Last active
March 23, 2024 04:36
-
-
Save LudovicOmarini/dd45e9c5b751fad55feafda1cec8415a to your computer and use it in GitHub Desktop.
Delete all built-in apps on Windows10 for all current and future users except some apps, Disabling Telemetry, Removing Tiles, etc.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.SYNOPSIS | |
Delete all built-in apps on Windows10 for all currant and future users except some apps, Disabling Telemetry, Removing Tiles, etc. | |
.DESCRIPTION | |
This script delete all built-in apps on Windows10 for all currant and future users except Windows Store, Calculator, Photos, Ubuntu and Linux | |
Disabling Telemetry, Removing Tiles, etc. | |
.EXAMPLE | |
.\Fresh-Install-Of-Windows10.ps1 | |
#> | |
#---------------------------------------------------------------------# | |
function New-FolderForced { | |
[CmdletBinding(SupportsShouldProcess = $true)] | |
param ( | |
[Parameter(Position = 0, Mandatory, ValueFromPipeline, ValueFromPipelineByPropertyName)] | |
[string] | |
$Path | |
) | |
process { | |
if (-not (Test-Path $Path)) { | |
Write-Verbose "-- Creating full path to: $Path" | |
New-Item -Path $Path -ItemType Directory -Force | |
} | |
} | |
} | |
function Takeown-Registry($key) { | |
# TODO does not work for all root keys yet | |
switch ($key.split('\')[0]) { | |
"HKEY_CLASSES_ROOT" { | |
$reg = [Microsoft.Win32.Registry]::ClassesRoot | |
$key = $key.substring(18) | |
} | |
"HKEY_CURRENT_USER" { | |
$reg = [Microsoft.Win32.Registry]::CurrentUser | |
$key = $key.substring(18) | |
} | |
"HKEY_LOCAL_MACHINE" { | |
$reg = [Microsoft.Win32.Registry]::LocalMachine | |
$key = $key.substring(19) | |
} | |
} | |
# get administraor group | |
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") | |
$admins = $admins.Translate([System.Security.Principal.NTAccount]) | |
# set owner | |
$key = $reg.OpenSubKey($key, "ReadWriteSubTree", "TakeOwnership") | |
$acl = $key.GetAccessControl() | |
$acl.SetOwner($admins) | |
$key.SetAccessControl($acl) | |
# set FullControl | |
$acl = $key.GetAccessControl() | |
$rule = New-Object System.Security.AccessControl.RegistryAccessRule($admins, "FullControl", "Allow") | |
$acl.SetAccessRule($rule) | |
$key.SetAccessControl($acl) | |
} | |
function Takeown-File($path) { | |
takeown.exe /A /F $path | |
$acl = Get-Acl $path | |
# get administraor group | |
$admins = New-Object System.Security.Principal.SecurityIdentifier("S-1-5-32-544") | |
$admins = $admins.Translate([System.Security.Principal.NTAccount]) | |
# add NT Authority\SYSTEM | |
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule($admins, "FullControl", "None", "None", "Allow") | |
$acl.AddAccessRule($rule) | |
Set-Acl -Path $path -AclObject $acl | |
} | |
function Takeown-Folder($path) { | |
Takeown-File $path | |
foreach ($item in Get-ChildItem $path) { | |
if (Test-Path $item -PathType Container) { | |
Takeown-Folder $item.FullName | |
} else { | |
Takeown-File $item.FullName | |
} | |
} | |
} | |
function Elevate-Privileges { | |
param($Privilege) | |
$Definition = @" | |
using System; | |
using System.Runtime.InteropServices; | |
public class AdjPriv { | |
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] | |
internal static extern bool AdjustTokenPrivileges(IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr rele); | |
[DllImport("advapi32.dll", ExactSpelling = true, SetLastError = true)] | |
internal static extern bool OpenProcessToken(IntPtr h, int acc, ref IntPtr phtok); | |
[DllImport("advapi32.dll", SetLastError = true)] | |
internal static extern bool LookupPrivilegeValue(string host, string name, ref long pluid); | |
[StructLayout(LayoutKind.Sequential, Pack = 1)] | |
internal struct TokPriv1Luid { | |
public int Count; | |
public long Luid; | |
public int Attr; | |
} | |
internal const int SE_PRIVILEGE_ENABLED = 0x00000002; | |
internal const int TOKEN_QUERY = 0x00000008; | |
internal const int TOKEN_ADJUST_PRIVILEGES = 0x00000020; | |
public static bool EnablePrivilege(long processHandle, string privilege) { | |
bool retVal; | |
TokPriv1Luid tp; | |
IntPtr hproc = new IntPtr(processHandle); | |
IntPtr htok = IntPtr.Zero; | |
retVal = OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok); | |
tp.Count = 1; | |
tp.Luid = 0; | |
tp.Attr = SE_PRIVILEGE_ENABLED; | |
retVal = LookupPrivilegeValue(null, privilege, ref tp.Luid); | |
retVal = AdjustTokenPrivileges(htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero); | |
return retVal; | |
} | |
} | |
"@ | |
$ProcessHandle = (Get-Process -id $pid).Handle | |
$type = Add-Type $definition -PassThru | |
$type[0]::EnablePrivilege($processHandle, $Privilege) | |
} | |
#---------------------------------------------------------------------# | |
### This script will clean Windows 10s start menu from all the default pinned apps (live tiles) that you are using. ### | |
### It will remove all titles for the current logged user, plus it will optionally do the same for all new users accounts created on the computer. | |
$START_MENU_LAYOUT = @" | |
<LayoutModificationTemplate xmlns:defaultlayout="http://schemas.microsoft.com/Start/2014/FullDefaultLayout" xmlns:start="http://schemas.microsoft.com/Start/2014/StartLayout" Version="1" xmlns:taskbar="http://schemas.microsoft.com/Start/2014/TaskbarLayout" xmlns="http://schemas.microsoft.com/Start/2014/LayoutModification"> | |
<LayoutOptions StartTileGroupCellWidth="6" /> | |
<DefaultLayoutOverride> | |
<StartLayoutCollection> | |
<defaultlayout:StartLayout GroupCellWidth="6" /> | |
</StartLayoutCollection> | |
</DefaultLayoutOverride> | |
</LayoutModificationTemplate> | |
"@ | |
$layoutFile="C:\Windows\StartMenuLayout.xml" | |
#Delete layout file if it already exists | |
If(Test-Path $layoutFile) | |
{ | |
Remove-Item $layoutFile | |
} | |
#Creates the blank layout file | |
$START_MENU_LAYOUT | Out-File $layoutFile -Encoding ASCII | |
$regAliases = @("HKLM", "HKCU") | |
#Assign the start layout and force it to apply with "LockedStartLayout" at both the machine and user level | |
foreach ($regAlias in $regAliases){ | |
$basePath = $regAlias + ":\SOFTWARE\Policies\Microsoft\Windows" | |
$keyPath = $basePath + "\Explorer" | |
IF(!(Test-Path -Path $keyPath)) { | |
New-Item -Path $basePath -Name "Explorer" | |
} | |
Set-ItemProperty -Path $keyPath -Name "LockedStartLayout" -Value 1 | |
Set-ItemProperty -Path $keyPath -Name "StartLayoutFile" -Value $layoutFile | |
} | |
#Restart Explorer, open the start menu (necessary to load the new layout), and give it a few seconds to process | |
Stop-Process -name explorer | |
Start-Sleep -s 5 | |
$wshell = New-Object -ComObject wscript.shell; $wshell.SendKeys('^{ESCAPE}') | |
Start-Sleep -s 5 | |
#Enable the ability to pin items again by disabling "LockedStartLayout" | |
foreach ($regAlias in $regAliases){ | |
$basePath = $regAlias + ":\SOFTWARE\Policies\Microsoft\Windows" | |
$keyPath = $basePath + "\Explorer" | |
Set-ItemProperty -Path $keyPath -Name "LockedStartLayout" -Value 0 | |
} | |
#Restart Explorer and delete the layout file | |
Stop-Process -name explorer | |
# Uncomment the next line to make clean start menu default for all new users | |
#Import-StartLayout -LayoutPath $layoutFile -MountPath $env:SystemDrive\ | |
Remove-Item $layoutFile | |
#---------------------------------------------------------------------# | |
### This script removes unwanted Apps that come with Windows. ### | |
### If you do not want to remove certain Apps comment out the corresponding lines in the PowerShell script.### | |
### Author of this script: https://github.com/W4RH4WK/Debloat-Windows-10 | |
Write-Output "Elevating privileges for this process" | |
do {} until (Elevate-Privileges SeTakeOwnershipPrivilege) | |
Write-Output "Uninstalling default apps" | |
$apps = @( | |
# default Windows 10 apps | |
"Microsoft.3DBuilder" | |
"Microsoft.Appconnector" | |
"Microsoft.BingFinance" | |
"Microsoft.BingNews" | |
"Microsoft.BingSports" | |
"Microsoft.BingTranslator" | |
"Microsoft.BingWeather" | |
#"Microsoft.FreshPaint" | |
"Microsoft.GamingServices" | |
"Microsoft.Microsoft3DViewer" | |
"Microsoft.MicrosoftOfficeHub" | |
"Microsoft.MicrosoftPowerBIForWindows" | |
"Microsoft.MicrosoftSolitaireCollection" | |
#"Microsoft.MicrosoftStickyNotes" | |
"Microsoft.MinecraftUWP" | |
"Microsoft.NetworkSpeedTest" | |
"Microsoft.Office.OneNote" | |
#"Microsoft.OneConnect" | |
"Microsoft.People" | |
"Microsoft.Print3D" | |
"Microsoft.SkypeApp" | |
"Microsoft.Wallet" | |
#"Microsoft.Windows.Photos" | |
"Microsoft.WindowsAlarms" | |
#"Microsoft.WindowsCalculator" | |
#"Microsoft.WindowsCamera" | |
"microsoft.windowscommunicationsapps" | |
#"Microsoft.WindowsMaps" | |
#"Microsoft.WindowsPhone" | |
#"Microsoft.WindowsSoundRecorder" | |
#"Microsoft.WindowsStore" # can't be re-installed | |
"Microsoft.Xbox.TCUI" | |
"Microsoft.XboxApp" | |
"Microsoft.XboxGameOverlay" | |
"Microsoft.XboxGamingOverlay" | |
"Microsoft.XboxSpeechToTextOverlay" | |
#"Microsoft.YourPhone" | |
"Microsoft.ZuneMusic" | |
"Microsoft.ZuneVideo" | |
# Threshold 2 apps | |
"Microsoft.CommsPhone" | |
"Microsoft.ConnectivityStore" | |
"Microsoft.GetHelp" | |
"Microsoft.Getstarted" | |
"Microsoft.Messaging" | |
"Microsoft.Office.Sway" | |
"Microsoft.OneConnect" | |
"Microsoft.WindowsFeedbackHub" | |
# Creators Update apps | |
"Microsoft.Microsoft3DViewer" | |
#"Microsoft.MSPaint" | |
#Redstone apps | |
"Microsoft.BingFoodAndDrink" | |
"Microsoft.BingHealthAndFitness" | |
"Microsoft.BingTravel" | |
"Microsoft.WindowsReadingList" | |
# Redstone 5 apps | |
"Microsoft.MixedReality.Portal" | |
#"Microsoft.ScreenSketch" | |
"Microsoft.XboxGamingOverlay" | |
#"Microsoft.YourPhone" | |
# non-Microsoft | |
"2FE3CB00.PicsArt-PhotoStudio" | |
"46928bounde.EclipseManager" | |
"4DF9E0F8.Netflix" | |
"613EBCEA.PolarrPhotoEditorAcademicEdition" | |
"6Wunderkinder.Wunderlist" | |
"7EE7776C.LinkedInforWindows" | |
"89006A2E.AutodeskSketchBook" | |
"9E2F88E3.Twitter" | |
"A278AB0D.DisneyMagicKingdoms" | |
"A278AB0D.MarchofEmpires" | |
"ActiproSoftwareLLC.562882FEEB491" # next one is for the Code Writer from Actipro Software LLC | |
"CAF9E577.Plex" | |
"ClearChannelRadioDigital.iHeartRadio" | |
"D52A8D61.FarmVille2CountryEscape" | |
"D5EA27B7.Duolingo-LearnLanguagesforFree" | |
"DB6EA5DB.CyberLinkMediaSuiteEssentials" | |
"DolbyLaboratories.DolbyAccess" | |
"DolbyLaboratories.DolbyAccess" | |
"Drawboard.DrawboardPDF" | |
"Facebook.Facebook" | |
"Fitbit.FitbitCoach" | |
"Flipboard.Flipboard" | |
"GAMELOFTSA.Asphalt8Airborne" | |
"KeeperSecurityInc.Keeper" | |
"Microsoft.BingNews" | |
"NORDCURRENT.COOKINGFEVER" | |
"PandoraMediaInc.29680B314EFC2" | |
"Playtika.CaesarsSlotsFreeCasino" | |
"ShazamEntertainmentLtd.Shazam" | |
"SlingTVLLC.SlingTV" | |
"SpotifyAB.SpotifyMusic" | |
#"TheNewYorkTimes.NYTCrossword" | |
"ThumbmunkeysLtd.PhototasticCollage" | |
"TuneIn.TuneInRadio" | |
"WinZipComputing.WinZipUniversal" | |
"XINGAG.XING" | |
"flaregamesGmbH.RoyalRevolt2" | |
"king.com.*" | |
"king.com.BubbleWitch3Saga" | |
"king.com.CandyCrushSaga" | |
"king.com.CandyCrushSodaSaga" | |
# apps which cannot be removed using Remove-AppxPackage | |
#"Microsoft.BioEnrollment" | |
#"Microsoft.MicrosoftEdge" | |
#"Microsoft.Windows.Cortana" | |
#"Microsoft.WindowsFeedback" | |
#"Microsoft.XboxGameCallableUI" | |
#"Microsoft.XboxIdentityProvider" | |
#"Windows.ContactSupport" | |
# apps which other apps depend on | |
"Microsoft.Advertising.Xaml" | |
) | |
foreach ($app in $apps) { | |
Write-Output "Trying to remove $app" | |
Get-AppxPackage -Name $app -AllUsers | Remove-AppxPackage -AllUsers | |
Get-AppXProvisionedPackage -Online | | |
Where-Object DisplayName -EQ $app | | |
Remove-AppxProvisionedPackage -Online | |
} | |
# Prevents Apps from re-installing | |
$cdm = @( | |
"ContentDeliveryAllowed" | |
"FeatureManagementEnabled" | |
"OemPreInstalledAppsEnabled" | |
"PreInstalledAppsEnabled" | |
"PreInstalledAppsEverEnabled" | |
"SilentInstalledAppsEnabled" | |
"SubscribedContent-314559Enabled" | |
"SubscribedContent-338387Enabled" | |
"SubscribedContent-338388Enabled" | |
"SubscribedContent-338389Enabled" | |
"SubscribedContent-338393Enabled" | |
"SubscribedContentEnabled" | |
"SystemPaneSuggestionsEnabled" | |
) | |
New-FolderForced "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" | |
foreach ($key in $cdm) { | |
Set-ItemProperty "HKCU:\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager" $key 0 | |
} | |
New-FolderForced "HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore" | |
Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\WindowsStore" "AutoDownload" 2 | |
# Prevents "Suggested Applications" returning | |
New-FolderForced "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent" | |
Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent" "DisableWindowsConsumerFeatures" 1 | |
#---------------------------------------------------------------------# | |
### This script disables unwanted Windows services. ### | |
### If you do not want to disable certain services comment out the corresponding lines in the PowerShell script. ### | |
### Author of this script: https://github.com/W4RH4WK/Debloat-Windows-10 | |
$services = @( | |
"diagnosticshub.standardcollector.service" # Microsoft (R) Diagnostics Hub Standard Collector Service | |
"DiagTrack" # Diagnostics Tracking Service | |
"dmwappushservice" # WAP Push Message Routing Service (see known issues) | |
"lfsvc" # Geolocation Service | |
"MapsBroker" # Downloaded Maps Manager | |
"NetTcpPortSharing" # Net.Tcp Port Sharing Service | |
#"RemoteAccess" # Routing and Remote Access | |
#"RemoteRegistry" # Remote Registry | |
"SharedAccess" # Internet Connection Sharing (ICS) | |
"TrkWks" # Distributed Link Tracking Client | |
"WbioSrvc" # Windows Biometric Service (required for Fingerprint reader / facial detection) | |
#"WlanSvc" # WLAN AutoConfig | |
"WMPNetworkSvc" # Windows Media Player Network Sharing Service | |
#"wscsvc" # Windows Security Center Service | |
#"WSearch" # Windows Search | |
"XblAuthManager" # Xbox Live Auth Manager | |
"XblGameSave" # Xbox Live Game Save Service | |
"XboxNetApiSvc" # Xbox Live Networking Service | |
"ndu" # Windows Network Data Usage Monitor | |
# Services which cannot be disabled | |
#"WdNisSvc" | |
) | |
foreach ($service in $services) { | |
Write-Output "Trying to disable $service" | |
Get-Service -Name $service | Set-Service -StartupType Disabled | |
} | |
#---------------------------------------------------------------------# | |
### This script blocks telemetry related domains via the hosts file and related IPs via Windows Firewall. ### | |
###- Please note that adding these domains may break certain software like iTunes or Skype. As this issue is location dependent for some domains, they are not commented by default. ### | |
### The domains known to cause issues marked accordingly. | |
### Please see the related issue: https://github.com/W4RH4WK/Debloat-Windows-10/issues/79 ### | |
### Author of this script: https://github.com/W4RH4WK/Debloat-Windows-10 | |
Write-Output "Disabling telemetry via Group Policies" | |
New-FolderForced "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" | |
Set-ItemProperty "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection" "AllowTelemetry" 0 | |
# Entries related to Akamai have been reported to cause issues with Widevine | |
# DRM. | |
Write-Output "Adding telemetry domains to hosts file" | |
$hosts_file = "$env:systemroot\System32\drivers\etc\hosts" | |
$domains = @( | |
"184-86-53-99.deploy.static.akamaitechnologies.com" | |
"a-0001.a-msedge.net" | |
"a-0002.a-msedge.net" | |
"a-0003.a-msedge.net" | |
"a-0004.a-msedge.net" | |
"a-0005.a-msedge.net" | |
"a-0006.a-msedge.net" | |
"a-0007.a-msedge.net" | |
"a-0008.a-msedge.net" | |
"a-0009.a-msedge.net" | |
"a1621.g.akamai.net" | |
"a1856.g2.akamai.net" | |
"a1961.g.akamai.net" | |
#"a248.e.akamai.net" # makes iTunes download button disappear (#43) | |
"a978.i6g1.akamai.net" | |
"a.ads1.msn.com" | |
"a.ads2.msads.net" | |
"a.ads2.msn.com" | |
"ac3.msn.com" | |
"ad.doubleclick.net" | |
"adnexus.net" | |
"adnxs.com" | |
"ads1.msads.net" | |
"ads1.msn.com" | |
"ads.msn.com" | |
"aidps.atdmt.com" | |
"aka-cdn-ns.adtech.de" | |
"a-msedge.net" | |
"any.edge.bing.com" | |
"a.rad.msn.com" | |
"az361816.vo.msecnd.net" | |
"az512334.vo.msecnd.net" | |
"b.ads1.msn.com" | |
"b.ads2.msads.net" | |
"bingads.microsoft.com" | |
"b.rad.msn.com" | |
"bs.serving-sys.com" | |
"c.atdmt.com" | |
"cdn.atdmt.com" | |
"cds26.ams9.msecn.net" | |
"choice.microsoft.com" | |
"choice.microsoft.com.nsatc.net" | |
"compatexchange.cloudapp.net" | |
"corpext.msitadfs.glbdns2.microsoft.com" | |
"corp.sts.microsoft.com" | |
"cs1.wpc.v0cdn.net" | |
"db3aqu.atdmt.com" | |
"df.telemetry.microsoft.com" | |
"diagnostics.support.microsoft.com" | |
"e2835.dspb.akamaiedge.net" | |
"e7341.g.akamaiedge.net" | |
"e7502.ce.akamaiedge.net" | |
"e8218.ce.akamaiedge.net" | |
"ec.atdmt.com" | |
"fe2.update.microsoft.com.akadns.net" | |
"feedback.microsoft-hohm.com" | |
"feedback.search.microsoft.com" | |
"feedback.windows.com" | |
"flex.msn.com" | |
"g.msn.com" | |
"h1.msn.com" | |
"h2.msn.com" | |
"hostedocsp.globalsign.com" | |
"i1.services.social.microsoft.com" | |
"i1.services.social.microsoft.com.nsatc.net" | |
"ipv6.msftncsi.com" | |
"ipv6.msftncsi.com.edgesuite.net" | |
"lb1.www.ms.akadns.net" | |
"live.rads.msn.com" | |
"m.adnxs.com" | |
"msedge.net" | |
"msftncsi.com" | |
"msnbot-65-55-108-23.search.msn.com" | |
"msntest.serving-sys.com" | |
"oca.telemetry.microsoft.com" | |
"oca.telemetry.microsoft.com.nsatc.net" | |
"onesettings-db5.metron.live.nsatc.net" | |
"pre.footprintpredict.com" | |
"preview.msn.com" | |
"rad.live.com" | |
"rad.msn.com" | |
"redir.metaservices.microsoft.com" | |
"reports.wes.df.telemetry.microsoft.com" | |
"schemas.microsoft.akadns.net" | |
"secure.adnxs.com" | |
"secure.flashtalking.com" | |
"services.wes.df.telemetry.microsoft.com" | |
"settings-sandbox.data.microsoft.com" | |
#"settings-win.data.microsoft.com" # may cause issues with Windows Updates | |
"sls.update.microsoft.com.akadns.net" | |
#"sls.update.microsoft.com.nsatc.net" # may cause issues with Windows Updates | |
"sqm.df.telemetry.microsoft.com" | |
"sqm.telemetry.microsoft.com" | |
"sqm.telemetry.microsoft.com.nsatc.net" | |
"ssw.live.com" | |
"static.2mdn.net" | |
"statsfe1.ws.microsoft.com" | |
"statsfe2.update.microsoft.com.akadns.net" | |
"statsfe2.ws.microsoft.com" | |
"survey.watson.microsoft.com" | |
"telecommand.telemetry.microsoft.com" | |
"telecommand.telemetry.microsoft.com.nsatc.net" | |
"telemetry.appex.bing.net" | |
"telemetry.microsoft.com" | |
"telemetry.urs.microsoft.com" | |
"vortex-bn2.metron.live.com.nsatc.net" | |
"vortex-cy2.metron.live.com.nsatc.net" | |
"vortex.data.microsoft.com" | |
"vortex-sandbox.data.microsoft.com" | |
"vortex-win.data.microsoft.com" | |
"cy2.vortex.data.microsoft.com.akadns.net" | |
"watson.live.com" | |
"watson.microsoft.com" | |
"watson.ppe.telemetry.microsoft.com" | |
"watson.telemetry.microsoft.com" | |
"watson.telemetry.microsoft.com.nsatc.net" | |
"wes.df.telemetry.microsoft.com" | |
"win10.ipv6.microsoft.com" | |
"www.bingads.microsoft.com" | |
"www.go.microsoft.akadns.net" | |
"www.msftncsi.com" | |
"client.wns.windows.com" | |
#"wdcp.microsoft.com" # may cause issues with Windows Defender Cloud-based protection | |
#"dns.msftncsi.com" # This causes Windows to think it doesn't have internet | |
#"storeedgefd.dsx.mp.microsoft.com" # breaks Windows Store | |
"wdcpalt.microsoft.com" | |
"settings-ssl.xboxlive.com" | |
"settings-ssl.xboxlive.com-c.edgekey.net" | |
"settings-ssl.xboxlive.com-c.edgekey.net.globalredir.akadns.net" | |
"e87.dspb.akamaidege.net" | |
"insiderservice.microsoft.com" | |
"insiderservice.trafficmanager.net" | |
"e3843.g.akamaiedge.net" | |
"flightingserviceweurope.cloudapp.net" | |
#"sls.update.microsoft.com" # may cause issues with Windows Updates | |
#"static.ads-twitter.com" # may cause issues with Twitter login | |
"www-google-analytics.l.google.com" | |
#"p.static.ads-twitter.com" # may cause issues with Twitter login | |
"hubspot.net.edge.net" | |
"e9483.a.akamaiedge.net" | |
#"www.google-analytics.com" | |
#"padgead2.googlesyndication.com" | |
#"mirror1.malwaredomains.com" | |
#"mirror.cedia.org.ec" | |
"stats.g.doubleclick.net" | |
"stats.l.doubleclick.net" | |
"adservice.google.de" | |
"adservice.google.com" | |
"googleads.g.doubleclick.net" | |
"pagead46.l.doubleclick.net" | |
"hubspot.net.edgekey.net" | |
"insiderppe.cloudapp.net" # Feedback-Hub | |
"livetileedge.dsx.mp.microsoft.com" | |
# extra | |
"fe2.update.microsoft.com.akadns.net" | |
"s0.2mdn.net" | |
"statsfe2.update.microsoft.com.akadns.net" | |
"survey.watson.microsoft.com" | |
"view.atdmt.com" | |
"watson.microsoft.com" | |
"watson.ppe.telemetry.microsoft.com" | |
"watson.telemetry.microsoft.com" | |
"watson.telemetry.microsoft.com.nsatc.net" | |
"wes.df.telemetry.microsoft.com" | |
"m.hotmail.com" | |
) | |
Write-Output "" | Out-File -Encoding ASCII -Append $hosts_file | |
foreach ($domain in $domains) { | |
if (-Not (Select-String -Path $hosts_file -Pattern $domain)) { | |
Write-Output "0.0.0.0 $domain" | Out-File -Encoding ASCII -Append $hosts_file | |
} | |
} | |
Write-Output "Adding telemetry ips to firewall" | |
$ips = @( | |
"134.170.30.202" | |
"137.116.81.24" | |
"157.56.106.189" | |
"184.86.53.99" | |
"2.22.61.43" | |
"2.22.61.66" | |
"204.79.197.200" | |
"23.218.212.69" | |
"65.39.117.230" | |
"65.55.108.23" | |
"64.4.54.254" | |
) | |
Remove-NetFirewallRule -DisplayName "Block Telemetry IPs" -ErrorAction SilentlyContinue | |
New-NetFirewallRule -DisplayName "Block Telemetry IPs" -Direction Outbound ` | |
-Action Block -RemoteAddress ([string[]]$ips) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment