- Joined
- Feb 24, 2024
- Messages
- 35 (0.48/day)
Yes you can make windows completely 100% private as if it was linux.
Ofcourse privacy doesn’t fix zero day security exploits, this guide is about privacy not security.
For a first impression of what a truely optimized windows system looks like check the screenshots below.
Make a backup of your data is always the first thing to do.
➤ (1) Download the official windows iso from microsofts website (The iso, NOT the mediacreationtool !!)
If you can’t download the iso, install the useragentswitcher browser extension and switch to linux (microsoft's website detects your operatingsystem and doesn't let you download the iso if you are on windows...)
Links:
addons.mozilla.org
➤ (2) Download rufus and use it to create a bootable usb drive with the windows iso file you downloaded.
Rufus - Create bootable USB drives the easy way
Links:
➤ (3) Use the bootable usb drive to install windows 10 pro offline
Plug the bootable usb drive in the mainboard and boot into BIOS mode, then change the primary boot device to the usb drive.
Next time you start your pc it will boot from the usb, proceed to install windows offline.
➤ (4) Use the performance-privacy-script website to generate a script that will rip the guts of microsoft out of windows, effectively optimizing performance and boosting privacy.
On the website use either one of the predefined settings (standard, strict, all) or create your own script with the options menu.
Be careful when creating your own script, you can break functionality like windows search, to keep functionality only standard and strict are recommended.
If you are creating a custom script i advise against disabling windows defender antivirus, turning this feature of causes some issues.
Links:
privacy.sexy
➤ (5) Install Device Drivers
If you have an nvidia GPU use NVCleanstall for the graphics driver installation, this tool will remove most of the integrated driver spyware and telemetry.
Uf using an nvidia GPU, use the store-rg-adguard website to download the nvidia controlpanel without the microsoftstore.
Install your CPU chipset, if using an intel CPU... DO NOT install intel management engine, these are known backdoors so the us-government can remotely access your device.
Additionally, remember to also install software to control fanspeeds.
Links:
techpowerup.com
www.intel.com
store.rg-adguard.net
➤ (6) Install Netframework Offline
Some programs (certain videogames for example) require old netframework version to work, the good part is you don't need windows update for that.
To install offline without using windowsupdate you need a copy of the windows iso you previously downloaded.
First mount the windows iso to your pc (via rightklick), then open powershell as administrator.
Use this command to install netframework:
Dism /online /enable-feature /featurename:NetFX3 /All /Source:X:\sources\sxs /LimitAccess
Replace Source:X: with whatever the location of your mounted iso is, for example:
To find out where your iso is mounted, open the windows explorer, rightklick on the mounted iso and select open file location.
➤ (7) Install Visual Studio Redistributables
Links:
➤ (8) Install Librewolf or Mullvad Webbrowser (no extensions required, ublockorigin is already preinstalled)
Librewolf is a modified version of firefox for increased privacy and security protection, while google chrome, microsoft edge and opera collect your entire browsing history and every website you visited, including content...
Mullvad is based on the tor browser but doesn't connect to tor, instead the preffered usage method is mullvadvpn.
Duckduckgo cannot be trusted anymore because they had a secret tracking agreement with microsoft.
Don't use startpage or waterfox either, both have been acquired by an adversting company called System1.
Links:
librewolf.net
mullvad.net
Private Search Engines:
➤ (9) Use ShutUp10 to modify windows privacy settings
Recommended: Klick on “actions” select “activate all privacy settings”, then manually uncheck what you need.
Examples: microphone, camera, bluetooth, notifications.
Links:
oo-software.com
➤ (10) Go Online for the first time, instantly install the Portmaster privacy firewall.
In the portmaster setup process, select quad9 as your dns server, they are non-profit, unlike most other providers like your internetservicepovider (ISP) are commerical and spy on everything you do on the internet.
Configure portmaster to block all connections by default and only allow what you need. (must have for privacy)
Unlock the systemdnsclient in portmaster otherwise you cannot connect to the internet. (all other windows services can be fully blocked)
Klick on systemdnsclient and block any remaining microsoft-windows connections that you don't trust, for example:
go.microsoft.com
ctldl.windowsupdate.com
services.gfe.nvidia.com (block this if using an nvidia GPU, even if you used nvcleanstall)
There should not be many connections to block if you used to privacy-script linked above to cleanup windows.
In portmaster klick on the settings icon and scroll down until you reach the filterlists section, klick on bigtech and block companies you don't trust. (example, google, microsoft, facebook, apple, amazon)
Links:
safing.io
➤ (11) Install a trusthworthy VPN to boost your privacy and prevent your internet provider to log all your traffic.
Mullvad is one of the most trusted vpn's, for privacy this is your choice. They charge 5 euro for 30 days.
There is also protonvpn, they offer a free plan and are based in switzerland.
If you are currently using one of these, nordvpn, expressvpn, surfshark, you're making a great mistake...
These providers are known to collect and share your data with advertising companys and law enforcement, hey also use google trackers, analytics, tracking, profiling...
Links:
mullvad.net
protonvpn.com
reports.exodus-privacy.eu.org
reports.exodus-privacy.eu.org
reports.exodus-privacy.eu.org
➤ (12) Additional Useful Software
Obviously as you will do almost all of these steps offline you will have to downloaded all the software beforehand and copy it to an offline drive which you can access without any internet connection.
A usbdrive would be enough.
Additional useful software that you might need:
notepad-plus-plus.org
www.voidtools.com
If you wish to delete certain parts of windows (bloatware) or take ownership of them which by default your administratoraccount has no access to,
use NSudo which is an extremely powerfull windows admin-tool that lets you take full control over windows.
Examples of what you might want to delete with nsudo:
OneDriveSetup.exe
CompatTelRunner.exe
CompPkgSrv.exe
upfc.exe
mobsync.exe
smartscreen.exe
MicrosoftEdgeUpdate.exe
ScreenClippingHost.exe
TextInputHost.exe
LocalBridge.exe
Microsoft.Photos.exe
WinStore.App.exe
SkypeApp.exe
SkypeBridge.exe
SkypeBackgroundHost.exe
NcsiUwpApp.exe
backgroundTaskHost.exe
taskhostw.exe
ctfmon.exe
HxTsr.exe
HxOutlook.exe
HxCalendarAppImm.exe
HxAccounts.exe
GameBarPresenceWriter.exe
Links:
➤ (12) You should know
• Website to find Privacy Tools https://privacytools.io/
• Website for Privacy Webbrowsers https://privacytests.org/
• Website for Privacy Alternatives https://alternativeto.net/
• Privacy Money Cash - Monero
• The Hated One https://yewtu.be/channel/UCjr2bPAyPV7t35MvcgT3W8Q
• Naomi Brockwell: NBTV https://yewtu.be/channel/UCSuHzQ3GrHSzoBbwrIq3LLA
• Mental Outlaw https://yewtu.be/channel/UC7YOGHUfC1Tb6E4pudI9STA
• Eric Murphy https://yewtu.be/channel/UC5KDiSAFxrDWhmysBcNqtMA
Ofcourse privacy doesn’t fix zero day security exploits, this guide is about privacy not security.
For a first impression of what a truely optimized windows system looks like check the screenshots below.
Make a backup of your data is always the first thing to do.
➤ (1) Download the official windows iso from microsofts website (The iso, NOT the mediacreationtool !!)
If you can’t download the iso, install the useragentswitcher browser extension and switch to linux (microsoft's website detects your operatingsystem and doesn't let you download the iso if you are on windows...)
Links:
User-Agent Switcher and Manager – Get this Extension for Firefox (en-US)
Download User-Agent Switcher and Manager for Firefox. Spoof websites trying to gather information about your web navigation—like your browser type and operating system—to deliver distinct content you may not want.
➤ (2) Download rufus and use it to create a bootable usb drive with the windows iso file you downloaded.
Rufus - Create bootable USB drives the easy way
Links:
Rufus - Create bootable USB drives the easy way
Rufus: Create bootable USB drives the easy way
rufus.ie
➤ (3) Use the bootable usb drive to install windows 10 pro offline
Plug the bootable usb drive in the mainboard and boot into BIOS mode, then change the primary boot device to the usb drive.
Next time you start your pc it will boot from the usb, proceed to install windows offline.
➤ (4) Use the performance-privacy-script website to generate a script that will rip the guts of microsoft out of windows, effectively optimizing performance and boosting privacy.
On the website use either one of the predefined settings (standard, strict, all) or create your own script with the options menu.
Be careful when creating your own script, you can break functionality like windows search, to keep functionality only standard and strict are recommended.
If you are creating a custom script i advise against disabling windows defender antivirus, turning this feature of causes some issues.
Links:
privacy.sexy - Maximize Your Privacy and Security
Discover privacy.sexy, the privacy tool to maximize your privacy and security on Windows, macOS, and Linux. Easily use best practices to prevent tracking and make your life secure and private — because privacy is sexy.
➤ (5) Install Device Drivers
If you have an nvidia GPU use NVCleanstall for the graphics driver installation, this tool will remove most of the integrated driver spyware and telemetry.
Uf using an nvidia GPU, use the store-rg-adguard website to download the nvidia controlpanel without the microsoftstore.
Install your CPU chipset, if using an intel CPU... DO NOT install intel management engine, these are known backdoors so the us-government can remotely access your device.
Additionally, remember to also install software to control fanspeeds.
Links:
Advanced Driver Search official NVIDIA drivers
Advanced Driver Search official NVIDIA drivers
nvidia.com
NVCleanstall v1.16.0 Download
NVCleanstall lets you customize the NVIDIA GeForce Driver package by removing components that you don't need (or want). This not only keeps things ti
Intel Desktop Chipsets - Latest Motherboard Desktop and PC Chipsets
Intel Desktop PC Chipsets deliver superior audio and digital video, ultimate power for content creation, advanced applications, and high-end gaming.
www.intel.com
Microsoft Store - Generation Project (v1.2.3) [by @rgadguard & mkuba50]
Online link generator for Microsoft Store. You can use it to get links to almost all apps, games, themes from the Microsoft Store.
➤ (6) Install Netframework Offline
Some programs (certain videogames for example) require old netframework version to work, the good part is you don't need windows update for that.
To install offline without using windowsupdate you need a copy of the windows iso you previously downloaded.
First mount the windows iso to your pc (via rightklick), then open powershell as administrator.
Use this command to install netframework:
Dism /online /enable-feature /featurename:NetFX3 /All /Source:X:\sources\sxs /LimitAccess
Replace Source:X: with whatever the location of your mounted iso is, for example:
To find out where your iso is mounted, open the windows explorer, rightklick on the mounted iso and select open file location.
➤ (7) Install Visual Studio Redistributables
Links:
Latest supported Visual C++ Redistributable downloads
This article lists the download links for the latest versions of Visual C++ Redistributable packages.
learn.microsoft.com
➤ (8) Install Librewolf or Mullvad Webbrowser (no extensions required, ublockorigin is already preinstalled)
Librewolf is a modified version of firefox for increased privacy and security protection, while google chrome, microsoft edge and opera collect your entire browsing history and every website you visited, including content...
Mullvad is based on the tor browser but doesn't connect to tor, instead the preffered usage method is mullvadvpn.
Duckduckgo cannot be trusted anymore because they had a secret tracking agreement with microsoft.
Don't use startpage or waterfox either, both have been acquired by an adversting company called System1.
Links:
LibreWolf Browser
A custom version of Firefox, focused on privacy, security and freedom.
Free the internet. With the Mullvad Browser.
The Mullvad Browser is a privacy-focused web browser developed in collaboration between Mullvad VPN and the Tor Project. It’s produced to minimize tracking and fingerprinting. You could say it’s a Tor Browser to use without the Tor Network.
➤ (9) Use ShutUp10 to modify windows privacy settings
Recommended: Klick on “actions” select “activate all privacy settings”, then manually uncheck what you need.
Examples: microphone, camera, bluetooth, notifications.
Links:
O&O ShutUp10++ – Free antispy tool for Windows 10 and 11
With the freeware O&O ShutUp10++, unwanted Windows 10 and 11 features can be disabled and the transfer of sensitive personal data onto Microsoft prevented.
oo-software.com
➤ (10) Go Online for the first time, instantly install the Portmaster privacy firewall.
In the portmaster setup process, select quad9 as your dns server, they are non-profit, unlike most other providers like your internetservicepovider (ISP) are commerical and spy on everything you do on the internet.
Configure portmaster to block all connections by default and only allow what you need. (must have for privacy)
Unlock the systemdnsclient in portmaster otherwise you cannot connect to the internet. (all other windows services can be fully blocked)
Klick on systemdnsclient and block any remaining microsoft-windows connections that you don't trust, for example:
go.microsoft.com
ctldl.windowsupdate.com
services.gfe.nvidia.com (block this if using an nvidia GPU, even if you used nvcleanstall)
There should not be many connections to block if you used to privacy-script linked above to cleanup windows.
In portmaster klick on the settings icon and scroll down until you reach the filterlists section, klick on bigtech and block companies you don't trust. (example, google, microsoft, facebook, apple, amazon)
Links:
Safing Portmaster - Easy Privacy
Portmaster is a free and open-source application that puts you back in charge over all your computer's network connections. Increase your privacy and security. Get peace of mind.
safing.io
➤ (11) Install a trusthworthy VPN to boost your privacy and prevent your internet provider to log all your traffic.
Mullvad is one of the most trusted vpn's, for privacy this is your choice. They charge 5 euro for 30 days.
There is also protonvpn, they offer a free plan and are based in switzerland.
If you are currently using one of these, nordvpn, expressvpn, surfshark, you're making a great mistake...
These providers are known to collect and share your data with advertising companys and law enforcement, hey also use google trackers, analytics, tracking, profiling...
Links:
Why Mullvad VPN?
We have put your privacy first since 2009. Let us present what you get with Mullvad VPN.
Download VPN
Stay private and secure online. Protect your internet connection against hackers and surveillance. Access and stream content from anywhere.
protonvpn.com
εxodus
εxodus
εxodus
➤ (12) Additional Useful Software
Obviously as you will do almost all of these steps offline you will have to downloaded all the software beforehand and copy it to an offline drive which you can access without any internet connection.
A usbdrive would be enough.
Additional useful software that you might need:
Notepad++
Downloads - voidtools
If you wish to delete certain parts of windows (bloatware) or take ownership of them which by default your administratoraccount has no access to,
use NSudo which is an extremely powerfull windows admin-tool that lets you take full control over windows.
Examples of what you might want to delete with nsudo:
OneDriveSetup.exe
CompatTelRunner.exe
CompPkgSrv.exe
upfc.exe
mobsync.exe
smartscreen.exe
MicrosoftEdgeUpdate.exe
ScreenClippingHost.exe
TextInputHost.exe
LocalBridge.exe
Microsoft.Photos.exe
WinStore.App.exe
SkypeApp.exe
SkypeBridge.exe
SkypeBackgroundHost.exe
NcsiUwpApp.exe
backgroundTaskHost.exe
taskhostw.exe
ctfmon.exe
HxTsr.exe
HxOutlook.exe
HxCalendarAppImm.exe
HxAccounts.exe
GameBarPresenceWriter.exe
Links:
➤ (12) You should know
• Website to find Privacy Tools https://privacytools.io/
• Website for Privacy Webbrowsers https://privacytests.org/
• Website for Privacy Alternatives https://alternativeto.net/
• Privacy Money Cash - Monero
• The Hated One https://yewtu.be/channel/UCjr2bPAyPV7t35MvcgT3W8Q
• Naomi Brockwell: NBTV https://yewtu.be/channel/UCSuHzQ3GrHSzoBbwrIq3LLA
• Mental Outlaw https://yewtu.be/channel/UC7YOGHUfC1Tb6E4pudI9STA
• Eric Murphy https://yewtu.be/channel/UC5KDiSAFxrDWhmysBcNqtMA
