Win10-Initial-Setup-Script
Win10-Initial-Setup-Script copied to clipboard
Disassembler0
DisableWebSearch doesn't work on 2004
Microsoft has broken all GPOs and settings related to disabling Bing Search in Start Menu in 2004.
The best workaround currently is to set
If (!(Test-Path "HKCU:\Software\Policies\Microsoft\Windows\Explorer")) {
New-Item -Path "HKCU:\Software\Policies\Microsoft\Windows\Explorer" | Out-Null
}
Set-ItemProperty -Path "HKCU:\Software\Policies\Microsoft\Windows\Explorer" -Name "DisableSearchBoxSuggestions" -Type DWord -Value 1
however that disables searching also for recent entries and possibly has some other side effects.
This issue is slightly related to #262, where Microsoft managed to break web search settings in a different way.
Heyo,
To disable web search in Windows May 2020 Update (build 19041, version 2004) you must set DWORD "ConnectedSearchUseWeb" to value '0' under: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Windows Search
DisableWebSearch isn't respected and doesn't have to be set for this to work.
GPO: "Don´t search the web or display web results in search" under _Computer Configuration\Administrative Templates\Windows Components\search_
@mariobesen: I'm unable to replicate that. Are there any more keys/setting outside the script you have applied? Moreover, "Don´t search the web or display web results in search" GPO sets the DisableWebSearch registry key. The ConnectedSearchUseWeb is AFAIK obsolete since ~1803.
From what I have tried, none of the following (or combination of thereof) work:
- AllowSearchToUseLocation
- BingSearchEnabled
- ConnectedSearchUseWeb
- CortanaConsent
- DisableWebSearch
Activity history setting has also no effect.
@Disassembler0 Hm, that's interesting.
This is the default state where web search works.
When I enable "Do not allow web search" policy it is not respected although "DisableWebSearch" DWORD is set to 0.
But, if I set "Don't search the web or display web results in Search" alongside first policy, it seems like it works:
This is on build 19041.207, Enterprise SKU.
This is on build 19041.207, Enterprise SKU.
Yeah, that's it. :/ Just tried in on Enterprise and it works there. On Home and Pro it doesn't.
Not broken, works as intended :) Microsoft need that sweet-sweet telemetry and private data.
Does https://superuser.com/questions/1510739/how-to-get-rid-of-windows-10-search-web-results-triggered-from-the-start-menu help ? It seems setting DisableSearchBoxSuggestions DWORD32 value in HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\Explorer to 1 does seem to work for me (Win 10 Home Version 10.0.19041 Build 19041 in a VM)
@rnc Not really, the search are still being done on the background. It just doesn't show the results on the start menu.
Sad shit?
@navossoc Ok, but at least that is less confusing to users. I wonder if the search could be blocked by the firewall?
@rnc No idea, but this is definitively something I want to look into. I don't want a keylogger on my start menu.
I wonder if the search could be blocked by the firewall?
Yes and no. The rule is straightforward and you can block Search.exe which is what goes into the outer network when you type something in search. However, knowing Microsoft and their unquenchable greed for your private data, telemetry and analytics - I wouldnt be surprised some other service, that claims to be essential, mirrors the ability to upload your search/typed data. This brings us to the fact that Microsoft (intentionally?) shipped broken Firewall which can't distinguish different services from each other (all native Win services are being ran through svchost container) which means you cant block specific service even if you find it - you have to block them all.
If you can live with that then this is the best solution, you gonna need to download updates manually, though, and whitelist the apps/programs you want to use.
(Albeit, I saw a claim that even when you are in total block mode via WFP (Windows Filtering Platform, this is what Windows Firewall runs on) with EVERYTHING explicitly blocked, there is still some network activity towards MS server/endpoints. It would be super bizzare but I cant say I'd be surprised if there are some hard-coded (at the platform code level) exception or even telemetry functionality right in the kernel. This isnt confirmed tho, I didnt have time nor currently any means to test it)
This is not enough, because after an update Windows 10 will reset most of the rules MC thinks they should "manage themselves". These resets will re-enable blocked rules or re-add some deleted. What you need is to setup a Task and rework script to run on boot and iterate all rules and see if required rules that were set to block now either set to to allow or also duplicated with allowance mode for the same EXE/package and then purge the restored. Otherwise you will end up believing you are done when in reality it was silently set to allowed and you were oblivious.
Are you talking about an "KB update" (if so, it's not correct). KB updates do not touch any firewall rules.
It is correct, I observed such behavior many times (just had recent one with Cortana being restored in rules) and so are multiple people. There is a whole thread dedicated to custom solutions to prevent this, for example here. I myself, when I get a chance and free time, plan to write a simple wrapper that will monitor rules integrity and report on any unsolicited changes (this will also allow me to get more in-depth stats when this happens and to which degree).
If you talk about an In-place upgrade or Firewall reset then there is less you can do except backup the rules and re-import them.
No, I'm not talking about whole reset of rules, I'm talking about some specific rules being restored and/or re-enabled to their "desired state" (desired to MS). This often happens when you install some App from Store or install an Update. Most prominent are Search, Cortana, Diagnostics Services (telemetry), Edge, and so on.
Messing with firewall rules requires admin rights
Windows Updates run at elevated rights (in this case it is TI), and so are MS apps from store almost all ask for it as well (Edge, PowerShell, Windows Terminal installations, etc) .
The best solution is that we report this to MS so that they fix it,
Report what exactly? "Hello Microsoft, I've installed Cumulative Update for June and Cortana rules I specifically disabled and deleted in Windows Firewall are magically back again. Surely, you didnt intend to, could you please dont do this, despite the fact you were doing for the whole lifespan of Windows 10?" I'm not sure if you are honestly expecting any meaningful response and not being ignored. And the core issue with rules not being applied to services existed since Windows 8.1. That's like, what, 8-9 years? If they actually wanted to fix it they'd do that already.
However, you still did not provide any evidence
Never had any intention because to provide such evidence I'd need to have special test box and monitor it and collect stats and data and snapshots. I just shared some of the knowledge I had so anyone, if interested, can apriori mitigate the issue. You dont have to do anything if you dont want to. That being said, once I finish the watchdog I will have some stats, probably share them somewhere in 2021.
For example that GPO behaves differently on Pro versions then Enterprise versions.
Not sure what that has to do with Firewall Rules, I thought we were taking in that context.
I also do not think that this is a big problem for most power users here because most of "us" uninstall Cortana anyway.
Yes, but Cortan is just one of the examples and easily noticeable since from my memory this is the rule that being restored almost always with any update. I used it as an easy example, nothing more.
Can this be related to the #339 ?
Sadly I think this has to do with the Pro version afaik. I'm running Win10 Education and the provided regkey has worked. Do you by any chance run the Pro version?
Do you by any chance run the Pro version?
Nope, using a (not updated) Home version.