hardware configurations • Usage patterns • Performance metrics Disabling these tasks prevents the system from automatically sending usage and performance data to Microsoft, enhancing user privacy. It may also improve ...

Disable Shadow Copy (breaks System Restore and Windows Backup)

This script disables the Shadow Copy service, known also as the Volume Shadow Copy Service (VSS) or Volume Snapshot Service. This service is integral for system backups and data snapshots. It allows for data recovery and system restore points. Introduced with Windows Server 2003, VSS facilitates backups and system restores without needing to take applications offline. It creates a consistent snapshot of data for backup, supporting functions like archiving, data mining, and disk-to-disk b...

Disable sharing personal search data with Microsoft

This script enhances privacy by limiting what search information is shared with Bing. By default, Search in Windows shares user information, including search history, Microsoft account details, and location data, to personalize search results and other Microsoft services. Executing this script ensures that search history, account details, or specific location data are not sent to Microsoft. Applicable to Windows 8.1 and later, this script is a key privacy measure. It is recommended by the US Dep...

Disable sharing scanned software data with Google

This script stops the Chrome Cleanup Tool from sending scan data to Google, enhancing privacy. By default, when the Chrome Cleanup Tool detects unwanted software, it reports metadata about the scan and the software to Google. The reported data includes file metadata, automatically installed extensions, and registry keys. Users can choose to share cleanup results with Google to enhance future software detection. Disabling this feature reduces potential privacy risks by preventing data sharing. Th...

Disable SmartScreen

This category focuses on disabling the SmartScreen and its features and components. SmartScreen is known also as "Windows SmartScreen", "Windows Defender SmartScreen", "Microsoft Defender SmartScreen", "Phishing Filter", and "SmartScreen Filter". It protects users from phishing attacks, malware websites, and potentially harmful downloads by assessing webpage safety and comparing sites and downloads against lists of known threats. However, it also sends URLs and file information to Microsoft serv...

Disable SmartScreen "App Install Control" feature

This script disables the "App Install Control" feature of SmartScreen. This feature restricts app installations exclusively to those from the Microsoft Store. It displays "The app you're trying to install isn't a Microsoft-verified app" message during app installation. By default, this feature is turned off. Disabling SmartScreen automatically deactivates it as well. This script explicitly deactivates the feature to guarantee it remains disabled. Once disabled, SmartScreen permits users to insta...

Disable SmartScreen checks for apps and files

This script disables the SmartScreen checks for apps and files. SmartScreen protects users by warning them before running potentially malicious programs downloaded from the internet. This warning appears as a dialog box before you run an unrecognized or known malicious app downloaded from the internet. These checks are part of SmartScreen's reputation-based protection. This feature is enabled by default. Microsoft collects data about the files and programs you run when this feature is enabled....

Disable SmartScreen Enhanced Phishing Protection

This category contains scripts to disable SmartScreen's Enhanced Phishing Protection feature, which monitors password usage and sends data to Microsoft. This feature collects information from suspicious websites or apps to identify security threats when users enter their passwords. It was introduced in Windows 11, version 22H2, and is technically identified as "webthreatdefense" (Web Threat Defense). This feature raises several privacy concerns, including: Monitoring of password entries acro...

Disable SmartScreen Enhanced Phishing Protection "password reuse" notifications

This script disables the Warn me about password reuse feature in Defender SmartScreen's Enhanced Phishing Protection. The script prevents SmartScreen from warning users when they reuse their work or school password across different services. The feature aims to encourage users to change reused passwords. This feature is off by default. By explicitly disabling it, the script ensures it remains inactive persistently. This script improves privacy by reducing the password-related data shared...

Disable SmartScreen Enhanced Phishing Protection "potentially malicious" notifications

This script disables the Enhanced Phishing Protection warnings in Defender SmartScreen related to potentially malicious password entry scenarios. By default, these warnings are turned off. This script ensures it remains disabled. Disabling this feature stops warnings from appearing when users enter their work or school passwords into potentially malicious websites or applications. This option is also known as Warn me about malicious apps and sites. It warns users when they enter their wo...

Disable SmartScreen Enhanced Phishing Protection "unsafe apps" notifications

This script disables Defender SmartScreen's Enhanced Phishing Protection feature that warns users about unsafe password storage. This feature warns you when you enter passwords in apps such as Notepad, Word, OneNote, or Excel. This option is known as Warn me about unsafe password storage. By default, this feature is disabled This script explicitly disables this feature to maintain the default behavior consistently. This script enhances privacy by preventing Microsoft from monitoring ...

Disable SmartScreen Enhanced Phishing Protection audit mode

This script disables Enhanced Phishing Protection in Microsoft Defender SmartScreen on Windows. Enhanced Phishing Protection monitors and captures unsafe password entries, sending telemetry data to Microsoft Defender. In audit mode, users are not notified about potential security risks. Running this script fully disables Enhanced Phishing Protection. It will no longer capture events, send telemetry, or notify users. Users will not be able to re-enable it through the graphical interface. This scr...

Disable SmartScreen Enhanced Phishing Protection automatic data collection

This script disables automatic data collection by SmartScreen's Enhanced Phishing Protection. Enhanced Phishing Protection collects additional information when users enter their work or school passwords on suspicious websites or apps. This information may include displayed content, played sounds, and application memory. Microsoft uses this data to enhance SmartScreen's ability to identify malicious websites or apps. This data helps Defender SmartScreen determine if the user entered t...

Disable SmartScreen Enhanced Phishing Protection telemetry

This script disables the Enhanced Phishing Protection telemetry feature in Windows. Enhanced Phishing Protection collects data on phishing attacks to improve Microsoft's security products. It shares this data across Microsoft's security suite, including Microsoft Defender for Endpoint. This feature allows organizations to monitor unsafe password usage through alerts and reports in the Microsoft 365 Defender Portal. This script enhances your privacy by: Preventing data collection and sharing rela...

Disable SmartScreen Enhanced Phishing Protection warnings and prompts

This script disables the user interface for Enhanced Phishing Protection on Windows. Enhanced Phishing Protection is a feature in Windows 11 that aims to protect users from phishing attacks. This feature monitors the passwords you enter and warns you if a site may be malicious. This script prevents Enhanced Phishing Protection from displaying warnings and prompts. It does not stop the underlying monitoring but disables only the visual warnings and prompts. This may enhance privacy perception by ...

Disable SmartScreen Enhanced Phishing Protection Web background services

This script disables the "webthreatdefsvc" and "webthreatdefusersvc" services. These services enhance security by monitoring for unauthorized access to user credentials. However, these services also collect telemetry and sensor data, raising privacy concerns. Disabling these services reduces this data collection, thereby enhancing privacy. Additionally, these services require opening firewall ports and running background services, which may increase your attack surface and reduce security. Disab...

Disable SmartScreen for apps and files

This category includes scripts to disable SmartScreen for apps and files. SmartScreen is a security feature that checks the reputation of apps and files you download or run. It's part of Windows' reputation-based protection system. Key points about SmartScreen for apps and files: It blocks unrecognized apps and files that may be potentially harmful. • It performs reputation checks on downloaded programs and their digital signatures. • If an app, file, or digital signature has an established good...

Disable SmartScreen for Store apps

This category includes scripts to disable SmartScreen for Microsoft Store apps. SmartScreen for Microsoft Store apps is a security feature that: Checks content used by Microsoft Store apps. • Can restrict app installations to only those from the Microsoft Store. • Scans web content (URLs) accessed by Microsoft Store apps. It's part of Windows' broader Reputation-based protection system. Disabling this feature can: Enhance privacy by reducing data sent to Microsoft for content and app checks....

Disable SmartScreen in Microsoft browsers

This category provides scripts to disable SmartScreen in Microsoft browsers. SmartScreen is a security feature in Edge. When you visit websites or download files, SmartScreen checks the reputation of the URL or file. If SmartScreen determines that the site or file is malicious, it blocks access or download. SmartScreen is enabled by default in Microsoft Edge. SmartScreen feature raises privacy concerns because it sends unhashed URLs, downloaded files, applications being run, IP addresses, and th...

Disable SmartScreen integrations

This script disables COM SmartScreen integrations within Windows. SmartScreen is a security feature that aims to protect your device from harmful applications, files, and websites by comparing items with a database of known threats. COM (Component Object Model) objects are software components that let different programs communicate. These integrations allow SmartScreen to interact with various Windows components. Disabling these components disrupts SmartScreen's functionality. This scrip...

Disable SmartScreen libraries

This script disables essential SmartScreen libraries, limiting their functionality and preventing their use by other programs. A library is a set of code and resources that help programs operate. A DLL (Dynamic Link Library) contains code and data that multiple programs can use simultaneously. Disabling these libraries stops SmartScreen operations across applications. This enhances your privacy by eliminating SmartScreen data collection. It improves security by reducing the system's attack s...

Disable SmartScreen process

This script stops the "smartscreen.exe" process and prevents it from running. This process is officially known as Windows Defender SmartScreen. It manages the SmartScreen functionality. Disabling SmartScreen enhances privacy by preventing outbound network connections that transmit your data. Even when disabled, SmartScreen continues running in the background. It also improves system performance by reducing CPU usage. However, disabling the SmartScreen process may compromise your security by re...

Disable SmartScreen system components

This category includes scripts that disable SmartScreen system components. SmartScreen is a security feature in Windows that helps protect your device from potentially harmful applications, files, and websites. Its components run in the background as part of the operating system. Disabling these components may: Improve privacy by reducing data collection used for SmartScreen functionality. • Increase system performance by eliminating background processes. • Enhance security by removing potential...

Disable SmartScreen web content checking for Store apps

This script disables the web content checking feature of SmartScreen for Microsoft Store apps. SmartScreen scans web content (URLs) accessed by Microsoft Store apps to enhance security. SmartScreen is enabled by default. Initially, this feature was known as SmartScreen Filter for Microsoft Store apps. Later, it was renamed to "SmartScreen for Microsoft Store apps". It is part of SmartScreen's reputation-based protection. Disabling this feature enhances your privacy by reducing data shared with...

Disable Snipping Tool keyboard shortcut (Windows logo key + Shift + S)

This script disables the Windows logo key + Shift + S keyboard shortcut. This keyboard shortcut by default launches the Snipping Tool to capture screenshots. During the screenshot process, the screen darkens to indicate the selected area. By preventing Windows Explorer from recognizing this keyboard shortcut, the script enhances privacy by reducing the risk of unintended data exposure through screenshots. This script also disables the Windows logo key + S keyboard shortcut, w...

Disable software compatibility updates ("PcaPatchDbTask")

This script disables the "PcaPatchDbTask" scheduled task. "PcaPatchDbTask" is responsible for periodically updating a specific database that tracks software known to have compatibility issues. When users run a program listed in this database, Windows' Program Compatibility Assistant (PCA) will notify them and suggest a solution to address the compatibility problem the next time the program is started. By keeping this database updated, the PCA can consistently recognize and remedy compatibility c...

Disable SSLv3 fallback

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable startup application data tracking ("StartupAppTask")

This script disables the "StartupAppTask" scheduled task. This task checks auto-start programs at boot-up and alerts if there are excessively many. By disabling this task, you can speed up your computer's startup time and reduce unnecessary data collection. Microsoft itself suggests turning it off to optimize system performance and reduce data collection. Overview of default task statuses - "\\Microsoft\\Windows\\Application Experience\\StartupAppTask": | OS Version | Default status | | ------...

Disable Steps Recorder (collects screenshots, mouse/keyboard input and UI data)

This script disables Steps Recorder on your device. Steps Recorder, formerly known as Problem Steps Recorder, is a tool that records the actions taken on a computer, including keyboard and mouse inputs, user interface interactions, and screenshots with every click.This tool is used to diagnose and troubleshoot problems by capturing the exact steps taken when an issue occurs. The data collected by Steps Recorder can be sent to Microsoft or third-party developers, potentially revealing sensitive u...

Disable Sync Host

This script turns off the Sync Host ("OneSyncSvc") service. This service syncs mail, contacts, calendars, and other user data across devices and apps. Disabling this service stops the automatic sharing of personal information, enhancing privacy. This script is recommended for individuals prioritizing the security of their personal data over the functionality of data synchronization.

Disable synchronization of mail, contacts, calendar, and user data

This category contains scripts that improve privacy by turning off services that synchronize mail, contacts, calendars, and other user data. Turning off these services stops the automatic sharing and storing of personal information across devices and apps, crucial for privacy.

Disable System Guard communication hub

This script disables the System Guard Runtime Monitor Broker service and its associated process. The System Guard Runtime Monitor Broker service monitors and verifies Windows platform integrity. It handles attestation and reporting functions. It assists assertions of System Guard Runtime Monitor (SGRM). This enables management systems such as Intune and SCCM to collect integrity data. It supports remote actions such as blocking access to compromised devices. The service manag...

Disable System Guard kernel monitoring

This script disables the System Guard Runtime Monitor Agent, a kernel driver within Windows' security infrastructure. The System Guard Runtime Monitor Agent is a kernel-mode component of System Guard that runs in the Secure Kernel. The Secure Kernel operates in a more secure and isolated environment called "VTL1" (Virtual Trust Level 1), while the normal NT kernel runs in a virtualized environment called "VTL0". This separation adds another layer of security. It provides essential fu...

Disable System Guard rule definitions

This script disables System Guard security checks, also called assertions. System Guard assertions are measurements of sensitive system properties in real time. They help detect subtle security threats by assessing the system's security. However, this monitoring may compromise privacy by sharing system health data with external services. This script enhances privacy by preventing the sharing of system health data. It may also improve performance by reducing the overhead from security checks....

Disable System Guard rule scanner

This script disables the Secure Enclave, a component of the System Guard feature in Windows. The Secure Enclave is also known as the assertion engine. It continuously monitors and checks system integrity during runtime, assessing the system's security state. It is a core component of System Guard. This engine can send collected data to cloud or third-party providers. This script enhances privacy by preventing system integrity data from being shared externally. It may also imp...

Disable System Guard sandbox monitoring

This script disables the System Guard Runtime Monitor LPAC (Least-Privileged AppContainer) process. This process is part of the System Guard Runtime Monitor (SGRM) functionality. SGRM is a Windows security feature that monitors the system for potential tampering. • LPAC (Least-Privileged AppContainer) means this component operates in a restricted environment for enhanced security. Its exposes information through: RPC allows different software programs to communicate, even if they...

Disable System Guard startup verification

This script disables System Guard Secure Launch, a security feature in Windows. Secure Launch is also known as Virtualization Based Security (VBS) or firmware protection. This feature enhances startup security on Windows systems. It was initially introduced in Windows 10 version 1809. It protects the Virtualization Based Security (VBS) environment from vulnerabilities in device firmware. VBS, in Windows, refers to a security technology that uses hardware virtualization to...

Disable system modification restrictions

This category disables features that restrict system modifications in Windows. This enables deeper system modifications, enhancing privacy by allowing the removal or disabling of data-collecting components like Defender. These features raise several concerns: Less user control: • Users can't fully control what software runs on their own machines. • It moves security control from device owners to hardware manufacturers and software vendors. • Vendor lock-in: • It restricts the ability to use,...

Disable Tamper Protection

This script disables the Tamper Protection feature. Tamper Protection is a security feature that blocks unauthorized changes to key Defender Antivirus settings. These settings include real-time protection, behavior monitoring, and cloud-delivered protection. By default, Tamper Protection is enabled. It is available in all editions of Windows since Windows 10, version 1903. Disabling Tamper Protection may increase privacy and control over your system by allowing you to: Change...

Disable targeted advertisements and marketing

This category configures Windows using 5 scripts. These scripts are organized in 1 categories. The category includes 2 subscripts and 1 subcategories that include more scripts and categories.

Disable telemetry collector and sender process ("CompatTelRunner.exe")

This script disables "CompatTelRunner.exe", associated with the Microsoft Compatibility Appraiser This process runs at least daily from Windows 7 onwards. It collects extensive data, including information about devices, apps, drivers, hardware configurations, and other user engagement details. This data, formerly known as Windows Customer Data, is then sent to Microsoft servers. "CompatTelRunner.exe" is known for high CPU, disk, and network usage, affecting system performance. Disabling it can t...

Disable unauthorized user account discovery (anonymous SAM enumeration)

This script increases your system's security by preventing unauthorized users from seeing account names in the Security Accounts Manager (SAM). The Security Accounts Manager (SAM) is a database in Windows that stores user account information and is critical for user authentication processes. When account names are exposed, attackers might use them for guessing passwords or tricking people into revealing sensitive information. This is a security action recommended by organizations like the Depart...

Disable Update Compliance processing of diagnostics data

Update Compliance is a service provided by Microsoft hosted in Azure, which uses Windows diagnostic data. This service doesn't meet the US Government community compliance (GCC) requirements, and is utilized by both Desktop Analytics and Azure Update Management. This script is designed to disable the Update Compliance processing of diagnostic data on your device. When this script is run, it modifies the system registry to prevent diagnostic data from your device being processed by Update Complian...

Disable USB data collection

This script disables the "UsbCeip" scheduled task. This task is part of the Windows Customer Experience Improvement Program. The task collects data about USB devices connected to your computer. This data is then sent to Microsoft's engineering team. While the aim is to improve USB functionality in Windows, it raises privacy concerns. If a user opts out of the Windows Customer Experience Improvement Program (CEIP), this task remains inactive. This script disables the task to ensure it remains ina...

Disable use of biometrics

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable User Data Access

This script disables the User Data Access ("UserDataSvc") service. This service allows apps to access personal data such as contacts, calendars, and messages. By disabling this service, you enhance your privacy by preventing apps from accessing this personal information. This script is recommended for users valuing privacy more than some app functionalities relying on user data.

Disable User Data Storage

This script disables the User Data Storage ("UnistoreSvc") service. This service stores user data like contact info, calendars, and messages. Disabling this service boosts privacy by blocking app access to this data. This script is recommended for users who prioritize privacy over the convenience of synchronized user data.

Disable user participation in Office Customer Experience Improvement Program (CEIP)

This script disables user participation in the Microsoft Office Customer Experience Improvement Program (CEIP). The CEIP allows Microsoft Office users to send usage information to Microsoft. When users join this program, Office applications transmit data to Microsoft about the user's interaction with the software. Part of this data includes identifying details, such as the user's IP address used during the data transfer. By default, when running Microsoft Office for the first time, users are giv...

Disable virtualization-based security (VBS)

This script disables Virtualization-based Security (VBS) in Windows. Virtualization-based security (VBS) uses hardware virtualization to create an isolated, secure environment. This environment helps protect vital system and operating system resources, as well as security assets like authenticated user credentials. VBS requires Secure Boot to run. VBS includes a memory integrity feature, also called hypervisor-protected code integrity (HVCI) and hypervisor enforced code integri...

Disable Visual Studio data collection

These scripts disable future local and cloud data collection by Visual Studio about you and your behavior. These do not clean existing data collected about you locally or on cloud servers.

Disable Visual Studio feedback

Feedback tool in Visual Studio allows users to report a problem from either Visual Studio or its installer. It collects rich diagnostic information along with personally identifiable information. Information includes large log files, crash information, screenshots, repro recording, and other artifacts. This script disables feedback dialog and screenshot capture/email input that's prompted to be sent as part of the feedback. By default (after clean installation) the registry keys are not configur...

Disable Visual Studio telemetry

This key was first seen to be used in Visual Studio 15 (2017). By default (after clean installation) the registry key set by this script does not exist since Visual Studio 2022. Forum post showing logs for TurnOffSwitch key | MSDN Forums

Disable WAP push notification routing service

Details: Device Management Wireless Application Protocol (WAP) Push message Routing Service - Windows 10 Service - batcmd.com | batcmd.com Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 21H1) | 🔴 Stopped | Manual | | Windows 11 (≥ 22H2) | 🔴 Stopped | Manual |

Disable web results in Windows Search

This script improves your privacy by disabling the display of web results in the Windows Search function. This prevents your search terms from being sent to Microsoft servers. By default, the Windows Start menu Search box shows results from your computer, the Windows Store, and Bing's web search results. This default behavior means your queries are shared with Microsoft, which could impact your privacy. Running this script stops the Start menu search from performing web searches and displaying w...

Disable web search in search bar

This script disables the ability to perform web searches directly from the Windows Desktop Search By executing this script, searches made from the desktop will be restricted to local content, omitting results from the web. Without this script, Windows Desktop Search includes web results by default, utilizing the user's default web browser and search engine. This script configures "HKLM\\SOFTWARE\\Policies\\Microsoft\\Windows\\Windows Search!DisableWebSearch" registry key. "DisableWebSearch" is not re...

Disable Wi-Fi Sense

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable Windows Defender boot logging

This script disables Defender Antivirus's boot-time logging. Defender Antivirus uses AutoLogger sessions. The AutoLogger event tracing session records events that occur early in the operating system boot process. Applications and device drivers can use the AutoLogger session to capture traces before the user logs in. Disabling these loggers reduces the data Defender Antivirus collects during system startup. This may increase privacy by limiting the information gathered about your...

Disable Windows Push Notifications

This script disables the Windows Push Notification Service (WNS), including the "WpnService" and "WpnUserService". WNS enables third-party developers to send notifications (toast, tile, badge, and raw updates) from their cloud services. However, this service raises privacy concerns: user data. This delivers both local and push notifications to your device. Wikipedia (uncited). It relies on connections to Microsoft cloud servers, potentially exposing • It may bypass VPN protections and expose you...

Disable Windows Remote Assistance feature

This script disables the Windows Remote Assistance feature to improve your system's privacy and security. Windows Remote Assistance allows a third party to remotely access your PC. This capability, known as Solicited Remote Assistance, enables another user to view or take control of your computer. Disabling Remote Assistance improves security by: Preventing others from remotely viewing or controlling your computer. • Reducing the risk of exploitation from RDP-related vulnerabilities. • Reducin...

Disable Windows search data collection

This category is dedicated to minimizing the personal data collected and utilized by Windows Search and Cortana. It encompasses a range of scripts designed to curtail data sharing and bolster user privacy. These scripts are crucial for preventing the search function from transmitting sensitive information such as search history, account details, and location data to Microsoft's servers. The Windows search functionality, often integrated with Cortana, is a key feature that allows for data collect...

Disable Windows search highlights

This script disables the search highlights feature in the taskbar search box. By default, search highlights present content like holidays, anniversaries, and other special events, both globally and regionally. This feature, available since Windows 10 and 11 version 2004, periodically updates with content, including illustrations and text in the search box. However, using search highlights can impact your privacy. This feature is even considered a security vulnerability. It reduces privacy by com...

Disable Windows Security Health Agent (WSHA)

This script disables the Windows Security Health Agent (WSHA). WSHA is a component that transmits a client's security health state to a network policy server. It sends a summary of Windows Update-related information. This data transmission may raise privacy concerns for users who wish to limit the information shared with Microsoft or network administrators. By disabling WSHA, this script improves privacy by preventing the automatic sending of system health and update information. It may also sli...

Disable Windows Security Health Core

This script disables the Windows Security Health Core component. Windows Security Health Core is a system library that manages security settings, monitors system integrity, and interfaces with various security features. It provides status information to both the system and users, handling security-related Windows services. Disabling this component may enhance privacy by limiting the system's monitoring and reporting of security-related activities. It may slightly improve system performance by re...

Disable Windows Security Health data sharing

This script disables Windows Security Health components, including COM objects and files that exchange security information between Windows processes. Windows Security is a built-in tool that provides a central interface for security features such as antivirus protection. Security Health is a component that reports system health information. It uses a specific protocol and COM objects to communicate with other processes. COM (Component Object Model) is a system that allows software c...

Disable Windows Security Health UDK

This script disables the Windows Security Health UDK component. The Windows Security Health UDK is a core library that manages key aspects of Windows Security. UDK stands for Undocked Developer Kit, Undocked Dev Kit, Windows UDK. It's also referred to as Undocked Shell. It coordinates shell experiences (user interfaces) and adds new features to the Windows desktop independently of full system updates. This component's key functions include: Providing security-related services • M...

Disable Windows Security interface

This category offers scripts to disable or modify different aspects of the Windows Security user interface, formerly known as Windows Defender Security Center. Windows Security is a centralized interface managing various Windows security features. It evolved from Windows Defender, initially a standalone antivirus with its own interface. Over time, Microsoft separated the management interface from the core antivirus component. The evolution of Windows Security: 1. With launch of W...

Disable Windows Security notifications

This category provides options to disable various notifications from Windows Security. Windows Security, built into Windows, provides a centralized interface for managing security settings and viewing system status. It was first introduced in Windows 10, version 1703. Initially, it was called Windows Defender Security Center. It displays notifications via the Notification Center (formerly Action Center). Windows Security notifications inform users about device health and security...

Disable Windows Security service

This script disables the Windows Security service. Microsoft refers to this service as: Security Center Service • Security Center • Security Center (wscsvc) Service • WSCSVC (Windows Security Center) service • Windows Security Center Service Windows Security Center is renamed to Windows Security in newer versions of Windows. This service monitors and reports security health settings on your computer. These settings include the status of protective software, system updates, and critical s...

Disable Windows Security service integrations

This script disables the Windows Security service ("wscsvc") communication with other security software. The Windows Security uses APIs (special programming tools) that allow security programs to share their status with Windows. In recent Windows versions, this service is part of Windows Security (formerly Windows Security Center). Disabling these interfaces may enhance privacy by limiting the information shared about your system's security status. It may also improve system performance ...

Disable Windows Security taskbar notifications

This script disables Windows Security-related notifications on the Windows taskbar. It removes taskbar integrations (AppUserModelId) for Windows Security components. Windows Security is also called Security Center in older versions of Windows. AppUserModelIds link processes, files, and windows to specific applications, organizing them on the Windows taskbar, managing Jump Lists, and controlling pinning. This script may enhance privacy by reducing the visibility of security-related informat...

Disable Windows Spotlight (shows random wallpapers on lock screen)

The script disables the Windows Spotlight feature. Windows Spotlight is a feature in Windows 10 and Windows 11 that automatically downloads and displays random wallpapers on the lock screen. These images are sourced from the internet. At times, it might also promote various Microsoft products, services, or even third-party apps and content. When the lock screen fetches images from the internet, there's a silent data exchange happening. This can inadvertently reveal details about the user's devic...

Disable Windows telemetry and data collection

This category configures Windows using 17 scripts. These scripts are organized in 4 categories. The category includes 4 subscripts and 3 subcategories that include more scripts and categories.

Disable Windows Tips

This script configures Windows using Batch (batchfile).It can be restored. It runs ":: Set the registry value:...".

Disable Windows Update automatic driver updates

This category prevents Windows Update from automatically downloading and installing device drivers. A device driver is essential software that enables Windows to communicate with your computer's hardware components. For example: Graphics cards need drivers to display images properly • Printers need drivers to print documents • Mice and keyboards need drivers to function correctly By default, Windows downloads two types of updates for your devices automatically: Device drivers: Software that ...

Disable Windows Update data collection

This category configures Windows using 2 scripts. These scripts are organized in 1 categories. The category includes 1 subcategories that include more scripts and categories.

Disable Windows Update driver download server

This script blocks Windows from automatically downloading device drivers through Windows Update. By default, Windows uses Windows Update to search for driver updates. This script redirects driver searches from Microsoft's servers to your managed server. This prevents Windows from using Windows Update (WU) for driver searches. This script enhances privacy by: Preventing automatic driver data collection by Microsoft • Keeping your system's hardware information within your organization • Reducing u...

Disable Windows Update driver downloads

This script prevents Windows Update from automatically downloading and installing device driver updates. By default, Windows Update includes driver updates alongside regular system updates. With this script, driver updates will no longer be included in Windows updates. This script improves your privacy by: Blocking automatic connections to third-party driver servers • Reducing data collection during driver installations • Allowing you to control which drivers are updated and when Windows Update ...

Disable Windows Update driver installation wizard

This script disables automatic and manual driver updates through Windows Update. The Windows Update driver wizard is also called Hardware Update Wizard or Update Driver Software Wizard. This tool automatically installs and updates device drivers during Windows Updates or when new hardware is connected. This script disables these automatic driver updates via Windows Update. While automatic updates are convenient, they may install unwanted or outdated drivers, impacting system stability an...

Disable Windows Update driver search

This script prevents Windows Update from automatically finding and installing device drivers. By default, Windows Update searches for device drivers when new hardware is connected. This search aims to find the best drivers, even with limited network access. While automatic driver installation is convenient, it can cause system stability issues: Windows may install drivers incompatible with your hardware • You lose control over the driver versions you prefer to use This script blocks Windows Upd...

Disable Windows Update fallback driver search

This script prevents Windows from searching Windows Update for device drivers when local drivers are not found. By default, Windows automatically searches Windows Update for device drivers. Windows searches for drivers in the following order: Local installation • Removable media (USB drives, CD-ROMs) • Windows Update Running this script removes Windows Update from the driver search locations. It also removes the Windows Update option from the driver installation wizard dialog. After running this...

Disable Windows Update hardware information collection

This script stops Windows from downloading device information and updates from the internet automatically. When you connect a new device to your computer, Windows typically downloads: Software enabling Windows to communicate with your hardware High-resolution icons, product details, and manufacturer information Device drivers: • Device metadata (or device information): By default, Windows automatically searches and downloads this information to help you: Identify and distinguish betw...

Disable Windows update scheduled tasks

This category includes scripts to disable scheduled tasks that are associated with the automatic functioning of the Windows Update service. These tasks are responsible for various background update-related activities such as checking for updates, downloading, and installing them in the background without user intervention. Disabling these tasks grants users more control over when and how updates are applied. This approach is often preferred by those wishing to manually manage updates or avoid un...

Disable Windows update services

The scripts in this category offer users the ability to control Windows services related to system updates. These services manage how and when your system receives updates from Microsoft. By limiting or disabling these services, users can decide when to update their system, reducing unexpected changes. Moreover, a system with fewer running services uses fewer resources, which can improve overall performance. Disabling these update services is also a privacy measure. Some updates can change priva...

Disable Xbox Live Auth Manager

This script disables the Xbox Live Auth Manager ("XblAuthManager") service. This service manages Xbox Live login and permissions. Turning off this service can enhance privacy for users who do not use Xbox Live, as it prevents potentially unnecessary communication with Xbox Live servers. Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 22H2) | 🔴 Stopped | Manual | | Windows 11 (≥ 23H2) | 🔴 Stopped | Manual |

Disable Xbox Live Game Save

This script disables the Xbox Live Game Save ("XblGameSave") service. This service synchronizes save data for games that are enabled with Xbox Live save features. If you're not using Xbox Live to save games, turning off this service can protect your privacy by stopping save data transfers to Xbox Live. Overview of default service statuses - | OS Version | Status | Start type | | ---------- | -------| ---------- | | Windows 10 (≥ 22H2) | 🔴 Stopped | Manual | | Windows 11 (≥ 23H2) | 🔴 Stopped ...

Disable Xbox Live Networking

This script disables the Xbox Live Networking Service ("XboxNetApiSvc") service. This service supports the "Windows.Networking.XboxLive" application programming interface. Disabling this service is useful for those not using Xbox Live, as it stops the system from Xbox Live networking activities. This script may enhance privacy and improve system performance by reducing unnecessary network traffic and resource use. Overview of default service statuses - | OS Version | Status | Start type | | ...

Disable Xbox services

This category includes scripts to turn off Xbox services. While enhancing gaming, these services may impact privacy and system performance for non-Xbox Live users. Turning off these services protects privacy by stopping unnecessary data sharing with Xbox Live servers.

Empty trash (Recycle Bin)

This script configures Windows using Batch (batchfile). It runs "PowerShell -ExecutionPolicy Unrestricted...".

Enable Do Not Track requests

This script enables Do Not Track requests in Microsoft Edge. Do Not Track communicates to websites that you prefer not to have your browsing activity tracked. It enhances privacy by signaling your tracking preferences to websites, though compliance is not guaranteed. By default, Edge does not send Do Not Track requests. This script ensures these requests are always sent to websites that seek tracking information. Additionally, Microsoft endorses this script as it helps create a cleaner browser i...

Enable Edge (Legacy) SmartScreen warning dismissal

This script allows users to bypass SmartScreen warnings in Edge (Legacy). Edge (Legacy) features a SmartScreen filter that warns users about potentially malicious websites and file downloads. By default, this feature allows users to ignore these warnings and proceed to download files. This script keeps this option, enhancing user privacy by minimizing data sent to Microsoft. Disabling this feature reduces potential privacy risks by preventing data sharing. This may also improve system performanc...

Enable Edge SmartScreen warning dismissal

This script allows users to bypass SmartScreen warnings in Edge. Edge's SmartScreen shows warnings about potentially malicious websites. By default, users can override SmartScreen warnings and visit the site. This script maintains this option, enhancing privacy by minimizing data sent to Microsoft. Maintaining this option in its default state reduces potential privacy risks by limiting data sharing with Microsoft. This may also improve system performance by reducing processing workload. While ke...

Enable Edge SmartScreen warning dismissal for files

This script allows users to bypass Edge SmartScreen warnings when downloading files. Microsoft Defender SmartScreen warns users about potentially unsafe downloads. By default, users can bypass Microsoft Defender SmartScreen warnings and complete unverified downloads. This script maintains the default option, enabling users to bypass SmartScreen warnings if chosen. This script allows users to override these warnings. This enhances user privacy by reducing the amount of data sent to Microsoft for ...

Enable Edge tracking prevention

This script configures Microsoft Edge's tracking prevention to the 'Strict' level, enhancing user privacy by blocking extensive web tracking The tracking prevention feature in Microsoft Edge restricts online trackers from accessing browser storage and network resources, which helps safeguard user data. By default, the 'Balanced' level is activated. While the 'Balanced' level does not block ads or analytics, this script activates the 'Strict' level to provide a higher degree of privacy by blockin...

Enable secure "DTLS 1.2" protocol

This script enables the DTLS 1.2 protocol. This protocol is identified as "DTLS 1.2" on Windows. DTLS (Datagram Transport Layer Security) provides secure communication over the UDP protocol. Based on the TLS protocol, DTLS offers equivalent security measures. Common uses include online gaming, DNS lookups, and VPN services. Despite being superseded by the more secure DTLS 1.3, DTLS 1.2 is still approved by authorities like NIST, NSA, and the German Federal Office for Information Security. DTLS...

Enable secure "TLS 1.3" protocol

This script enables the TLS 1.3 protocol. This protocol is identified as "TLS 1.3" on Windows. TLS 1.3 is the latest and most secure version of the TLS protocol. It is supported starting with Windows 11 and Windows Server 2022. On these systems, TLS 1.3 is enabled by default. Authorities like NSA (National Security Agency), Federal Office for Information Security (BSI), The Center for Internet Security, NIST, Microsoft, Mozilla, and Apple recommend using this protocol for its enhanced security. ...

Enable secure connections

This category configures essential security settings to protect network communications. Newer security standards offer improved protection against vulnerabilities found in older versions. Scripts within this category enhance your privacy and security by enabling these standards to maintain the integrity of network communications.

Enable secure connections for legacy .NET apps

This script provides secure connections for older .NET Framework applications. It enables the automatic adoption of newer, more secure protocols as supported by the operating system. If the operating system supports newer TLS versions, applications will automatically use these without any need for modifications to the application code or .NET Framework settings. For example, this configuration enables .NET Framework 3.5 applications, which do not natively support TLS 1.2, to adopt TLS 1.2. This ...

Enable security against PowerShell 2.0 downgrade attacks

See: The Windows PowerShell 2.0 feature must be disabled on the system. | stigviewer.com Overview of default feature statuses - "MicrosoftWindowsPowerShellV2": | | | | ---- | --- | | Feature name | "MicrosoftWindowsPowerShellV2" | | Display name | Windows PowerShell 2.0 Engine | | Description | Adds or Removes Windows PowerShell 2.0 Engine | | Default (Windows 11...

Enable SmartScreen warning dismissal for apps

This script disables SmartScreen app blocking, allowing apps to bypass its warnings. SmartScreen is a security feature that protects users by displaying warnings before running potentially harmful programs. These warnings help prevent the execution of suspicious applications. This feature is enabled by default on Windows. SmartScreen sends data to Microsoft about the files and applications run on the system. This raises privacy concerns because it involves collecting user behavior data. The Cent...

Enable SmartScreen warning dismissal for Store apps

This script allows users to bypass SmartScreen warnings for Microsoft Store apps. SmartScreen is a security feature that filters web content accessed by Microsoft Store apps. By default, SmartScreen allows users to bypass its warnings. This script keeps the default setting. Enabling SmartScreen bypass may enhance privacy by reducing data shared with Microsoft. It increases user control over security checks and may improve system performance by removing an additional security check. However, this...

Enable strong Diffie-Hellman key requirement

This script improves your security by setting the "Diffie-Hellman" key exchange to a minimum of 2048 bits. This is a secure way to exchange keys over public networks. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure connection over the internet. By disabling this weak algorithm, the script improves the security of the connection. By default, modern Windows versions use a 2048-bit size for Diffie-Hellman key exchanges. Sizes ...

Enable strong RSA key requirement (breaks Hyper-V VMs)

This script improves your security by enforcing a minimum of 2048 bits for RSA encryption keys ("PKCS"). RSA encryption keys play a crucial role in securing communications over the internet. The Public-Key Cryptography Standards (PKCS) define how to use RSA keys for secure communication encryption. Using keys that are too weak can expose your data to unauthorized access. This script only affects the SSL/TLS handshake process. The SSL/TLS handshake is a key part of establishing a secure conne...

Enable strong secret key requirements

This category contains scripts that enhance system security by implementing stronger encryption key lengths. Stronger keys help prevent unauthorized data access and potential leaks. These scripts aim to protect your data when sent over network (Internet), making sure your security matches up with the latest guidelines and practices.

Harden Edge privacy

This category contains scripts designed to enhance privacy settings in Microsoft Edge by reducing tracking mechanisms encountered during web browsing. These scripts do not block data collection conducted directly by Microsoft through Edge. Instead, these scripts empower users by providing control over the exposure of their browsing data to external entities, thereby significantly enhancing privacy.

Improve network security

This category is dedicated to improving network security. It aims to minimize vulnerabilities by offering various settings that improve the integrity and confidentiality of data transmitted over the network. It features a range of measures to protect data transmission from unauthorized access, interception, and other cyber threats to maintain a secure and private communication environment. By improving network security, you secure your system and data from attackers, ISPs, VPN companies, and sta...

Kill OneDrive process

It stops the execution of OneDrive. Main OneDrive process is "OneDrive.exe" and it is installed in "\\Microsoft\\OneDrive\\OneDrive.exe".

Maximize auto-update duration

This category includes scripts designed to extend the intervals between automatic updates. These scripts provide users with greater control over the timing of system updates. By adjusting the schedule of these updates, users can minimize interruptions and potential system instability associated with frequent updates.

Maximize Edge update suppression duration

This script suppresses automatic updates for Microsoft Edge for the longest possible duration. If you do not run this script, Microsoft Edge checks for updates periodically throughout the day by default. This script limits update checks to the least frequent interval permitted by policy settings. This reduces network traffic and decreases system load, thereby enhancing both privacy and performance. However, this delay in updates can expose you to security risks, especially if you depend on Edge ...

Maximize feature update duration (disables resuming updates from settings)

This script provides control over when and how often Windows feature updates and preview builds occur. These updates bring major changes to the operating system, affecting functionality and user privacy. Key aspects of Windows feature updates include: Protecting against behavioral issues. • Adding new features. Registry keys - The script modifies various Group Policy (GPO), state, and Mobile Device Management (MDM) keys. Group Policy (GPO) keys: Used for pausing updates in older Windows 10 versi...

Maximize quality update duration (disables resuming updates from settings)

This script extends the time between mandatory quality updates, which include security patches. Delaying these updates helps prevent frequent system reboots and disruptions, aiding productivity in professional and critical settings. Registry keys - The script modifies various Group Policy (GPO), state, and Mobile Device Management (MDM) keys. Group Policy (GPO) keys: Defers updates and upgrades in earlier versions of Windows 10 (1511). Pauses quality updates for up to 35 days, or until the setti...

Maximize update duration on older Windows versions

This script extends the time between updates and upgrades, but only works on older Windows versions (version 1511 and earlier). The script modifies the following keys: Sets the device to a more predictable update schedule. Pauses quality updates. Determines the delay period for updates. Determines the delay period for upgrades. Pauses upgrades for up to 4 weeks. Pauses upgrades for up to 8 months. Supported values range from 0 to 8, representing the number of months to defer upgrades. Pauses upd...

Maximize update pause duration

This script maximizes the pause duration for system updates via the settings interface. It postpones both feature and quality updates in Windows 10 and Windows 11. This is particularly useful for those preferring fewer interruptions from regular updates. By default, the following registry keys are absent in Windows 10 and Windows 11 and are added only when updates are paused through the user interface: "HKLM\\SOFTWARE\\Microsoft\\WindowsUpdate\\UX\\Settings!PauseFeatureUpdatesStartTime" • `HKLM\\SOFTW...

Minimize CPU usage during scans

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Minimize DISM "Reset Base" update data

This script diminishes unnecessary system data, thus enhancing your privacy and performance. The DISM tool is used to manage Windows images and is often used to fix issues with the Windows operating system. The "Reset Base" option can help to reduce the size of the WinSxS folder. Once, "Reset Base" is enabled, you cannot uninstall any previous updates. This script activates the "Reset Base" feature, minimizing the size of WinSxS folder. It contributes to the reduction of redundant da...

Minimize scanned areas

This category configures Windows using 10 scripts. These scripts are organized in 1 categories. The category includes 7 subscripts and 1 subcategories that include more scripts and categories.

Privacy cleanup

This category configures Windows using 86 scripts. These scripts are organized in 18 categories. The category includes 9 subscripts and 5 subcategories that include more scripts and categories.

Privacy over security

This category configures Windows using 254 scripts. These scripts are organized in 57 categories. The category includes 3 subcategories that include more scripts and categories.

Remove "3D Viewer" app

Microsoft Store Page It's also known as "Microsoft 3D Viewer". This app comes pre-installed on certain versions of Windows. It was added in Windows 10, version 1703. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 2...

Remove "Add Suggested Folders To Library" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Adobe Photoshop Express" app

Microsoft Store Page This apps is also known as just "Photoshop Express". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 1...

Remove "App Connector" app

This script uninstalls the "App Connector" Windows app. The App Connector app accesses elements like your location, camera, contacts, and calendars. This raises some concerns about user privacy. In simpler terms, the App Connector acts as a bridge, facilitating communication between Microsoft services and other apps over the Internet. It's primarily aimed at developers, enabling them to connect with Microsoft cloud services, such as Azure, or with other internet-based applications. It's essentia...

Remove "App Installer" app

Microsoft Store Page It's also known as "Desktop App Installer" app. This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Win...

Remove "App Resolver UX" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Assigned Access Lock App" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Call" app

This script removes the "Call" application, also known as the Calling Shell App. This app enables transferring and managing phone calls from a mobile to a Windows desktop, including playback through PC speakers. The main executable of this app is "CallingShellApp.exe", which Microsoft describes as the "Calling App to host call progress on shell". The script is safe to use if you don't need your PC to handle phone calls. Removing this app does not affect the core functionalities of Windows. Ove...

Remove "Camera Barcode Scanner" app

This script removes the Camera Barcode Scanner app from Windows, enhancing privacy and security. The Camera Barcode Scanner app uses software to detect barcodes through your device's camera. A camera barcode scanner uses a standard camera lens with auto-focus and a software decoder, which Windows pairs dynamically to enable barcode scanning for Universal Windows Platform (UWP) apps. Digimarc Corporation provides this app. The "Windows.CBSPreview" system app and the `Microsoft-OneCore-PointOfServ...

Remove "Candy Crush Saga" app

Microsoft Store Page Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Candy Crush Soda Saga" app

Microsoft Store Page Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Capture Picker" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "ChxApp" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Cloud Experience Host" app (breaks Windows Hello password/PIN sign-in options, and Microsoft cloud/corporate sign in)

This script uninstall the Microsoft Cloud Experience Host service. This service is required for connecting to corporate domains or Microsoft cloud-based services. It is also referred to as the "Microsoft account" app. This app comes pre-installed on certain versions of Windows. The Microsoft Cloud Experience Host has several functionalities: It is responsible for connecting Microsoft accounts. • It enables corporate login. Cloud Experience Host application comes into action during the joining pr...

Remove "Code Writer" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Contact Support" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Content Delivery Manager" app

This script uninstalls the "Content Delivery Manager" app. This app provides Windows Spotlight functionality, which automatically sets random wallpapers on the lock screen in Windows. The main purpose of this app is to update the Windows experience. To achieve this, the app collects data about interactions with the Windows Spotlight content, such as which content is viewed, clicked on, or given feedback. It records the content's ID, user actions, and other associated attributes. Additionally, th...

Remove "Copilot" icon from taskbar

This script removes the Copilot icon from the taskbar. Windows added a taskbar button enabled by default to launch Windows Copilot. This feature was introduced with the Windows 11 22H2 Moments 4 update. The script configures the "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced!ShowCopilotButton" registry key. This script will turn off the Copilot button in the Settings app of Windows 11, which will hide or remove the Copilot icon from the taskbar. Disabling the Copilot button wo...

Remove "Cortana" app

Microsoft Store Page Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Credentials Dialog Host" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Desktop" folder from This PC in File Explorer

This script hides the Desktop folder from This PC in File Explorer. It improves privacy by hiding desktop contents, which often include personal files, shortcuts, and temporary items. This reduces the risk of accidentally revealing sensitive information when using file dialogs. However, this may impact your workflow if you frequently access desktop items this way. The desktop remains visible and accessible by minimizing windows or using File Explorer. This script hides the folder...

Remove "Documents" folder from This PC in File Explorer

This script hides the Documents folder from This PC in File Explorer. It enhances privacy by hiding the Documents folder, which often contains personal and sensitive files. This action reduces the risk of accidental exposure of private information during common file operations or when others briefly access your computer. This change may disrupt your workflow if you often access files in the Documents folder via these interfaces. You can still access the Documents folder d...

Remove "Downloads" folder from This PC in File Explorer

This script hides the Downloads folder from This PC in File Explorer. It enhances privacy by concealing your downloaded files from casual view, potentially including sensitive documents, personal data, or temporary items. This reduces the risk of unintentional exposure of potentially private information when using common file dialogs. However, this may affect your workflow if you frequently access downloaded files through these interfaces. The Downloads folder remains accessible ...

Remove "Duolingo - Language Lessons" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "EC" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Eclipse Manager" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Feedback Hub" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "File Explorer" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "File Picker" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Flipboard" app

Microsoft Store Page Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Get Help" app (breaks built-in troubleshooting)

This script removes the "Get Help" app. This app comes pre-installed on certain versions of Windows. "Get Help" is an application designed to assist users with Windows-related issues. It offers solutions through troubleshooters, instant answers, and Microsoft support articles. It connects users with Microsoft support agents and the Microsoft community for personalized assistance. Removing "Get Help" not only supports a minimalist system approach but also helps reduce potential data collection. T...

Remove "GPU Eject Dialog" app

This script removes the GPU Eject Dialog app, enhancing the process of safely disconnecting external GPUs via Thunderbolt 3. Like USB drives, this feature lets Windows safely unmount external GPUs. It provides the dialog to close any GPU-running applications to prevent data loss before detachment. The "GPU Eject Dialog" becomes visible when attempting to safely remove an external graphics card via the Safely Remove Hardware and Eject Media icon. It shows applications using the external GPU, en...

Remove "GroupMe" app

Microsoft Store Page Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "HEIF Image Extensions" app

This script uninstalls the "HEIF Image Extensions" app. The HEIF Image Extension lets Windows devices read and write files in the High Efficiency Image File (HEIF) format, commonly with ".heic" or ".heif" extensions. This app contains high severity vulnerabilities in certain versions. A high vulnerability is a serious security risk that could allow attackers to gain full control of your system. Removing this app will improve your system's security and reduce the risk of these threats. This app c...

Remove "Hello setup UI" app (breaks biometric authentication)

This app comes pre-installed on certain versions of Windows. See also: Discussion about this service on Microsoft forums Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | ...

Remove "HEVC Video Extensions" app

This script uninstalls the "HEVC Video Extensions" app. The app is designed to extend the capability of Windows to play and produce HEVC (High Efficiency Video Coding) encoded video content, which is key for high-quality video formats like 4K and Ultra HD. The app utilizes hardware features in newer devices to enhance video quality. However, for devices lacking hardware support, the app provides software support, although the performance might vary based on video resolution and PC capabilities. ...

Remove "Holographic First Run" app

The "Windows Holographic First Run" app is a diagnostic tool on Windows, designed for potential users of Microsoft's Hololens, an augmented reality headset. When run, the app scans your computer's hardware to determine its compatibility with the Hololens. It assesses which components meet or exceed the required specifications, which might offer a subpar experience, and which fail to meet the necessary standards. The app accesses hardware data to ensure that the users have a system capable of sup...

Remove "iHeart: Radio, Music, Podcasts" app

Microsoft Store Page Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "IrDA" capability

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Remove "Lock" app (shows lock screen)

This app comes pre-installed on certain versions of Windows. See also: More information "LockApp.exe" process Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Mail and Calendar" app

Microsoft Store Page It's previously known as "Outlook Calendar and Mail" app. This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22...

Remove "Microsoft 365 (Office)" app

Microsoft Store Page/9WZDNCRD29V9?hl=en-us&gl=SE) It's formerly known as just "Office" app. This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ |...

Remove "Microsoft 3D Builder" app

This script uninstalls the "Microsoft 3D Builder" app. Microsoft 3D Builder offers tools for creating, viewing, and printing 3D objects. It supports editing various 3D file types with features like material rendering, texture layering, and includes tools to prepare models for 3D printing. This app succeeded the older "Print 3D" app as the default 3D printing software starting with the Windows 10 version 19H1. This application uses your webcam, microphone, and internet connection, posing privacy ...

Remove "Microsoft AAD Broker Plugin" app (breaks Night Light settings, taskbar keyboard selection and Office app authentication)

This script uninstalls the "Microsoft AAD Broker Plugin" app. This app is also referred to as the "Work or school account" or "Broker plug-in". The primary purpose of this app is to offer login functionality for what used to be Azure Active Directory and is now called Microsoft Entra ID. Users should be aware of the following side-effects before uninstalling: language selection icon will not show the selection dialog. functioning after uninstalling. You can read more about the Night Light featur...

Remove "Microsoft Accounts Control" app

It is also known as "Email and accounts". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Microsoft Async Text Service" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Microsoft Edge Dev Tools Client" app

This script removes the Developer Tools (DevTools) app that was paired with Microsoft Edge Legacy. These tools, now outdated, haven't received updates for a while. If the main Edge application is uninstalled, these tools lose their relevance and should be removed as well. This app comes pre-installed on certain versions of Windows. Getting rid of such outdated software components helps to protect your security. They could have vulnerabilities waiting to be exploited. By uninstalling them, you're...

Remove "Microsoft Edge" app

This script uninstalls the "Microsoft Edge" Windows app. This app comes pre-installed on certain versions of Windows. As of March 9, 2021, this app stopped receiving any updates or security patches. Such unsupported software can become a security risk. Furthermore, using this version means your browsing data gets integrated into your device's activity history. Microsoft can access this data and it remains stored locally, leaving traces of your behavior. Removing this software not only minimizes ...

Remove "Microsoft Family Safety" / "Parental control" app

This script uninstalls the parental control app for Microsoft Family Safety. A parental control app helps parents regulate the content their children access online, including how long they spend on devices. It provides features such as content filtering, screen time limit enforcement, activity monitoring, contact blocking, and activity reports. Family Safety, a specific parental control tool from Microsoft, lets parents monitor and control their children's online activities. It offers th...

Remove "Microsoft Messaging" app

Microsoft Store Page It's also known as just "Messaging" or "Skype Video". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2...

Remove "Microsoft News" app

Microsoft Store Page It's also known as just "News" app. This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windo...

Remove "Microsoft Pay" app

This script uninstalls the Microsoft Pay app. Microsoft Pay, previously known as "Microsoft Wallet", is a cloud-based payment and wallet technology provided by Microsoft. This system enables users to make payments through Microsoft Pay on websites, within Universal Windows Platform (UWP) apps, and through Microsoft Bot Framework bots. The primary function of Microsoft Pay is to facilitate payments using banks and credit cards. The app integrates with the Microsoft Edge browser and stores card da...

Remove "Microsoft People" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Microsoft Phone" app

This script removes the "Microsoft Phone" app. This app is known as Phone (dialer), Microsoft Phone, or "Microsoft.CommsPhone". This app enabled voice and video calls over cellular networks or Wi-Fi on Windows 10 Mobile. It offered smart contact search, voicemail management, call recording, and call blocking. This app comes pre-installed on certain versions of Windows. Windows 10 Mobile has reached end of support and is an outdated operating system. Removing outdated and unsupported apps imp...

Remove "Microsoft Photos" app

Microsoft Store Page It's also known as just "Photos" apps. This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Window...

Remove "Microsoft PPI Projection" app

More about Perceptive Pixel This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Microsoft Remote Desktop" app

Microsoft Store Page It's also known as just "Remote Desktop". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ...

Remove "Microsoft Solitaire Collection" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Microsoft Sticky Notes" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Microsoft Store" app

This script aims to uninstall the Microsoft Store app (also known as Store). This app comes pre-installed on certain versions of Windows. Microsoft has mentioned that it doesn't officially support the uninstallation of this app. Removing it might lead to unwanted effects. The Microsoft Store is subject to the data collection policies laid out in the Windows privacy statement. It can collect diagnostic data about your device, its settings, and capabilities. This data is sent to Microsoft and can ...

Remove "Microsoft Text Input Application" app

This script removes the "Microsoft Text Input Application", also known as Input App or "InputApp". This app comes pre-installed on certain versions of Windows. It processes keystrokes and offers features like: Emoji Keyboard (using "Win+Dot/Period") • Screenshot tools such as screen clipping (using "PrtScn") • Clipboard history (using "Win-V") • Touch keyboard • On-screen keyboard • Handwriting panel The app's main process is "WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe"...

Remove "Microsoft Tips" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Microsoft To Do: Lists, Tasks & Reminders" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Minecraft for Windows" app

Microsoft Store Page Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Mixed Reality Portal" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Mobile Plans" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Movies & TV" app

Microsoft Store Page It's also known as "Movies and TV" app. This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23...

Remove "MSN Money" app

Microsoft Store Page It's also known as just "Money" app. This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 ...

Remove "MSN Sports" app

Microsoft Store Page It's also known as just "Sports" app. This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | W...

Remove "MSN Weather" app

Microsoft Store Page It's also known as just "Weather" app, or previously known as "Bing Weather". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 ...

Remove "Music" folder from This PC in File Explorer

This script hides the Music folder from This PC in File Explorer. It improves privacy by hiding your music collection, which may reflect personal tastes or contain sensitive audio files. This reduces the risk of unintentional exposure of private audio content when using common file dialogs. However, this may affect your workflow if you frequently access music files through these interfaces. The Music folder remains accessible through direct navigation in File Explorer or medi...

Remove "My People" app

This script uninstalls the "My People" app. This app is also known as "People Hub" or "Windows My People". It allows users to pin contacts to the Windows task bar. Additionally, users can drag and drop documents, photos, or videos onto a contact to share them. This app comes pre-installed on certain versions of Windows. Its main operational file is "PeopleExperienceHost.exe", which can typically be located at `C:\\Windows\\SystemApps\\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\\PeopleExper...

Remove "Narrator QuickStart" app

This script removes the "Narrator QuickStart" app. This app is technically known as "NarratorQuickStart". The "Narrator QuickStart" is a brief tutorial designed to help new users familiarize themselves with the Narrator application. The tutorial is accessible through a "QuickStart" button within Narrator, a link in settings, and from the initial Welcome page of Windows. It provides a step-by-step guide on using keyboard shortcuts and other features to effectively use Narrator. Narrator is a scre...

Remove "Network Connectivity Status Indicator (NCSI)" app (breaks internet connection status icon)

This script removes the "NcsiUwpApp" system app. It is also known as the "Network Connectivity Status Indicator Universal Windows Platform App". It is primarily responsible for indicating network connectivity status. The NCSI feature provides the functionality that allows Windows to offer visual feedback on network connection status, usually seen at the bottom-right of the taskbar. It is used not only by the Windows operating system but also by third-party applications for determining network co...

Remove "Network Speed Test" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "OneNote" app

Microsoft Store Page This app was previously known as "OneNote for Windows 10". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | ...

Remove "OOBE Network Captive Portal" app

This script uninstall the OOBE Network Captive Portal app. The app is part of the Out-of-Box Experience (OOBE) process in Windows. When users set up their Windows system for the first time, they encounter the "Let's connect you to a network" screen. This screen precedes the End User License Agreement (EULA) screen and presents available connection options, including Wi-Fi and Cellular data networks in the vicinity. Some pages during the OOBE are delivered through a cloud service. The app runs th...

Remove "OOBE Network Connection Flow" app

This script uninstalls the "OOBE Network Connection Flow" app from Windows devices. The OOBE (Out-of-Box Experience) Network Connection Flow app assists users during their initial setup of a Windows device. When setting up, users encounter the "Let's connect you to a network" screen, which lists available Wi-Fi and Cellular network options. Devices with LTE capabilities and an active SIM card will automatically connect to the Cellular network, but if a Wi-Fi network is accessible, it will be pre...

Remove "Paint 3D" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Pandora" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Phone Companion" app

This script removes the "Phone Companion" app. This app is also known as Microsoft Phone Companion or, technically, "Microsoft.WindowsPhone". This integrates Windows PCs with mobile devices (Android, iPhone, and iPad). It enabled synchronization of music, photos, Word documents, and Cortana reminders across devices. It provided setup instructions and syncing tips. The app enabled users to check their device's battery and storage status and transfer files. It supported Windows, Android, and iOS...

Remove "Phone Link" app

This script removes the "Phone Link" app. Known technically as "Microsoft.YourPhone", previously Your Phone and Your Phone Companion. The app links your phone and Windows PC. It allows you to share and manage content and communications across devices. The app lets you text, make calls, use mobile apps, get notifications, and transfer files over Wi-Fi. Launched in October 2018 as Your Phone and Your Phone Companion, it was rebranded to Microsoft Phone Link in March 2022. Originally deve...

Remove "Pictures" folder from This PC in File Explorer

This script hides the Pictures folder from This PC in File Explorer. It enhances privacy by concealing your image collection, which may include personal or sensitive photos. This reduces the risk of accidentally revealing private images in common file dialogs. However, it may impact your workflow if you frequently access picture files through these interfaces. The Pictures folder remains accessible via direct navigation in File Explorer or image viewing applications. This scr...

Remove "Pinning Confirmation Dialog" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Print Queue" app (breaks printing)

This script removes the "Print Queue" app, also known as the Print Queue Action Center. This app replaces the older print queue dialog with a modern user interface (UI). It enables users to view and manage their print jobs, including pausing and resuming them. The app first appeared in an early version of Windows 11 (build 22567.1). It became fully functional in later updates (starting with build 22572.1). The Windows 11 22H2 update includes it for general users. To determine if this app is es...

Remove "Print UI" app (breaks printing for some apps)

This script removes the "Print UI" system application. This app comes pre-installed on certain versions of Windows. First introduced in early development builds of Windows 10, the "Print UI" app is crucial for the native printing experience in Windows. When users click the Print button in apps such as Photos or early versions of Edge browser (before Chromium), this UI is displayed. Since the release of Windows 11 22H2, Microsoft has replaced the legacy print dialog for all classic apps (like Not...

Remove "Program Compatibility" tab from file properties (context menu)

This script removes the "Program Compatibility" tab from the file properties context menu. This tab is visible on the property context menu of any program shortcut or executable file, and displays options that can be applied to the application to solve common issues affecting older applications. When enabled, this script prevents the compatibility property page from appearing in the context menus, though it does not impact any prior compatibility settings applied to applications through this int...

Remove "Quick Assist" capability

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Remove "RAS Connection Manager Administration Kit (CMAK)" capability

This script removes the "RAS Connection Manager Administration Kit (CMAK)" ("RasCMAK.Client") capability. CMAK is a tool that allows the creation of profiles for connecting to remote servers and networks. Though useful for remote connections, this capability might be unnecessary for many users. Removing it can simplify the system's network configuration and enhance security by reducing potential attack vectors. This capability is not included in the standard installation of Windows.

Remove "Raw Image Extension" app

This script uninstalls the "Raw Image Extension" app. This app enables viewing support for raw file formats from digital cameras directly in Windows File Explorer and the Photos app. It utilizes the libraw open source project for this functionality. This app contains critical severity vulnerabilities in certain versions. A critical vulnerability is a serious security risk that could allow attackers to gain full control of your system. Removing this app will improve you...

Remove "RIP Listener" capability

This script removes the "RIP Listener" ("RIP.Listener") capability. The RIP Listener listens for route updates from routers using the Routing Information Protocol version 1 (RIPV1). RIPV1 is an older protocol that might be redundant in modern networks, despite its specific utilities. Removing this feature can contribute to a more secure system by eliminating unnecessary network listening capabilities. This capability is not included in the standard installation of Windows.

Remove "Scan with Defender" from context menu

This script removes the Scan with Microsoft Defender option from the right-click context menu. This script enhances user privacy by limiting engagement with Defender's data collection processes. Defender may collect data during scans and at regular intervals, which some users may find unnecessary or unwanted. Removing this option only affects the context menu appearance and does not disable Defender or its other functions. Technical Details - The script functions by altering specific registr...

Remove "Search" app

This script removes the "Search" app from Windows to improve privacy. The search app was previously known as "Microsoft.Windows.Cortana". This app was commonly known as Cortana. It was pre-installed on older versions of Windows 10. It collected personal data such as contacts, emails, calendar events, voice inputs, and searches. Cortana has been retired, with end-of-support reached in 2024. "Microsoft.Windows.Search" is introduced in Windows 10 version 2004. This app replaced Cortana's role in pr...

Remove "Secondary Tile Experience" app

This script removes the Second Tile Experience app from your computer. The Second Tile Experience helps in providing a feature in Windows that lets users create quick access shortcuts, called secondary tiles, to specific content from an app on their Start menu. For example, it might be a shortcut to the weather of a city or a favorite news article. Secondary tiles act as direct entry points to parts of an app, like displaying real-time updates or leading to a particular feature. While these tile...

Remove "Shazam" app

Microsoft Store Page Shazam Windows app was officially declared end-of-life on February 7, 2017 and is discontinued as Windows app. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 |...

Remove "Simple Network Management Protocol (SNMP)" capability

This script removes the "Simple Network Management Protocol (SNMP)" ("SNMP.Client") capability. SNMP is used for monitoring and managing network devices. While it provides valuable information for network administration, it may not be essential for all users and can expose the system to additional network traffic and potential vulnerabilities. This capability is not included in the standard installation of Windows.

Remove "Skype" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "SNMP WMI Provider" capability

This script removes the "SNMP WMI Provider" ("WMI-SNMP-Provider.Client") capability. This feature enables Windows Management Instrumentation (WMI) clients to access SNMP information. SNMP is used for monitoring and managing network devices. Integrating SNMP data into WMI, this capability may be extraneous for those not needing SNMP monitoring. Removing this capability can simplify the system's management interfaces and improve its security posture by limiting the ways in which network informatio...

Remove "Spotify - Music and Podcasts" app

Microsoft Store Page Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Store Purchase" app

This script uninstalls the "Store Purchase" app. The Store Purchase app is linked with the purchase feature in the Store app, allowing users to view their purchase history without needing to open a separate website. This app is not well-documented officially by Microsoft. This app comes pre-installed on certain Windows versions. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 |...

Remove "Sway" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Take a Test" app

This script uninstalls the "Take a Test" application, also known as "secure assessment browser". It is a feature in Windows primarily used for online testing in schools. The purpose of this app is to create a secure environment where students can't access external computer or internet resources while taking a test. It restricts specific activities, like printing, taking screenshots, or opening other apps. The software offers two usage modes: a basic secure mode and a more stringent "kiosk mode" ...

Remove "Twitter" app

Microsoft Store Page Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ❌ | | Windows 10 | 20H2 | ❌ | | Windows 10 | 21H2 | ❌ | | Windows 10 | 22H2 | ❌ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2 | ❌ | | Windows 11 | 23H2 | ❌ |

Remove "Videos"folder from This PC in File Explorer

This script hides the Videos folder from This PC in File Explorer. It enhances privacy by hiding your video collection, which may contain personal or sensitive content. This reduces the risk of inadvertently exposing private videos when using common file dialogs. However, this change may affect your workflow if you frequently access video files through these interfaces. You can still access the Videos folder directly in File Explorer or via media applications. This script hid...

Remove "VP9 Video Extensions" app

This script uninstalls the "VP9 Video Extensions" app. The "VP9 Video Extensions" app facilitates the playback of VP9 video format, widely used for internet streaming, across various video applications on Windows. The app leverages hardware capabilities on newer devices for enhanced performance and offers software support where such hardware is absent. This app contains high severity vulnerabilities in certain versions. A high vulnerability is a serious security risk that could allow attackers t...

Remove "Web Media Extensions" app

This script uninstalls the "Web Media Extensions" app. "Web Media Extensions" package enhances Microsoft Edge and Windows by supporting open source formats commonly used on the web. It enables native playback of media in OGG format and content encoded with Vorbis or Theora codecs. This app contains high severity vulnerabilities in certain versions. A high vulnerability is a serious security risk that could allow attackers to gain full control of your system. Removing this app will improve your s...

Remove "Webp Image Extensions" app

This script uninstalls the "Webp Image Extensions" app. The "Webp Image Extensions" app allows Microsoft Edge browser to display WebP images. WebP is an advanced image format offering efficient compression to support smaller, high-quality images on the web. This app contains vulnerabilities in certain versions. Removing this app will improve your system's security and reduce the risk of these threats. This app comes pre-installed on certain versions of Windows. [Microsoft Store Page](https://web...

Remove "Widgets" from taskbar

To control whether the Widgets button is visible on the taskbar, Microsoft introduced "TaskbarDa" registry value. Possible "DWORD" 32-bit settings for the "TaskbarDa" value are: 1. 0 = Hidden 2. 1 = Visible This registry key does not exist in Windows 11 installations by default.

Remove "Win32 Web View Host" / "Desktop App Web Viewer" app

This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Windows Alarms and Clock" app

Microsoft Store Page This app was previously named "Windows Alarms & Clock". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅...

Remove "Windows Calculator" app

Microsoft Store Page It's also known as just "Calculator". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windo...

Remove "Windows Camera" app

Microsoft Store Page It's also known as just "Camera". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H...

Remove "Windows Feedback" app

This script removes the "Windows Feedback" app. Introduced in Windows 1511 (Windows 10 Fall Update), this app allows users to share feedback with Microsoft, primarily aimed at Windows Insider users. This app comes pre-installed on certain versions of Windows. Removing this app contributes to privacy by eliminating a channel through which user feedback and usage data might be sent to Microsoft. It's particularly useful for users who prefer to minimize data sharing with external parties. Overview ...

Remove "Windows Maps" app

Microsoft Store Page It is also known as just "Maps". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 |...

Remove "Windows Media Player" app

Microsoft Store Page This app was previously known as "Groove Music". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅...

Remove "Windows Security" app ("SecHealthUI") (breaks Windows Security user interface)

This script removes the "Windows Security" app, known as "SecHealthUI". This app serves as the interface for Windows Security, helping users monitor and manage their computer's security. It provides alerts and guidance on vulnerabilities through the Action Center. However, uninstalling the "Windows Security" app has significant implications: It may increase vulnerability to threats by no longer alerting users about security issues or communicating updates through the Action Center. • Disabling i...

Remove "Windows Security" icon from taskbar

This script removes the Windows Security icon from the system tray. Windows Security is an interface introduced in Windows 10, version 1703. It was previously named Windows Defender Security Center. It offers a unified interface to manage security settings and monitor system status. The icon in the system tray is controlled by the "SecurityHealthSystray.exe" file. Technical Details - The script modifies the registry to stop this file from running on startup, effectively removing the icon...

Remove "Windows Sound Recorder" app

Microsoft Store Page This app is also known as "Voice recorder" or "Windows Voice Recorder". This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 |...

Remove "Windows Undocked Developer Kit (UDK)" app

This script removes the "Windows Undocked Developer Kit (UDK)" app. This app is also known as "UndockedDevKit", Undocked Developer Kit, Undocked Dev Kit, Windows UDK, or Undocked Shell. It dynamically introduces new features and updates to the Windows desktop environment, independent of full system updates. Shell encompasses the desktop interface elements, such as the Start Menu, Taskbar, and File Explorer. The UDK app makes it possible to update and customize these parts of the ...

Remove "Windows Web Experience Pack" (breaks Widgets)

This script removes the "Windows Web Experience Pack" app. This app is responsible for enabling the Widgets feature. Widgets are mini-programs that provide information and easy access to frequently used functions. The app is not essential, and its removal does not impact other functionalities of the operating system, provided you do not ntend to use Widgets. "Windows Web Experience Pack" app collects diagnostic data, and the individual widgets it enables might also gather user data. By removing ...

Remove "Xbox Console Companion" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. It's part of Microsoft Game Development Kit (GDK). Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ❌ | | Windows 11 | 22H2...

Remove "Xbox Game Bar Plugin" app

It's part of Microsoft Game Development Kit (GDK). This app comes pre-installed on certain versions of Windows. Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | Windows 11 | 23H2 | ✅ |

Remove "Xbox Game Bar" app

Microsoft Store Page This app comes pre-installed on certain versions of Windows. It's part of Microsoft Game Development Kit (GDK). Overview of default preinstallation - | OS | Version | Existence | | -- |:-------:|:---------:| | Windows 10 | 19H2 | ✅ | | Windows 10 | 20H2 | ✅ | | Windows 10 | 21H2 | ✅ | | Windows 10 | 22H2 | ✅ | | Windows 11 | 21H2 | ✅ | | Windows 11 | 22H2 | ✅ | | ...

Remove "Xbox Game Callable UI" app (breaks Xbox Live games)

This script uninstalls the "Xbox Game Callable UI" (TCUI) app. This app acts as an intermediary tool that games can use to bring up common UI elements on the Xbox platform. These displays, consistent with the RS5 Gamebar style, offer functionalities such as profile viewing, game invite sending, people selection, friend management, achievement viewing, user privilege checking, and navigation to game details, profile customization, user settings, and storage management. This app comes pre-installe...

Remove "Xbox Identity Provider" app (breaks Xbox sign-in)

This script uninstalls the "Xbox Identity Provider" app. This app enables your PC games to connect to Xbox Live. Its removal can help prevent personal gaming data from being shared with Microsoft's servers. Running this script will impact: Xbox sign-in for certain games, making it impossible to log in. • Log-in functionality for Xbox Game Pass, leading to errors and inability to access games. • Log-in to the Xbox app itself. Common errors caused by the absence of this app include: "We tried to s...

Remove "Xbox Live in-game experience" app

This script uninstalls the "Xbox Live in-game experience" app. This application provides TCUI functionality. Title-callable UI (TCUI) is a feature that allows game code to invoke pre-defined user interface displays. This app comes pre-installed on certain versions of Windows. It's part of Microsoft Game Development Kit (GDK). Uninstalling this script can contribute to user privacy by removing unnecessary apps that may have predefined interfaces linked with Xbox Live, minimizing potential data in...

Remove "Xbox Speech To Text Overlay" app

This script uninstalls the "Xbox Speech To Text Overlay" app. The app offers a speech-to-text feature for certain Xbox games. Specifically, it turns spoken words during a party chat into text which then appears on the game screen. This function is also termed as "game and chat transcription", and is compatible with games that support this feature. The removal of this app can help in reclaiming system resources and enhancing user privacy, as it would reduce the number of tools with potential voic...

Remove "XPS Viewer" capability

This script configures Windows using Batch (batchfile).It can be restored. It runs "PowerShell -ExecutionPolicy Unrestricted...".

Remove 3D modeling apps

This category provides scripts for uninstalling pre-installed 3D modeling applications from Windows. 3D modeling applications allow users to create, visualize, and manipulate three-dimensional objects in a virtual space. They are particularly useful for designers, artists, and professionals who need to create 3D designs for various purposes. These apps, while useful for certain users, might not be required by everyone, thus providing the option to uninstall them.

Remove bloatware

This category configures Windows using 215 scripts. These scripts are organized in 35 categories. The category includes 1 subscripts and 9 subcategories that include more scripts and categories.

Remove Candy Crush apps

This category consists of scripts to uninstall the various Candy Crush applications that may come preinstalled or be available for installation on certain versions of Windows.

Remove Edge

This category automates the uninstallation of Microsoft Edge (also known as "Chromium Edge" or "New Edge"), the web browser that comes pre-installed with many versions of Windows. Microsoft Edge collects various types of data, some of which pertain to your browsing habits, such as the websites you visit, your search queries, and the data you enter into forms. Additionally, it tracks usage metrics and diagnostic data about your device data and how the browser is functioning. These pieces of infor...

Remove Edge (Legacy)

This category includes scripts to remove Microsoft Edge Legacy. Microsoft introduced the Legacy version based on the EdgeHTML engine in 2015. However, as of March 9, 2021, they stopped supporting this version, implying it no longer gets security updates or patches. Keeping unsupported software on your system can pose security vulnerabilities. Initially, this version was the default browser on Windows 10 PCs. Due to its tight integration with Windows, a simple uninstall might not eliminate all re...

Remove Edge (Legacy) application selection associations

This script removes file and URL associations with Microsoft Edge Legacy (an old version of Edge), enhancing your privacy and potentially improving system performance. This script removes Edge Legacy from the default application selection dialog for certain file types and protocols, preventing it from being easily chosen as the default handler. Even on newer Windows computers, the old Edge might still be set to open common file types like: Web file formats (.htm, .html) • PDF documents (.pdf) • ...

Remove Edge (Legacy) associations

This category removes file and URL associations from Microsoft Edge Legacy, to enhance privacy and potentially improve system stability and performance. Edge Legacy, though outdated, may still have associations on modern Windows versions. Removing these associations: Reduces potential data collection through Edge Legacy • Prevents accidental use of an outdated browser • May improve system stability if Edge Legacy is removed • Can potentially enhance performance by eliminating unnecessary file as...

Remove Edge (Legacy) user associations

This script removes user associations for the legacy Microsoft Edge browser. Even though these are user defaults, Windows includes Microsoft Edge (Legacy) as the default browser for some associations on older versions of Windows. It enhances privacy by preventing the legacy Edge browser from automatically opening specific file types and URLs. This helps reduce data collection and tracking by the legacy Edge browser. If you have removed the legacy Edge browser, this script improves system stabili...

Remove Edge application selection associations

This script prevents Microsoft Edge from being listed as a default program for various file types and web links in Windows, giving you control over which programs open your files and enhancing your privacy. It improves privacy by preventing Edge from appearing as an option when selecting programs to open certain files or web links. This increases user control and reduces data collection and tracking via Microsoft Edge. If you've uninstalled Edge, this script stabilizes your system by removing le...

Remove Edge associations

This category removes Microsoft Edge browser associations from your Windows system, enhancing privacy and system control. These associations often remain after uninstalling Edge, potentially leading to unexpected behaviors and privacy concerns. Removing these associations will: Preventi Edge from automatically handling various file types and web protocols • Reduce potential data collection and tracking via Microsoft Edge • Eliminate leftover settings that may cause system instability after unins...

Remove Edge Open With associations

This script removes Microsoft Edge associations from the Open With context menu for various file types. It enhances privacy by reducing Microsoft Edge's integration with the operating system. This limits data collection opportunities during file interactions. It also enhances system stability by removing leftover Edge associations after uninstalling the browser. It may improve system performance by simplifying the Open With menu. Removing these associations gives you control over which a...

Remove Edge shortcuts

This script removes Microsoft Edge shortcuts from specific locations on your computer, enhancing the privacy and integrity of your system. When installed, Microsoft Edge, places shortcuts in various locations on your computer. Even after uninstalling the Edge browser, some of these shortcuts may not be removed (tested since ≥ Edge v117). This script ensures the removal of these residual shortcuts. These shortcuts can serve as access points for malicious entities, potentially compromising your co...

Remove Edge through official installer

This script uninstalls Microsoft Edge using the official installer. This script reliably uninstalls Microsoft Edge, even when direct removal is restricted by system settings. 1. Enable Uninstallation: The script modifies a registry key to permit the uninstallation of Microsoft Edge. This step is required because from version 116 onwards, Edge cannot be uninstalled without setting this registry key. 2. Mark Microsoft Edge (Legacy) as Installed: It creates a placeholder file to simulate th...

Remove Edge user associations

This script removes user-chosen Microsoft Edge associations for specific file types and web links. Even if a user does not explicitly choose Edge as the default browser, it is chosen by default. Edge associations often remain after uninstalling the browser. This can affect privacy and system performance. Removing these associations will: Enhance privacy by reducing Microsoft Edge's presence in your system • Improve system stability, especially if Edge is uninstalled • Boost performance by elimin...

Remove extension apps

This category contains scripts to uninstall extension apps. Extension apps are add-ons that enhance functionality related to media, images, and other software capabilities. Many of these extensions come pre-installed on some Windows versions. While they can be helpful, not everyone needs them. Unused extensions can present security risks due to potential critical vulnerabilities. A critical vulnerability is a serious security risk that could allow attackers to gain full control of your system. T...

Remove folders from This PC in File Explorer

This category includes scripts to hide specific folders from This PC in File Explorer and other file selection dialogs on Windows systems. It enhances privacy by hiding personal folders from common Windows interfaces. This prevents accidental exposure of sensitive information when sharing your screen or allowing others to use your computer. Removing folders may change how you access them if you often use This PC or file dialogs. You can still reach these folders through direct paths ...

Remove insecure "Print 3D" app

This script uninstalls the "Print 3D" application. This app enhances 3D printing by supporting network printers, optimizing settings, and rendering objects realistically. However, this app poses certain risks. The application can access the Internet, home or work networksm and your 3D objects. It has known serious security vulnerabilities such as "Remote Code Execution Vulnerability". These vulnerabilities allow attackers to remotely execute malicious code on your system. This app is no longer s...

Remove Microsoft Office apps

This category focuses on scripts that help uninstall select Microsoft Office apps that may come pre-installed with Windows. Microsoft Office suite is a popular productivity suite, providing tools for a wide range of tasks like document creation, note-taking, and interactive presentation development. However, while many of these apps like Word, Excel, and PowerPoint are commonly used, some other apps like My Office, OneNote, and Sway might not be essential for all users. Especially, if users have...

Remove Microsoft Store apps

This category houses scripts dedicated to uninstalling specific applications related to the Microsoft Store. As the digital storefront for Microsoft, the Microsoft Store is a hub for apps, games, movies, and other content. While it provides a convenient method of obtaining software, some users might wish to uninstall or disable it for reasons like performance optimization or data privacy concerns. As always, when disabling or uninstalling core system apps, it is crucial to be informed of the pot...

Remove MSN (Bing) apps

This category includes scripts to uninstall MSN (sometimes branded as "Bing" or just "Microsoft") applications from Windows. MSN apps come bundled with Windows and provide users with information from various domains such as weather, sports, news, and finance. While they offer easy access to curated content right from the desktop, not all users find them essential. If users prefer other sources or tools for this information, they might wish to uninstall these default apps to declutter their syste...

Remove not preinstalled features on demand

This category configures Windows using 36 scripts. These scripts are organized in 3 categories. The category includes 12 subscripts and 3 subcategories that include more scripts and categories.

Remove on-demand capabilities and features

This category configures Windows using 46 scripts. These scripts are organized in 5 categories. The category includes 2 subcategories that include more scripts and categories.

Remove OneDrive

Microsoft OneDrive (formerly SkyDrive) is a file hosting service operated by Microsoft. First launched in August 2007, it enables registered users to share and synchronize their files. Data stored on OneDrive is subject to monitoring by Microsoft. There's been reports of Microsoft accessing and altering your personal files when syncing on OneDrive. Uninstalling OneDrive is recommended by Microsoft to optimize Windows VDIs.

Remove OneDrive folder from File Explorer

File Explorer shows OneDrive to allow you to access files stored in OneDrive (stored online and locally cached). CLSID for OneDrive is "018D5C66-4533-4307-9B53-224DE2ED1FE6" for both Windows 10 and 11. Changing pinning option for this key removed OneDrive from navigation file in File Explorer. This CLSID includes "System.IsPinnedToNameSpaceTree" as value as "1" after clean installation in both Windows 10 and Windows 11.

Remove OneDrive from startup

OneDrive starts on every boot in both Windows 10 and 11 by default. It's started through "OneDrive" "REG_SZ" entry in "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run". It is found on both Windows 10 (since 21H2, missing in 20H2) and Windows 11 (since 23H2). The startup command is ""\\Microsoft\\OneDrive\\OneDrive.exe" /background".

Remove OneDrive installation files and cache

This script removes OneDrive installation directories, application data, temporary files, and cache. Identified by the community and confirmed through testing, these folders include: "C:\\OneDriveTemp": A location for temporary cache files. • "C:\\ProgramData\\Microsoft OneDrive": Stores data used in setting up OneDrive. • "C:\\Users\\\\AppData\\Local\\Microsoft\\OneDrive": OneDrive installation directory. | Directory | Windows 11 (since 22H2) | Windows 10 (since 22H2) | | --------- |:---------...

Remove OneDrive shortcuts

This script ensures the removal of all OneDrive shortcuts from your system, even after uninstallation or cleanup. Erasing these shortcuts improves the security and privacy of your computer system, lessening the potential access points for unwanted entities. Moreover, the removal of unused shortcuts results in a more organized and efficient system, enhancing your user experience by preventing any confusion from dead shortcuts. Shortcuts that link to OneDrive are stored in various locations, such ...

Remove OneDrive through official installer

This script will call official Microsoft uninstaller that will uninstall the application but residual files will be left. You won't lose data by uninstalling OneDrive from computer because they will be stored in cloud. Running OneDrive client setup package ("OneDriveSetup.exe") with the "/uninstall" command line switch uninstalls OneDrive. On Windows 10, the setup package is found on different folders ("System32" or "SysWOW64") based on the CPU architecture. On Windows 11, the setup package is a...

Remove OneDrive user data and synced folders

This script deletes the OneDrive directory and all stored data from your profile. OneDrive usually saves your data in the "%USERPROFILE%\\OneDrive" directory, also known as the OneDrive folder or OneDrive root directory. By default, OneDrive stores user data in folder called OneDrive. For multiple accounts, files may be in OneDrive - Personal or OneDrive - CompanyName folders. OneDrive can synchronize default Windows folders like Documents, Pictures, Music, and Desktop. These fo...

Remove Out-of-Box Experience (OOBE) apps

This category focuses on uninstalling specific Out-of-Box Experience (OOBE) apps from Windows devices. OOBE apps are components of the Windows setup process designed to guide users through initial device setup, establishing settings and preferences, and connecting to networks.

Remove outdated "3D Objects" folder from This PC in File Explorer

This script hides the 3D Objects folder from This PC in File Explorer. This script improves privacy as this folder may contain personal projects or designs. This action reduces the risk of unintentional sharing of potentially sensitive 3D models or related files. Microsoft removed this folder in Windows 10 Build 21322 and later versions. If you often use the 3D Objects folder, this change may affect your workflow. The folder remains accessible through direct navigation in File ...

Remove outdated "Snipping Tool" app

This script removes the outdated Snipping Tool app. It was previously known as Snip & Sketch. It allows users to capture, edit, and share screenshots. In recent Windows versions, this app is part of the Windows Feature Experience Pack ("MicrosoftWindows.Client.Core") and is no longer a separate application. This script disables snipping functionality on older Windows versions. privacy.sexy does not remove the entire Windows Feature Experience Pack, as it contains many other essential f...

Remove Phone apps

This category features scripts for managing Windows apps related to smartphones. These scripts are for apps that connect smartphones to Windows, including dialer and other phone-related apps, even those that are outdated or replaced. The scripts aim to let users control whether these apps stay or go, improving their control over personal settings. These applications may pose privacy concerns due to their data sharing and synchronization capabilities. Removing these apps improves privacy by stopp...

Remove printing user interface

This category includes scripts that remove applications providing printing-related user interfaces. These interfaces manage printing tasks from the desktop environment. Both system and third-party applications use these interfaces. Removing these apps benefits users who do not use physical printing or prefer alternative methods. This can streamline system operations and enhance security by reducing the attack surface. Additionally, removing these apps enhances your data privacy by preventing una...

Remove Snipping Tool

This category addresses privacy risks related to the Snipping Tool (also called screen capture) and its earlier forms, Snip & Sketch and Screen Sketch. The Snipping Tool enables users to capture screenshots and record their screens. This capability can expose sensitive information displayed on the screen unintentionally. Earlier versions had significant privacy vulnerabilities, allowing recovery of cropped screenshot portions. For example, bank details edited out of a saved scree...

Remove system apps

This category includes scripts for uninstalling default system apps in Windows. System apps are pre-installed applications located in the "C:\\Windows*" directory. These apps are typically found on "C:\\Windows\\SystemApps\\{PackageFamilyName}" or "C:\\Windows\\{ShortAppName}" folders. They are integral components of the Windows operating system. Removing certain system apps may improve privacy by reducing data collection. It can also improve system performance by freeing up system resources. These sc...

Remove third-party apps

This category provides options to uninstall third-party applications (not developed by Microsoft) that may come preinstalled or be available for installation on specific Windows versions.

Remove Widgets

Windows 11 adds a new taskbar flyout named "Widgets", which displays a panel with Microsoft Start, a news aggregator with personalized stories and content (expanding upon the "news and interests" panel introduced in later builds of Windows 10). It's rebranding/future version of older "Windows 10 News and Interests" feature. The user can customize the panel by adding or removing widgets, rearranging, resizing, and personalizing the content. It has privacy implications as it collects data about yo...

Remove Windows apps

This category covers the uninstallation of Windows apps. Windows apps were introduced with Windows 8 and are typically acquired and installed through the Store app. Many of these apps come pre-installed on Windows by default. Uninstalling unused or unwanted apps contributes to privacy by reducing potential data collection points and minimizing your digital footprint. The applications are categorized as: They are located in "C:\\Program Files\\WindowsApps\\{PackageFullName}". Following PowerShell co...

Remove Windows Copilot

This category includes scripts to disable or remove the Windows Copilot feature. "Windows Copilot" is also known as "Copilot in Windows", Windows Copilot is an AI assistant within Windows. It helps with a wide range of tasks, like adjusting system settings. It can deliver web results, and supports generating creative content, like images, and providing personalized suggestions based on user data analysis. While these features enhance user experience, they raise privacy concerns due to the extens...

Remove Xbox apps

This category contains scripts designed to uninstall specific Windows apps related to Xbox. Uninstalling these apps may enhance system performance and privacy, as fewer apps are running in the background, accessing personal data or utilizing system resources. If you're not using these services or apps, it might be beneficial to disable them for a cleaner and more privacy-focused user experience.

Security improvements

This category encompasses a range of scripts designed to improve the security of your system by enforcing security best practices. These scripts help protect your system against various types of cyber threats and unauthorized access.

UI for privacy

This category configures Windows using 24 scripts. These scripts are organized in 3 categories. The category includes 10 subscripts and 3 subcategories that include more scripts and categories.

windows

Scripts to improve privacy in Windows. They are written using Batch (batchfile) language.