API tools faq
paste
Guest User

Untitled

a guest
Apr 3rd, 2016
4,084
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 57.14 KB | None | 0 0
raw download clone embed print report
  1. rem USE AT OWN RISK AS IS WITHOUT WARRANTY OF ANY KIND !!!!!
  2.  
  3. rem Sections
  4.  
  5. rem Basic recommendations
  6. rem Software recommendations
  7.  
  8. rem Remove various startup entries and policies
  9. rem Restore essential startup entries
  10.  
  11. rem Windows Basics
  12. rem Windows Defender
  13. rem Windows Desktop
  14. rem Windows Drivers
  15. rem Windows Error Reporting
  16. rem Windows Explorer
  17. rem Windows Logging
  18. rem Windows Network
  19. rem Windows Notifications
  20. rem Windows Optimizations
  21. rem Windows Policies
  22. rem Windows Privacy
  23. rem Windows Scheduled Tasks
  24. rem Windows Services
  25. rem Windows Shell
  26. rem Windows Updates
  27. rem Windows Waypoint
  28.  
  29. rem ========================= Basic recommendations =========================
  30.  
  31. rem Uncheck IPv6
  32.  
  33. rem Sync Center
  34. rem Take ownership and remove all users to prevent it from running at every startup
  35. rem C:\Windows\System32\mobsync.exe
  36.  
  37. rem Windows Cortana/Search - delete to get rid of SearchUI.exe (to restore perform "sfc /scannow")
  38. rem Take ownership and delete the folder (Terminate "SearchUI.exe", when asked to "Try again" and delete within 2-3 seconds)
  39. rem C:/Windows/SystemApps/Microsoft.Windows.Cortana_cw5n1h2txyewy
  40.  
  41. rem Windows Defender - delete to regain some space (to restore perform "sfc /scannow")
  42. rem Take ownership and delete folder
  43. rem C:\ProgramData\Microsoft\Windows Defender
  44.  
  45. rem Windows Powershell - delete for security purposes (to restore perform "sfc /scannow")
  46. rem threatpost.com/fileless-powerware-ransomware-found-on-healthcare-network/116998/
  47. rem Take ownership and delete folders
  48. rem C:\Program Files (x86)\WindowsPowerShell
  49. rem C:\Program Files\WindowsPowerShell
  50. rem C:\Windows\System32\WindowsPowerShell
  51. rem C:\Windows\SysWOW64\WindowsPowerShell
  52.  
  53. rem Windows Problems Solutions
  54. rem Disable Windows Defender - pastebin.com/kYCVzZPz
  55. rem Enable Windows Defender - pastebin.com/0NxF7kCd
  56. rem Perform Windows Updates - pastebin.com/gLnJVKGt
  57. rem Windows Cleanup - pastebin.com/5Q4t1Us9
  58. rem Windows Complete Fix - pastebin.com/bwCnbKYN
  59. rem Windows Repair Free - www.tweaking.com/content/page/windows_repair_all_in_one.html
  60. rem Windows TenForums - www.tenforums.com
  61.  
  62. rem ========================= Software recommendations =========================
  63.  
  64. rem Recommended free cleanup software for Windows 10
  65. rem CleanMem - www.pcwintech.com/cleanmem
  66. rem Wise Care - www.wisecleaner.com/wise-care-365.html
  67. rem Wise Program Uninstaller - www.wisecleaner.com/wise-program-uninstaller.html
  68.  
  69. rem Recommended free security cleanup software
  70. rem Dr.Web CureIt! - free.drweb.com/download+cureit+free
  71. rem Emsisoft Emergency Kit - www.emsisoft.com/en/software/eek
  72. rem Guide - malwaretips.com/blogs/malware-removal-guide-for-windows
  73. rem Help - www.bleepingcomputer.com/forums/t/182397/am-i-infected-what-do-i-do-how-do-i-get-help-who-is-helping-me
  74.  
  75. rem Recommended free security software
  76. rem 360 Total Security Essential - www.360totalsecurity.com/en/features/360-total-security-essential
  77. rem Bitdefender Antivirus Free Edition - www.bitdefender.com/solutions/free.html
  78.  
  79. rem Recommended free software replacement for Windows 10 apps
  80. rem Browser / Yandex.Browser - browser.yandex.com
  81. rem Computer Management / www.nirsoft.net/utils/index.html
  82. rem File Archiver / 7-zip - www.7-zip.org
  83. rem File Encryption / AxCrypt - www.axantum.com/AxCrypt/Downloads.html
  84. rem File Explorer / XYplorerFree - www.xyplorer.com/free
  85. rem Disc Space Manager / TreeSize Free - www.jam-software.com/treesize_free
  86. rem Driver Updates / Driver Easy - www.drivereasy.com
  87. rem Hardware Information / HWiNFO - www.hwinfo.com/download.php
  88. rem Image Viewer / XnView - www.xnview.com/en/xnview/#downloads
  89. rem Media Player / MPC-HC - mpc-hc.org/downloads
  90. rem Office Suite / LibreOffice - www.libreoffice.org/download/libreoffice-fresh
  91. rem Password Manager (Offline) / KeePass - keepass.info/download.html
  92. rem PDF Viewer / PDF xChange Viewer - www.tracker-software.com/product/downloads
  93. rem Remote Support / TeamViewer - www.teamviewer.com/en/download/windows
  94. rem Startup Manager / Autoruns - technet.microsoft.com/en-us/sysinternals/bb963902.aspx
  95. rem Task Manager / Process Hacker - processhacker.sourceforge.net
  96. rem Windows Updates / Windows Update MiniTool - forums.mydigitallife.info/threads/64939-Windows-Update-MiniTool
  97.  
  98. rem ========================= Remove various startup entries and policies =========================
  99.  
  100. del ""%SystemDrive%\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\*"" /s /f /q
  101. del ""%LocalAppData%\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*"" /s /f /q
  102.  
  103. reg delete "HKCU\Software\Microsoft\Command Processor" /v "AutoRun" /f
  104. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "Startup" /f
  105. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v "Startup" /f
  106. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies" /f
  107. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /f
  108. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" /f
  109. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices" /f
  110. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce" /f
  111. reg delete "HKCU\Software\Microsoft\WindowsSelfHost" /f
  112. reg delete "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server" /f
  113. reg delete "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows" /f
  114. reg delete "HKCU\Software\Policies" /f
  115. reg delete "HKLM\Software\Microsoft\Command Processor" /v "AutoRun" /f
  116. reg delete "HKLM\Software\Microsoft\Policies" /f
  117. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders" /v "Common Startup" /f
  118. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders" /v "Common Startup" /f
  119. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" /f
  120. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies" /f
  121. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /f
  122. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce" /f
  123. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices" /f
  124. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce" /f
  125. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
  126. reg delete "HKLM\Software\Microsoft\WindowsSelfHost" /f
  127. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server" /f
  128. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v "AppInit_DLLs" /f
  129. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /f
  130. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /f
  131. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "VMApplet" /f
  132. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells" /f
  133. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" /f
  134. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman" /f
  135. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit" /f
  136. reg delete "HKLM\Software\Policies" /f
  137. reg delete "HKLM\Software\WOW6432Node\Microsoft\Policies" /f
  138. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" /f
  139. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" /f
  140. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" /f
  141. reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies" /f
  142. reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
  143. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows" /v "AppInit_DLLs" /f
  144. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /f
  145. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /f
  146. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "VMApplet" /f
  147. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells" /f
  148. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" /f
  149. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman" /f
  150. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit" /f
  151. reg delete "HKLM\Software\WOW6432Node\Policies" /f
  152. reg delete "HKLM\System\CurrentControlSet\Control\Keyboard Layout" /v "Scancode Map" /f
  153. reg delete "HKLM\System\CurrentControlSet\Control\SafeBoot" /v "AlternateShell" /f
  154. reg delete "HKLM\System\CurrentControlSet\Control\Session Manager" /v "BootExecute" /f
  155. reg delete "HKLM\System\CurrentControlSet\Control\Session Manager" /v "Execute" /f
  156. reg delete "HKLM\System\CurrentControlSet\Control\Session Manager" /v "SETUPEXECUTE" /f
  157. reg delete "HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd" /v "StartupPrograms" /f
  158.  
  159. rem ========================= Restore essential startup entries =========================
  160.  
  161. rem Run bcdedit command to check for the current status / Yes = True / No = False
  162. bcdedit /deletevalue {current} safeboot
  163. bcdedit /deletevalue {default} safeboot
  164. bcdedit /set {default} advancedoptions false
  165. bcdedit /set {default} bootems no
  166. bcdedit /set {default} bootstatuspolicy DisplayAllFailures
  167. bcdedit /set {default} recoveryenabled no
  168. bcdedit /set {bootmgr} displaybootmenu no
  169. bcdedit /set {current} bootems no
  170. bcdedit /set {current} advancedoptions false
  171. bcdedit /set {current} bootstatuspolicy DisplayAllFailures
  172. bcdedit /set {current} recoveryenabled no
  173.  
  174. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v "EvtMgr6" /t REG_SZ /d "C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" /f
  175. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /t REG_SZ /d "explorer.exe" /f
  176. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /t REG_SZ /d "C:\Windows\System32\userinit.exe," /f
  177. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /t REG_SZ /d "explorer.exe" /f
  178. reg add "HKLM\System\CurrentControlSet\Control\Session Manager" /v "BootExecute" /t REG_MULTI_SZ /d "autocheck autochk *" /f
  179. reg add "HKLM\System\CurrentControlSet\Control\Session Manager" /v "SETUPEXECUTE" /t REG_MULTI_SZ /d "" /f
  180.  
  181. rem ========================= Windows Basics =========================
  182.  
  183. rem Set Formats to Metric
  184. reg add "HKCU\Control Panel\International" /v "iDigits" /t REG_SZ /d "2" /f
  185. reg add "HKCU\Control Panel\International" /v "iLZero" /t REG_SZ /d "1" /f
  186. reg add "HKCU\Control Panel\International" /v "iMeasure" /t REG_SZ /d "0" /f
  187. reg add "HKCU\Control Panel\International" /v "iNegNumber" /t REG_SZ /d "1" /f
  188. reg add "HKCU\Control Panel\International" /v "iPaperSize" /t REG_SZ /d "1" /f
  189. reg add "HKCU\Control Panel\International" /v "iTLZero" /t REG_SZ /d "1" /f
  190. reg add "HKCU\Control Panel\International" /v "sDecimal" /t REG_SZ /d "." /f
  191. reg add "HKCU\Control Panel\International" /v "sNativeDigits" /t REG_SZ /d "0123456789" /f
  192. reg add "HKCU\Control Panel\International" /v "sNegativeSign" /t REG_SZ /d "-" /f
  193. reg add "HKCU\Control Panel\International" /v "sPositiveSign" /t REG_SZ /d "" /f
  194. reg add "HKCU\Control Panel\International" /v "NumShape" /t REG_SZ /d "1" /f
  195.  
  196. rem 244 - Set Location to United States (for the best Windows and Store experience) / 143 - Slovakia
  197. reg add "HKCU\Control Panel\International\Geo" /v "Nation" /t REG_SZ /d "143" /f
  198.  
  199. rem Set Time to 24h / Monday
  200. reg add "HKCU\Control Panel\International" /v "iCalendarType" /t REG_SZ /d "1" /f
  201. reg add "HKCU\Control Panel\International" /v "iDate" /t REG_SZ /d "1" /f
  202. reg add "HKCU\Control Panel\International" /v "iFirstDayOfWeek" /t REG_SZ /d "0" /f
  203. reg add "HKCU\Control Panel\International" /v "iFirstWeekOfYear" /t REG_SZ /d "0" /f
  204. reg add "HKCU\Control Panel\International" /v "iTime" /t REG_SZ /d "1" /f
  205. reg add "HKCU\Control Panel\International" /v "iTimePrefix" /t REG_SZ /d "0" /f
  206. reg add "HKCU\Control Panel\International" /v "sDate" /t REG_SZ /d "-" /f
  207. reg add "HKCU\Control Panel\International" /v "sLongDate" /t REG_SZ /d "d MMMM, yyyy" /f
  208. reg add "HKCU\Control Panel\International" /v "sMonDecimalSep" /t REG_SZ /d "." /f
  209. reg add "HKCU\Control Panel\International" /v "sMonGrouping" /t REG_SZ /d "3;0" /f
  210. reg add "HKCU\Control Panel\International" /v "sMonThousandSep" /t REG_SZ /d "," /f
  211. reg add "HKCU\Control Panel\International" /v "sShortDate" /t REG_SZ /d "dd-MMM-yy" /f
  212. reg add "HKCU\Control Panel\International" /v "sTime" /t REG_SZ /d ":" /f
  213. reg add "HKCU\Control Panel\International" /v "sTimeFormat" /t REG_SZ /d "HH:mm:ss" /f
  214. reg add "HKCU\Control Panel\International" /v "sShortTime" /t REG_SZ /d "HH:mm" /f
  215. reg add "HKCU\Control Panel\International" /v "sYearMonth" /t REG_SZ /d "MMMM yyyy" /f
  216.  
  217. rem Set Time Zone
  218. tzutil /s "Singapore Standard Time"
  219.  
  220. rem When windows detects communicarions activity / 0 - Mute all other sounds / 1 - Reduce all other by 80% / 2 - Reduce all other by 50% / 3 - Do nothing
  221. reg add "HKCU\Software\Microsoft\Multimedia\Audio" /v "UserDuckingPreference" /t REG_DWORD /d "3" /f
  222.  
  223. rem 1 - Enable Automatic Restart on System Failure
  224. reg add "HKLM\System\CurrentControlSet\Control\CrashControl" /v "AutoReboot" /t REG_DWORD /d "1" /f
  225.  
  226. rem System Info
  227. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "Logo" /t REG_SZ /d "D:\Software\Temp\Pics\Mikai.bmp" /f
  228. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "Manufacturer" /t REG_SZ /d "TairikuOkami" /f
  229. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "SupportHours" /t REG_SZ /d "None" /f
  230. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "SupportPhone" /t REG_SZ /d "None" /f
  231. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "SupportURL" /t REG_SZ /d "www.facebook.com/tairikuokami" /f
  232.  
  233. rem Enable System restore and Set the size
  234. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\SPP\Clients" /v " {09F7EDC5-294E-4180-AF6A-FB0E6A0E9513}" /t REG_MULTI_SZ /d "1" /f
  235. vssadmin Resize ShadowStorage /For=C: /On=C: /Maxsize=5GB
  236. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableConfig" /f
  237. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableSR" /f
  238.  
  239. rem Replace default Task Manager with Process Hacker (must be installed prior to use)
  240. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe" /v "Debugger" /t REG_SZ /d "\"C:\Program Files\Process Hacker 2\ProcessHacker.exe\"" /f
  241. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe" /v "Debugger" /t REG_SZ /d "\"C:\Program Files\Process Hacker 2\ProcessHacker.exe\"" /f
  242.  
  243. rem Computer Name - KGTX61S (Computer name should not be longer than 16 characters)
  244. reg add "HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName" /v "ComputerName" /t REG_SZ /d "E525" /f
  245. reg add "HKLM\System\CurrentControlSet\Control\ComputerName\ComputerName" /v "ComputerName" /t REG_SZ /d "E525" /f
  246. reg add "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters" /v "Hostname" /t REG_SZ /d "E525" /f
  247. reg add "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters" /v "NV Hostname" /t REG_SZ /d "E525" /f
  248.  
  249. rem Time to display recovery options when needed in seconds
  250. reg add "HKLM\System\CurrentControlSet\Control\Session Manager" /v "AutoChkTimeout" /t REG_DWORD /d "5" /f
  251.  
  252. rem ========================= Windows Defender =========================
  253.  
  254. rem To completely disable WD - pastebin.com/kYCVzZPz
  255. rem An alternative option - winaero.com/blog/nodefender-disable-windows-defender-in-windows-10-with-few-clicks
  256.  
  257. rem 1 - Disable Real-time protection
  258. reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f
  259.  
  260. rem ========================= Windows Desktop =========================
  261.  
  262. rem 0 - No screen saver is selected / 1 - A screen saver is selected
  263. reg add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d "1" /f
  264.  
  265. rem Specifies whether the screen saver is password-protected / 0 - No / 1 - Yes
  266. reg add "HKCU\Control Panel\Desktop" /v "ScreenSaverIsSecure" /t REG_SZ /d "0" /f
  267.  
  268. rem Specifies in seconds how long the System remains idle before the screen saver starts
  269. reg add "HKCU\Control Panel\Desktop" /v "ScreenSaveTimeOut" /t REG_SZ /d "250" /f
  270.  
  271. rem Specifies in milliseconds how long the System waits for user processes to end after the user clicks the End Task command button in Task Manager
  272. reg add "HKCU\Control Panel\Desktop" /v "SCRNSAVE.EXE" /t REG_SZ /d "C:\Windows\System32\Mystify.scr" /f
  273.  
  274. rem Wallpaper Location (disabled replace rem with reg)
  275. reg add "HKCU\Control Panel\Desktop" /v "Wallpaper" /t REG_SZ /d "D:\Software\Temp\Pics\Wallpaper.jpg" /f
  276.  
  277. rem 0 - Center the bitmap on the desktop / 2 - Stretch the bitmap vertically and horizontally to fit the desktop / 10 - Fill / 6 - Fit / 2 - Stretch / 0 - Tile/Center
  278. reg add "HKCU\Control Panel\Desktop" /v "WallpaperStyle" /t REG_SZ /d "2" /f
  279.  
  280. rem 0 - Always show all icons and notifications on the taskbar / 1 - Hide Inactive Icons
  281. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "EnableAutoTray" /t REG_DWORD /d "0" /f
  282.  
  283. rem Hide Control Panel
  284. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}" /t REG_DWORD /d "1" /f
  285.  
  286. rem Hide Network
  287. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" /t REG_DWORD /d "1" /f
  288.  
  289. rem Hide Recycle Bin
  290. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{645FF040-5081-101B-9F08-00AA002F954E}" /t REG_DWORD /d "1" /f
  291.  
  292. rem Hide This PC
  293. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d "1" /f
  294.  
  295. rem Hide User's Files
  296. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{59031a47-3f72-44a7-89c5-5595fe6b30ee}" /t REG_DWORD /d "1" /f
  297.  
  298. rem 0 - Disable Cortana
  299. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "AllowCortana" /t REG_DWORD /d "0" /f
  300.  
  301. rem 0 - Disable Bing Search
  302. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "BingSearchEnabled" /t REG_DWORD /d "0" /f
  303.  
  304. rem 0 - Disable Cortana in Taskbar search
  305. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "CortanaEnabled" /t REG_DWORD /d "0" /f
  306.  
  307. rem 0 - Hide Taskbar search / 1 - Show search icon / 2 - Show search box
  308. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d "0" /f
  309.  
  310. REM 0 - Disable Cortana, Bing Search and Searchbar
  311. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d "0" /f
  312.  
  313. rem 1 - Disable web search in search bar
  314. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "DisableWebSearch" /t REG_DWORD /d "1" /f
  315.  
  316. rem 0 - Disable search web when searching pc
  317. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWeb" /t REG_DWORD /d "0" /f
  318. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWebOverMeteredConnections" /t REG_DWORD /d "0" /f
  319.  
  320. rem ========================= Windows Drivers =========================
  321.  
  322. rem Specifies how the System responds when a user tries to install device driver files that are not digitally signed / 00 - Ignore / 01 - Warn / 02 - Block
  323. reg add "HKLM\Software\Microsoft\Driver Signing" /v "Policy" /t REG_BINARY /d "01" /f
  324.  
  325. rem 1 - Prevent device metadata retrieval from the Internet/ Do not automatically download manufacturers’ apps and custom icons available for your devices
  326. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Device Metadata" /v "PreventDeviceMetadataFromNetwork" /t REG_DWORD /d "1" /f
  327.  
  328. rem Do you want Windows to download driver Software / 0 - Never / 1 - Allways / 2 - Install driver Software, if it is not found on my computer
  329. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DriverSearching" /v "SearchOrderConfig" /t REG_DWORD /d "0" /f
  330.  
  331. rem ========================= Windows Error Reporting =========================
  332.  
  333. rem 1 - Disable Windows Error Reporting (WER)
  334. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f
  335. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f
  336.  
  337. rem 1 - Disable WER sending second-level data
  338. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "DontSendAdditionalData" /t REG_DWORD /d "1" /f
  339. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "DontSendAdditionalData" /t REG_DWORD /d "1" /f
  340.  
  341. rem 1 - Disable WER crash dialogs, popups
  342. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "DontShowUI" /t REG_DWORD /d "1" /f
  343. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "DontShowUI" /t REG_DWORD /d "1" /f
  344.  
  345. rem 1 - Disable WER logging
  346. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "LoggingDisabled" /t REG_DWORD /d "1" /f
  347. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "LoggingDisabled" /t REG_DWORD /d "1" /f
  348.  
  349. rem ========================= Windows Explorer =========================
  350.  
  351. rem All of the components of Windows Explorer run a single process / 1 - All instances of Windows Explorer run in one process and the Desktop and Taskbar run in a separate process
  352. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "DesktopProcess" /t REG_DWORD /d "1" /f
  353.  
  354. rem 2 - Underline icon titles consistent with my browser / 3 - Underline icon titles only when I point at them
  355. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "IconUnderline" /t REG_DWORD /d "2" /f
  356.  
  357. rem 1 - Disable Previous Versions Tab
  358. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "NoPreviousVersionsPage" /t REG_DWORD /d "1" /f
  359. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "NoPreviousVersionsPage" /t REG_DWORD /d "1" /f
  360.  
  361. rem Single-click to open an item
  362. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "ShellState" /t REG_BINARY /d "2400000017a8000000000000000000000000000001000000130000000000000073000000" /f
  363.  
  364. rem Do not show Frequent folders in Quick Access
  365. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "ShowFrequent" /t REG_DWORD /d "0" /f
  366.  
  367. rem Do not show Recent folders in Quick Access
  368. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "ShowRecent" /t REG_DWORD /d "0" /f
  369.  
  370. rem 0 - Do not hide extensions for known file types
  371. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d "0" /f
  372.  
  373. rem 1 - Show Hidden Folders and Files
  374. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Hidden" /t REG_DWORD /d "1" /f
  375.  
  376. rem 0 - Open File Explorer to Quick access / 1 - Open File Explorer to This PC
  377. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "LaunchTo" /t REG_DWORD /d "1" /f
  378.  
  379. rem 0 - Do not use Sharing Wizard
  380. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "SharingWizardOn" /t REG_DWORD /d "0" /f
  381.  
  382. rem 1 - Launch folder windows in a separate process
  383. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "SeparateProcess" /t REG_DWORD /d "1" /f
  384.  
  385. rem 1 - Show protected operating System files
  386. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowSuperHidden" /t REG_DWORD /d "1" /f
  387.  
  388. rem 0 - Hide Task View button
  389. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d "0" /f
  390.  
  391. rem Remove Desktop folder from This PC
  392. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
  393. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
  394.  
  395. rem Remove Documents folder from This PC
  396. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
  397. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
  398.  
  399. rem Remove Downloads folder from This PC
  400. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
  401. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
  402.  
  403. rem Remove Music folder from This PC on
  404. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
  405. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
  406.  
  407. rem Remove Pictures folder from This PC
  408. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
  409. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
  410.  
  411. rem Remove Videos folder from This PC
  412. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
  413. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
  414.  
  415. rem ========================= Windows Logging =========================
  416.  
  417. rem DiagLog required by Diagnostic Policy Service
  418. rem EventLog-Application required by Windows
  419. rem EventLog-System required by Windows
  420. rem WdiContextLog required by Diagnostic Service Host, Diagnostic System Host and ShellExperienceHost (Start, Time, Volume and such)
  421. rem msdn.microsoft.com/en-us/library/windows/desktop/aa363687(v=vs.85).aspx
  422.  
  423. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\AITEventLog" /v "Start" /t REG_DWORD /d "0" /f
  424. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\AppModel" /v "Start" /t REG_DWORD /d "0" /f
  425. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\AppPlat" /v "Start" /t REG_DWORD /d "0" /f
  426. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Audio" /v "Start" /t REG_DWORD /d "0" /f
  427. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\AutoLogger-Diagtrack-Listener" /v "Start" /t REG_DWORD /d "0" /f
  428. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Circular Kernel Context Logger" /v "Start" /t REG_DWORD /d "0" /f
  429. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f
  430. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
  431. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\LwtNetLog" /v "Start" /t REG_DWORD /d "0" /f
  432. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\NtfsLog" /v "Start" /t REG_DWORD /d "0" /f
  433. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\ReadyBoot" /v "Start" /t REG_DWORD /d "0" /f
  434. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\SQMLogger" /v "Start" /t REG_DWORD /d "0" /f
  435. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\WiFiSession" /v "Start" /t REG_DWORD /d "0" /f
  436.  
  437. rem ========================= Windows Network =========================
  438.  
  439. rem Windows wmic command line command
  440. rem www.computerhope.com/wmic.htm
  441.  
  442. rem Disable IPv6
  443. netsh int ipv6 isatap set state disabled
  444. netsh int teredo set state disabled
  445. netsh interface ipv6 6to4 set state state=disabled undoonstop=disabled
  446. reg add "HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters" /v "DisabledComponents" /t REG_DWORD /d "255" /f
  447.  
  448. rem 0 - Disable LMHOSTS Lookup / 1 - Enable
  449. reg add "HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters" /v "EnableLMHOSTS" /t REG_DWORD /d "0" /f
  450.  
  451. rem 2 - Disable NetBIOS over TCP/IP / 1 - Enable / 0 - Default
  452. wmic nicconfig where TcpipNetbiosOptions=0 call SetTcpipNetbios 2
  453. wmic nicconfig where TcpipNetbiosOptions=1 call SetTcpipNetbios 2
  454.  
  455. rem Setup IP and Gateway (To Enable DHCP: wmic nicconfig where index=0 call enabledhcp)
  456. wmic nicconfig where index=0 call enablestatic("10.10.10.20"), ("255.255.255.0")
  457. wmic nicconfig where index=0 call setgateways("10.10.10.10")
  458.  
  459. rem Setup OpenDNS on adapter with DHCP disabled or just use index=0
  460. wmic nicconfig where (IPEnabled=TRUE and DHCPEnabled=FALSE) call SetDNSServerSearchOrder ("208.67.220.220","208.67.222.222")
  461.  
  462. rem Disable Windows Firewall / AllProfiles / CurrentProfile / DomainProfile / PrivateProfile / PublicProfile
  463. rem technet.microsoft.com/en-us/library/cc771920(v=ws.10).aspx
  464. netsh advfirewall set allprofiles firewallpolicy blockinboundalways,blockoutbound
  465. netsh advfirewall set allprofiles state off
  466.  
  467. rem ========================= Windows Notifications =========================
  468.  
  469. rem 1 - Show me tips about Windows / Can cause high disc usage via a process System and compressed memory
  470. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\SoftLanding" /v "Enabled" /t REG_DWORD /d "0" /f
  471.  
  472. rem 1 - Do not show app Notifications / Disable the message: Turn on Windows Security Center service
  473. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings" /v "NOC_GLOBAL_SETTING_TOASTS_ENABLED" /t REG_DWORD /d "0" /f
  474.  
  475. rem 1 - Do not show alarms, reminders and incoming VOIP calls on the lock
  476. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings" /v "NOC_GLOBAL_SETTING_ALLOW_CRITICAL_TOASTS_ABOVE_LOCK" /t REG_DWORD /d "0" /f
  477.  
  478. rem 1 - Do not show notifications on the lock screen
  479. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings" /v "NOC_GLOBAL_SETTING_ALLOW_TOASTS_ABOVE_LOCK" /t REG_DWORD /d "0" /f
  480.  
  481. rem 1 - Hide notifications while presenting
  482. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings" /v "NOC_GLOBAL_SETTING_SUPRESS_TOASTS_WHILE_DUPLICATING" /t REG_DWORD /d "0" /f
  483.  
  484. rem 0/1 - Do not show app Notifications
  485. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\PushNotifications" /v "ToastEnabled" /t REG_DWORD /d "0" /f
  486. reg add "HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" /v "NoToastApplicationNotification" /t REG_DWORD /d "1" /f
  487.  
  488. rem 1 - Disable Action Center
  489. reg add "HKCU\Software\Policies\Microsoft\Windows\Explorer" /v "DisableNotificationCenter" /t REG_DWORD /d "1" /f
  490.  
  491. rem 1808 - Disable the warning The Publisher could not be verified
  492. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations" /v "DefaultFileTypeRisk" /t REG_DWORD /d "1808" /f
  493.  
  494. rem Disable Security warning to unblock the downloaded file
  495. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments" /v "SaveZoneInformation" /t REG_DWORD /d "1" /f
  496.  
  497. rem 1 - Display confirmation dialog when deleting files
  498. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "ConfirmFileDelete" /t REG_DWORD /d "1" /f
  499.  
  500. rem ========================= Windows Optimizations =========================
  501.  
  502. rem Disable pagefile, why, well watch this:
  503. rem channel9.msdn.com/Blogs/Seth-Juarez/Memory-Compression-in-Windows-10-RTM
  504.  
  505. rem Determines whether user processes end automatically when the user either logs off or shuts down / 1 - Processes end automatically
  506. reg add "HKCU\Control Panel\Desktop" /v "AutoEndTasks" /t REG_SZ /d "1" /f
  507.  
  508. rem When the time is set too low, apps like Settings will crash, system icons like Volume and Power will disappear
  509. rem Specifies in milliseconds how long the System waits for user processes to end after the user clicks the End Task command button in Task Manager
  510. reg add "HKCU\Control Panel\Desktop" /v "HungAppTimeout" /t REG_SZ /d "5000" /f
  511.  
  512. rem Determines how long the System waits for user processes to end after the user attempts to log off or to shut down
  513. reg add "HKCU\Control Panel\Desktop" /v "WaitToKillAppTimeout" /t REG_SZ /d "10000" /f
  514.  
  515. rem Determines in milliseconds how long the System waits for services to stop after notifying the service that the System is shutting down
  516. reg add "HKLM\System\CurrentControlSet\Control" /v "WaitToKillServiceTimeout" /t REG_SZ /d "10000" /f
  517.  
  518. rem Determines in milliseconds the interval from the time the cursor is pointed at a menu until the menu items are displayed
  519. reg add "HKCU\Control Panel\Desktop" /v "MenuShowDelay" /t REG_DWORD /d "0" /f
  520.  
  521. rem How long in milliseconds you want to have for a startup delay time for desktop apps that run at startup to load
  522. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Serialize" /v "StartupDelayInMSec" /t REG_DWORD /d "0" /f
  523.  
  524. rem n - Disable Background disk defragmentation / y - EnableHow long in milliseconds you want to have for a startup delay time for desktop apps that run at startup to load
  525. reg add "HKLM\Software\Microsoft\Dfrg\BootOptimizeFunction" /v "Enable" /t REG_SZ /d "n" /f
  526.  
  527. rem 0 - Disable Background auto-layout / Disable Optimize Hard Disk when idle
  528. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OptimalLayout" /v "EnableAutoLayout" /t REG_DWORD /d "0" /f
  529.  
  530. rem 1 - Disable Automatic Maintenance
  531. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\Maintenance" /v "MaintenanceDisabled" /t REG_DWORD /d "1" /f
  532.  
  533. rem 1 - NTFS does not create short file names
  534. reg add "HKLM\System\CurrentControlSet\Control\FileSystem" /v "NtfsDisable8dot3NameCreation" /t REG_DWORD /d "1" /f
  535.  
  536. rem 1 - Disable the Encrypting File System (EFS)
  537. reg add "HKLM\System\CurrentControlSet\Control\FileSystem" /v "NtfsDisableEncryption" /t REG_DWORD /d "1" /f
  538.  
  539. rem 1 - When listing directories, NTFS does not update the last-access timestamp, and it does not record time stamp updates in the NTFS log
  540. reg add "HKLM\System\CurrentControlSet\Control\FileSystem" /v "NtfsDisableLastAccessUpdate" /t REG_DWORD /d "1" /f
  541.  
  542. rem 0 - Establishes a standard size file-system cache of approximately 8 MB / 1 - Establishes a large system cache working set that can expand to physical memory, minus 4 MB, if needed
  543. rem technet.microsoft.com/en-us/library/cc784562(v=ws.10).aspx
  544. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management" /v "LargeSystemCache" /t REG_DWORD /d "0" /f
  545.  
  546. rem 0 - Drivers and the kernel can be paged to disk as needed / 1 - Drivers and the kernel must remain in physical memory
  547. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v "DisablePagingExecutive" /t REG_DWORD /d "1" /f
  548.  
  549. rem 0 - Disable Prefetch / 1 - Enable Prefetch when the application starts / 2 - Enable Prefetch when the device starts up / 3 - Enable Prefetch when the application or device starts up
  550. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v "EnablePrefetcher" /t REG_DWORD /d "0" /f
  551.  
  552. rem 0 - Disable SuperFetch / 1 - Enable SuperFetch when the application starts up / 2 - Enable SuperFetch when the device starts up / 3 - Enable SuperFetch when the application or device starts up
  553. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v "EnableSuperfetch" /t REG_DWORD /d "0" /f
  554.  
  555. rem 0 - Disable Fast Startup for a Full Shutdown / 1 - Enable Fast Startup (Hybrid Boot) for a Hybrid Shutdown
  556. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Power" /v "HiberbootEnabled" /t REG_DWORD /d "0" /f
  557.  
  558. rem Disable Hibernation / Disable Fast Startup (Hybrid Boot)
  559. powercfg -h off
  560.  
  561. rem ========================= Windows Policies =========================
  562.  
  563. rem Disable Active Desktop
  564. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "ForceActiveDesktopOn" /t REG_DWORD /d "0" /f
  565. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoActiveDesktop" /t REG_DWORD /d "1" /f
  566. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoActiveDesktopChanges" /t REG_DWORD /d "1" /f
  567.  
  568. rem Off - Disable Windows SmartScreen / On - Enable Windows SmartScreen
  569. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
  570.  
  571. rem 0xFF - Disable AutoRun on all kinds of drives for the current and for all users / 0x95 - Enable on all drivers
  572. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoDriveTypeAutorun" /t REG_DWORD /d "0xFF" /f
  573. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoDriveTypeAutorun" /t REG_DWORD /d "0xFF" /f
  574.  
  575. rem 0 - Elevate without prompting / 1 - Prompt for credentials on the secure desktop / 2 - Prompt for consent on the secure desktop / 3 - Prompt for credentials / 4 - Prompt for consent / 5 (Default) - Prompt for consent for non-Windows binaries
  576. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ConsentPromptBehaviorAdmin" /t REG_DWORD /d "1" /f
  577.  
  578. rem 0 - Automatically deny elevation requests / 1 - Prompt for credentials on the secure desktop / 3 (Default) - Prompt for credentials
  579. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ConsentPromptBehaviorUser" /t REG_DWORD /d "1" /f
  580.  
  581. rem Detect application installations and prompt for elevation / 1 - Enabled (default for home) / 0 - Disabled (default for enterprise)
  582. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableInstallerDetection" /t REG_DWORD /d "1" /f
  583.  
  584. rem Run all administrators in Admin Approval Mode / 0 - Disabled (UAC) / 1 - Enabled (UAC)
  585. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t REG_DWORD /d "1" /f
  586.  
  587. rem Only elevate UIAccess applications that are installed in secure locations / 0 - Disabled / 1 (Default) - Enabled
  588. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableSecureUIAPaths" /t REG_DWORD /d "1" /f
  589.  
  590. rem Allow UIAccess applications to prompt for elevation without using the secure desktop / 0 (Default) = Disabled / 1 - Enabled
  591. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableUIADesktopToggle" /t REG_DWORD /d "1" /f
  592.  
  593. rem Admin Approval Mode for the built-in Administrator account / 0 (Default) - Disabled / 1 - Enabled
  594. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "FilterAdministratorToken" /t REG_DWORD /d "1" /f
  595.  
  596. rem Allow UIAccess applications to prompt for elevation without using the secure desktop / 0 (Default) - Disabled / 1 - Enabled
  597. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "PromptOnSecureDesktop" /t REG_DWORD /d "1" /f
  598.  
  599. rem 0 - Disable Windows Script Host (WSH) for the current user
  600. reg add "HKCU\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
  601.  
  602. rem 0 - Disable Windows Script Host (WSH) for all users (prevents majority of malware from working, especially when removing PowerShell as well, Disable ExecutionPolicy can be easily bypassed)
  603. rem Locky ransomware using VBscript (Visual Basic Script) - blog.avast.com/a-closer-look-at-the-locky-ransomware
  604. reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
  605.  
  606. rem 1 - Do not display the lock screen
  607. reg add "HKLM\Software\Policies\Microsoft\Windows\Personalization" /v "NoLockScreen" /t REG_DWORD /d "1" /f
  608.  
  609. rem No-one will be a member of the built-in group, although it will still be visible in the Object Picker / 1 - all users logging on to a session on the server will be made a member of the TERMINAL SERVER USER group
  610. reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v "TSUserEnabled" /t REG_DWORD /d "0" /f
  611.  
  612. rem ========================= Windows Privacy =========================
  613.  
  614. rem Additional disabled privacy features are disabled in sections: Windows Logging / Windows Scheduled Tasks / Windows Services
  615. rem technet.microsoft.com/en-us/library/mt577208(v=vs.85).aspx
  616.  
  617. rem Diagnostic and usage data / 0 - Never / 1 - Basic / 2 - Enhanced / 3 - Full
  618. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
  619. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Application-Experience/Program-Telemetry" /v "Enabled" /t REG_DWORD /d "0" /f
  620. reg add "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
  621.  
  622. rem 0 - Disable Customer Experience Improvement (CEIP/SQM - Software Quality Management)
  623. reg add "HKLM\Software\Policies\Microsoft\SQMClient\Windows" /v "CEIPEnable" /t REG_DWORD /d "0" /f
  624.  
  625. rem 0 - Disable Application Impact Telemetry (AIT)
  626. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "AITEnable" /t REG_DWORD /d "0" /f
  627.  
  628. rem 1 - Disable AD customization
  629. reg add "HKLM\Software\Policies\Microsoft\Windows\AdvertisingInfo" /v "DisabledByGroupPolicy" /t REG_DWORD /d "1" /f
  630.  
  631. rem 1 - Disable Steps Recorder (Steps Recorder keeps a record of steps taken by the user, the data includes user actions such as keyboard input and mouse input user interface data and screen shots)
  632. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "DisableUAR" /t REG_DWORD /d "1" /f
  633.  
  634. rem 0 - Disable sending files to encrypted drives
  635. reg add "HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices" /v "TCGSecurityActivationDisabled" /t REG_DWORD /d "0" /f
  636.  
  637. rem 1 - Disable sync files to one drive
  638. reg add "HKLM\Software\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d "1" /f
  639.  
  640. rem 2 - Disable sending settings to cloud
  641. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableSettingSync" /t REG_DWORD /d "2" /f
  642.  
  643. rem 1 - Disable synchronizing files to cloud
  644. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  645.  
  646. rem 0 - Disable Steps Recorder
  647. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Application-Experience/Steps-Recorder" /v "Enabled" /t REG_DWORD /d "0" /f
  648.  
  649. rem ========================= Windows Scheduled Tasks =========================
  650.  
  651. rem Disable Background Synchronization (permanently, it can not be disabled)
  652. schtasks /DELETE /TN "Microsoft\Windows\SettingSync\BackgroundUploadTask" /F
  653.  
  654. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319" /Disable
  655. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64" /Disable
  656. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical" /Disable
  657. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical" /Disable
  658. schtasks /Change /TN "Microsoft\Windows\AppID\SmartScreenSpecific" /Disable
  659. schtasks /Change /TN "Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /Disable
  660. schtasks /Change /TN "Microsoft\Windows\Application Experience\ProgramDataUpdater" /Disable
  661. schtasks /Change /TN "Microsoft\Windows\Application Experience\StartupAppTask" /Disable
  662. schtasks /Change /TN "Microsoft\Windows\Autochk\Proxy" /Disable
  663. schtasks /Change /TN "Microsoft\Windows\CloudExperienceHost\CreateObjectTask" /Disable
  664. schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /Disable
  665. schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask" /Disable
  666. schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" /Disable
  667. schtasks /Change /TN "Microsoft\Windows\Defrag\ScheduledDefrag" /Disable
  668. schtasks /Change /TN "Microsoft\Windows\Diagnosis\Scheduled" /Disable
  669. schtasks /Change /TN "Microsoft\Windows\DiskCleanup\SilentCleanup" /Disable
  670. schtasks /Change /TN "Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" /Disable
  671. schtasks /Change /TN "Microsoft\Windows\DiskFootprint\Diagnostics" /Disable
  672. schtasks /Change /TN "Microsoft\Windows\DiskFootprint\StorageSense" /Disable
  673. schtasks /Change /TN "Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate" /Disable
  674. schtasks /Change /TN "Microsoft\Windows\Feedback\Siuf\DmClient" /Disable
  675. schtasks /Change /TN "Microsoft\Windows\File Classification Infrastructure\Property Definition Sync" /Disable
  676. schtasks /Change /TN "Microsoft\Windows\FileHistory\File History (maintenance mode)" /Disable
  677. schtasks /Change /TN "Microsoft\Windows\Management\Provisioning\Logon" /Disable
  678. schtasks /Change /TN "Microsoft\Windows\Maintenance\WinSAT" /Disable
  679. schtasks /Change /TN "Microsoft\Windows\Maps\MapsToastTask" /Disable
  680. schtasks /Change /TN "Microsoft\Windows\Maps\MapsUpdateTask" /Disable
  681. schtasks /Change /TN "Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" /Disable
  682. schtasks /Change /TN "Microsoft\Windows\Multimedia\SystemSoundsService" /Disable
  683. schtasks /Change /TN "Microsoft\Windows\NlaSvc\WiFiTask" /Disable
  684. schtasks /Change /TN "Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler" /Disable
  685. schtasks /Change /TN "Microsoft\Windows\NetTrace\GatherNetworkInfo" /Disable
  686. schtasks /Change /TN "Microsoft\Windows\Offline Files\Background Synchronization" /Disable
  687. schtasks /Change /TN "Microsoft\Windows\Offline Files\Logon Synchronization" /Disable
  688. schtasks /Change /TN "Microsoft\Windows\PI\Sqm-Tasks" /Disable
  689. schtasks /Change /TN "Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" /Disable
  690. schtasks /Change /TN "Microsoft\Windows\Ras\MobilityManager" /Disable
  691. schtasks /Change /TN "Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" /Disable
  692. schtasks /Change /TN "Microsoft\Windows\RetailDemo\CleanupOfflineContent" /Disable
  693. schtasks /Change /TN "Microsoft\Windows\RemovalTools\MRT_HB" /Disable
  694. schtasks /Change /TN "Microsoft\Windows\Servicing\StartComponentCleanup" /Disable
  695. schtasks /Change /TN "Microsoft\Windows\SettingSync\NetworkStateChangeTask" /Disable
  696. schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyMonitor" /Disable
  697. schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyRefresh" /Disable
  698. schtasks /Change /TN "Microsoft\Windows\Shell\IndexerAutomaticMaintenance" /Disable
  699. schtasks /Change /TN "Microsoft\Windows\SpacePort\SpaceAgentTask" /Disable
  700. schtasks /Change /TN "Microsoft\Windows\SystemRestore\SR" /Enable
  701. schtasks /Change /TN "Microsoft\Windows\Sysmain\ResPriStaticDbSync" /Disable
  702. schtasks /Change /TN "Microsoft\Windows\Sysmain\WsSwapAssessmentTask" /Disable
  703. schtasks /Change /TN "Microsoft\Windows\TextServicesFramework\MsCtfMonitor" /Disable
  704. schtasks /Change /TN "Microsoft\Windows\TPM\Tpm-HASCertRetr" /Disable
  705. schtasks /Change /TN "Microsoft\Windows\TPM\Tpm-Maintenance" /Disable
  706. schtasks /Change /TN "Microsoft\Windows\User Profile Service\HiveUploadTask" /Disable
  707. schtasks /Change /TN "Microsoft\Windows\WCM\WiFiTask" /Disable
  708. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" /Disable
  709. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Cleanup" /Disable
  710. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" /Disable
  711. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Verification" /Disable
  712. schtasks /Change /TN "Microsoft\Windows\Windows Error Reporting\QueueReporting" /Disable
  713. schtasks /Change /TN "Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" /Disable
  714. schtasks /Change /TN "Microsoft\Windows\Windows Media Sharing\UpdateLibrary" /Disable
  715. schtasks /Change /TN "Microsoft\Windows\Wininet\CacheTask" /Disable
  716. schtasks /Change /TN "Microsoft\Windows\Workplace Join\Automatic-Device-Join" /Disable
  717.  
  718. rem ========================= Windows Services =========================
  719.  
  720. rem Security Accounts Manager has to be disabled Manually via services.msc
  721.  
  722. rem Application Information / required by UAC
  723. rem Credential Manager / required to store credentials (check User Accounts - Credential Manager)
  724. rem COM+ Event System / required by Windows
  725. rem Delivery Optimization / required by Windows Updates
  726. rem Distributed Link Tracking Client / required to open shortcuts and System apps
  727. rem Geolocation Service / required by some Windows Store apps
  728. rem IP Helper (WinHTTP Web Proxy Auto-Discovery Service) / required to login to Microsoft Account (Account, Cortana, Store)
  729. rem Microsoft Account Sign-in Assistant / required to login to Microsoft Account
  730. rem One Drive required / by Windows Mail
  731. rem Windows Biometric Service / required by biometric devices like a fingerprint reader
  732. rem Windows Driver Foundation - User-mode Driver Framework / required by some drivers like USB devices
  733. rem Windows Firewall (Base Filtering Engine) / required by Windows Store Apps (0x80073d0a) and Windows Update (0x80240022)
  734. rem Windows Image Acquisition (WIA) / required by scanners
  735.  
  736. rem AMD External Events Utility
  737. sc config "AMD External Events Utility" start= disabled
  738.  
  739. rem AMD FUEL Service
  740. sc config "AMD FUEL Service" start= disabled
  741.  
  742. rem Application Layer Gateway Service
  743. sc config ALG start= disabled
  744.  
  745. rem Base Filtering Engine
  746. sc config BFE start= disabled
  747.  
  748. rem BitLocker Drive Encryption Service
  749. sc config BDESVC start= disabled
  750.  
  751. rem Credential Manager
  752. sc config VaultSvc start= disabled
  753.  
  754. rem Delivery Optimization
  755. sc config DoSvc start= demand
  756.  
  757. rem Diagnostics Tracking Service
  758. sc config DiagTrack start= disabled
  759.  
  760. rem Distributed Transaction Coordinator
  761. sc config MSDTC start= disabled
  762.  
  763. rem dmwappushsvc
  764. sc config dmwappushservice start= disabled
  765.  
  766. rem Encrypting File System (EFS)
  767. sc config EFS start= disabled
  768.  
  769. rem Function Discovery Provider Host
  770. sc config fdPHost start= disabled
  771.  
  772. rem Function Discovery Resource Publication
  773. sc config FDResPub start= disabled
  774.  
  775. rem Geolocation Service
  776. sc config lfsvc start= disabled
  777.  
  778. rem HomeGroup Provider
  779. sc config HomeGroupProvider start= disabled
  780.  
  781. rem IKE and AuthIP IPsec Keying Modules
  782. sc config IKEEXT start= disabled
  783.  
  784. rem IPsec Policy Agent
  785. sc config PolicyAgent start= disabled
  786.  
  787. rem Microsoft Account Sign-in Assistant
  788. sc config wlidsvc start= disabled
  789.  
  790. rem Offline Files
  791. sc config CscService start= disabled
  792.  
  793. rem One Drive Service
  794. sc config OneSyncSvc start= disabled
  795.  
  796. rem One Drive Service
  797. reg add "HKLM\System\CurrentControlSet\Services\OneSyncSvc_Session1" /v "Start" /t REG_DWORD /d "4" /f
  798.  
  799. rem Program Compatibility Assistant Service
  800. sc config PcaSvc start= disabled
  801.  
  802. rem Remote Desktop Services
  803. sc config TermService start= disabled
  804.  
  805. rem Retail Demo
  806. sc config RetailDemo start=disabled
  807.  
  808. rem Secure Socket Tunneling Protocol Service
  809. sc config SstpSvc start= disabled
  810.  
  811. rem Security Center
  812. sc config wscsvc start= disabled
  813.  
  814. rem Server
  815. sc config LanmanServer start= disabled
  816.  
  817. rem Shell Hardware Detection
  818. sc config ShellHWDetection start= disabled
  819.  
  820. rem Smart Card
  821. sc config SCardSvr start= disabled
  822.  
  823. rem SSDP Discovery
  824. sc config SSDPSRV start= disabled
  825.  
  826. rem Superfetch
  827. sc config SysMain start= disabled
  828.  
  829. rem TeamViewer
  830. sc config TeamViewer start= disabled
  831.  
  832. rem WebClient
  833. sc config WebClient start= disabled
  834.  
  835. rem Windows Biometric Service
  836. sc config WbioSrvc start= disabled
  837.  
  838. rem Windows Error Reporting Service
  839. sc config WerSvc start= disabled
  840.  
  841. rem Windows Font Cache Service
  842. sc config FontCache start= disabled
  843.  
  844. rem Windows Image Acquisition (WIA)
  845. sc config stisvc start= disabled
  846.  
  847. rem Windows Remote Management (WS-Management)
  848. sc config WinRM start= disabled
  849.  
  850. rem Windows Update
  851. sc config wuauserv start= demand
  852.  
  853. rem Windows Search
  854. sc config WSearch start= disabled
  855.  
  856. rem Wise Boot Assistant
  857. sc config WiseBootAssistant start= disabled
  858.  
  859. rem WMPNetworkSVC helps windows media player to share its library with network
  860. sc config WMPNetworkSvc start= disabled
  861.  
  862. rem Workstation
  863. sc config LanmanWorkstation start= disabled
  864.  
  865. rem ========================= Windows Shell =========================
  866.  
  867. rem Add “Take Ownership” Option in Files and Folders Context Menu in Windows
  868. reg add "HKCR\*\shell\runas" /ve /t REG_SZ /d "Take ownership" /f
  869. reg add "HKCR\*\shell\runas" /v "HasLUAShield" /t REG_SZ /d "" /f
  870. reg add "HKCR\*\shell\runas" /v "NoWorkingDirectory" /t REG_SZ /d "" /f
  871. reg add "HKCR\*\shell\runas\command" /ve /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" && icacls \"%%1\" /grant administrators:F" /f
  872. reg add "HKCR\*\shell\runas\command" /v "IsolatedCommand" /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" && icacls \"%%1\" /grant administrators:F" /f
  873. reg add "HKCR\Directory\shell\runas" /ve /t REG_SZ /d "Take ownership" /f
  874. reg add "HKCR\Directory\shell\runas" /v "HasLUAShield" /t REG_SZ /d "" /f
  875. reg add "HKCR\Directory\shell\runas" /v "NoWorkingDirectory" /t REG_SZ /d "" /f
  876. reg add "HKCR\Directory\shell\runas\command" /ve /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" /r /d y && icacls \"%%1\" /grant administrators:F /t" /f
  877. reg add "HKCR\Directory\shell\runas\command" /v "IsolatedCommand" /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" /r /d y && icacls \"%%1\" /grant administrators:F /t" /f
  878.  
  879. rem ========================= Windows Updates =========================
  880.  
  881. rem Use Windows Update MiniTool to check/download/install/hide updates
  882. rem forums.mydigitallife.info/threads/64939-Windows-Update-MiniTool
  883.  
  884. rem Disable Windows Store Automatic App Updates
  885. schtasks /Change /TN "Microsoft\Windows\WindowsUpdate\Automatic App Update" /Disable
  886. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /v "AutoDownload" /t REG_DWORD /d "2" /f
  887.  
  888. rem Disable Windows Updates
  889. sc config wuauserv start= demand
  890. schtasks /DELETE /TN "Microsoft\Windows\UpdateOrchestrator\Schedule Scan" /f
  891. schtasks /DELETE /TN "Microsoft\Windows\WindowsUpdate\Scheduled Start" /f
  892. schtasks /Change /TN "Microsoft\Windows\WindowsUpdate\sih" /Disable
  893. schtasks /Change /TN "Microsoft\Windows\WindowsUpdate\sihboot" /Disable
  894.  
  895. rem Disable Windows Updates Notifications
  896. schtasks /Change /TN "Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval" /Disable
  897. schtasks /Change /TN "Microsoft\Windows\UpdateOrchestrator\Reboot" /Disable
  898. schtasks /Change /TN "Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display" /Disable
  899. schtasks /Change /TN "Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot" /Disable
  900.  
  901. rem Choose how updates are delivered / 0 - Get Updates from MS / 1 - get updates from MS and from/to PCs on my local network / 2 - get updates from MS and from/to PCs on my local network and PCs on the internet
  902. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" /v "DODownloadMode" /t REG_DWORD /d "0" /f
  903.  
  904. rem 0 - Default / 1 - Defer upgrades, new Windows features won’t be downloaded or installed for several months. Deferring upgrades doesn’t affect security updates.
  905. reg add "HKLM\Software\Microsoft\WindowsUpdate\UX\Settings" /v "DeferUpgrade" /t REG_DWORD /d "0" /f
  906.  
  907. rem 1 - Disable Malicious Software Removal Tool offered via Windows Updates (MRT)
  908. reg add "HKLM\Software\Policies\Microsoft\MRT" /v DontOfferThroughWUAU /t REG_DWORD /d "1" /f
  909.  
  910. rem 1 - Restart notification allows user to initiate the restart or postpone restart. This notification does not have a countdown timer. The user must initiate the system restart.
  911. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "AlwaysAutoRebootAtScheduledTime" /t REG_DWORD /d "0" /f
  912. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoRebootWithLoggedOnUsers" /t REG_DWORD /d "1" /f
  913.  
  914. rem 0 - Default / 1 - Disable / 2 - Notify before download / 3 - Automatically download and notify of installation / 4 - Automatic download and scheduled installation (Only valid if values exist for ScheduledInstallDay and ScheduledInstallTime) / 5 - Automatic Updates is required, but end users can configure it
  915. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "AUOptions" /t REG_DWORD /d "1" /f
  916.  
  917. rem 0 - Disable / 1 - Include optional or recommended updates during a search and installation of updates operation
  918. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "IncludeRecommendedUpdates" /t REG_DWORD /d "1" /f
  919.  
  920. rem 0 - Enable Auto Checking for Windows Updates / 1 - Disable Auto Checking for Windows Updates (Ignores "AUOptions" and after checking downloads WU automatically)
  921. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "NoAutoUpdate" /t REG_DWORD /d "1" /f
  922.  
  923. rem 0 - Every day / 1 - Sunday / 2 - Monday / 3 - Tuesday / 4 - Wednesday / 5 - Thursday / 6 - Friday / 7 - Saturday
  924. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "ScheduledInstallDay" /t REG_DWORD /d "0" /f
  925.  
  926. rem 10 - 10th hour / 23 - 23th hour
  927. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "ScheduledInstallTime" /t REG_DWORD /d "10" /f
  928.  
  929. rem 0 - The computer gets its updates from Microsoft Update / 1 - The computer gets its updates from a WSUS server
  930. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU" /v "UseWUServer" /t REG_DWORD /d "0" /f
  931.  
  932. rem ========================= Windows Waypoint =========================
  933.  
  934. fsutil usn deletejournal /d /n c:
  935.  
  936. rem Close Edge process
  937. taskkill /f /im dllhost.exe
  938.  
  939. rem Is that all? Is that ALL? Yes, that is all. That is all.
  940. rem youtu.be/MTjs5eo4BfI?t=1m47s
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!