Microsoft Account EVIL: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
mNo edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 161: | Line 161: | ||
shutdown /r /t 0 | shutdown /r /t 0 | ||
</syntaxhighlight>The above will whack all Microsoft EVIL, err spying, err, accounts on your PC. You might also want to go ahead and access your Microsoft account and whack any devices from there too. | </syntaxhighlight>The above will whack all Microsoft EVIL, err spying, err, accounts on your PC. You might also want to go ahead and access your Microsoft account and whack any devices from there too. Why? Because even eliminating all possible Microsoft account connections on your computer isn't enough. Windows acts like ET, and phones home to the Microsoft Store, etc. | ||
Bonus: Eliminate Account Nags in Settings;<syntaxhighlight lang="text"> | |||
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v SettingsPageVisibility /f | |||
reg add "HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\AccountNotifications" /v DisableAccountNotifications /t REG_DWORD /d 1 /f | |||
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Start_AccountNotifications /t REG_DWORD /d 0 /f | |||
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\UserProfileEngagement" /v ScoobeSystemSettingEnabled /t REG_DWORD /d 0 /f | |||
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v NoConnectedUser /t REG_DWORD /d 3 /f | |||
taskkill /f /im SystemSettings.exe | |||
</syntaxhighlight> | |||
Latest revision as of 19:07, 19 June 2026
...have that urge to track down the people at Microsoft that have messed up Windows 11, and made it infuriatingly impossible to get rid of sign ins? Curb your anger instead and just solve the problem with the below "Thor's Hammer";
$ErrorActionPreference = "SilentlyContinue"
$Procs = @(
"OneDrive","msedge","Teams","ms-teams","outlook","olk","winword","excel","powerpnt",
"onenote","msteams","Microsoft.SharePoint","OfficeClickToRun"
)
foreach ($P in $Procs) {
taskkill /f /im "$P.exe" 2>$null
}
$Services = @(
"TokenBroker",
"wlidsvc",
"OneSyncSvc",
"UserDataSvc",
"PimIndexMaintenanceSvc"
)
foreach ($S in $Services) {
Get-Service "$S*" | Stop-Service -Force
}
# Leave Entra/Azure/Workplace join if somehow present
dsregcmd /leave 2>$null
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent" -Force | Out-Null
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent" -Name "DisableWindowsConsumerFeatures" -Type DWord -Value 1
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent" -Name "DisableConsumerAccountStateContent" -Type DWord -Value 1
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent" -Name "DisableCloudOptimizedContent" -Type DWord -Value 1
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\SettingSync" -Force | Out-Null
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\SettingSync" -Name "DisableSettingSync" -Type DWord -Value 2
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\SettingSync" -Name "DisableSettingSyncUserOverride" -Type DWord -Value 1
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Force | Out-Null
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\System" -Name "NoConnectedUser" -Type DWord -Value 3
$OneDriveUninstallers = @(
"$env:SystemRoot\System32\OneDriveSetup.exe",
"$env:SystemRoot\SysWOW64\OneDriveSetup.exe"
)
foreach ($U in $OneDriveUninstallers) {
if (Test-Path $U) {
Start-Process $U -ArgumentList "/uninstall" -Wait
}
}
# Current-user Credential Manager Microsoft cloud creds
$Targets = cmdkey /list | ForEach-Object {
if ($_ -match '^\s*Target:\s*(.+)$') {
$Matches[1]
}
} | Where-Object {
$_ -match '(?i)Microsoft|WindowsLive|OneDrive|Office|AAD|AzureAD|SSO|TokenBroker|Xbl|Xbox|Teams'
}
foreach ($T in $Targets) {
cmdkey.exe "/delete:$T"
}
$Profiles = Get-ChildItem "C:\Users" -Directory | Where-Object {
$_.Name -notin @("Public","Default","Default User","All Users")
}
foreach ($Profile in $Profiles) {
$Base = $Profile.FullName
$Paths = @(
"$Base\AppData\Local\Microsoft\OneAuth",
"$Base\AppData\Local\Microsoft\Identity",
"$Base\AppData\Local\Microsoft\IdentityCache",
"$Base\AppData\Local\Microsoft\TokenBroker",
"$Base\AppData\Local\Microsoft\Windows\WebCache",
"$Base\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy",
"$Base\AppData\Local\Packages\Microsoft.AccountsControl_cw5n1h2txyewy",
"$Base\AppData\Local\Packages\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy",
"$Base\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\LocalState\CloudStore",
"$Base\AppData\Local\Microsoft\OneDrive",
"$Base\AppData\Roaming\Microsoft\Windows\AccountPictures"
)
foreach ($Path in $Paths) {
if (Test-Path -LiteralPath $Path) {
Remove-Item -LiteralPath $Path -Recurse -Force
}
}
}
$HiveRoots = Get-ChildItem Registry::HKEY_USERS | Where-Object {
$_.Name -match 'S-1-5-21|\.DEFAULT'
}
foreach ($Hive in $HiveRoots) {
$Root = "Registry::$($Hive.Name)"
$RegPaths = @(
"$Root\Software\Microsoft\IdentityCRL",
"$Root\Software\Microsoft\Office\16.0\Common\Identity",
"$Root\Software\Microsoft\OneDrive",
"$Root\Software\Microsoft\Windows\CurrentVersion\SettingSync",
"$Root\Software\Microsoft\Windows\CurrentVersion\CloudStore"
)
foreach ($RegPath in $RegPaths) {
if (Test-Path -LiteralPath $RegPath) {
Remove-Item -LiteralPath $RegPath -Recurse -Force
}
}
}
foreach ($Profile in $Profiles) {
$NtUser = "$($Profile.FullName)\NTUSER.DAT"
$TempHive = "HKU\TEMP_MS_CLOUD_NUKE_$($Profile.Name -replace '[^A-Za-z0-9_]','_')"
if (Test-Path -LiteralPath $NtUser) {
reg load $TempHive $NtUser 2>$null | Out-Null
$Root = "Registry::$TempHive"
$RegPaths = @(
"$Root\Software\Microsoft\IdentityCRL",
"$Root\Software\Microsoft\Office\16.0\Common\Identity",
"$Root\Software\Microsoft\OneDrive",
"$Root\Software\Microsoft\Windows\CurrentVersion\SettingSync",
"$Root\Software\Microsoft\Windows\CurrentVersion\CloudStore"
)
foreach ($RegPath in $RegPaths) {
if (Test-Path -LiteralPath $RegPath) {
Remove-Item -LiteralPath $RegPath -Recurse -Force
}
}
[gc]::Collect()
Start-Sleep -Milliseconds 500
reg unload $TempHive 2>$null | Out-Null
}
}
$Packages = @(
"Microsoft.OneDriveSync",
"Microsoft.MicrosoftOfficeHub",
"MicrosoftTeams",
"MSTeams",
"Microsoft.XboxApp",
"Microsoft.GamingApp",
"Microsoft.XboxGamingOverlay",
"Microsoft.XboxIdentityProvider",
"Microsoft.GetHelp",
"Microsoft.Getstarted"
)
foreach ($Pkg in $Packages) {
Get-AppxPackage -AllUsers -Name $Pkg | Remove-AppxPackage -AllUsers
Get-AppxProvisionedPackage -Online | Where-Object DisplayName -eq $Pkg | Remove-AppxProvisionedPackage -Online
}
shutdown /r /t 0The above will whack all Microsoft EVIL, err spying, err, accounts on your PC. You might also want to go ahead and access your Microsoft account and whack any devices from there too. Why? Because even eliminating all possible Microsoft account connections on your computer isn't enough. Windows acts like ET, and phones home to the Microsoft Store, etc. Bonus: Eliminate Account Nags in Settings;
reg delete "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer" /v SettingsPageVisibility /f
reg add "HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\AccountNotifications" /v DisableAccountNotifications /t REG_DWORD /d 1 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced" /v Start_AccountNotifications /t REG_DWORD /d 0 /f
reg add "HKCU\Software\Microsoft\Windows\CurrentVersion\UserProfileEngagement" /v ScoobeSystemSettingEnabled /t REG_DWORD /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v NoConnectedUser /t REG_DWORD /d 3 /f
taskkill /f /im SystemSettings.exe