Category: Performance

Bloatware Cleanup Script
article #1613, updated 10 days ago

This one is set up to remove many different bloatware items found on machines from HP, Dell, and Lenovo. A work in progress. Uses both APPX methods and winget.

#Begin Script

# Set up to run winget if needed...
"Set up to run Winget if needed..."

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
# Function to find the path to winget.exe
function Find-WinGet-Path {
    # Get the WinGet path (for use when running in SYSTEM context).
    $WinGetPathToResolve = Join-Path -Path $ENV:ProgramFiles -ChildPath 'WindowsApps\Microsoft.DesktopAppInstaller_*_*__8wekyb3d8bbwe'
    $ResolveWinGetPath = Resolve-Path -Path $WinGetPathToResolve | Sort-Object {
        [version]($_.Path -replace '^[^\d]+_((\d+\.)*\d+)_.*', '$1')
    }
    if ($ResolveWinGetPath) {
        # If we have multiple versions - use the latest.
        $WinGetPath = $ResolveWinGetPath[-1].Path
    }

    # Get the User-Context WinGet exe location.
    $WinGetExePath = Get-Command -Name winget.exe -CommandType Application -ErrorAction SilentlyContinue

    # Select the correct WinGet exe
    if (Test-Path -Path (Join-Path $WinGetPath 'winget.exe')) {
        # Running in SYSTEM-Context.
        $WinGet = Join-Path $WinGetPath 'winget.exe'
    } elseif ($WinGetExePath) {
        # Get User-Context if SYSTEM-Context not found.
        $WinGet = $WinGetExePath.Path
    } else {
        Write-Output 'WinGet not Found!'
        Stop-Transcript
        exit 1
    }

    # Return WinGet path
    return ($WinGet -replace '\winget.exe','')
}

Function Add-PathVariable {
    param (
        [string]$addPath
    )
    if (Test-Path $addPath){
        $regexAddPath = [regex]::Escape($addPath)
        $arrPath = $env:Path -split ';' | Where-Object {$_ -notMatch 
"^$regexAddPath\\?"}
        $env:Path = ($arrPath + $addPath) -join ';'
    } else {
        Throw "'$addPath' is not a valid path."
    }
}

Add-PathVariable (Find-Winget-Path)

# Do APPX removals...
"Do APPX removals..."

# First set up item list
$RemovalItems =  @(
"Microsoft.Advertising.Xaml",
"Microsoft.BingWeather",
"Microsoft.BingFinance",
"Microsoft.BingNews",
"Microsoft.BingSports",
"Microsoft.SkypeApp",
"Microsoft.Teams.Classic",
"Microsoft.WindowsCommunicationsApps",
"Microsoft.XboxGameOverlay",
"Microsoft.XboxGamingOverlay",
"Microsoft.XboxGameCallableUI",
"Microsoft.Xbox.TCUI",
"Microsoft.XboxApp",
"Microsoft.XboxSpeechToTextOverlay",
"Microsoft.XboxIdentityProvider",
"Microsoft.YourPhone",
"Microsoft.ZuneVideo",
"Microsoft.ZuneMusic",
"MicrosoftTeams",
".DellDigitalDelivery",
".DellSupportAssistforPCs",
".DellUpdate",
".Power2GoforDell",
".PowerDirectorforDell",
".DellDigitalDelivery",
".DellWatchgdogTimer",
".DelltypeCStatus",
".DiscoverHPTouchpointManager",
".HPDesktopSupportUtilities",
".HPEasyClean",
".HPJumpStart",
".HPPCHardwareDiagnosticsWindows",
".HPPowerManage",
".HPPrivacySettings",
".HPProgrammableKey",
".HPQuickDrop",
".myHP",
".HPSupportAssistant",
".HPSystemInformation",
".HPWorkWell",
".HPAccessoryCenter"
)

$ProvisionedItems = Get-AppxProvisionedPackage -Online
foreach ($ProvItem in $ProvisionedItems) {
	foreach ($RemItem in $RemovalItems) {
		If ($ProvItem.DisplayName -like "*$RemItem*") {
			Write-Host "Deprovisioning:" $ProvItem.DisplayName
			$error.clear()
			try {
				Remove-AppXProvisionedPackage -Online -PackageName $ProvItem.PackageName -ErrorAction SilentlyContinue | Out-Null
			}
			catch { "Failed: Microsoft does not allow, or other error." }
			if (!$error) { "Succeeded!" }
		}
	}
}

$InstalledItems = Get-AppxPackage -AllUsers
foreach ($InstItem in $InstalledItems) {
	foreach ($RemItem in $RemovalItems) {
		if ($InstItem.Name -like "*$RemItem*") {
			Write-Host "User-level removal operation:" $InstItem.Name
			$error.clear()
			try {
				Get-AppxPackage $InstItem.Name -AllUsers | Remove-AppxPackage -Allusers -ErrorAction SilentlyContinue | Out-Null
			}
			catch { "Failed: Microsoft does not allow, or other error." }
			if (!$error) { "Succeeded!" }
		}
	}
}

# And now do winget removals...
"And now do winget removals..."

# HP bloatware
Winget Uninstall "HP Client Security Manager" --accept-source-agreements --silent
Winget Uninstall "HP Connection Optimizer" --accept-source-agreements --silent
Winget Uninstall "HP Desktop Support Utilities" --accept-source-agreements --silent
Winget Uninstall "HP Documentation" --accept-source-agreements --silent
Winget Uninstall "HP Easy Clean" --accept-source-agreements --silent
Winget Uninstall "HP Insights" --accept-source-agreements --silent
Winget Uninstall "HP Insights Analytics" --accept-source-agreements --silent
Winget Uninstall "HP JumpStart Bridge" --accept-source-agreements --silent
Winget Uninstall "HP JumpStart Launch" --accept-source-agreements --silent
Winget Uninstall "HP Notifications" --accept-source-agreements --silent
Winget Uninstall "HP One Agent" --accept-source-agreements --silent
Winget Uninstall "HP PC Hardware Diagnostics Windows" --accept-source-agreements --silent
Winget Uninstall "HP Performance Advisor" --accept-source-agreements --silent
Winget Uninstall "HP PhoneWise Driver" --accept-source-agreements --silent
Winget Uninstall "HP Privacy Settings" --accept-source-agreements --silent
Winget Uninstall "HP Quickdrop" --accept-source-agreements --silent
Winget Uninstall "HP Security Update Service" --accept-source-agreements --silent
Winget Uninstall "HP Sure Recover" --accept-source-agreements --silent
Winget Uninstall "HP Sure Run Module" --accept-source-agreements --silent
Winget Uninstall "HP Wolf Security - Console" --accept-source-agreements --silent
Winget Uninstall "HP System Default Settings" --accept-source-agreements --silent
Winget Uninstall "HP Velocity" --accept-source-agreements --silent
Winget Uninstall "HP WorkWise Service" --accept-source-agreements --silent
Winget Uninstall "myHP" --accept-source-agreements --silent

# Windows Bloatware
Winget Uninstall "MSN Weather" --accept-source-agreements --silent
Winget Uninstall "Get Help" --accept-source-agreements --silent
Winget Uninstall "Microsoft Tips" --accept-source-agreements --silent
Winget Uninstall "Microsoft 365 (office)" --accept-source-agreements --silent
Winget Uninstall "Solitaire & Casual Games" --accept-source-agreements --silent
Winget Uninstall "Mixed Reality Portal" --accept-source-agreements --silent
Winget Uninstall "Microsoft People" --accept-source-agreements --silent
Winget Uninstall "Store Experience Host" --accept-source-agreements --silent
Winget Uninstall "Xbox TCUI" --accept-source-agreements --silent
Winget Uninstall "Xbox Console Companion" --accept-source-agreements --silent
Winget Uninstall "Xbox Game Bar Plugin" --accept-source-agreements --silent
Winget Uninstall "Xbox Game Bar" --accept-source-agreements --silent
Winget Uninstall "Xbox Identity Provider" --accept-source-agreements --silent
Winget Uninstall "Xbox Game Speech Window" --accept-source-agreements --silent
Winget Uninstall "Groove Music" --accept-source-agreements --silent
Winget Uninstall "Movies & TV" --accept-source-agreements --silent
Winget Uninstall Microsoft.Teams.Classic --accept-source-agreements --silent
Winget Uninstall MicrosoftTeams --accept-source-agreements --silent
Winget Uninstall "Microsoft Whiteboard" --accept-source-agreements --silent
Winget Uninstall "Your Phone" --accept-source-agreements --silent
Winget Uninstall "Groove Music" --accept-source-agreements --silent

# Additionals
Winget Uninstall "Partner Promo" --accept-source-agreements --silent
Winget Uninstall "Translator" --accept-source-agreements --silent
Winget Uninstall "Microsoft Solitaire Collection" --accept-source-agreements --silent
Winget Uninstall "Microsoft People" --accept-source-agreements --silent
Winget Uninstall "Skype" --accept-source-agreements --silent
Winget Uninstall "Microsoft Pay" --accept-source-agreements --silent
Winget Uninstall "Xbox" --accept-source-agreements --silent
Winget Uninstall "Microsoft 365 - es-es" --accept-source-agreements --silent
Winget Uninstall "Microsoft 365 - fr-fr" --accept-source-agreements --silent
Winget Uninstall "Waves MaxxAudio Pro For Dell 2022" --accept-source-agreements --silent
Winget Uninstall "Mail and Calendar" --accept-source-agreements --silent
Winget Uninstall "Media Suite Essentials for Dell" --accept-source-agreements --silent
Winget Uninstall "Power2Go for Dell" --accept-source-agreements --silent
Winget Uninstall "PowerDirector for Dell" --accept-source-agreements --silent
Winget Uninstall "Power Media Player For Dell" --accept-source-agreements --silent
Winget Uninstall "Dell Watchdog Timer" --accept-source-agreements --silent
Winget Uninstall "Dell SupportAssist Remediation" --accept-source-agreements --silent
Winget Uninstall "Dell SupportAssist OS Recovery Plugin for Dell Update" --accept-source-agreements --silent
Winget Uninstall "Dell SupportAssist OS Recovery Plugin" --accept-source-agreements --silent
Winget Uninstall "Dell SupportAssist" --accept-source-agreements --silent
Winget Uninstall "Dell Command | Update for Windows 10" --accept-source-agreements --silent
Winget Uninstall "Dell Digital Delivery Services" --accept-source-agreements --silent

# More HP, best last
Winget Uninstall "HP Easy Clean" --accept-source-agreements --silent
Winget Uninstall "myHP" --accept-source-agreements --silent
Winget Uninstall "HP Sure Recover" --accept-source-agreements --silent
Winget Uninstall "HP Sure Run Module" --accept-source-agreements --silent
Winget Uninstall "HP Performance Advisor" --accept-source-agreements --silent
winget Uninstall "HP One Agent" --accept-source-agreements --silent
winget Uninstall "HP Security Update Service" --accept-source-agreements --silent
winget Uninstall "HP Client Security Manager" --accept-source-agreements --silent

# End script

Categories:      

==============

Appx Cleanup for Windows 10/11 Performance
article #1561, updated 10 days ago

Appx’s are a method used for application install, first delivered in Windows 8.1. There are a lot of builtins which take live system resources in hidden fashion, usually not showing up in Task Manager very much or at all. And there have been a lot of changes in this over recent years. Here’s an overview of items for cleanup as of this writing. One can free a lot of resources on machines this way.

The first thing to know is that many appx’s are “provisioned”, they are embedded in the current (“online”) DISM image, and will be automatically activated whenever a new user profile is made. To get a list of these:

Get-AppxProvisionedPackage -Online | Sort-Object | ft DisplayName, PackageName

To get a list of all apps installed for all users, in nicely sorted form:

Get-AppxPackage -AllUsers | Sort-Object | ft

To remove several of these, that I like to have gone in business desktops, both from provisioning and from any user for which any of them may be installed:

#Begin Script

$RemovalItems =  @(
"Microsoft.Advertising.Xaml",
"Microsoft.BingWeather",
"Microsoft.BingFinance",
"Microsoft.BingNews",
"Microsoft.BingSports",
"Microsoft.SkypeApp",
"Microsoft.WindowsCommunicationsApps",
"Microsoft.XboxGameOverlay",
"Microsoft.XboxGamingOverlay",
"Microsoft.XboxGameCallableUI",
"Microsoft.Xbox.TCUI",
"Microsoft.XboxApp",
"Microsoft.XboxSpeechToTextOverlay",
"Microsoft.XboxIdentityProvider",
"Microsoft.YourPhone",
"Microsoft.ZuneVideo",
"Microsoft.ZuneMusic",
"MicrosoftTeams",
".DellDigitalDelivery",
".DellSupportAssistforPCs",
".DellUpdate",
".Power2GoforDell",
".PowerDirectorforDell",
".DellDigitalDelivery",
".DellWatchgdogTimer",
".DelltypeCStatus",
".DiscoverHPTouchpointManager",
".HPDesktopSupportUtilities",
".HPEasyClean",
".HPJumpStart",
".HPPCHardwareDiagnosticsWindows",
".HPPowerManage",
".HPPrivacySettings",
".HPProgrammableKey",
".HPQuickDrop",
".myHP",
".HPSupportAssistant",
".HPSystemInformation",
".HPWorkWell",
".HPAccessoryCenter"
)

$ProvisionedItems = Get-AppxProvisionedPackage -Online
foreach ($ProvItem in $ProvisionedItems) {
	foreach ($RemItem in $RemovalItems) {
		If ($ProvItem.DisplayName -like "*$RemItem*") {
			Write-Host "Deprovisioning:" $ProvItem.DisplayName
			$error.clear()
			try {
				Remove-AppXProvisionedPackage -Online -PackageName $ProvItem.PackageName -ErrorAction SilentlyContinue | Out-Null
			}
			catch { "Failed: Microsoft does not allow, or other error." }
			if (!$error) { "Succeeded!" }
		}
	}
}

$InstalledItems = Get-AppxPackage -AllUsers
foreach ($InstItem in $InstalledItems) {
	foreach ($RemItem in $RemovalItems) {
		if ($InstItem.Name -like "*$RemItem*") {
			Write-Host "User-level removal operation:" $InstItem.Name
			$error.clear()
			try {
				Get-AppxPackage $InstItem.Name -AllUsers | Remove-AppxPackage -Allusers -ErrorAction SilentlyContinue | Out-Null
			}
			catch { "Failed: Microsoft does not allow, or other error." }
			if (!$error) { "Succeeded!" }
		}
	}
}

# End Script

The above first gets rid of the provisioned, then the user-level for all user profiles, for the whole list. There are some for which Microsoft prevents all removals; errors are thrown for these.

Categories:      

==============

Use All Available CPU Power in Current Windows!
article #1418, updated 40 days ago

Something relatively new. Very interesting changes from some Microsoft documentation, searchable here. Performance improvements have been visible in general behavior of all machines tested for this so far. On some, reported CPU speed does still change over time. BIOS changes are likely to assist as well.

The lines below work in administrative Powershell. It creates a new power scheme called “Maximum Performance”, based on the hidden built-in “Ultimate Performance” if it exists on your system. To revert, just go into Power in the Control Panel and reselect your original power scheme.

# Begin script
powercfg -duplicatescheme e9a42b02-d5df-448d-aa00-03f14749eb61

$oldpower = powercfg -getactivescheme
"Creating power scheme:  Maximum Performance"

$newpower = powercfg -duplicatescheme scheme_current
$newpower = ($newpower[19..54] -join "")
powercfg -changename $newpower "Maximum Performance"
powercfg -setactive $newpower

# Makes maximum CPU speeds available, by default they're not
powercfg -setacvalueindex scheme_current sub_processor PERFBOOSTMODE 2
powercfg -setacvalueindex scheme_current sub_processor PERFBOOSTMODE1 2
powercfg -setacvalueindex scheme_current sub_processor PERFINCTHRESHOLD 0
powercfg -setacvalueindex scheme_current sub_processor PERFINCTHRESHOLD1 0
powercfg -setacvalueindex scheme_current sub_processor PERFINCTIME 0
powercfg -setacvalueindex scheme_current sub_processor PERFINCTIME1 0
powercfg -setacvalueindex scheme_current sub_processor PERFDECTHRESHOLD 100
powercfg -setacvalueindex scheme_current sub_processor PERFDECTHRESHOLD1 100
powercfg -setacvalueindex scheme_current sub_processor LATENCYHINTPERF 0
powercfg -setacvalueindex scheme_current sub_processor LATENCYHINTPERF1 0
powercfg -setacvalueindex scheme_current sub_processor PERFAUTONOMOUS 0
powercfg -setacvalueindex scheme_current sub_processor PERFDUTYCYCLING 0

# Sets overall throttles to maximum
powercfg -setacvalueindex scheme_current sub_processor PROCTHROTTLEMAX 100
powercfg -setacvalueindex scheme_current sub_processor PROCTHROTTLEMAX1 100
powercfg -setacvalueindex scheme_current sub_processor PROCTHROTTLEMIN 100
powercfg -setacvalueindex scheme_current sub_processor PROCTHROTTLEMIN1 100
powercfg -setacvalueindex scheme_current sub_processor HETEROCLASS1INITIALPERF 100
powercfg -setacvalueindex scheme_current sub_processor HETEROCLASS0FLOORPERF 100

# Turns off CPU core controls, tells OS to just use them all.
powercfg -setacvalueindex scheme_current sub_processor CPMAXCORES 100
powercfg -setacvalueindex scheme_current sub_processor CPMINCORES 100
powercfg -setacvalueindex scheme_current sub_processor DISTRIBUTEUTIL 0
powercfg -setacvalueindex scheme_current sub_processor CPDISTRIBUTION 0

# Minimizes CPU spinup time, and maximizes spindown time, just in case
powercfg -setacvalueindex scheme_current sub_processor CPINCREASETIME 0
powercfg -setacvalueindex scheme_current sub_processor CPDECREASETIME 100
powercfg -setacvalueindex scheme_current sub_processor CPHEADROOM 0
powercfg -setacvalueindex scheme_current sub_processor CPCONCURRENCY 0
powercfg -setacvalueindex scheme_current sub_processor LATENCYHINTUNPARK 0
powercfg -setacvalueindex scheme_current sub_processor LATENCYHINTUNPARK1 0

# Sets energy savings preference to zero
powercfg -setacvalueindex scheme_current sub_processor PERFEPP 0

# Commits all above changes to current power plan
powercfg -setactive scheme_current
# End script

Some detail can be had here and here.

These changes are disrecommended for cooling-poor laptops. And one might want to watch the temperatures of poorly built desktops and even some poorly built servers, too.

A version of the above which alters the original power scheme, and runs in administrative CMD, is below. The below is not very easily reversible. It does not use the “Ultimate Performance” builtin.

# Begin script
REM Makes maximum CPU speeds available, by default they're not
powercfg -setacvalueindex scheme_current sub_processor PERFBOOSTMODE 2
powercfg -setacvalueindex scheme_current sub_processor PERFBOOSTMODE1 2
powercfg -setacvalueindex scheme_current sub_processor PERFINCTHRESHOLD 0
powercfg -setacvalueindex scheme_current sub_processor PERFINCTHRESHOLD1 0
powercfg -setacvalueindex scheme_current sub_processor PERFINCTIME 0
powercfg -setacvalueindex scheme_current sub_processor PERFINCTIME1 0
powercfg -setacvalueindex scheme_current sub_processor PERFDECTHRESHOLD 100
powercfg -setacvalueindex scheme_current sub_processor PERFDECTHRESHOLD1 100
powercfg -setacvalueindex scheme_current sub_processor LATENCYHINTPERF 0
powercfg -setacvalueindex scheme_current sub_processor LATENCYHINTPERF1 0
powercfg -setacvalueindex scheme_current sub_processor PERFAUTONOMOUS 0
powercfg -setacvalueindex scheme_current sub_processor PERFDUTYCYCLING 0

REM Sets overall throttles to maximum
powercfg -setacvalueindex scheme_current sub_processor PROCTHROTTLEMAX 100
powercfg -setacvalueindex scheme_current sub_processor PROCTHROTTLEMAX1 100
powercfg -setacvalueindex scheme_current sub_processor PROCTHROTTLEMIN 100
powercfg -setacvalueindex scheme_current sub_processor PROCTHROTTLEMIN1 100
powercfg -setacvalueindex scheme_current sub_processor HETEROCLASS1INITIALPERF 100
powercfg -setacvalueindex scheme_current sub_processor HETEROCLASS0FLOORPERF 100

REM Turns off CPU core controls, tells OS to just use them all.
powercfg -setacvalueindex scheme_current sub_processor CPMAXCORES 100
powercfg -setacvalueindex scheme_current sub_processor CPMINCORES 100
powercfg -setacvalueindex scheme_current sub_processor DISTRIBUTEUTIL 0
powercfg -setacvalueindex scheme_current sub_processor CPDISTRIBUTION 0

REM Minimizes CPU spinup time, and maximizes spindown time, just in case
powercfg -setacvalueindex scheme_current sub_processor CPINCREASETIME 0
powercfg -setacvalueindex scheme_current sub_processor CPDECREASETIME 100
powercfg -setacvalueindex scheme_current sub_processor CPHEADROOM 0
powercfg -setacvalueindex scheme_current sub_processor CPCONCURRENCY 0
powercfg -setacvalueindex scheme_current sub_processor LATENCYHINTUNPARK 0
powercfg -setacvalueindex scheme_current sub_processor LATENCYHINTUNPARK1 0

REM Sets energy savings preference to zero
powercfg -setacvalueindex scheme_current sub_processor PERFEPP 0

REM Commits all above changes to current power plan
powercfg -setactive scheme_current
# End script

Categories:      

==============

USN journal in NTFS: delete and recreate for performance gains
article #1483, updated 281 days ago

The journal can get huge over time, slowing machines down a lot. Here’s how to delete it and recreate it for C:, in CMD. The process can cause interference and conflict with Windows internals and applications, though I have not seen this happen so far. On a machine that has been in use a while, it can help a whole lot.

fsutil usn deletejournal /n C: & fsutil usn createjournal C:

Here are quick pastes for D: and E:.

fsutil usn deletejournal /n D: & fsutil usn createjournal D:
fsutil usn deletejournal /n E: & fsutil usn createjournal E:

In 2012R2/8.1 and before, we must be more specific in the creation:

fsutil usn deletejournal /n C: & fsutil usn createjournal m=1000 a=100 C:
fsutil usn deletejournal /n D: & fsutil usn createjournal m=1000 a=100 D:
fsutil usn deletejournal /n E: & fsutil usn createjournal m=1000 a=100 E:

And here’s Powershell, to do it all for every drive letter in the system:

########################################
# Delete and Recreate NTFS USN Journal #
########################################

# This script iterates through all lettered NTFS drives in Windows, 
# and deletes and recreates the USN Journal of each one.
# Considerable performance gain results if the image has been running
# for a year or more.

# There are slightly different commands between some OS versions.
$OSVer = [System.Environment]::OSVersion.Version
If ($OSVer.Major -gt 10)
{
	"OS > 10. Create uses short command."
	$ShortCommand = $True
} ElseIf ($OSVer.Major -eq 10) {
	If ($OSVer.Build -le 14393)	{
		("OS is 10 build " + $OSVer.Build + ". " + "Create uses long command.")
		$ShortCommand = $False
	}
	Else {
		"OS is 10, build > 14393. Create uses short command."
		$ShortCommand = $True
	}
} ElseIf ($OSVer.Major -lt 10) {
	"OS < 10. Create uses long command."
	$ShortCommand = $False
}	

Get-CimInstance -Query "Select * FROM Win32_LogicalDisk WHERE DriveType=3" | ForEach-Object {
	$DriveID = $_.DeviceID

	If ($DriveID -match "[A-Z]")
	{
		"Deleting USN Journal on " + $DriveID + " ..."
		fsutil usn deletejournal /n $DriveID

		"Recreating USN Journal on " + $DriveID + " ..."
		if ($ShortCommand) {
			fsutil usn createjournal $DriveID
		}
		else {
			fsutil usn createjournal m=1000 a=100 $DriveID
		}
	}
}
# End Script

Reference:

docs.microsoft.com/en-us/windows-server/administration/windows-commands/fsutil-usn

Categories:      

==============

Optimize TCP on Windows for Internet and Networking Speed
article #1217, updated 331 days ago

This venerable tool:

https://www.speedguide.net/downloads.php/

is still by far the best. It optimizes Windows settings for speed on the Internet. It can help at both home and enterprise, and quite a lot. Still being kept up to date for Windows 11.

Categories:      

==============

Major performance boost: Disable NETBIOS and related on all Windows NICs
article #1557, updated 341 days ago

NETBIOS is a very legacy protocol, security of it is very poor. Substantial performance gains by disabling it have been noticed. This is probably because when active it broadcasts constantly to every single NIC on its LAN, creating NIC and switch contention. Also, a large proportion of security violation exploits use it, so disabling becomes a very good idea in general. The only exceptions occur when there are needs to do SMB sharing with very old machines, machines all long out of support. By default, it is still active on all current Microsoft Windows operating systems.

Here is a paste to Powershell that does it all:

Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = [UInt32](2) }

Get-WmiObject Win32_NetworkAdapterConfiguration | Invoke-WmiMethod -Name SetWINSServer -ArgumentList @('','')

$nicall = [wmiclass]'Win32_NetworkAdapterConfiguration'
$nicall.enablewins($false,$false)

Set-Service -Name "lmhosts" -StartupType Disabled
Stop-Service -Name "lmhosts"

The various bits are below.

Turn off NETBIOS over TCP/IP, for each NIC:

Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Where-Object -Property 'TcpipNetbiosOptions' -ne $null | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = [UInt32](2) }

Get rid of all WINS entries, if present (sorry, no CimInstance code yet):

Get-WmiObject Win32_NetworkAdapterConfiguration -Filter "IPEnabled='True'" | Invoke-WmiMethod -Name SetWINSServer -ArgumentList @('','')

Uncheck of LMHOSTS lookups:

$nicall = [wmiclass]'Win32_NetworkAdapterConfiguration'
$nicall.enablewins($false,$false)

Disable the service “TCP/IP NetBIOS Helper”:

Set-Service -Name "lmhosts" -StartupType Disabled
Stop-Service -Name "lmhosts"

If Microsoft DHCP is in use, DHCP can tell clients to do the simple disable, the first item above:

learn.microsoft.com/en-us/troubleshoot/windows-server/networking/disable-netbios-tcp-ip-using-dhcp

And if you want to combine the above with a new Microsoft standard preventing Windows port exhaustion:

Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = [UInt32](2) }
Get-WmiObject Win32_NetworkAdapterConfiguration | Invoke-WmiMethod -Name SetWINSServer -ArgumentList @('','')
$nicall = [wmiclass]'Win32_NetworkAdapterConfiguration'
$nicall.enablewins($false,$false)
Set-Service -Name "lmhosts" -StartupType Disabled
Stop-Service -Name "lmhosts"
netsh int ipv4 set dynamic tcp start=49152 num=16384
netsh int ipv4 set dynamic udp start=49152 num=16384

Below is another script, to reenable the protocols, though it does not try to put back any WINS server IPs that may have been deleted, and it cannot override Microsoft DHCP:

Get-CimInstance -ClassName 'Win32_NetworkAdapterConfiguration' | Invoke-CimMethod -MethodName 'SetTcpipNetbios' -Arguments @{ 'TcpipNetbiosOptions' = 0 }

$DisableLMHosts_Class=Get-WmiObject -list Win32_NetworkAdapterConfiguration
$DisableLMHosts_Class.EnableWINS($true,$true)
Set-Service -Name "lmhosts" -StartupType Manual
Start-Service -Name "lmhosts"

Categories:      

==============

Increase WMI quota for performance under heavy load
article #1587, updated 359 days ago

This:

medium.com/@mail2wesley/increase-memory-quota-for-wmi-classes-to-avoid-wmi-quota-violation-error-ee2070092674

Categories:      

==============

Disable "News and Interests" in Windows 10
article #1570, updated 527 days ago

Here is Group Policy:

Computer Configuration / Administrative Templates / Windows Components / News and interests

Categories:      

==============

Hidden Memory Usage in Win10/11
article #1541, updated 688 days ago

There are machines with (say) 16 gigabytes of RAM, where Task Manager shows 97% or more memory in use, but the numbers don’t add up even close to 16G. The first step is to get RAMMap:

learn.microsoft.com/en-us/sysinternals/downloads/rammap

and study the Use Counts tab list. There may be more than one cause, but the one I’m looking at, shows most of my RAM used by “Driver Locked”. Microsoft says updated drivers will fix it. Will continue this article when I have data. Current references:

learn.microsoft.com/en-us/answers/questions/128755/driver-locked

learn.microsoft.com/en-us/windows-hardware/test/assessments/windows-assessment-console

learn.microsoft.com/en-us/windows-hardware/get-started/adk-install

Categories:      

==============

Boost TCP/IP performance in Windows?
article #1540, updated 694 days ago

At least on this office LAN, this is helping. Not clear whether it helps everywhere and all.

In Regedit, go to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces

You’ll notice several GUIDs. These are all of the network interfaces Windows knows about, virtual, Bluetooth, whatnot. You’ll want to try adding the below to any of them that you use.

TCPAckFrequency = 1

Technically this is called “disabling delayed ACK”. It seems to be helping me a lot for all accesses, including SMB, intranet, and Internet.

Categories: