API tools faq
paste
Advertisement
aveyo

must-have privacy policies for windows

aveyo
Oct 25th, 2019 (edited)
6,274
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Batch 31.82 KB | None | 0 0
raw download clone embed print report
  1. @echo off &title must-have privacy policies for windows
  2. :: based on MANAGE CONNECTIONS FROM WINDOWS OPERATING SYSTEM COMPONENTS TO MICROSOFT SERVICES as of 2022.02.09
  3.  
  4. :: ask for elevation
  5. fltmc>nul || (set _=/d/x/r start "%~n0" "%~f0" %*& powershell -nop -c start -verb runas cmd $env:_ & exit /b)
  6.  
  7. :: HKCU entries will also be propagated to new users:
  8. reg load HKU\New "%SystemDrive%\Users\Default\NTUSER.DAT" >nul && set "HKU=1" || set "HKU="
  9.  
  10. :: show commands on screen
  11. set ----------=@echo/^&^<nul set /p @=& prompt $H & color 1f & echo on
  12.  
  13. :: to remove a policy, uncomment the reg delete entry below it
  14. @echo ignore any ERROR: text, it is shown for output consistency
  15.  
  16. %----------% 0. Telemetry - Security level [0] is only supported on Education and Enterprise [best editions privacy-wise]
  17. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /f /v AllowTelemetry /d 0 /t reg_dword
  18. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /f /v AllowTelemetry
  19.  
  20. %----------% 1. Automatic Root Certificates Update [delete recommended]
  21. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot" /f /v DisableRootAutoUpdate /d 1 /t reg_dword
  22. reg delete "HKLM\SOFTWARE\Policies\Microsoft\SystemCertificates\AuthRoot" /f /v DisableRootAutoUpdate
  23.  
  24. %----------% 2. Cortana and Search
  25. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /f /v AllowCortana /d 0 /t reg_dword
  26. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /f /v AllowCortana
  27.  
  28. %----------% Search and Cortana to use location
  29. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /f /v AllowSearchToUseLocation /d 0 /t reg_dword
  30. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /f /v AllowSearchToUseLocation
  31.  
  32. %----------% Web search
  33. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /f /v DisableWebSearch /d 1 /t reg_dword
  34. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /f /v DisableWebSearch
  35.  
  36. %----------% Search the web or display web results in Search
  37. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /f /v ConnectedSearchUseWeb /d 0 /t reg_dword
  38. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Windows Search" /f /v ConnectedSearchUseWeb
  39.  
  40. %----------% Outbound Cortana traffic
  41. @set "rule=v2.25|Action=Block|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%"
  42. @set "rule=%rule%\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\searchUI.exe|Name=Block outbound Cortana|"
  43. reg add "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules" /f /v {0DE40C8E-C126-4A27-9371-A27DAB1039F7} /d "%rule%"
  44. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules" /f /v {0DE40C8E-C126-4A27-9371-A27DAB1039F7}
  45.  
  46. %----------% 3. Set the time automatically
  47. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\W32time\TimeProviders\NtpClient" /f /v Enabled /d 0 /t reg_dword
  48. reg delete "HKLM\SOFTWARE\Policies\Microsoft\W32time\TimeProviders\NtpClient" /f /v Enabled
  49.  
  50. %----------% 4. Device metadata retrieval
  51. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Device Metadata" /f /v PreventDeviceMetadataFromNetwork /d 1 /t reg_dword
  52. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Device Metadata" /f /v PreventDeviceMetadataFromNetwork
  53.  
  54. %----------% 5. Find My Device
  55. reg add "HKLM\SOFTWARE\Policies\Microsoft\FindMyDevice" /f /v AllowFindMyDevice /d 0 /t reg_dword
  56. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\FindMyDevice" /f /v AllowFindMyDevice
  57.  
  58. %----------% 6. Font streaming
  59. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableFontProviders /d 0 /t reg_dword
  60. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableFontProviders
  61.  
  62. %----------% 7. Insider Preview builds - all such builds force Telemetry to FULL !!!
  63. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\PreviewBuilds" /f /v AllowBuildPreview /d 0 /t reg_dword
  64. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\PreviewBuilds" /f /v AllowBuildPreview
  65.  
  66. %----------% 8. Internet Explorer
  67.  
  68. %----------% First run wizard
  69. reg add "HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\Main" /f /v DisableFirstRunCustomize /d 1 /t reg_dword
  70. ::reg delete "HKCU\SOFTWARE\Policies\Microsoft\Internet Explorer\Main" /f /v DisableFirstRunCustomize
  71.  
  72. %----------% First run wizard [new users]
  73. reg add "HKU\New\SOFTWARE\Policies\Microsoft\Internet Explorer\Main" /f /v DisableFirstRunCustomize /d 1 /t reg_dword
  74. ::reg delete "HKU\New\SOFTWARE\Policies\Microsoft\Internet Explorer\Main" /f /v DisableFirstRunCustomize
  75.  
  76. %----------% Online Tips
  77. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /f /v AllowOnlineTips /d 0 /t reg_dword
  78. ::reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /f /v AllowOnlineTips
  79.  
  80. %----------% Browser geolocation
  81. reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Geolocation" /f /v PolicyDisableGeolocation /d 1 /t reg_dword
  82. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Geolocation" /f /v PolicyDisableGeolocation
  83.  
  84. %----------% SmartScreen filter
  85. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /f /v EnabledV9 /d 0 /t reg_dword
  86. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter" /f /v EnabledV9
  87.  
  88. %----------% Flip ahead with page prediction feature
  89. reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\FlipAhead" /f /v Enabled /d 0 /t reg_dword
  90. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\FlipAhead" /f /v Enabled
  91.  
  92. %----------% Background synchronization for feeds and Web Slices
  93. reg add "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds" /f /v BackgroundSyncStatus /d 0 /t reg_dword
  94. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds" /f /v BackgroundSyncStatus
  95.  
  96. %----------% 8.1 ActiveX control blocking
  97. reg add "HKCU\Software\Microsoft\Internet Explorer\VersionManager" /f /v DownloadVersionList /d 0 /t reg_dword
  98. ::reg delete "HKCU\Software\Microsoft\Internet Explorer\VersionManager" /f /v DownloadVersionList
  99.  
  100. %----------% 8.1 ActiveX control blocking [new users]
  101. reg add "HKU\New\Software\Microsoft\Internet Explorer\VersionManager" /f /v DownloadVersionList /d 0 /t reg_dword
  102. ::reg delete "HKU\New\Software\Microsoft\Internet Explorer\VersionManager" /f /v DownloadVersionList
  103.  
  104. %----------% 9. License Manager [3 recommended]
  105. ::reg add "HKLM\System\CurrentControlSet\Services\LicenseManager" /f /v Start /d 4 /t reg_dword
  106. reg add "HKLM\System\CurrentControlSet\Services\LicenseManager" /f /v Start /d 3 /t reg_dword
  107.  
  108. %----------% 10. Live Tiles
  109. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" /f /v NoCloudApplicationNotification /d 1 /t reg_dword
  110. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" /f /v NoCloudApplicationNotification
  111.  
  112. %----------% 11. Mail synchronization [delete recommended]
  113. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Mail" /f /v ManualLaunchAllowed /d 0 /t reg_dword
  114. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows Mail" /f /v ManualLaunchAllowed
  115.  
  116. %----------% 12. Microsoft Account Sign-In Assistant [3 recommended]
  117. ::reg add "HKLM\System\CurrentControlSet\Services\wlidsvc" /f /v Start /d 4 /t reg_dword
  118. reg add "HKLM\System\CurrentControlSet\Services\wlidsvc" /f /v Start /d 3 /t reg_dword
  119.  
  120. %----------% 13. Microsoft Edge
  121.  
  122. %----------% First run ad
  123. reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main" /f /v PreventFirstRunPage /d 1 /t reg_dword
  124. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main" /f /v PreventFirstRunPage
  125.  
  126. %----------% First run ad [new]
  127. reg add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /f /v HideFirstRunExperience /d 1 /t reg_dword
  128. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Edge" /f /v HideFirstRunExperience
  129.  
  130. %----------% Live Tile telemetry
  131. reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main" /f /v PreventLiveTileDataCollection /d 1 /t reg_dword
  132. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main" /f /v PreventLiveTileDataCollection
  133.  
  134. %----------% Adobe Flash
  135. reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Addons" /f /v FlashPlayerEnabled /d 0 /t reg_dword
  136. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Addons" /f /v FlashPlayerEnabled
  137.  
  138. %----------% Windows Defender SmartScreen Filter
  139. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /f /v EnabledV9 /d 0 /t reg_dword
  140. reg delete "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter" /f /v EnabledV9
  141.  
  142. %----------% Windows Defender SmartScreen Filter [new]
  143. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Edge" /f /v SmartScreenEnabled /d 0 /t reg_dword
  144. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Edge" /f /v SmartScreenEnabled
  145.  
  146. %----------% Pre-launch at Windows startup, when the system is idle, and each time Microsoft Edge is closed
  147. reg add "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main" /f /v AllowPrelaunch /d 0 /t reg_dword
  148. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main" /f /v AllowPrelaunch
  149.  
  150. %----------% Load the Start and New Tab page at Windows startup and each time Microsoft Edge is closed
  151. reg add "HKCU\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader" /f /v AllowTabPreloading /d 0 /t reg_dword
  152. ::reg delete "HKCU\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader" /f /v AllowTabPreloading
  153.  
  154. %----------% Load the Start and New Tab page at Windows startup and each time Microsoft Edge is closed [new users]
  155. reg add "HKU\New\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader" /f /v AllowTabPreloading /d 0 /t reg_dword
  156. ::reg delete "HKU\New\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader" /f /v AllowTabPreloading
  157.  
  158. %----------% Update Default
  159. reg add "HKLM\SOFTWARE\Policies\Microsoft\Edge\EdgeUpdate" /f /v UpdateDefault /d 0 /t reg_dword
  160. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Edge\EdgeUpdate" /f /v UpdateDefault
  161.  
  162. %----------% Auto Update Check Period Minutes
  163. reg add "HKLM\SOFTWARE\Policies\Microsoft\Edge\EdgeUpdate" /f /v AutoUpdateCheckPeriodMinutes /d 0 /t reg_dword
  164. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Edge\EdgeUpdate" /f /v AutoUpdateCheckPeriodMinutes
  165.  
  166. %----------% Experimentation and Configuration Service
  167. reg add "HKLM\SOFTWARE\Policies\Microsoft\Edge\EdgeUpdate" /f /v ExperimentationAndConfigurationServiceControl /d 0 /t reg_dword
  168. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Edge\EdgeUpdate" /f /v ExperimentationAndConfigurationServiceControl
  169.  
  170. %----------% 14. Network Connection Status Indicator
  171. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator" /f /v NoActiveProbe /d 1 /t reg_dword
  172. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator" /f /v NoActiveProbe
  173.  
  174. %----------% 15. Offline maps
  175. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Maps" /f /v AutoDownloadAndUpdateMapData /d 0 /t reg_dword
  176. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Maps" /f /v AutoDownloadAndUpdateMapData
  177.  
  178. %----------% Untriggered traffic
  179. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Maps" /f /v AllowUntriggeredNetworkTrafficOnSettingsPage /d 0 /t reg_dword
  180. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Maps" /f /v AllowUntriggeredNetworkTrafficOnSettingsPage
  181.  
  182. %----------% 16. OneDrive
  183. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\OneDrive" /f /v DisableFileSyncNGSC /d 1 /t reg_dword
  184. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\OneDrive" /f /v DisableFileSyncNGSC
  185.  
  186. %----------% Pre sign-in traffic
  187. reg add "HKLM\SOFTWARE\Microsoft\OneDrive" /f /v PreventNetworkTrafficPreUserSignIn /d 1 /t reg_dword
  188. ::reg delete "HKLM\SOFTWARE\Microsoft\OneDrive" /f /v PreventNetworkTrafficPreUserSignIn
  189.  
  190. %----------% 17. Preinstalled apps - try Education Edition
  191.  
  192. %----------% 18.1 Settings - Privacy - General
  193.  
  194. %----------% Let apps use advertising ID to make ads more interesting to you based on your app usage
  195. reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /f /v Enabled /d 0 /t reg_dword
  196. ::reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /f /v Enabled
  197.  
  198. %----------% AdvertisingInfo Disabled By Group Policy
  199. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo" /f /v DisabledByGroupPolicy /d 1 /t reg_dword
  200. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo" /f /v DisabledByGroupPolicy
  201.  
  202. %----------% Let websites provide locally relevant content by accessing my language list
  203. reg add "HKCU\Control Panel\International\User Profile" /f /v HttpAcceptLanguageOptOut /d 1 /t reg_dword
  204. ::reg delete "HKCU\Control Panel\International\User Profile" /f /v HttpAcceptLanguageOptOut
  205.  
  206. %----------% Let websites provide locally relevant content by accessing my language list [new users]
  207. reg add "HKU\New\Control Panel\International\User Profile" /f /v HttpAcceptLanguageOptOut /d 1 /t reg_dword
  208. ::reg delete "HKU\New\Control Panel\International\User Profile" /f /v HttpAcceptLanguageOptOut
  209.  
  210. %----------% Let Windows track app launches to improve Start and search results
  211. reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /f /v Start_TrackProgs /d 0 /t reg_dword
  212. ::reg delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /f /v Start_TrackProgs
  213.  
  214. %----------% Let Windows track app launches to improve Start and search results [new users]
  215. reg add "HKU\New\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /f /v Start_TrackProgs /d 0 /t reg_dword
  216. ::reg delete "HKU\New\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /f /v Start_TrackProgs
  217.  
  218. %----------% SmartScreen Filter to check web content (URLs) that Microsoft Store apps use
  219. ::reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /f /v EnableWebContentEvaluation /d 0 /t reg_dword
  220. reg delete "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /f /v EnableWebContentEvaluation
  221.  
  222. %----------% SmartScreen Filter to check web content (URLs) that Microsoft Store apps use [new users]
  223. ::reg add "HKU\New\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /f /v EnableWebContentEvaluation /d 0 /t reg_dword
  224. reg delete "HKU\New\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost" /f /v EnableWebContentEvaluation
  225.  
  226. %----------% Let apps on my other devices open apps and continue experiences on this device
  227. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableCdp /d 0 /t reg_dword
  228. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableCdp
  229.  
  230. %----------% 18.2 Settings - Privacy - Location
  231.  
  232. %----------% Location for this device
  233. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessLocation /d 2 /t reg_dword
  234. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessLocation
  235.  
  236. %----------% Location
  237. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" /f /v DisableLocation /d 1 /t reg_dword
  238. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors" /f /v DisableLocation
  239.  
  240. %----------% 18.3 Settings - Privacy - Camera
  241. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessCamera /d 2 /t reg_dword
  242. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessCamera
  243.  
  244. %----------% 18.4 Settings - Privacy - Microphone
  245. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessMicrophone /d 2 /t reg_dword
  246. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessMicrophone
  247.  
  248. %----------% 18.5 Settings - Privacy - Notifications
  249.  
  250. %----------% Let apps access my notifications
  251. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessNotifications /d 2 /t reg_dword
  252. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessNotifications
  253.  
  254. %----------% 18.6 Settings - Privacy - Speech
  255. reg add "HKCU\Software\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy" /f /v HasAccepted /d 0 /t reg_dword
  256. ::reg delete "HKCU\Software\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy" /f /v HasAccepted
  257.  
  258. %----------% Online Speech Privacy Accepted [new users]
  259. reg add "HKU\New\Software\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy" /f /v HasAccepted /d 0 /t reg_dword
  260. ::reg delete "HKU\New\Software\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy" /f /v HasAccepted
  261.  
  262. %----------% Allow Speech Model Update
  263. reg add "HKLM\SOFTWARE\Policies\Microsoft\Speech" /f /v AllowSpeechModelUpdate /d 0 /t reg_dword
  264. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Speech" /f /v AllowSpeechModelUpdate
  265.  
  266. %----------% 18.7 Settings - Privacy - Account info
  267. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessAccountInfo /d 2 /t reg_dword
  268. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessAccountInfo
  269.  
  270. %----------% 18.8 Settings - Privacy - Contacts
  271. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessContacts /d 2 /t reg_dword
  272. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessContacts
  273.  
  274. %----------% 18.9 Settings - Privacy - Calendar
  275. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessCalendar /d 2 /t reg_dword
  276. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessCalendar
  277.  
  278. %----------% 18.10 Settings - Privacy - Call history
  279. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessCallHistory /d 2 /t reg_dword
  280. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessCallHistory
  281.  
  282. %----------% 18.11 Settings - Privacy - Email
  283. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessEmail /d 2 /t reg_dword
  284. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessEmail
  285.  
  286. %----------% 18.12 Settings - Privacy - Messaging
  287. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessMessaging /d 2 /t reg_dword
  288. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessMessaging
  289.  
  290. %----------% Message sync
  291. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Messaging" /f /v AllowMessageSync /d 0 /t reg_dword
  292. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Messaging" /f /v AllowMessageSync
  293.  
  294. %----------% 18.13 Settings - Privacy - Phone calls
  295. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessPhone /d 2 /t reg_dword
  296. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessPhone
  297.  
  298. %----------% 18.14 Settings - Privacy - Radios
  299. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessRadios /d 2 /t reg_dword
  300. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessRadios
  301.  
  302. %----------% 18.15 Settings - Privacy - Other devices
  303. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsSyncWithDevices /d 2 /t reg_dword
  304. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsSyncWithDevices
  305.  
  306. %----------% Let Apps Access Trusted Devices
  307. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessTrustedDevices /d 2 /t reg_dword
  308. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessTrustedDevices
  309.  
  310. %----------% 18.16 Settings - Privacy - Feedback and diagnostics
  311.  
  312. %----------% Ask for feedback
  313. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /f /v DoNotShowFeedbackNotifications /d 1 /t reg_dword
  314. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /f /v DoNotShowFeedbackNotifications
  315.  
  316. %----------% Period In NanoSeconds
  317. reg add "HKCU\Software\Microsoft\Siuf\Rules" /f /v PeriodInNanoSeconds /d 0 /t reg_dword
  318. ::reg delete "HKCU\Software\Microsoft\Siuf\Rules" /f /v PeriodInNanoSeconds
  319.  
  320. %----------% Period In NanoSeconds [new users]
  321. reg add "HKU\New\Software\Microsoft\Siuf\Rules" /f /v PeriodInNanoSeconds /d 0 /t reg_dword
  322. ::reg delete "HKU\New\Software\Microsoft\Siuf\Rules" /f /v PeriodInNanoSeconds
  323.  
  324. %----------% Number Of SIUF In Period
  325. reg add "HKCU\Software\Microsoft\Siuf\Rules" /f /v NumberOfSIUFInPeriod /d 0 /t reg_dword
  326. ::reg delete "HKCU\Software\Microsoft\Siuf\Rules" /f /v NumberOfSIUFInPeriod
  327.  
  328. %----------% Number Of SIUF In Period [new users]
  329. reg add "HKU\New\Software\Microsoft\Siuf\Rules" /f /v NumberOfSIUFInPeriod /d 0 /t reg_dword
  330. ::reg delete "HKU\New\Software\Microsoft\Siuf\Rules" /f /v NumberOfSIUFInPeriod
  331.  
  332. %----------% Tailored experiences with relevant tips and recommendations by using your diagnostics data
  333. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableWindowsConsumerFeatures /d 1 /t reg_dword
  334. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableWindowsConsumerFeatures
  335.  
  336. %----------% Disable Tailored Experiences With Diagnostic Data
  337. reg add "HKCU\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableTailoredExperiencesWithDiagnosticData /d 1 /t reg_dword
  338. ::reg delete "HKCU\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableTailoredExperiencesWithDiagnosticData
  339.  
  340. %----------% Disable Tailored Experiences With Diagnostic Data [new users]
  341. reg add "HKU\New\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableTailoredExperiencesWithDiagnosticData /d 1 /t reg_dword
  342. ::reg delete "HKU\New\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableTailoredExperiencesWithDiagnosticData
  343.  
  344. %----------% 18.17 Background apps
  345. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsRunInBackground /d 2 /t reg_dword
  346. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsRunInBackground
  347.  
  348. %----------% 18.18 Motion
  349. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessMotion /d 2 /t reg_dword
  350. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessMotion
  351.  
  352. %----------% 18.19 Tasks
  353. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessTasks /d 2 /t reg_dword
  354. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsAccessTasks
  355.  
  356. %----------% 18.20 App Diagnostics
  357. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsGetDiagnosticInfo /d 2 /t reg_dword
  358. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsGetDiagnosticInfo
  359.  
  360. %----------% 18.21 Inking and Typing
  361. reg add "HKCU\Software\Microsoft\InputPersonalization" /f /v RestrictImplicitInkCollection /d 1 /t reg_dword
  362. ::reg delete "HKCU\Software\Microsoft\InputPersonalization" /f /v RestrictImplicitInkCollection
  363.  
  364. %----------% Restrict Implicit Ink Collection [new users]
  365. reg add "HKU\New\Software\Microsoft\InputPersonalization" /f /v RestrictImplicitInkCollection /d 1 /t reg_dword
  366. ::reg delete "HKU\New\Software\Microsoft\InputPersonalization" /f /v RestrictImplicitInkCollection
  367.  
  368. %----------% Restrict Implicit Text Collection
  369. reg add "HKCU\Software\Microsoft\InputPersonalization" /f /v RestrictImplicitTextCollection /d 1 /t reg_dword
  370. ::reg delete "HKCU\Software\Microsoft\InputPersonalization" /f /v RestrictImplicitTextCollection
  371.  
  372. %----------% Restrict Implicit Text Collection [new users]
  373. reg add "HKU\New\Software\Microsoft\InputPersonalization" /f /v RestrictImplicitTextCollection /d 1 /t reg_dword
  374. ::reg delete "HKU\New\Software\Microsoft\InputPersonalization" /f /v RestrictImplicitTextCollection
  375.  
  376. %----------% 18.22 Activity History
  377. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableActivityFeed /d 2 /t reg_dword
  378. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableActivityFeed
  379.  
  380. %----------% Publish User Activities
  381. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v PublishUserActivities /d 2 /t reg_dword
  382. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v PublishUserActivities
  383.  
  384. %----------% Upload User Activities
  385. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v UploadUserActivities /d 2 /t reg_dword
  386. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v UploadUserActivities
  387.  
  388. %----------% 18.23 Voice Activation
  389. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsActivateWithVoice /d 2 /t reg_dword
  390. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsActivateWithVoice
  391.  
  392. %----------%  Let Apps Activate With Voice AboveLock
  393. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsActivateWithVoiceAboveLock /d 2 /t reg_dword
  394. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /f /v LetAppsActivateWithVoiceAboveLock
  395.  
  396. %----------% 19. Software Protection Platform
  397. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform" /f /v NoGenTicket /d 1 /t reg_dword
  398. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows NT\CurrentVersion\Software Protection Platform" /f /v NoGenTicket
  399.  
  400. %----------% 20. Storage health
  401. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\StorageHealth" /f /v AllowDiskHealthModelUpdates /d 0 /t reg_dword
  402. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\StorageHealth" /f /v AllowDiskHealthModelUpdates
  403.  
  404. %----------% 21. Sync your settings
  405. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\SettingSync" /f /v DisableSettingSync /d 2 /t reg_dword
  406. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\SettingSync" /f /v DisableSettingSync
  407.  
  408. %----------% Disable Setting Sync User Override
  409. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\SettingSync" /f /v DisableSettingSyncUserOverride /d 1 /t reg_dword
  410. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\SettingSync" /f /v DisableSettingSyncUserOverride
  411.  
  412. %----------% Cloud Service Sync Enabled
  413. reg add "HKCU\SOFTWARE\Microsoft\Messaging" /f /v CloudServiceSyncEnabled /d 0 /t reg_dword
  414. ::reg delete "HKCU\SOFTWARE\Microsoft\Messaging" /f /v CloudServiceSyncEnabled
  415.  
  416. %----------% Cloud Service Sync Enabled [new users]
  417. reg add "HKU\New\SOFTWARE\Microsoft\Messaging" /f /v CloudServiceSyncEnabled /d 0 /t reg_dword
  418. ::reg delete "HKU\New\SOFTWARE\Microsoft\Messaging" /f /v CloudServiceSyncEnabled
  419.  
  420. %----------% 22. Teredo [XBox]
  421. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\TCPIP\v6Transition" /f /v Teredo_State /d "Disabled"
  422. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\TCPIP\v6Transition" /f /v Teredo_State
  423.  
  424. %----------% 23. Wi-Fi Sense
  425. reg add "HKLM\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\config" /f /v AutoConnectAllowedOEM /d 0 /t reg_dword
  426. ::reg delete "HKLM\SOFTWARE\Microsoft\WcmSvc\wifinetworkmanager\config" /f /v AutoConnectAllowedOEM
  427.  
  428. %----------% 24. Windows Defender
  429. reg add "HKLM\SOFTWARE\Policies\Microsoft\MRT" /f /v DontReportInfectionInformation /d 1 /t reg_dword
  430. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\MRT" /f /v DontReportInfectionInformation
  431.  
  432. %----------% Submit Samples Consent
  433. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /f /v SubmitSamplesConsent /d 2 /t reg_dword
  434. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /f /v SubmitSamplesConsent
  435.  
  436. %----------% Disable Enhanced Notifications
  437. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /f /v DisableEnhancedNotifications /d 1 /t reg_dword
  438. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Reporting" /f /v DisableEnhancedNotifications
  439.  
  440. %----------% Could trade a bit of privacy for more security against unclassified software
  441. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /f /v SpyNetReporting /d 2 /t reg_dword
  442. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\Spynet" /f /v SpyNetReporting
  443.  
  444. %----------% 24.1 Windows Defender SmartScreen
  445. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableSmartScreen /d 0 /t reg_dword
  446. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableSmartScreen
  447.  
  448. %----------% App Install Enabled
  449. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /f /v ConfigureAppInstallControlEnabled /d 1 /t reg_dword
  450. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /f /v ConfigureAppInstallControlEnabled
  451.  
  452. %----------% App Install Anywhere
  453. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /f /v ConfigureAppInstallControl /d "Anywhere"
  454. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen" /f /v ConfigureAppInstallControl
  455.  
  456. %----------% 25. Personalized Experiences
  457. ::reg add "HKCU\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableWindowsSpotlightFeatures /d 1 /t reg_dword
  458. reg delete "HKCU\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableWindowsSpotlightFeatures
  459.  
  460. %----------% Disable Windows Spotlight Features [new users]
  461. ::reg add "HKU\New\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableWindowsSpotlightFeatures /d 1 /t reg_dword
  462. reg delete "HKU\New\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableWindowsSpotlightFeatures
  463.  
  464. %----------% No Lock Screen
  465. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /f /v NoLockScreen /d 1 /t reg_dword
  466. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /f /v NoLockScreen
  467.  
  468. %----------% Static Lock Screen image
  469. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /f /v LockScreenImage /d "%SystemRoot%\web\screen\img100.jpg"
  470. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /f /v LockScreenImage
  471.  
  472. %----------% Lock Screen Overlays Disabled
  473. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /f /v LockScreenOverlaysDisabled /d 1 /t reg_dword
  474. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization" /f /v LockScreenOverlaysDisabled
  475.  
  476. %----------% Windows tips
  477. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableSoftLanding /d 1 /t reg_dword
  478. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableSoftLanding
  479.  
  480. %----------% Install bloat from Store
  481. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableWindowsConsumerFeatures /d 1 /t reg_dword
  482. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\CloudContent" /f /v DisableWindowsConsumerFeatures
  483.  
  484. %----------% 26. Microsoft Store AutoDownload
  485. reg add "HKLM\SOFTWARE\Policies\Microsoft\WindowsStore" /f /v AutoDownload /d 2 /t reg_dword
  486. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\WindowsStore" /f /v AutoDownload
  487.  
  488. %----------% 27. Apps for websites
  489. ::reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableAppUriHandlers /d 0 /t reg_dword
  490. reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v EnableAppUriHandlers
  491.  
  492. %----------% 28. Windows Update Delivery Optimization
  493. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODownloadMode /d 99 /t reg_dword
  494. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /f /v DODownloadMode
  495.  
  496. %----------% 29. Windows Update AutoDownload
  497. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f /v AutoDownload /d 5 /t reg_dword
  498. ::reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f /v AutoDownload
  499.  
  500. %----------% 30. Cloud Clipboard
  501. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v AllowCrossDeviceClipboard /d 0 /t reg_dword
  502. ::reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /f /v AllowCrossDeviceClipboard
  503.  
  504. %----------% 31. Services Configuration
  505. reg add "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /f /v DisableOneSettingsDownloads /d 1 /t reg_dword
  506. ::reg delete "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /f /v DisableOneSettingsDownloads
  507.  
  508. :: HKCU entries will also be propagated to new users
  509. @reg unload HKU\New >nul
  510.  
  511. rem done!
  512. @pause & rem AveYo: more effectively could run this script via setupcomplete.cmd during windows setup
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!