SHARE
TWEET

Windows Tweaks

TairikuOkami Jul 20th, 2015 (edited) 79,085 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. rem USE AT OWN RISK AS IS WITHOUT WARRANTY OF ANY KIND !!!!!
  2.  
  3.  
  4. rem The latest cumulative update - https://support.microsoft.com/en-us/help/4555932
  5. rem CU 19041.331.1.0 - http://download.windowsupdate.com/d/msdownload/update/software/updt/2020/06/windows10.0-kb4567523-x64_34b4dbb86f35d25ce4cb839aa4007079323507d3.msu
  6. rem DISM /Online /Add-Package /PackagePath:Z:\Desktop\Windows10.0-KB4567523-x64_PSFX.cab
  7.  
  8. rem The latest servicing stack update (recommended to install before CU) - https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates
  9. rem SSU 19041.329.1.2 - http://download.windowsupdate.com/c/msdownload/update/software/secu/2020/06/windows10.0-kb4560366-x64_653c88cde27a1adff38843c1b054fbbcef380b6f.msu
  10. rem DISM /Online /Add-Package /PackagePath:Z:\Desktop\Windows10.0-KB4560366-x64.cab
  11.  
  12. rem Before making any changes, it is preferable to create a registry backup!
  13. rem https://support.microsoft.com/en-us/help/322756/how-to-back-up-and-restore-the-registry-in-windows
  14. rem https://www.tweaking.com/content/page/registry_backup.html
  15.  
  16. rem Or even better, create a system image!
  17. rem https://www.aomeitech.com/ab/standard.html
  18. rem https://www.easeus.com/backup-software/tb-free.html
  19. rem https://www.macrium.com/reflectfree
  20.  
  21. rem Disabling network services (Dhcp/NlaSvc/netprofm/nsi/RmSvc) will prevent you from managing network settings via Settings!
  22. rem Windows Defender Firewall is set to block all inbound/outbound except allowed apps, which have to be added first!
  23. rem To reset Windows to somewhat usable state or to perform Windows Updates, use https://pastebin.com/2ZFQ0HxA
  24.  
  25. rem "ValidateAdminCodeSignatures" will prevent exe without a digital signature to run as admin: "A referral was returned from the server."
  26. rem reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ValidateAdminCodeSignatures" /t REG_DWORD /d "0" /f
  27.  
  28.  
  29. rem ________________________________________________________________________________________
  30.  
  31.  
  32. rem Basic informations
  33. rem Software recommendations
  34.  
  35. rem Remove various folders, startup entries and policies
  36. rem Restore essential startup entries
  37.  
  38. rem Software Setup
  39. rem Windows Setup plus Manual Config
  40.  
  41. rem Windows Drivers
  42. rem Windows Defender Security Center
  43. rem Windows Logging
  44. rem Windows Error Reporting
  45. rem Windows Explorer
  46. rem Windows OneDrive
  47. rem Windows Optimizations
  48. rem Windows Policies
  49. rem Windows Scheduled Tasks
  50. rem Windows Services
  51. rem Windows Settings
  52. rem Windows Shell
  53. rem Windows Store
  54. rem Windows Waypoint
  55.  
  56.  
  57. rem ================================= Basic informations ===================================
  58.  
  59.  
  60. rem SeDebugPrivilege/SeTcbPrivilege - https://youtu.be/hZKLEw-Our4 - Self-elevation to System (even on SUA) used by ransomware (NotPetya/WannaCry)
  61. rem https://docs.microsoft.com/en-us/windows/device-security/security-policy-settings/act-as-part-of-the-operating-system
  62.  
  63. rem https://docs.microsoft.com/en-us/windows/deployment/update/waas-overview
  64. rem https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-configuration-service-provider
  65. rem https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-security-baselines
  66.  
  67. rem Adblock Detection - https://www.detectadblock.com / https://blockads.fivefilters.org
  68. rem Browser Leaks - https://browserleaks.com / CanvasFingerprint / WebRTC
  69. rem Browser Tracking Test - https://panopticlick.eff.org
  70. rem Privacy Info - https://github.com/CHEF-KOCH/Online-Privacy-Test-Resource-List/tree/f4f9176ae8ea44c0f77ece204ee4435e892c0a29
  71. rem Privacy Tools - https://www.ghacks.net/2015/08/14/comparison-of-windows-10-privacy-tools
  72. rem Privacy Tools - https://www.privacytools.io
  73. rem Privacy Webpage Scan - https://webbkoll.dataskydd.net
  74. rem SSL/TLS Test - https://www.ssllabs.com/ssltest
  75.  
  76. rem AV Comparison
  77. rem http://www.programmifree.com/confronti
  78. rem https://checklab.pl/en/publications
  79. rem https://www.av-comparatives.org/latest-tests
  80. rem https://www.av-test.org/en/antivirus/home-windows/windows-10
  81. rem https://www.mrg-effitas.com/test-library
  82. rem https://www.pcmag.com/roundup/267984/the-best-free-antivirus-protection
  83.  
  84. rem AVs/SSL Filtering - https://adguard.com/en/blog/everything-about-https-filtering.html - https://badssl.com
  85. rem AV is as vulnerable as any other software, but since it uses SYSTEM rights, it is more dangerous - https://cybellum.com/doubleagent-taking-full-control-antivirus
  86. rem Disable webfiltering, replacing certificates - https://www.eff.org/deeplinks/2015/02/dear-software-vendors-please-stop-trying-intercept-your-customers-encrypted
  87. rem WD being vulnerable all the time - http://news.softpedia.com/news/microsoft-releases-silent-fix-for-windows-defender-remote-code-execution-flaw-516095.shtml
  88. rem https://www.bleepingcomputer.com/news/security/smartservice-and-s5mark-acts-like-an-adware-bodyguard-by-blocking-antivirus-software/
  89. rem http://blog.emsisoft.com/2015/01/17/has-the-antivirus-industry-gone-mad
  90. rem http://www.makeuseof.com/tag/antivirus-tracking-youd-surprised-sends
  91. rem https://www.av-test.org/en/news/news-single-view/data-protection-or-virus-protection
  92.  
  93. rem DNS Benchmark / Namebench - https://code.google.com/archive/p/namebench/downloads
  94. rem DNS Hijack / https://sockpuppet.org/blog/2015/01/15/against-dnssec / https://recdnsfp.github.io
  95. rem DNS Encryption (setup DNS server as 127.0.0.1) - https://simplednscrypt.org
  96. rem DNS ESNI Test - https://www.cloudflare.com/ssl/encrypted-sni/
  97. rem DNS Fix / DNS-Lock - https://www.sordum.org/9432/dns-lock-v1-4/
  98. rem DNS List - https://wiki.ipfire.org/dns/public-servers
  99.  
  100. rem Family Filtering (adult/proxy/search)
  101. rem Cloudflare - https://developers.cloudflare.com/1.1.1.1/1.1.1.1-for-families/setup-instructions/windows/
  102. rem CleanBrowsing - https://cleanbrowsing.org/ip-address
  103. rem DNS Family - https://dnsforfamily.com/#DNS_Servers
  104. rem Enforce Safe Search (=Adult Filter) - https://chrome.google.com/webstore/detail/enforce-safe-search-adult/fiopkogmohpinncfhneadmpkcikmgkgc
  105. rem NextDNS - https://www.nextdns.io
  106. rem OpenDNS - https://www.opendns.com/setupguide/#familyshield
  107.  
  108. rem VPN Comparison / Anonymity
  109. rem https://arstechnica.com/tech-policy/2017/03/senate-votes-to-let-isps-sell-your-web-browsing-history-to-advertisers
  110. rem https://sec.hpi.de/ilc/search
  111. rem https://thatoneprivacysite.net/simple-vpn-comparison-chart
  112. rem https://www.msgsafe.io
  113. rem https://www.av-comparatives.org/tests/vpn-report-2020-35-services/
  114.  
  115. rem Windows Hardening
  116. rem https://hard-configurator.com
  117. rem https://www.novirusthanks.org/products/syshardener
  118.  
  119. rem Windows Repair Toolbox - https://windows-repair-toolbox.com
  120. rem Windows 10 Drivers - https://www.catalog.update.microsoft.com/Home.aspx
  121. rem Windows 10 Forums - https://www.tenforums.com/general-support/58375-newly-added-tutorials.html
  122. rem Windows 10 Policies - https://getadmx.com/?Category=Windows_10_2016
  123. rem Windows 10 Support - https://technet.microsoft.com/en-us/windows/support-windows-10.aspx
  124.  
  125. rem Windows ISO
  126. rem https://genuineisoverifier.weebly.com
  127. rem https://msdn.rg-adguard.net
  128. rem https://tb.rg-adguard.net
  129. rem https://uup.rg-adguard.net
  130. rem https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool
  131.  
  132. rem Check ISO Windows versions and build version
  133. rem dism /Get-WimInfo /WimFile:F:\sources\install.wim
  134. rem dism /Get-WimInfo /WimFile:F:\sources\install.wim /index:1
  135. rem dism /Get-WimInfo /WimFile:F:\sources\install.esd /index:1
  136.  
  137. rem https://www.tenforums.com/tutorials/3109-shell-commands-list-windows-10-a.html
  138. rem https://www.tenforums.com/tutorials/3123-clsid-key-guid-shortcuts-list-windows-10-a.html
  139. rem https://www.tenforums.com/tutorials/3234-environment-variables-windows-10-a.html
  140. rem https://www.tenforums.com/tutorials/77458-rundll32-commands-list-windows-10-a.html
  141. rem https://www.tenforums.com/tutorials/78108-app-commands-list-windows-10-a.html
  142. rem https://www.tenforums.com/tutorials/78214-settings-pages-list-uri-shortcuts-windows-10-a.html
  143.  
  144.  
  145. rem =============================== Software recommendations ===============================
  146.  
  147.  
  148. rem AntiVirus software
  149. rem Adaware (MT) - https://www.adaware.com/antivirus
  150. rem Adaware Silent - App Managment - Enable Gaming Mode / Disable ThreatWork Alliance
  151. rem Kaspersky Security Cloud (RU) - https://www.kaspersky.com/downloads/thank-you/try-free-cloud-antivirus
  152. rem Kaspersky Security Cloud Setup - Accept Kaspersky Security Network and Decline Data Processing / Recommended - uncheck All
  153. rem Kaspersky Security Cloud Setup - Uninstall Kaspersky Secure Connection (trial VPN)
  154. rem Kaspersky Security Cloud Setup -  Settings - Additional - Notifications - uncheck News Notifications and Promotional Materials
  155. rem Kaspersky Security Cloud Performance - Settings - Protection - Turn Off All, but File Anti-Virus
  156. rem Kaspersky Security Cloud Performance - Settings - Additional - uncheck Inject script into web traffic / Do not scan encrypted connections
  157. rem Symantec Noscript (disable WSH when run as admin) - http://www.symantec.com/avcenter/noscript.exe
  158.  
  159. rem AntiVirus software (Cloud only)
  160. rem Immunet (US) - http://www.immunet.com/index
  161. rem Panda (ES) (it has to be updated manually to the latest version) - https://www.pandasecurity.com/usa/homeusers/solutions/free-antivirus
  162. rem Panda Setup - Uncheck Install Panda Safe Web
  163. rem Panda Performance - Settings - General - Disable Panda news / Antivirus - Block files for 10 seconds/Disable show warning/Process Monitor - Disable both
  164.  
  165. rem AntiVirus software - additional protection (can be run alongisde of realtime AV)
  166. rem Immunet - http://www.immunet.com/index
  167. rem OSArmor - https://www.novirusthanks.org/products/osarmor
  168. rem SecureAPlus Freemium (SG) - https://www.secureaplus.com/download - https://www.secureaplus.com/download/free-extension
  169. rem VoodooShield (US) - https://voodooshield.com
  170.  
  171. rem Browser Extensions useful against (99% malware comes via an email or a browser)
  172. rem Adult Content (Chrome/Firefox) - http://www.cloudacl.com/antiporn
  173. rem CDN (Chrome/Firefox/Opera) - https://decentraleyes.org
  174. rem Coinhive, Malware and Popups (Chrome/Firefox/Opera) - https://add0n.com/popup-blocker.html
  175. rem Cookie Warnings (Chrome/Firefox/Opera) - https://www.i-dont-care-about-cookies.eu
  176. rem Filter Lists - https://filterlists.com - https://energized.pro
  177. rem Malware (Chrome/Firefox/Opera) - https://www.bitdefender.com/solutions/trafficlight.html
  178. rem Malware (Chrome/Firefox) - https://www.malwarebytes.com/browserguard
  179. rem Phishing (Chrome/Firefox/Opera) - https://toolbar.netcraft.com
  180. rem Punycode Domains (Chrome/Firefox/Opera) - https://github.com/AykutCevik/IDN-Safe
  181. rem Tracking (Chrome/Firefox/Opera) - https://www.eff.org/privacybadger
  182. rem (Install Chrome Extensions in Opera) - https://addons.opera.com/en/extensions/details/install-chrome-extensions
  183.  
  184. rem Cleanup software
  185. rem Driver Store Explorer - https://github.com/lostindark/DriverStoreExplorer/releases
  186. rem Geek Uninstaller - https://geekuninstaller.com
  187. rem Wise Disk Cleaner - http://www.wisecleaner.com/wise-disk-cleaner.html
  188. rem Wise Registry Cleaner - http://www.wisecleaner.com/wise-registry-cleaner.html
  189.  
  190. rem Firewall software
  191. rem FortKnox Firewall (SK) - http://fortknox-firewall.com
  192. rem Zone Alarm Firewall (IL) - http://www.zonealarm.com/software/free-firewall
  193.  
  194. rem Firewall software using Windows Firewall
  195. rem Glasswire (US) - https://www.glasswire.com
  196. rem Windows 10 Firewall Control (US) - http://www.sphinx-soft.com/Vista/order.html
  197.  
  198. rem Sandbox software
  199. rem 360 Total Security Essential (CN) - https://www.360totalsecurity.com/en/features/360-total-security-essential
  200. rem Shade Sandbox (US) - http://www.shadesandbox.com
  201. rem Sandboxie (US) - https://www.sandboxie.com
  202.  
  203. rem Security cleanup software (portable on-demand scanners)
  204. rem Antivirus Rescue Disks - https://www.techradar.com/in/best/best-antivirus-rescue-disk
  205. rem AdwCleaner (US) - https://www.malwarebytes.com/adwcleaner/
  206. rem Dr.Web CureIt (RU) - https://free.drweb.com/download+cureit+free
  207. rem Emsisoft Emergency Kit (NZ) - https://www.emsisoft.com/en/home/emergencykit
  208. rem Kaspersky TDSSKiller (RU) - https://usa.kaspersky.com/downloads/tdsskiller
  209. rem Kaspersky Virus Removal Tool (RU) - https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool
  210. rem MWAV (IN) - https://escanav.com/en/mwav-tools/download-free-antivirus-toolkit.asp
  211. rem RKill (BleepingComputer) - https://www.bleepingcomputer.com/download/rkill/
  212.  
  213. rem Security cleanup software (online/updatable on-demand scanners)
  214. rem ESET Online Scanner (SK) - https://www.eset.com/us/home/online-scanner
  215. rem F-Secure Online Scanner (US) - https://www.f-secure.com/en/home/free-tools/online-scanner
  216. rem HitmanPro (UK) - https://www.softpedia.com/get/Internet/Popup-Ad-Spyware-Blockers/Hitman-Pro.shtml
  217. rem Norton Power Eraser (US) - https://us.norton.com/support/tools/npe.html
  218. rem Panda Cloud Cleaner (ES) - https://www.pandasecurity.com/en-us/homeusers/solutions/cloud-cleaner
  219. rem Trend Micro HouseCall (US) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
  220.  
  221. rem Software
  222. rem Application Updates / Patch My PC - https://patchmypc.net
  223. rem Bandwidth Meter / NetTraffic - https://www.venea.net/web/nettraffic
  224. rem Bootable USB / Universal USB Installer - https://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3
  225. rem Bootloader / EasyBCD - https://www.softpedia.com/get/System/OS-Enhancements/EasyBCD.shtml
  226. rem Bootloader / EasyUEFI - https://www.softpedia.com/get/System/Boot-Manager-Disk/EasyUEFI.shtml
  227. rem Browser / Yandex.Browser - https://browser.yandex.com/security
  228. rem Calc / Old Calculator - https://winaero.com/download.php?view.1795
  229. rem Cloud Backup / IceDrive - https://icedrive.net/plans
  230. rem Cloud Backup / PolarBackup - https://www.polarbackup.com/#pricing
  231. rem Compact/Compress Files / Compact GUI - https://github.com/ImminentFate/CompactGUI
  232. rem Computer Management / NirLauncher - http://launcher.nirsoft.net
  233. rem CPU Info / CPU-Z - https://www.cpuid.com/softwares/cpu-z.html
  234. rem CPU Test / Prime95 - https://www.mersenne.org/download
  235. rem Data Recovery / DMDE Free Edition - https://dmde.com/download.html - https://www.techradar.com/how-to/computing/how-to-recover-lost-or-deleted-files-1307921/2
  236. rem Data Recovery / EaseUS Data Recovery Wizard - https://www.easeus.com/datarecoverywizard/free-data-recovery-software.htm
  237. rem Directx 9.0 Runtimes / DirectX Redistributable June 2010 - http://www.softpedia.com/get/System/OS-Enhancements/DirectX-9.0c-Redistributable.shtml
  238. rem Disc to MKV / MakeMKV Beta - http://www.makemkv.com/download / Key - https://www.makemkv.com/forum2/viewtopic.php?f=5&t=1053
  239. rem Disk Info / CrystalDiskInfo - https://crystalmark.info/en/software/crystaldiskinfo
  240. rem Disk Scan / HDDScan - http://hddscan.com
  241. rem Disk Space Usage / WizTree - https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive
  242. rem Disk Speed Test / CCSIO Benchmark - https://ccsiobench.com
  243. rem Disk Surface Test / Macrorit Disk Scanner - https://macrorit.com/disk-surface-test/disk-surface-test.html
  244. rem Driver Updates / Driver Easy - https://www.drivereasy.com
  245. rem eMail Client / POP Peeper - https://www.esumsoft.com/products/pop-peeper
  246. rem File Archiver / 7-zip - https://www.7-zip.org
  247. rem GPU Info / GPU-Z - https://www.techpowerup.com/gpuz
  248. rem GPU Test / Furmark - https://geeks3d.com/furmark
  249. rem Hardware Information / HWiNFO - https://www.hwinfo.com/download.php
  250. rem Hardware Monitor / HWMonitor - https://www.cpuid.com/softwares/hwmonitor.html
  251. rem Image Viewer / XnView - https://www.xnview.com/en/xnview/#downloads
  252. rem Media Player / PotPlayer - https://daumpotplayer.com
  253. rem NET 3.5 Feature Installer for Windows 10 x86/x64 - https://github.com/abbodi1406/dotNetFx35W10/releases
  254. rem Network Optimization / TCP Optimizer - https://www.speedguide.net/downloads.php
  255. rem Network Settings Manager / NetSetMan - https://www.netsetman.com/en/freeware
  256. rem Office Suite / FreeOffice - https://www.freeoffice.com/en/freeoffice
  257. rem Paint / Classic Paint - https://winaero.com/blog/download-classic-paint-windows-10
  258. rem Partition Manager / Macrorit Partition Expert - https://macrorit.com/partition-magic-manager/free-edition.html
  259. rem Password Manager (Offline) / KeePass Professional Edition - https://keepass.info/download.html
  260. rem Password Manager (Online) / Bitwarden - https://bitwarden.com
  261. rem PDF Editor / FreePDF - https://www.getfreepdf.com
  262. rem PDF Viewer / Sumatra PDF - https://www.sumatrapdfreader.org/free-pdf-reader.html
  263. rem Performance / DPC Latency Checker - https://www.thesycon.de/eng/latency_check.shtml
  264. rem Performance / LatencyMon - http://www.resplendence.com/latencymon
  265. rem Performance / Process Lasso - https://bitsum.com
  266. rem Performance / Windows System Timer Tool - https://vvvv.org/contribution/windows-system-timer-tool
  267. rem Permissions / Reset permissions/Take Ownership - http://lallouslab.net/2013/08/26/resetting-ntfs-files-permission-in-windows-graphical-utility/
  268. rem Process Monitor / Process Monitor - https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx
  269. rem Radio / Odio - https://audials.com/en/radio
  270. rem RAM Fix / Intelligent standby list cleaner (+Timer Resolution) - https://www.wagnardsoft.com/content/intelligent-standby-list-cleaner-v1000-released
  271. rem RAM Free / Mem Reduct - https://www.henrypp.org/product/memreduct
  272. rem RAM Disk / AMD Radeon RAMDisk (4GB) - http://www.radeonramdisk.com/software_downloads.php
  273. rem RAM Disk / ImDisk Toolkit (Unlimited/Unsigned) - https://sourceforge.net/projects/imdisk-toolkit
  274. rem RAM Info / RAMExpert - http://www.kcsoftwares.com/?ramexpert
  275. rem RAM Test / Memtest (run one process per each 2GB) - https://hcidesign.com/memtest
  276. rem Remote Support / TeamViewer - https://www.teamviewer.com/en/download/windows
  277. rem Remove Locked File/Folder / LockHunter - https://lockhunter.com
  278. rem Screen Recorder / FlashBack Express - https://www.flashbackrecorder.com/express
  279. rem Search / UltraSearch - https://www.jam-software.com/ultrasearch
  280. rem Startup Manager / Autoruns - https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
  281. rem Streaming / Streamlabs OBS - https://streamlabs.com
  282. rem System Imaging / AOMEI Backupper Standard - https://www.aomeitech.com/ab/standard.html
  283. rem System Restore / RollBack Rx Home Edition - https://horizondatasys.com/rollback-rx-time-machine/rollback-rx-home
  284. rem Task Manager / Process Hacker - https://wj32.org/processhacker/nightly.php
  285. rem Undervolting / ThrottleStop - https://www.techpowerup.com/download/techpowerup-throttlestop
  286. rem Uninstaller / HiBit Uninstaller - http://hibitsoft.ir
  287. rem Visual C++ / AIO Repack - https://pastebin.com/raw/46rfrtBv
  288. rem Visual C++ / Latest Visual C++ Downloads - https://support.microsoft.com/en-au/help/2977003/the-latest-supported-visual-c-downloads
  289. rem Wallpaper - Live / Wallpaper Engine - https://store.steampowered.com/app/431960
  290. rem Windows Explorer Tabs / Clover - http://en.ejie.me
  291. rem Windows Tweaks / Ultimate Windows Tweaker - https://www.thewindowsclub.com/ultimate-windows-tweaker-4-windows-10
  292. rem Windows Tweaks / Winaero Tweaker - https://winaero.com/comment.php?comment.news.1836
  293. rem Windows Updates / Windows Update Manager - https://github.com/DavidXanatos/wumgr/releases
  294. rem Windows Updates Email Alerts / Microsoft Technical Security Notifications - https://www.microsoft.com/en-us/msrc/technical-security-notifications
  295.  
  296.  
  297. rem ============= Remove various files, folders, startup entries and policies ==============
  298.  
  299.  
  300. rem Take ownership of Desktop
  301. takeown /s %computername% /u %username% /f "%SystemDrive%\Users\Public\Desktop" /r /d y
  302. icacls "%SystemDrive%\Users\Public\Desktop" /inheritance:r
  303. icacls "%SystemDrive%\Users\Public\Desktop" /inheritance:e /grant:r %username%:(OI)(CI)F /t /l /q /c
  304. takeown /s %computername% /u %username% /f "%USERPROFILE%\Desktop" /r /d y
  305. icacls "%USERPROFILE%\Desktop" /inheritance:r
  306. icacls "%USERPROFILE%\Desktop" /inheritance:e /grant:r %username%:(OI)(CI)F /t /l /q /c
  307. takeown /s %computername% /u %username% /f "Z:\Desktop" /r /d y
  308. icacls "Z:\Desktop" /inheritance:r
  309. icacls "Z:\Desktop" /inheritance:e /grant:r %username%:(OI)(CI)F /t /l /q /c
  310.  
  311. rem Remove user account
  312. net user defaultuser0 /delete
  313.  
  314. rem Remove random files/folders - https://github.com/MoscaDotTo/Winapp2/blob/master/Winapp3/Winapp3.ini
  315. del "%AppData%\Microsoft\Windows\Recent\*" /s /f /q
  316. del "%SystemDrive%\AMFTrace.log" /s /f /q
  317. del "%WINDIR%\System32\sru\*" /s /f /q
  318. rd "%SystemDrive%\AMD" /s /q
  319. rd "%SystemDrive%\PerfLogs" /s /q
  320. rd "%SystemDrive%\Recovery" /s /q
  321. rd "%ProgramData%\Microsoft\Diagnosis" /s /q
  322. rd "%ProgramData%\Microsoft\DiagnosticLogCSP" /s /q
  323. rd "%ProgramData%\Microsoft\Network" /s /q
  324. rd "%ProgramData%\Microsoft\Search" /s /q
  325. rd "%ProgramData%\Microsoft\SmsRouter" /s /q
  326. rd "%ProgramData%\Microsoft\Windows Defender" /s /q
  327. rd "%ProgramData%\Microsoft\Windows Security Health" /s /q
  328. rd "%AppData%\ArtifexMundi\SparkPromo" /s /q
  329. rd "%LocalAppData%\MicrosoftEdge" /s /q
  330. rd "%LocalAppData%\Microsoft\Internet Explorer" /s /q
  331. rd "%LocalAppData%\Microsoft\Windows\AppCache" /s /q
  332. rd "%LocalAppData%\Microsoft\Windows\History" /s /q
  333. rd "%LocalAppData%\Microsoft\Windows\IECompatCache" /s /q
  334. rd "%LocalAppData%\Microsoft\Windows\IECompatUaCache" /s /q
  335. rd "%LocalAppData%\Microsoft\Windows\INetCache" /s /q
  336. rd "%LocalAppData%\Microsoft\Windows\INetCookies" /s /q
  337. rd "%LocalAppData%\Microsoft\Windows\WebCache" /s /q
  338. rd "%LocalAppData%\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB" /s /q
  339. rd "C:\Users\Mikai\3D Objects" /s /q
  340. rd "C:\Users\Mikai\Favorites" /s /q
  341. rd "C:\Users\Mikai\Links" /s /q
  342. rd "C:\Users\Mikai\Music" /s /q
  343. rd "C:\Users\Mikai\Searches" /s /q
  344.  
  345. rem Remove/Rebuild Font Cache
  346. del "%WinDir%\ServiceProfiles\LocalService\AppData\Local\FontCache\*FontCache*"/s /f /q
  347. del "%WinDir%\System32\FNTCACHE.DAT" /s /f /q
  348.  
  349. rem Remove Windows Powershell (to restore run "sfc /scannow")
  350. rem http://www.malwaretech.com/2017/02/lets-unpack-dridex-loader.html
  351. rem https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy
  352. rem https://www.mrg-effitas.com/current-state-of-malicious-powershell-script-blocking
  353. rem https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking
  354. taskkill /im PowerShell.exe /f
  355. taskkill /im PowerShell_ISE.exe /f
  356. takeown /s %computername% /u %username% /f "%ProgramFiles%\WindowsPowerShell" /r /d y
  357. icacls "%ProgramFiles%\WindowsPowerShell" /inheritance:r /grant:r %username%:(OI)(CI)F /t /l /q /c
  358. rd "%ProgramFiles%\WindowsPowerShell" /s /q
  359. takeown /s %computername% /u %username% /f "%ProgramFiles(x86)%\WindowsPowerShell" /r /d y
  360. icacls "%ProgramFiles(x86)%\WindowsPowerShell" /grant:r %username%:(OI)(CI)F /t /l /q /c
  361. rd "%ProgramFiles(x86)%\WindowsPowerShell" /s /q
  362. takeown /s %computername% /u %username% /f "%WinDir%\System32\WindowsPowerShell" /r /d y
  363. icacls "%WinDir%\System32\WindowsPowerShell" /grant:r %username%:(OI)(CI)F /t /l /q /c
  364. rd "%WinDir%\System32\WindowsPowerShell" /s /q
  365. takeown /s %computername% /u %username% /f "%WinDir%\SysWOW64\WindowsPowerShell" /r /d y
  366. icacls "%WinDir%\SysWOW64\WindowsPowerShell" /grant:r %username%:(OI)(CI)F /t /l /q /c
  367. rd "%WinDir%\SysWOW64\WindowsPowerShell" /s /q
  368.  
  369. rem Remove Startup Folders
  370. takeown /s %computername% /u %username% /f "%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup"
  371. icacls "%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup" /grant:r %username%:(OI)(CI)F /t /l /q /c
  372. del "%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup\*" /s /f /q
  373. del "%AppData%\Microsoft\Windows\Start Menu\Programs\Startup\*" /s /f /q
  374.  
  375. rem Remove random reg keys (Startup/Privacy/Policies/Malware related)
  376. reg delete "HKCU\Software\Classes\ms-settings\shell\open" /f
  377. reg delete "HKCU\Software\Microsoft\Command Processor" /v "AutoRun" /f
  378. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /f
  379. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU" /f
  380. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved" /f
  381. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths" /f
  382. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery" /f
  383. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\PackagedAppXDebug" /f
  384. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies" /f
  385. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /f
  386. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" /f
  387. reg delete "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v "Load" /f
  388. reg delete "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /f
  389. reg delete "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" /f
  390. reg delete "HKCU\Software\Policies" /f
  391. reg delete "HKLM\Software\Microsoft\Command Processor" /v "AutoRun" /f
  392. reg delete "HKLM\Software\Microsoft\Policies" /f
  393. reg delete "HKLM\Software\Microsoft\Tracing" /f
  394. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f
  395. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" /f
  396. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler" /f
  397. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" /f
  398. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved" /f
  399. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies" /f
  400. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /f
  401. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce" /f
  402. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx" /f
  403. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" /f
  404. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
  405. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Font Drivers" /f
  406. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /f
  407. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server" /f
  408. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v "AppInit_DLLs" /f
  409. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /f
  410. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /f
  411. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "VMApplet" /f
  412. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells" /f
  413. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" /f
  414. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman" /f
  415. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit" /f
  416. reg delete "HKLM\Software\Policies" /f
  417. reg delete "HKLM\Software\WOW6432Node\Microsoft\Policies" /f
  418. reg delete "HKLM\Software\WOW6432Node\Microsoft\Tracing" /f
  419. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" /f
  420. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" /f
  421. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" /f
  422. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnceEx" /f
  423. reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies" /f
  424. reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
  425. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /f
  426. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows" /v "AppInit_DLLs" /f
  427. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /f
  428. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /f
  429. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "VMApplet" /f
  430. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells" /f
  431. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" /f
  432. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman" /f
  433. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit" /f
  434. reg delete "HKLM\Software\WOW6432Node\Policies" /f
  435. reg delete "HKLM\System\CurrentControlSet\Control\Keyboard Layout" /v "Scancode Map" /f
  436. reg delete "HKLM\System\CurrentControlSet\Control\SafeBoot" /v "AlternateShell" /f
  437. reg delete "HKLM\System\CurrentControlSet\Control\SecurePipeServers\winreg" /f
  438. reg delete "HKLM\System\CurrentControlSet\Control\Session Manager" /v "BootExecute" /f
  439. reg delete "HKLM\System\CurrentControlSet\Control\Session Manager" /v "Execute" /f
  440. reg delete "HKLM\System\CurrentControlSet\Control\Session Manager" /v "SETUPEXECUTE" /f
  441. reg delete "HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd" /v "StartupPrograms" /f
  442.  
  443.  
  444. rem =========================== Restore essential startup entries ==========================
  445.  
  446.  
  447. rem Run bcdedit command to check for the current status / Yes = True / No = False
  448. rem https://msdn.microsoft.com/en-us/library/windows/hardware/ff542202(v=vs.85).aspx
  449. bcdedit /deletevalue {current} safeboot
  450. bcdedit /deletevalue {current} safebootalternateshell
  451. bcdedit /deletevalue {current} removememory
  452. bcdedit /deletevalue {current} truncatememory
  453. bcdedit /deletevalue {current} useplatformclock
  454. bcdedit /deletevalue {default} safeboot
  455. bcdedit /deletevalue {default} safebootalternateshell
  456. bcdedit /deletevalue {default} removememory
  457. bcdedit /deletevalue {default} truncatememory
  458. bcdedit /deletevalue {default} useplatformclock
  459. bcdedit /set {bootmgr} displaybootmenu no
  460. bcdedit /set {current} advancedoptions false
  461. bcdedit /set {current} bootems no
  462. bcdedit /set {current} bootmenupolicy legacy
  463. bcdedit /set {current} bootstatuspolicy IgnoreAllFailures
  464. bcdedit /set {current} disabledynamictick yes
  465. bcdedit /set {current} recoveryenabled no
  466. bcdedit /set {default} advancedoptions false
  467. bcdedit /set {default} bootems no
  468. bcdedit /set {default} bootmenupolicy legacy
  469. bcdedit /set {default} bootstatuspolicy IgnoreAllFailures
  470. bcdedit /set {default} disabledynamictick yes
  471. bcdedit /set {default} recoveryenabled no
  472.  
  473. rem reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "7 Taskbar Tweaker" /t REG_SZ /d "\"%AppData%\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe\" -hidewnd" /f
  474. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "POP Peeper" /t REG_SZ /d "\"%ProgramFiles% (x86)\POP Peeper\poppeeper.exe\" -min" /f
  475. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v "EvtMgr6" /t REG_SZ /d "%ProgramFiles%\Logitech\SetPointP\SetPoint.exe" /f
  476. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /t REG_SZ /d "explorer.exe" /f
  477. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /t REG_SZ /d "C:\Windows\System32\userinit.exe," /f
  478. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /t REG_SZ /d "explorer.exe" /f
  479. reg add "HKLM\System\CurrentControlSet\Control\Session Manager" /v "BootExecute" /t REG_MULTI_SZ /d "autocheck autochk *" /f
  480. reg add "HKLM\System\CurrentControlSet\Control\Session Manager" /v "SETUPEXECUTE" /t REG_MULTI_SZ /d "" /f
  481.  
  482.  
  483. rem =================================== Software Setup =====================================
  484.  
  485.  
  486. rem 7-zip
  487. reg add "HKCU\Software\7-Zip\Compression" /v "Archiver" /t "REG_SZ" /d "7z" /f
  488. reg add "HKCU\Software\7-Zip\Compression" /v "Level" /t "REG_DWORD" /d "9" /f
  489. reg add "HKCU\Software\7-Zip\Compression\Options\7z" /v "Level" /t "REG_DWORD" /d "9" /f
  490. reg add "HKCU\Software\7-Zip\Options" /v "CascadedMenu" /t "REG_DWORD" /d "1" /f
  491. reg add "HKCU\Software\7-Zip\Options" /v "ContextMenu" /t "REG_DWORD" /d "263" /f
  492.  
  493. rem 7+ Taskbar Tweaker
  494. reg add "HKCU\Software\7 Taskbar Tweaker" /v "hidetray" /t "REG_DWORD" /d "1" /f
  495. reg add "HKCU\Software\7 Taskbar Tweaker" /v "updcheck" /t "REG_DWORD" /d "0" /f
  496. reg add "HKCU\Software\7 Taskbar Tweaker" /v "updcheckauto" /t "REG_DWORD" /d "0" /f
  497. reg add "HKCU\Software\7 Taskbar Tweaker\OptionsEx" /v "w10_large_icons" /t "REG_DWORD" /d "1" /f
  498.  
  499. rem Logitech Setpoint
  500. taskkill /im LogiAppBroker.exe /f
  501. taskkill /im LogitechUpdate.exe /f
  502. taskkill /im LULnchr.exe /f
  503. taskkill /im KHALMNPR.exe /f
  504. taskkill /im Setpoint.exe /f
  505. del "%ProgramFiles%\Logitech\SetPointP\LogiAppBroker.exe" /s /f /q
  506. del "%ProgramFiles%\Logitech\SetPointP\msvcp110.dll" /s /f /q
  507. rd "%ProgramFiles%\Common Files\LogiShrd\sp6\LU1" /s /q
  508. rd "%ProgramFiles%\Common Files\LogiShrd\Unifying\LU" /s /q
  509.  
  510. rem Notepad
  511. reg add "HKCU\Software\Microsoft\Notepad" /v "iWindowPosDX" /t REG_DWORD /d "1934" /f
  512. reg add "HKCU\Software\Microsoft\Notepad" /v "iWindowPosDY" /t REG_DWORD /d "651" /f
  513. reg add "HKCU\Software\Microsoft\Notepad" /v "iWindowPosX" /t REG_DWORD /d "4294967289" /f
  514. reg add "HKCU\Software\Microsoft\Notepad" /v "iWindowPosY" /t REG_DWORD /d "436" /f
  515.  
  516. rem Regedit
  517. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit" /v "View" /t REG_BINARY /d "2c0000000000000001000000fffffffffffffffffffffffffffffffff8ffffff0000000086070000ee0100002f01000027010000780000002502000003000000" /f
  518.  
  519. rem TruckersMP
  520. rem takeown /s %computername% /u %username% /f "%ProgramData%\TruckersMP" /r /d y
  521. takeown /f "%ProgramData%\TruckersMP" /a
  522. reg add "HKLM\Software\TruckersMP" /v "InstallDir" /t REG_SZ /d "D:\TruckersMP Launcher" /f
  523. reg add "HKLM\Software\TruckersMP" /v "InstallLocationETS2" /t REG_SZ /d "D:\Steam\steamapps\common\Euro Truck Simulator 2" /f
  524.  
  525. rem XnView
  526. reg add "HKCU\Software\XnView" /v "UseRegistry" /t "REG_DWORD" /d "1" /f
  527. reg add "HKCU\Software\XnView\Browser" /v "ShowToolTips" /t "REG_DWORD" /d "0" /f
  528. reg add "HKCU\Software\XnView\Browser" /v "StartupDirectory" /t "REG_SZ" /d "Z:\Desktop" /f
  529. reg add "HKCU\Software\XnView\Browser" /v "StartupIn" /t "REG_DWORD" /d "2" /f
  530. reg add "HKCU\Software\XnView\Capture" /v "Delay" /t "REG_DWORD" /d "2" /f
  531. reg add "HKCU\Software\XnView\Capture" /v "Directory" /t "REG_SZ" /d "Z:\Desktop" /f
  532. reg add "HKCU\Software\XnView\Capture" /v "HotKey" /t "REG_DWORD" /d "9" /f
  533. reg add "HKCU\Software\XnView\Capture" /v "IncludeCursor" /t "REG_DWORD" /d "0" /f
  534. reg add "HKCU\Software\XnView\Capture" /v "Method" /t "REG_DWORD" /d "0" /f
  535. reg add "HKCU\Software\XnView\Capture" /v "Multiple" /t "REG_DWORD" /d "1" /f
  536. reg add "HKCU\Software\XnView\Capture" /v "SaveIntoFile" /t "REG_DWORD" /d "1" /f
  537. reg add "HKCU\Software\XnView\Start" /v "MaximizeXnviewAtStartup" /t "REG_DWORD" /d "1" /f
  538. reg add "HKCU\Software\XnView\Start" /v "OnlyOneInstance" /t "REG_DWORD" /d "1" /f
  539. reg add "HKCU\Software\XnView\Start" /v "PathSave" /t "REG_SZ" /d "Z:\Desktop" /f
  540. reg add "HKCU\Software\XnView\Start" /v "SavePosition" /t "REG_DWORD" /d "0" /f
  541. reg add "HKCU\Software\XnView\Start" /v "ShowSaveDlg" /t "REG_DWORD" /d "0" /f
  542.  
  543.  
  544. rem =========================== Windows Setup plus Manual Config ===========================
  545.  
  546.  
  547. rem Windows Setup 1 (Basics plus Manual software install) - https://pastebin.com/CKQed9ZX
  548. rem Windows Setup 2 (Install drivers/software plus Manual Config) - https://pastebin.com/Lxe09qsU
  549. rem Disable Windows Defender - https://pastebin.com/kYCVzZPz (run twice to disable WD services, but disable tamper protection first)
  550.  
  551.  
  552. rem ==================================== Windows Drivers ===================================
  553.  
  554.  
  555. rem It is not possible to uninstall network adapters since 1803
  556. rem https://social.technet.microsoft.com/Forums/en-US/38e53f34-a607-4368-9d9b-7acba1d32b80/cannot-uninstall-protocols-such-as-client-for-microsoft-networks
  557.  
  558. rem AF-UNIX socket provider / Default - 1
  559. reg add "HKLM\System\CurrentControlSet\Services\afunix" /v "Start" /t REG_DWORD /d "4" /f
  560.  
  561. rem AMD PSP Service / Default - 0
  562. reg add "HKLM\System\CurrentControlSet\Services\amdpsp" /v "Start" /t REG_DWORD /d "4" /f
  563.  
  564. rem Background Activity Moderator Driver / Default - 1
  565. reg add "HKLM\System\CurrentControlSet\Services\bam" /v "Start" /t REG_DWORD /d "4" /f
  566.  
  567. rem CD-ROM Driver / Default - 1
  568. reg add "HKLM\System\CurrentControlSet\Services\cdrom" /v "Start" /t REG_DWORD /d "4" /f
  569.  
  570. rem Intel(R) Telemetry Service / Default - 0
  571. reg add "HKLM\System\CurrentControlSet\Services\Telemetry" /v "Start" /t REG_DWORD /d "4" /f
  572.  
  573. rem Link-Layer Topology Discovery Responder / Default - 2
  574. reg add "HKLM\System\CurrentControlSet\Services\rspndr" /v "Start" /t REG_DWORD /d "4" /f
  575.  
  576. rem Link-Layer Topology Discovery Mapper I/O Driver / Default - 2
  577. reg add "HKLM\System\CurrentControlSet\Services\lltdio" /v "Start" /t REG_DWORD /d "4" /f
  578.  
  579. rem Microsoft LLDP Protocol Driver / Default - 2
  580. reg add "HKLM\System\CurrentControlSet\Services\MsLldp" /v "Start" /t REG_DWORD /d "4" /f
  581.  
  582. rem Microsoft Hyper-V Virtualization Infrastructure Driver / Default - 3
  583. reg add "HKLM\System\CurrentControlSet\Services\Vid" /v "Start" /t REG_DWORD /d "4" /f
  584.  
  585. rem Microsoft Virtual Network Adapter Enumerator / Default - 3
  586. reg add "HKLM\System\CurrentControlSet\Services\NdisVirtualBus" /v "Start" /t REG_DWORD /d "4" /f
  587.  
  588. rem NativeWifi Miniport Driver / Default - 3
  589. reg add "HKLM\System\CurrentControlSet\Services\NativeWifiP" /v "Start" /t REG_DWORD /d "4" /f
  590.  
  591. rem QoS for storage I/O traffic / Default - 2
  592. reg add "HKLM\System\CurrentControlSet\Services\storqosflt" /v "Start" /t REG_DWORD /d "4" /f
  593.  
  594. rem QoS Multimeda Class Scheduler / Default - 2
  595. reg add "HKLM\System\CurrentControlSet\Services\MMCSS" /v "Start" /t REG_DWORD /d "4" /f
  596.  
  597. rem QoS Packet Scheduler / Default - 1
  598. reg add "HKLM\System\CurrentControlSet\Services\Psched" /v "Start" /t REG_DWORD /d "4" /f
  599.  
  600. rem Named pipe service trigger provider / Default - 1
  601. rem https://msdn.microsoft.com/en-us/library/windows/desktop/aa365590(v=vs.85).aspx
  602. reg add "HKLM\System\CurrentControlSet\Services\npsvctrig" /v "Start" /t REG_DWORD /d "4" /f
  603.  
  604. rem NetBIOS Interface / Default - 1
  605. reg add "HKLM\System\CurrentControlSet\Services\NetBIOS" /v "Start" /t REG_DWORD /d "4" /f
  606.  
  607. rem NetBIOS over TCP/IP / Default - 1
  608. reg add "HKLM\System\CurrentControlSet\Services\NetBT" /v "Start" /t REG_DWORD /d "4" /f
  609.  
  610. rem Remote Access IP ARP Driver / Default - 2
  611. reg add "HKLM\System\CurrentControlSet\Services\wanarp" /v "Start" /t REG_DWORD /d "4" /f
  612.  
  613. rem Remote Desktop Device Redirector Bus Driver / Default - 3
  614. reg add "HKLM\System\CurrentControlSet\Services\rdpbus" /v "Start" /t REG_DWORD /d "4" /f
  615.  
  616. rem System Guard Runtime Monitor Agent Driver / Default - 0
  617. rem https://www.reddit.com/r/PUBATTLEGROUNDS/comments/8jgz6g/disabling_control_flow_guard_in_windows_defender
  618. reg add "HKLM\System\CurrentControlSet\Services\SgrmAgent" /v "Start" /t REG_DWORD /d "4" /f
  619.  
  620. rem Storage Spaces Driver / Default - 0
  621. reg add "HKLM\System\CurrentControlSet\Services\spaceport" /v "Start" /t REG_DWORD /d "4" /f
  622.  
  623. rem The framework for network mini-redirectors / Default - 1
  624. rem https://docs.microsoft.com/en-us/windows-hardware/drivers/ifs/the-redirected-drive-buffering-subsystem
  625. reg add "HKLM\System\CurrentControlSet\Services\rdbss" /v "Start" /t REG_DWORD /d "4" /f
  626.  
  627. rem Virtual WiFi Filter Driver / Default - 1
  628. reg add "HKLM\System\CurrentControlSet\Services\vwififlt" /v "Start" /t REG_DWORD /d "4" /f
  629.  
  630.  
  631. rem =========================== Windows Defender Security Center ===========================
  632.  
  633.  
  634. rem ________________________________________________________________________________________
  635. rem https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0290
  636.  
  637. rem Windows Defender Security Center service
  638. reg add "HKLM\System\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "4" /f
  639.  
  640.  
  641. rem =========================== Windows Defender Security Centre ===========================
  642. rem -------------------------------- App & browser control ---------------------------------
  643.  
  644. rem Off - Disable Windows SmartScreen / On - Enable Windows SmartScreen
  645. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
  646.  
  647. rem 0 - Disable SmartScreen Filter in Microsoft Edge / 1 - Enable
  648. reg add "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d "0" /f
  649.  
  650. rem 0 - Disable Windows SmartScreen for Windows Store Apps / 1 - Enable
  651. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t "REG_DWORD" /d "0" /f
  652.  
  653. rem ________________________________________________________________________________________
  654. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t "REG_DWORD" /d "0" /f
  655. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControl" /t REG_SZ /d "Anywhere" /f
  656. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControlEnabled" /t "REG_DWORD" /d "0" /f
  657.  
  658. rem Remove Smartscreen (to restore run "sfc /scannow")
  659. takeown /s %computername% /u %username% /f "%WinDir%\System32\smartscreen.exe"
  660. icacls "%WinDir%\System32\smartscreen.exe" /grant:r %username%:F
  661. taskkill /im smartscreen.exe /f
  662. del "%WinDir%\System32\smartscreen.exe" /s /f /q
  663.  
  664.  
  665. rem =========================== Windows Defender Security Center ===========================
  666. rem ----------------------------- Device performance & health ------------------------------
  667.  
  668. rem ________________________________________________________________________________________
  669. rem Specifies how the System responds when a user tries to install device driver files that are not digitally signed / 00 - Ignore / 01 - Warn / 02 - Block
  670. reg add "HKLM\Software\Microsoft\Driver Signing" /v "Policy" /t REG_BINARY /d "01" /f
  671.  
  672. rem Prevent device metadata retrieval from the Internet / Do not automatically download manufacturers’ apps and custom icons available for your devices
  673. rem reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Device Metadata" /v "PreventDeviceMetadataFromNetwork" /t REG_DWORD /d "1" /f
  674. rem sc config DsmSvc start= disabled
  675.  
  676. rem Do you want Windows to download driver Software / 0 - Never / 1 - Allways / 2 - Install driver Software, if it is not found on my computer
  677. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DriverSearching" /v "SearchOrderConfig" /t REG_DWORD /d "0" /f
  678.  
  679. rem Specify search order for device driver source locations
  680. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DriverSearching" /v "DontSearchWindowsUpdate" /t REG_DWORD /d "1" /f
  681. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DriverSearching" /v "DriverUpdateWizardWuSearchEnabled" /t REG_DWORD /d "0" /f
  682.  
  683. rem 1 - Disable driver updates in Windows Update
  684. reg add "HKLM\Software\Microsoft\PolicyManager\current\device\Update" /v "ExcludeWUDriversInQualityUpdate" /t REG_DWORD /d "1" /f
  685. reg add "HKLM\Software\Microsoft\PolicyManager\default\device\Update" /v "ExcludeWUDriversInQualityUpdate" /t REG_DWORD /d "1" /f
  686. reg add "HKLM\Software\Microsoft\WindowsUpdate\UX\Settings" /v "ExcludeWUDriversInQualityUpdate" /t REG_DWORD /d "1" /f
  687. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate" /v "ExcludeWUDriversInQualityUpdate" /t REG_DWORD /d "1" /f
  688.  
  689. rem Avoid the driver signing enforcement for EV cert / SHA256 Microsoft Windows signed drivers which is further enforced via Secure Boot
  690. rem reg add "HKLM\System\ControlSet001\Control\CI\Policy" /v "UpgradedSystem" /t REG_DWORD /d "1" /f
  691.  
  692.  
  693. rem =========================== Windows Defender Security Center ===========================
  694. rem ------------------------------------ Family Options ------------------------------------
  695.  
  696. rem ________________________________________________________________________________________
  697. schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyMonitor" /Disable
  698. schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyRefreshTask" /Disable
  699.  
  700.  
  701. rem =========================== Windows Defender Security Center ===========================
  702. rem ---------------------------- Firewall & network protection -----------------------------
  703.  
  704. rem Enable Windows Firewall / AllProfiles / CurrentProfile / DomainProfile / PrivateProfile / PublicProfile
  705. rem https://technet.microsoft.com/en-us/library/cc771920(v=ws.10).aspx
  706. netsh advfirewall set allprofiles state on
  707.  
  708. rem Block all inbound network traffic and all outbound except allowed apps
  709. netsh advfirewall set DomainProfile firewallpolicy blockinboundalways,blockoutbound
  710. netsh advfirewall set PrivateProfile firewallpolicy blockinboundalways,blockoutbound
  711. netsh advfirewall set PublicProfile firewallpolicy blockinboundalways,blockoutbound
  712.  
  713. rem Remove All Windows Firewall Rules
  714. netsh advfirewall firewall delete rule name=all
  715. rem reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules" /f
  716. rem reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /f
  717. reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedInterfaces" /f
  718. reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices" /f
  719.  
  720. rem Windows Firewall Rules
  721. netsh advfirewall firewall add rule name="Audials DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%ProgramFiles(x86)%\Audials\Audials 2020\Audials.exe"
  722. netsh advfirewall firewall add rule name="Audials TCP" dir=out action=allow protocol=TCP remoteport=80,443,1025-65535 program="%ProgramFiles(x86)%\Audials\Audials 2020\Audials.exe"
  723. netsh advfirewall firewall add rule name="Audials UDP" dir=out action=allow protocol=UDP remoteport=5355 remoteip=224.0.0.252 program="%ProgramFiles(x86)%\Audials\Audials 2020\Audials.exe"
  724. netsh advfirewall firewall add rule name="COD MW2 DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"
  725. netsh advfirewall firewall add rule name="COD MW2 TCP" dir=out action=allow protocol=TCP remoteport=27015 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"
  726. netsh advfirewall firewall add rule name="COD MW2 UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"
  727. netsh advfirewall firewall add rule name="COD MW3 DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe"
  728. netsh advfirewall firewall add rule name="COD MW3 TCP" dir=out action=allow protocol=TCP remoteport=3074 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe"
  729. netsh advfirewall firewall add rule name="COD MW3 UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe"
  730. netsh advfirewall firewall add rule name="Discord DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%LOCALAPPDATA%\Discord\app-0.0.306\Discord.exe"
  731. netsh advfirewall firewall add rule name="Discord TCP" dir=out action=allow protocol=TCP remoteport=443 program="%LOCALAPPDATA%\Discord\app-0.0.306\Discord.exe"
  732. netsh advfirewall firewall add rule name="Discord UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="%LOCALAPPDATA%\Discord\app-0.0.306\Discord.exe"
  733. netsh advfirewall firewall add rule name="Discord Update DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%LOCALAPPDATA%\Discord\Update.exe"
  734. netsh advfirewall firewall add rule name="Discord Update TCP" dir=out action=allow protocol=TCP remoteport=443 program="%LOCALAPPDATA%\Discord\Update.exe"
  735. netsh advfirewall firewall add rule name="DriverEasy DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%ProgramFiles%\Easeware\DriverEasy\DriverEasy.exe"
  736. netsh advfirewall firewall add rule name="DriverEasy TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="%ProgramFiles%\Easeware\DriverEasy\DriverEasy.exe"
  737. netsh advfirewall firewall add rule name="ETS2 DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe"
  738. netsh advfirewall firewall add rule name="ETS2 TCP" dir=out action=allow protocol=TCP remoteport=80,443,4455 program="D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe"
  739. netsh advfirewall firewall add rule name="ETS2 UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe"
  740. netsh advfirewall firewall add rule name="ETS2 MP DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Euro Truck Simulator 2\TruckersMP Launcher\Launcher.exe"
  741. netsh advfirewall firewall add rule name="ETS2 MP TCP" dir=out action=allow protocol=TCP remoteip=104.16.0.0-104.31.255.255 remoteport=80 program="D:\Euro Truck Simulator 2\TruckersMP Launcher\Launcher.exe"
  742. netsh advfirewall firewall add rule name="ETS2 MP UDP" dir=out action=allow protocol=UDP remoteip=0.0.0.0 remoteport=1025-65535 program="D:\Euro Truck Simulator 2\TruckersMP Launcher\Launcher.exe"
  743. netsh advfirewall firewall add rule name="Hitman DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Steam\steamapps\common\HITMAN2\Retail\HITMAN2.exe"
  744. netsh advfirewall firewall add rule name="Hitman TCP" dir=out action=allow protocol=TCP remoteport=443 program="D:\Steam\steamapps\common\HITMAN2\Retail\HITMAN2.exe"
  745. netsh advfirewall firewall add rule name="IP Info DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\NirLauncher\NirSoft\ipnetinfo.exe"
  746. netsh advfirewall firewall add rule name="IP Info TCP" dir=out action=allow protocol=TCP remoteport=43 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\NirLauncher\NirSoft\ipnetinfo.exe"
  747. netsh advfirewall firewall add rule name="NET DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="Z:\GoogleChromePortable\GoogleChromePortable.exe"
  748. netsh advfirewall firewall add rule name="NET TCP" dir=out action=allow protocol=TCP remoteport=443 program="Z:\GoogleChromePortable\GoogleChromePortable.exe"
  749. netsh advfirewall firewall add rule name="NETt DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="Z:\GoogleChromePortable\App\Chrome-bin\chrome.exe"
  750. netsh advfirewall firewall add rule name="NETt TCP" dir=out action=allow protocol=TCP remoteport=443 program="Z:\GoogleChromePortable\App\Chrome-bin\chrome.exe"
  751. netsh advfirewall firewall add rule name="OBS DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%ProgramFiles%\Streamlabs OBS\resources\app.asar.unpacked\node_modules\obs-studio-node\obs64.exe"
  752. netsh advfirewall firewall add rule name="OBS TCP" dir=out action=allow protocol=TCP remoteport=443,1935 program="%ProgramFiles%\Streamlabs OBS\resources\app.asar.unpacked\node_modules\obs-studio-node\obs64.exe"
  753. netsh advfirewall firewall add rule name="OBS Browser DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%ProgramFiles%\Streamlabs OBS\Streamlabs OBS.exe"
  754. netsh advfirewall firewall add rule name="OBS Browser TCP" dir=out action=allow protocol=TCP remoteport=443 program="%ProgramFiles%\Streamlabs OBS\Streamlabs OBS.exe"
  755. netsh advfirewall firewall add rule name="OBS Browser UDP" dir=out action=allow protocol=UDP remoteport=5355 program="%ProgramFiles%\Streamlabs OBS\Streamlabs OBS.exe"
  756. netsh advfirewall firewall add rule name="PatchMyPC DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\PatchMyPc\PatchMyPC.exe"
  757. netsh advfirewall firewall add rule name="PatchMyPC TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\PatchMyPc\PatchMyPC.exe"
  758. netsh advfirewall firewall add rule name="POP Peeper DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%ProgramFiles(x86)%\POP Peeper\POPPeeper.exe"
  759. netsh advfirewall firewall add rule name="POP Peeper IMAP Azet.sk" dir=out action=allow protocol=TCP remoteip=91.235.52.0-91.235.55.255 remoteport=587,993 program="%ProgramFiles(x86)%\POP Peeper\POPPeeper.exe"
  760. netsh advfirewall firewall add rule name="POP Peeper IMAP Mail.ru" dir=out action=allow protocol=TCP remoteip=94.100.176.0-94.100.183.255,217.69.136.0-217.69.141.255 remoteport=143,587 program="%ProgramFiles(x86)%\POP Peeper\POPPeeper.exe"
  761. netsh advfirewall firewall add rule name="Process Hacker DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%ProgramFiles%\Process Hacker\ProcessHacker.exe"
  762. netsh advfirewall firewall add rule name="Process Hacker VT TCP" dir=out action=allow protocol=TCP remoteip=74.125.34.46 remoteport=443 program="%ProgramFiles%\Process Hacker\ProcessHacker.exe"
  763. rem netsh advfirewall firewall add rule name="Square Enix DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Steam\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe"
  764. rem netsh advfirewall firewall add rule name="Square Enix TCP" dir=out action=allow protocol=TCP remoteport=80,443,4455 program="D:\Steam\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe"
  765. rem netsh advfirewall firewall add rule name="Svchost DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%WINDIR%\System32\svchost.exe"
  766. rem netsh advfirewall firewall add rule name="Svchost TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="%WINDIR%\System32\svchost.exe"
  767. netsh advfirewall firewall add rule name="Steam DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Steam\Steam.exe"
  768. netsh advfirewall firewall add rule name="Steam TCP" dir=out action=allow protocol=TCP remoteport=80,443,27015-27030,27050 program="D:\Steam\Steam.exe"
  769. netsh advfirewall firewall add rule name="Steam UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="D:\Steam\Steam.exe"
  770. netsh advfirewall firewall add rule name="Steam Web DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe"
  771. netsh advfirewall firewall add rule name="Steam Web TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe"
  772. netsh advfirewall firewall add rule name="TOR Firefox TCP" dir=out action=allow protocol=TCP remoteip=127.0.0.1 remoteport=1025-65535 program="Z:\Desktop\Tor Browser\Browser\firefox.exe"
  773. netsh advfirewall firewall add rule name="TOR TCP" dir=out action=allow protocol=TCP remoteport=443,1025-65535 program="Z:\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe"
  774. netsh advfirewall firewall add rule name="UAC DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="%WINDIR%\System32\consent.exe"
  775. netsh advfirewall firewall add rule name="UAC TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="%WINDIR%\System32\consent.exe"
  776. netsh advfirewall firewall add rule name="Update Time DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\Custom Tools\Added Custom Tools\UpdateTime.exe"
  777. netsh advfirewall firewall add rule name="Update Time UDP" dir=out action=allow protocol=UDP remoteport=123 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\Custom Tools\Added Custom Tools\UpdateTime.exe"
  778. netsh advfirewall firewall add rule name="WRT DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Windows_Repair_Toolbox.exe"
  779. netsh advfirewall firewall add rule name="WRT TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Windows_Repair_Toolbox.exe"
  780. rem netsh advfirewall firewall add rule name="Yandex DNS" dir=out action=allow protocol=UDP remoteip=9.9.9.9,149.112.112.112 remoteport=53 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  781. netsh advfirewall firewall add rule name="Yandex DNS TCP" dir=out action=allow protocol=TCP remoteip=185.228.168.10,185.228.169.11 remoteport=8443 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  782. netsh advfirewall firewall add rule name="Yandex DNS UDP" dir=out action=allow protocol=UDP remoteip=77.88.8.78,185.228.168.10,185.228.169.11 remoteport=8443,15353 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  783. netsh advfirewall firewall add rule name="Yandex HTTP" dir=out action=allow protocol=TCP remoteport=80 remoteip=195.28.64.101,213.46.200.16 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  784. netsh advfirewall firewall add rule name="Yandex HTTPS" dir=out action=allow protocol=TCP remoteport=443 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  785. netsh advfirewall firewall add rule name="Yandex Sync" dir=out action=allow protocol=TCP remoteip=213.180.193.0-213.180.193.255 remoteport=443,5222 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  786.  
  787.  
  788. rem =========================== Windows Defender Security Center ===========================
  789. rem ------------------------------ Virus & threat protection -------------------------------
  790.  
  791. rem ________________________________________________________________________________________
  792. rem https://technet.microsoft.com/en-us/itpro/powershell/windows/defender/set-mppreference
  793. reg delete "HKLM\Software\Policies\Microsoft\Windows Defender" /f
  794. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f
  795. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD /d "1" /f
  796. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f
  797. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtimeMonitoring" /t REG_DWORD /d "1" /f
  798. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScanOnRealtimeEnable" /t REG_DWORD /d "1" /f
  799. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Reporting" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f
  800. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f
  801. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "SpynetReporting" /t REG_DWORD /d "0" /f
  802. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f
  803.  
  804. rem Disable WD services (Tamper protection has to be disabled first)
  805. reg add "HKLM\System\CurrentControlSet\Services\WdBoot" /v "Start" /t REG_DWORD /d "4" /f
  806. reg add "HKLM\System\CurrentControlSet\Services\WdFilter" /v "Start" /t REG_DWORD /d "4" /f
  807. reg add "HKLM\System\CurrentControlSet\Services\WdNisDrv" /v "Start" /t REG_DWORD /d "4" /f
  808. reg add "HKLM\System\CurrentControlSet\Services\WdNisSvc" /v "Start" /t REG_DWORD /d "4" /f
  809. reg add "HKLM\System\CurrentControlSet\Services\WinDefend" /v "Start" /t REG_DWORD /d "4" /f
  810.  
  811. rem Disable Logging
  812. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f
  813. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
  814.  
  815. rem Disable Tasks
  816. schtasks /Change /TN "Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh" /Disable
  817. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" /Disable
  818. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Cleanup" /Disable
  819. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" /Disable
  820. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Verification" /Disable
  821.  
  822. rem Remove context menu
  823. reg delete "HKCR\*\shellex\ContextMenuHandlers\EPP" /f
  824. reg delete "HKCR\Directory\shellex\ContextMenuHandlers\EPP" /f
  825. reg delete "HKCR\Drive\shellex\ContextMenuHandlers\EPP" /f
  826.  
  827.  
  828. rem =========================== Windows Defender Security Center ===========================
  829. rem ------------------------------ Virus & threat protection -------------------------------
  830. rem .......................... Virus & threat protection settings ..........................
  831.  
  832. rem 1 - Disable Real-time protection
  833. reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f
  834. reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiVirus" /t REG_DWORD /d "1" /f
  835.  
  836.  
  837. rem =================================== Windows Logging ====================================
  838.  
  839.  
  840. rem https://blogs.technet.microsoft.com/askperf/2009/10/04/windows-7-windows-server-2008-r2-unified-background-process-manager-ubpm
  841. rem https://msdn.microsoft.com/en-us/library/windows/desktop/aa363687(v=vs.85).aspx
  842. rem https://technet.microsoft.com/en-us/library/cc722404(v=ws.11).aspx
  843. rem DiagLog is required by Diagnostic Policy Service (Troubleshooting)
  844. rem EventLog-System/EventLog-Application are required by Windows Events Log Service
  845. rem perfmon
  846.  
  847. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\AppModel" /v "Start" /t REG_DWORD /d "0" /f
  848. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\AutoLogger-Diagtrack-Listener" /v "Start" /t REG_DWORD /d "0" /f
  849. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Cellcore" /v "Start" /t REG_DWORD /d "0" /f
  850. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Circular Kernel Context Logger" /v "Start" /t REG_DWORD /d "0" /f
  851. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\CShellCircular" /v "Start" /t REG_DWORD /d "0" /f
  852. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\CloudExperienceHostOobe" /v "Start" /t REG_DWORD /d "0" /f
  853. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Diagtrack-Listener" /v "Start" /t REG_DWORD /d "0" /f
  854. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\EventLog-Application" /v "Start" /t REG_DWORD /d "0" /f
  855. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\EventLog-System" /v "Start" /t REG_DWORD /d "0" /f
  856. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DiagLog" /v "Start" /t REG_DWORD /d "0" /f
  857. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\FaceRecoTel" /v "Start" /t REG_DWORD /d "0" /f
  858. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\FaceUnlock" /v "Start" /t REG_DWORD /d "0" /f
  859. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\LwtNetLog" /v "Start" /t REG_DWORD /d "0" /f
  860. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Microsoft-Windows-Rdp-Graphics-RdpIdd-Trace" /v "Start" /t REG_DWORD /d "0" /f
  861. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\NtfsLog" /v "Start" /t REG_DWORD /d "0" /f
  862. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\ReadyBoot" /v "Start" /t REG_DWORD /d "0" /f
  863. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\TileStore" /v "Start" /t REG_DWORD /d "0" /f
  864. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Tpm" /v "Start" /t REG_DWORD /d "0" /f
  865. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\UBPM" /v "Start" /t REG_DWORD /d "0" /f
  866. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\WdiContextLog" /v "Start" /t REG_DWORD /d "0" /f
  867. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\WiFiDriverIHVSession" /v "Start" /t REG_DWORD /d "0" /f
  868. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\WiFiSession" /v "Start" /t REG_DWORD /d "0" /f
  869. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\WinPhoneCritical" /v "Start" /t REG_DWORD /d "0" /f
  870.  
  871.  
  872. rem ================================ Windows Error Reporting ===============================
  873.  
  874.  
  875. rem https://docs.microsoft.com/en-us/windows/desktop/wer/wer-settings
  876.  
  877. rem Disable Microsoft Support Diagnostic Tool MSDT
  878. reg add "HKLM\Software\Policies\Microsoft\Windows\ScriptedDiagnosticsProvider\Policy" /v "DisableQueryRemoteServer" /t REG_DWORD /d "0" /f
  879. reg add "HKLM\Software\Policies\Microsoft\Windows\ScriptedDiagnosticsProvider\Policy" /v "EnableQueryRemoteServer" /t REG_DWORD /d "0" /f
  880.  
  881. rem Disable System Debugger (Dr. Watson)
  882. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\AeDebug" /v "Auto" /t REG_SZ /d "0" /f
  883.  
  884. rem 1 - Disable Windows Error Reporting (WER)
  885. reg add "HKLM\Software\Microsoft\PCHealth\ErrorReporting" /v "DoReport" /t REG_DWORD /d "0" /f
  886. reg add "HKLM\Software\Microsoft\PCHealth\ErrorReporting" /v "ShowUI" /t REG_DWORD /d "0" /f
  887. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f
  888. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f
  889. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f
  890.  
  891. rem DefaultConsent / 1 - Always ask (default) / 2 - Parameters only / 3 - Parameters and safe data / 4 - All data
  892. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting\Consent" /v "DefaultConsent" /t REG_DWORD /d "0" /f
  893. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting\Consent" /v "DefaultOverrideBehavior" /t REG_DWORD /d "1" /f
  894. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\Consent" /v "DefaultConsent" /t REG_DWORD /d "0" /f
  895. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\Consent" /v "DefaultOverrideBehavior" /t REG_DWORD /d "1" /f
  896.  
  897. rem 1 - Disable WER sending second-level data
  898. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "DontSendAdditionalData" /t REG_DWORD /d "1" /f
  899. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "DontSendAdditionalData" /t REG_DWORD /d "1" /f
  900.  
  901. rem 1 - Disable WER crash dialogs, popups
  902. reg add "HKLM\Software\Microsoft\PCHealth\ErrorReporting" /v "ShowUI" /t REG_DWORD /d "0" /f
  903. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "DontShowUI" /t REG_DWORD /d "1" /f
  904. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "DontShowUI" /t REG_DWORD /d "1" /f
  905.  
  906. rem 1 - Disable WER logging
  907. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "LoggingDisabled" /t REG_DWORD /d "1" /f
  908. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "LoggingDisabled" /t REG_DWORD /d "1" /f
  909.  
  910. schtasks /Change /TN "Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate" /Disable
  911. schtasks /Change /TN "Microsoft\Windows\Windows Error Reporting\QueueReporting" /Disable
  912.  
  913. rem Windows Error Reporting Service
  914. sc config WerSvc start= disabled
  915.  
  916. rem Remove Windows Errror Reporting (to restore run "sfc /scannow")
  917. takeown /s %computername% /u %username% /f "%WinDir%\System32\WerFault.exe"
  918. icacls "%WinDir%\System32\WerFault.exe" /grant:r %username%:F
  919. taskkill /im WerFault.exe /f
  920. del "%WinDir%\System32\WerFault.exe" /s /f /q
  921.  
  922. takeown /s %computername% /u %username% /f "%WinDir%\SysWOW64\WerFault.exe"
  923. icacls "%WinDir%\SysWOW64\WerFault.exe" /grant:r %username%:F
  924. taskkill /im WerFault.exe /f
  925. del "%WinDir%\SysWOW64\WerFault.exe" /s /f /q
  926.  
  927. takeown /s %computername% /u %username% /f "%WinDir%\System32\WerFaultSecure.exe"
  928. icacls "%WinDir%\System32\WerFaultSecure.exe" /grant:r %username%:F
  929. taskkill /im WerFaultSecure.exe /f
  930. del "%WinDir%\System32\WerFaultSecure.exe" /s /f /q
  931.  
  932. takeown /s %computername% /u %username% /f "%WinDir%\SysWOW64\WerFaultSecure.exe"
  933. icacls "%WinDir%\SysWOW64\WerFaultSecure.exe" /grant:r %username%:F
  934. taskkill /im WerFaultSecure.exe /f
  935. del "%WinDir%\SysWOW64\WerFaultSecure.exe" /s /f /q
  936.  
  937. takeown /s %computername% /u %username% /f "%WinDir%\System32\wermgr.exe"
  938. icacls "%WinDir%\System32\wermgr.exe" /grant:r %username%:F
  939. taskkill /im wermgr.exe /f
  940. del "%WinDir%\System32\wermgr.exe" /s /f /q
  941.  
  942. takeown /s %computername% /u %username% /f "%WinDir%\SysWOW64\wermgr.exe"
  943. icacls "%WinDir%\SysWOW64\wermgr.exe" /grant:r %username%:F
  944. taskkill /im wermgr.exe /f
  945. del "%WinDir%\SysWOW64\wermgr.exe" /s /f /q
  946.  
  947.  
  948. rem =================================== Windows Explorer ===================================
  949. rem --------------------------------------- Options ----------------------------------------
  950. rem ....................................... General ........................................
  951.  
  952. rem 2 - Open File Explorer to Quick access / 1 - Open File Explorer to This PC / 3 - Open File Explorer to Downloads
  953. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "LaunchTo" /t REG_DWORD /d "3" /f
  954.  
  955. rem Single-click to open an item (point to select)
  956. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "ShellState" /t REG_BINARY /d "2400000017a8000000000000000000000000000001000000130000000000000073000000" /f
  957.  
  958. rem 2 - Underline icon titles consistent with my browser / 3 - Underline icon titles only when I point at them
  959. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "IconUnderline" /t REG_DWORD /d "2" /f
  960.  
  961. rem 1 - Show recently used folders in Quick Access
  962. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "ShowRecent" /t REG_DWORD /d "0" /f
  963.  
  964. rem 1 - Show frequently folders in Quick Access
  965. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "ShowFrequent" /t REG_DWORD /d "0" /f
  966.  
  967.  
  968. rem =================================== Windows Explorer ===================================
  969. rem --------------------------------------- Options ----------------------------------------
  970. rem ........................................ View .........................................
  971.  
  972. rem Open Explorer - Choose the desired View - View - Options - View - Apply to Folders - OK - Close Explorer ASAP
  973. rem reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags" /f
  974. rem reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU" /f
  975. rem reg delete "HKCU\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\Bags" /f
  976. rem reg delete "HKCU\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\BagMRU" /f
  977. rem reg delete "HKCU\Software\Microsoft\Windows\Shell\Bags" /f
  978. rem reg delete "HKCU\Software\Microsoft\Windows\Shell\BagMRU" /f
  979. rem reg delete "HKCU\Software\Microsoft\Windows\ShellNoRoam\Bags" /f
  980. rem reg delete "HKCU\Software\Microsoft\Windows\ShellNoRoam\BagMRU" /f
  981. reg add "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell" /v "FolderType" /t REG_SZ /d "NotSpecified" /f
  982. rem taskkill /im explorer.exe /f & explorer.exe
  983.  
  984.  
  985. rem ________________________________________________________________________________________
  986. rem Remove Network from Navigation Panel
  987. rem Take Ownership of the Registry key - https://www.youtube.com/watch?v=M1l5ifYKefg
  988. reg add "HKCR\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder" /v "Attributes" /t REG_DWORD /d "2962489444" /f
  989.  
  990. rem 1 - Hide Quick access from This PC / 0 - Show
  991. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "HubMode" /t REG_DWORD /d "1" /f
  992.  
  993. rem Show/Hide - 3D Objects from This PC
  994. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{31C0DD25-9439-4F12-BF41-7FF4EDA38722}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  995. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{31C0DD25-9439-4F12-BF41-7FF4EDA38722}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  996.  
  997. rem Show/Hide - Desktop from This PC
  998. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  999. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  1000.  
  1001. rem Show/Hide - Documents from This PC
  1002. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{f42ee2d3-909f-4907-8871-4c22fc0bf756}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  1003. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{f42ee2d3-909f-4907-8871-4c22fc0bf756}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  1004.  
  1005. rem Show/Hide - Downloads from This PC
  1006. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7d83ee9b-2244-4e70-b1f5-5393042af1e4}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  1007. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7d83ee9b-2244-4e70-b1f5-5393042af1e4}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  1008.  
  1009. rem Show/Hide - Movies/Videos from This PC
  1010. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{35286a68-3c57-41a1-bbb1-0eae73d76c95}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  1011. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{35286a68-3c57-41a1-bbb1-0eae73d76c95}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  1012.  
  1013. rem Show/Hide - Music from This PC
  1014. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{a0c69a99-21c8-4671-8703-7934162fcf1d}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  1015. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{a0c69a99-21c8-4671-8703-7934162fcf1d}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  1016.  
  1017. rem Show/Hide - Pictures from This PC
  1018. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{0ddd015d-b06c-45d5-8c4c-f59713854639}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  1019. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{0ddd015d-b06c-45d5-8c4c-f59713854639}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  1020.  
  1021. rem Remove Desktop folder from This PC
  1022. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
  1023. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
  1024.  
  1025. rem Remove Documents folder from This PC
  1026. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
  1027. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
  1028.  
  1029. rem Remove Downloads folder from This PC
  1030. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
  1031. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
  1032.  
  1033. rem Remove Movies folder from This PC
  1034. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
  1035. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
  1036.  
  1037. rem Remove Music folder from This PC on
  1038. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
  1039. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
  1040.  
  1041. rem Remove Pictures folder from This PC
  1042. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
  1043. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
  1044.  
  1045.  
  1046. rem =================================== Windows Explorer ===================================
  1047. rem --------------------------------------- Options ----------------------------------------
  1048. rem .................................. Advanced Settings ...................................
  1049.  
  1050. rem 1 - Show hidden files, folders and drives
  1051. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Hidden" /t REG_DWORD /d "1" /f
  1052.  
  1053. rem 0 - Show extensions for known file types
  1054. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d "0" /f
  1055.  
  1056. rem 0 - Hide protected operating system files
  1057. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowSuperHidden" /t REG_DWORD /d "1" /f
  1058.  
  1059. rem 1 - Launch folder windows in a separate process
  1060. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "SeparateProcess" /t REG_DWORD /d "1" /f
  1061.  
  1062. rem 1 - Show Sync Provider Notifications in Windows Explorer (ADs)
  1063. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowSyncProviderNotifications" /t REG_DWORD /d "0" /f
  1064.  
  1065. rem 1 - Use Sharing Wizard
  1066. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "SharingWizardOn" /t REG_DWORD /d "0" /f
  1067.  
  1068. rem Navigation pane - 1 - Expand to open folder
  1069. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "NavPaneExpandToCurrentFolder" /t REG_DWORD /d "0" /f
  1070.  
  1071. rem ________________________________________________________________________________________
  1072. rem 0 - All of the components of Windows Explorer run a single process / 1 - All instances of Windows Explorer run in one process and the Desktop and Taskbar run in a separate process
  1073. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "DesktopProcess" /t REG_DWORD /d "1" /f
  1074.  
  1075. rem Yes - Use Inline AutoComplete in File Explorer and Run Dialog / No
  1076. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete" /v "Append Completion" /t REG_SZ /d "No" /f
  1077.  
  1078. rem 0 - Do this for all current items checkbox / 1 - Disabled
  1079. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\OperationStatusManager" /v "ConfirmationCheckBoxDoForAll" /t REG_DWORD /d "0" /f
  1080.  
  1081. rem 1 - Always show more details in copy dialog
  1082. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\OperationStatusManager" /v "EnthusiastMode" /t REG_DWORD /d "0" /f
  1083.  
  1084. rem 1 - Display confirmation dialog when deleting files
  1085. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "ConfirmFileDelete" /t REG_DWORD /d "1" /f
  1086.  
  1087. rem 1075839525 - Auto arrange icons and Align icons to grid on Desktop / 1075839520 / 1075839521 / 1075839524
  1088. reg add "HKCU\Software\Microsoft\Windows\Shell\Bags\1\Desktop" /v "FFlags" /t REG_DWORD /d "1075839525" /f
  1089.  
  1090. rem 1 - Disable Look for an app in the Store (How do you want to open this file)
  1091. reg add "HKLM\Software\Policies\Microsoft\Windows\Explorer" /v "NoUseStoreOpenWith" /t REG_DWORD /d "1" /f
  1092.  
  1093.  
  1094. rem ================================== Windows OneDrive ====================================
  1095.  
  1096.  
  1097. rem Remove OneDrive
  1098. taskkill /F /IM onedrive.exe
  1099. rem "%SYSTEMROOT%\System32\OneDriveSetup.exe" /uninstall
  1100. rem "%SYSTEMROOT%\SysWOW64\OneDriveSetup.exe" /uninstall
  1101. rd "%LOCALAPPDATA%\Microsoft\OneDrive" /Q /S
  1102. rd "%PROGRAMDATA%\Microsoft OneDrive" /Q /S
  1103. rd "%USERPROFILE%\OneDrive" /Q /S
  1104.  
  1105. rem 0 - Remove from Windows Explorer
  1106. reg add "HKCR\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f
  1107. reg add "HKCR\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f
  1108. reg add "HKCU\Software\Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f
  1109. reg add "HKCU\Software\Classes\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f
  1110.  
  1111. rem Hide One Drive Icon on Desktop
  1112. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /t REG_DWORD /d "1" /f
  1113.  
  1114. rem Disable network traffic pre user sign-in
  1115. reg add "HKLM\Software\Policies\Microsoft\OneDrive" /v "PreventNetworkTrafficPreUserSignIn" /t REG_DWORD /d "1" /f
  1116.  
  1117. rem 1 - Disable sync files to One Drive
  1118. reg add "HKCU\Software\Microsoft\OneDrive" /v "DisablePersonalSync" /t REG_DWORD /d "1" /f
  1119. reg add "HKLM\Software\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSync" /t REG_DWORD /d "1" /f
  1120. reg add "HKLM\Software\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d "1" /f
  1121. reg add "HKLM\Software\Wow6432Node\Policies\Microsoft\Windows\Onedrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d "1" /f
  1122.  
  1123. rem 1 - Disable saving Libraries to OneDrive
  1124. reg add "HKLM\Software\Policies\Microsoft\Windows\OneDrive" /v "DisableLibrariesDefaultSaveToOneDrive" /t REG_DWORD /d "1" /f
  1125. reg add "HKLM\Software\Wow6432Node\Policies\Microsoft\Windows\Onedrive" /v "DisableLibrariesDefaultSaveToOneDrive" /t REG_DWORD /d "1" /f
  1126.  
  1127. rem 1 - Disable Sync over metered network
  1128. reg add "HKLM\Software\Policies\Microsoft\Windows\OneDrive" /v "DisableMeteredNetworkFileSync" /t REG_DWORD /d "1" /f
  1129. reg add "HKLM\Software\Wow6432Node\Policies\Microsoft\Windows\Onedrive" /v "DisableMeteredNetworkFileSync" /t REG_DWORD /d "1" /f
  1130.  
  1131. rem Remove Startup entry
  1132. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "OneDrive" /f
  1133.  
  1134. rem Disable Service
  1135. sc config OneSyncSvc start= disabled
  1136. sc config OneSyncSvc_Session1 start= disabled
  1137.  
  1138. rem Disable Task
  1139. schtasks /Change /TN "OneDrive Standalone Update Task v2" /Disable
  1140.  
  1141.  
  1142. rem ================================ Windows Optimizations =================================
  1143.  
  1144.  
  1145. rem https://msdn.microsoft.com/en-us/library/ee377058(v=bts.10).aspx
  1146. rem https://channel9.msdn.com/Blogs/Seth-Juarez/Memory-Compression-in-Windows-10-RTM
  1147. rem https://blogs.technet.microsoft.com/markrussinovich/2008/07/21/pushing-the-limits-of-windows-physical-memory/
  1148.  
  1149. rem Determines whether user processes end automatically when the user either logs off or shuts down / 1 - Processes end automatically
  1150. reg add "HKCU\Control Panel\Desktop" /v "AutoEndTasks" /t REG_SZ /d "1" /f
  1151.  
  1152. rem Specifies the number of times the taskbar button flashes to notify the user that the system has activated a background window
  1153. rem If the time elapsed since the last user input exceeds the value of the ForegroundLockTimeout entry, the window will automatically be brought to the foreground
  1154. reg add "HKCU\Control Panel\Desktop" /v "ForegroundFlashCount" /t REG_SZ /d "0" /f
  1155.  
  1156. rem ForegroundLockTimeout specifies the time in milliseconds, following user input, during which the system keeps applications from moving into the foreground / 0 - Disabled / 200000 - Default
  1157. reg add "HKCU\Control Panel\Desktop" /v "ForegroundLockTimeout" /t REG_DWORD /d "0" /f
  1158.  
  1159. rem Specifies in milliseconds how long the System waits for user processes to end after the user clicks the End Task command button in Task Manager
  1160. reg add "HKCU\Control Panel\Desktop" /v "HungAppTimeout" /t REG_SZ /d "25000" /f
  1161.  
  1162. rem Determines how long the System waits for user processes to end after the user attempts to log off or to shut down
  1163. reg add "HKCU\Control Panel\Desktop" /v "WaitToKillAppTimeout" /t REG_SZ /d "25000" /f
  1164.  
  1165. rem Determines in milliseconds how long the System waits for services to stop after notifying the service that the System is shutting down
  1166. reg add "HKLM\System\CurrentControlSet\Control" /v "WaitToKillServiceTimeout" /t REG_SZ /d "25000" /f
  1167.  
  1168. rem Determines in milliseconds the interval from the time the cursor is pointed at a menu until the menu items are displayed
  1169. reg add "HKCU\Control Panel\Desktop" /v "MenuShowDelay" /t REG_SZ /d "0" /f
  1170.  
  1171. rem Remove Windows Mouse Acceleration Curve
  1172. reg delete "HKCU\Control Panel\Mouse" /v "SmoothMouseXCurve" /f
  1173. reg delete "HKCU\Control Panel\Mouse" /v "SmoothMouseYCurve" /f
  1174.  
  1175. rem Mouse Hover Time in milliseconds before Pop-up Display
  1176. reg add "HKCU\Control Panel\Mouse" /v "MouseHoverTime" /t REG_SZ /d "0" /f
  1177.  
  1178. rem How long in milliseconds you want to have for a startup delay time for desktop apps that run at startup to load
  1179. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Serialize" /v "StartupDelayInMSec" /t REG_DWORD /d "0" /f
  1180.  
  1181. rem n - Disable Background disk defragmentation / y - Enable How long in milliseconds you want to have for a startup delay time for desktop apps that run at startup to load
  1182. reg add "HKLM\Software\Microsoft\Dfrg\BootOptimizeFunction" /v "Enable" /t REG_SZ /d "n" /f
  1183.  
  1184. rem 0 - Disable Background auto-layout / Disable Optimize Hard Disk when idle
  1185. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OptimalLayout" /v "EnableAutoLayout" /t REG_DWORD /d "0" /f
  1186.  
  1187. rem Disable Automatic Maintenance / Scheduled System Maintenance
  1188. reg add "HKLM\Software\Microsoft\Windows\ScheduledDiagnostics" /v "EnabledExecution" /t REG_DWORD /d "0" /f
  1189. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\Maintenance" /v "MaintenanceDisabled" /t REG_DWORD /d "1" /f
  1190. reg add "HKLM\Software\Policies\Microsoft\Windows\ScheduledDiagnostics" /v "EnabledExecution" /t REG_DWORD /d "0" /f
  1191.  
  1192. rem 0 - Enables 8dot3 name creation for all volumes on the system / 1 - Disables 8dot3 name creation for all volumes on the system / 2 - Sets 8dot3 name creation on a per volume basis / 3 - Disables 8dot3 name creation for all volumes except the system volume
  1193. rem fsutil 8dot3name scan c:\
  1194. fsutil behavior set disable8dot3 1
  1195.  
  1196. rem 1 - Disable the Encrypting File System (EFS)
  1197. fsutil behavior set disableencryption 1
  1198.  
  1199. rem 1 - When listing directories, NTFS does not update the last-access timestamp, and it does not record time stamp updates in the NTFS log
  1200. fsutil behavior set disablelastaccess 1
  1201.  
  1202. rem 5 - 5 secs / Delay Chkdsk startup time at OS Boot
  1203. reg add "HKLM\System\CurrentControlSet\Control\Session Manager" /v "AutoChkTimeout" /t REG_DWORD /d "5" /f
  1204.  
  1205. rem 0 - Establishes a standard size file-system cache of approximately 8 MB / 1 - Establishes a large system cache working set that can expand to physical memory, minus 4 MB, if needed
  1206. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management" /v "LargeSystemCache" /t REG_DWORD /d "1" /f
  1207.  
  1208. rem 0 - Drivers and the kernel can be paged to disk as needed / 1 - Drivers and the kernel must remain in physical memory
  1209. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management" /v "DisablePagingExecutive" /t REG_DWORD /d "1" /f
  1210.  
  1211. rem 0 - Disable Prefetch / 1 - Enable Prefetch when the application starts / 2 - Enable Prefetch when the device starts up / 3 - Enable Prefetch when the application or device starts up
  1212. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v "EnablePrefetcher" /t REG_DWORD /d "0" /f
  1213.  
  1214. rem 0 - Disable SuperFetch / 1 - Enable SuperFetch when the application starts up / 2 - Enable SuperFetch when the device starts up / 3 - Enable SuperFetch when the application or device starts up
  1215. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v "EnableSuperfetch" /t REG_DWORD /d "0" /f
  1216.  
  1217. rem 0 - Disable It / 1 - Default
  1218. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v "SfTracingState" /t REG_DWORD /d "0" /f
  1219.  
  1220. rem 0 - Disable Fast Startup for a Full Shutdown / 1 - Enable Fast Startup (Hybrid Boot) for a Hybrid Shutdown
  1221. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Power" /v "HiberbootEnabled" /t REG_DWORD /d "0" /f
  1222.  
  1223. rem Disable Hibernation / Disable Fast Startup (Hybrid Boot)
  1224. powercfg -h off
  1225.  
  1226.  
  1227. rem =================================== Windows Policies ===================================
  1228.  
  1229.  
  1230. rem https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services
  1231. rem https://docs.microsoft.com/en-us/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew10
  1232. rem https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-configuration-service-provider
  1233. rem https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-security-baselines
  1234.  
  1235. rem ________________________________________________________________________________________
  1236. rem 1808 - Disable the warning The Publisher could not be verified
  1237. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations" /v "DefaultFileTypeRisk" /t REG_DWORD /d "1808" /f
  1238.  
  1239. rem Disable Security warning to unblock the downloaded file
  1240. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments" /v "SaveZoneInformation" /t REG_DWORD /d "1" /f
  1241.  
  1242. rem 1 - Disable Low Disk Space Alerts
  1243. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoLowDiskSpaceChecks" /t REG_DWORD /d "1" /f
  1244. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoLowDiskSpaceChecks" /t REG_DWORD /d "1" /f
  1245.  
  1246. rem 1 - Don't run specified exe
  1247. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "DisallowRun" /t REG_DWORD /d "1" /f
  1248. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "1" /t REG_SZ /d "bash.exe" /f
  1249. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "2" /t REG_SZ /d "mshta.exe" /f
  1250. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "3" /t REG_SZ /d "msra.exe" /f
  1251. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "4" /t REG_SZ /d "powershell_ise.exe" /f
  1252. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "5" /t REG_SZ /d "powershell.exe" /f
  1253. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "6" /t REG_SZ /d "psexec.exe" /f
  1254. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "7" /t REG_SZ /d "nc.exe" /f
  1255. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "8" /t REG_SZ /d "nc64.exe" /f
  1256. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "9" /t REG_SZ /d "bitsadmin.exe" /f
  1257. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "10" /t REG_SZ /d "cipher.exe" /f
  1258. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "11" /t REG_SZ /d "scrcons.exe" /f
  1259. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "12" /t REG_SZ /d "wbemtest.exe" /f
  1260. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "13" /t REG_SZ /d "winrm.exe" /f
  1261. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "14" /t REG_SZ /d "winrs.exe" /f
  1262. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "15" /t REG_SZ /d "wecutil.exe" /f
  1263. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "16" /t REG_SZ /d "werfault.exe" /f
  1264. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "17" /t REG_SZ /d "wscript.exe" /f
  1265. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "18" /t REG_SZ /d "cscript.exe" /f
  1266. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "19" /t REG_SZ /d "hh.exe" /f
  1267.  
  1268. rem N - Disable Distributed Component Object Model (DCOM) support in Windows / Y - Enable
  1269. reg add "HKLM\Software\Microsoft\Ole" /v "EnableDCOM" /t REG_SZ /d "N" /f
  1270.  
  1271. rem 0 - Disable Microsoft Windows Just-In-Time (JIT) script debugging
  1272. reg add "HKCU\Software\Microsoft\Windows Script\Settings" /v "JITDebug" /t REG_DWORD /d "0" /f
  1273. reg add "HKU\.Default\Microsoft\Windows Script\Settings" /v "JITDebug" /t REG_DWORD /d "0" /f
  1274.  
  1275. rem 1 - When the system detects that the user is downloading an external program that runs as part of the Windows user interface, the system searches for a digital certificate or requests that the user approve the action
  1276. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "EnforceShellExtensionSecurity" /t REG_DWORD /d "1" /f
  1277.  
  1278. rem Disable Active Desktop
  1279. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideIcons" /t REG_DWORD /d "0" /f
  1280. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop" /v "NoAddingComponents" /t REG_DWORD /d "1" /f
  1281. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop" /v "NoComponents" /t REG_DWORD /d "1" /f
  1282. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "ForceActiveDesktopOn" /t REG_DWORD /d "0" /f
  1283. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoActiveDesktop" /t REG_DWORD /d "1" /f
  1284. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoActiveDesktopChanges" /t REG_DWORD /d "1" /f
  1285. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoDesktop" /t REG_DWORD /d "0" /f
  1286.  
  1287. rem Enables or disables the retrieval of online tips and help for the Settings app (ADs)
  1288. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "AllowOnlineTips" /t REG_DWORD /d "0" /f
  1289.  
  1290. rem 1 - Disable recent documents history
  1291. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoRecentDocsHistory" /t REG_DWORD /d "1" /f
  1292.  
  1293. rem 1 - Do not add shares from recently opened documents to the My Network Places folder
  1294. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "Norecentdocsnethood" /t REG_DWORD /d "1" /f
  1295.  
  1296. rem 0 - Disable configuring the machine at boot-up / 1 - Enable configuring the machine at boot-up / 2 - Enable configuring the machine only if DSC is in pending or current state (Default)
  1297. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "DSCAutomationHostEnabled" /t REG_DWORD /d "0" /f
  1298.  
  1299. rem 0 - Disable / 1 - Enable (Default)
  1300. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableCursorSuppression" /t REG_DWORD /d "0" /f
  1301.  
  1302. rem 0 - Disable Administrative Shares
  1303. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "LocalAccountTokenFilterPolicy" /t REG_DWORD /d "0" /f
  1304. reg add "HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters" /v "AutoShareServer" /t REG_DWORD /d "0" /f
  1305. reg add "HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters" /v "AutoShareWks" /t REG_DWORD /d "0" /f
  1306.  
  1307. rem Disable SMB 1.0/2.0
  1308. reg add "HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters" /v "SMB1" /t REG_DWORD /d "0" /f
  1309. reg add "HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters" /v "SMB2" /t REG_DWORD /d "0" /f
  1310.  
  1311. rem Disabling PowerShell script execution / Restricting PowerShell to Constrained Language mode
  1312. rem Set-ExecutionPolicy bypass - noprofile
  1313. reg add "HKLM\Software\Microsoft\PowerShell\1\ShellIds\ScriptedDiagnostics" /v "ExecutionPolicy" /t REG_SZ /d "Restricted" /f
  1314. reg add "HKLM\Software\WOW6432Node\Microsoft\PowerShell\1\ShellIds\ScriptedDiagnostics" /v "ExecutionPolicy" /t REG_SZ /d "Restricted" /f
  1315. reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /t REG_DWORD /d "0" /f
  1316. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Environment" /v "__PSLockDownPolicy" /t REG_SZ /d "4" /f
  1317.  
  1318. rem Determines how many user account entries Windows saves in the logon cache on the local computer.
  1319. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "CachedLogonsCount" /t REG_DWORD /d "0" /f
  1320.  
  1321. rem Locky ransomware using VBscript (Visual Basic Script) - https://blog.avast.com/a-closer-look-at-the-locky-ransomware
  1322. rem 0 - Disable Windows Script Host (WSH) (prevents majority of malware from working, especially when removing PowerShell as well, Disable ExecutionPolicy can be easily bypassed)
  1323. rem Also disabled via DisallowRun "wscript.exe" and "cscript.exe"
  1324. reg add "HKCU\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
  1325. reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
  1326. reg add "HKLM\Software\WOW6432Node\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
  1327.  
  1328. rem Prevent Microsoft Edge from starting and loading the Start and New Tab page at Windows startup and each time Microsoft Edge is closed
  1329. reg add "HKCU\Software\Policies\Microsoft\MicrosoftEdge" /v "AllowPrelaunch" /t REG_DWORD /d "0" /f
  1330. reg add "HKCU\Software\Policies\Microsoft\MicrosoftEdge\Main" /v "AllowPrelaunch" /t REG_DWORD /d "0" /f
  1331. reg add "HKCU\Software\Policies\Microsoft\MicrosoftEdge\TabPreloader" /v "AllowTabPreloading" /t REG_DWORD /d "0" /f
  1332. reg add "HKCU\Software\Policies\Microsoft\MicrosoftEdge\TabPreloader" /v "PreventTabPreloading" /t REG_DWORD /d "1" /f
  1333. reg add "HKLM\Software\Policies\Microsoft\MicrosoftEdge" /v "AllowPrelaunch" /t REG_DWORD /d "0" /f
  1334. reg add "HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main" /v "AllowPrelaunch" /t REG_DWORD /d "0" /f
  1335. reg add "HKLM\Software\Policies\Microsoft\MicrosoftEdge\TabPreloader" /v "AllowTabPreloading" /t REG_DWORD /d "0" /f
  1336. reg add "HKLM\Software\Policies\Microsoft\MicrosoftEdge\TabPreloader" /v "PreventTabPreloading" /t REG_DWORD /d "1" /f
  1337.  
  1338. rem Disable Customer Experience Improvement (CEIP/SQM - Software Quality Management)
  1339. reg add "HKLM\Software\Policies\Microsoft\Internet Explorer\SQM" /v "DisableCustomerImprovementProgram" /t REG_DWORD /d "0" /f
  1340. reg add "HKLM\Software\Policies\Microsoft\Messenger\Client" /v "CEIP" /t REG_DWORD /d "2" /f
  1341. reg add "HKLM\Software\Policies\Microsoft\SQMClient\Windows" /v "CEIPEnable" /t REG_DWORD /d "0" /f
  1342.  
  1343. rem 0 - Disable Application Impact Telemetry (AIT)
  1344. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "AITEnable" /t REG_DWORD /d "0" /f
  1345.  
  1346. rem 0 - Disable Inventory Collector
  1347. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "DisableInventory" /t REG_DWORD /d "1" /f
  1348.  
  1349. rem 0 - Disable Program Compatibility Assistant
  1350. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "DisablePCA" /t REG_DWORD /d "1" /f
  1351.  
  1352. rem 1 - The device does not store the user's credentials for automatic sign-in after a Windows Update restart. The users' lock screen apps are not restarted after the system restarts.
  1353. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "DisableAutomaticRestartSignOn" /t REG_DWORD /d "1" /f
  1354.  
  1355. rem 1 - Disable Steps Recorder (Steps Recorder keeps a record of steps taken by the user, the data includes user actions such as keyboard input and mouse input user interface data and screen shots)
  1356. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "DisableUAR" /t REG_DWORD /d "1" /f
  1357. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Application-Experience/Steps-Recorder" /v "Enabled" /t REG_DWORD /d "0" /f
  1358.  
  1359. rem 1 - Specifies that Windows does not automatically encrypt eDrives
  1360. reg add "HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices" /v "TCGSecurityActivationDisabled" /t REG_DWORD /d "1" /f
  1361.  
  1362. rem 1 - Disable Network Connection Status Indicator (NCSI) - HKLM\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet
  1363. reg add "HKLM\Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator" /v "NoActiveProbe" /t REG_DWORD /d "1" /f
  1364.  
  1365. rem Disable PerfTrack (tracking of responsiveness events)
  1366. reg add "HKLM\Software\Policies\Microsoft\Windows\WDI\{9c5a40da-b965-4fc3-8781-88dd50a6299d}" /v "ScenarioExecutionEnabled" /t REG_DWORD /d "0" /f
  1367.  
  1368. rem 1000000000000 - Block untrusted fonts and log events / 2000000000000 - Do not block untrusted fonts / 3000000000000 - Log events without blocking untrusted fonts
  1369. reg add "HKLM\Software\Policies\Microsoft\Windows NT\MitigationOptions" /v "MitigationOptions_FontBocking" /t REG_SZ /d "1000000000000" /f
  1370.  
  1371. rem 1 - Enable Shutdown Event Tracker / 0 - Disable (Default)
  1372. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Reliability" /v "ShutdownReasonOn" /t REG_DWORD /d "0" /f
  1373. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Reliability" /v "ShutdownReasonUI" /t REG_DWORD /d "0" /f
  1374.  
  1375. rem 1 - Do not allow storage of passwords and credentials for network authentication in the Credential Manager
  1376. reg add "HKLM\System\CurrentControlSet\Control\Lsa" /v "DisableDomainCreds" /t REG_DWORD /d "1" /f
  1377.  
  1378. rem Digest Security Provider is disabled by default, but malware can enable it to recover the plain text passwords from the system’s memory (+CachedLogonsCount/+DisableDomainCreds/+DisableAutomaticRestartSignOn)
  1379. reg add "HKLM\System\CurrentControlSet\Control\SecurityProviders\WDigest" /v "UseLogonCredential" /t REG_DWORD /d "0" /f
  1380.  
  1381. rem 0 - Turn off Windows Network Connectivity Status Indicator active tests
  1382. reg add "HKLM\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet" /v "EnableActiveProbing" /t REG_DWORD /d "0" /f
  1383.  
  1384. rem The system registry is no longer backed up to the RegBack folder starting in Windows 10 version 1803
  1385. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Configuration Manager" /v "EnablePeriodicBackup" /t REG_DWORD /d "1" /f
  1386.  
  1387. rem No-one will be a member of the built-in group, although it will still be visible in the Object Picker / 1 - all users logging on to a session on the server will be made a member of the TERMINAL SERVER USER group
  1388. reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v "TSUserEnabled" /t REG_DWORD /d "0" /f
  1389.  
  1390.  
  1391. rem =================================== Windows Policies ===================================
  1392. rem --------------------------------- User Account Control ---------------------------------
  1393.  
  1394. rem https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd835564(v=ws.10)
  1395. rem Reason to set UAC to Always Notify - https://technet.microsoft.com/en-us/library/2009.07.uac.aspx#id0560031
  1396.  
  1397. rem 0 - Elevate without prompting / 1 - Prompt for credentials on the secure desktop / 2 - Prompt for consent on the secure desktop / 3 - Prompt for credentials / 4 - Prompt for consent / 5 (Default) - Prompt for consent for non-Windows binaries
  1398. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ConsentPromptBehaviorAdmin" /t REG_DWORD /d "1" /f
  1399.  
  1400. rem 0 - Automatically deny elevation requests / 1 - Prompt for credentials on the secure desktop / 3 (Default) - Prompt for credentials
  1401. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ConsentPromptBehaviorUser" /t REG_DWORD /d "0" /f
  1402.  
  1403. rem 2 (Default)
  1404. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableFullTrustStartupTasks" /t REG_DWORD /d "0" /f
  1405.  
  1406. rem Detect application installations and prompt for elevation / 1 - Enabled (default for home) / 0 - Disabled (default for enterprise)
  1407. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableInstallerDetection" /t REG_DWORD /d "1" /f
  1408.  
  1409. rem Run all administrators in Admin Approval Mode / 0 - Disabled (UAC) / 1 - Enabled (UAC)
  1410. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t REG_DWORD /d "1" /f
  1411.  
  1412. rem Only elevate UIAccess applications that are installed in secure locations / 0 - Disabled / 1 (Default) - Enabled
  1413. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableSecureUIAPaths" /t REG_DWORD /d "1" /f
  1414.  
  1415. rem 0 (Default) = Disabled / 1 - Enabled
  1416. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableUwpStartupTasks" /t REG_DWORD /d "0" /f
  1417.  
  1418. rem Allow UIAccess applications to prompt for elevation without using the secure desktop / 0 (Default) = Disabled / 1 - Enabled
  1419. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableUIADesktopToggle" /t REG_DWORD /d "0" /f
  1420.  
  1421. rem https://technet.microsoft.com/en-us/itpro/windows/keep-secure/deploy-device-guard-enable-virtualization-based-security
  1422. rem 0 - Disabled / 1 - Enabled (Default)
  1423. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableVirtualization" /t REG_DWORD /d "0" /f
  1424.  
  1425. rem Admin Approval Mode for the built-in Administrator account / 0 (Default) - Disabled / 1 - Enabled
  1426. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "FilterAdministratorToken" /t REG_DWORD /d "1" /f
  1427.  
  1428. rem Allow UIAccess applications to prompt for elevation without using the secure desktop / 0 (Default) - Disabled / 1 - Enabled
  1429. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "PromptOnSecureDesktop" /t REG_DWORD /d "1" /f
  1430.  
  1431. rem Enforce cryptographic signatures on any interactive application that requests elevation of privilege / 0 (Default) - Disabled / 1 - Enabled
  1432. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ValidateAdminCodeSignatures" /t REG_DWORD /d "1" /f
  1433.  
  1434. rem 1 - Enable command-line auditing
  1435. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Audit" /v "ProcessCreationIncludeCmdLine_Enabled" /t REG_DWORD /d "1" /f
  1436.  
  1437.  
  1438. rem =============================== Windows Scheduled Tasks ================================
  1439.  
  1440.  
  1441. rem UAC Bypass - https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup
  1442. rem UAC Bypass - https://blog.ensilo.com/darkgate-malware
  1443.  
  1444. rem schtasks /Change /TN "Microsoft\Windows\TextServicesFramework\MsCtfMonitor" /Enable
  1445. rem schtasks /Run /TN "Microsoft\Windows\TextServicesFramework\MsCtfMonitor"
  1446. rem schtasks /Change /TN "Microsoft\Office\OfficeBackgroundTaskHandlerRegistration" /Disable
  1447. rem schtasks /End /TN "Microsoft\Office\OfficeBackgroundTaskHandlerRegistration"
  1448.  
  1449. rem Disable Background Synchronization (permanently, it can not be disabled)
  1450. schtasks /DELETE /TN "Microsoft\Windows\SettingSync\BackgroundUploadTask" /f
  1451.  
  1452. schtasks /DELETE /TN "Adobe Flash Player PPAPI Notifier" /f
  1453. schtasks /DELETE /TN "Adobe Flash Player Updater" /f
  1454. schtasks /DELETE /TN "AMDInstallLauncher" /f
  1455. schtasks /DELETE /TN "AMDLinkUpdate" /f
  1456. schtasks /DELETE /TN "Driver Easy Scheduled Scan" /f
  1457. schtasks /DELETE /TN "MicrosoftEdgeUpdateTaskMachineCore" /f
  1458. schtasks /DELETE /TN "MicrosoftEdgeUpdateTaskMachineUA" /f
  1459. schtasks /DELETE /TN "ModifyLinkUpdate" /f
  1460. schtasks /DELETE /TN "Repairing Yandex Browser update service" /f
  1461. schtasks /DELETE /TN "StartCN" /f
  1462. schtasks /DELETE /TN "StartDVR" /f
  1463. schtasks /DELETE /TN "System update for Yandex Browser" /f
  1464. schtasks /DELETE /TN "Update for Yandex Browser" /f
  1465.  
  1466. schtasks /Change /TN "CreateExplorerShellUnelevatedTask" /Enable
  1467.  
  1468. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319" /Disable
  1469. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64" /Disable
  1470. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical" /Disable
  1471. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical" /Disable
  1472. schtasks /Change /TN "Microsoft\Windows\ApplicationData\appuriverifierdaily" /Disable
  1473. schtasks /Change /TN "Microsoft\Windows\ApplicationData\appuriverifierinstall" /Disable
  1474. schtasks /Change /TN "Microsoft\Windows\ApplicationData\CleanupTemporaryState" /Disable
  1475. schtasks /Change /TN "Microsoft\Windows\ApplicationData\DsSvcCleanup" /Disable
  1476. schtasks /Change /TN "Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /Disable
  1477. schtasks /Change /TN "Microsoft\Windows\Application Experience\PcaPatchDbTask" /Disable
  1478. schtasks /Change /TN "Microsoft\Windows\Application Experience\ProgramDataUpdater" /Disable
  1479. schtasks /Change /TN "Microsoft\Windows\Application Experience\StartupAppTask" /Disable
  1480. schtasks /Change /TN "Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup" /Disable
  1481. schtasks /Change /TN "Microsoft\Windows\Autochk\Proxy" /Disable
  1482. schtasks /Change /TN "Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask" /Disable
  1483. schtasks /Change /TN "Microsoft\Windows\CloudExperienceHost\CreateObjectTask" /Disable
  1484. schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /Disable
  1485. schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" /Disable
  1486. schtasks /Change /TN "Microsoft\Windows\Device Information\Device" /Disable
  1487. schtasks /Change /TN "Microsoft\Windows\Device Information\Device User" /Disable
  1488. schtasks /Change /TN "Microsoft\Windows\Defrag\ScheduledDefrag" /Disable
  1489. schtasks /Change /TN "Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner" /Disable
  1490. schtasks /Change /TN "Microsoft\Windows\Diagnosis\Scheduled" /Disable
  1491. schtasks /Change /TN "Microsoft\Windows\DiskCleanup\SilentCleanup" /Disable
  1492. schtasks /Change /TN "Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" /Disable
  1493. schtasks /Change /TN "Microsoft\Windows\DiskFootprint\Diagnostics" /Disable
  1494. schtasks /Change /TN "Microsoft\Windows\DiskFootprint\StorageSense" /Disable
  1495. schtasks /Change /TN "Microsoft\Windows\DUSM\dusmtask" /Disable
  1496. schtasks /Change /TN "Microsoft\Windows\Feedback\Siuf\DmClient" /Disable
  1497. schtasks /Change /TN "Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload" /Disable
  1498. schtasks /Change /TN "Microsoft\Windows\FileHistory\File History (maintenance mode)" /Disable
  1499. schtasks /Change /TN "Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures" /Disable
  1500. schtasks /Change /TN "Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing" /Disable
  1501. schtasks /Change /TN "Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting" /Disable
  1502. schtasks /Change /TN "Microsoft\Windows\Flighting\OneSettings\RefreshCache" /Disable
  1503. schtasks /Change /TN "Microsoft\Windows\HelloFace\FODCleanupTask" /Disable
  1504. schtasks /Change /TN "Microsoft\Windows\Input\LocalUserSyncDataAvailable" /Disable
  1505. schtasks /Change /TN "Microsoft\Windows\Input\MouseSyncDataAvailable" /Disable
  1506. schtasks /Change /TN "Microsoft\Windows\Input\PenSyncDataAvailable" /Disable
  1507. schtasks /Change /TN "Microsoft\Windows\Input\TouchpadSyncDataAvailable" /Disable
  1508. schtasks /Change /TN "Microsoft\Windows\International\Synchronize Language Settings" /Disable
  1509. schtasks /Change /TN "Microsoft\Windows\InstallService\ScanForUpdates" /Disable
  1510. schtasks /Change /TN "Microsoft\Windows\InstallService\ScanForUpdatesAsUser" /Disable
  1511. schtasks /Change /TN "Microsoft\Windows\InstallService\WakeUpAndContinueUpdates" /Disable
  1512. schtasks /Change /TN "Microsoft\Windows\InstallService\WakeUpAndScanForUpdates" /Disable
  1513. schtasks /Change /TN "Microsoft\Windows\InstallService\SmartRetry" /Disable
  1514. schtasks /Change /TN "Microsoft\Windows\LanguageComponentsInstaller\Installation" /Disable
  1515. schtasks /Change /TN "Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources" /Disable
  1516. schtasks /Change /TN "Microsoft\Windows\LanguageComponentsInstaller\Uninstallation" /Disable
  1517. schtasks /Change /TN "Microsoft\Windows\License Manager\TempSignedLicenseExchange" /Disable
  1518. schtasks /Change /TN "Microsoft\Windows\Location\Notifications" /Disable
  1519. schtasks /Change /TN "Microsoft\Windows\Location\WindowsActionDialog" /Disable
  1520. schtasks /Change /TN "Microsoft\Windows\Management\Provisioning\Cellular" /Disable
  1521. schtasks /Change /TN "Microsoft\Windows\Management\Provisioning\Logon" /Disable
  1522. schtasks /Change /TN "Microsoft\Windows\Maintenance\WinSAT" /Disable
  1523. schtasks /Change /TN "Microsoft\Windows\Maps\MapsToastTask" /Disable
  1524. schtasks /Change /TN "Microsoft\Windows\Maps\MapsUpdateTask" /Disable
  1525. schtasks /Change /TN "Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" /Disable
  1526. schtasks /Change /TN "Microsoft\Windows\MUI\LPRemove" /Disable
  1527. schtasks /Change /TN "Microsoft\Windows\Multimedia\SystemSoundsService" /Disable
  1528. schtasks /Change /TN "Microsoft\Windows\NlaSvc\WiFiTask" /Disable
  1529. schtasks /Change /TN "Microsoft\Windows\NetTrace\GatherNetworkInfo" /Disable
  1530. schtasks /Change /TN "Microsoft\Windows\PI\Sqm-Tasks" /Disable
  1531. schtasks /Change /TN "Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" /Disable
  1532. schtasks /Change /TN "Microsoft\Windows\Printing\EduPrintProv" /Disable
  1533. schtasks /Change /TN "Microsoft\Windows\PushToInstall\Registration" /Disable
  1534. schtasks /Change /TN "Microsoft\Windows\Ras\MobilityManager" /Disable
  1535. schtasks /Change /TN "Microsoft\Windows\RecoveryEnvironment\VerifyWinRE" /Disable
  1536. schtasks /Change /TN "Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" /Disable
  1537. schtasks /Change /TN "Microsoft\Windows\RetailDemo\CleanupOfflineContent" /Disable
  1538. schtasks /Change /TN "Microsoft\Windows\Servicing\StartComponentCleanup" /Disable
  1539. schtasks /Change /TN "Microsoft\Windows\SettingSync\BackgroundUploadTask" /Disable
  1540. schtasks /Change /TN "Microsoft\Windows\SettingSync\BackupTask" /Disable
  1541. schtasks /Change /TN "Microsoft\Windows\SettingSync\NetworkStateChangeTask" /Disable
  1542. schtasks /Change /TN "Microsoft\Windows\Shell\CreateObjectTask" /Disable
  1543. schtasks /Change /TN "Microsoft\Windows\Setup\SetupCleanupTask" /Disable
  1544. schtasks /Change /TN "Microsoft\Windows\SpacePort\SpaceAgentTask" /Disable
  1545. schtasks /Change /TN "Microsoft\Windows\SpacePort\SpaceManagerTask" /Disable
  1546. schtasks /Change /TN "Microsoft\Windows\Speech\HeadsetButtonPress" /Disable
  1547. schtasks /Change /TN "Microsoft\Windows\Speech\SpeechModelDownloadTask" /Disable
  1548. schtasks /Change /TN "Microsoft\Windows\StateRepository\MaintenanceTasks" /Disable
  1549. schtasks /Change /TN "Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization" /Disable
  1550. schtasks /Change /TN "Microsoft\Windows\Subscription\EnableLicenseAcquisition" /Disable
  1551. schtasks /Change /TN "Microsoft\Windows\Subscription\LicenseAcquisition" /Disable
  1552. schtasks /Change /TN "Microsoft\Windows\Sysmain\ResPriStaticDbSync" /Disable
  1553. schtasks /Change /TN "Microsoft\Windows\Sysmain\WsSwapAssessmentTask" /Disable
  1554. schtasks /Change /TN "Microsoft\Windows\Task Manager\Interactive" /Disable
  1555. schtasks /Change /TN "Microsoft\Windows\Time Synchronization\ForceSynchronizeTime" /Disable
  1556. schtasks /Change /TN "Microsoft\Windows\Time Synchronization\SynchronizeTime" /Disable
  1557. schtasks /Change /TN "Microsoft\Windows\Time Zone\SynchronizeTimeZone" /Disable
  1558. schtasks /Change /TN "Microsoft\Windows\TPM\Tpm-HASCertRetr" /Disable
  1559. schtasks /Change /TN "Microsoft\Windows\TPM\Tpm-Maintenance" /Disable
  1560. schtasks /Change /TN "Microsoft\Windows\UPnP\UPnPHostConfig" /Disable
  1561. schtasks /Change /TN "Microsoft\Windows\USB\Usb-Notifications" /Disable
  1562. schtasks /Change /TN "Microsoft\Windows\User Profile Service\HiveUploadTask" /Disable
  1563. schtasks /Change /TN "Microsoft\Windows\WCM\WiFiTask" /Disable
  1564. schtasks /Change /TN "Microsoft\Windows\WDI\ResolutionHost" /Disable
  1565. schtasks /Change /TN "Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" /Disable
  1566. schtasks /Change /TN "Microsoft\Windows\WindowsUpdate\Scheduled Start" /Disable
  1567. schtasks /Change /TN "Microsoft\Windows\WlanSvc\CDSSync" /Disable
  1568. schtasks /Change /TN "Microsoft\Windows\WOF\WIM-Hash-Management" /Disable
  1569. schtasks /Change /TN "Microsoft\Windows\WOF\WIM-Hash-Validation" /Disable
  1570. schtasks /Change /TN "Microsoft\Windows\Work Folders\Work Folders Logon Synchronization" /Disable
  1571. schtasks /Change /TN "Microsoft\Windows\Work Folders\Work Folders Maintenance Work" /Disable
  1572. schtasks /Change /TN "Microsoft\Windows\Workplace Join\Automatic-Device-Join" /Disable
  1573. schtasks /Change /TN "Microsoft\Windows\WwanSvc\NotificationTask" /Disable
  1574. schtasks /Change /TN "Microsoft\Windows\WwanSvc\OobeDiscovery" /Disable
  1575.  
  1576.  
  1577. rem ================================== Windows Services ====================================
  1578.  
  1579.  
  1580. rem Security Accounts Manager has to be disabled Manually via services.msc
  1581. rem Disabling Windows Update will do nothing, but if you disable a service, it is dependent on, it will fail to start or check for updates, obviously
  1582.  
  1583. rem Application Information / required by UAC
  1584. rem AppX Deployment Service (AppXSVC) / required by Store
  1585. rem Background Intelligent Transfer Service / required by Windows Updates / depends on Network List Service (starts even when disabled)
  1586. rem Base Filtering Engine / required by Windows Defender Firewall
  1587. rem CNG Key Isolation / required to login to Windows Insider / Switch to Local Account / Set up PIN / Basically everything Credentials related
  1588. rem Credential Manager / required to store credentials (check User Accounts - Credential Manager) / required by apps like Windows Mail to store passwords / An administrator has blocked you from running this app.
  1589. rem Delivery Optimization / required by Windows Updates
  1590. rem Diagnostic Policy Service / required by Windows Diagnostic (Troubleshooting)
  1591. rem DHCP Client / required by Windows Updates (0x80240022)
  1592. rem Distributed Link Tracking Client / sometimes required to open shortcuts and System apps - "Windows cannot access the specified device, path, or file. You may not have the appropriate permission to access the item"
  1593. rem Geolocation Service / required by some Windows Store apps, it can not be enabled when Connected User Experiences and Telemetry is disabled
  1594. rem Microsoft Account Sign-in Assistant / required to login to Microsoft Account
  1595. rem Network Connections / required to manage Network Connections
  1596. rem Network Connection Broker / required to change Network Settings
  1597. rem Network List Service / required by Windows Update and to change Network Settings (when disabled Windows fails to boot - Critical Service Died)
  1598. rem Network Location Awareness / required by Windows Update and Windows Defender Firewall
  1599. rem Network Store Interface Service / disabling disables Windows Firewall (when disabled Windows might fail to boot - Critical Service Died)
  1600. rem Print Spooler / required by printers
  1601. rem Radio Management Service / required to display WiFi networks
  1602. rem Storage Service / required to update store apps
  1603. rem Web Account Manager / required to login to Microsoft Account/Store
  1604. rem Windows Biometric Service / required by biometric devices like a fingerprint reader
  1605. rem Windows Connection Manager / required by WiFi and Data Usage and Windows Update (starts even when disabled)
  1606. rem Windows Defender Firewall (Base Filtering Engine/Network Location Awareness) / required by Windows Update and Store Apps (0x80073d0a)
  1607. rem Windows Driver Foundation - User-mode Driver Framework / required by some drivers like USB devices
  1608. rem Windows Image Acquisition (WIA) / required by scanners
  1609. rem Windows Management Instrumentation / required by wmic commands / disabled to prevent some fileless malware
  1610.  
  1611. rem Adobe Flash Player Update Service
  1612. sc config AdobeFlashPlayerUpdateSvc start= disabled
  1613.  
  1614. rem AMD External Events Utility
  1615. sc config "AMD External Events Utility" start= disabled
  1616.  
  1617. rem AMD Log Utility
  1618. sc config "AMD Log Utility" start= disabled
  1619.  
  1620. rem Application Layer Gateway Service
  1621. sc config ALG start= disabled
  1622.  
  1623. rem AppX Deployment Service (AppXSVC)
  1624. reg add "HKLM\System\CurrentControlSet\Services\AppXSvc" /v "Start" /t REG_DWORD /d "2" /f
  1625.  
  1626. rem AVCTP service
  1627. sc config BthAvctpSvc start= disabled
  1628.  
  1629. rem Background Intelligent Transfer Service
  1630. rem https://www.secureworks.com/blog/malware-lingers-with-bits
  1631. sc config BITS start= demand
  1632.  
  1633. rem Base Filtering Engine
  1634. reg add "HKLM\System\CurrentControlSet\Services\BFE" /v "Start" /t REG_DWORD /d "2" /f
  1635.  
  1636. rem Beep
  1637. sc config Beep start= disabled
  1638.  
  1639. rem BitLocker Drive Encryption Service
  1640. sc config BDESVC start= disabled
  1641.  
  1642. rem CDPUserSvc
  1643. sc config CDPUserSvc start= disabled
  1644.  
  1645. rem Certificate Propagation
  1646. sc config CertPropSvc start= disabled
  1647.  
  1648. rem Clipboard User Service
  1649. reg add "HKLM\System\CurrentControlSet\Services\cbdhsvc" /v "Start" /t REG_DWORD /d "4" /f
  1650.  
  1651. rem COM+ Event System
  1652. sc config EventSystem start= disabled
  1653.  
  1654. rem Connected Devices Platform Service
  1655. sc config CDPSvc start= disabled
  1656.  
  1657. rem Connected User Experiences and Telemetry
  1658. sc config DiagTrack start= disabled
  1659.  
  1660. rem Credential Manager
  1661. sc config VaultSvc start= disabled
  1662.  
  1663. rem Cryptographic Services
  1664. sc config VaultSvc start= demand
  1665.  
  1666. rem Data Usage
  1667. sc config DusmSvc start= disabled
  1668.  
  1669. rem Delivery Optimization
  1670. reg add "HKLM\System\CurrentControlSet\Services\DoSvc" /v "Start" /t REG_DWORD /d "4" /f
  1671.  
  1672. rem Device Management Wireless Application Protocol (WAP) Push message Routing Service
  1673. sc config dmwappushservice start= disabled
  1674.  
  1675. rem DHCP Client
  1676. sc config Dhcp start= disabled
  1677.  
  1678. rem Diagnostic Policy Service
  1679. sc config DPS start= disabled
  1680.  
  1681. rem Diagnostic Hub (Privacy/Telemetry)
  1682. sc config diagnosticshub.standardcollector.service start= disabled
  1683.  
  1684. rem Display Enhancement Service
  1685. sc config DisplayEnhancementService start= disabled
  1686.  
  1687. rem Display Policy Service
  1688. sc config DispBrokerDesktopSvc start= disabled
  1689.  
  1690. rem Distributed Link Tracking Client
  1691. sc config TrkWks start= demand
  1692.  
  1693. rem Distributed Transaction Coordinator
  1694. sc config MSDTC start= disabled
  1695.  
  1696. rem DNS Client (Required by the internet connection, unless you set up DNS servers manually in IPv4/6's properties)
  1697. reg add "HKLM\System\CurrentControlSet\Services\Dnscache" /v "Start" /t REG_DWORD /d "4" /f
  1698.  
  1699. rem Downloaded Maps Manager
  1700. sc config MapsBroker start= disabled
  1701.  
  1702. rem Encrypting File System (EFS)
  1703. sc config EFS start= disabled
  1704.  
  1705. rem Function Discovery Provider Host
  1706. sc config fdPHost start= disabled
  1707.  
  1708. rem Function Discovery Resource Publication
  1709. sc config FDResPub start= disabled
  1710.  
  1711. rem Geolocation Service
  1712. sc config lfsvc start= disabled
  1713.  
  1714. rem IKE and AuthIP IPsec Keying Modules
  1715. sc config IKEEXT start= disabled
  1716.  
  1717. rem IP Helper
  1718. sc config iphlpsvc start= disabled
  1719.  
  1720. rem IPsec Policy Agent
  1721. sc config PolicyAgent start= disabled
  1722.  
  1723. rem Microsoft Edge Elevation Service
  1724. sc config MicrosoftEdgeElevationService start= disabled
  1725.  
  1726. rem Microsoft Edge Update Service (edgeupdate)
  1727. sc config edgeupdate start= disabled
  1728.  
  1729. rem Microsoft Edge Update Service (edgeupdatem)
  1730. sc config edgeupdatem start= disabled
  1731.  
  1732. rem Network Connections
  1733. sc config Netman start= demand
  1734.  
  1735. rem Network Location Awareness
  1736. sc config NlaSvc start= auto
  1737.  
  1738. rem Network Store Interface Service
  1739. sc config nsi start= auto
  1740.  
  1741. rem Optimize drives
  1742. sc config defragsvc start= disabled
  1743.  
  1744. rem Portable Device Enumerator Service
  1745. sc config WPDBusEnum start= disabled
  1746.  
  1747. rem Print Spooler
  1748. sc config Spooler start= disabled
  1749.  
  1750. rem Program Compatibility Assistant Service
  1751. sc config PcaSvc start= disabled
  1752.  
  1753. rem Radio Management Service
  1754. sc config RmSvc start= disabled
  1755.  
  1756. rem Remote Access Connection Manager
  1757. sc config RasMan start= disabled
  1758.  
  1759. rem Remote Desktop Services
  1760. sc config TermService start= disabled
  1761.  
  1762. rem Retail Demo
  1763. sc config RetailDemo start=disabled
  1764.  
  1765. rem Secure Socket Tunneling Protocol Service
  1766. sc config SstpSvc start= disabled
  1767.  
  1768. rem Security Centre
  1769. reg add "HKLM\System\CurrentControlSet\Services\wscsvc" /v "Start" /t REG_DWORD /d "4" /f
  1770.  
  1771. rem Server
  1772. sc config LanmanServer start= disabled
  1773.  
  1774. rem Shell Hardware Detection
  1775. sc config ShellHWDetection start= disabled
  1776.  
  1777. rem Smart Card
  1778. sc config SCardSvr start= disabled
  1779.  
  1780. rem Storage Service
  1781. sc config StorSvc start= disabled
  1782.  
  1783. rem SSDP Discovery
  1784. sc config SSDPSRV start= disabled
  1785.  
  1786. rem Superfetch
  1787. sc config SysMain start= disabled
  1788.  
  1789. rem System Guard Runtime Monitor Broker
  1790. reg add "HKLM\System\CurrentControlSet\Services\SgrmBroker" /v "Start" /t REG_DWORD /d "4" /f
  1791.  
  1792. rem Task Scheduler
  1793. rem reg add "HKLM\System\CurrentControlSet\Services\Schedule" /v "Start" /t REG_DWORD /d "4" /f
  1794.  
  1795. rem TCP/IP NetBIOS Helper (Required by some internet connections like aDSL)
  1796. sc config lmhosts start= disabled
  1797.  
  1798. rem Themes
  1799. sc config Themes start= disabled
  1800.  
  1801. rem Tile Data model server
  1802. reg add "HKLM\System\CurrentControlSet\Services\tiledatamodelsvc" /v "Start" /t REG_DWORD /d "4" /f
  1803.  
  1804. rem Touch Keyboard and Handwriting Panel Service (keeps ctfmon.exe running)
  1805. sc config TabletInputService start= disabled
  1806.  
  1807. rem Update Orchestrator Service
  1808. reg add "HKLM\System\CurrentControlSet\Services\UsoSvc" /v "Start" /t REG_DWORD /d "4" /f
  1809.  
  1810. rem User Data Access
  1811. reg add "HKLM\System\CurrentControlSet\Services\UserDataSvc" /v "Start" /t REG_DWORD /d "4" /f
  1812.  
  1813. rem User Data Storage
  1814. reg add "HKLM\System\CurrentControlSet\Services\UnistoreSvc" /v "Start" /t REG_DWORD /d "4" /f
  1815.  
  1816. rem Web Account Manager
  1817. sc config TokenBroker start= disabled
  1818.  
  1819. rem WebClient
  1820. sc config WebClient start= disabled
  1821.  
  1822. rem Windows Biometric Service
  1823. sc config WbioSrvc start= disabled
  1824.  
  1825. rem Windows Connect Now - Config Registrar (Required by WPS WiFi connection)
  1826. sc config wcncsvc start= disabled
  1827.  
  1828. rem Windows Connection Manager
  1829. sc config Wcmsvc start= disabled
  1830.  
  1831. rem Windows Defender Firewall
  1832. reg add "HKLM\System\CurrentControlSet\Services\MpsSvc" /v "Start" /t REG_DWORD /d "2" /f
  1833.  
  1834. rem Windows Font Cache Service
  1835. sc config FontCache start= disabled
  1836.  
  1837. rem Windows Management Instrumentation
  1838. rem https://gbhackers.com/fileless-malware-wmi-eternalblue
  1839. sc config Winmgmt start= disabled
  1840.  
  1841. rem Windows Network Data Usage Monitoring Driver service (Kernel mode driver)
  1842. sc config ndu start= disabled
  1843.  
  1844. rem Windows Image Acquisition (WIA)
  1845. sc config stisvc start= disabled
  1846.  
  1847. rem Windows Insider Service
  1848. sc config wisvc start= disabled
  1849.  
  1850. rem Windows Push Notifications System Service
  1851. reg add "HKLM\System\CurrentControlSet\Services\WpnUserService" /v "Start" /t REG_DWORD /d "4" /f
  1852. sc config WpnService start= disabled
  1853.  
  1854. rem Windows PushToInstall Service
  1855. sc config PushToInstall start= disabled
  1856.  
  1857. rem Windows Remote Management (WS-Management)
  1858. sc config WinRM start= disabled
  1859.  
  1860. rem Windows Search
  1861. sc config WSearch start= disabled
  1862.  
  1863. rem Windows Time
  1864. sc config W32Time start= disabled
  1865.  
  1866. rem Windows Update
  1867. sc config wuauserv start= disabled
  1868.  
  1869. rem WinHTTP Web Proxy Auto-Discovery Service
  1870. reg add "HKLM\System\CurrentControlSet\Services\WinHttpAutoProxySvc" /v "Start" /t REG_DWORD /d "4" /f
  1871.  
  1872. rem WMI Performance Adapter
  1873. sc config wmiApSrv start= disabled
  1874.  
  1875. rem Workstation
  1876. sc config LanmanWorkstation start= disabled
  1877.  
  1878. rem Yandex.Browser Update Service
  1879. sc config YandexBrowserService start= disabled
  1880.  
  1881.  
  1882. rem =================================== Windows Settings ===================================
  1883. rem -------------------------------------- Accounts ----------------------------------------
  1884. rem ................................... Sing-in options ....................................
  1885.  
  1886. rem 1 - Automatically save my restartable apps when I sign out and restart them after I sign in
  1887. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "RestartApps" /t REG_DWORD /d "0" /f
  1888.  
  1889.  
  1890. rem =================================== Windows Settings ===================================
  1891. rem -------------------------------------- Accounts ----------------------------------------
  1892. rem ................................. Sync your settings ...................................
  1893.  
  1894. rem 1 - Disable sync
  1895. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync" /v "SyncPolicy" /t REG_DWORD /d "5" /f
  1896. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1897.  
  1898. rem 2 - Disable sync / 1 - Enable
  1899. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableSettingSync" /t REG_DWORD /d "2" /f
  1900.  
  1901. rem Individual sync settings
  1902. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Accessibility" /v "Enabled" /t REG_DWORD /d "0" /f
  1903. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\AppSync" /v "Enabled" /t REG_DWORD /d "0" /f
  1904. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\BrowserSettings" /v "Enabled" /t REG_DWORD /d "0" /f
  1905. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Credentials" /v "Enabled" /t REG_DWORD /d "0" /f
  1906. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\DesktopTheme" /v "Enabled" /t REG_DWORD /d "0" /f
  1907. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Language" /v "Enabled" /t REG_DWORD /d "0" /f
  1908. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\PackageState" /v "Enabled" /t REG_DWORD /d "0" /f
  1909. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Personalization" /v "Enabled" /t REG_DWORD /d "0" /f
  1910. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\StartLayout" /v "Enabled" /t REG_DWORD /d "0" /f
  1911. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Windows" /v "Enabled" /t REG_DWORD /d "0" /f
  1912. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableAppSyncSettingSync" /t REG_DWORD /d "2" /f
  1913. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableAppSyncSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1914. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableApplicationSettingSync" /t REG_DWORD /d "2" /f
  1915. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableApplicationSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1916. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableCredentialsSettingSync" /t REG_DWORD /d "2" /f
  1917. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableCredentialsSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1918. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableDesktopThemeSettingSync" /t REG_DWORD /d "2" /f
  1919. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableDesktopThemeSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1920. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisablePersonalizationSettingSync" /t REG_DWORD /d "2" /f
  1921. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisablePersonalizationSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1922. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableStartLayoutSettingSync" /t REG_DWORD /d "2" /f
  1923. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableStartLayoutSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1924. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableSyncOnPaidNetwork" /t REG_DWORD /d 1 /f
  1925. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableWebBrowserSettingSync" /t REG_DWORD /d "2" /f
  1926. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableWebBrowserSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1927. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableWindowsSettingSync" /t REG_DWORD /d "2" /f
  1928. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableWindowsSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1929.  
  1930.  
  1931. rem =================================== Windows Settings ===================================
  1932. rem ---------------------------------------- Apps ------------------------------------------
  1933. rem ................................... Apps & features ....................................
  1934.  
  1935. rem Choose where you can get apps from - Anywhere / PreferStore / StoreOnly / Recommendations
  1936. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "AicEnabled" /t REG_SZ /d "Anywhere" /f
  1937.  
  1938.  
  1939. rem =================================== Windows Settings ===================================
  1940. rem ---------------------------------------- Apps ------------------------------------------
  1941. rem ................................... Apps & features ....................................
  1942. rem . . . . . . . . . . . . . . . . Programs and Features . . . . . . . . . . . . . . . . .
  1943.  
  1944. rem Dism /Online /Get-Features
  1945. rem Windows Basics
  1946.  
  1947.  
  1948. rem =================================== Windows Settings ===================================
  1949. rem --------------------------------------- Devices ----------------------------------------
  1950. rem ...................................... Autoplay .......................................
  1951.  
  1952. rem 0 - Use Autoplay for all media and devices
  1953. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers" /v "DisableAutoplay" /t REG_DWORD /d "1" /f
  1954.  
  1955. rem ________________________________________________________________________________________
  1956. rem Disable AutoPlay and AutoRun
  1957. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoAutorun" /t REG_DWORD /d "1" /f
  1958. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoDriveTypeAutoRun" /t REG_DWORD /d "255" /f
  1959.  
  1960.  
  1961. rem =================================== Windows Settings ===================================
  1962. rem --------------------------------------- Devices ----------------------------------------
  1963. rem ........................................ Mouse .........................................
  1964. rem . . . . . . . . . . . . . . . . Additional mouse options . . . . . . . . . . . . . . . .
  1965.  
  1966. rem 1/6/10 - Enhance pointer precision (Mouse Acceleration)
  1967. reg add "HKCU\Control Panel\Mouse" /v "MouseSpeed" /t REG_SZ /d "0" /f
  1968. reg add "HKCU\Control Panel\Mouse" /v "MouseThreshold1" /t REG_SZ /d "0" /f
  1969. reg add "HKCU\Control Panel\Mouse" /v "MouseThreshold2" /t REG_SZ /d "0" /f
  1970. rem ________________________________________________________________________________________
  1971. reg add "HKCU\Control Panel\Mouse" /v "MouseTrails" /t REG_SZ /d "0" /f
  1972.  
  1973.  
  1974. rem =================================== Windows Settings ===================================
  1975. rem --------------------------------------- Devices ---------------.------------------------
  1976. rem ....................................... Typing .........................................
  1977.  
  1978. rem Autocorrect misspelled words (Privacy)
  1979. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnableAutocorrection" /t REG_DWORD /d "0" /f
  1980.  
  1981. rem Highlight misspelled words (Privacy)
  1982. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnableSpellchecking" /t REG_DWORD /d "0" /f
  1983.  
  1984. rem Show text suggestions as I type on the software keyboard (Privacy)
  1985. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnableTextPrediction" /t REG_DWORD /d "0" /f
  1986.  
  1987. rem Add a space after I choose a text suggestion (Privacy)
  1988. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnablePredictionSpaceInsertion" /t REG_DWORD /d "0" /f
  1989.  
  1990. rem Add a period after I double-tap the Spacebar (Privacy)
  1991. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnableDoubleTapSpace" /t REG_DWORD /d "0" /f
  1992.  
  1993.  
  1994. rem =================================== Windows Settings ===================================
  1995. rem --------------------------------------- Devices ---------------.------------------------
  1996. rem ....................................... Typing .........................................
  1997. rem . . . . . . . . . . . . . . . . How AI has helped you . . . .  . . . . . . . . . . . . .
  1998.  
  1999. rem Typing insights (Privacy)
  2000. reg add "HKCU\Software\Microsoft\Input\Settings" /v "InsightsEnabled" /t REG_DWORD /d "0" /f
  2001. rem ________________________________________________________________________________________
  2002. reg add "HKCU\Software\Microsoft\InputPersonalization\TrainedDataStore" /v "HarvestContacts" /t REG_DWORD /d "0" /f
  2003. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\TextInput" /v "AllowLinguisticDataCollection" /t REG_DWORD /d "0" /f
  2004.  
  2005.  
  2006. rem =================================== Windows Settings ===================================
  2007. rem --------------------------------------- Devices ---------------.-------------------------
  2008. rem .................................. Pen & Windows Ink ....................................
  2009.  
  2010. rem Show recommended app suggestions (Privacy)
  2011. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\PenWorkspace" /v "PenWorkspaceAppSuggestionsEnabled" /t REG_DWORD /d "0" /f
  2012.  
  2013.  
  2014. rem =================================== Windows Settings ===================================
  2015. rem ------------------------------------ Easy of Access ------------------------------------
  2016. rem ....................................... Keyboard .......................................
  2017.  
  2018. rem Sticky Keys / 26 - Disable All / 511 - Default
  2019. reg add "HKCU\Control Panel\Accessibility\StickyKeys" /v "Flags" /t REG_SZ /d "26" /f
  2020.  
  2021. rem Toggle Keys / 58 - Disable All / 63 - Default
  2022. reg add "HKCU\Control Panel\Accessibility\ToggleKeys" /v "Flags" /t REG_SZ /d "58" /f
  2023.  
  2024. rem ________________________________________________________________________________________
  2025. rem 1 - Disable Windows Key Hotkeys
  2026. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoWinKeys" /t REG_DWORD /d "1" /f
  2027. rem Disable specific Windows Key Hotkeys only (like R = Win+R)
  2028. rem reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "DisabledHotkeys" /t REG_EXPAND_SZ /d "R" /f
  2029.  
  2030.  
  2031. rem =================================== Windows Settings ===================================
  2032. rem ------------------------------------ Easy of Access ------------------------------------
  2033. rem ........................................ Mouse ........................................
  2034.  
  2035. rem Mouse Keys / 254 - Disable / 255 - Default
  2036. reg add "HKCU\Control Panel\Accessibility\MouseKeys" /v "Flags" /t REG_SZ /d "254" /f
  2037.  
  2038.  
  2039. rem =================================== Windows Settings ===================================
  2040. rem ---------------------------------------- Gaming ----------------------------------------
  2041. rem ....................................... Game bar .......................................
  2042.  
  2043. rem 1 - Record game clips, screenshots, and broadcast using Game bar / Disable the message "Press Win + G to open Game bar"
  2044. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v "AppCaptureEnabled" /t REG_DWORD /d "0" /f
  2045.  
  2046. rem 1 - Open Game bar using this button on a controller
  2047. reg add "HKCU\Software\Microsoft\GameBar" /v "UseNexusForGameBarEnabled" /t REG_DWORD /d "0" /f
  2048.  
  2049.  
  2050. rem =================================== Windows Settings ===================================
  2051. rem ---------------------------------------- Gaming ----------------------------------------
  2052. rem ....................................... Game DVR .......................................
  2053.  
  2054. rem ________________________________________________________________________________________
  2055. rem 1 - Show tips when I start a game (ADs)
  2056. reg add "HKCU\Software\Microsoft\GameBar" /v "ShowStartupPanel" /t REG_DWORD /d "0" /f
  2057.  
  2058. rem 0 - Disable Fullscreen Optimizations for Current User / 0 - Enabled / 2 - Disabled
  2059. reg add "HKCU\System\GameConfigStore" /v "GameDVR_FSEBehavior" /t REG_DWORD /d "2" /f
  2060. reg add "HKCU\System\GameConfigStore" /v "GameDVR_HonorUserFSEBehaviorMode" /t REG_DWORD /d "2" /f
  2061.  
  2062. rem 0 - Disable Game DVR / "Press Win + G to record a clip"
  2063. reg add "HKCU\System\GameConfigStore" /v "GameDVR_Enabled" /t REG_DWORD /d "0" /f
  2064. reg add "HKLM\Software\Policies\Microsoft\Windows\GameDVR" /v "AllowgameDVR" /t REG_DWORD /d "0" /f
  2065.  
  2066. reg add "HKLM\System\CurrentControlSet\Services\BcastDVRUserService" /v "Start" /t REG_DWORD /d "4" /f
  2067. reg add "HKLM\System\CurrentControlSet\Services\xbgm" /v "Start" /t REG_DWORD /d "4" /f
  2068. sc config XblAuthManager start= disabled
  2069. sc config XblGameSave start= disabled
  2070. sc config XboxGipSvc start= disabled
  2071. sc config XboxNetApiSvc start= disabled
  2072. schtasks /Change /TN "Microsoft\XblGameSave\XblGameSaveTask" /Disable
  2073.  
  2074. rem Remove Game Bar Presence (to restore run "sfc /scannow")
  2075. takeown /s %computername% /u %username% /f "%WinDir%\System32\GameBarPresenceWriter.exe"
  2076. icacls "%WinDir%\System32\GameBarPresenceWriter.exe" /grant:r %username%:F
  2077. taskkill /im GameBarPresenceWriter.exe /f
  2078. del "%WinDir%\System32\GameBarPresenceWriter.exe" /s /f /q
  2079.  
  2080. reg add "HKCU\Software\Microsoft\GameBar" /v "UseNexusForGameBarEnabled" /t REG_DWORD /d "0" /f
  2081. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v "AppCaptureEnabled" /t REG_DWORD /d "0" /f
  2082. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v "AudioCaptureEnabled" /t REG_DWORD /d "0" /f
  2083. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v "CursorCaptureEnabled" /t REG_DWORD /d "0" /f
  2084.  
  2085.  
  2086. rem =================================== Windows Settings ===================================
  2087. rem ---------------------------------------- Gaming ----------------------------------------
  2088. rem ....................................... Game Mode ......................................
  2089.  
  2090. rem 0 - Disable support for Game Mode
  2091. reg add "HKCU\Software\Microsoft\GameBar" /v "AutoGameModeEnabled" /t REG_DWORD /d "0" /f
  2092.  
  2093. rem 1 - Use Game Mode
  2094. reg add "HKCU\Software\Microsoft\GameBar" /v "AllowAutoGameMode" /t REG_DWORD /d "0" /f
  2095.  
  2096.  
  2097. rem =================================== Windows Settings ===================================
  2098. rem ---------------------------------- Network & Internet ----------------------------------
  2099. rem ................................ Change adapter options ................................
  2100.  
  2101. rem Show public/external IP
  2102. rem nslookup myip.opendns.com. resolver1.opendns.com
  2103.  
  2104. rem Windows wmic command line command
  2105. rem http://www.computerhope.com/wmic.htm
  2106. rem To get adapter's index number use
  2107. rem wmic nicconfig get caption,index,TcpipNetbiosOptions
  2108.  
  2109. rem Disable IPv6
  2110. netsh int ipv6 isatap set state disabled
  2111. netsh int teredo set state disabled
  2112. netsh interface ipv6 6to4 set state state=disabled undoonstop=disabled
  2113. reg add "HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters" /v "DisabledComponents" /t REG_DWORD /d "255" /f
  2114.  
  2115. rem Setup DNS over HTTPS (DoH)
  2116. reg add "HKLM\System\CurrentControlSet\Services\Dnscache\Parameters" /v "EnableAutoDoh" /t REG_DWORD /d "1" /f
  2117.  
  2118. rem Setup DNS Servers on DHCP Enabled Network (CloudflareDNS)
  2119. wmic nicconfig where DHCPEnabled=TRUE call SetDNSServerSearchOrder ("9.9.9.9","149.112.112.112")
  2120.  
  2121. rem Setup IP, Gateway and DNS Servers based on the MAC address (To Enable DHCP: wmic nicconfig where macaddress="28:E3:47:18:70:3D" call enabledhcp)
  2122. rem http://www.subnet-calculator.com/subnet.php?net_class=A
  2123. wmic nicconfig where macaddress="00:D8:61:6E:E8:C5" call EnableStatic ("10.10.10.12"), ("255.255.255.248")
  2124. wmic nicconfig where macaddress="00:D8:61:6E:E8:C5" call SetDNSServerSearchOrder ("9.9.9.9","149.112.112.112")
  2125. wmic nicconfig where macaddress="00:D8:61:6E:E8:C5" call SetGateways ("10.10.10.10")
  2126.  
  2127. rem 0 - Disable LMHOSTS Lookup on all adapters / 1 - Enable
  2128. reg add "HKLM\System\CurrentControlSet\Services\NetBT\Parameters" /v "EnableLMHOSTS" /t REG_DWORD /d "0" /f
  2129.  
  2130. rem 2 - Disable NetBIOS over TCP/IP on all adapters / 1 - Enable / 0 - Default
  2131. wmic nicconfig where TcpipNetbiosOptions=0 call SetTcpipNetbios 2
  2132. wmic nicconfig where TcpipNetbiosOptions=1 call SetTcpipNetbios 2
  2133.  
  2134. rem ________________________________________________________________________________________
  2135. rem https://msdn.microsoft.com/en-us/library/windows/desktop/aa383928(v=vs.85).aspx
  2136. rem https://www.codeproject.com/articles/1158641/windows-continuous-disk-write-plus-webcachev-dat-p
  2137. rem Disable WinInetCacheServer (WinINet Caching/V01.log/WebCacheV01.dat)
  2138. rem %LocalAppData%\Microsoft\Windows\WebCache
  2139. rem Take Ownership of the Registry key - https://www.youtube.com/watch?v=M1l5ifYKefg
  2140. reg delete "HKCR\AppID\{3eb3c877-1f16-487c-9050-104dbcd66683}" /f
  2141. reg delete "HKCR\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}" /v "AppID" /f
  2142. reg delete "HKCR\Wow6432Node\AppID\{3eb3c877-1f16-487c-9050-104dbcd66683}" /f
  2143. reg delete "HKCR\Wow6432Node\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}" /v "AppID" /f
  2144. reg delete "HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{3eb3c877-1f16-487c-9050-104dbcd66683}" /f
  2145. reg delete "HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}" /v "AppID" /f
  2146. schtasks /Change /TN "Microsoft\Windows\Wininet\CacheTask" /Disable
  2147.  
  2148. rem 0 - Disable WiFi Sense (shares your WiFi network login with other people)
  2149. reg add "HKLM\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots" /v "value" /t REG_DWORD /d "0" /f
  2150. reg add "HKLM\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting" /v "value" /t REG_DWORD /d "0" /f
  2151. reg add "HKLM\Software\Microsoft\WcmSvc\wifinetworkmanager\config" /v "AutoConnectAllowedOEM" /t REG_DWORD /d "0" /f
  2152.  
  2153. rem 1 - Disable Domain Name Devolution (DNS AutoCorrect) / 0 - Enabled (Default)
  2154. reg add "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters" /v "UseDomainNameDevolution" /t REG_DWORD /d "0" /f
  2155.  
  2156. rem Restrict NTLM: Incoming NTLM traffic - Deny All
  2157. reg add "HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0" /v "RestrictReceivingNTLMTraffic" /t REG_DWORD /d "2" /f
  2158.  
  2159. rem Restrict NTLM: Outgoing NTLM traffic to remote servers - Deny All
  2160. reg add "HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0" /v "RestrictSendingNTLMTraffic" /t REG_DWORD /d "2" /f
  2161.  
  2162.  
  2163. rem =================================== Windows Settings ===================================
  2164. rem ----------------------------------- Personalization ------------------------------------
  2165. rem ..................................... Background .......................................
  2166.  
  2167. rem Choose your picture (Black/Dark recommended)
  2168. reg add "HKCU\Control Panel\Desktop" /v "Wallpaper" /t REG_SZ /d "D:\Software\Temp\Pics\MLP Wallpapers\Wallpaper.jpg" /f
  2169.  
  2170. rem Choose a fit / 10 - Fill / 6 - Fit / 2 - Stretch / 0 - Tile/Center
  2171. reg add "HKCU\Control Panel\Desktop" /v "WallpaperStyle" /t REG_SZ /d "2" /f
  2172.  
  2173. rem ________________________________________________________________________________________
  2174.  
  2175. rem 60-100% Wallpaper's image quality / 85 - Default
  2176. reg add "HKCU\Control Panel\Desktop" /v "JPEGImportQuality" /t REG_DWORD /d "100" /f
  2177.  
  2178.  
  2179. rem =================================== Windows Settings ===================================
  2180. rem ----------------------------------- Personalization ------------------------------------
  2181. rem ....................................... Colors .........................................
  2182.  
  2183. rem 1 - Automatically pick an accent color from my background
  2184. reg add "HKCU\Control Panel\Desktop" /v "AutoColorization" /t REG_SZ /d "1" /f
  2185.  
  2186. rem 1 - Transparency Effects
  2187. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "EnableTransparency" /t REG_DWORD /d "0" /f
  2188.  
  2189. rem 1 - Show accent color on the following surfaces - Start, taskbar, and action center
  2190. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "ColorPrevalence" /t REG_DWORD /d "1" /f
  2191.  
  2192. rem 1 - Show accent color on the following surfaces - Title bars
  2193. reg add "HKCU\Software\Microsoft\Windows\DWM" /v "ColorPrevalence" /t REG_DWORD /d "1" /f
  2194.  
  2195.  
  2196. rem =================================== Windows Settings ===================================
  2197. rem ----------------------------------- Personalization ------------------------------------
  2198. rem ..................................... Lock screen ......................................
  2199.  
  2200. rem 1 - Get fun facts, tips, tricks, and more on your lock screen (ADs) / Windows Spotlight
  2201. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "RotatingLockScreenEnabled" /t REG_DWORD /d "0" /f
  2202. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "RotatingLockScreenOverlayEnabled" /t REG_DWORD /d "0" /f
  2203. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings" /v "NOC_GLOBAL_SETTING_ALLOW_TOASTS_ABOVE_LOCK" /t REG_DWORD /d "0" /f
  2204.  
  2205. rem ________________________________________________________________________________________
  2206. rem 1 - Disable LockScreen
  2207. reg add "HKLM\Software\Policies\Microsoft\Windows\Personalization" /v "NoLockScreen" /t REG_DWORD /d "1" /f
  2208.  
  2209. rem 1 - Disable Sign-in Screen Background Image
  2210. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "DisableLogonBackgroundImage" /t REG_DWORD /d "1" /f
  2211.  
  2212. rem 1 - Disable Windows spotlight (provides features such as different background images and text on the lock screen, suggested apps)
  2213. reg add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d "1" /f
  2214. reg add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsSpotlightFeatures" /t REG_DWORD /d "1" /f
  2215.  
  2216.  
  2217. rem =================================== Windows Settings ===================================
  2218. rem ----------------------------------- Personalization ------------------------------------
  2219. rem ..................................... Lock screen ......................................
  2220. rem . . . . . . . . . . . . . . . . . Screen saver settings . . . . . . . . . . . . . . . .
  2221.  
  2222. rem 0 - No screen saver is selected / 1 - A screen saver is selected
  2223. reg add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d "1" /f
  2224.  
  2225. rem Specifies whether the screen saver is password-protected / 0 - No / 1 - Yes
  2226. reg add "HKCU\Control Panel\Desktop" /v "ScreenSaverIsSecure" /t REG_SZ /d "0" /f
  2227.  
  2228. rem Specifies in seconds how long the System remains idle before the screen saver starts
  2229. reg add "HKCU\Control Panel\Desktop" /v "ScreenSaveTimeOut" /t REG_SZ /d "250" /f
  2230.  
  2231. rem Screensaver - Mystify.scr
  2232. reg add "HKCU\Control Panel\Desktop" /v "SCRNSAVE.EXE" /t REG_SZ /d "C:\Windows\PONY_ALL_NO_SOUND.scr" /f
  2233.  
  2234.  
  2235. rem =================================== Windows Settings ===================================
  2236. rem ----------------------------------- Personalization ------------------------------------
  2237. rem ........................................ Start .........................................
  2238.  
  2239. rem 1 - Show suggestions occasionally in Start (ADs)
  2240. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d "0" /f
  2241. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d "0" /f
  2242.  
  2243. rem 1 - Show recently opened items in Jump Lists on Start or the taskbar
  2244. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Start_TrackDocs" /t REG_DWORD /d "0" /f
  2245.  
  2246.  
  2247. rem =================================== Windows Settings ===================================
  2248. rem ----------------------------------- Personalization ------------------------------------
  2249. rem ....................................... Taskbar ........................................
  2250.  
  2251. rem Lock the taskbar
  2252. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarSizeMove" /t REG_DWORD /d "0" /f
  2253.  
  2254. rem Replace Command Prompt with Windows Powershell in the menu when I right-click the start button or press Windows key+X
  2255. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "DontUsePowerShellOnWinX" /t REG_DWORD /d "1" /f
  2256.  
  2257. rem Combine taskbar buttons / 0 - Always hide labels / 1 - When taskbar is full / 2 - Never
  2258. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarGlomLevel" /t REG_DWORD /d "0" /f
  2259.  
  2260. rem 1 - Show contacts on the taskbar
  2261. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\People" /v "PeopleBand" /t REG_DWORD /d "0" /f
  2262.  
  2263. rem ________________________________________________________________________________________
  2264. rem 0 - Turn on Quiet Hours in Action Center / Disable/Hide the message: Turn on Windows Security Center service
  2265. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings" /v "NOC_GLOBAL_SETTING_TOASTS_ENABLED" /t REG_DWORD /d "0" /f
  2266.  
  2267. rem 0 - Hide Task View button
  2268. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d "0" /f
  2269.  
  2270. rem 0 - Disable Cortana in Taskbar search
  2271. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "BingSearchEnabled" /t REG_DWORD /d "0" /f
  2272. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "CortanaEnabled" /t REG_DWORD /d "0" /f
  2273.  
  2274. rem 0 - Cortana Button on Taskbar / 0 - Hide / 1 - Show
  2275. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCortanaButton" /t REG_DWORD /d "0" /f
  2276.  
  2277. rem 0 - Hide Taskbar search / 1 - Show search icon / 2 - Show search box
  2278. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d "0" /f
  2279.  
  2280.  
  2281. rem =================================== Windows Settings ===================================
  2282. rem ----------------------------------- Personalization ------------------------------------
  2283. rem ....................................... Taskbar ........................................
  2284. rem . . . . . . . . . . . . . Select which icons appear on the taskbar . . . . . . . . . . .
  2285.  
  2286. rem 0 - Always show all icons in the notification area / 1 - Hide Inactive Icons
  2287. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "EnableAutoTray" /t REG_DWORD /d "0" /f
  2288.  
  2289.  
  2290. rem =================================== Windows Settings ===================================
  2291. rem ----------------------------------- Personalization ------------------------------------
  2292. rem ....................................... Taskbar ........................................
  2293. rem . . . . . . . . . . . . . . . . . Turn on system icons . . . . . . . . . . . . . . . . .
  2294.  
  2295. rem 1 - Hide Action Center System Tray Icon in Taskbar
  2296. reg add "HKCU\Software\Policies\Microsoft\Windows\Explorer" /v "DisableNotificationCenter" /t REG_DWORD /d "1" /f
  2297.  
  2298. rem 1 - Hide Action Network System Tray Icon in Taskbar
  2299. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCANetwork" /t REG_DWORD /d "1" /f
  2300.  
  2301. rem 1 - Hide Action Power System Tray Icon in Taskbar
  2302. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCAPower" /t REG_DWORD /d "0" /f
  2303.  
  2304. rem 1 - Hide Volume System Tray Icon in Taskbar
  2305. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCAVolume" /t REG_DWORD /d "1" /f
  2306.  
  2307.  
  2308. rem =================================== Windows Settings ===================================
  2309. rem ----------------------------------- Personalization ------------------------------------
  2310. rem ....................................... Themes .........................................
  2311. rem . . . . . . . . . . . . . . . . . Desktop Icon Settings . . . . . . . . . . . . . . . .
  2312.  
  2313. rem Hide Control Panel
  2314. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}" /t REG_DWORD /d "1" /f
  2315.  
  2316. rem Hide Network
  2317. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" /t REG_DWORD /d "1" /f
  2318.  
  2319. rem Hide Recycle Bin
  2320. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{645FF040-5081-101B-9F08-00AA002F954E}" /t REG_DWORD /d "1" /f
  2321.  
  2322. rem Hide Quick access
  2323. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{679f85cb-0220-4080-b29b-5540cc05aab6}" /t REG_DWORD /d "1" /f
  2324.  
  2325. rem Hide This PC
  2326. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d "1" /f
  2327.  
  2328. rem Hide User's Files
  2329. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{59031a47-3f72-44a7-89c5-5595fe6b30ee}" /t REG_DWORD /d "1" /f
  2330.  
  2331.  
  2332. rem =================================== Windows Settings ===================================
  2333. rem ----------------------------------- Personalization ------------------------------------
  2334. rem ....................................... Themes .........................................
  2335. rem . . . . . . . . . . . . . . . . . . . . Sounds . . . . . . . . . . . . . . . . . . . . .
  2336.  
  2337. rem Delete Windows Default Sounds (Permanently)
  2338. reg delete "HKCU\AppEvents\Schemes\Apps" /f
  2339.  
  2340. rem When windows detects communications activity / 0 - Mute all other sounds / 1 - Reduce all other by 80% / 2 - Reduce all other by 50% / 3 - Do nothing
  2341. reg add "HKCU\Software\Microsoft\Multimedia\Audio" /v "UserDuckingPreference" /t REG_DWORD /d "3" /f
  2342.  
  2343.  
  2344. rem =================================== Windows Settings ===================================
  2345. rem ---------------------------------------- Privacy ---------------------------------------
  2346.  
  2347. rem Let apps access ... / 0 - Default / 1 - Enabled / 2 - Disabled
  2348. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessGazeInput" /t REG_DWORD /d "2" /f
  2349.  
  2350. rem Let apps access ... / 0 - Default / 1 - Enabled / 2 - Disabled
  2351. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMotion" /t REG_DWORD /d "2" /f
  2352.  
  2353. rem Let apps access ... / 0 - Default / 1 - Enabled / 2 - Disabled
  2354. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessPhone" /t REG_DWORD /d "2" /f
  2355.  
  2356. rem Disable Cortana
  2357. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "AllowCortana" /t REG_DWORD /d "0" /f
  2358. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "CortanaCapabilities" /t REG_SZ /d "" /f
  2359. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "CortanaConsent" /t REG_DWORD /d "0" /f
  2360. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "DeviceHistoryEnabled" /t REG_DWORD /d "0" /f
  2361. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "IsAssignedAccess" /t REG_DWORD /d "0" /f
  2362. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "IsWindowsHelloActive" /t REG_DWORD /d "0" /f
  2363. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Windows Search" /v "CortanaConsent" /t REG_DWORD /d "0" /f
  2364. reg add "HKLM\Software\Microsoft\PolicyManager\default\Experience\AllowCortana" /v "value" /t REG_DWORD /d "0" /f
  2365. reg add "HKLM\Software\Policies\Microsoft\SearchCompanion" /v "DisableContentFileUpdates" /t REG_DWORD /d "1" /f
  2366. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "AllowCloudSearch" /t REG_DWORD /d "0" /f
  2367. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d "0" /f
  2368. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "AllowCortanaAboveLock" /t REG_DWORD /d "0" /f
  2369. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d "0" /f
  2370. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchPrivacy" /t REG_DWORD /d "3" /f
  2371. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWeb" /t REG_DWORD /d "0" /f
  2372. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWebOverMeteredConnections" /t REG_DWORD /d "0" /f
  2373. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "DisableWebSearch" /t REG_DWORD /d "1" /f
  2374. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "DoNotUseWebResults" /t REG_DWORD /d "1" /f
  2375.  
  2376. rem 1 - Let Cortana respond to "Hey Cortana"
  2377. reg add "HKCU\Software\Microsoft\Speech_OneCore\Preferences" /v "VoiceActivationOn" /t REG_DWORD /d "0" /f
  2378.  
  2379. rem 1- Let Cortana listen for my commands when I press Windows key + C
  2380. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "VoiceShortcut" /t REG_DWORD /d "0" /f
  2381.  
  2382. rem 1 - Use Cortana even when my device is locked
  2383. reg add "HKCU\Software\Microsoft\Speech_OneCore\Preferences" /v "VoiceActivationEnableAboveLockscreen" /t REG_DWORD /d "0" /f
  2384.  
  2385. rem Disable keyboard input/monitoring in apps like Calc, Edge, Search, Start, Store
  2386. schtasks /Change /TN "Microsoft\Windows\TextServicesFramework\MsCtfMonitor" /Disable
  2387.  
  2388. rem Remove Cortana app
  2389. takeown /s %computername% /u %username% /f "%WINDIR%\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe"
  2390. icacls "%WINDIR%\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" /inheritance:r /grant:r %username%:F
  2391. del "%WINDIR%\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" /s /f /q
  2392.  
  2393.  
  2394. rem =================================== Windows Settings ===================================
  2395. rem ---------------------------------------- Privacy ---------------------------------------
  2396. rem ...................................... Account info ....................................
  2397.  
  2398. rem Allow/Deny - Allow access to account info on this device
  2399. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userAccountInformation" /v "Value" /t REG_SZ /d "Deny" /f
  2400.  
  2401. rem Allow/Deny - Allow apps to access your account info
  2402. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userAccountInformation" /v "Value" /t REG_SZ /d "Deny" /f
  2403.  
  2404. rem Let apps access my name, picture, and other account info / 0 - Default / 1 - Enabled / 2 - Disabled
  2405. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessAccountInfo" /t REG_DWORD /d "2" /f
  2406.  
  2407.  
  2408. rem =================================== Windows Settings ===================================
  2409. rem ---------------------------------------- Privacy ---------------------------------------
  2410. rem .................................... Activity History ..................................
  2411.  
  2412. rem Allow/Deny - Allow access to app diagnostic info on this device
  2413. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\activity" /v "Value" /t REG_SZ /d "Deny" /f
  2414.  
  2415. rem Allow/Deny - Allow Apps to access diagnostic info about your other apps
  2416. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\activity" /v "Value" /t REG_SZ /d "Deny" /f
  2417.  
  2418. rem Collect Activity History / 0 - Disabled / 1 - Enabled
  2419. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "EnableActivityFeed" /t REG_DWORD /d "0" /f
  2420.  
  2421. rem Let Windows collect my activities from this PC / 0 - Disabled / 1 - Enabled
  2422. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "PublishUserActivities" /t REG_DWORD /d "0" /f
  2423.  
  2424. rem Let Windows collect my activities from this PC to the cloud / 0 - Disabled / 1 - Enabled
  2425. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "UploadUserActivities" /t REG_DWORD /d "0" /f
  2426.  
  2427.  
  2428. rem =================================== Windows Settings ===================================
  2429. rem ---------------------------------------- Privacy ---------------------------------------
  2430. rem ..................................... App diagnostic ...................................
  2431.  
  2432. rem Allow/Deny - Allow access to app diagnostic info on this device
  2433. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appDiagnostics" /v "Value" /t REG_SZ /d "Deny" /f
  2434.  
  2435. rem Allow/Deny - Allow Apps to access diagnostic info about your other apps
  2436. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appDiagnostics" /v "Value" /t REG_SZ /d "Deny" /f
  2437.  
  2438. rem Let apps access diagnostic information / 0 - Default / 1 - Enabled / 2 - Disabled
  2439. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsGetDiagnosticInfo" /t REG_DWORD /d "2" /f
  2440.  
  2441. rem ________________________________________________________________________________________
  2442. rem reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{2297E4E2-5DBE-466D-A12B-0F8286F0D9CA}" /v "Value" /t REG_SZ /d "Deny" /f
  2443.  
  2444.  
  2445. rem =================================== Windows Settings ===================================
  2446. rem ---------------------------------------- Privacy ---------------------------------------
  2447. rem .................................... Background apps ..................................
  2448.  
  2449. rem Let apps run in the background / 1 - Enabled / 0 - Disabled
  2450. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "BackgroundAppGlobalToggle" /t REG_DWORD /d "0" /f
  2451.  
  2452. rem Let apps run in the background / 0 - Enabled / 1 - Disabled
  2453. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /d "1" /f
  2454.  
  2455. rem Let apps run in the background / 0 - Default / 1 - Enabled / 2 - Disabled
  2456. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsRunInBackground" /t REG_DWORD /d "2" /f
  2457.  
  2458.  
  2459. rem =================================== Windows Settings ===================================
  2460. rem ---------------------------------------- Privacy ---------------------------------------
  2461. rem ....................................... Calendar .......................................
  2462.  
  2463. rem Allow/Deny - Allow access to calendars on this device
  2464. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appointments" /v "Value" /t REG_SZ /d "Deny" /f
  2465.  
  2466. rem Allow/Deny - Allow apps to access your calendar
  2467. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\appointments" /v "Value" /t REG_SZ /d "Deny" /f
  2468.  
  2469. rem Let Windows apps access contacts / 0 - Default / 1 - Enabled / 2 - Disabled
  2470. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCalendar" /t REG_DWORD /d "2" /f
  2471.  
  2472.  
  2473. rem =================================== Windows Settings ===================================
  2474. rem ---------------------------------------- Privacy ---------------------------------------
  2475. rem ..................................... Call history .....................................
  2476.  
  2477. rem Allow/Deny - Allow access to call history on this device
  2478. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCallHistory" /v "Value" /t REG_SZ /d "Deny" /f
  2479.  
  2480. rem Allow/Deny - Allow apps to access your call history
  2481. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCallHistory" /v "Value" /t REG_SZ /d "Deny" /f
  2482.  
  2483. rem Let apps access my call history / 0 - Default / 1 - Enabled / 2 - Disabled
  2484. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCallHistory" /t REG_DWORD /d "2" /f
  2485.  
  2486.  
  2487. rem =================================== Windows Settings ===================================
  2488. rem ---------------------------------------- Privacy ---------------------------------------
  2489. rem ........................................ Camera ........................................
  2490.  
  2491. rem Allow/Deny - Allow access to camera on this device
  2492. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam" /v "Value" /t REG_SZ /d "Deny" /f
  2493.  
  2494. rem Allow/Deny - Allow Apps to access your camera
  2495. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam" /v "Value" /t REG_SZ /d "Deny" /f
  2496.  
  2497. rem Let apps use my camera / 0 - Default / 1 - Enabled / 2 - Disabled
  2498. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera" /t REG_DWORD /d "2" /f
  2499. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera_ForceAllowTheseApps" /t REG_MULTI_SZ /d "" /f
  2500. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera_ForceDenyTheseApps" /t REG_MULTI_SZ /d "" /f
  2501. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera_UserInControlOfTheseApps" /t REG_MULTI_SZ /d "" /f
  2502.  
  2503.  
  2504. rem =================================== Windows Settings ===================================
  2505. rem ---------------------------------------- Privacy ---------------------------------------
  2506. rem ..................................... Cellular Data ....................................
  2507.  
  2508. rem Allow/Deny - Allow access to cellular data on this device
  2509. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\cellularData" /v "Value" /t REG_SZ /d "Deny" /f
  2510.  
  2511. rem Allow/Deny - Allow apps to access your cellular data
  2512. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\cellularData" /v "Value" /t REG_SZ /d "Deny" /f
  2513.  
  2514.  
  2515. rem =================================== Windows Settings ===================================
  2516. rem ---------------------------------------- Privacy ---------------------------------------
  2517. rem ......................................... Chat .........................................
  2518.  
  2519. rem Allow/Deny - Allow access to messaging on this device
  2520. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\chat" /v "Value" /t REG_SZ /d "Deny" /f
  2521.  
  2522. rem Allow/Deny - Allow Apps to read or send messages
  2523. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\chat" /v "Value" /t REG_SZ /d "Deny" /f
  2524.  
  2525. rem ________________________________________________________________________________________
  2526. reg add "HKCU\Software\Microsoft\Messaging" /v "CloudServiceSyncEnabled" /t REG_DWORD /d "0" /f
  2527.  
  2528.  
  2529. rem =================================== Windows Settings ===================================
  2530. rem ---------------------------------------- Privacy ---------------------------------------
  2531. rem ....................................... Contacts .......................................
  2532.  
  2533. rem Allow/Deny - Allow access to contacts on this device
  2534. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\contacts" /v "Value" /t REG_SZ /d "Deny" /f
  2535.  
  2536. rem Allow/Deny - Allow Apps to access your contacts
  2537. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\contacts" /v "Value" /t REG_SZ /d "Deny" /f
  2538.  
  2539. rem Let Windows apps access contacts / 0 - Default / 1 - Enabled / 2 - Disabled
  2540. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessContacts" /t REG_DWORD /d "2" /f
  2541.  
  2542.  
  2543. rem =================================== Windows Settings ===================================
  2544. rem ---------------------------------------- Privacy ---------------------------------------
  2545. rem ....................................... Documents ......................................
  2546.  
  2547. rem Allow/Deny - Document libraries access for this device
  2548. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\documentsLibrary" /v "Value" /t REG_SZ /d "Deny" /f
  2549.  
  2550. rem Allow/Deny - Allow Apps to access your documents library
  2551. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\documentsLibrary" /v "Value" /t REG_SZ /d "Deny" /f
  2552.  
  2553.  
  2554. rem =================================== Windows Settings ===================================
  2555. rem ---------------------------------------- Privacy ---------------------------------------
  2556. rem ................................... Downloads folder ...................................
  2557.  
  2558. rem Allow/Deny - Downloads folders access on this device
  2559. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\downloadsFolder" /v "Value" /t REG_SZ /d "Deny" /f
  2560.  
  2561. rem Allow/Deny - Allow Apps to access your downloads folder
  2562. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\downloadsFolder" /v "Value" /t REG_SZ /d "Deny" /f
  2563.  
  2564.  
  2565. rem =================================== Windows Settings ===================================
  2566. rem ---------------------------------------- Privacy ---------------------------------------
  2567. rem ......................................... Email ........................................
  2568.  
  2569. rem Allow/Deny - Allow access to email on this device
  2570. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\email" /v "Value" /t REG_SZ /d "Deny" /f
  2571.  
  2572. rem Allow/Deny - Allow apps to access your email
  2573. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\email" /v "Value" /t REG_SZ /d "Deny" /f
  2574.  
  2575. rem Let apps access and send email / 0 - Default / 1 - Enabled / 2 - Disabled
  2576. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessEmail" /t REG_DWORD /d "2" /f
  2577.  
  2578.  
  2579. rem =================================== Windows Settings ===================================
  2580. rem ---------------------------------------- Privacy ---------------------------------------
  2581. rem ................................. Feedback & diagnostics ...............................
  2582.  
  2583. rem Diagnostic and usage data - Select how much data you send to Microsoft / 0 - Security (Not aplicable on Home/Pro, it resets to Basic) / 1 - Basic / 2 - Enhanced (Hidden) / 3 - Full
  2584. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
  2585. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Application-Experience/Program-Telemetry" /v "Enabled" /t REG_DWORD /d "0" /f
  2586. reg add "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /v "AllowDeviceNameInTelemetry" /t REG_DWORD /d "0" /f
  2587. reg add "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
  2588. reg add "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /v "DoNotShowFeedbackNotifications" /t REG_DWORD /d "1" /f
  2589. reg add "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /v "MaxTelemetryAllowed" /t REG_DWORD /d "0" /f
  2590.  
  2591. rem 1 - Let Microsoft provide more tailored experiences with relevant tips and recommendations by using your diagnostic data
  2592. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Privacy" /v "TailoredExperiencesWithDiagnosticDataEnabled" /t REG_DWORD /d "0" /f
  2593. reg add "HKCU\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableTailoredExperiencesWithDiagnosticData" /t REG_DWORD /d "1" /f
  2594. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Privacy" /v "TailoredExperiencesWithDiagnosticDataEnabled" /t REG_DWORD /d "0" /f
  2595.  
  2596. rem Feedback Frequency - Windows should ask for my feedback: 0 - Never / Removed - Automatically
  2597. reg add "HKCU\Software\Microsoft\Siuf\Rules" /v "NumberOfSIUFInPeriod" /t REG_DWORD /d "0" /f
  2598. reg add "HKCU\Software\Microsoft\Siuf\Rules" /v "PeriodInNanoSeconds" /t REG_DWORD /d "0" /f
  2599.  
  2600. rem ________________________________________________________________________________________
  2601. rem 0 - Disable Help Experience Improvement Program (HEIP)
  2602. reg add "HKCU\Software\Microsoft\Assistance\Client\1.0\Settings" /v "ImplicitFeedback" /t REG_DWORD /d "0" /f
  2603. reg add "HKCU\Software\Microsoft\Assistance\Client\1.0\Settings" /v "OnlineAssist" /t REG_DWORD /d "0" /f
  2604. reg add "HKCU\Software\Microsoft\Assistance\Client\1.0\Settings" /v "FirstTimeHelppaneStartup" /t REG_DWORD /d "0" /f
  2605. reg add "HKCU\Software\Microsoft\Assistance\Client\1.0\Settings" /v "NoActiveHelp" /t REG_DWORD /d "1" /f
  2606. reg add "HKCU\Software\Microsoft\Assistance\Client\1.0\Settings" /v "NoExplicitFeedback" /t REG_DWORD /d "1" /f
  2607. reg add "HKCU\Software\Microsoft\Assistance\Client\1.0\Settings" /v "NoImplicitFeedback" /t REG_DWORD /d "1" /f
  2608. reg add "HKCU\Software\Microsoft\Assistance\Client\1.0\Settings" /v "NoOnlineAssist" /t REG_DWORD /d "1" /f
  2609.  
  2610.  
  2611. rem =================================== Windows Settings ===================================
  2612. rem ---------------------------------------- Privacy ---------------------------------------
  2613. rem ...................................... File System .....................................
  2614.  
  2615. rem Allow/Deny - File system access for this device
  2616. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\broadFileSystemAccess" /v "Value" /t REG_SZ /d "Deny" /f
  2617.  
  2618. rem Allow/Deny - Allow Apps to access your file system
  2619. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\broadFileSystemAccess" /v "Value" /t REG_SZ /d "Deny" /f
  2620.  
  2621.  
  2622. rem =================================== Windows Settings ===================================
  2623. rem ---------------------------------------- Privacy ---------------------------------------
  2624. rem ........................................ General ......................................
  2625.  
  2626. rem Let apps use advertising ID to make ads more interesting to you based on your app usage
  2627. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f
  2628. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f
  2629. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f
  2630. reg add "HKLM\Software\Policies\Microsoft\Windows\AdvertisingInfo" /v "DisabledByGroupPolicy" /t REG_DWORD /d "1" /f
  2631.  
  2632. rem 0 - Let websites provide locally relevant content by accessing my language list (let browsers access your local language)
  2633. reg add "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /d "1" /f
  2634.  
  2635. rem 1 - Let Windows track app launches to improve Start and search results (Remember commands typed in Run) / 0 - Disable and Disable "Show most used apps"
  2636. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Start_TrackProgs" /t REG_DWORD /d "1" /f
  2637.  
  2638. rem 1 - Show me suggested content in the Settings app
  2639. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d "0" /f
  2640. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353694Enabled" /t REG_DWORD /d "0" /f
  2641. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353696Enabled" /t REG_DWORD /d "0" /f
  2642.  
  2643.  
  2644. rem =================================== Windows Settings ===================================
  2645. rem ---------------------------------------- Privacy ---------------------------------------
  2646. rem ....................................... Location .......................................
  2647.  
  2648. rem 1 - Location for this device is Off
  2649. reg add "HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocation" /t REG_DWORD /d "1" /f
  2650. reg add "HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocationScripting" /t REG_DWORD /d "1" /f
  2651. reg add "HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableSensors" /t REG_DWORD /d "1" /f
  2652. reg add "HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableWindowsLocationProvider" /t REG_DWORD /d "1" /f
  2653.  
  2654. rem 0 - Default / 1 - Enabled / 2 - Disabled
  2655. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessLocation" /t REG_DWORD /d "2" /f
  2656.  
  2657. rem ________________________________________________________________________________________
  2658. rem reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{BFA794E4-F964-4FDB-90F6-51056BFE4B44}" /v "Value" /t REG_SZ /d "Deny" /f
  2659.  
  2660.  
  2661. rem =================================== Windows Settings ===================================
  2662. rem ---------------------------------------- Privacy ---------------------------------------
  2663. rem ....................................... Messaging ......................................
  2664.  
  2665. rem Let apps read or send messages (text or MMS) / 0 - Default / 1 - Enabled / 2 - Disabled
  2666. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMessaging" /t REG_DWORD /d "2" /f
  2667.  
  2668.  
  2669. rem =================================== Windows Settings ===================================
  2670. rem ---------------------------------------- Privacy ---------------------------------------
  2671. rem ...................................... Microphone ......................................
  2672.  
  2673. rem Allow/Deny - Allow access to the microphone on this device
  2674. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone" /v "Value" /t REG_SZ /d "Deny" /f
  2675.  
  2676. rem Allow/Deny - Allow Apps to access your microphone
  2677. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone" /v "Value" /t REG_SZ /d "Deny" /f
  2678.  
  2679. rem Let apps use my microphone / 0 - Default / 1 - Enabled / 2 - Disabled
  2680. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMicrophone" /t REG_DWORD /d "2" /f
  2681.  
  2682.  
  2683. rem =================================== Windows Settings ===================================
  2684. rem ---------------------------------------- Privacy ---------------------------------------
  2685. rem ..................................... Notifications ....................................
  2686.  
  2687. rem Allow/Deny - Allow access to user notifications on this device
  2688. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userNotificationListener" /v "Value" /t REG_SZ /d "Deny" /f
  2689.  
  2690. rem Allow/Deny - Allow apps to access your notifications
  2691. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userNotificationListener" /v "Value" /t REG_SZ /d "Deny" /f
  2692.  
  2693. rem Let apps access my notifications / 0 - Default / 1 - Enabled / 2 - Disabled
  2694. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessNotifications" /t REG_DWORD /d "2" /f
  2695.  
  2696. rem ________________________________________________________________________________________
  2697. rem reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\DeviceAccess\Global\{52079E78-A92B-413F-B213-E8FE35712E72}" /v "Value" /t REG_SZ /d "Deny" /f
  2698.  
  2699.  
  2700. rem =================================== Windows Settings ===================================
  2701. rem ---------------------------------------- Privacy ---------------------------------------
  2702. rem ..................................... Other devices ....................................
  2703.  
  2704. rem Allow/Deny - Communicate with unpaired devices
  2705. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\bluetooth" /v "Value" /t REG_SZ /d "Deny" /f
  2706. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\bluetoothSync" /v "Value" /t REG_SZ /d "Deny" /f
  2707.  
  2708. rem Allow/Deny - Use trusted devices
  2709. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\bluetoothSync" /v "Value" /t REG_SZ /d "Deny" /f
  2710.  
  2711. rem Let apps automatically share and sync info with wireless devices that don't explicitly pair with your PC, tablet, or phone / 0 - Default / 1 - Enabled / 2 - Disabled
  2712. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsSyncWithDevices" /t REG_DWORD /d "2" /f
  2713. rem reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessTrustedDevices" /t REG_DWORD /d "2" /f
  2714.  
  2715.  
  2716. rem =================================== Windows Settings ===================================
  2717. rem ---------------------------------------- Privacy ---------------------------------------
  2718. rem ..................................... Phone calls ......................................
  2719.  
  2720. rem Allow/Deny - Allow phone calls on this device
  2721. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCall" /v "Value" /t REG_SZ /d "Deny" /f
  2722.  
  2723. rem Allow/Deny - Allow apps to make phone calls
  2724. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\phoneCall" /v "Value" /t REG_SZ /d "Deny" /f
  2725.  
  2726.  
  2727. rem =================================== Windows Settings ===================================
  2728. rem ---------------------------------------- Privacy ---------------------------------------
  2729. rem ....................................... Pictures .......................................
  2730.  
  2731. rem Allow/Deny - Pictures library access for this device
  2732. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\picturesLibrary" /v "Value" /t REG_SZ /d "Deny" /f
  2733.  
  2734. rem Allow/Deny - Allow apps to access your pictures library
  2735. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\picturesLibrary" /v "Value" /t REG_SZ /d "Deny" /f
  2736.  
  2737.  
  2738. rem =================================== Windows Settings ===================================
  2739. rem ---------------------------------------- Privacy ---------------------------------------
  2740. rem ............................... Speech, inking, & typing ...............................
  2741.  
  2742. rem ________________________________________________________________________________________
  2743. reg add "HKCU\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy" /v "HasAccepted" /t REG_DWORD /d "0" /f
  2744. reg add "HKCU\Software\Microsoft\Input\TIPC" /v "Enabled" /t REG_DWORD /d "0" /f
  2745. reg add "HKCU\Software\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d "1" /f
  2746. reg add "HKCU\Software\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d "1" /f
  2747. reg add "HKCU\Software\Microsoft\InputPersonalization\TrainedDataStore" /v "HarvestContacts" /t REG_DWORD /d "0" /f
  2748. reg add "HKCU\Software\Microsoft\Personalization\Settings" /v "AcceptedPrivacyPolicy" /t REG_DWORD /d "0" /f
  2749. reg add "HKLM\Software\Microsoft\Input" /v "InputServiceEnabled" /t REG_DWORD /d "0" /f
  2750. reg add "HKLM\Software\Microsoft\Input" /v "InputServiceEnabledForCCI" /t REG_DWORD /d "0" /f
  2751. reg add "HKLM\Software\Policies\Microsoft\InputPersonalization" /v "AllowInputPersonalization" /t REG_DWORD /d "0" /f
  2752. reg add "HKLM\Software\Policies\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d "1" /f
  2753. reg add "HKLM\Software\Policies\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d "1" /f
  2754. reg add "HKLM\Software\Policies\Microsoft\Windows\HandwritingErrorReports" /v "PreventHandwritingErrorReports" /t REG_DWORD /d "1" /f
  2755. reg add "HKLM\Software\Policies\Microsoft\Windows\TabletPC" /v "PreventHandwritingDataSharing" /t REG_DWORD /d "1" /f
  2756.  
  2757.  
  2758. rem =================================== Windows Settings ===================================
  2759. rem ---------------------------------------- Privacy ---------------------------------------
  2760. rem ........................................ Radios ........................................
  2761.  
  2762. rem Allow/Deny - Allow access to control raadios on this device
  2763. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\radios" /v "Value" /t REG_SZ /d "Deny" /f
  2764.  
  2765. rem Allow/Deny - Allow Apps to control device radios
  2766. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\radios" /v "Value" /t REG_SZ /d "Deny" /f
  2767.  
  2768. rem Let apps control radios / 0 - Default / 1 - Enabled / 2 - Disabled
  2769. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessRadios" /t REG_DWORD /d "2" /f
  2770.  
  2771.  
  2772. rem =================================== Windows Settings ===================================
  2773. rem ---------------------------------------- Privacy ---------------------------------------
  2774. rem ......................................... Tasks ........................................
  2775.  
  2776. rem Allow/Deny - Allow access to tasks on this device
  2777. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userDataTasks" /v "Value" /t REG_SZ /d "Deny" /f
  2778.  
  2779. rem Allow/Deny - Allow Apps to access your tasks
  2780. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\userDataTasks" /v "Value" /t REG_SZ /d "Deny" /f
  2781.  
  2782. rem Let apps access tasks / 0 - Default / 1 - Enabled / 2 - Disabled
  2783. rem reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessTasks" /t REG_DWORD /d "2" /f
  2784.  
  2785.  
  2786. rem =================================== Windows Settings ===================================
  2787. rem ---------------------------------------- Privacy ---------------------------------------
  2788. rem ........................................ Videos ........................................
  2789.  
  2790. rem Allow/Deny - Videos library access for this device
  2791. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\videosLibrary" /v "Value" /t REG_SZ /d "Deny" /f
  2792.  
  2793. rem Allow/Deny - Allow Apps to access your videos library
  2794. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\videosLibrary" /v "Value" /t REG_SZ /d "Deny" /f
  2795.  
  2796.  
  2797. rem =================================== Windows Settings ===================================
  2798. rem --------------------------------------- System -----------------------------------------
  2799. rem ........................................ About .........................................
  2800.  
  2801. rem PC Name: LianLiPC-7NB (Computer name should not be longer than 15 characters, no spaces either)
  2802. reg add "HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName" /v "ComputerName" /t REG_SZ /d "LianLiPC-7NB" /f
  2803. reg add "HKLM\System\CurrentControlSet\Control\ComputerName\ComputerName" /v "ComputerName" /t REG_SZ /d "LianLiPC-7NB" /f
  2804. reg add "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters" /v "Hostname" /t REG_SZ /d "LianLiPC-7NB" /f
  2805. reg add "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters" /v "NV Hostname" /t REG_SZ /d "LianLiPC-7NB" /f
  2806.  
  2807. rem Support
  2808. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "Manufacturer" /t REG_SZ /d "TairikuOkami" /f
  2809. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "Model" /t REG_SZ /d "MSI Radeon RX 580 ARMOR 8G OC" /f
  2810. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "SupportHours" /t REG_SZ /d "Within 24-48 hours" /f
  2811. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "SupportPhone" /t REG_SZ /d "TairikuOkami@azet.sk" /f
  2812. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "SupportURL" /t REG_SZ /d "https://discordapp.com/TairikuOkami#2826" /f
  2813.  
  2814. rem Computer Description
  2815. reg add "HKLM\System\CurrentControlSet\services\LanmanServer\Parameters" /v "srvcomment" /t REG_SZ /d "100/10 MBps" /f
  2816.  
  2817.  
  2818. rem =================================== Windows Settings ===================================
  2819. rem --------------------------------------- System -----------------------------------------
  2820. rem ........................................ About .........................................
  2821. rem . . . . . . . . . . . . . . . . . . . System info . . . . . . . . . . . . . . . . . . .
  2822.  
  2823. rem System info (Logo - 120x120.bmp)
  2824. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "Logo" /t REG_SZ /d "D:\Software\Temp\Pics\Logo.bmp" /f
  2825. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v "RegisteredOrganization" /t REG_SZ /d "(-_-)" /f
  2826. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v "RegisteredOwner" /t REG_SZ /d "Brony" /f
  2827.  
  2828. rem Remote Settings - Disable Remote Assistance
  2829. reg add "HKLM\System\CurrentControlSet\Control\Remote Assistance" /v "fAllowToGetHelp" /t REG_DWORD /d "0" /f
  2830. reg add "HKLM\System\CurrentControlSet\Control\Remote Assistance" /v "fAllowFullControl" /t REG_DWORD /d "0" /f
  2831.  
  2832. rem System Protection - Enable System restore and Set the size
  2833. rem reg delete "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableSR" /f
  2834. rem reg delete "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableConfig" /f
  2835. rem reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\SPP\Clients" /v " {09F7EDC5-294E-4180-AF6A-FB0E6A0E9513}" /t REG_MULTI_SZ /d "1" /f
  2836. rem schtasks /Change /TN "Microsoft\Windows\SystemRestore\SR" /Enable
  2837. rem vssadmin Resize ShadowStorage /For=C: /On=C: /Maxsize=5GB
  2838. rem sc config wbengine start= demand
  2839. rem sc config swprv start= demand
  2840. rem sc config vds start= demand
  2841. rem sc config VSS start= demand
  2842.  
  2843. rem System Protection - Disable System restore and Set the size
  2844. reg add "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableSR" /t REG_DWORD /d "1" /f
  2845. schtasks /Change /TN "Microsoft\Windows\SystemRestore\SR" /Disable
  2846. vssadmin Resize ShadowStorage /For=C: /On=C: /Maxsize=320MB
  2847.  
  2848. rem Advanced system settings - Performance - Advanced - Processor Scheduling
  2849. rem 0 - Foreground and background applications equally responsive / 1 - Foreground application more responsive than background / 2 - Best foreground application response time (Default)
  2850. rem 38 - Adjust for best performance of Programs / 24 - Adjust for best performance of Background Services
  2851. reg add "HKLM\System\CurrentControlSet\Control\PriorityControl" /v "Win32PrioritySeparation " /t REG_DWORD /d "38" /f
  2852.  
  2853. rem Advanced system settings - Performance - Advanced - Virtual memory
  2854. rem Disable pagefile
  2855. wmic computersystem where name="%computername%" set AutomaticManagedPagefile=False
  2856. wmic pagefileset where name="%SystemDrive%\\pagefile.sys" set InitialSize=0,MaximumSize=0
  2857. wmic pagefileset where name="%SystemDrive%\\pagefile.sys" delete
  2858.  
  2859. rem Advanced system settings - Startup and Recovery
  2860. rem 5 - 5 secs / Time to display list of operating systems
  2861. bcdedit /timeout 5
  2862.  
  2863. rem Advanced system settings - Startup and Recovery
  2864. rem 1 - Automatically Restart (on System Failure)
  2865. reg add "HKLM\System\CurrentControlSet\Control\CrashControl" /v "AutoReboot" /t REG_DWORD /d "0" /f
  2866.  
  2867. rem ________________________________________________________________________________________
  2868. rem Disable Remote Assistance
  2869. sc config RemoteRegistry start= disabled
  2870. reg add "HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS" /v "AllowRemoteShellAccess" /t REG_DWORD /d "0" /f
  2871. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowToGetHelp" /t REG_DWORD /d "0" /f
  2872. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnsolicited" /t REG_DWORD /d "0" /f
  2873. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnsolicitedFullControl" /t REG_DWORD /d "0" /f
  2874. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "fDenyTSConnections" /t REG_DWORD /d "1" /f
  2875. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "TSAppCompat" /t REG_DWORD /d "0" /f
  2876. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "TSEnabled" /t REG_DWORD /d "0" /f
  2877. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "TSUserEnabled" /t REG_DWORD /d "0" /f
  2878.  
  2879. rem Encrypt the Pagefile
  2880. rem fsutil behavior set EncryptPagingFile 1
  2881.  
  2882.  
  2883. rem =================================== Windows Settings ===================================
  2884. rem --------------------------------------- System -----------------------------------------
  2885. rem ..................................... Clipboard ........................................
  2886.  
  2887. rem Save multiple items / 0 - Disable / 1 - Enable
  2888. reg add "HKCU\Software\Microsoft\Clipboard" /v "EnableClipboardHistory " /t REG_DWORD /d "0" /f
  2889.  
  2890. rem Sync across devices / 0 - Disable / 1 - Enable
  2891. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "AllowCrossDeviceClipboard " /t REG_DWORD /d "0" /f
  2892.  
  2893. rem ________________________________________________________________________________________
  2894. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d "0" /f
  2895.  
  2896.  
  2897. rem =================================== Windows Settings ===================================
  2898. rem --------------------------------------- System -----------------------------------------
  2899. rem ............................... Notifications & actions ................................
  2900.  
  2901. rem 1 - Get tips, tricks, and suggestions as you use Windows (ADs)
  2902. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d "0" /f
  2903.  
  2904. rem 0 - Get notifications from apps and other senders
  2905. reg add "HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" /v "NoToastApplicationNotification" /t REG_DWORD /d "1" /f
  2906.  
  2907. rem 1 - Show me the Windows welcome experience after updates and occasionally when I sign in to highlight what's new and suggested (ADs)
  2908. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d "0" /f
  2909.  
  2910. rem 1 - Suggest ways I can finish setting up my device to get the most out of Windows
  2911. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\UserProfileEngagement" /v "ScoobeSystemSettingEnabled" /t REG_DWORD /d "0" /f
  2912.  
  2913. rem ________________________________________________________________________________________
  2914. reg add "HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" /v "NoCloudApplicationNotification" /t REG_DWORD /d "1" /f
  2915. reg add "HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" /v "NoCloudApplicationNotification" /t REG_DWORD /d "1" /f
  2916.  
  2917.  
  2918. rem =================================== Windows Settings ===================================
  2919. rem --------------------------------------- System -----------------------------------------
  2920. rem .................................... Power & sleep .....................................
  2921. rem . . . . . . . . . . . . . . . . Additional power settings . . . . . . . . . . . . . . .
  2922.  
  2923. rem Change plan settings - Change advanced power settings - Hard disk - Turn off hard disk (on battery) after
  2924. rem 0 - Never / 4294967295 - max value in seconds
  2925. reg add "HKLM\Software\Policies\Microsoft\Power\PowerSettings\E69653CA-CF7F-4F05-AA73-CB833FA90AD4" /v "DCSettingIndex" /t REG_DWORD /d "0" /f
  2926.  
  2927. rem Change plan settings - Change adavnced power settings - Hard disk - Turn off hard disk (plugged in) after
  2928. rem 0 - Never / 4294967295 - max value in seconds
  2929. reg add "HKLM\Software\Policies\Microsoft\Power\PowerSettings\6738E2C4-E8A5-4A42-B16A-E040E769756E" /v "ACSettingIndex" /t REG_DWORD /d "0" /f
  2930.  
  2931.  
  2932. rem =================================== Windows Settings ===================================
  2933. rem --------------------------------------- System -----------------------------------------
  2934. rem ................................. Shared Experiences ...................................
  2935.  
  2936. rem Let apps on other devices open apps and message apps on this device, and vice versa / 0 - Disabled
  2937. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\CDP" /v "EnableRemoteLaunchToast" /t REG_DWORD /d "0" /f
  2938. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "EnableCdp" /t REG_DWORD /d "0" /f
  2939. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "EnableMmx" /t REG_DWORD /d "0" /f
  2940.  
  2941.  
  2942. rem =================================== Windows Settings ===================================
  2943. rem --------------------------------------- System -----------------------------------------
  2944. rem ....................................... Storage ........................................
  2945.  
  2946. rem ________________________________________________________________________________________
  2947. rem fsutil storagereserve query C:
  2948. rem Dism /Online /Set-ReservedStorageState /State:Disabled /Quiet /NoRestart
  2949. rem 2/0/0 - Disable Reserved Storage (7GB) / 1/1/1 - Enabled
  2950. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\MiscPolicyInfo" /v "ShippedWithReserves" /t REG_DWORD /d "2" /f
  2951. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\PassedPolicy" /v "ShippedWithReserves" /t REG_DWORD /d "0" /f
  2952. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\ReserveManager" /v "ShippedWithReserves" /t REG_DWORD /d "0" /f
  2953.  
  2954. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "AllowStorageSenseGlobal" /t REG_DWORD /d "0" /f
  2955. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "AllowStorageSenseTemporaryFilesCleanup" /t REG_DWORD /d "0" /f
  2956. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "ConfigStorageSenseCloudContentDehydrationThreshold" /t REG_DWORD /d "0" /f
  2957. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "ConfigStorageSenseRecycleBinCleanupThreshold" /t REG_DWORD /d "0" /f
  2958. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "ConfigStorageSenseDownloadsCleanupThreshold" /t REG_DWORD /d "0" /f
  2959. reg delete "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "ConfigStorageSenseGlobalCadence" /f
  2960.  
  2961.  
  2962. rem =================================== Windows Settings ===================================
  2963. rem ----------------------------------- Time & language -------------------------------------
  2964. rem ..................................... Date & time .......................................
  2965.  
  2966. rem Time Zone - Central Europe Standard Time
  2967. tzutil /s "Central Europe Standard Time"
  2968.  
  2969.  
  2970. rem =================================== Windows Settings ===================================
  2971. rem ----------------------------------- Time & language -------------------------------------
  2972. rem ..................................... Date & time .......................................
  2973. rem . . . . . . . . . . . . Additional date, time, & regional settings . . . . . . . . . . .
  2974.  
  2975. rem Set Formats to Metric
  2976. reg add "HKCU\Control Panel\International" /v "iDigits" /t REG_SZ /d "2" /f
  2977. reg add "HKCU\Control Panel\International" /v "iLZero" /t REG_SZ /d "1" /f
  2978. reg add "HKCU\Control Panel\International" /v "iMeasure" /t REG_SZ /d "0" /f
  2979. reg add "HKCU\Control Panel\International" /v "iNegNumber" /t REG_SZ /d "1" /f
  2980. reg add "HKCU\Control Panel\International" /v "iPaperSize" /t REG_SZ /d "1" /f
  2981. reg add "HKCU\Control Panel\International" /v "iTLZero" /t REG_SZ /d "1" /f
  2982. reg add "HKCU\Control Panel\International" /v "sDecimal" /t REG_SZ /d "," /f
  2983. reg add "HKCU\Control Panel\International" /v "sNativeDigits" /t REG_SZ /d "0123456789" /f
  2984. reg add "HKCU\Control Panel\International" /v "sNegativeSign" /t REG_SZ /d "-" /f
  2985. reg add "HKCU\Control Panel\International" /v "sPositiveSign" /t REG_SZ /d "" /f
  2986. reg add "HKCU\Control Panel\International" /v "NumShape" /t REG_SZ /d "1" /f
  2987.  
  2988. rem Set Time to 24h / Monday
  2989. reg add "HKCU\Control Panel\International" /v "iCalendarType" /t REG_SZ /d "1" /f
  2990. reg add "HKCU\Control Panel\International" /v "iDate" /t REG_SZ /d "1" /f
  2991. reg add "HKCU\Control Panel\International" /v "iFirstDayOfWeek" /t REG_SZ /d "0" /f
  2992. reg add "HKCU\Control Panel\International" /v "iFirstWeekOfYear" /t REG_SZ /d "0" /f
  2993. reg add "HKCU\Control Panel\International" /v "iTime" /t REG_SZ /d "1" /f
  2994. reg add "HKCU\Control Panel\International" /v "iTimePrefix" /t REG_SZ /d "0" /f
  2995. reg add "HKCU\Control Panel\International" /v "sDate" /t REG_SZ /d "-" /f
  2996. reg add "HKCU\Control Panel\International" /v "sList" /t REG_SZ /d "," /f
  2997. reg add "HKCU\Control Panel\International" /v "sLongDate" /t REG_SZ /d "d MMMM, yyyy" /f
  2998. reg add "HKCU\Control Panel\International" /v "sMonDecimalSep" /t REG_SZ /d "." /f
  2999. reg add "HKCU\Control Panel\International" /v "sMonGrouping" /t REG_SZ /d "3;0" /f
  3000. reg add "HKCU\Control Panel\International" /v "sMonThousandSep" /t REG_SZ /d "," /f
  3001. reg add "HKCU\Control Panel\International" /v "sShortDate" /t REG_SZ /d "dd-MMM-yy" /f
  3002. reg add "HKCU\Control Panel\International" /v "sTime" /t REG_SZ /d ":" /f
  3003. reg add "HKCU\Control Panel\International" /v "sTimeFormat" /t REG_SZ /d "HH:mm:ss" /f
  3004. reg add "HKCU\Control Panel\International" /v "sShortTime" /t REG_SZ /d "HH:mm" /f
  3005. reg add "HKCU\Control Panel\International" /v "sYearMonth" /t REG_SZ /d "MMMM yyyy" /f
  3006.  
  3007. rem 244 - Set Location to United States / 143 - Slovakia
  3008. reg add "HKCU\Control Panel\International\Geo" /v "Nation" /t REG_SZ /d "143" /f
  3009.  
  3010.  
  3011. rem =================================== Windows Settings ===================================
  3012. rem ----------------------------------- Time & Language ------------------------------------
  3013. rem .................................. Region & Language ...................................
  3014. rem . . . . . . . . . . . . . . . Advanced keyboard settings . . . . . . . . . . . . . . . .
  3015.  
  3016. rem Language bar options - Advanced key settings - Change Key Sequence
  3017. rem 3 - Not assigned / 2 - CTRL+SHIFT / 1 - Left ALT+SHIFT
  3018. reg add "HKCU\Keyboard Layout\Toggle" /v "Language Hotkey" /t REG_SZ /d "3" /f
  3019. reg add "HKCU\Keyboard Layout\Toggle" /v "Hotkey" /t REG_SZ /d "3" /f
  3020. reg add "HKCU\Keyboard Layout\Toggle" /v "Layout Hotkey" /t REG_SZ /d "3" /f
  3021.  
  3022. rem ________________________________________________________________________________________
  3023. rem 2 - Enable Num Lock on Sign-in Screen / 2147483648 - Disable
  3024. reg add "HKU\.DEFAULT\Control Panel\Keyboard" /v "InitialKeyboardIndicators" /t REG_SZ /d "2" /f
  3025.  
  3026.  
  3027. rem =================================== Windows Settings ===================================
  3028. rem ----------------------------------- Update & security ----------------------------------
  3029. rem ........................................ Backup .......................................
  3030.  
  3031. rem ________________________________________________________________________________________
  3032. rem 1 - Disable File History (Creating previous versions of files/Windows Backup)
  3033. reg add "HKLM\Software\Policies\Microsoft\Windows\FileHistory" /v "Disabled" /t REG_DWORD /d "1" /f
  3034.  
  3035.  
  3036. rem =================================== Windows Settings ===================================
  3037. rem ----------------------------------- Update & security ----------------------------------
  3038. rem .................................... Windows update ....................................
  3039.  
  3040. rem Change active hours (18 hours) 6am to 0am - Windows Updates will not automatically restart your device during active hours
  3041. reg add "HKLM\Software\Microsoft\WindowsUpdate\UX\Settings" /v "ActiveHoursStart" /t REG_DWORD /d "6" /f
  3042. reg add "HKLM\Software\Microsoft\WindowsUpdate\UX\Settings" /v "ActiveHoursEnd" /t REG_DWORD /d "0" /f
  3043.  
  3044. rem Restart options - 1 - We'll show a reminder when we're going to restart.
  3045. reg add "HKLM\Software\Microsoft\WindowsUpdate\UX\Settings" /v "RestartNotificationsAllowed" /t REG_DWORD /d "0" /f
  3046.  
  3047. rem ________________________________________________________________________________________
  3048. rem Remove Windows ActiveX Flash (could be exploited within Windows/Office)
  3049.  
  3050. rem regsvr32 /u /s "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.dll"
  3051. takeown /s %computername% /u %username% /f "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.exe"
  3052. icacls "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.exe" /inheritance:r /grant:r %username%:F
  3053. del "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.exe" /f /q
  3054. takeown /s %computername% /u %username% /f "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.dll"
  3055. icacls "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.dll" /inheritance:r /grant:r %username%:F
  3056. del "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.dll" /f /q
  3057. takeown /s %computername% /u %username% /f "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.exe"
  3058. icacls "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.exe" /inheritance:r /grant:r %username%:F
  3059. del "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.exe" /f /q
  3060. takeown /s %computername% /u %username% /f "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.dll"
  3061. icacls "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.dll" /inheritance:r /grant:r %username%:F
  3062. del "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.dll" /f /q
  3063.  
  3064. rem Disable auto-checking for updates, non-english users have to remove selected users manually (manual checking works, whenever YOU want, not Windows 10)
  3065. takeown /s %computername% /u %username% /f "%WINDIR%\System32\UsoClient.exe"
  3066. icacls "%WINDIR%\System32\UsoClient.exe" /inheritance:r
  3067. rem https://postimg.cc/tYR0PRy9
  3068.  
  3069. rem To Restore (when there is update/upgrade updating exe, otherwise it will fail)
  3070. rem icacls "%WINDIR%\System32\UsoClient.exe" /reset
  3071.  
  3072. rem Disable checking for updates via GUI, non-english users have to remove selected users manually
  3073. takeown /s %computername% /u %username% /f "%WINDIR%\System32\usocoreworker.exe"
  3074. icacls "%WINDIR%\System32\usocoreworker.exe" /inheritance:r
  3075.  
  3076. rem To Restore (when there is update/upgrade updating exe, otherwise it will fail)
  3077. rem icacls "%WINDIR%\System32\usocoreworker.exe" /reset
  3078.  
  3079. rem 1 - Disable Malicious Software Removal Tool offered via Windows Updates (MRT) + Disable Heartbeat Telemetry
  3080. reg add "HKLM\Software\Microsoft\RemovalTools\MpGears" /v "HeartbeatTrackingIndex" /t REG_DWORD /d "0" /f
  3081. reg add "HKLM\Software\Microsoft\RemovalTools\MpGears" /v "SpyNetReportingLocation" /t REG_MULTI_SZ /d "" /f
  3082. reg add "HKLM\Software\Policies\Microsoft\MRT" /v "DontOfferThroughWUAU" /t REG_DWORD /d "1" /f
  3083. reg add "HKLM\Software\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d "1" /f
  3084.  
  3085.  
  3086. rem =================================== Windows Settings ===================================
  3087. rem ----------------------------------- Update & security ----------------------------------
  3088. rem .................................... Windows update ....................................
  3089. rem . . . . . . . . . . . . . . . . . . Advanced options . . . . . . . . . . . . . . . . . .
  3090.  
  3091. rem Choose how updates are delivered / 0 - Turns off Delivery Optimization / 1 - Gets or sends updates and apps to PCs on the same NAT only / 2 - Gets or sends updates and apps to PCs on the same local network domain / 3 - Gets or sends updates and apps to PCs on the Internet / 99 - Simple download mode with no peering / 100 - Use BITS instead of Windows Update Delivery Optimization
  3092. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" /v "DODownloadMode" /t REG_DWORD /d "0" /f
  3093. reg add "HKLM\Software\Policies\Microsoft\Windows\DeliveryOptimization" /v "DODownloadMode" /t REG_DWORD /d "0" /f
  3094.  
  3095.  
  3096. rem ==================================== Windows Shell =====================================
  3097.  
  3098.  
  3099. rem Add Reset permissions to Shell/Manually Reset permissions/Take Ownership
  3100. rem http://lallouslab.net/2013/08/26/resetting-ntfs-files-permission-in-windows-graphical-utility
  3101.  
  3102. rem Take Ownership
  3103. rem Files/Folders - https://www.youtube.com/watch?v=x7gjZMvQHu4
  3104. rem Registry - https://www.youtube.com/watch?v=M1l5ifYKefg
  3105. rem https://ss64.com/nt/icacls.html
  3106. rem https://technet.microsoft.com/en-us/library/cc753024%28v=ws.11%29.aspx
  3107. rem https://technet.microsoft.com/en-us/library/cc753525(v=ws.11).aspx
  3108.  
  3109. rem Add "Take Ownership" Option in Files and Folders Context Menu in Windows
  3110. rem reg add "HKCR\*\shell\runas" /ve /t REG_SZ /d "Take ownership" /f
  3111. rem reg add "HKCR\*\shell\runas" /v "HasLUAShield" /t REG_SZ /d "" /f
  3112. rem reg add "HKCR\*\shell\runas" /v "NoWorkingDirectory" /t REG_SZ /d "" /f
  3113. rem reg add "HKCR\*\shell\runas\command" /ve /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" && icacls \"%%1\" /grant administrators:F" /f
  3114. rem reg add "HKCR\*\shell\runas\command" /v "IsolatedCommand" /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" && icacls \"%%1\" /grant administrators:F" /f
  3115. rem reg add "HKCR\Directory\shell\runas" /ve /t REG_SZ /d "Take ownership" /f
  3116. rem reg add "HKCR\Directory\shell\runas" /v "HasLUAShield" /t REG_SZ /d "" /f
  3117. rem reg add "HKCR\Directory\shell\runas" /v "NoWorkingDirectory" /t REG_SZ /d "" /f
  3118. rem reg add "HKCR\Directory\shell\runas\command" /ve /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" /r /d y && icacls \"%%1\" /grant administrators:F /t" /f
  3119. rem reg add "HKCR\Directory\shell\runas\command" /v "IsolatedCommand" /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" /r /d y && icacls \"%%1\" /grant administrators:F /t" /f
  3120.  
  3121. rem Remove Send To from Context Menu
  3122. reg delete "HKCR\AllFilesystemObjects\shellex\ContextMenuHandlers\SendTo" /f
  3123.  
  3124. rem Remove Share from Context Menu
  3125. reg delete "HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ModernSharing" /f
  3126. reg delete "HKLM\Software\Classes\*\shellex\ContextMenuHandlers\Sharing" /f
  3127. reg delete "HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Sharing" /f
  3128. reg delete "HKLM\Software\Classes\Drive\shellex\PropertySheetHandlers\Sharing" /f
  3129. reg delete "HKLM\Software\Classes\Directory\background\shellex\ContextMenuHandlers\Sharing" /f
  3130. reg delete "HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\Sharing" /f
  3131. reg delete "HKLM\Software\Classes\Directory\shellex\CopyHookHandlers\Sharing" /f
  3132. reg delete "HKLM\Software\Classes\Directory\shellex\PropertySheetHandlers\Sharing" /f
  3133.  
  3134.  
  3135. rem ==================================== Windows Store =====================================
  3136. rem -------------------------------------- Settings ----------------------------------------
  3137.  
  3138. rem Update apps automatically / 2 - Off / 4 - On
  3139. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /v "AutoDownload" /t REG_DWORD /d "2" /f
  3140. schtasks /Change /TN "Microsoft\Windows\WindowsUpdate\Automatic App Update" /Disable
  3141.  
  3142. rem ________________________________________________________________________________________
  3143. rem Disable Auto-install subscribed/suggested apps (games like Candy Crush Soda Saga/Minecraft)
  3144. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d "0" /f
  3145. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OemPreInstalledAppsEnabled" /t REG_DWORD /d "0" /f
  3146. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d "0" /f
  3147. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d "0" /f
  3148. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d "0" /f
  3149. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d "0" /f
  3150. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d "0" /f
  3151. reg add "HKLM\Software\Policies\Microsoft\PushToInstall" /v "DisablePushToInstall" /t REG_DWORD /d "1" /f
  3152. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions" /f
  3153. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\SuggestedApps" /f
  3154.  
  3155.  
  3156. rem ==================================== Windows Waypoint ==================================
  3157.  
  3158.  
  3159. timeout 5
  3160.  
  3161. fsutil usn deletejournal /d /n c:
  3162.  
  3163. rem Clean Yandex Browser's installer, caches and cookies (not covered by CookieAutodelete, since the browser is running) - browser://settings/siteData
  3164. rem https://yandex.ru/tune/desktopnotifications/browser?from=push
  3165. del "%LocalAppData%\Yandex\YandexBrowser\*service_update.exe" /s /f /q
  3166. del "%LocalAppData%\Yandex\YandexBrowser\Application\*.7z" /s /f /q
  3167. del "%LocalAppData%\Yandex\YandexBrowser\Application\*searchband.exe" /s /f /q
  3168. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\*history*." /s /f /q
  3169. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Current Session" /s /f /q
  3170. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Current Tabs" /s /f /q
  3171. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Current Tabs Invalid" /s /f /q
  3172. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Last Session" /s /f /q
  3173. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Last Tabs" /s /f /q
  3174. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\LOG" /s /f /q
  3175. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\LOG.old" /s /f /q
  3176. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Network Action Predictor" /s /f /q
  3177. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Network Action Predictor-journal" /s /f /q
  3178. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Network Persistent State" /s /f /q
  3179. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Passman Logs" /s /f /q
  3180. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Passman Logs-journal" /s /f /q
  3181. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Reporting and NEL" /s /f /q
  3182. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Reporting and NEL-journal" /s /f /q
  3183. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\QuotaManager" /s /f /q
  3184. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\QuotaManager-journal" /s /f /q
  3185. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Session Log" /s /f /q
  3186. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Top Sites" /s /f /q
  3187. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Top Sites-journal" /s /f /q
  3188. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Visited Links" /s /f /q
  3189. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Ya Autofill Data" /s /f /q
  3190. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Ya Autofill Data-journal" /s /f /q
  3191. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Ya Credit Cards" /s /f /q
  3192. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Ya Credit Cards-journal" /s /f /q
  3193. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Ya Login Data" /s /f /q
  3194. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Ya Passman Data" /s /f /q
  3195. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Ya Passman Data-journal" /s /f /q
  3196. rd "%LocalAppData%\Yandex\BrowserDiagnostics" /s /q
  3197. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\AutofillStrikeDatabase" /s /q
  3198. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\BudgetDatabase" /s /q
  3199. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Cache" /s /q
  3200. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Code Cache" /s /q
  3201. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\data_reduction_proxy_leveldb" /s /q
  3202. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\databases" /s /q
  3203. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\File System" /s /q
  3204. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\GCM Store" /s /q
  3205. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\GPUCache" /s /q
  3206. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\IndexedDB" /s /q
  3207. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Local Storage" /s /q
  3208. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Media Cache" /s /q
  3209. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Platform Notifications" /s /q
  3210. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Session Storage" /s /q
  3211. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Service Value Store" /s /q
  3212. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Service Worker" /s /q
  3213. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\shared_proto_db" /s /q
  3214. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Site Characteristics Database" /s /q
  3215. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Tablo Cache" /s /q
  3216. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\TabPreviewScreenshots" /s /q
  3217. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\VideoDecodeStats" /s /q
  3218. rd "%ProgramFiles(x86)%\Yandex" /s /q
  3219.  
  3220. rem Run Wise Disk Cleaner
  3221. start "" /wait "%ProgramFiles(x86)%\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe" -a
  3222.  
  3223. rem Run Wise Registry Cleaner
  3224. start "" /wait "%ProgramFiles(x86)%\Wise\Wise Registry Cleaner\WiseRegCleaner.exe" -a -all
  3225.  
  3226. rem https://www.tenforums.com/general-support/95776-restart-fall-creators-update-reopens-apps-before.html#post1175516
  3227. rem https://www.tenforums.com/tutorials/49963-use-sign-info-auto-finish-after-update-restart-windows-10-a.html
  3228. rem https://www.tenforums.com/tutorials/138685-turn-off-automatically-restart-apps-after-sign-windows-10-a.html
  3229. shutdown /s /f /t 0
  3230.  
  3231. rem Is that all? Is that ALL? Yes, that is all. That is all. https://i.postimg.cc/tXVfSqZ3/2004-1.jpg / https://i.postimg.cc/9mdk2LBz/capture-05312020-125140-1.jpg
  3232. rem https://www.youtube.com/watch?v=MTjs5eo4BfI&feature=youtu.be&t=1m47s
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top