SHARE
TWEET

Windows Tweaks

TairikuOkami Jul 20th, 2015 (edited) 77,575 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. rem USE AT OWN RISK AS IS WITHOUT WARRANTY OF ANY KIND !!!!!
  2.  
  3.  
  4. rem The latest cumulative update - https://support.microsoft.com/en-us/help/4529964/windows-10-update-history
  5. rem CU 18363.535 - http://download.windowsupdate.com/d/msdownload/update/software/secu/2019/12/windows10.0-kb4530684-x64_02ab3d424a993fbefa857f5b92999383f56c6986.msu
  6. rem DISM /Online /Add-Package /PackagePath:%USERPROFILE%\Desktop\Windows10.0-KB4530684-x64_PSFX.cab
  7.  
  8. rem The latest servicing stack update (recommended to install before CU) - https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates
  9. rem SSU 18363.449 - http://download.windowsupdate.com/c/msdownload/update/software/secu/2019/11/windows10.0-kb4524569-x64_9004236e081c22b1e10c4bc94279bf6e75cd299a.msu
  10. rem DISM /Online /Add-Package /PackagePath:%USERPROFILE%\Desktop\Windows10.0-KB4524569-x64.cab
  11.  
  12.  
  13. rem These tweaks will mess up your Windows real bad, if the whole batch is run!
  14. rem Try Light version instead, as a starting point - https://pastebin.com/M2JGdYcn
  15.  
  16. rem Before making any changes, it is preferable to create a registry backup!
  17. rem https://support.microsoft.com/en-us/help/322756/how-to-back-up-and-restore-the-registry-in-windows
  18. rem https://www.tweaking.com/content/page/registry_backup.html
  19.  
  20. rem Or even better, create a system image!
  21. rem https://www.aomeitech.com/ab/standard.html
  22. rem https://www.easeus.com/backup-software/tb-free.html
  23. rem https://www.macrium.com/reflectfree
  24.  
  25. rem Things, that will get broken, that will get noticed ASAP or after restart, like Start (SystemApps/StartMenuExperienceHost.exe) or WiFi for sure!
  26. rem Disabling network services (Dhcp/NlaSvc/netprofm/nsi/RmSvc) will prevent you from managing network settings via Settings!
  27. rem Windows Defender Firewall is set to block all inbound/outbound except allowed apps, which have to be added first!
  28.  
  29. rem "ValidateAdminCodeSignatures" will prevent exe without a digital signature to run as admin: "A referral was returned from the server."
  30. rem reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ValidateAdminCodeSignatures" /t REG_DWORD /d "0" /f
  31.  
  32.  
  33. rem ________________________________________________________________________________________
  34.  
  35.  
  36. rem Basic informations
  37. rem Software recommendations
  38.  
  39. rem Remove various folders, startup entries and policies
  40. rem Restore essential startup entries
  41.  
  42. rem Software Setup
  43. rem Windows Setup plus Manual Config
  44.  
  45. rem Windows Drivers
  46. rem Windows Defender Security Center
  47. rem Windows Logging
  48. rem Windows Error Reporting
  49. rem Windows Explorer
  50. rem Windows OneDrive
  51. rem Windows Optimizations
  52. rem Windows Policies
  53. rem Windows Scheduled Tasks
  54. rem Windows Services
  55. rem Windows Settings
  56. rem Windows Shell
  57. rem Windows Store
  58. rem Windows Waypoint
  59.  
  60.  
  61. rem ================================= Basic informations ===================================
  62.  
  63.  
  64. rem SeDebugPrivilege/SeTcbPrivilege - https://youtu.be/hZKLEw-Our4 - Self-elevation to System (even on SUA) used by ransomware (NotPetya/WannaCry)
  65. rem https://docs.microsoft.com/en-us/windows/device-security/security-policy-settings/act-as-part-of-the-operating-system
  66.  
  67. rem https://docs.microsoft.com/en-us/windows/deployment/update/waas-overview
  68. rem https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-configuration-service-provider
  69. rem https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-security-baselines
  70.  
  71. rem Adblock Detection - https://www.detectadblock.com / https://blockads.fivefilters.org
  72. rem Browser Leaks - https://browserleaks.com / CanvasFingerprint / WebRTC
  73. rem Browser Tracking Test - https://panopticlick.eff.org
  74. rem Privacy Info - https://github.com/CHEF-KOCH/Online-Privacy-Test-Resource-List/tree/f4f9176ae8ea44c0f77ece204ee4435e892c0a29
  75. rem Privacy Tools - https://www.ghacks.net/2015/08/14/comparison-of-windows-10-privacy-tools
  76. rem Privacy Tools - https://www.privacytools.io
  77. rem Privacy Webpage Scan - https://webbkoll.dataskydd.net
  78. rem Private Uncensored Search - https://duckduckgo.com (Startpage is censored now)
  79. rem SSL/TLS Test - https://www.ssllabs.com/ssltest
  80.  
  81. rem AV Comparison
  82. rem http://www.av-comparatives.org/list-of-consumer-av-vendors-pc
  83. rem https://fatsecurity.com/tools/test-results-calculator
  84. rem https://www.av-comparatives.org/comparatives-reviews
  85. rem https://www.av-test.org/en/antivirus/home-windows/windows-10
  86. rem https://www.mrg-effitas.com/test-library
  87.  
  88. rem AVs/SSL Filtering - https://blog.adguard.com/en/everything-about-https-filtering
  89. rem 3rd party AV can improve performance, even compared to no AV - https://postimg.cc/ZB0SkhZB
  90. rem AV is as vulnerable as any other software, but since it uses SYSTEM rights, it is more dangerous - http://cybellum.com/doubleagent-taking-full-control-antivirus
  91. rem Disable webfiltering, replacing certificates - https://www.eff.org/deeplinks/2015/02/dear-software-vendors-please-stop-trying-intercept-your-customers-encrypted / https://restoreprivacy.com/antivirus-privacy/
  92. rem WD being vulnerable all the time - http://news.softpedia.com/news/microsoft-releases-silent-fix-for-windows-defender-remote-code-execution-flaw-516095.shtml
  93. rem https://www.bleepingcomputer.com/news/security/smartservice-and-s5mark-acts-like-an-adware-bodyguard-by-blocking-antivirus-software/
  94. rem http://blog.emsisoft.com/2015/01/17/has-the-antivirus-industry-gone-mad
  95. rem http://www.makeuseof.com/tag/antivirus-tracking-youd-surprised-sends
  96. rem https://www.av-test.org/en/news/news-single-view/data-protection-or-virus-protection
  97.  
  98. rem DNS Benchmark / Namebench - https://code.google.com/archive/p/namebench/downloads
  99. rem DNS Hijack / https://sockpuppet.org/blog/2015/01/15/against-dnssec / https://recdnsfp.github.io
  100. rem DNS Encryption (setup DNS server as 127.0.0.1) - https://simplednscrypt.org
  101. rem DNS Fix / DNS-Lock - https://www.sordum.org/9432/dns-lock-v1-4/
  102. rem DNS List - https://wiki.ipfire.org/dns/public-servers
  103. rem DNS Privacy/Tests - https://dnscrypt.me
  104.  
  105. rem Family Filtering (adult/proxy/search)
  106. rem CleanBrowsing - https://cleanbrowsing.org/ip-address
  107. rem DNS Family - https://dnsforfamily.com/#DNS_Servers
  108. rem Enforce Safe Search (=Adult Filter) - https://chrome.google.com/webstore/detail/enforce-safe-search-adult/fiopkogmohpinncfhneadmpkcikmgkgc
  109. rem NextDNS - https://www.nextdns.io
  110. rem OpenDNS - https://www.opendns.com/setupguide/#familyshield
  111. rem UltraDNS - https://www.home.neustar/dns-services/ultra-recursive-dns#free
  112.  
  113. rem VPN Comparison / Anonymity
  114. rem https://arstechnica.com/tech-policy/2017/03/senate-votes-to-let-isps-sell-your-web-browsing-history-to-advertisers
  115. rem https://thatoneprivacysite.net/simple-vpn-comparison-chart
  116. rem https://vpntesting.info
  117. rem https://www.msgsafe.io
  118.  
  119. rem Windows Hardening
  120. rem https://hard-configurator.com
  121. rem https://www.novirusthanks.org/products/syshardener
  122.  
  123. rem Windows Repair Toolbox - https://windows-repair-toolbox.com
  124. rem Windows 10 Drivers - http://www.catalog.update.microsoft.com
  125. rem Windows 10 Forums - https://www.tenforums.com/general-support/58375-newly-added-tutorials.html
  126. rem Windows 10 Policies - https://getadmx.com/?Category=Windows_10_2016
  127. rem Windows 10 Support - https://technet.microsoft.com/en-us/windows/support-windows-10.aspx
  128.  
  129. rem Windows ISO
  130. rem https://genuineisoverifier.weebly.com
  131. rem https://msdn.rg-adguard.net
  132. rem https://tb.rg-adguard.net
  133. rem https://uup.rg-adguard.net
  134. rem https://www.heidoc.net/joomla/technology-science/microsoft/67-microsoft-windows-and-office-iso-download-tool
  135.  
  136. rem Check ISO Windows versions and build version
  137. rem dism /Get-WimInfo /WimFile:F:\sources\install.wim
  138. rem dism /Get-WimInfo /WimFile:F:\sources\install.wim /index:1
  139. rem dism /Get-WimInfo /WimFile:F:\sources\install.esd /index:1
  140.  
  141. rem https://www.tenforums.com/tutorials/3109-shell-commands-list-windows-10-a.html
  142. rem https://www.tenforums.com/tutorials/3123-clsid-key-guid-shortcuts-list-windows-10-a.html
  143. rem https://www.tenforums.com/tutorials/3234-environment-variables-windows-10-a.html
  144. rem https://www.tenforums.com/tutorials/77458-rundll32-commands-list-windows-10-a.html
  145. rem https://www.tenforums.com/tutorials/78108-app-commands-list-windows-10-a.html
  146. rem https://www.tenforums.com/tutorials/78214-settings-pages-list-uri-shortcuts-windows-10-a.html
  147.  
  148.  
  149. rem =============================== Software recommendations ===============================
  150.  
  151.  
  152. rem AntiVirus software
  153. rem Adaware (MT) - https://www.adaware.com/antivirus
  154. rem Adaware Silent - App Managment - Enable Gaming Mode / Disable ThreatWork Alliance
  155. rem Kaspersky Security Cloud (RU) - https://www.kaspersky.com/downloads/thank-you/try-free-cloud-antivirus
  156. rem Kaspersky Security Cloud Setup - Accept Kaspersky Security Network and Decline Data Processing / Recommended - uncheck All
  157. rem Kaspersky Security Cloud Setup - Uninstall Kaspersky Secure Connection (trial VPN)
  158. rem Kaspersky Security Cloud Setup -  Settings - Additional - Notifications - uncheck News Notifications and Promotional Materials
  159. rem Kaspersky Security Cloud Performance - Settings - Protection - Turn Off All, but File Anti-Virus
  160. rem Kaspersky Security Cloud Performance - Settings - Additional - uncheck Inject script into web traffic / Do not scan encrypted connections
  161. rem Symantec Noscript (disable WSH when run as admin) - http://www.symantec.com/avcenter/noscript.exe
  162.  
  163. rem AntiVirus software (Cloud only)
  164. rem Immunet (US) - http://www.immunet.com/index
  165. rem Panda (ES) (it has to be updated manually to the latest version) - https://www.pandasecurity.com/usa/homeusers/solutions/free-antivirus
  166. rem Panda Setup - Uncheck Install Panda Safe Web
  167. rem Panda Performance - Settings - General - Disable Panda news / Antivirus - Block files for 10 seconds/Disable show warning/Process Monitor - Disable both
  168.  
  169. rem AntiVirus software - additional protecion (can be run alongisde of realtime AV)
  170. rem Immunet - http://www.immunet.com/index
  171. rem OSArmor - https://www.novirusthanks.org/products/osarmor
  172. rem SecureAPlus Freemium (SG) - https://www.secureaplus.com/download - https://www.secureaplus.com/download/free-extension
  173. rem VoodooShield (US) - https://voodooshield.com
  174.  
  175. rem Browser Extensions useful against (99% malware comes via an email or a browser)
  176. rem Adult Content (Chrome/Firefox) - http://www.cloudacl.com/antiporn
  177. rem CDN (Chrome/Firefox/Opera) - https://decentraleyes.org
  178. rem Coinhive, Malware and Popups (Chrome/Firefox/Opera) - https://add0n.com/popup-blocker.html
  179. rem Cookie Warnings (Chrome/Firefox/Opera) - https://www.i-dont-care-about-cookies.eu
  180. rem Filter Lists - https://filterlists.com - https://energized.pro
  181. rem Malware (Chrome/Firefox/Opera) - https://www.bitdefender.com/solutions/trafficlight.html
  182. rem Malware (Chrome/Firefox) (Privacy-sends URL in hash instead of txt) - https://chrome.google.com/webstore/detail/emsisoft-browser-security/jfofijpkapingknllefalncmbiienkab
  183. rem Phishing (Chrome/Firefox/Opera) - https://toolbar.netcraft.com
  184. rem Punycode Domains (Chrome/Firefox/Opera) - https://github.com/AykutCevik/IDN-Safe
  185. rem Tracking (Chrome/Firefox/Opera) - https://www.eff.org/privacybadger
  186. rem (Install Chrome Extensions in Opera) - https://addons.opera.com/en/extensions/details/install-chrome-extensions
  187.  
  188. rem Cleanup software
  189. rem Driver Store Explorer - https://github.com/lostindark/DriverStoreExplorer/releases
  190. rem Geek Uninstaller - https://geekuninstaller.com
  191. rem Wise Disk Cleaner - http://www.wisecleaner.com/wise-disk-cleaner.html
  192. rem Wise Registry Cleaner - http://www.wisecleaner.com/wise-registry-cleaner.html
  193.  
  194. rem Firewall software
  195. rem FortKnox Firewall (SK) - http://fortknox-firewall.com
  196. rem Zone Alarm Firewall (IL) - http://www.zonealarm.com/software/free-firewall
  197.  
  198. rem Firewall software using Windows Firewall
  199. rem Glasswire (US) - https://www.glasswire.com
  200. rem Windows 10 Firewall Control (US) - http://www.sphinx-soft.com/Vista/order.html
  201.  
  202. rem Sandbox software
  203. rem 360 Total Security Essential (CN) - https://www.360totalsecurity.com/en/features/360-total-security-essential
  204. rem Shade Sandbox (US) - http://www.shadesandbox.com
  205. rem Sandboxie (US) - https://www.sandboxie.com
  206.  
  207. rem Security cleanup software (portable on-demand scanners)
  208. rem ESET SysRescue Live (SK) - https://www.eset.com/int/support/sysrescue
  209. rem Dr.Web CureIt (RU) - https://free.drweb.com/download+cureit+free
  210. rem Kaspersky Virus Removal Tool (RU) - https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool
  211. rem RKill (BleepingComputer) - https://www.bleepingcomputer.com/download/rkill/
  212.  
  213. rem Software
  214. rem Application Updates / Patch My PC - https://patchmypc.net
  215. rem Bandwidth Meter / NetTraffic - https://www.venea.net/web/nettraffic
  216. rem Bootable USB / Universal USB Installer - https://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3
  217. rem Bootloader / EasyBCD - https://www.softpedia.com/get/System/OS-Enhancements/EasyBCD.shtml
  218. rem Bootloader / EasyUEFI - https://www.softpedia.com/get/System/Boot-Manager-Disk/EasyUEFI.shtml
  219. rem Browser / Yandex.Browser - https://browser.yandex.com/security
  220. rem Calc / Old Calculator - https://winaero.com/download.php?view.1795
  221. rem Compact/Compress Files / Compact GUI - https://github.com/ImminentFate/CompactGUI
  222. rem Computer Management / NirLauncher - http://launcher.nirsoft.net
  223. rem CPU Info / CPU-Z - https://www.cpuid.com/softwares/cpu-z.html
  224. rem CPU Test / Prime95 - https://www.mersenne.org/download
  225. rem Data Recovery / DMDE Free Edition - https://dmde.com/download.html - https://www.techradar.com/how-to/computing/how-to-recover-lost-or-deleted-files-1307921/2
  226. rem Directx 9.0 Runtimes / DirectX Redistributable June 2010 - http://www.softpedia.com/get/System/OS-Enhancements/DirectX-9.0c-Redistributable.shtml
  227. rem Disc to MKV / MakeMKV Beta - http://www.makemkv.com/download / Key - https://www.makemkv.com/forum2/viewtopic.php?f=5&t=1053
  228. rem Disk Info / CrystalDiskInfo - https://crystalmark.info/en/software/crystaldiskinfo
  229. rem Disk Scan / HDDScan - http://hddscan.com
  230. rem Disk Space Usage / WizTree - https://antibody-software.com/web/software/software/wiztree-finds-the-files-and-folders-using-the-most-disk-space-on-your-hard-drive
  231. rem Disk Speed Test / CCSIO Benchmark - https://ccsiobench.com
  232. rem Disk Surface Test / Macrorit Disk Scanner - https://macrorit.com/disk-surface-test/disk-surface-test.html
  233. rem Driver Updates / Driver Easy - https://www.drivereasy.com
  234. rem eMail Client / POP Peeper - https://www.esumsoft.com/products/pop-peeper
  235. rem File Archiver / 7-zip - https://www.7-zip.org
  236. rem GPU Info / GPU-Z - https://www.techpowerup.com/gpuz
  237. rem GPU Test / Furmark - https://geeks3d.com/furmark
  238. rem Hardware Information / HWiNFO - https://www.hwinfo.com/download.php
  239. rem Hardware Monitor / HWMonitor - https://www.cpuid.com/softwares/hwmonitor.html
  240. rem Image Viewer / XnView - https://www.xnview.com/en/xnview/#downloads
  241. rem Media Player / MPC-HC - https://www.codecguide.com/download_k-lite_codec_pack_mega.htm
  242. rem Network Optimization / TCP Optimizer - https://www.speedguide.net/downloads.php
  243. rem Network Settings Manager / NetSetMan - https://www.netsetman.com/en/freeware
  244. rem Office Suite / FreeOffice - https://www.freeoffice.com/en/freeoffice
  245. rem Paint / Classic Paint - https://winaero.com/blog/download-classic-paint-windows-10
  246. rem Partition Manager / Macrorit Partition Expert - https://macrorit.com/partition-magic-manager/free-edition.html
  247. rem Password Manager (Offline) / KeePass Professional Edition - https://keepass.info/download.html
  248. rem Password Manager (Online) / Bitwarden - https://bitwarden.com
  249. rem PDF Viewer / Sumatra PDF - https://www.sumatrapdfreader.org/free-pdf-reader.html
  250. rem Performance / DPC Latency Checker - https://www.thesycon.de/eng/latency_check.shtml
  251. rem Performance / LatencyMon - http://www.resplendence.com/latencymon
  252. rem Performance / Process Lasso - https://bitsum.com
  253. rem Performance / Windows System Timer Tool - https://vvvv.org/contribution/windows-system-timer-tool
  254. rem Permissions / Reset permissions/Take Ownership - http://lallouslab.net/2013/08/26/resetting-ntfs-files-permission-in-windows-graphical-utility/
  255. rem Process Monitor / Process Monitor - https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx
  256. rem Radio / Odio - https://www.odio.io
  257. rem RAM Fix / Intelligent standby list cleaner (+Timer Resolution) - https://www.wagnardsoft.com/content/intelligent-standby-list-cleaner-v1000-released
  258. rem RAM Free / Mem Reduct - https://www.henrypp.org/product/memreduct
  259. rem RAM Disk / AMD Radeon RAMDisk (4GB) - http://www.radeonramdisk.com/software_downloads.php
  260. rem RAM Disk / ImDisk Toolkit (Unlimited/Unsigned) - https://sourceforge.net/projects/imdisk-toolkit
  261. rem RAM Info / RAMExpert - http://www.kcsoftwares.com/?ramexpert
  262. rem RAM Test / Memtest (run one process per each 2GB) - https://hcidesign.com/memtest
  263. rem Remote Support / TeamViewer - https://www.teamviewer.com/en/download/windows
  264. rem Remove Locked File/Folder / LockHunter - https://lockhunter.com
  265. rem Screen Recorder / FlashBack Express - https://www.flashbackrecorder.com/express
  266. rem Search / UltraSearch - https://www.jam-software.com/ultrasearch
  267. rem Startup Manager / Autoruns - https://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
  268. rem System Imaging / AOMEI Backupper Standard - https://www.aomeitech.com/ab/standard.html
  269. rem Task Manager / Process Hacker - https://wj32.org/processhacker/nightly.php
  270. rem Undervolting / ThrottleStop - https://www.techpowerup.com/download/techpowerup-throttlestop
  271. rem Visual C++ / AIO Repack - https://pastebin.com/raw/46rfrtBv
  272. rem Visual C++ / Latest Visual C++ Downloads - https://support.microsoft.com/en-au/help/2977003/the-latest-supported-visual-c-downloads
  273. rem Wallpaper - Live / Wallpaper Engine - https://store.steampowered.com/app/431960
  274. rem Windows Explorer Tabs / Clover - http://en.ejie.me
  275. rem Windows Tweaks / Ultimate Windows Tweaker - https://www.thewindowsclub.com/ultimate-windows-tweaker-4-windows-10
  276. rem Windows Tweaks / Winaero Tweaker - https://winaero.com/comment.php?comment.news.1836
  277. rem Windows Updates / Windows Update Manager - https://github.com/DavidXanatos/wumgr/releases
  278. rem Windows Updates Email Alerts / Microsoft Technical Security Notifications - https://www.microsoft.com/en-us/msrc/technical-security-notifications
  279.  
  280.  
  281. rem ============= Remove various files, folders, startup entries and policies ==============
  282.  
  283.  
  284. rem Take ownership of Desktop
  285. takeown /s %computername% /u %username% /f "%SystemDrive%\Users\Public\Desktop" /r /d y
  286. icacls "%SystemDrive%\Users\Public\Desktop" /grant:r %username%:(OI)(CI)F /t /l /q /c
  287. takeown /s %computername% /u %username% /f "%USERPROFILE%\Desktop" /r /d y
  288. icacls "%USERPROFILE%\Desktop" /grant:r %username%:(OI)(CI)F /t /l /q /c
  289.  
  290. rem Remove user account
  291. net user defaultuser0 /delete
  292.  
  293. rem Remove random files/folders - https://github.com/MoscaDotTo/Winapp2/blob/master/Winapp3/Winapp3.ini
  294. del "%AppData%\Microsoft\Windows\Recent\*" /s /f /q
  295. del "%WINDIR%\System32\sru\*" /s /f /q
  296. rd "%SystemDrive%\AMD" /s /q
  297. rd "%SystemDrive%\PerfLogs" /s /q
  298. rd "%SystemDrive%\Recovery" /s /q
  299. rd "%ProgramData%\Microsoft\Diagnosis" /s /q
  300. rd "%ProgramData%\Microsoft\Search" /s /q
  301. rd "%ProgramData%\Microsoft\Windows Security Health" /s /q
  302. rd "%AppData%\ArtifexMundi\SparkPromo" /s /q
  303. rd "%LocalAppData%\MicrosoftEdge" /s /q
  304. rd "%LocalAppData%\Microsoft\Internet Explorer" /s /q
  305. rd "%LocalAppData%\Microsoft\Windows\AppCache" /s /q
  306. rd "%LocalAppData%\Microsoft\Windows\History" /s /q
  307. rd "%LocalAppData%\Microsoft\Windows\IECompatCache" /s /q
  308. rd "%LocalAppData%\Microsoft\Windows\IECompatUaCache" /s /q
  309. rd "%LocalAppData%\Microsoft\Windows\INetCache" /s /q
  310. rd "%LocalAppData%\Microsoft\Windows\INetCookies" /s /q
  311. rd "%LocalAppData%\Microsoft\Windows\WebCache" /s /q
  312. rd "%LocalAppData%\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\AppData\Indexed DB" /s /q
  313. rd "C:\Users\Mikai\3D Objects" /s /q
  314. rem rd "C:\Users\Mikai\Documents" /s /q
  315. rd "C:\Users\Mikai\Favorites" /s /q
  316. rd "C:\Users\Mikai\Links" /s /q
  317. rd "C:\Users\Mikai\Music" /s /q
  318. rd "C:\Users\Mikai\Searches" /s /q
  319.  
  320. rem Remove/Rebuild Font Cache
  321. del "%WinDir%\ServiceProfiles\LocalService\AppData\Local\FontCache\*FontCache*"/s /f /q
  322. del "%WinDir%\System32\FNTCACHE.DAT" /s /f /q
  323.  
  324. rem Remove Windows Powershell (to restore run "sfc /scannow")
  325. rem http://www.malwaretech.com/2017/02/lets-unpack-dridex-loader.html
  326. rem https://blog.netspi.com/15-ways-to-bypass-the-powershell-execution-policy
  327. rem https://www.mrg-effitas.com/current-state-of-malicious-powershell-script-blocking
  328. rem https://enigma0x3.net/2016/08/15/fileless-uac-bypass-using-eventvwr-exe-and-registry-hijacking
  329. taskkill /im PowerShell.exe /f
  330. taskkill /im PowerShell_ISE.exe /f
  331. takeown /s %computername% /u %username% /f "%ProgramFiles%\WindowsPowerShell"
  332. icacls "%ProgramFiles%\WindowsPowerShell" /grant:r %username%:(OI)(CI)F /t /l /q /c
  333. rd "%ProgramFiles%\WindowsPowerShell" /s /q
  334. takeown /s %computername% /u %username% /f "%ProgramFiles(x86)%\WindowsPowerShell"
  335. icacls "%ProgramFiles(x86)%\WindowsPowerShell" /grant:r %username%:(OI)(CI)F /t /l /q /c
  336. rd "%ProgramFiles(x86)%\WindowsPowerShell" /s /q
  337. takeown /s %computername% /u %username% /f "%WinDir%\System32\WindowsPowerShell"
  338. icacls "%WinDir%\System32\WindowsPowerShell" /grant:r %username%:(OI)(CI)F /t /l /q /c
  339. rd "%WinDir%\System32\WindowsPowerShell" /s /q
  340. takeown /s %computername% /u %username% /f "%WinDir%\SysWOW64\WindowsPowerShell"
  341. icacls "%WinDir%\SysWOW64\WindowsPowerShell" /grant:r %username%:(OI)(CI)F /t /l /q /c
  342. rd "%WinDir%\SysWOW64\WindowsPowerShell" /s /q
  343.  
  344. rem Remove Startup Folders
  345. takeown /s %computername% /u %username% /f "%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup"
  346. icacls "%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup" /grant:r %username%:(OI)(CI)F /t /l /q /c
  347. del "%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup\*" /s /f /q
  348. del "%AppData%\Microsoft\Windows\Start Menu\Programs\Startup\*" /s /f /q
  349.  
  350. rem Remove random reg keys (Startup/Privacy/Policies/Malware related)
  351. reg delete "HKCU\Software\Microsoft\Command Processor" /v "AutoRun" /f
  352. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /f
  353. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU" /f
  354. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved" /f
  355. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\TypedPaths" /f
  356. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery" /f
  357. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\PackagedAppXDebug" /f
  358. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies" /f
  359. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /f
  360. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" /f
  361. reg delete "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v "Load" /f
  362. reg delete "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /f
  363. reg delete "HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" /f
  364. reg delete "HKCU\Software\Policies" /f
  365. reg delete "HKLM\Software\Microsoft\Command Processor" /v "AutoRun" /f
  366. reg delete "HKLM\Software\Microsoft\Policies" /f
  367. reg delete "HKLM\Software\Microsoft\Tracing" /f
  368. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\AppModelUnlock" /f
  369. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" /f
  370. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler" /f
  371. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" /f
  372. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved" /f
  373. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies" /f
  374. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /f
  375. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce" /f
  376. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx" /f
  377. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" /f
  378. reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
  379. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Font Drivers" /f
  380. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /f
  381. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server" /f
  382. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows" /v "AppInit_DLLs" /f
  383. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /f
  384. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /f
  385. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "VMApplet" /f
  386. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells" /f
  387. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" /f
  388. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman" /f
  389. reg delete "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit" /f
  390. reg delete "HKLM\Software\Policies" /f
  391. reg delete "HKLM\Software\WOW6432Node\Microsoft\Policies" /f
  392. reg delete "HKLM\Software\WOW6432Node\Microsoft\Tracing" /f
  393. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" /f
  394. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" /f
  395. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce" /f
  396. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnceEx" /f
  397. reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies" /f
  398. reg delete "HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /f
  399. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /f
  400. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows" /v "AppInit_DLLs" /f
  401. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /f
  402. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /f
  403. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "VMApplet" /f
  404. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\AlternateShells" /f
  405. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" /f
  406. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman" /f
  407. reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit" /f
  408. reg delete "HKLM\Software\WOW6432Node\Policies" /f
  409. reg delete "HKLM\System\CurrentControlSet\Control\Keyboard Layout" /v "Scancode Map" /f
  410. reg delete "HKLM\System\CurrentControlSet\Control\SafeBoot" /v "AlternateShell" /f
  411. reg delete "HKLM\System\CurrentControlSet\Control\SecurePipeServers\winreg" /f
  412. reg delete "HKLM\System\CurrentControlSet\Control\Session Manager" /v "BootExecute" /f
  413. reg delete "HKLM\System\CurrentControlSet\Control\Session Manager" /v "Execute" /f
  414. reg delete "HKLM\System\CurrentControlSet\Control\Session Manager" /v "SETUPEXECUTE" /f
  415. reg delete "HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd" /v "StartupPrograms" /f
  416.  
  417.  
  418. rem =========================== Restore essential startup entries ==========================
  419.  
  420.  
  421. rem Run bcdedit command to check for the current status / Yes = True / No = False
  422. rem https://msdn.microsoft.com/en-us/library/windows/hardware/ff542202(v=vs.85).aspx
  423. bcdedit /deletevalue {current} safeboot
  424. bcdedit /deletevalue {current} safebootalternateshell
  425. bcdedit /deletevalue {current} removememory
  426. bcdedit /deletevalue {current} truncatememory
  427. bcdedit /deletevalue {current} useplatformclock
  428. bcdedit /deletevalue {default} safeboot
  429. bcdedit /deletevalue {default} safebootalternateshell
  430. bcdedit /deletevalue {default} removememory
  431. bcdedit /deletevalue {default} truncatememory
  432. bcdedit /deletevalue {default} useplatformclock
  433. bcdedit /set {bootmgr} displaybootmenu no
  434. bcdedit /set {current} advancedoptions false
  435. bcdedit /set {current} bootems no
  436. bcdedit /set {current} bootmenupolicy legacy
  437. bcdedit /set {current} bootstatuspolicy IgnoreAllFailures
  438. bcdedit /set {current} disabledynamictick yes
  439. bcdedit /set {current} recoveryenabled no
  440. bcdedit /set {default} advancedoptions false
  441. bcdedit /set {default} bootems no
  442. bcdedit /set {default} bootmenupolicy legacy
  443. bcdedit /set {default} bootstatuspolicy IgnoreAllFailures
  444. bcdedit /set {default} disabledynamictick yes
  445. bcdedit /set {default} recoveryenabled no
  446.  
  447. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "7 Taskbar Tweaker" /t REG_SZ /d "\"%AppData%\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe\" -hidewnd" /f
  448. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "POP Peeper" /t REG_SZ /d "\"%ProgramFiles% (x86)\POP Peeper\poppeeper.exe\" -min" /f
  449. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Run" /v "EvtMgr6" /t REG_SZ /d "%ProgramFiles%\Logitech\SetPointP\SetPoint.exe" /f
  450. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /t REG_SZ /d "explorer.exe" /f
  451. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Userinit" /t REG_SZ /d "C:\Windows\System32\userinit.exe," /f
  452. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "Shell" /t REG_SZ /d "explorer.exe" /f
  453. reg add "HKLM\System\CurrentControlSet\Control\Session Manager" /v "BootExecute" /t REG_MULTI_SZ /d "autocheck autochk *" /f
  454. reg add "HKLM\System\CurrentControlSet\Control\Session Manager" /v "SETUPEXECUTE" /t REG_MULTI_SZ /d "" /f
  455.  
  456.  
  457. rem =================================== Software Setup =====================================
  458.  
  459.  
  460. rem 7-zip
  461. reg add "HKCU\Software\7-Zip\Compression" /v "Archiver" /t "REG_SZ" /d "7z" /f
  462. reg add "HKCU\Software\7-Zip\Compression" /v "Level" /t "REG_DWORD" /d "9" /f
  463. reg add "HKCU\Software\7-Zip\Compression\Options\7z" /v "Level" /t "REG_DWORD" /d "9" /f
  464. reg add "HKCU\Software\7-Zip\Options" /v "CascadedMenu" /t "REG_DWORD" /d "1" /f
  465. reg add "HKCU\Software\7-Zip\Options" /v "ContextMenu" /t "REG_DWORD" /d "262" /f
  466.  
  467. rem 7+ Taskbar Tweaker
  468. reg add "HKCU\Software\7 Taskbar Tweaker" /v "hidetray" /t "REG_DWORD" /d "1" /f
  469. reg add "HKCU\Software\7 Taskbar Tweaker" /v "updcheck" /t "REG_DWORD" /d "0" /f
  470. reg add "HKCU\Software\7 Taskbar Tweaker" /v "updcheckauto" /t "REG_DWORD" /d "0" /f
  471. reg add "HKCU\Software\7 Taskbar Tweaker\OptionsEx" /v "w10_large_icons" /t "REG_DWORD" /d "1" /f
  472.  
  473. rem Logitech Setpoint
  474. taskkill /im LogiAppBroker.exe /f
  475. taskkill /im LogitechUpdate.exe /f
  476. taskkill /im LULnchr.exe /f
  477. taskkill /im KHALMNPR.exe /f
  478. taskkill /im Setpoint.exe /f
  479. del "%ProgramFiles%\Logitech\SetPointP\LogiAppBroker.exe" /s /f /q
  480. del "%ProgramFiles%\Logitech\SetPointP\msvcp110.dll" /s /f /q
  481. rd "%ProgramFiles%\Common Files\LogiShrd\sp6\LU1" /s /q
  482. rd "%ProgramFiles%\Common Files\LogiShrd\Unifying\LU" /s /q
  483.  
  484. rem Notepad
  485. reg add "HKCU\Software\Microsoft\Notepad" /v "iWindowPosDX" /t REG_DWORD /d "1934" /f
  486. reg add "HKCU\Software\Microsoft\Notepad" /v "iWindowPosDY" /t REG_DWORD /d "651" /f
  487. reg add "HKCU\Software\Microsoft\Notepad" /v "iWindowPosX" /t REG_DWORD /d "4294967289" /f
  488. reg add "HKCU\Software\Microsoft\Notepad" /v "iWindowPosY" /t REG_DWORD /d "436" /f
  489.  
  490. rem Regedit
  491. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit" /v "View" /t REG_BINARY /d "2c0000000000000001000000fffffffffffffffffffffffffffffffff8ffffff0000000086070000ee0100002f01000027010000780000002502000003000000" /f
  492.  
  493. rem TruckersMP
  494. rem takeown /s %computername% /u %username% /f "%ProgramData%\TruckersMP" /r /d y
  495. takeown /f "%ProgramData%\TruckersMP" /a
  496. reg add "HKLM\Software\TruckersMP" /v "InstallDir" /t REG_SZ /d "D:\TruckersMP Launcher" /f
  497. reg add "HKLM\Software\TruckersMP" /v "InstallLocationETS2" /t REG_SZ /d "D:\Steam\steamapps\common\Euro Truck Simulator 2" /f
  498.  
  499. rem XnView
  500. reg add "HKCU\Software\XnView" /v "UseRegistry" /t "REG_DWORD" /d "1" /f
  501. reg add "HKCU\Software\XnView\Browser" /v "ShowToolTips" /t "REG_DWORD" /d "0" /f
  502. reg add "HKCU\Software\XnView\Browser" /v "StartupDirectory" /t "REG_SZ" /d "%UserProfile%\Desktop" /f
  503. reg add "HKCU\Software\XnView\Browser" /v "StartupIn" /t "REG_DWORD" /d "2" /f
  504. reg add "HKCU\Software\XnView\Capture" /v "Delay" /t "REG_DWORD" /d "2" /f
  505. reg add "HKCU\Software\XnView\Capture" /v "Directory" /t "REG_SZ" /d "%UserProfile%\Desktop" /f
  506. reg add "HKCU\Software\XnView\Capture" /v "HotKey" /t "REG_DWORD" /d "9" /f
  507. reg add "HKCU\Software\XnView\Capture" /v "IncludeCursor" /t "REG_DWORD" /d "0" /f
  508. reg add "HKCU\Software\XnView\Capture" /v "Method" /t "REG_DWORD" /d "0" /f
  509. reg add "HKCU\Software\XnView\Capture" /v "Multiple" /t "REG_DWORD" /d "1" /f
  510. reg add "HKCU\Software\XnView\Capture" /v "SaveIntoFile" /t "REG_DWORD" /d "1" /f
  511. reg add "HKCU\Software\XnView\Start" /v "MaximizeXnviewAtStartup" /t "REG_DWORD" /d "1" /f
  512. reg add "HKCU\Software\XnView\Start" /v "OnlyOneInstance" /t "REG_DWORD" /d "1" /f
  513. reg add "HKCU\Software\XnView\Start" /v "PathSave" /t "REG_SZ" /d "%UserProfile%\Desktop" /f
  514. reg add "HKCU\Software\XnView\Start" /v "SavePosition" /t "REG_DWORD" /d "0" /f
  515. reg add "HKCU\Software\XnView\Start" /v "ShowSaveDlg" /t "REG_DWORD" /d "0" /f
  516.  
  517.  
  518. rem =========================== Windows Setup plus Manual Config ===========================
  519.  
  520.  
  521. rem Windows Setup 1 (Basics plus Manual software install) - https://pastebin.com/CKQed9ZX
  522. rem Windows Setup 2 (Install drivers/software plus Manual Config) - https://pastebin.com/Lxe09qsU
  523. rem Disable Windows Defender - https://pastebin.com/kYCVzZPz (run twice to disable WD services, but disable tamper protection first)
  524.  
  525.  
  526. rem ==================================== Windows Drivers ===================================
  527.  
  528.  
  529. rem It is not possible to uninstall network adapters since 1803
  530. rem https://social.technet.microsoft.com/Forums/en-US/38e53f34-a607-4368-9d9b-7acba1d32b80/cannot-uninstall-protocols-such-as-client-for-microsoft-networks
  531.  
  532. rem AF-UNIX socket provider / Default - 1
  533. reg add "HKLM\System\CurrentControlSet\Services\afunix" /v "Start" /t REG_DWORD /d "4" /f
  534.  
  535. rem Background Activity Moderator Driver / Default - 1
  536. reg add "HKLM\System\CurrentControlSet\Services\bam" /v "Start" /t REG_DWORD /d "4" /f
  537.  
  538. rem CD-ROM Driver / Default - 1
  539. reg add "HKLM\System\CurrentControlSet\Services\cdrom" /v "Start" /t REG_DWORD /d "4" /f
  540.  
  541. rem Link-Layer Topology Discovery Responder / Default - 2
  542. reg add "HKLM\System\CurrentControlSet\Services\rspndr" /v "Start" /t REG_DWORD /d "4" /f
  543.  
  544. rem Link-Layer Topology Discovery Mapper I/O Driver / Default - 2
  545. reg add "HKLM\System\CurrentControlSet\Services\lltdio" /v "Start" /t REG_DWORD /d "4" /f
  546.  
  547. rem Microsoft LLDP Protocol Driver / Default - 2
  548. reg add "HKLM\System\CurrentControlSet\Services\MsLldp" /v "Start" /t REG_DWORD /d "4" /f
  549.  
  550. rem Microsoft Hyper-V Virtualization Infrastructure Driver / Default - 3
  551. reg add "HKLM\System\CurrentControlSet\Services\Vid" /v "Start" /t REG_DWORD /d "4" /f
  552.  
  553. rem Microsoft Virtual Network Adapter Enumerator / Default - 3
  554. reg add "HKLM\System\CurrentControlSet\Services\NdisVirtualBus" /v "Start" /t REG_DWORD /d "4" /f
  555.  
  556. rem NativeWifi Miniport Driver / Default - 3
  557. reg add "HKLM\System\CurrentControlSet\Services\NativeWifiP" /v "Start" /t REG_DWORD /d "4" /f
  558.  
  559. rem QoS for storage I/O traffic / Default - 2
  560. reg add "HKLM\System\CurrentControlSet\Services\storqosflt" /v "Start" /t REG_DWORD /d "4" /f
  561.  
  562. rem QoS Multimeda Class Scheduler / Default - 2
  563. reg add "HKLM\System\CurrentControlSet\Services\MMCSS" /v "Start" /t REG_DWORD /d "4" /f
  564.  
  565. rem QoS Packet Scheduler / Default - 1
  566. reg add "HKLM\System\CurrentControlSet\Services\Psched" /v "Start" /t REG_DWORD /d "4" /f
  567.  
  568. rem Named pipe service trigger provider / Default - 1
  569. rem https://msdn.microsoft.com/en-us/library/windows/desktop/aa365590(v=vs.85).aspx
  570. reg add "HKLM\System\CurrentControlSet\Services\npsvctrig" /v "Start" /t REG_DWORD /d "4" /f
  571.  
  572. rem NetBIOS Interface / Default - 1
  573. reg add "HKLM\System\CurrentControlSet\Services\NetBIOS" /v "Start" /t REG_DWORD /d "4" /f
  574.  
  575. rem NetBIOS over TCP/IP / Default - 1
  576. reg add "HKLM\System\CurrentControlSet\Services\NetBT" /v "Start" /t REG_DWORD /d "4" /f
  577.  
  578. rem Remote Access IP ARP Driver / Default - 2
  579. reg add "HKLM\System\CurrentControlSet\Services\wanarp" /v "Start" /t REG_DWORD /d "4" /f
  580.  
  581. rem Remote Desktop Device Redirector Bus Driver / Default - 3
  582. reg add "HKLM\System\CurrentControlSet\Services\rdpbus" /v "Start" /t REG_DWORD /d "4" /f
  583.  
  584. rem System Guard Runtime Monitor Agent Driver / Default - 0
  585. rem https://www.reddit.com/r/PUBATTLEGROUNDS/comments/8jgz6g/disabling_control_flow_guard_in_windows_defender
  586. reg add "HKLM\System\CurrentControlSet\Services\SgrmAgent" /v "Start" /t REG_DWORD /d "4" /f
  587.  
  588. rem Storage Spaces Driver / Default - 0
  589. reg add "HKLM\System\CurrentControlSet\Services\spaceport" /v "Start" /t REG_DWORD /d "4" /f
  590.  
  591. rem The framework for network mini-redirectors / Default - 1
  592. rem https://docs.microsoft.com/en-us/windows-hardware/drivers/ifs/the-redirected-drive-buffering-subsystem
  593. reg add "HKLM\System\CurrentControlSet\Services\rdbss" /v "Start" /t REG_DWORD /d "4" /f
  594.  
  595. rem Virtual WiFi Filter Driver / Default - 1
  596. reg add "HKLM\System\CurrentControlSet\Services\vwififlt" /v "Start" /t REG_DWORD /d "4" /f
  597.  
  598.  
  599. rem =========================== Windows Defender Security Center ===========================
  600.  
  601.  
  602. rem ________________________________________________________________________________________
  603. rem https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0290
  604.  
  605. rem Windows Defender Security Center service
  606. reg add "HKLM\System\CurrentControlSet\Services\SecurityHealthService" /v "Start" /t REG_DWORD /d "4" /f
  607.  
  608.  
  609. rem =========================== Windows Defender Security Centre ===========================
  610. rem -------------------------------- App & browser control ---------------------------------
  611.  
  612. rem Off - Disable Windows SmartScreen / On - Enable Windows SmartScreen
  613. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "SmartScreenEnabled" /t REG_SZ /d "Off" /f
  614.  
  615. rem 0 - Disable SmartScreen Filter in Microsoft Edge / 1 - Enable
  616. reg add "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\PhishingFilter" /v "EnabledV9" /t REG_DWORD /d "0" /f
  617.  
  618. rem 0 - Disable Windows SmartScreen for Windows Store Apps / 1 - Enable
  619. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\AppHost" /v "EnableWebContentEvaluation" /t "REG_DWORD" /d "0" /f
  620.  
  621. rem ________________________________________________________________________________________
  622. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "EnableSmartScreen" /t "REG_DWORD" /d "0" /f
  623. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControl" /t REG_SZ /d "Anywhere" /f
  624. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SmartScreen" /v "ConfigureAppInstallControlEnabled" /t "REG_DWORD" /d "0" /f
  625.  
  626. rem Remove Smartscreen (to restore run "sfc /scannow")
  627. takeown /s %computername% /u %username% /f "%WinDir%\System32\smartscreen.exe"
  628. icacls "%WinDir%\System32\smartscreen.exe" /grant:r %username%:F
  629. taskkill /im smartscreen.exe /f
  630. del "%WinDir%\System32\smartscreen.exe" /s /f /q
  631.  
  632.  
  633. rem =========================== Windows Defender Security Center ===========================
  634. rem ----------------------------- Device performance & health ------------------------------
  635.  
  636. rem ________________________________________________________________________________________
  637. rem Specifies how the System responds when a user tries to install device driver files that are not digitally signed / 00 - Ignore / 01 - Warn / 02 - Block
  638. reg add "HKLM\Software\Microsoft\Driver Signing" /v "Policy" /t REG_BINARY /d "01" /f
  639.  
  640. rem Prevent device metadata retrieval from the Internet / Do not automatically download manufacturers’ apps and custom icons available for your devices
  641. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Device Metadata" /v "PreventDeviceMetadataFromNetwork" /t REG_DWORD /d "1" /f
  642. sc config DsmSvc start= disabled
  643.  
  644. rem Do you want Windows to download driver Software / 0 - Never / 1 - Allways / 2 - Install driver Software, if it is not found on my computer
  645. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DriverSearching" /v "SearchOrderConfig" /t REG_DWORD /d "0" /f
  646.  
  647. rem Specify search order for device driver source locations
  648. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DriverSearching" /v "DontSearchWindowsUpdate" /t REG_DWORD /d "1" /f
  649. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DriverSearching" /v "DriverUpdateWizardWuSearchEnabled" /t REG_DWORD /d "0" /f
  650.  
  651. rem 1 - Disable driver updates in Windows Update
  652. reg add "HKLM\Software\Microsoft\PolicyManager\current\device\Update" /v "ExcludeWUDriversInQualityUpdate" /t REG_DWORD /d "1" /f
  653. reg add "HKLM\Software\Microsoft\PolicyManager\default\device\Update" /v "ExcludeWUDriversInQualityUpdate" /t REG_DWORD /d "1" /f
  654. reg add "HKLM\Software\Microsoft\WindowsUpdate\UX\Settings" /v "ExcludeWUDriversInQualityUpdate" /t REG_DWORD /d "1" /f
  655. reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate" /v "ExcludeWUDriversInQualityUpdate" /t REG_DWORD /d "1" /f
  656.  
  657. rem Avoid the driver signing enforcement for EV cert / SHA256 Microsoft Windows signed drivers which is further enforced via Secure Boot
  658. rem reg add "HKLM\System\ControlSet001\Control\CI\Policy" /v "UpgradedSystem" /t REG_DWORD /d "1" /f
  659.  
  660.  
  661. rem =========================== Windows Defender Security Center ===========================
  662. rem ------------------------------------ Family Options ------------------------------------
  663.  
  664. rem ________________________________________________________________________________________
  665. schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyMonitor" /Disable
  666. schtasks /Change /TN "Microsoft\Windows\Shell\FamilySafetyRefreshTask" /Disable
  667.  
  668.  
  669. rem =========================== Windows Defender Security Center ===========================
  670. rem ---------------------------- Firewall & network protection -----------------------------
  671.  
  672. rem Enable Windows Firewall / AllProfiles / CurrentProfile / DomainProfile / PrivateProfile / PublicProfile
  673. rem https://technet.microsoft.com/en-us/library/cc771920(v=ws.10).aspx
  674. netsh advfirewall set allprofiles state on
  675.  
  676. rem Block all inbound network traffic and all outbound except allowed apps
  677. netsh advfirewall set DomainProfile firewallpolicy blockinboundalways,blockoutbound
  678. netsh advfirewall set PrivateProfile firewallpolicy blockinboundalways,blockoutbound
  679. netsh advfirewall set PublicProfile firewallpolicy blockinboundalways,blockoutbound
  680.  
  681. rem Remove All Windows Firewall Rules
  682. netsh advfirewall firewall delete rule name=all
  683. rem reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /f
  684.  
  685. rem Windows Firewall Rules
  686. rem netsh advfirewall firewall add rule name="telemetry_watson.telemetry.microsoft.com" dir=out action=block remoteip=65.55.252.43,65.52.108.29 enable=yes
  687. netsh advfirewall firewall add rule name="COD MW2 DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"
  688. netsh advfirewall firewall add rule name="COD MW2 TCP" dir=out action=allow protocol=TCP remoteport=27015 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"
  689. netsh advfirewall firewall add rule name="COD MW2 UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"
  690. netsh advfirewall firewall add rule name="COD MW3 DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe"
  691. netsh advfirewall firewall add rule name="COD MW3 TCP" dir=out action=allow protocol=TCP remoteport=3074 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe"
  692. netsh advfirewall firewall add rule name="COD MW3 UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="D:\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe"
  693. netsh advfirewall firewall add rule name="Discord DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="Z:\Discord\app-0.0.305\Discord.exe"
  694. netsh advfirewall firewall add rule name="Discord TCP" dir=out action=allow protocol=TCP remoteport=443 program="Z:\Discord\app-0.0.305\Discord.exe"
  695. netsh advfirewall firewall add rule name="Discord UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="Z:\Discord\app-0.0.305\Discord.exe"
  696. netsh advfirewall firewall add rule name="Discord Update DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="Z:\Discord\Update.exe"
  697. netsh advfirewall firewall add rule name="Discord Update TCP" dir=out action=allow protocol=TCP remoteport=443 program="Z:\Discord\Update.exe"
  698. netsh advfirewall firewall add rule name="DriverEasy DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="%ProgramFiles%\Easeware\DriverEasy\DriverEasy.exe"
  699. netsh advfirewall firewall add rule name="DriverEasy TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="%ProgramFiles%\Easeware\DriverEasy\DriverEasy.exe"
  700. netsh advfirewall firewall add rule name="ETS2 DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe"
  701. netsh advfirewall firewall add rule name="ETS2 TCP" dir=out action=allow protocol=TCP remoteport=80,443,4455 program="D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe"
  702. netsh advfirewall firewall add rule name="ETS2 UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="D:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe"
  703. netsh advfirewall firewall add rule name="ETS2 MP DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\TruckersMP Launcher\Launcher.exe"
  704. netsh advfirewall firewall add rule name="ETS2 MP TCP" dir=out action=allow protocol=TCP remoteip=104.16.0.0-104.31.255.255 remoteport=80 program="D:\TruckersMP Launcher\Launcher.exe"
  705. netsh advfirewall firewall add rule name="ETS2 MP UDP" dir=out action=allow protocol=UDP remoteip=0.0.0.0 remoteport=1025-65535 program="D:\TruckersMP Launcher\Launcher.exe"
  706. netsh advfirewall firewall add rule name="Hitman DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Steam\steamapps\common\HITMAN2\Retail\HITMAN2.exe"
  707. netsh advfirewall firewall add rule name="Hitman TCP" dir=out action=allow protocol=TCP remoteport=443 program="D:\Steam\steamapps\common\HITMAN2\Retail\HITMAN2.exe"
  708. netsh advfirewall firewall add rule name="IP Info DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\NirLauncher\NirSoft\ipnetinfo.exe"
  709. netsh advfirewall firewall add rule name="IP Info TCP" dir=out action=allow protocol=TCP remoteport=43 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\NirLauncher\NirSoft\ipnetinfo.exe"
  710. netsh advfirewall firewall add rule name="OBS DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="%ProgramFiles%\obs-studio\bin\64bit\obs64.exe"
  711. netsh advfirewall firewall add rule name="OBS TCP" dir=out action=allow protocol=TCP remoteport=443,1935 program="%ProgramFiles%\obs-studio\bin\64bit\obs64.exe"
  712. netsh advfirewall firewall add rule name="OBS Browser DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="%ProgramFiles%\obs-studio\bin\64bit\obs-browser-page.exe"
  713. netsh advfirewall firewall add rule name="OBS Browser TCP" dir=out action=allow protocol=TCP remoteport=443,1935 program="%ProgramFiles%\obs-studio\bin\64bit\obs-browser-page.exe"
  714. netsh advfirewall firewall add rule name="Odio DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\Custom Tools\Added Custom Tools\Odio\odio.exe"
  715. netsh advfirewall firewall add rule name="Odio TCP" dir=out action=allow protocol=TCP remoteport=80,443,1025-65535 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\Custom Tools\Added Custom Tools\Odio\odio.exe"
  716. netsh advfirewall firewall add rule name="Odio UDP" dir=out action=allow protocol=UDP remoteport=5355 remoteip=224.0.0.252 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\Custom Tools\Added Custom Tools\Odio\odio.exe"
  717. netsh advfirewall firewall add rule name="PatchMyPC DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\PatchMyPc\PatchMyPC.exe"
  718. netsh advfirewall firewall add rule name="PatchMyPC TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\PatchMyPc\PatchMyPC.exe"
  719. netsh advfirewall firewall add rule name="POP Peeper DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="%ProgramFiles(x86)%\POP Peeper\POPPeeper.exe"
  720. netsh advfirewall firewall add rule name="POP Peeper IMAP" dir=out action=allow protocol=TCP remoteip=94.100.176.0-94.100.183.255,217.69.136.0-217.69.141.255 remoteport=143,587 program="%ProgramFiles(x86)%\POP Peeper\POPPeeper.exe"
  721. netsh advfirewall firewall add rule name="Process Hacker DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="%ProgramFiles%\Process Hacker\ProcessHacker.exe"
  722. netsh advfirewall firewall add rule name="Process Hacker VT TCP" dir=out action=allow protocol=TCP remoteip=74.125.34.46 remoteport=443 program="%ProgramFiles%\Process Hacker\ProcessHacker.exe"
  723. rem netsh advfirewall firewall add rule name="Square Enix DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Steam\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe"
  724. rem netsh advfirewall firewall add rule name="Square Enix TCP" dir=out action=allow protocol=TCP remoteport=80,443,4455 program="D:\Steam\steamapps\common\Life is Strange - Before the Storm\Life is Strange - Before the Storm.exe"
  725. rem netsh advfirewall firewall add rule name="Svchost DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="%WINDIR%\System32\svchost.exe"
  726. rem netsh advfirewall firewall add rule name="Svchost TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="%WINDIR%\System32\svchost.exe"
  727. netsh advfirewall firewall add rule name="Steam DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Steam\Steam.exe"
  728. netsh advfirewall firewall add rule name="Steam TCP" dir=out action=allow protocol=TCP remoteport=80,443,27015-27030,27050 program="D:\Steam\Steam.exe"
  729. netsh advfirewall firewall add rule name="Steam UDP" dir=out action=allow protocol=UDP remoteport=1025-65535 program="D:\Steam\Steam.exe"
  730. netsh advfirewall firewall add rule name="Steam Web DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe"
  731. netsh advfirewall firewall add rule name="Steam Web TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe"
  732. netsh advfirewall firewall add rule name="Update Time DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\Custom Tools\Added Custom Tools\UpdateTime.exe"
  733. netsh advfirewall firewall add rule name="Update Time UDP" dir=out action=allow protocol=UDP remoteport=123 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Downloads\Custom Tools\Added Custom Tools\UpdateTime.exe"
  734. netsh advfirewall firewall add rule name="WRT DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Windows_Repair_Toolbox.exe"
  735. netsh advfirewall firewall add rule name="WRT TCP" dir=out action=allow protocol=TCP remoteport=80,443 program="D:\Software\Temp\Soft\Windows Repair Toolbox\Windows_Repair_Toolbox.exe"
  736. rem netsh advfirewall firewall add rule name="Yandex DNS" dir=out action=allow protocol=UDP remoteip=156.154.70.2,156.154.71.2 remoteport=53 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  737. netsh advfirewall firewall add rule name="Yandex DNS TCP" dir=out action=allow protocol=TCP remoteip=185.228.168.9,185.228.169.9 remoteport=8443 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  738. netsh advfirewall firewall add rule name="Yandex DNS UDP" dir=out action=allow protocol=UDP remoteip=77.88.8.78,185.228.168.9,185.228.169.9 remoteport=8443,15353 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  739. netsh advfirewall firewall add rule name="Yandex HTTP" dir=out action=allow protocol=TCP remoteport=80 remoteip=62.163.42.125,91.235.52.77,104.18.57.123,104.24.97.199,195.28.64.101,213.157.175.248 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  740. netsh advfirewall firewall add rule name="Yandex HTTPS" dir=out action=allow protocol=TCP remoteport=443 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  741. netsh advfirewall firewall add rule name="Yandex Sync" dir=out action=allow protocol=TCP remoteip=213.180.193.0-213.180.193.255 remoteport=443,5222 program="Z:\Yandex\YandexBrowser\Application\browser.exe"
  742.  
  743.  
  744. rem =========================== Windows Defender Security Center ===========================
  745. rem ------------------------------ Virus & threat protection -------------------------------
  746.  
  747. rem ________________________________________________________________________________________
  748. rem https://technet.microsoft.com/en-us/itpro/powershell/windows/defender/set-mppreference
  749. reg delete "HKLM\Software\Policies\Microsoft\Windows Defender" /f
  750. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableBehaviorMonitoring" /t REG_DWORD /d "1" /f
  751. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableIOAVProtection" /t REG_DWORD /d "1" /f
  752. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableOnAccessProtection" /t REG_DWORD /d "1" /f
  753. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableRealtimeMonitoring" /t REG_DWORD /d "1" /f
  754. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Real-Time Protection" /v "DisableScanOnRealtimeEnable" /t REG_DWORD /d "1" /f
  755. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\Reporting" /v "DisableEnhancedNotifications" /t REG_DWORD /d "1" /f
  756. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "DisableBlockAtFirstSeen" /t REG_DWORD /d "1" /f
  757. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "SpynetReporting" /t REG_DWORD /d "0" /f
  758. reg add "HKLM\Software\Policies\Microsoft\Windows Defender\SpyNet" /v "SubmitSamplesConsent" /t REG_DWORD /d "2" /f
  759.  
  760. rem Disable WD services (not really working since 1903, keeping it for reference)
  761. reg add "HKLM\System\CurrentControlSet\Services\WdBoot" /v "Start" /t REG_DWORD /d "4" /f
  762. reg add "HKLM\System\CurrentControlSet\Services\WdFilter" /v "Start" /t REG_DWORD /d "4" /f
  763. reg add "HKLM\System\CurrentControlSet\Services\WdNisDrv" /v "Start" /t REG_DWORD /d "4" /f
  764. reg add "HKLM\System\CurrentControlSet\Services\WdNisSvc" /v "Start" /t REG_DWORD /d "4" /f
  765. reg add "HKLM\System\CurrentControlSet\Services\WinDefend" /v "Start" /t REG_DWORD /d "4" /f
  766.  
  767. rem Disable Logging
  768. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderApiLogger" /v "Start" /t REG_DWORD /d "0" /f
  769. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DefenderAuditLogger" /v "Start" /t REG_DWORD /d "0" /f
  770.  
  771. rem Disable Tasks
  772. schtasks /Change /TN "Microsoft\Windows\ExploitGuard\ExploitGuard MDM policy Refresh" /Disable
  773. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance" /Disable
  774. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Cleanup" /Disable
  775. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan" /Disable
  776. schtasks /Change /TN "Microsoft\Windows\Windows Defender\Windows Defender Verification" /Disable
  777.  
  778. rem Remove context menu
  779. reg delete "HKCR\*\shellex\ContextMenuHandlers\EPP" /f
  780. reg delete "HKCR\Directory\shellex\ContextMenuHandlers\EPP" /f
  781. reg delete "HKCR\Drive\shellex\ContextMenuHandlers\EPP" /f
  782.  
  783.  
  784. rem =========================== Windows Defender Security Center ===========================
  785. rem ------------------------------ Virus & threat protection -------------------------------
  786. rem .......................... Virus & threat protection settings ..........................
  787.  
  788. rem 1 - Disable Real-time protection
  789. reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiSpyware" /t REG_DWORD /d "1" /f
  790. reg add "HKLM\Software\Policies\Microsoft\Windows Defender" /v "DisableAntiVirus" /t REG_DWORD /d "1" /f
  791.  
  792.  
  793. rem =================================== Windows Logging ====================================
  794.  
  795.  
  796. rem https://blogs.technet.microsoft.com/askperf/2009/10/04/windows-7-windows-server-2008-r2-unified-background-process-manager-ubpm
  797. rem https://msdn.microsoft.com/en-us/library/windows/desktop/aa363687(v=vs.85).aspx
  798. rem https://technet.microsoft.com/en-us/library/cc722404(v=ws.11).aspx
  799. rem DiagLog is required by Diagnostic Policy Service (Troubleshooting)
  800. rem EventLog-System/EventLog-Application are required by Windows Events Log Service
  801. rem perfmon
  802.  
  803. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\AppModel" /v "Start" /t REG_DWORD /d "0" /f
  804. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\AutoLogger-Diagtrack-Listener" /v "Start" /t REG_DWORD /d "0" /f
  805. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Cellcore" /v "Start" /t REG_DWORD /d "0" /f
  806. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Circular Kernel Context Logger" /v "Start" /t REG_DWORD /d "0" /f
  807. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\CShellCircular" /v "Start" /t REG_DWORD /d "0" /f
  808. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\CloudExperienceHostOobe" /v "Start" /t REG_DWORD /d "0" /f
  809. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\EventLog-Application" /v "Start" /t REG_DWORD /d "0" /f
  810. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\EventLog-Security" /v "Start" /t REG_DWORD /d "1" /f
  811. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\EventLog-System" /v "Start" /t REG_DWORD /d "0" /f
  812. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\DiagLog" /v "Start" /t REG_DWORD /d "0" /f
  813. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\FaceRecoTel" /v "Start" /t REG_DWORD /d "0" /f
  814. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\FaceUnlock" /v "Start" /t REG_DWORD /d "0" /f
  815. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\LwtNetLog" /v "Start" /t REG_DWORD /d "0" /f
  816. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Microsoft-Windows-Rdp-Graphics-RdpIdd-Trace" /v "Start" /t REG_DWORD /d "0" /f
  817. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\NtfsLog" /v "Start" /t REG_DWORD /d "0" /f
  818. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\ReadyBoot" /v "Start" /t REG_DWORD /d "0" /f
  819. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\TileStore" /v "Start" /t REG_DWORD /d "0" /f
  820. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\Tpm" /v "Start" /t REG_DWORD /d "0" /f
  821. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\UBPM" /v "Start" /t REG_DWORD /d "0" /f
  822. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\WdiContextLog" /v "Start" /t REG_DWORD /d "0" /f
  823. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\WiFiDriverIHVSession" /v "Start" /t REG_DWORD /d "0" /f
  824. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\WiFiSession" /v "Start" /t REG_DWORD /d "0" /f
  825. reg add "HKLM\System\CurrentControlSet\Control\WMI\Autologger\WinPhoneCritical" /v "Start" /t REG_DWORD /d "0" /f
  826.  
  827.  
  828. rem ================================ Windows Error Reporting ===============================
  829.  
  830.  
  831. rem https://docs.microsoft.com/en-us/windows/desktop/wer/wer-settings
  832.  
  833. rem Disable Microsoft Support Diagnostic Tool MSDT
  834. reg add "HKLM\Software\Policies\Microsoft\Windows\ScriptedDiagnosticsProvider\Policy" /v "DisableQueryRemoteServer" /t REG_DWORD /d "0" /f
  835. reg add "HKLM\Software\Policies\Microsoft\Windows\ScriptedDiagnosticsProvider\Policy" /v "EnableQueryRemoteServer" /t REG_DWORD /d "0" /f
  836.  
  837. rem Disable System Debugger (Dr. Watson)
  838. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\AeDebug" /v "Auto" /t REG_SZ /d "0" /f
  839.  
  840. rem 1 - Disable Windows Error Reporting (WER)
  841. reg add "HKLM\Software\Microsoft\PCHealth\ErrorReporting" /v "DoReport" /t REG_DWORD /d "0" /f
  842. reg add "HKLM\Software\Microsoft\PCHealth\ErrorReporting" /v "ShowUI" /t REG_DWORD /d "0" /f
  843. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f
  844. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f
  845. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Error Reporting" /v "Disabled" /t REG_DWORD /d "1" /f
  846.  
  847. rem DefaultConsent / 1 - Always ask (default) / 2 - Parameters only / 3 - Parameters and safe data / 4 - All data
  848. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting\Consent" /v "DefaultConsent" /t REG_DWORD /d "0" /f
  849. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting\Consent" /v "DefaultOverrideBehavior" /t REG_DWORD /d "1" /f
  850. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\Consent" /v "DefaultConsent" /t REG_DWORD /d "0" /f
  851. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting\Consent" /v "DefaultOverrideBehavior" /t REG_DWORD /d "1" /f
  852.  
  853. rem 1 - Disable WER sending second-level data
  854. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "DontSendAdditionalData" /t REG_DWORD /d "1" /f
  855. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "DontSendAdditionalData" /t REG_DWORD /d "1" /f
  856.  
  857. rem 1 - Disable WER crash dialogs, popups
  858. reg add "HKLM\Software\Microsoft\PCHealth\ErrorReporting" /v "ShowUI" /t REG_DWORD /d "0" /f
  859. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "DontShowUI" /t REG_DWORD /d "1" /f
  860. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "DontShowUI" /t REG_DWORD /d "1" /f
  861.  
  862. rem 1 - Disable WER logging
  863. reg add "HKCU\Software\Microsoft\Windows\Windows Error Reporting" /v "LoggingDisabled" /t REG_DWORD /d "1" /f
  864. reg add "HKLM\Software\Microsoft\Windows\Windows Error Reporting" /v "LoggingDisabled" /t REG_DWORD /d "1" /f
  865.  
  866. schtasks /Change /TN "Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate" /Disable
  867. schtasks /Change /TN "Microsoft\Windows\Windows Error Reporting\QueueReporting" /Disable
  868.  
  869. rem Windows Error Reporting Service
  870. sc config WerSvc start= disabled
  871.  
  872. rem Remove Windows Errror Reporting (to restore run "sfc /scannow")
  873. takeown /s %computername% /u %username% /f "%WinDir%\System32\WerFault.exe"
  874. icacls "%WinDir%\System32\WerFault.exe" /grant:r %username%:F
  875. taskkill /im WerFault.exe /f
  876. del "%WinDir%\System32\WerFault.exe" /s /f /q
  877.  
  878. takeown /s %computername% /u %username% /f "%WinDir%\SysWOW64\WerFault.exe"
  879. icacls "%WinDir%\SysWOW64\WerFault.exe" /grant:r %username%:F
  880. taskkill /im WerFault.exe /f
  881. del "%WinDir%\SysWOW64\WerFault.exe" /s /f /q
  882.  
  883. takeown /s %computername% /u %username% /f "%WinDir%\System32\WerFaultSecure.exe"
  884. icacls "%WinDir%\System32\WerFaultSecure.exe" /grant:r %username%:F
  885. taskkill /im WerFaultSecure.exe /f
  886. del "%WinDir%\System32\WerFaultSecure.exe" /s /f /q
  887.  
  888. takeown /s %computername% /u %username% /f "%WinDir%\SysWOW64\WerFaultSecure.exe"
  889. icacls "%WinDir%\SysWOW64\WerFaultSecure.exe" /grant:r %username%:F
  890. taskkill /im WerFaultSecure.exe /f
  891. del "%WinDir%\SysWOW64\WerFaultSecure.exe" /s /f /q
  892.  
  893. takeown /s %computername% /u %username% /f "%WinDir%\System32\wermgr.exe"
  894. icacls "%WinDir%\System32\wermgr.exe" /grant:r %username%:F
  895. taskkill /im wermgr.exe /f
  896. del "%WinDir%\System32\wermgr.exe" /s /f /q
  897.  
  898. takeown /s %computername% /u %username% /f "%WinDir%\SysWOW64\wermgr.exe"
  899. icacls "%WinDir%\SysWOW64\wermgr.exe" /grant:r %username%:F
  900. taskkill /im wermgr.exe /f
  901. del "%WinDir%\SysWOW64\wermgr.exe" /s /f /q
  902.  
  903.  
  904. rem =================================== Windows Explorer ===================================
  905. rem --------------------------------------- Options ----------------------------------------
  906. rem ....................................... General ........................................
  907.  
  908. rem 2 - Open File Explorer to Quick access / 1 - Open File Explorer to This PC / 3 - Open File Explorer to Downloads
  909. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "LaunchTo" /t REG_DWORD /d "3" /f
  910.  
  911. rem Single-click to open an item (point to select)
  912. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "ShellState" /t REG_BINARY /d "2400000017a8000000000000000000000000000001000000130000000000000073000000" /f
  913.  
  914. rem 2 - Underline icon titles consistent with my browser / 3 - Underline icon titles only when I point at them
  915. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "IconUnderline" /t REG_DWORD /d "2" /f
  916.  
  917. rem 1 - Show recently used folders in Quick Access
  918. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "ShowRecent" /t REG_DWORD /d "0" /f
  919.  
  920. rem 1 - Show frequently folders in Quick Access
  921. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "ShowFrequent" /t REG_DWORD /d "0" /f
  922.  
  923.  
  924. rem =================================== Windows Explorer ===================================
  925. rem --------------------------------------- Options ----------------------------------------
  926. rem ........................................ View .........................................
  927.  
  928. rem Open Explorer - Choose the desired View - View - Options - View - Apply to Folders - OK - Close Explorer ASAP
  929. rem reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags" /f
  930. rem reg delete "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU" /f
  931. rem reg delete "HKCU\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\Bags" /f
  932. rem reg delete "HKCU\Software\Classes\Wow6432Node\Local Settings\Software\Microsoft\Windows\Shell\BagMRU" /f
  933. rem reg delete "HKCU\Software\Microsoft\Windows\Shell\Bags" /f
  934. rem reg delete "HKCU\Software\Microsoft\Windows\Shell\BagMRU" /f
  935. rem reg delete "HKCU\Software\Microsoft\Windows\ShellNoRoam\Bags" /f
  936. rem reg delete "HKCU\Software\Microsoft\Windows\ShellNoRoam\BagMRU" /f
  937. reg add "HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\AllFolders\Shell" /v "FolderType" /t REG_SZ /d "NotSpecified" /f
  938.  
  939.  
  940. rem ________________________________________________________________________________________
  941. rem Remove Network from Navigation Panel
  942. rem Take Ownership of the Registry key - https://www.youtube.com/watch?v=M1l5ifYKefg
  943. reg add "HKCR\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\ShellFolder" /v "Attributes" /t REG_DWORD /d "2962489444" /f
  944.  
  945. rem 1 - Hide Quick access from This PC / 0 - Show
  946. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "HubMode" /t REG_DWORD /d "1" /f
  947.  
  948. rem Show/Hide - 3D Objects from This PC
  949. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{31C0DD25-9439-4F12-BF41-7FF4EDA38722}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  950. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{31C0DD25-9439-4F12-BF41-7FF4EDA38722}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  951.  
  952. rem Show/Hide - Desktop from This PC
  953. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  954. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  955.  
  956. rem Show/Hide - Documents from This PC
  957. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{f42ee2d3-909f-4907-8871-4c22fc0bf756}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  958. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{f42ee2d3-909f-4907-8871-4c22fc0bf756}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  959.  
  960. rem Show/Hide - Downloads from This PC
  961. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7d83ee9b-2244-4e70-b1f5-5393042af1e4}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  962. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{7d83ee9b-2244-4e70-b1f5-5393042af1e4}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  963.  
  964. rem Show/Hide - Movies/Videos from This PC
  965. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{35286a68-3c57-41a1-bbb1-0eae73d76c95}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  966. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{35286a68-3c57-41a1-bbb1-0eae73d76c95}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  967.  
  968. rem Show/Hide - Music from This PC
  969. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{a0c69a99-21c8-4671-8703-7934162fcf1d}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  970. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{a0c69a99-21c8-4671-8703-7934162fcf1d}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Hide" /f
  971.  
  972. rem Show/Hide - Pictures from This PC
  973. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{0ddd015d-b06c-45d5-8c4c-f59713854639}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  974. reg add "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\FolderDescriptions\{0ddd015d-b06c-45d5-8c4c-f59713854639}\PropertyBag" /v "ThisPCPolicy" /t REG_SZ /d "Show" /f
  975.  
  976. rem Remove Desktop folder from This PC
  977. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
  978. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{B4BFCC3A-DB2C-424C-B029-7FE99A87C641}" /f
  979.  
  980. rem Remove Documents folder from This PC
  981. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
  982. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{d3162b92-9365-467a-956b-92703aca08af}" /f
  983.  
  984. rem Remove Downloads folder from This PC
  985. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
  986. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{088e3905-0323-4b02-9826-5d99428e115f}" /f
  987.  
  988. rem Remove Movies folder from This PC
  989. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
  990. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{f86fa3ab-70d2-4fc7-9c99-fcbf05467f3a}" /f
  991.  
  992. rem Remove Music folder from This PC on
  993. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
  994. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{3dfdf296-dbec-4fb4-81d1-6a3438bcf4de}" /f
  995.  
  996. rem Remove Pictures folder from This PC
  997. rem reg delete "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
  998. rem reg delete "HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{24ad3ad4-a569-4530-98e1-ab02f9417aa8}" /f
  999.  
  1000.  
  1001. rem =================================== Windows Explorer ===================================
  1002. rem --------------------------------------- Options ----------------------------------------
  1003. rem .................................. Advanced Settings ...................................
  1004.  
  1005. rem 1 - Show hidden files, folders and drives
  1006. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Hidden" /t REG_DWORD /d "1" /f
  1007.  
  1008. rem 0 - Show extensions for known file types
  1009. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideFileExt" /t REG_DWORD /d "0" /f
  1010.  
  1011. rem 0 - Hide protected operating system files
  1012. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowSuperHidden" /t REG_DWORD /d "1" /f
  1013.  
  1014. rem 1 - Launch folder windows in a separate process
  1015. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "SeparateProcess" /t REG_DWORD /d "1" /f
  1016.  
  1017. rem 1 - Show Sync Provider Notifications in Windows Explorer (ADs)
  1018. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowSyncProviderNotifications" /t REG_DWORD /d "0" /f
  1019.  
  1020. rem 1 - Use Sharing Wizard
  1021. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "SharingWizardOn" /t REG_DWORD /d "0" /f
  1022.  
  1023. rem Navigation pane - 1 - Expand to open folder
  1024. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "NavPaneExpandToCurrentFolder" /t REG_DWORD /d "0" /f
  1025.  
  1026. rem ________________________________________________________________________________________
  1027. rem 0 - All of the components of Windows Explorer run a single process / 1 - All instances of Windows Explorer run in one process and the Desktop and Taskbar run in a separate process
  1028. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "DesktopProcess" /t REG_DWORD /d "1" /f
  1029.  
  1030. rem Yes - Use Inline AutoComplete in File Explorer and Run Dialog / No
  1031. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete" /v "Append Completion" /t REG_SZ /d "No" /f
  1032.  
  1033. rem 0 - Do this for all current items checkbox / 1 - Disabled
  1034. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\OperationStatusManager" /v "ConfirmationCheckBoxDoForAll" /t REG_DWORD /d "0" /f
  1035.  
  1036. rem 1 - Always show more details in copy dialog
  1037. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\OperationStatusManager" /v "EnthusiastMode" /t REG_DWORD /d "0" /f
  1038.  
  1039. rem 1 - Display confirmation dialog when deleting files
  1040. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "ConfirmFileDelete" /t REG_DWORD /d "1" /f
  1041.  
  1042. rem 1075839525 - Auto arrange icons and Align icons to grid on Desktop / 1075839520 / 1075839521 / 1075839524
  1043. reg add "HKCU\Software\Microsoft\Windows\Shell\Bags\1\Desktop" /v "FFlags" /t REG_DWORD /d "1075839525" /f
  1044.  
  1045. rem 1 - Disable Look for an app in the Store (How do you want to open this file)
  1046. reg add "HKLM\Software\Policies\Microsoft\Windows\Explorer" /v "NoUseStoreOpenWith" /t REG_DWORD /d "1" /f
  1047.  
  1048.  
  1049. rem ================================== Windows OneDrive ====================================
  1050.  
  1051.  
  1052. rem Remove OneDrive
  1053. taskkill /F /IM onedrive.exe
  1054. rem "%SYSTEMROOT%\System32\OneDriveSetup.exe" /uninstall
  1055. rem "%SYSTEMROOT%\SysWOW64\OneDriveSetup.exe" /uninstall
  1056. rd "%LOCALAPPDATA%\Microsoft\OneDrive" /Q /S
  1057. rd "%PROGRAMDATA%\Microsoft OneDrive" /Q /S
  1058. rd "%USERPROFILE%\OneDrive" /Q /S
  1059.  
  1060. rem 0 - Remove from Windows Explorer
  1061. reg add "HKCR\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f
  1062. reg add "HKCR\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f
  1063. reg add "HKCU\Software\Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f
  1064. reg add "HKCU\Software\Classes\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /v "System.IsPinnedToNameSpaceTree" /t REG_DWORD /d "0" /f
  1065.  
  1066. rem Hide One Drive Icon on Desktop
  1067. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{018D5C66-4533-4307-9B53-224DE2ED1FE6}" /t REG_DWORD /d "1" /f
  1068.  
  1069. rem Disable network traffic pre user sign-in
  1070. reg add "HKLM\Software\Policies\Microsoft\OneDrive" /v "PreventNetworkTrafficPreUserSignIn" /t REG_DWORD /d "1" /f
  1071.  
  1072. rem 1 - Disable sync files to One Drive
  1073. reg add "HKCU\Software\Microsoft\OneDrive" /v "DisablePersonalSync" /t REG_DWORD /d "1" /f
  1074. reg add "HKLM\Software\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSync" /t REG_DWORD /d "1" /f
  1075. reg add "HKLM\Software\Policies\Microsoft\Windows\OneDrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d "1" /f
  1076. reg add "HKLM\Software\Wow6432Node\Policies\Microsoft\Windows\Onedrive" /v "DisableFileSyncNGSC" /t REG_DWORD /d "1" /f
  1077.  
  1078. rem 1 - Disable saving Libraries to OneDrive
  1079. reg add "HKLM\Software\Policies\Microsoft\Windows\OneDrive" /v "DisableLibrariesDefaultSaveToOneDrive" /t REG_DWORD /d "0" /f
  1080. reg add "HKLM\Software\Wow6432Node\Policies\Microsoft\Windows\Onedrive" /v "DisableLibrariesDefaultSaveToOneDrive" /t REG_DWORD /d "1" /f
  1081.  
  1082. rem 1 - Disable Sync over metered network
  1083. reg add "HKLM\Software\Policies\Microsoft\Windows\OneDrive" /v "DisableMeteredNetworkFileSync" /t REG_DWORD /d "1" /f
  1084. reg add "HKLM\Software\Wow6432Node\Policies\Microsoft\Windows\Onedrive" /v "DisableMeteredNetworkFileSync" /t REG_DWORD /d "1" /f
  1085.  
  1086. rem Remove Startup entry
  1087. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run" /v "OneDrive" /f
  1088.  
  1089. rem Disable Service
  1090. sc config OneSyncSvc start= disabled
  1091. sc config OneSyncSvc_Session1 start= disabled
  1092.  
  1093. rem Disable Task
  1094. schtasks /Change /TN "OneDrive Standalone Update Task v2" /Disable
  1095.  
  1096.  
  1097. rem ================================ Windows Optimizations =================================
  1098.  
  1099.  
  1100. rem https://msdn.microsoft.com/en-us/library/ee377058(v=bts.10).aspx
  1101. rem https://channel9.msdn.com/Blogs/Seth-Juarez/Memory-Compression-in-Windows-10-RTM
  1102. rem https://blogs.technet.microsoft.com/markrussinovich/2008/07/21/pushing-the-limits-of-windows-physical-memory/
  1103.  
  1104. rem Determines whether user processes end automatically when the user either logs off or shuts down / 1 - Processes end automatically
  1105. reg add "HKCU\Control Panel\Desktop" /v "AutoEndTasks" /t REG_SZ /d "0" /f
  1106.  
  1107. rem Specifies the number of times the taskbar button flashes to notify the user that the system has activated a background window
  1108. rem If the time elapsed since the last user input exceeds the value of the ForegroundLockTimeout entry, the window will automatically be brought to the foreground
  1109. reg add "HKCU\Control Panel\Desktop" /v "ForegroundFlashCount" /t REG_SZ /d "0" /f
  1110.  
  1111. rem ForegroundLockTimeout specifies the time in milliseconds, following user input, during which the system keeps applications from moving into the foreground / 0 - Disabled / 200000 - Default
  1112. reg add "HKCU\Control Panel\Desktop" /v "ForegroundLockTimeout" /t REG_DWORD /d "0" /f
  1113.  
  1114. rem Specifies in milliseconds how long the System waits for user processes to end after the user clicks the End Task command button in Task Manager
  1115. reg add "HKCU\Control Panel\Desktop" /v "HungAppTimeout" /t REG_SZ /d "5000" /f
  1116.  
  1117. rem Determines how long the System waits for user processes to end after the user attempts to log off or to shut down
  1118. reg add "HKCU\Control Panel\Desktop" /v "WaitToKillAppTimeout" /t REG_SZ /d "5000" /f
  1119.  
  1120. rem Determines in milliseconds how long the System waits for services to stop after notifying the service that the System is shutting down
  1121. reg add "HKLM\System\CurrentControlSet\Control" /v "WaitToKillServiceTimeout" /t REG_SZ /d "5000" /f
  1122.  
  1123. rem Determines in milliseconds the interval from the time the cursor is pointed at a menu until the menu items are displayed
  1124. reg add "HKCU\Control Panel\Desktop" /v "MenuShowDelay" /t REG_SZ /d "0" /f
  1125.  
  1126. rem Remove Windows Mouse Acceleration Curve
  1127. reg delete "HKCU\Control Panel\Mouse" /v "SmoothMouseXCurve" /f
  1128. reg delete "HKCU\Control Panel\Mouse" /v "SmoothMouseYCurve" /f
  1129.  
  1130. rem Mouse Hover Time in milliseconds before Pop-up Display
  1131. reg add "HKCU\Control Panel\Mouse" /v "MouseHoverTime" /t REG_SZ /d "0" /f
  1132.  
  1133. rem How long in milliseconds you want to have for a startup delay time for desktop apps that run at startup to load
  1134. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Serialize" /v "StartupDelayInMSec" /t REG_DWORD /d "0" /f
  1135.  
  1136. rem n - Disable Background disk defragmentation / y - Enable How long in milliseconds you want to have for a startup delay time for desktop apps that run at startup to load
  1137. reg add "HKLM\Software\Microsoft\Dfrg\BootOptimizeFunction" /v "Enable" /t REG_SZ /d "n" /f
  1138.  
  1139. rem 0 - Disable Background auto-layout / Disable Optimize Hard Disk when idle
  1140. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OptimalLayout" /v "EnableAutoLayout" /t REG_DWORD /d "0" /f
  1141.  
  1142. rem Disable Automatic Maintenance / Scheduled System Maintenance
  1143. reg add "HKLM\Software\Microsoft\Windows\ScheduledDiagnostics" /v "EnabledExecution" /t REG_DWORD /d "0" /f
  1144. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\Maintenance" /v "MaintenanceDisabled" /t REG_DWORD /d "1" /f
  1145. reg add "HKLM\Software\Policies\Microsoft\Windows\ScheduledDiagnostics" /v "EnabledExecution" /t REG_DWORD /d "0" /f
  1146.  
  1147. rem 0 - Enables 8dot3 name creation for all volumes on the system / 1 - Disables 8dot3 name creation for all volumes on the system / 2 - Sets 8dot3 name creation on a per volume basis / 3 - Disables 8dot3 name creation for all volumes except the system volume
  1148. rem fsutil 8dot3name scan c:\
  1149. fsutil behavior set disable8dot3 1
  1150.  
  1151. rem 1 - Disable the Encrypting File System (EFS)
  1152. fsutil behavior set disableencryption 1
  1153.  
  1154. rem 1 - When listing directories, NTFS does not update the last-access timestamp, and it does not record time stamp updates in the NTFS log
  1155. fsutil behavior set disablelastaccess 1
  1156.  
  1157. rem 5 - 5 secs / Delay Chkdsk startup time at OS Boot
  1158. reg add "HKLM\System\CurrentControlSet\Control\Session Manager" /v "AutoChkTimeout" /t REG_DWORD /d "5" /f
  1159.  
  1160. rem 0 - Establishes a standard size file-system cache of approximately 8 MB / 1 - Establishes a large system cache working set that can expand to physical memory, minus 4 MB, if needed
  1161. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management" /v "LargeSystemCache" /t REG_DWORD /d "1" /f
  1162.  
  1163. rem 0 - Drivers and the kernel can be paged to disk as needed / 1 - Drivers and the kernel must remain in physical memory
  1164. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management" /v "DisablePagingExecutive" /t REG_DWORD /d "1" /f
  1165.  
  1166. rem 0 - Disable Prefetch / 1 - Enable Prefetch when the application starts / 2 - Enable Prefetch when the device starts up / 3 - Enable Prefetch when the application or device starts up
  1167. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v "EnablePrefetcher" /t REG_DWORD /d "0" /f
  1168.  
  1169. rem 0 - Disable SuperFetch / 1 - Enable SuperFetch when the application starts up / 2 - Enable SuperFetch when the device starts up / 3 - Enable SuperFetch when the application or device starts up
  1170. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v "EnableSuperfetch" /t REG_DWORD /d "0" /f
  1171.  
  1172. rem 0 - Disable It / 1 - Default
  1173. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters" /v "SfTracingState" /t REG_DWORD /d "0" /f
  1174.  
  1175. rem 0 - Disable Fast Startup for a Full Shutdown / 1 - Enable Fast Startup (Hybrid Boot) for a Hybrid Shutdown
  1176. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Power" /v "HiberbootEnabled" /t REG_DWORD /d "0" /f
  1177.  
  1178. rem Disable Hibernation / Disable Fast Startup (Hybrid Boot)
  1179. powercfg -h off
  1180.  
  1181.  
  1182. rem =================================== Windows Policies ===================================
  1183.  
  1184.  
  1185. rem https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services
  1186. rem https://docs.microsoft.com/en-us/windows/client-management/mdm/new-in-windows-mdm-enrollment-management#whatsnew10
  1187. rem https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-configuration-service-provider
  1188. rem https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-security-baselines
  1189.  
  1190. rem ________________________________________________________________________________________
  1191. rem 1808 - Disable the warning The Publisher could not be verified
  1192. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Associations" /v "DefaultFileTypeRisk" /t REG_DWORD /d "1808" /f
  1193.  
  1194. rem Disable Security warning to unblock the downloaded file
  1195. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments" /v "SaveZoneInformation" /t REG_DWORD /d "1" /f
  1196.  
  1197. rem 1 - Disable Low Disk Space Alerts
  1198. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoLowDiskSpaceChecks " /t REG_DWORD /d "1" /f
  1199. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoLowDiskSpaceChecks " /t REG_DWORD /d "1" /f
  1200.  
  1201. rem 1 - Don't run specified exe
  1202. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "DisallowRun" /t REG_DWORD /d "1" /f
  1203. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "1" /t REG_SZ /d "bash.exe" /f
  1204. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "2" /t REG_SZ /d "mshta.exe" /f
  1205. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "3" /t REG_SZ /d "msra.exe" /f
  1206. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "4" /t REG_SZ /d "powershell_ise.exe" /f
  1207. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "5" /t REG_SZ /d "powershell.exe" /f
  1208. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "6" /t REG_SZ /d "psexec.exe" /f
  1209. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "7" /t REG_SZ /d "nc.exe" /f
  1210. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "8" /t REG_SZ /d "nc64.exe" /f
  1211. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "9" /t REG_SZ /d "bitsadmin.exe" /f
  1212. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "10" /t REG_SZ /d "cipher.exe" /f
  1213. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "11" /t REG_SZ /d "scrcons.exe" /f
  1214. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "12" /t REG_SZ /d "wbemtest.exe" /f
  1215. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "13" /t REG_SZ /d "winrm.exe" /f
  1216. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "14" /t REG_SZ /d "winrs.exe" /f
  1217. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "15" /t REG_SZ /d "wecutil.exe" /f
  1218. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "16" /t REG_SZ /d "werfault.exe" /f
  1219. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "17" /t REG_SZ /d "wscript.exe" /f
  1220. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "18" /t REG_SZ /d "cscript.exe" /f
  1221. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun" /v "18" /t REG_SZ /d "hh.exe" /f
  1222.  
  1223. rem N - Disable Distributed Component Object Model (DCOM) support in Windows / Y - Enable
  1224. reg add "HKLM\Software\Microsoft\Ole" /v "EnableDCOM" /t REG_SZ /d "N" /f
  1225.  
  1226. rem 0 - Disable Microsoft Windows Just-In-Time (JIT) script debugging
  1227. reg add "HKCU\Software\Microsoft\Windows Script\Settings" /v "JITDebug" /t REG_DWORD /d "0" /f
  1228. reg add "HKU\.Default\Microsoft\Windows Script\Settings" /v "JITDebug" /t REG_DWORD /d "0" /f
  1229.  
  1230. rem 1 - When the system detects that the user is downloading an external program that runs as part of the Windows user interface, the system searches for a digital certificate or requests that the user approve the action
  1231. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "EnforceShellExtensionSecurity" /t REG_DWORD /d "1" /f
  1232.  
  1233. rem Disable Active Desktop
  1234. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "HideIcons" /t REG_DWORD /d "0" /f
  1235. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop" /v "NoAddingComponents" /t REG_DWORD /d "1" /f
  1236. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop" /v "NoComponents" /t REG_DWORD /d "1" /f
  1237. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "ForceActiveDesktopOn" /t REG_DWORD /d "0" /f
  1238. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoActiveDesktop" /t REG_DWORD /d "1" /f
  1239. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoActiveDesktopChanges" /t REG_DWORD /d "1" /f
  1240. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoDesktop" /t REG_DWORD /d "0" /f
  1241.  
  1242. rem Enables or disables the retrieval of online tips and help for the Settings app (ADs)
  1243. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "AllowOnlineTips" /t REG_DWORD /d "0" /f
  1244.  
  1245. rem 1 - Disable recent documents history
  1246. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoRecentDocsHistory" /t REG_DWORD /d "1" /f
  1247.  
  1248. rem 1 - Do not add shares from recently opened documents to the My Network Places folder
  1249. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "Norecentdocsnethood" /t REG_DWORD /d "1" /f
  1250.  
  1251. rem 0 - Disable configuring the machine at boot-up / 1 - Enable configuring the machine at boot-up / 2 - Enable configuring the machine only if DSC is in pending or current state (Default)
  1252. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "DSCAutomationHostEnabled" /t REG_DWORD /d "0" /f
  1253.  
  1254. rem 0 - Disable / 1 - Enable (Default)
  1255. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableCursorSuppression" /t REG_DWORD /d "0" /f
  1256.  
  1257. rem 0 - Disable Administrative Shares
  1258. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "LocalAccountTokenFilterPolicy" /t REG_DWORD /d "0" /f
  1259. reg add "HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters" /v "AutoShareServer" /t REG_DWORD /d "0" /f
  1260. reg add "HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters" /v "AutoShareWks" /t REG_DWORD /d "0" /f
  1261.  
  1262. rem Disable SMB 1.0/2.0
  1263. reg add "HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters" /v "SMB1" /t REG_DWORD /d "0" /f
  1264. reg add "HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters" /v "SMB2" /t REG_DWORD /d "0" /f
  1265.  
  1266. rem Disabling PowerShell script execution / Restricting PowerShell to Constrained Language mode
  1267. rem Set-ExecutionPolicy bypass - noprofile
  1268. reg add "HKLM\Software\Policies\Microsoft\Windows\PowerShell" /v "EnableScripts" /t REG_DWORD /d "0" /f
  1269. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Environment" /v "__PSLockDownPolicy" /t REG_SZ /d "4" /f
  1270.  
  1271. rem Determines how many user account entries Windows saves in the logon cache on the local computer.
  1272. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "CachedLogonsCount" /t REG_DWORD /d "0" /f
  1273.  
  1274. rem Locky ransomware using VBscript (Visual Basic Script) - https://blog.avast.com/a-closer-look-at-the-locky-ransomware
  1275. rem 0 - Disable Windows Script Host (WSH) (prevents majority of malware from working, especially when removing PowerShell as well, Disable ExecutionPolicy can be easily bypassed)
  1276. rem Also disabled via DisallowRun "wscript.exe" and "cscript.exe"
  1277. reg add "HKCU\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
  1278. reg add "HKLM\Software\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
  1279. reg add "HKLM\Software\WOW6432Node\Microsoft\Windows Script Host\Settings" /v "Enabled" /t REG_DWORD /d "0" /f
  1280.  
  1281. rem Prevent Microsoft Edge from starting and loading the Start and New Tab page at Windows startup and each time Microsoft Edge is closed
  1282. reg add "HKCU\Software\Policies\Microsoft\MicrosoftEdge" /v "AllowPrelaunch" /t REG_DWORD /d "0" /f
  1283. reg add "HKCU\Software\Policies\Microsoft\MicrosoftEdge\Main" /v "AllowPrelaunch" /t REG_DWORD /d "0" /f
  1284. reg add "HKCU\Software\Policies\Microsoft\MicrosoftEdge\TabPreloader" /v "AllowTabPreloading" /t REG_DWORD /d "0" /f
  1285. reg add "HKCU\Software\Policies\Microsoft\MicrosoftEdge\TabPreloader" /v "PreventTabPreloading" /t REG_DWORD /d "1" /f
  1286. reg add "HKLM\Software\Policies\Microsoft\MicrosoftEdge" /v "AllowPrelaunch" /t REG_DWORD /d "0" /f
  1287. reg add "HKLM\Software\Policies\Microsoft\MicrosoftEdge\Main" /v "AllowPrelaunch" /t REG_DWORD /d "0" /f
  1288. reg add "HKLM\Software\Policies\Microsoft\MicrosoftEdge\TabPreloader" /v "AllowTabPreloading" /t REG_DWORD /d "0" /f
  1289. reg add "HKLM\Software\Policies\Microsoft\MicrosoftEdge\TabPreloader" /v "PreventTabPreloading" /t REG_DWORD /d "1" /f
  1290.  
  1291. rem Disable Customer Experience Improvement (CEIP/SQM - Software Quality Management)
  1292. reg add "HKLM\Software\Policies\Microsoft\Internet Explorer\SQM" /v "DisableCustomerImprovementProgram" /t REG_DWORD /d "0" /f
  1293. reg add "HKLM\Software\Policies\Microsoft\Messenger\Client" /v "CEIP" /t REG_DWORD /d "2" /f
  1294. reg add "HKLM\Software\Policies\Microsoft\SQMClient\Windows" /v "CEIPEnable" /t REG_DWORD /d "0" /f
  1295.  
  1296. rem 0 - Disable Application Impact Telemetry (AIT)
  1297. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "AITEnable" /t REG_DWORD /d "0" /f
  1298.  
  1299. rem 0 - Disable Inventory Collector
  1300. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "DisableInventory" /t REG_DWORD /d "1" /f
  1301.  
  1302. rem 0 - Disable Program Compatibility Assistant
  1303. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "DisablePCA" /t REG_DWORD /d "1" /f
  1304.  
  1305. rem 1 - The device does not store the user's credentials for automatic sign-in after a Windows Update restart. The users' lock screen apps are not restarted after the system restarts.
  1306. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "DisableAutomaticRestartSignOn" /t REG_DWORD /d "1" /f
  1307.  
  1308. rem 1 - Disable Steps Recorder (Steps Recorder keeps a record of steps taken by the user, the data includes user actions such as keyboard input and mouse input user interface data and screen shots)
  1309. reg add "HKLM\Software\Policies\Microsoft\Windows\AppCompat" /v "DisableUAR" /t REG_DWORD /d "1" /f
  1310. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Application-Experience/Steps-Recorder" /v "Enabled" /t REG_DWORD /d "0" /f
  1311.  
  1312. rem 1 - Specifies that Windows does not automatically encrypt eDrives
  1313. reg add "HKLM\Software\Policies\Microsoft\Windows\EnhancedStorageDevices" /v "TCGSecurityActivationDisabled" /t REG_DWORD /d "1" /f
  1314.  
  1315. rem 1 - Disable Network Connection Status Indicator (NCSI) - HKLM\System\CurrentControlSet\Services\NlaSvc\Parameters\Internet
  1316. reg add "HKLM\Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator" /v "NoActiveProbe" /t REG_DWORD /d "1" /f
  1317.  
  1318. rem Disable PerfTrack (tracking of responsiveness events)
  1319. reg add "HKLM\Software\Policies\Microsoft\Windows\WDI\{9c5a40da-b965-4fc3-8781-88dd50a6299d}" /v "ScenarioExecutionEnabled" /t REG_DWORD /d "0" /f
  1320.  
  1321. rem 1000000000000 - Block untrusted fonts and log events / 2000000000000 - Do not block untrusted fonts / 3000000000000 - Log events without blocking untrusted fonts
  1322. reg add "HKLM\Software\Policies\Microsoft\Windows NT\MitigationOptions" /v "MitigationOptions_FontBocking" /t REG_SZ /d "1000000000000" /f
  1323.  
  1324. rem 1 - Enable Shutdown Event Tracker / 0 - Disable (Default)
  1325. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Reliability" /v "ShutdownReasonOn" /t REG_DWORD /d "0" /f
  1326. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Reliability" /v "ShutdownReasonUI" /t REG_DWORD /d "0" /f
  1327.  
  1328. rem 1 - Do not allow storage of passwords and credentials for network authentication in the Credential Manager
  1329. reg add "HKLM\System\CurrentControlSet\Control\Lsa" /v "DisableDomainCreds" /t REG_DWORD /d "1" /f
  1330.  
  1331. rem Digest Security Provider is disabled by default, but malware can enable it to recover the plain text passwords from the system’s memory (+CachedLogonsCount/+DisableDomainCreds/+DisableAutomaticRestartSignOn)
  1332. reg add "HKLM\System\CurrentControlSet\Control\SecurityProviders\WDigest" /v "UseLogonCredential" /t REG_DWORD /d "0" /f
  1333.  
  1334. rem The system registry is no longer backed up to the RegBack folder starting in Windows 10 version 1803
  1335. reg add "HKLM\System\CurrentControlSet\Control\Session Manager\Configuration Manager" /v "EnablePeriodicBackup" /t REG_DWORD /d "1" /f
  1336.  
  1337. rem No-one will be a member of the built-in group, although it will still be visible in the Object Picker / 1 - all users logging on to a session on the server will be made a member of the TERMINAL SERVER USER group
  1338. reg add "HKLM\System\CurrentControlSet\Control\Terminal Server" /v "TSUserEnabled" /t REG_DWORD /d "0" /f
  1339.  
  1340.  
  1341. rem =================================== Windows Policies ===================================
  1342. rem --------------------------------- User Account Control ---------------------------------
  1343.  
  1344. rem https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd835564(v=ws.10)
  1345. rem Reason to set UAC to Always Notify - https://technet.microsoft.com/en-us/library/2009.07.uac.aspx#id0560031
  1346.  
  1347. rem 0 - Elevate without prompting / 1 - Prompt for credentials on the secure desktop / 2 - Prompt for consent on the secure desktop / 3 - Prompt for credentials / 4 - Prompt for consent / 5 (Default) - Prompt for consent for non-Windows binaries
  1348. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ConsentPromptBehaviorAdmin" /t REG_DWORD /d "1" /f
  1349.  
  1350. rem 0 - Automatically deny elevation requests / 1 - Prompt for credentials on the secure desktop / 3 (Default) - Prompt for credentials
  1351. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ConsentPromptBehaviorUser" /t REG_DWORD /d "0" /f
  1352.  
  1353. rem 2 (Default)
  1354. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableFullTrustStartupTasks" /t REG_DWORD /d "0" /f
  1355.  
  1356. rem Detect application installations and prompt for elevation / 1 - Enabled (default for home) / 0 - Disabled (default for enterprise)
  1357. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableInstallerDetection" /t REG_DWORD /d "1" /f
  1358.  
  1359. rem Run all administrators in Admin Approval Mode / 0 - Disabled (UAC) / 1 - Enabled (UAC)
  1360. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableLUA" /t REG_DWORD /d "1" /f
  1361.  
  1362. rem Only elevate UIAccess applications that are installed in secure locations / 0 - Disabled / 1 (Default) - Enabled
  1363. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableSecureUIAPaths" /t REG_DWORD /d "1" /f
  1364.  
  1365. rem 0 (Default) = Disabled / 1 - Enabled
  1366. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableUwpStartupTasks" /t REG_DWORD /d "0" /f
  1367.  
  1368. rem Allow UIAccess applications to prompt for elevation without using the secure desktop / 0 (Default) = Disabled / 1 - Enabled
  1369. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableUIADesktopToggle" /t REG_DWORD /d "0" /f
  1370.  
  1371. rem https://technet.microsoft.com/en-us/itpro/windows/keep-secure/deploy-device-guard-enable-virtualization-based-security
  1372. rem 0 - Disabled / 1 - Enabled (Default)
  1373. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "EnableVirtualization" /t REG_DWORD /d "0" /f
  1374.  
  1375. rem Admin Approval Mode for the built-in Administrator account / 0 (Default) - Disabled / 1 - Enabled
  1376. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "FilterAdministratorToken" /t REG_DWORD /d "1" /f
  1377.  
  1378. rem Allow UIAccess applications to prompt for elevation without using the secure desktop / 0 (Default) - Disabled / 1 - Enabled
  1379. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "PromptOnSecureDesktop" /t REG_DWORD /d "1" /f
  1380.  
  1381. rem Enforce cryptographic signatures on any interactive application that requests elevation of privilege / 0 (Default) - Disabled / 1 - Enabled
  1382. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ValidateAdminCodeSignatures" /t REG_DWORD /d "1" /f
  1383.  
  1384. rem 1 - Enable command-line auditing
  1385. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\Audit" /v "ProcessCreationIncludeCmdLine_Enabled" /t REG_DWORD /d "1" /f
  1386.  
  1387.  
  1388. rem =============================== Windows Scheduled Tasks ================================
  1389.  
  1390.  
  1391. rem UAC Bypass - https://enigma0x3.net/2016/07/22/bypassing-uac-on-windows-10-using-disk-cleanup
  1392. rem UAC Bypass - https://blog.ensilo.com/darkgate-malware
  1393.  
  1394. rem schtasks /Change /TN "Microsoft\Windows\TextServicesFramework\MsCtfMonitor" /Enable
  1395. rem schtasks /Run /TN "Microsoft\Windows\TextServicesFramework\MsCtfMonitor"
  1396. rem schtasks /Change /TN "Microsoft\Office\OfficeBackgroundTaskHandlerRegistration" /Disable
  1397. rem schtasks /End /TN "Microsoft\Office\OfficeBackgroundTaskHandlerRegistration"
  1398.  
  1399. rem Disable Background Synchronization (permanently, it can not be disabled)
  1400. schtasks /DELETE /TN "Microsoft\Windows\SettingSync\BackgroundUploadTask" /f
  1401.  
  1402. schtasks /DELETE /TN "Adobe Flash Player PPAPI Notifier" /f
  1403. schtasks /DELETE /TN "Adobe Flash Player Updater" /f
  1404. schtasks /DELETE /TN "AMD ThankingURL" /f
  1405. schtasks /DELETE /TN "AMDAutoUpdate" /f
  1406. schtasks /DELETE /TN "AMDInstallUEP" /f
  1407. schtasks /DELETE /TN "AMDLinkUpdate" /f
  1408. schtasks /DELETE /TN "Driver Easy Scheduled Scan" /f
  1409. schtasks /DELETE /TN "GPU Tweak II" /f
  1410. schtasks /DELETE /TN "klcp_update" /f
  1411. schtasks /DELETE /TN "ModifyLinkUpdate" /f
  1412. schtasks /DELETE /TN "Repairing Yandex Browser update service" /f
  1413. schtasks /DELETE /TN "StartDVR" /f
  1414. schtasks /DELETE /TN "StartCN" /f
  1415. schtasks /DELETE /TN "System update for Yandex Browser" /f
  1416. schtasks /DELETE /TN "Update for Yandex Browser" /f
  1417.  
  1418. schtasks /Change /TN "CreateExplorerShellUnelevatedTask" /Enable
  1419.  
  1420. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319" /Disable
  1421. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64" /Disable
  1422. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical" /Disable
  1423. schtasks /Change /TN "Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical" /Disable
  1424. schtasks /Change /TN "Microsoft\Windows\ApplicationData\appuriverifierdaily" /Disable
  1425. schtasks /Change /TN "Microsoft\Windows\ApplicationData\appuriverifierinstall" /Disable
  1426. schtasks /Change /TN "Microsoft\Windows\ApplicationData\CleanupTemporaryState" /Disable
  1427. schtasks /Change /TN "Microsoft\Windows\ApplicationData\DsSvcCleanup" /Disable
  1428. schtasks /Change /TN "Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser" /Disable
  1429. schtasks /Change /TN "Microsoft\Windows\Application Experience\ProgramDataUpdater" /Disable
  1430. schtasks /Change /TN "Microsoft\Windows\Application Experience\StartupAppTask" /Disable
  1431. schtasks /Change /TN "Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup" /Disable
  1432. schtasks /Change /TN "Microsoft\Windows\Autochk\Proxy" /Disable
  1433. schtasks /Change /TN "Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask" /Disable
  1434. schtasks /Change /TN "Microsoft\Windows\CloudExperienceHost\CreateObjectTask" /Disable
  1435. schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\Consolidator" /Disable
  1436. schtasks /Change /TN "Microsoft\Windows\Customer Experience Improvement Program\UsbCeip" /Disable
  1437. schtasks /Change /TN "Microsoft\Windows\Device Information\Device" /Disable
  1438. schtasks /Change /TN "Microsoft\Windows\Defrag\ScheduledDefrag" /Disable
  1439. schtasks /Change /TN "Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner" /Disable
  1440. schtasks /Change /TN "Microsoft\Windows\Diagnosis\Scheduled" /Disable
  1441. schtasks /Change /TN "Microsoft\Windows\DiskCleanup\SilentCleanup" /Disable
  1442. schtasks /Change /TN "Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector" /Disable
  1443. schtasks /Change /TN "Microsoft\Windows\DiskFootprint\Diagnostics" /Disable
  1444. schtasks /Change /TN "Microsoft\Windows\DiskFootprint\StorageSense" /Disable
  1445. schtasks /Change /TN "Microsoft\Windows\DUSM\dusmtask" /Disable
  1446. schtasks /Change /TN "Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask" /Disable
  1447. schtasks /Change /TN "Microsoft\Windows\Feedback\Siuf\DmClient" /Disable
  1448. schtasks /Change /TN "Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload" /Disable
  1449. schtasks /Change /TN "Microsoft\Windows\FileHistory\File History (maintenance mode)" /Disable
  1450. schtasks /Change /TN "Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures" /Disable
  1451. schtasks /Change /TN "Microsoft\Windows\Flighting\OneSettings\RefreshCache" /Disable
  1452. schtasks /Change /TN "Microsoft\Windows\HelloFace\FODCleanupTask" /Disable
  1453. schtasks /Change /TN "Microsoft\Windows\InstallService\ScanForUpdates" /Disable
  1454. schtasks /Change /TN "Microsoft\Windows\InstallService\ScanForUpdatesAsUser" /Disable
  1455. schtasks /Change /TN "Microsoft\Windows\InstallService\WakeUpAndContinueUpdates" /Disable
  1456. schtasks /Change /TN "Microsoft\Windows\InstallService\WakeUpAndScanForUpdates" /Disable
  1457. schtasks /Change /TN "Microsoft\Windows\InstallService\SmartRetry" /Disable
  1458. schtasks /Change /TN "Microsoft\Windows\LanguageComponentsInstaller\Installation" /Disable
  1459. schtasks /Change /TN "Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources" /Disable
  1460. schtasks /Change /TN "Microsoft\Windows\LanguageComponentsInstaller\Uninstallation" /Disable
  1461. schtasks /Change /TN "Microsoft\Windows\License Manager\TempSignedLicenseExchange" /Disable
  1462. schtasks /Change /TN "Microsoft\Windows\Location\Notifications" /Disable
  1463. schtasks /Change /TN "Microsoft\Windows\Location\WindowsActionDialog" /Disable
  1464. schtasks /Change /TN "Microsoft\Windows\Management\Provisioning\Cellular" /Disable
  1465. schtasks /Change /TN "Microsoft\Windows\Management\Provisioning\Logon" /Disable
  1466. schtasks /Change /TN "Microsoft\Windows\Maintenance\WinSAT" /Disable
  1467. schtasks /Change /TN "Microsoft\Windows\Maps\MapsToastTask" /Disable
  1468. schtasks /Change /TN "Microsoft\Windows\Maps\MapsUpdateTask" /Disable
  1469. schtasks /Change /TN "Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" /Disable
  1470. schtasks /Change /TN "Microsoft\Windows\Multimedia\SystemSoundsService" /Disable
  1471. schtasks /Change /TN "Microsoft\Windows\NlaSvc\WiFiTask" /Disable
  1472. schtasks /Change /TN "Microsoft\Windows\NetTrace\GatherNetworkInfo" /Disable
  1473. schtasks /Change /TN "Microsoft\Windows\PI\Sqm-Tasks" /Disable
  1474. schtasks /Change /TN "Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem" /Disable
  1475. schtasks /Change /TN "Microsoft\Windows\Printing\EduPrintProv" /Disable
  1476. schtasks /Change /TN "Microsoft\Windows\PushToInstall\Registration" /Disable
  1477. schtasks /Change /TN "Microsoft\Windows\Ras\MobilityManager" /Disable
  1478. schtasks /Change /TN "Microsoft\Windows\RecoveryEnvironment\VerifyWinRE" /Disable
  1479. schtasks /Change /TN "Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask" /Disable
  1480. schtasks /Change /TN "Microsoft\Windows\RetailDemo\CleanupOfflineContent" /Disable
  1481. schtasks /Change /TN "Microsoft\Windows\Servicing\StartComponentCleanup" /Disable
  1482. schtasks /Change /TN "Microsoft\Windows\SettingSync\BackgroundUploadTask" /Disable
  1483. schtasks /Change /TN "Microsoft\Windows\SettingSync\BackupTask" /Disable
  1484. schtasks /Change /TN "Microsoft\Windows\SettingSync\NetworkStateChangeTask" /Disable
  1485. schtasks /Change /TN "Microsoft\Windows\Shell\CreateObjectTask" /Disable
  1486. schtasks /Change /TN "Microsoft\Windows\Setup\SetupCleanupTask" /Disable
  1487. schtasks /Change /TN "Microsoft\Windows\SpacePort\SpaceAgentTask" /Disable
  1488. schtasks /Change /TN "Microsoft\Windows\SpacePort\SpaceManagerTask" /Disable
  1489. schtasks /Change /TN "Microsoft\Windows\Speech\HeadsetButtonPress" /Disable
  1490. schtasks /Change /TN "Microsoft\Windows\Speech\SpeechModelDownloadTask" /Disable
  1491. schtasks /Change /TN "Microsoft\Windows\StateRepository\MaintenanceTasks" /Disable
  1492. schtasks /Change /TN "Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization" /Disable
  1493. schtasks /Change /TN "Microsoft\Windows\Subscription\EnableLicenseAcquisition" /Disable
  1494. schtasks /Change /TN "Microsoft\Windows\Subscription\LicenseAcquisition" /Disable
  1495. schtasks /Change /TN "Microsoft\Windows\Sysmain\ResPriStaticDbSync" /Disable
  1496. schtasks /Change /TN "Microsoft\Windows\Sysmain\WsSwapAssessmentTask" /Disable
  1497. schtasks /Change /TN "Microsoft\Windows\Task Manager\Interactive" /Disable
  1498. schtasks /Change /TN "Microsoft\Windows\Time Synchronization\ForceSynchronizeTime" /Disable
  1499. schtasks /Change /TN "Microsoft\Windows\Time Synchronization\SynchronizeTime" /Disable
  1500. schtasks /Change /TN "Microsoft\Windows\Time Zone\SynchronizeTimeZone" /Disable
  1501. schtasks /Change /TN "Microsoft\Windows\TPM\Tpm-HASCertRetr" /Disable
  1502. schtasks /Change /TN "Microsoft\Windows\TPM\Tpm-Maintenance" /Disable
  1503. schtasks /Change /TN "Microsoft\Windows\UPnP\UPnPHostConfig" /Disable
  1504. schtasks /Change /TN "Microsoft\Windows\USB\Usb-Notifications" /Disable
  1505. schtasks /Change /TN "Microsoft\Windows\User Profile Service\HiveUploadTask" /Disable
  1506. schtasks /Change /TN "Microsoft\Windows\WCM\WiFiTask" /Disable
  1507. schtasks /Change /TN "Microsoft\Windows\WDI\ResolutionHost" /Disable
  1508. schtasks /Change /TN "Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange" /Disable
  1509. schtasks /Change /TN "Microsoft\Windows\Windows Media Sharing\UpdateLibrary" /Disable
  1510. schtasks /Change /TN "Microsoft\Windows\WindowsUpdate\Scheduled Start" /Disable
  1511. schtasks /Change /TN "Microsoft\Windows\WlanSvc\CDSSync" /Disable
  1512. schtasks /Change /TN "Microsoft\Windows\WOF\WIM-Hash-Management" /Disable
  1513. schtasks /Change /TN "Microsoft\Windows\WOF\WIM-Hash-Validation" /Disable
  1514. schtasks /Change /TN "Microsoft\Windows\Work Folders\Work Folders Logon Synchronization" /Disable
  1515. schtasks /Change /TN "Microsoft\Windows\Work Folders\Work Folders Maintenance Work" /Disable
  1516. schtasks /Change /TN "Microsoft\Windows\Workplace Join\Automatic-Device-Join" /Disable
  1517. schtasks /Change /TN "Microsoft\Windows\WwanSvc\NotificationTask" /Disable
  1518.  
  1519.  
  1520. rem ================================== Windows Services ====================================
  1521.  
  1522.  
  1523. rem Security Accounts Manager has to be disabled Manually via services.msc
  1524. rem Disabling Windows Update will do nothing, but if you disable a service, it is dependent on, it will fail to start or check for updates, obviously
  1525.  
  1526. rem Application Information / required by UAC
  1527. rem AppX Deployment Service (AppXSVC) / required by Store
  1528. rem Background Intelligent Transfer Service / required by Windows Updates / depends on Network List Service (starts even when disabled)
  1529. rem Base Filtering Engine / required by Windows Defender Firewall
  1530. rem CNG Key Isolation / required to login to Windows Insider / Switch to Local Account / Set up PIN / Basically everything Credentials related
  1531. rem Credential Manager / required to store credentials (check User Accounts - Credential Manager) / required by apps like Windows Mail to store passwords / An administrator has blocked you from running this app.
  1532. rem Delivery Optimization / required by Windows Updates
  1533. rem Diagnostic Policy Service / required by Windows Diagnostic (Troubleshooting)
  1534. rem DHCP Client / required by Windows Updates (0x80240022)
  1535. rem Distributed Link Tracking Client / sometimes required to open shortcuts and System apps - "Windows cannot access the specified device, path, or file. You may not have the appropriate permission to access the item"
  1536. rem Geolocation Service / required by some Windows Store apps, it can not be enabled when Connected User Experiences and Telemetry is disabled
  1537. rem Microsoft Account Sign-in Assistant / required to login to Microsoft Account
  1538. rem Network Connections / required to manage Network Connections
  1539. rem Network Connection Broker / required and to change Network Settings
  1540. rem Network List Service / required by Windows Update and to change Network Settings
  1541. rem Network Location Awareness / required by Windows Update and Windows Defender Firewall
  1542. rem Network Store Interface Service / disabling disables Windows Firewall and can cause BSOD - Critical Service Failed
  1543. rem Print Spooler / required by printers
  1544. rem Radio Management Service / required to display WiFi networks
  1545. rem Web Account Manager / required to login to Microsoft Account/Store
  1546. rem Windows Biometric Service / required by biometric devices like a fingerprint reader
  1547. rem Windows Connection Manager / required by WiFi and Data Usage and Windows Update (starts even when disabled)
  1548. rem Windows Defender Firewall (Base Filtering Engine/Network Location Awareness) / required by Windows Update and Store Apps (0x80073d0a)
  1549. rem Windows Driver Foundation - User-mode Driver Framework / required by some drivers like USB devices
  1550. rem Windows Image Acquisition (WIA) / required by scanners
  1551. rem Windows Management Instrumentation / required by wmic commands / disabled to prevent fileless malware
  1552.  
  1553. rem Adobe Flash Player Update Service
  1554. sc config AdobeFlashPlayerUpdateSvc start= disabled
  1555.  
  1556. rem AMD External Events Utility
  1557. sc config "AMD External Events Utility" start= disabled
  1558.  
  1559. rem AMD User Experience Program Launcher
  1560. sc config AUEPLauncher start= disabled
  1561.  
  1562. rem ASUS HM Com Service
  1563. sc config ALG start= disabled
  1564.  
  1565. rem ASUS Com Service
  1566. sc config asComSvc start= disabled
  1567.  
  1568. rem Application Layer Gateway Service
  1569. sc config asHmComSvc start= disabled
  1570.  
  1571. rem AppX Deployment Service (AppXSVC)
  1572. reg add "HKLM\System\CurrentControlSet\Services\AppXSvc" /v "Start" /t REG_DWORD /d "4" /f
  1573.  
  1574. rem AVCTP service
  1575. sc config BthAvctpSvc start= disabled
  1576.  
  1577. rem Background Intelligent Transfer Service
  1578. rem https://www.secureworks.com/blog/malware-lingers-with-bits
  1579. sc config BITS start= demand
  1580.  
  1581. rem Base Filtering Engine
  1582. reg add "HKLM\System\CurrentControlSet\Services\BFE" /v "Start" /t REG_DWORD /d "2" /f
  1583.  
  1584. rem Beep
  1585. sc config Beep start= disabled
  1586.  
  1587. rem BitLocker Drive Encryption Service
  1588. sc config BDESVC start= disabled
  1589.  
  1590. rem Capability Access Manager Service
  1591. sc config camsvc start= disabled
  1592.  
  1593. rem CDPUserSvc
  1594. sc config CDPUserSvc start= disabled
  1595.  
  1596. rem Certificate Propagation
  1597. sc config CertPropSvc start= disabled
  1598.  
  1599. rem Clipboard User Service
  1600. reg add "HKLM\System\CurrentControlSet\Services\cbdhsvc" /v "Start" /t REG_DWORD /d "4" /f
  1601.  
  1602. rem CNG Key Isolation
  1603. sc config KeyIso start= disabled
  1604.  
  1605. rem COM+ Event System
  1606. sc config EventSystem start= disabled
  1607.  
  1608. rem Connected User Experiences and Telemetry
  1609. sc config DiagTrack start= disabled
  1610.  
  1611. rem Contact Data
  1612. reg add "HKLM\System\CurrentControlSet\Services\UsoSvc" /v "Start" /t REG_DWORD /d "4" /f
  1613.  
  1614. rem Credential Manager
  1615. sc config VaultSvc start= disabled
  1616.  
  1617. rem Cryptographic Services
  1618. sc config VaultSvc start= demand
  1619.  
  1620. rem Data Usage
  1621. sc config DusmSvc start= disabled
  1622.  
  1623. rem Delivery Optimization
  1624. reg add "HKLM\System\CurrentControlSet\Services\DoSvc" /v "Start" /t REG_DWORD /d "4" /f
  1625.  
  1626. rem Device Management Wireless Application Protocol (WAP) Push message Routing Service
  1627. sc config dmwappushservice start= disabled
  1628.  
  1629. rem DHCP Client
  1630. sc config Dhcp start= disabled
  1631.  
  1632. rem Diagnostic Policy Service
  1633. sc config DPS start= disabled
  1634.  
  1635. rem Diagnostic Hub (Privacy/Telemetry)
  1636. sc config diagnosticshub.standardcollector.service start= disabled
  1637.  
  1638. rem Display Policy Service
  1639. sc config DispBrokerDesktopSvc start= disabled
  1640.  
  1641. rem Distributed Link Tracking Client
  1642. sc config TrkWks start= demand
  1643.  
  1644. rem Distributed Transaction Coordinator
  1645. sc config MSDTC start= disabled
  1646.  
  1647. rem DNS Client (Required by the internet connection, unless you set up DNS servers manually in IPv4/6's properties)
  1648. reg add "HKLM\System\CurrentControlSet\Services\Dnscache" /v "Start" /t REG_DWORD /d "4" /f
  1649.  
  1650. rem Downloaded Maps Manager
  1651. sc config MapsBroker start= disabled
  1652.  
  1653. rem Encrypting File System (EFS)
  1654. sc config EFS start= disabled
  1655.  
  1656. rem Function Discovery Provider Host
  1657. sc config fdPHost start= disabled
  1658.  
  1659. rem Function Discovery Resource Publication
  1660. sc config FDResPub start= disabled
  1661.  
  1662. rem Geolocation Service
  1663. sc config lfsvc start= disabled
  1664.  
  1665. rem IKE and AuthIP IPsec Keying Modules
  1666. sc config IKEEXT start= disabled
  1667.  
  1668. rem IP Helper
  1669. sc config iphlpsvc start= disabled
  1670.  
  1671. rem IPsec Policy Agent
  1672. sc config PolicyAgent start= disabled
  1673.  
  1674. rem Microsoft Passport
  1675. reg add "HKLM\System\CurrentControlSet\Services\NgcSvc" /v "Start" /t REG_DWORD /d "4" /f
  1676.  
  1677. rem Microsoft Passport Container
  1678. reg add "HKLM\System\CurrentControlSet\Services\NgcCtnrSvc" /v "Start" /t REG_DWORD /d "4" /f
  1679.  
  1680. rem Network Connections
  1681. sc config Netman start= demand
  1682.  
  1683. rem Network List Service
  1684. sc config netprofm start= disabled
  1685.  
  1686. rem Network Location Awareness
  1687. sc config NlaSvc start= auto
  1688.  
  1689. rem Network Store Interface Service
  1690. sc config nsi start= auto
  1691.  
  1692. rem Optimize drives
  1693. sc config defragsvc start= disabled
  1694.  
  1695. rem Portable Device Enumerator Service
  1696. sc config WPDBusEnum start= disabled
  1697.  
  1698. rem Print Spooler
  1699. sc config Spooler start= disabled
  1700.  
  1701. rem Program Compatibility Assistant Service
  1702. sc config PcaSvc start= disabled
  1703.  
  1704. rem Radio Management Service
  1705. sc config RmSvc start= disabled
  1706.  
  1707. rem Remote Access Connection Manager
  1708. sc config RasMan start= disabled
  1709.  
  1710. rem Remote Desktop Services
  1711. sc config TermService start= disabled
  1712.  
  1713. rem Retail Demo
  1714. sc config RetailDemo start=disabled
  1715.  
  1716. rem Secure Socket Tunneling Protocol Service
  1717. sc config SstpSvc start= disabled
  1718.  
  1719. rem Security Centre
  1720. reg add "HKLM\System\CurrentControlSet\Services\wscsvc" /v "Start" /t REG_DWORD /d "4" /f
  1721.  
  1722. rem Server
  1723. sc config LanmanServer start= disabled
  1724.  
  1725. rem Shell Hardware Detection
  1726. sc config ShellHWDetection start= disabled
  1727.  
  1728. rem Smart Card
  1729. sc config SCardSvr start= disabled
  1730.  
  1731. rem Storage Service
  1732. sc config StorSvc start= disabled
  1733.  
  1734. rem SSDP Discovery
  1735. sc config SSDPSRV start= disabled
  1736.  
  1737. rem Superfetch
  1738. sc config SysMain start= disabled
  1739.  
  1740. rem System Guard Runtime Monitor Broker
  1741. reg add "HKLM\System\CurrentControlSet\Services\SgrmBroker" /v "Start" /t REG_DWORD /d "4" /f
  1742.  
  1743. rem Task Scheduler
  1744. rem reg add "HKLM\System\CurrentControlSet\Services\Schedule" /v "Start" /t REG_DWORD /d "4" /f
  1745.  
  1746. rem TCP/IP NetBIOS Helper (Required by some internet connections like aDSL)
  1747. sc config lmhosts start= disabled
  1748.  
  1749. rem Themes
  1750. sc config Themes start= disabled
  1751.  
  1752. rem Tile Data model server
  1753. reg add "HKLM\System\CurrentControlSet\Services\tiledatamodelsvc" /v "Start" /t REG_DWORD /d "4" /f
  1754.  
  1755. rem Touch Keyboard and Handwriting Panel Service (keeps ctfmon.exe running)
  1756. sc config TabletInputService start= disabled
  1757.  
  1758. rem Update Orchestrator Service
  1759. reg add "HKLM\System\CurrentControlSet\Services\UsoSvc" /v "Start" /t REG_DWORD /d "4" /f
  1760.  
  1761. rem User Data Access
  1762. reg add "HKLM\System\CurrentControlSet\Services\UserDataSvc" /v "Start" /t REG_DWORD /d "4" /f
  1763.  
  1764. rem User Data Storage
  1765. reg add "HKLM\System\CurrentControlSet\Services\UnistoreSvc" /v "Start" /t REG_DWORD /d "4" /f
  1766.  
  1767. rem Web Account Manager
  1768. sc config TokenBroker start= disabled
  1769.  
  1770. rem WebClient
  1771. sc config WebClient start= disabled
  1772.  
  1773. rem Windows Biometric Service
  1774. sc config WbioSrvc start= disabled
  1775.  
  1776. rem Windows Connect Now - Config Registrar (Required by WPS WiFi connection)
  1777. sc config wcncsvc start= disabled
  1778.  
  1779. rem Windows Connection Manager
  1780. sc config Wcmsvc start= disabled
  1781.  
  1782. rem Windows Defender Firewall
  1783. reg add "HKLM\System\CurrentControlSet\Services\MpsSvc" /v "Start" /t REG_DWORD /d "2" /f
  1784.  
  1785. rem Windows Font Cache Service
  1786. sc config FontCache start= disabled
  1787.  
  1788. rem Windows Management Instrumentation
  1789. rem https://gbhackers.com/fileless-malware-wmi-eternalblue
  1790. sc config Winmgmt start= disabled
  1791.  
  1792. rem Windows Network Data Usage Monitoring Driver service (Kernel mode driver)
  1793. sc config ndu start= disabled
  1794.  
  1795. rem Windows Image Acquisition (WIA)
  1796. sc config stisvc start= disabled
  1797.  
  1798. rem Windows Insider Service
  1799. sc config wisvc start= disabled
  1800.  
  1801. rem Windows Push Notifications System Service
  1802. reg add "HKLM\System\CurrentControlSet\Services\WpnUserService" /v "Start" /t REG_DWORD /d "4" /f
  1803. sc config WpnService start= disabled
  1804.  
  1805. rem Windows PushToInstall Service
  1806. sc config PushToInstall start= disabled
  1807.  
  1808. rem Windows Remote Management (WS-Management)
  1809. sc config WinRM start= disabled
  1810.  
  1811. rem Windows Search
  1812. sc config WSearch start= disabled
  1813.  
  1814. rem Windows Time
  1815. sc config W32Time start= disabled
  1816.  
  1817. rem Windows Update
  1818. sc config wuauserv start= disabled
  1819.  
  1820. rem WinHTTP Web Proxy Auto-Discovery Service
  1821. reg add "HKLM\System\CurrentControlSet\Services\WinHttpAutoProxySvc" /v "Start" /t REG_DWORD /d "4" /f
  1822.  
  1823. rem WMI Performance Adapter
  1824. sc config wmiApSrv start= disabled
  1825.  
  1826. rem Workstation
  1827. sc config LanmanWorkstation start= disabled
  1828.  
  1829. rem Yandex.Browser Update Service
  1830. sc config YandexBrowserService start= disabled
  1831.  
  1832.  
  1833. rem =================================== Windows Settings ===================================
  1834. rem -------------------------------------- Accounts ----------------------------------------
  1835. rem ................................... Sing-in options ....................................
  1836.  
  1837. rem 1 - Automatically save my restartable apps when I sign out and restart them after I sign in
  1838. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v "RestartApps" /t REG_DWORD /d "0" /f
  1839.  
  1840.  
  1841. rem =================================== Windows Settings ===================================
  1842. rem -------------------------------------- Accounts ----------------------------------------
  1843. rem ................................. Sync your settings ...................................
  1844.  
  1845. rem 1 - Disable sync
  1846. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync" /v "SyncPolicy" /t REG_DWORD /d "5" /f
  1847. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1848.  
  1849. rem 2 - Disable sync / 1 - Enable
  1850. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableSettingSync" /t REG_DWORD /d "2" /f
  1851.  
  1852. rem Individual sync settings
  1853. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Accessibility" /v "Enabled" /t REG_DWORD /d "0" /f
  1854. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\AppSync" /v "Enabled" /t REG_DWORD /d "0" /f
  1855. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\BrowserSettings" /v "Enabled" /t REG_DWORD /d "0" /f
  1856. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Credentials" /v "Enabled" /t REG_DWORD /d "0" /f
  1857. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\DesktopTheme" /v "Enabled" /t REG_DWORD /d "0" /f
  1858. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Language" /v "Enabled" /t REG_DWORD /d "0" /f
  1859. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\PackageState" /v "Enabled" /t REG_DWORD /d "0" /f
  1860. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Personalization" /v "Enabled" /t REG_DWORD /d "0" /f
  1861. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\StartLayout" /v "Enabled" /t REG_DWORD /d "0" /f
  1862. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\Groups\Windows" /v "Enabled" /t REG_DWORD /d "0" /f
  1863. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableAppSyncSettingSync" /t REG_DWORD /d "2" /f
  1864. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableAppSyncSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1865. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableApplicationSettingSync" /t REG_DWORD /d "2" /f
  1866. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableApplicationSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1867. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableCredentialsSettingSync" /t REG_DWORD /d "2" /f
  1868. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableCredentialsSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1869. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableDesktopThemeSettingSync" /t REG_DWORD /d "2" /f
  1870. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableDesktopThemeSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1871. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisablePersonalizationSettingSync" /t REG_DWORD /d "2" /f
  1872. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisablePersonalizationSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1873. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableStartLayoutSettingSync" /t REG_DWORD /d "2" /f
  1874. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableStartLayoutSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1875. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableSyncOnPaidNetwork" /t REG_DWORD /d 1 /f
  1876. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableWebBrowserSettingSync" /t REG_DWORD /d "2" /f
  1877. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableWebBrowserSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1878. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableWindowsSettingSync" /t REG_DWORD /d "2" /f
  1879. reg add "HKLM\Software\Policies\Microsoft\Windows\SettingSync" /v "DisableWindowsSettingSyncUserOverride" /t REG_DWORD /d "1" /f
  1880.  
  1881.  
  1882. rem =================================== Windows Settings ===================================
  1883. rem ---------------------------------------- Apps ------------------------------------------
  1884. rem ................................... Apps & features ....................................
  1885.  
  1886. rem Choose where you can get apps from - Anywhere / PreferStore / StoreOnly / Recommendations
  1887. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "AicEnabled" /t REG_SZ /d "Anywhere" /f
  1888.  
  1889.  
  1890. rem =================================== Windows Settings ===================================
  1891. rem ---------------------------------------- Apps ------------------------------------------
  1892. rem ................................... Apps & features ....................................
  1893. rem . . . . . . . . . . . . . . . . Programs and Features . . . . . . . . . . . . . . . . .
  1894.  
  1895. rem Dism /Online /Get-Features
  1896. rem Windows Basics
  1897.  
  1898.  
  1899. rem =================================== Windows Settings ===================================
  1900. rem --------------------------------------- Devices ----------------------------------------
  1901. rem ....................................... Autoplay .......................................
  1902.  
  1903. rem 0 - Use Autoplay for all media and devices
  1904. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers" /v "DisableAutoplay" /t REG_DWORD /d "1" /f
  1905.  
  1906. rem ________________________________________________________________________________________
  1907. rem Disable AutoPlay and AutoRun
  1908. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoAutorun" /t REG_DWORD /d "1" /f
  1909. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoDriveTypeAutoRun" /t REG_DWORD /d "255" /f
  1910.  
  1911.  
  1912. rem =================================== Windows Settings ===================================
  1913. rem --------------------------------------- Devices ----------------------------------------
  1914. rem ........................................ Mouse .........................................
  1915. rem . . . . . . . . . . . . . . . . Additional mouse options . . . . . . . . . . . . . . . .
  1916.  
  1917. rem 1/6/10 - Enhance pointer precision (Mouse Acceleration)
  1918. reg add "HKCU\Control Panel\Mouse" /v "MouseSpeed" /t REG_SZ /d "0" /f
  1919. reg add "HKCU\Control Panel\Mouse" /v "MouseThreshold1" /t REG_SZ /d "0" /f
  1920. reg add "HKCU\Control Panel\Mouse" /v "MouseThreshold2" /t REG_SZ /d "0" /f
  1921.  
  1922. rem ________________________________________________________________________________________
  1923. reg add "HKCU\Control Panel\Mouse" /v "MouseTrails" /t REG_SZ /d "0" /f
  1924.  
  1925.  
  1926. rem =================================== Windows Settings ===================================
  1927. rem --------------------------------------- Devices ---------------.-------------------------
  1928. rem ....................................... Typing ........................................
  1929.  
  1930. rem Autocorrect misspelled words (Privacy)
  1931. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnableAutocorrection" /t REG_DWORD /d "0" /f
  1932.  
  1933. rem Highlight misspelled words (Privacy)
  1934. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnableSpellchecking" /t REG_DWORD /d "0" /f
  1935.  
  1936. rem Show text suggestions as I type on the software keyboard (Privacy)
  1937. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnableTextPrediction" /t REG_DWORD /d "0" /f
  1938.  
  1939. rem Add a space after I choose a text suggestion (Privacy)
  1940. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnablePredictionSpaceInsertion" /t REG_DWORD /d "0" /f
  1941.  
  1942. rem Add a period after I double-tap the Spacebar (Privacy)
  1943. reg add "HKCU\Software\Microsoft\TabletTip\1.7" /v "EnableDoubleTapSpace" /t REG_DWORD /d "0" /f
  1944.  
  1945.  
  1946. rem =================================== Windows Settings ===================================
  1947. rem --------------------------------------- Devices ---------------.-------------------------
  1948. rem .................................. Pen & Windows Ink ....................................
  1949.  
  1950. rem Show recommended app suggestions (Privacy)
  1951. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\PenWorkspace" /v "PenWorkspaceAppSuggestionsEnabled" /t REG_DWORD /d "0" /f
  1952.  
  1953.  
  1954. rem =================================== Windows Settings ===================================
  1955. rem ------------------------------------ Easy of Access ------------------------------------
  1956. rem ....................................... Keyboard .......................................
  1957.  
  1958. rem Sticky Keys / 26 - Disable All / 511 - Default
  1959. reg add "HKCU\Control Panel\Accessibility\StickyKeys" /v "Flags" /t REG_SZ /d "26" /f
  1960.  
  1961. rem Toggle Keys / 58 - Disable All / 63 - Default
  1962. reg add "HKCU\Control Panel\Accessibility\ToggleKeys" /v "Flags" /t REG_SZ /d "58" /f
  1963.  
  1964. rem ________________________________________________________________________________________
  1965. rem 1 - Disable Windows Key Hotkeys
  1966. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "NoWinKeys" /t REG_DWORD /d "1" /f
  1967. rem Disable specific Windows Key Hotkeys only (like R = Win+R)
  1968. rem reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "DisabledHotkeys" /t REG_EXPAND_SZ /d "R" /f
  1969.  
  1970.  
  1971. rem =================================== Windows Settings ===================================
  1972. rem ------------------------------------ Easy of Access ------------------------------------
  1973. rem ........................................ Mouse ........................................
  1974.  
  1975. rem Mouse Keys / 254 - Disable / 255 - Default
  1976. reg add "HKCU\Control Panel\Accessibility\MouseKeys" /v "Flags" /t REG_SZ /d "254" /f
  1977.  
  1978.  
  1979. rem =================================== Windows Settings ===================================
  1980. rem ---------------------------------------- Gaming ----------------------------------------
  1981. rem ....................................... Game bar .......................................
  1982.  
  1983. rem 1 - Record game clips, screenshots, and broadcast using Game bar / Disable the message "Press Win + G to open Game bar"
  1984. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v "AppCaptureEnabled" /t REG_DWORD /d "0" /f
  1985.  
  1986. rem 1 - Open Game bar using this button on a controller
  1987. reg add "HKCU\Software\Microsoft\GameBar" /v "UseNexusForGameBarEnabled" /t REG_DWORD /d "0" /f
  1988.  
  1989.  
  1990. rem =================================== Windows Settings ===================================
  1991. rem ---------------------------------------- Gaming ----------------------------------------
  1992. rem ....................................... Game DVR .......................................
  1993.  
  1994. rem ________________________________________________________________________________________
  1995. rem 1 - Show tips when I start a game (ADs)
  1996. reg add "HKCU\Software\Microsoft\GameBar" /v "ShowStartupPanel" /t REG_DWORD /d "0" /f
  1997.  
  1998. rem 0 - Disable Fullscreen Optimizations for Current User / 0 - Enabled / 2 - Disabled
  1999. reg add "HKCU\System\GameConfigStore" /v "GameDVR_FSEBehavior" /t REG_DWORD /d "2" /f
  2000. reg add "HKCU\System\GameConfigStore" /v "GameDVR_HonorUserFSEBehaviorMode" /t REG_DWORD /d "2" /f
  2001.  
  2002. rem 0 - Disable Game DVR / "Press Win + G to record a clip"
  2003. reg add "HKCU\System\GameConfigStore" /v "GameDVR_Enabled" /t REG_DWORD /d "0" /f
  2004. reg add "HKLM\Software\Policies\Microsoft\Windows\GameDVR" /v "AllowgameDVR" /t REG_DWORD /d "0" /f
  2005.  
  2006. reg add "HKLM\System\CurrentControlSet\Services\BcastDVRUserService" /v "Start" /t REG_DWORD /d "4" /f
  2007. reg add "HKLM\System\CurrentControlSet\Services\xbgm" /v "Start" /t REG_DWORD /d "4" /f
  2008. sc config XblAuthManager start= disabled
  2009. sc config XblGameSave start= disabled
  2010. sc config XboxGipSvc start= disabled
  2011. sc config XboxNetApiSvc start= disabled
  2012. schtasks /Change /TN "Microsoft\XblGameSave\XblGameSaveTask" /Disable
  2013.  
  2014. rem Remove Game Bar Presence (to restore run "sfc /scannow")
  2015. takeown /s %computername% /u %username% /f "%WinDir%\System32\GameBarPresenceWriter.exe"
  2016. icacls "%WinDir%\System32\GameBarPresenceWriter.exe" /grant:r %username%:F
  2017. taskkill /im GameBarPresenceWriter.exe /f
  2018. del "%WinDir%\System32\GameBarPresenceWriter.exe" /s /f /q
  2019.  
  2020. reg add "HKCU\Software\Microsoft\GameBar" /v "UseNexusForGameBarEnabled" /t REG_DWORD /d "0" /f
  2021. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v "AppCaptureEnabled" /t REG_DWORD /d "0" /f
  2022. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v "AudioCaptureEnabled" /t REG_DWORD /d "0" /f
  2023. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\GameDVR" /v "CursorCaptureEnabled" /t REG_DWORD /d "0" /f
  2024.  
  2025.  
  2026. rem =================================== Windows Settings ===================================
  2027. rem ---------------------------------------- Gaming ----------------------------------------
  2028. rem ....................................... Game Mode ......................................
  2029.  
  2030. rem 0 - Disable support for Game Mode
  2031. reg add "HKCU\Software\Microsoft\GameBar" /v "AutoGameModeEnabled" /t REG_DWORD /d "0" /f
  2032.  
  2033. rem 1 - Use Game Mode
  2034. reg add "HKCU\Software\Microsoft\GameBar" /v "AllowAutoGameMode" /t REG_DWORD /d "0" /f
  2035.  
  2036.  
  2037. rem =================================== Windows Settings ===================================
  2038. rem ---------------------------------- Network & Internet ----------------------------------
  2039. rem ................................ Change adapter options ................................
  2040.  
  2041. rem Show public/external IP
  2042. rem nslookup myip.opendns.com. resolver1.opendns.com
  2043.  
  2044. rem Windows wmic command line command
  2045. rem http://www.computerhope.com/wmic.htm
  2046. rem To get adapter's index number use
  2047. rem wmic nicconfig get caption,index,TcpipNetbiosOptions
  2048.  
  2049. rem Disable IPv6
  2050. netsh int ipv6 isatap set state disabled
  2051. netsh int teredo set state disabled
  2052. netsh interface ipv6 6to4 set state state=disabled undoonstop=disabled
  2053. reg add "HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters" /v "DisabledComponents" /t REG_DWORD /d "255" /f
  2054.  
  2055. rem Setup DNS Servers on DHCP Enabled Network (CloudflareDNS)
  2056. wmic nicconfig where DHCPEnabled=TRUE call SetDNSServerSearchOrder ("1.1.1.1")
  2057.  
  2058. rem Setup IP, Gateway and DNS Servers based on the MAC address (To Enable DHCP: wmic nicconfig where macaddress="28:E3:47:18:70:3D" call enabledhcp)
  2059. rem http://www.subnet-calculator.com/subnet.php?net_class=A
  2060. wmic nicconfig where macaddress="D0:17:C2:D0:30:DC" call EnableStatic ("10.10.10.12"), ("255.255.255.248")
  2061. wmic nicconfig where macaddress="D0:17:C2:D0:30:DC" call SetDNSServerSearchOrder ("156.154.70.2,156.154.71.2")
  2062. wmic nicconfig where macaddress="D0:17:C2:D0:30:DC" call SetGateways ("10.10.10.10")
  2063.  
  2064. rem 0 - Disable LMHOSTS Lookup on all adapters / 1 - Enable
  2065. reg add "HKLM\System\CurrentControlSet\Services\NetBT\Parameters" /v "EnableLMHOSTS" /t REG_DWORD /d "0" /f
  2066.  
  2067. rem 2 - Disable NetBIOS over TCP/IP on all adapters / 1 - Enable / 0 - Default
  2068. wmic nicconfig where TcpipNetbiosOptions=0 call SetTcpipNetbios 2
  2069. wmic nicconfig where TcpipNetbiosOptions=1 call SetTcpipNetbios 2
  2070.  
  2071. rem ________________________________________________________________________________________
  2072. rem https://msdn.microsoft.com/en-us/library/windows/desktop/aa383928(v=vs.85).aspx
  2073. rem https://www.codeproject.com/articles/1158641/windows-continuous-disk-write-plus-webcachev-dat-p
  2074. rem Disable WinInetCacheServer (WinINet Caching/V01.log/WebCacheV01.dat)
  2075. rem %LocalAppData%\Microsoft\Windows\WebCache
  2076. rem Take Ownership of the Registry key - https://www.youtube.com/watch?v=M1l5ifYKefg
  2077. reg delete "HKCR\AppID\{3eb3c877-1f16-487c-9050-104dbcd66683}" /f
  2078. reg delete "HKCR\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}" /v "AppID" /f
  2079. reg delete "HKCR\Wow6432Node\AppID\{3eb3c877-1f16-487c-9050-104dbcd66683}" /f
  2080. reg delete "HKCR\Wow6432Node\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}" /v "AppID" /f
  2081. reg delete "HKLM\SOFTWARE\Wow6432Node\Classes\AppID\{3eb3c877-1f16-487c-9050-104dbcd66683}" /f
  2082. reg delete "HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}" /v "AppID" /f
  2083. schtasks /Change /TN "Microsoft\Windows\Wininet\CacheTask" /Disable
  2084.  
  2085. rem 0 - Disable WiFi Sense (shares your WiFi network login with other people)
  2086. reg add "HKLM\Software\Microsoft\PolicyManager\default\WiFi\AllowAutoConnectToWiFiSenseHotspots" /v "value" /t REG_DWORD /d "0" /f
  2087. reg add "HKLM\Software\Microsoft\PolicyManager\default\WiFi\AllowWiFiHotSpotReporting" /v "value" /t REG_DWORD /d "0" /f
  2088. reg add "HKLM\Software\Microsoft\WcmSvc\wifinetworkmanager\config" /v "AutoConnectAllowedOEM" /t REG_DWORD /d "0" /f
  2089.  
  2090. rem 1 - Disable Domain Name Devolution (DNS AutoCorrect) / 0 - Enabled (Default)
  2091. reg add "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters" /v "UseDomainNameDevolution" /t REG_DWORD /d "0" /f
  2092.  
  2093. rem Restrict NTLM: Incoming NTLM traffic - Deny All
  2094. reg add "HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0" /v "RestrictReceivingNTLMTraffic" /t REG_DWORD /d "2" /f
  2095.  
  2096. rem Restrict NTLM: Outgoing NTLM traffic to remote servers - Deny All
  2097. reg add "HKLM\System\CurrentControlSet\Control\Lsa\MSV1_0" /v "RestrictSendingNTLMTraffic" /t REG_DWORD /d "2" /f
  2098.  
  2099.  
  2100. rem =================================== Windows Settings ===================================
  2101. rem ----------------------------------- Personalization ------------------------------------
  2102. rem ..................................... Background .......................................
  2103.  
  2104. rem Choose your picture (Black/Dark recommended)
  2105. reg add "HKCU\Control Panel\Desktop" /v "Wallpaper" /t REG_SZ /d "D:\Software\Temp\Pics\MLP Wallpapers\Wallpaper.jpg" /f
  2106.  
  2107. rem Choose a fit / 10 - Fill / 6 - Fit / 2 - Stretch / 0 - Tile/Center
  2108. reg add "HKCU\Control Panel\Desktop" /v "WallpaperStyle" /t REG_SZ /d "2" /f
  2109.  
  2110. rem ________________________________________________________________________________________
  2111.  
  2112. rem 60-100% Wallpaper's image quality / 85 - Default
  2113. reg add "HKCU\Control Panel\Desktop" /v "JPEGImportQuality" /t REG_DWORD /d "100" /f
  2114.  
  2115.  
  2116. rem =================================== Windows Settings ===================================
  2117. rem ----------------------------------- Personalization ------------------------------------
  2118. rem ....................................... Colors .........................................
  2119.  
  2120. rem 1 - Automatically pick an accent color from my background
  2121. reg add "HKCU\Control Panel\Desktop" /v "AutoColorization" /t REG_SZ /d "0" /f
  2122.  
  2123. rem 1 - Transparency Effects
  2124. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "EnableTransparency" /t REG_DWORD /d "0" /f
  2125.  
  2126. rem 1 - Show accent color on the following surfaces - Start, taskbar, and action center
  2127. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Themes\Personalize" /v "ColorPrevalence" /t REG_DWORD /d "1" /f
  2128.  
  2129. rem 1 - Show accent color on the following surfaces - Title bars
  2130. reg add "HKCU\Software\Microsoft\Windows\DWM" /v "ColorPrevalence" /t REG_DWORD /d "1" /f
  2131.  
  2132.  
  2133. rem =================================== Windows Settings ===================================
  2134. rem ----------------------------------- Personalization ------------------------------------
  2135. rem ..................................... Lock screen ......................................
  2136.  
  2137. rem 1 - Get fun facts, tips, tricks, and more on your lock screen (ADs) / Windows Spotlight
  2138. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "RotatingLockScreenEnabled" /t REG_DWORD /d "0" /f
  2139. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "RotatingLockScreenOverlayEnabled" /t REG_DWORD /d "0" /f
  2140.  
  2141. rem ________________________________________________________________________________________
  2142. rem 1 - Disable LockScreen
  2143. reg add "HKLM\Software\Policies\Microsoft\Windows\Personalization" /v "NoLockScreen" /t REG_DWORD /d "1" /f
  2144.  
  2145. rem 1 - Disable Sign-in Screen Background Image
  2146. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "DisableLogonBackgroundImage" /t REG_DWORD /d "1" /f
  2147.  
  2148. rem 1 - Disable Windows spotlight (provides features such as different background images and text on the lock screen, suggested apps)
  2149. reg add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsConsumerFeatures" /t REG_DWORD /d "1" /f
  2150. reg add "HKLM\Software\Policies\Microsoft\Windows\CloudContent" /v "DisableWindowsSpotlightFeatures" /t REG_DWORD /d "1" /f
  2151.  
  2152.  
  2153. rem =================================== Windows Settings ===================================
  2154. rem ----------------------------------- Personalization ------------------------------------
  2155. rem ..................................... Lock screen ......................................
  2156. rem . . . . . . . . . . . . . . . . . Screen saver settings . . . . . . . . . . . . . . . .
  2157.  
  2158. rem 0 - No screen saver is selected / 1 - A screen saver is selected
  2159. reg add "HKCU\Control Panel\Desktop" /v "ScreenSaveActive" /t REG_SZ /d "1" /f
  2160.  
  2161. rem Specifies whether the screen saver is password-protected / 0 - No / 1 - Yes
  2162. reg add "HKCU\Control Panel\Desktop" /v "ScreenSaverIsSecure" /t REG_SZ /d "0" /f
  2163.  
  2164. rem Specifies in seconds how long the System remains idle before the screen saver starts
  2165. reg add "HKCU\Control Panel\Desktop" /v "ScreenSaveTimeOut" /t REG_SZ /d "250" /f
  2166.  
  2167. rem Screensaver - Mystify.scr
  2168. reg add "HKCU\Control Panel\Desktop" /v "SCRNSAVE.EXE" /t REG_SZ /d "C:\Windows\PONY_ALL_NO_SOUND.scr" /f
  2169.  
  2170.  
  2171. rem =================================== Windows Settings ===================================
  2172. rem ----------------------------------- Personalization ------------------------------------
  2173. rem ........................................ Start .........................................
  2174.  
  2175. rem 1 - Show suggestions occasionally in Start (ADs)
  2176. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338388Enabled" /t REG_DWORD /d "0" /f
  2177. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SystemPaneSuggestionsEnabled" /t REG_DWORD /d "0" /f
  2178.  
  2179. rem 1 - Show recently opened items in Jump Lists on Start or the taskbar
  2180. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Start_TrackDocs" /t REG_DWORD /d "0" /f
  2181.  
  2182. rem ________________________________________________________________________________________
  2183. rem Prevents managing taskbar iscons, like pin to taskbar, etc
  2184. takeown /s %computername% /u %username% /f "%WinDir%\SystemApps"
  2185. icacls "%WinDir%\SystemApps" /grant:r %username%:(OI)(CI)F /t /l /q /c
  2186. taskkill /im StartMenuExperienceHost.exe /f
  2187. rd "%WinDir%\SystemApps" /s /q
  2188.  
  2189.  
  2190. rem =================================== Windows Settings ===================================
  2191. rem ----------------------------------- Personalization ------------------------------------
  2192. rem ....................................... Taskbar ........................................
  2193.  
  2194. rem Lock the taskbar
  2195. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarSizeMove" /t REG_DWORD /d "0" /f
  2196.  
  2197. rem Replace Command Prompt with Windows Powershell in the menu when I right-click the start button or press Windows key+X
  2198. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "DontUsePowerShellOnWinX" /t REG_DWORD /d "1" /f
  2199.  
  2200. rem Combine taskbar buttons / 0 - Always hide labels / 1 - When taskbar is full / 2 - Never
  2201. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "TaskbarGlomLevel" /t REG_DWORD /d "0" /f
  2202.  
  2203. rem 1 - Show contacts on the taskbar
  2204. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\People" /v "PeopleBand" /t REG_DWORD /d "0" /f
  2205.  
  2206. rem ________________________________________________________________________________________
  2207. rem 0 - Turn on Quiet Hours in Action Center / Disable/Hide the message: Turn on Windows Security Center service
  2208. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings" /v "NOC_GLOBAL_SETTING_TOASTS_ENABLED" /t REG_DWORD /d "0" /f
  2209.  
  2210. rem 0 - Hide Task View button
  2211. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowTaskViewButton" /t REG_DWORD /d "0" /f
  2212.  
  2213. rem 0 - Disable Cortana in Taskbar search
  2214. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "BingSearchEnabled" /t REG_DWORD /d "0" /f
  2215. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "CortanaEnabled" /t REG_DWORD /d "0" /f
  2216.  
  2217. rem 0 - Cortana Button on Taskbar / 0 - Hide / 1 - Show
  2218. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "ShowCortanaButton" /t REG_DWORD /d "0" /f
  2219.  
  2220. rem 0 - Hide Taskbar search / 1 - Show search icon / 2 - Show search box
  2221. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "SearchboxTaskbarMode" /t REG_DWORD /d "0" /f
  2222.  
  2223.  
  2224. rem =================================== Windows Settings ===================================
  2225. rem ----------------------------------- Personalization ------------------------------------
  2226. rem ....................................... Taskbar ........................................
  2227. rem . . . . . . . . . . . . . Select which icons appear on the taskbar . . . . . . . . . . .
  2228.  
  2229. rem 0 - Always show all icons in the notification area / 1 - Hide Inactive Icons
  2230. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer" /v "EnableAutoTray" /t REG_DWORD /d "0" /f
  2231.  
  2232.  
  2233. rem =================================== Windows Settings ===================================
  2234. rem ----------------------------------- Personalization ------------------------------------
  2235. rem ....................................... Taskbar ........................................
  2236. rem . . . . . . . . . . . . . . . . . Turn on system icons . . . . . . . . . . . . . . . . .
  2237.  
  2238. rem 1 - Hide Action Center System Tray Icon in Taskbar
  2239. reg add "HKCU\Software\Policies\Microsoft\Windows\Explorer" /v "DisableNotificationCenter" /t REG_DWORD /d "1" /f
  2240.  
  2241. rem 1 - Hide Action Network System Tray Icon in Taskbar
  2242. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCANetwork" /t REG_DWORD /d "1" /f
  2243.  
  2244. rem 1 - Hide Action Power System Tray Icon in Taskbar
  2245. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCAPower" /t REG_DWORD /d "0" /f
  2246.  
  2247. rem 1 - Hide Volume System Tray Icon in Taskbar
  2248. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v "HideSCAVolume" /t REG_DWORD /d "1" /f
  2249.  
  2250.  
  2251. rem =================================== Windows Settings ===================================
  2252. rem ----------------------------------- Personalization ------------------------------------
  2253. rem ....................................... Themes .........................................
  2254. rem . . . . . . . . . . . . . . . . . Desktop Icon Settings . . . . . . . . . . . . . . . .
  2255.  
  2256. rem Hide Control Panel
  2257. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}" /t REG_DWORD /d "1" /f
  2258.  
  2259. rem Hide Network
  2260. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" /t REG_DWORD /d "1" /f
  2261.  
  2262. rem Hide Recycle Bin
  2263. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{645FF040-5081-101B-9F08-00AA002F954E}" /t REG_DWORD /d "1" /f
  2264.  
  2265. rem Hide Quick access
  2266. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{679f85cb-0220-4080-b29b-5540cc05aab6}" /t REG_DWORD /d "1" /f
  2267.  
  2268. rem Hide This PC
  2269. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{20D04FE0-3AEA-1069-A2D8-08002B30309D}" /t REG_DWORD /d "1" /f
  2270.  
  2271. rem Hide User's Files
  2272. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel" /v "{59031a47-3f72-44a7-89c5-5595fe6b30ee}" /t REG_DWORD /d "1" /f
  2273.  
  2274.  
  2275. rem =================================== Windows Settings ===================================
  2276. rem ----------------------------------- Personalization ------------------------------------
  2277. rem ....................................... Themes .........................................
  2278. rem . . . . . . . . . . . . . . . . . . . . Sounds . . . . . . . . . . . . . . . . . . . . .
  2279.  
  2280. rem Delete Windows Default Sounds (Permanently)
  2281. reg delete "HKCU\AppEvents\Schemes\Apps" /f
  2282.  
  2283. rem When windows detects communications activity / 0 - Mute all other sounds / 1 - Reduce all other by 80% / 2 - Reduce all other by 50% / 3 - Do nothing
  2284. reg add "HKCU\Software\Microsoft\Multimedia\Audio" /v "UserDuckingPreference" /t REG_DWORD /d "3" /f
  2285.  
  2286.  
  2287. rem =================================== Windows Settings ===================================
  2288. rem ---------------------------------------- Privacy ---------------------------------------
  2289.  
  2290. rem Let apps access ... / 0 - Default / 1 - Enabled / 2 - Disabled
  2291. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessGazeInput" /t REG_DWORD /d "2" /f
  2292.  
  2293. rem Let apps access ... / 0 - Default / 1 - Enabled / 2 - Disabled
  2294. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMotion" /t REG_DWORD /d "2" /f
  2295.  
  2296. rem Let apps access ... / 0 - Default / 1 - Enabled / 2 - Disabled
  2297. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessPhone" /t REG_DWORD /d "2" /f
  2298.  
  2299. rem Disable Cortana
  2300. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "AllowCortana" /t REG_DWORD /d "0" /f
  2301. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "CortanaCapabilities" /t REG_SZ /d "" /f
  2302. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "CortanaConsent" /t REG_DWORD /d "0" /f
  2303. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "DeviceHistoryEnabled" /t REG_DWORD /d "0" /f
  2304. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "IsAssignedAccess" /t REG_DWORD /d "0" /f
  2305. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "IsWindowsHelloActive" /t REG_DWORD /d "0" /f
  2306. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Windows Search" /v "CortanaConsent" /t REG_DWORD /d "0" /f
  2307. reg add "HKLM\Software\Microsoft\PolicyManager\default\Experience\AllowCortana" /v "value" /t REG_DWORD /d "0" /f
  2308. reg add "HKLM\Software\Policies\Microsoft\SearchCompanion" /v "DisableContentFileUpdates" /t REG_DWORD /d "1" /f
  2309. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "AllowCloudSearch" /t REG_DWORD /d "0" /f
  2310. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "AllowCortana" /t REG_DWORD /d "0" /f
  2311. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "AllowCortanaAboveLock" /t REG_DWORD /d "0" /f
  2312. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "AllowSearchToUseLocation" /t REG_DWORD /d "0" /f
  2313. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "DisableWebSearch" /t REG_DWORD /d "1" /f
  2314. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "DoNotUseWebResults" /t REG_DWORD /d "1" /f
  2315. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchPrivacy" /t REG_DWORD /d "3" /f
  2316. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWeb" /t REG_DWORD /d "0" /f
  2317. reg add "HKLM\Software\Policies\Microsoft\Windows\Windows Search" /v "ConnectedSearchUseWebOverMeteredConnections" /t REG_DWORD /d "0" /f
  2318.  
  2319. rem 1 - Let Cortana respond to "Hey Cortana"
  2320. reg add "HKCU\Software\Microsoft\Speech_OneCore\Preferences" /v "VoiceActivationOn" /t REG_DWORD /d "0" /f
  2321.  
  2322. rem 1- Let Cortana listen for my commands when I press Windows key + C
  2323. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "VoiceShortcut" /t REG_DWORD /d "0" /f
  2324.  
  2325. rem 1 - Use Cortana even when my device is locked
  2326. reg add "HKCU\Software\Microsoft\Speech_OneCore\Preferences" /v "VoiceActivationEnableAboveLockscreen" /t REG_DWORD /d "0" /f
  2327.  
  2328. rem Remove Cortana (SearchUI.exe)
  2329. takeown /s %computername% /u %username% /f "%WinDir%\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy"
  2330. icacls "%WinDir%\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy" /grant:r %username%:(OI)(CI)F /t /l /q /c
  2331. taskkill /im SearchUI.exe /f
  2332. rd "%WinDir%\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy" /s /q
  2333.  
  2334. rem Disable keyboard input/monitoring in apps like Calc, Edge, Search, Start, Store
  2335. schtasks /Change /TN "Microsoft\Windows\TextServicesFramework\MsCtfMonitor" /Disable
  2336.  
  2337.  
  2338. rem =================================== Windows Settings ===================================
  2339. rem ---------------------------------------- Privacy ---------------------------------------
  2340. rem ...................................... Account info ....................................
  2341.  
  2342. rem Let apps access my name, picture, and other account info / 0 - Default / 1 - Enabled / 2 - Disabled
  2343. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessAccountInfo" /t REG_DWORD /d "2" /f
  2344.  
  2345.  
  2346. rem =================================== Windows Settings ===================================
  2347. rem ---------------------------------------- Privacy ---------------------------------------
  2348. rem .................................... Activity History ..................................
  2349.  
  2350. rem Collect Activity History / 0 - Disabled / 1 - Enabled
  2351. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "EnableActivityFeed" /t REG_DWORD /d "0" /f
  2352.  
  2353. rem Let Windows collect my activities from this PC / 0 - Disabled / 1 - Enabled
  2354. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "PublishUserActivities" /t REG_DWORD /d "0" /f
  2355.  
  2356. rem Let Windows collect my activities from this PC to the cloud / 0 - Disabled / 1 - Enabled
  2357. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "UploadUserActivities" /t REG_DWORD /d "0" /f
  2358.  
  2359.  
  2360. rem =================================== Windows Settings ===================================
  2361. rem ---------------------------------------- Privacy ---------------------------------------
  2362. rem ..................................... App diagnostic ...................................
  2363.  
  2364. rem Let apps access diagnostic information / 0 - Default / 1 - Enabled / 2 - Disabled
  2365. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsGetDiagnosticInfo" /t REG_DWORD /d "2" /f
  2366.  
  2367.  
  2368. rem =================================== Windows Settings ===================================
  2369. rem ---------------------------------------- Privacy ---------------------------------------
  2370. rem .................................... Background apps ..................................
  2371.  
  2372. rem Let apps run in the background / 1 - Enabled / 0 - Disabled
  2373. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Search" /v "BackgroundAppGlobalToggle" /t REG_DWORD /d "0" /f
  2374.  
  2375. rem Let apps run in the background / 0 - Enabled / 1 - Disabled
  2376. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\BackgroundAccessApplications" /v "GlobalUserDisabled" /t REG_DWORD /d "1" /f
  2377.  
  2378. rem Let apps run in the background / 0 - Default / 1 - Enabled / 2 - Disabled
  2379. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsRunInBackground" /t REG_DWORD /d "2" /f
  2380.  
  2381.  
  2382. rem =================================== Windows Settings ===================================
  2383. rem ---------------------------------------- Privacy ---------------------------------------
  2384. rem ....................................... Calendar .......................................
  2385.  
  2386. rem Let Windows apps access contacts / 0 - Default / 1 - Enabled / 2 - Disabled
  2387. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCalendar" /t REG_DWORD /d "2" /f
  2388.  
  2389.  
  2390. rem =================================== Windows Settings ===================================
  2391. rem ---------------------------------------- Privacy ---------------------------------------
  2392. rem ..................................... Call history .....................................
  2393.  
  2394. rem Let apps access my call history / 0 - Default / 1 - Enabled / 2 - Disabled
  2395. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCallHistory" /t REG_DWORD /d "2" /f
  2396.  
  2397.  
  2398. rem =================================== Windows Settings ===================================
  2399. rem ---------------------------------------- Privacy ---------------------------------------
  2400. rem ........................................ Camera ........................................
  2401.  
  2402. rem Let apps use my camera / 0 - Default / 1 - Enabled / 2 - Disabled
  2403. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera" /t REG_DWORD /d "2" /f
  2404. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera_ForceAllowTheseApps" /t REG_MULTI_SZ /d "" /f
  2405. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera_ForceDenyTheseApps" /t REG_MULTI_SZ /d "" /f
  2406. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessCamera_UserInControlOfTheseApps" /t REG_MULTI_SZ /d "" /f
  2407.  
  2408.  
  2409. rem =================================== Windows Settings ===================================
  2410. rem ---------------------------------------- Privacy ---------------------------------------
  2411. rem ....................................... Contacts .......................................
  2412.  
  2413. rem Let Windows apps access contacts / 0 - Default / 1 - Enabled / 2 - Disabled
  2414. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessContacts" /t REG_DWORD /d "2" /f
  2415.  
  2416.  
  2417. rem =================================== Windows Settings ===================================
  2418. rem ---------------------------------------- Privacy ---------------------------------------
  2419. rem ......................................... Email ........................................
  2420.  
  2421. rem Let apps access and send email / 0 - Default / 1 - Enabled / 2 - Disabled
  2422. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessEmail" /t REG_DWORD /d "2" /f
  2423.  
  2424.  
  2425. rem =================================== Windows Settings ===================================
  2426. rem ---------------------------------------- Privacy ---------------------------------------
  2427. rem ................................. Feedback & diagnostics ...............................
  2428.  
  2429. rem Diagnostic and usage data - Select how much data you send to Microsoft / 0 - Security (Not aplicable on Home/Pro, it resets to Basic) / 1 - Basic / 2 - Enhanced (Hidden) / 3 - Full
  2430. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
  2431. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Application-Experience/Program-Telemetry" /v "Enabled" /t REG_DWORD /d "0" /f
  2432. reg add "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /v "AllowTelemetry" /t REG_DWORD /d "0" /f
  2433. reg add "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /v "DoNotShowFeedbackNotifications" /t REG_DWORD /d "1" /f
  2434. reg add "HKLM\Software\Policies\Microsoft\Windows\DataCollection" /v "MaxTelemetryAllowed" /t REG_DWORD /d "0" /f
  2435.  
  2436. rem 1 - Let Microsoft provide more tailored experiences with relevant tips and recommendations by using your diagnostic data
  2437. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Privacy" /v "TailoredExperiencesWithDiagnosticDataEnabled" /t REG_DWORD /d "0" /f
  2438.  
  2439. rem Feedback Frequency - Windows should ask for my feedback: 0 - Never / Removed - Automatically
  2440. reg add "HKCU\Software\Microsoft\Siuf\Rules" /v "NumberOfSIUFInPeriod" /t REG_DWORD /d "0" /f
  2441. reg add "HKCU\Software\Microsoft\Siuf\Rules" /v "PeriodInNanoSeconds" /t REG_DWORD /d "0" /f
  2442.  
  2443.  
  2444. rem =================================== Windows Settings ===================================
  2445. rem ---------------------------------------- Privacy ---------------------------------------
  2446. rem ........................................ General ......................................
  2447.  
  2448. rem Let apps use advertising ID to make ads more interesting to you based on your app usage
  2449. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f
  2450. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\AdvertisingInfo" /v "Enabled" /t REG_DWORD /d "0" /f
  2451. reg add "HKLM\Software\Policies\Microsoft\Windows\AdvertisingInfo" /v "DisabledByGroupPolicy" /t REG_DWORD /d "1" /f
  2452.  
  2453. rem 0 - Let websites provide locally relevant content by accessing my language list (let browsers access your local language)
  2454. reg add "HKCU\Control Panel\International\User Profile" /v "HttpAcceptLanguageOptOut" /t REG_DWORD /d "1" /f
  2455.  
  2456. rem 1 - Let Windows track app launches to improve Start and search results (Remember commands typed in Run) / 0 - Disable and Disable "Show most used apps"
  2457. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v "Start_TrackProgs" /t REG_DWORD /d "1" /f
  2458.  
  2459. rem 1 - Show me suggested content in the Settings app
  2460. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338393Enabled" /t REG_DWORD /d "0" /f
  2461. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353694Enabled" /t REG_DWORD /d "0" /f
  2462. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-353696Enabled" /t REG_DWORD /d "0" /f
  2463.  
  2464.  
  2465. rem =================================== Windows Settings ===================================
  2466. rem ---------------------------------------- Privacy ---------------------------------------
  2467. rem ....................................... Location .......................................
  2468.  
  2469. rem 1 - Location for this device is Off
  2470. reg add "HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocation" /t REG_DWORD /d "1" /f
  2471. reg add "HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableLocationScripting" /t REG_DWORD /d "1" /f
  2472. reg add "HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableSensors" /t REG_DWORD /d "1" /f
  2473. reg add "HKLM\Software\Policies\Microsoft\Windows\LocationAndSensors" /v "DisableWindowsLocationProvider" /t REG_DWORD /d "1" /f
  2474.  
  2475. rem 0 - Default / 1 - Enabled / 2 - Disabled
  2476. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessLocation" /t REG_DWORD /d "2" /f
  2477.  
  2478.  
  2479. rem =================================== Windows Settings ===================================
  2480. rem ---------------------------------------- Privacy ---------------------------------------
  2481. rem ....................................... Messaging ......................................
  2482.  
  2483. rem Let apps read or send messages (text or MMS) / 0 - Default / 1 - Enabled / 2 - Disabled
  2484. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMessaging" /t REG_DWORD /d "2" /f
  2485.  
  2486.  
  2487. rem =================================== Windows Settings ===================================
  2488. rem ---------------------------------------- Privacy ---------------------------------------
  2489. rem ...................................... Microphone ......................................
  2490.  
  2491. rem Let apps use my microphone / 0 - Default / 1 - Enabled / 2 - Disabled
  2492. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessMicrophone" /t REG_DWORD /d "2" /f
  2493.  
  2494.  
  2495. rem =================================== Windows Settings ===================================
  2496. rem ---------------------------------------- Privacy ---------------------------------------
  2497. rem ..................................... Notifications ....................................
  2498.  
  2499. rem Let apps access my notifications / 0 - Default / 1 - Enabled / 2 - Disabled
  2500. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessNotifications" /t REG_DWORD /d "2" /f
  2501.  
  2502.  
  2503. rem =================================== Windows Settings ===================================
  2504. rem ---------------------------------------- Privacy ---------------------------------------
  2505. rem ..................................... Other devices ....................................
  2506.  
  2507. rem Let apps automatically share and sync info with wireless devices that don't explicitly pair with your PC, tablet, or phone / 0 - Default / 1 - Enabled / 2 - Disabled
  2508. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsSyncWithDevices" /t REG_DWORD /d "2" /f
  2509.  
  2510. reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessTrustedDevices" /t REG_DWORD /d "2" /f
  2511.  
  2512.  
  2513. rem =================================== Windows Settings ===================================
  2514. rem ---------------------------------------- Privacy ---------------------------------------
  2515. rem ............................... Speech, inking, & typing ...............................
  2516.  
  2517. rem ________________________________________________________________________________________
  2518. reg add "HKLM\Software\Microsoft\Input" /v "InputServiceEnabled" /t REG_DWORD /d "0" /f
  2519. reg add "HKLM\Software\Microsoft\Input" /v "InputServiceEnabledForCCI" /t REG_DWORD /d "0" /f
  2520. reg add "HKCU\Software\Microsoft\Input\TIPC" /v "Enabled" /t REG_DWORD /d "0" /f
  2521. reg add "HKCU\Software\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d "1" /f
  2522. reg add "HKCU\Software\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d "1" /f
  2523. reg add "HKCU\Software\Microsoft\InputPersonalization\TrainedDataStore" /v "HarvestContacts" /t REG_DWORD /d "0" /f
  2524. reg add "HKCU\Software\Microsoft\Personalization\Settings" /v "AcceptedPrivacyPolicy" /t REG_DWORD /d "0" /f
  2525. reg add "HKLM\Software\Policies\Microsoft\InputPersonalization" /v "AllowInputPersonalization" /t REG_DWORD /d "0" /f
  2526. reg add "HKLM\Software\Policies\Microsoft\InputPersonalization" /v "RestrictImplicitInkCollection" /t REG_DWORD /d "1" /f
  2527. reg add "HKLM\Software\Policies\Microsoft\InputPersonalization" /v "RestrictImplicitTextCollection" /t REG_DWORD /d "1" /f
  2528. reg add "HKLM\Software\Policies\Microsoft\Windows\HandwritingErrorReports" /v "PreventHandwritingErrorReports" /t REG_DWORD /d "1" /f
  2529. reg add "HKLM\Software\Policies\Microsoft\Windows\TabletPC" /v "PreventHandwritingDataSharing" /t REG_DWORD /d "1" /f
  2530.  
  2531.  
  2532. rem =================================== Windows Settings ===================================
  2533. rem ---------------------------------------- Privacy ---------------------------------------
  2534. rem ........................................ Radios ........................................
  2535.  
  2536. rem Let apps control radios / 0 - Default / 1 - Enabled / 2 - Disabled
  2537. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessRadios" /t REG_DWORD /d "2" /f
  2538.  
  2539.  
  2540. rem =================================== Windows Settings ===================================
  2541. rem ---------------------------------------- Privacy ---------------------------------------
  2542. rem ......................................... Tasks ........................................
  2543.  
  2544. rem Let apps access tasks / 0 - Default / 1 - Enabled / 2 - Disabled
  2545. reg add "HKLM\Software\Policies\Microsoft\Windows\AppPrivacy" /v "LetAppsAccessTasks" /t REG_DWORD /d "2" /f
  2546.  
  2547.  
  2548. rem =================================== Windows Settings ===================================
  2549. rem --------------------------------------- System -----------------------------------------
  2550. rem ........................................ About .........................................
  2551.  
  2552. rem PC Name: LianLiPC-7NB (Computer name should not be longer than 15 characters, no spaces either)
  2553. reg add "HKLM\System\CurrentControlSet\Control\ComputerName\ActiveComputerName" /v "ComputerName" /t REG_SZ /d "LianLiPC-7NB" /f
  2554. reg add "HKLM\System\CurrentControlSet\Control\ComputerName\ComputerName" /v "ComputerName" /t REG_SZ /d "LianLiPC-7NB" /f
  2555. reg add "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters" /v "Hostname" /t REG_SZ /d "LianLiPC-7NB" /f
  2556. reg add "HKLM\System\CurrentControlSet\Services\Tcpip\Parameters" /v "NV Hostname" /t REG_SZ /d "LianLiPC-7NB" /f
  2557.  
  2558. rem Support
  2559. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "Manufacturer" /t REG_SZ /d "TairikuOkami" /f
  2560. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "Model" /t REG_SZ /d "MSI Radeon RX 580 ARMOR 8G OC" /f
  2561. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "SupportHours" /t REG_SZ /d "Within 24-48 hours" /f
  2562. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "SupportPhone" /t REG_SZ /d "TairikuOkami@protonmail.ch" /f
  2563. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "SupportURL" /t REG_SZ /d "https://steamcommunity.com/id/tairikuokami" /f
  2564.  
  2565. rem Computer Description
  2566. reg add "HKLM\System\CurrentControlSet\services\LanmanServer\Parameters" /v "srvcomment" /t REG_SZ /d "100/10 MBps" /f
  2567.  
  2568.  
  2569. rem =================================== Windows Settings ===================================
  2570. rem --------------------------------------- System -----------------------------------------
  2571. rem ........................................ About .........................................
  2572. rem . . . . . . . . . . . . . . . . . . . System info . . . . . . . . . . . . . . . . . . .
  2573.  
  2574. rem System info
  2575. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\OEMInformation" /v "Logo" /t REG_SZ /d "D:\Software\Temp\Pics\Mikai.bmp" /f
  2576. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v "RegisteredOrganization" /t REG_SZ /d "(-_-)" /f
  2577. reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion" /v "RegisteredOwner" /t REG_SZ /d "Brony" /f
  2578.  
  2579. rem Remote Settings - Disable Remote Assistance
  2580. reg add "HKLM\System\CurrentControlSet\Control\Remote Assistance" /v "fAllowToGetHelp" /t REG_DWORD /d "0" /f
  2581. reg add "HKLM\System\CurrentControlSet\Control\Remote Assistance" /v "fAllowFullControl" /t REG_DWORD /d "0" /f
  2582.  
  2583. rem System Protection - Enable System restore and Set the size
  2584. rem reg delete "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableSR" /f
  2585. rem reg delete "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableConfig" /f
  2586. rem reg add "HKLM\Software\Microsoft\Windows NT\CurrentVersion\SPP\Clients" /v " {09F7EDC5-294E-4180-AF6A-FB0E6A0E9513}" /t REG_MULTI_SZ /d "1" /f
  2587. rem schtasks /Change /TN "Microsoft\Windows\SystemRestore\SR" /Enable
  2588. rem vssadmin Resize ShadowStorage /For=C: /On=C: /Maxsize=5GB
  2589. rem sc config wbengine start= demand
  2590. rem sc config swprv start= demand
  2591. rem sc config vds start= demand
  2592. rem sc config VSS start= demand
  2593.  
  2594. rem System Protection - Disable System restore and Set the size
  2595. reg add "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" /v "DisableSR" /t REG_DWORD /d "1" /f
  2596. schtasks /Change /TN "Microsoft\Windows\SystemRestore\SR" /Disable
  2597. vssadmin Resize ShadowStorage /For=C: /On=C: /Maxsize=320MB
  2598.  
  2599. rem Advanced system settings - Performance - Advanced - Processor Scheduling
  2600. rem 0 - Foreground and background applications equally responsive / 1 - Foreground application more responsive than background / 2 - Best foreground application response time (Default)
  2601. rem 38 - Adjust for best performance of Programs / 24 - Adjust for best performance of Background Services
  2602. reg add "HKLM\System\CurrentControlSet\Control\PriorityControl" /v "Win32PrioritySeparation " /t REG_DWORD /d "38" /f
  2603.  
  2604. rem Advanced system settings - Performance - Advanced - Virtual memory
  2605. rem Disable pagefile
  2606. wmic computersystem where name="%computername%" set AutomaticManagedPagefile=False
  2607. wmic pagefileset where name="%SystemDrive%\\pagefile.sys" set InitialSize=0,MaximumSize=0
  2608. wmic pagefileset where name="%SystemDrive%\\pagefile.sys" delete
  2609.  
  2610. rem Advanced system settings - Startup and Recovery
  2611. rem 5 - 5 secs / Time to display list of operating systems
  2612. bcdedit /timeout 5
  2613.  
  2614. rem Advanced system settings - Startup and Recovery
  2615. rem 1 - Automatically Restart (on System Failure)
  2616. reg add "HKLM\System\CurrentControlSet\Control\CrashControl" /v "AutoReboot" /t REG_DWORD /d "0" /f
  2617.  
  2618. rem ________________________________________________________________________________________
  2619. rem Disable Remote Assistance
  2620. sc config RemoteRegistry start= disabled
  2621. reg add "HKLM\Software\Policies\Microsoft\Windows\WinRM\Service\WinRS" /v "AllowRemoteShellAccess" /t REG_DWORD /d "0" /f
  2622. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowToGetHelp" /t REG_DWORD /d "0" /f
  2623. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnsolicited" /t REG_DWORD /d "0" /f
  2624. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "fAllowUnsolicitedFullControl" /t REG_DWORD /d "0" /f
  2625. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "fDenyTSConnections" /t REG_DWORD /d "1" /f
  2626. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "TSAppCompat" /t REG_DWORD /d "0" /f
  2627. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "TSEnabled" /t REG_DWORD /d "0" /f
  2628. reg add "HKLM\Software\Policies\Microsoft\Windows NT\Terminal Services" /v "TSUserEnabled" /t REG_DWORD /d "0" /f
  2629.  
  2630. rem Encrypt the Pagefile
  2631. rem fsutil behavior set EncryptPagingFile 1
  2632.  
  2633.  
  2634. rem =================================== Windows Settings ===================================
  2635. rem --------------------------------------- System -----------------------------------------
  2636. rem ..................................... Clipboard ........................................
  2637.  
  2638. rem Save multiple items / 0 - Disable / 1 - Enable
  2639. reg add "HKCU\Software\Microsoft\Clipboard" /v "EnableClipboardHistory " /t REG_DWORD /d "0" /f
  2640.  
  2641. rem Sync across devices / 0 - Disable / 1 - Enable
  2642. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "AllowCrossDeviceClipboard " /t REG_DWORD /d "0" /f
  2643.  
  2644. rem ________________________________________________________________________________________
  2645. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d "0" /f
  2646.  
  2647.  
  2648. rem =================================== Windows Settings ===================================
  2649. rem --------------------------------------- System -----------------------------------------
  2650. rem ............................... Notifications & actions ................................
  2651.  
  2652. rem 1 - Get tips, tricks, and suggestions as you use Windows (ADs)
  2653. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-338389Enabled" /t REG_DWORD /d "0" /f
  2654.  
  2655. rem 0 - Get notifications from apps and other senders
  2656. reg add "HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\PushNotifications" /v "NoToastApplicationNotification" /t REG_DWORD /d "1" /f
  2657.  
  2658. rem Show me the Windows welcome experience after updates and occasionally when I sign in to highlight what's new and suggested (ADs)
  2659. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContent-310093Enabled" /t REG_DWORD /d "0" /f
  2660.  
  2661.  
  2662. rem =================================== Windows Settings ===================================
  2663. rem --------------------------------------- System -----------------------------------------
  2664. rem .................................... Power & sleep .....................................
  2665. rem . . . . . . . . . . . . . . . . Additional power settings . . . . . . . . . . . . . . .
  2666.  
  2667. rem Change plan settings - Change advanced power settings - Hard disk - Turn off hard disk (on battery) after
  2668. rem 0 - Never / 4294967295 - max value in seconds
  2669. reg add "HKLM\Software\Policies\Microsoft\Power\PowerSettings\E69653CA-CF7F-4F05-AA73-CB833FA90AD4" /v "DCSettingIndex" /t REG_DWORD /d "0" /f
  2670.  
  2671. rem Change plan settings - Change adavnced power settings - Hard disk - Turn off hard disk (plugged in) after
  2672. rem 0 - Never / 4294967295 - max value in seconds
  2673. reg add "HKLM\Software\Policies\Microsoft\Power\PowerSettings\6738E2C4-E8A5-4A42-B16A-E040E769756E" /v "ACSettingIndex" /t REG_DWORD /d "0" /f
  2674.  
  2675.  
  2676. rem =================================== Windows Settings ===================================
  2677. rem --------------------------------------- System -----------------------------------------
  2678. rem ................................. Shared Experiences ...................................
  2679.  
  2680. rem Let apps on other devices open apps and message apps on this device, and vice versa / 0 - Disabled
  2681. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "EnableCdp" /t REG_DWORD /d "0" /f
  2682. reg add "HKLM\Software\Policies\Microsoft\Windows\System" /v "EnableMmx" /t REG_DWORD /d "0" /f
  2683.  
  2684.  
  2685. rem =================================== Windows Settings ===================================
  2686. rem --------------------------------------- System -----------------------------------------
  2687. rem ....................................... Storage ........................................
  2688.  
  2689. rem ________________________________________________________________________________________
  2690. rem 0 - Disable Reserved Storage (7GB) - works only after upgrading or after a repair upgrade or set offline prior to install
  2691. rem https://forums.mydigitallife.net/threads/reserved-storage-in-windows-10.79347/page-3#post-1519084
  2692. rem fsutil storagereserve query C:
  2693. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\ReserveManager" /v "ShippedWithReserves" /t REG_DWORD /d "0" /f
  2694.  
  2695. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "AllowStorageSenseGlobal" /t REG_DWORD /d "0" /f
  2696. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "AllowStorageSenseTemporaryFilesCleanup" /t REG_DWORD /d "0" /f
  2697. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "ConfigStorageSenseCloudContentDehydrationThreshold" /t REG_DWORD /d "0" /f
  2698. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "ConfigStorageSenseRecycleBinCleanupThreshold" /t REG_DWORD /d "0" /f
  2699. reg add "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "ConfigStorageSenseDownloadsCleanupThreshold" /t REG_DWORD /d "0" /f
  2700. reg delete "HKLM\Software\Policies\Microsoft\Windows\StorageSense" /v "ConfigStorageSenseGlobalCadence" /f
  2701.  
  2702.  
  2703. rem =================================== Windows Settings ===================================
  2704. rem ----------------------------------- Time & language -------------------------------------
  2705. rem ..................................... Date & time .......................................
  2706.  
  2707. rem Time Zone - Central Europe Standard Time
  2708. tzutil /s "Central Europe Standard Time"
  2709.  
  2710.  
  2711. rem =================================== Windows Settings ===================================
  2712. rem ----------------------------------- Time & language -------------------------------------
  2713. rem ..................................... Date & time .......................................
  2714. rem . . . . . . . . . . . . Additional date, time, & regional settings . . . . . . . . . . .
  2715.  
  2716. rem Set Formats to Metric
  2717. reg add "HKCU\Control Panel\International" /v "iDigits" /t REG_SZ /d "2" /f
  2718. reg add "HKCU\Control Panel\International" /v "iLZero" /t REG_SZ /d "1" /f
  2719. reg add "HKCU\Control Panel\International" /v "iMeasure" /t REG_SZ /d "0" /f
  2720. reg add "HKCU\Control Panel\International" /v "iNegNumber" /t REG_SZ /d "1" /f
  2721. reg add "HKCU\Control Panel\International" /v "iPaperSize" /t REG_SZ /d "1" /f
  2722. reg add "HKCU\Control Panel\International" /v "iTLZero" /t REG_SZ /d "1" /f
  2723. reg add "HKCU\Control Panel\International" /v "sDecimal" /t REG_SZ /d "," /f
  2724. reg add "HKCU\Control Panel\International" /v "sNativeDigits" /t REG_SZ /d "0123456789" /f
  2725. reg add "HKCU\Control Panel\International" /v "sNegativeSign" /t REG_SZ /d "-" /f
  2726. reg add "HKCU\Control Panel\International" /v "sPositiveSign" /t REG_SZ /d "" /f
  2727. reg add "HKCU\Control Panel\International" /v "NumShape" /t REG_SZ /d "1" /f
  2728.  
  2729. rem Set Time to 24h / Monday
  2730. reg add "HKCU\Control Panel\International" /v "iCalendarType" /t REG_SZ /d "1" /f
  2731. reg add "HKCU\Control Panel\International" /v "iDate" /t REG_SZ /d "1" /f
  2732. reg add "HKCU\Control Panel\International" /v "iFirstDayOfWeek" /t REG_SZ /d "0" /f
  2733. reg add "HKCU\Control Panel\International" /v "iFirstWeekOfYear" /t REG_SZ /d "0" /f
  2734. reg add "HKCU\Control Panel\International" /v "iTime" /t REG_SZ /d "1" /f
  2735. reg add "HKCU\Control Panel\International" /v "iTimePrefix" /t REG_SZ /d "0" /f
  2736. reg add "HKCU\Control Panel\International" /v "sDate" /t REG_SZ /d "-" /f
  2737. reg add "HKCU\Control Panel\International" /v "sList" /t REG_SZ /d "," /f
  2738. reg add "HKCU\Control Panel\International" /v "sLongDate" /t REG_SZ /d "d MMMM, yyyy" /f
  2739. reg add "HKCU\Control Panel\International" /v "sMonDecimalSep" /t REG_SZ /d "." /f
  2740. reg add "HKCU\Control Panel\International" /v "sMonGrouping" /t REG_SZ /d "3;0" /f
  2741. reg add "HKCU\Control Panel\International" /v "sMonThousandSep" /t REG_SZ /d "," /f
  2742. reg add "HKCU\Control Panel\International" /v "sShortDate" /t REG_SZ /d "dd-MMM-yy" /f
  2743. reg add "HKCU\Control Panel\International" /v "sTime" /t REG_SZ /d ":" /f
  2744. reg add "HKCU\Control Panel\International" /v "sTimeFormat" /t REG_SZ /d "HH:mm:ss" /f
  2745. reg add "HKCU\Control Panel\International" /v "sShortTime" /t REG_SZ /d "HH:mm" /f
  2746. reg add "HKCU\Control Panel\International" /v "sYearMonth" /t REG_SZ /d "MMMM yyyy" /f
  2747.  
  2748. rem 244 - Set Location to United States / 143 - Slovakia
  2749. reg add "HKCU\Control Panel\International\Geo" /v "Nation" /t REG_SZ /d "143" /f
  2750.  
  2751.  
  2752. rem =================================== Windows Settings ===================================
  2753. rem ----------------------------------- Time & Language ------------------------------------
  2754. rem .................................. Region & Language ...................................
  2755. rem . . . . . . . . . . . . . . . Advanced keyboard settings . . . . . . . . . . . . . . . .
  2756.  
  2757. rem Language bar options - Advanced key settings - Change Key Sequence
  2758. rem 3 - Not assigned / 2 - CTRL+SHIFT / 1 - Left ALT+SHIFT
  2759. reg add "HKCU\Keyboard Layout\Toggle" /v "Language Hotkey" /t REG_SZ /d "3" /f
  2760. reg add "HKCU\Keyboard Layout\Toggle" /v "Hotkey" /t REG_SZ /d "3" /f
  2761. reg add "HKCU\Keyboard Layout\Toggle" /v "Layout Hotkey" /t REG_SZ /d "3" /f
  2762.  
  2763. rem ________________________________________________________________________________________
  2764. rem 2 - Enable Num Lock on Sign-in Screen / 2147483648 - Disable
  2765. reg add "HKU\.DEFAULT\Control Panel\Keyboard" /v "InitialKeyboardIndicators" /t REG_SZ /d "2" /f
  2766.  
  2767.  
  2768. rem =================================== Windows Settings ===================================
  2769. rem ----------------------------------- Update & security ----------------------------------
  2770. rem ........................................ Backup .......................................
  2771.  
  2772. rem ________________________________________________________________________________________
  2773. rem 1 - Disable File History (Creating previous versions of files/Windows Backup)
  2774. reg add "HKLM\Software\Policies\Microsoft\Windows\FileHistory" /v "Disabled" /t REG_DWORD /d "1" /f
  2775.  
  2776.  
  2777. rem =================================== Windows Settings ===================================
  2778. rem ----------------------------------- Update & security ----------------------------------
  2779. rem .................................... Windows update ....................................
  2780.  
  2781. rem Change active hours (18 hours) 6am to 0am - Windows Updates will not automatically restart your device during active hours
  2782. reg add "HKLM\Software\Microsoft\WindowsUpdate\UX\Settings" /v "ActiveHoursStart" /t REG_DWORD /d "6" /f
  2783. reg add "HKLM\Software\Microsoft\WindowsUpdate\UX\Settings" /v "ActiveHoursEnd" /t REG_DWORD /d "0" /f
  2784.  
  2785. rem Restart options - 1 - We'll show a reminder when we're going to restart.
  2786. reg add "HKLM\Software\Microsoft\WindowsUpdate\UX\Settings" /v "RestartNotificationsAllowed" /t REG_DWORD /d "0" /f
  2787.  
  2788. rem ________________________________________________________________________________________
  2789. rem Remove Windows ActiveX Flash (could be exploited within Windows/Office)
  2790. rem regsvr32 /u /s "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.dll"
  2791. takeown /s %computername% /u %username% /f "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.exe"
  2792. icacls "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.exe" /inheritance:r /grant:r %username%:F
  2793. del "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.exe" /f /q
  2794. takeown /s %computername% /u %username% /f "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.dll"
  2795. icacls "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.dll" /inheritance:r /grant:r %username%:F
  2796. del "%SystemRoot%\System32\Macromed\Flash\FlashUtil_ActiveX.dll" /f /q
  2797. takeown /s %computername% /u %username% /f "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.exe"
  2798. icacls "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.exe" /inheritance:r /grant:r %username%:F
  2799. del "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.exe" /f /q
  2800. takeown /s %computername% /u %username% /f "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.dll"
  2801. icacls "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.dll" /inheritance:r /grant:r %username%:F
  2802. del "%SystemRoot%\SysWow64\Macromed\Flash\FlashUtil_ActiveX.dll" /f /q
  2803.  
  2804. rem Disable auto-checking for updates, non-eglish users have to remove selected users manually (manual checking works, whenever YOU want, not Windows 10)
  2805. takeown /s %computername% /u %username% /f "%WINDIR%\System32\UsoClient.exe"
  2806. icacls "%WINDIR%\System32\UsoClient.exe" /inheritance:r /grant:r %username%:F
  2807. icacls "%WINDIR%\System32\UsoClient.exe" /remove "Administrators" "Authenticated Users" "Users" "System"
  2808. rem https://i.postimg.cc/q7cS25g6/capture-03312019-102210.jpg
  2809.  
  2810. rem To Restore (when there is update/upgrade updating exe, otherwise it will fail)
  2811. rem icacls "%WINDIR%\System32\UsoClient.exe" /reset
  2812.  
  2813. rem Disable checking for updates via GUI, non-eglish users have to remove selected users manually
  2814. takeown /s %computername% /u %username% /f "%WINDIR%\System32\usocoreworker.exe"
  2815. icacls "%WINDIR%\System32\usocoreworker.exe" /inheritance:r /grant:r %username%:F
  2816. icacls "%WINDIR%\System32\usocoreworker.exe" /remove "Administrators" "Authenticated Users" "Users" "System"
  2817.  
  2818. rem To Restore (when there is update/upgrade updating exe, otherwise it will fail)
  2819. rem icacls "%WINDIR%\System32\usocoreworker.exe" /reset
  2820.  
  2821. rem 1 - Disable Malicious Software Removal Tool offered via Windows Updates (MRT) + Disable Heartbeat Telemetry
  2822. reg add "HKLM\Software\Microsoft\RemovalTools\MpGears" /v "HeartbeatTrackingIndex" /t REG_DWORD /d "0" /f
  2823. reg add "HKLM\Software\Microsoft\RemovalTools\MpGears" /v "SpyNetReportingLocation" /t REG_MULTI_SZ /d "" /f
  2824. reg add "HKLM\Software\Policies\Microsoft\MRT" /v "DontOfferThroughWUAU" /t REG_DWORD /d "1" /f
  2825. reg add "HKLM\Software\Policies\Microsoft\MRT" /v "DontReportInfectionInformation" /t REG_DWORD /d "1" /f
  2826.  
  2827.  
  2828. rem =================================== Windows Settings ===================================
  2829. rem ----------------------------------- Update & security ----------------------------------
  2830. rem .................................... Windows update ....................................
  2831. rem . . . . . . . . . . . . . . . . . . Advanced options . . . . . . . . . . . . . . . . . .
  2832.  
  2833. rem Choose how updates are delivered / 0 - Turns off Delivery Optimization / 1 - Gets or sends updates and apps to PCs on the same NAT only / 2 - Gets or sends updates and apps to PCs on the same local network domain / 3 - Gets or sends updates and apps to PCs on the Internet / 99 - Simple download mode with no peering / 100 - Use BITS instead of Windows Update Delivery Optimization
  2834. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" /v "DODownloadMode" /t REG_DWORD /d "0" /f
  2835. reg add "HKLM\Software\Policies\Microsoft\Windows\DeliveryOptimization" /v "DODownloadMode" /t REG_DWORD /d "0" /f
  2836.  
  2837.  
  2838. rem ==================================== Windows Shell =====================================
  2839.  
  2840.  
  2841. rem Add Reset permissions to Shell/Manually Reset permissions/Take Ownership
  2842. rem http://lallouslab.net/2013/08/26/resetting-ntfs-files-permission-in-windows-graphical-utility
  2843.  
  2844. rem Take Ownership
  2845. rem Files/Folders - https://www.youtube.com/watch?v=x7gjZMvQHu4
  2846. rem Registry - https://www.youtube.com/watch?v=M1l5ifYKefg
  2847. rem https://ss64.com/nt/icacls.html
  2848. rem https://technet.microsoft.com/en-us/library/cc753024%28v=ws.11%29.aspx
  2849. rem https://technet.microsoft.com/en-us/library/cc753525(v=ws.11).aspx
  2850.  
  2851. rem Add "Take Ownership" Option in Files and Folders Context Menu in Windows
  2852. rem reg add "HKCR\*\shell\runas" /ve /t REG_SZ /d "Take ownership" /f
  2853. rem reg add "HKCR\*\shell\runas" /v "HasLUAShield" /t REG_SZ /d "" /f
  2854. rem reg add "HKCR\*\shell\runas" /v "NoWorkingDirectory" /t REG_SZ /d "" /f
  2855. rem reg add "HKCR\*\shell\runas\command" /ve /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" && icacls \"%%1\" /grant administrators:F" /f
  2856. rem reg add "HKCR\*\shell\runas\command" /v "IsolatedCommand" /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" && icacls \"%%1\" /grant administrators:F" /f
  2857. rem reg add "HKCR\Directory\shell\runas" /ve /t REG_SZ /d "Take ownership" /f
  2858. rem reg add "HKCR\Directory\shell\runas" /v "HasLUAShield" /t REG_SZ /d "" /f
  2859. rem reg add "HKCR\Directory\shell\runas" /v "NoWorkingDirectory" /t REG_SZ /d "" /f
  2860. rem reg add "HKCR\Directory\shell\runas\command" /ve /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" /r /d y && icacls \"%%1\" /grant administrators:F /t" /f
  2861. rem reg add "HKCR\Directory\shell\runas\command" /v "IsolatedCommand" /t REG_SZ /d "cmd.exe /c takeown /f \"%%1\" /r /d y && icacls \"%%1\" /grant administrators:F /t" /f
  2862.  
  2863. rem Remove Send To from Context Menu
  2864. reg delete "HKCR\AllFilesystemObjects\shellex\ContextMenuHandlers\SendTo" /f
  2865.  
  2866. rem Remove Share from Context Menu
  2867. reg delete "HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\ModernSharing" /f
  2868. reg delete "HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Sharing" /f
  2869. reg delete "HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Sharing" /f
  2870. reg delete "HKLM\SOFTWARE\Classes\Drive\shellex\PropertySheetHandlers\Sharing" /f
  2871. reg delete "HKLM\SOFTWARE\Classes\Directory\background\shellex\ContextMenuHandlers\Sharing" /f
  2872. reg delete "HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\Sharing" /f
  2873. reg delete "HKLM\SOFTWARE\Classes\Directory\shellex\CopyHookHandlers\Sharing" /f
  2874. reg delete "HKLM\SOFTWARE\Classes\Directory\shellex\PropertySheetHandlers\Sharing" /f
  2875.  
  2876.  
  2877. rem ==================================== Windows Store =====================================
  2878. rem -------------------------------------- Settings ----------------------------------------
  2879.  
  2880. rem Update apps automatically / 2 - Off / 4 - On
  2881. reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\WindowsStore\WindowsUpdate" /v "AutoDownload" /t REG_DWORD /d "2" /f
  2882. schtasks /Change /TN "Microsoft\Windows\WindowsUpdate\Automatic App Update" /Disable
  2883.  
  2884. rem ________________________________________________________________________________________
  2885. rem Disable Auto-install subscribed/suggested apps (games like Candy Crush Soda Saga/Minecraft)
  2886. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "ContentDeliveryAllowed" /t REG_DWORD /d "0" /f
  2887. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "OemPreInstalledAppsEnabled" /t REG_DWORD /d "0" /f
  2888. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEnabled" /t REG_DWORD /d "0" /f
  2889. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "PreInstalledAppsEverEnabled" /t REG_DWORD /d "0" /f
  2890. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SilentInstalledAppsEnabled" /t REG_DWORD /d "0" /f
  2891. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SoftLandingEnabled" /t REG_DWORD /d "0" /f
  2892. reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" /v "SubscribedContentEnabled" /t REG_DWORD /d "0" /f
  2893. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\Subscriptions" /f
  2894. reg delete "HKCU\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager\SuggestedApps" /f
  2895.  
  2896.  
  2897. rem ==================================== Windows Waypoint ==================================
  2898.  
  2899.  
  2900. timeout 5
  2901.  
  2902. fsutil usn deletejournal /d /n c:
  2903.  
  2904. rem Close Edge process
  2905. taskkill /f /im dllhost.exe
  2906.  
  2907. rem Clean Yandex Browser's installer, caches and cookies (not covered by CookieAutodelete, since the browser is running) - browser://settings/siteData
  2908. del "%LocalAppData%\Yandex\YandexBrowser\*service_update.exe" /s /f /q
  2909. del "%LocalAppData%\Yandex\YandexBrowser\Application\*.7z" /s /f /q
  2910. del "%LocalAppData%\Yandex\YandexBrowser\Application\*searchband.exe" /s /f /q
  2911. del "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\*history*." /s /f /q
  2912. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\AutofillStrikeDatabase" /s /q
  2913. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\BudgetDatabase" /s /q
  2914. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Cache" /s /q
  2915. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Code Cache" /s /q
  2916. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\data_reduction_proxy_leveldb" /s /q
  2917. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\databases" /s /q
  2918. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\File System" /s /q
  2919. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\GCM Store" /s /q
  2920. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\GPUCache" /s /q
  2921. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\IndexedDB" /s /q
  2922. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Local Storage" /s /q
  2923. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Media Cache" /s /q
  2924. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Session Storage" /s /q
  2925. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Service Value Store" /s /q
  2926. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Service Worker" /s /q
  2927. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Site Characteristics Database" /s /q
  2928. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\Tablo Cache" /s /q
  2929. rd "%LocalAppData%\Yandex\YandexBrowser\User Data\Default\VideoDecodeStats" /s /q
  2930.  
  2931. rem Run Wise Disk Cleaner
  2932. start "" /wait "%ProgramFiles(x86)%\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe" -a
  2933.  
  2934. rem Run Wise Registry Cleaner
  2935. start "" /wait "%ProgramFiles(x86)%\Wise\Wise Registry Cleaner\WiseRegCleaner.exe" -a -all
  2936.  
  2937. rem https://www.tenforums.com/general-support/95776-restart-fall-creators-update-reopens-apps-before.html#post1175516
  2938. rem https://www.tenforums.com/tutorials/49963-use-sign-info-auto-finish-after-update-restart-windows-10-a.html
  2939. rem https://www.tenforums.com/tutorials/138685-turn-off-automatically-restart-apps-after-sign-windows-10-a.html
  2940. shutdown /s /f /t 0
  2941.  
  2942. rem Is that all? Is that ALL? Yes, that is all. That is all.
  2943. rem https://www.youtube.com/watch?v=MTjs5eo4BfI&feature=youtu.be&t=1m47s
  2944.  
  2945. rem How NOT to cross the road (look both ways, do not expect cars to stop ASAP): http://www.spectacular-crashes.com/pedestrians-and-others
  2946. rem What does it look like in the end (2GB used by RAMDisk)
  2947. rem https://i.postimg.cc/0Pq0ymZC/Tairiku-Okami.jpg
  2948. rem https://i.postimg.cc/331sB3WP/Services.jpg
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top