Aegis: Block all Windows 10 components on Windows 7 and 8

Aegis is a powerful script for Windows 7 and Windows 8 devices that takes care of all components related to Microsoft's news operating system Windows 10.

In addition to that, it is performing additional operations such as adding a number of Microsoft hosts to the blocklist, setting Windows Update to check/notify, and more.

Since it is script-based, it is easy enough to check out what it does in detail, and even to add or remove commands from the script to adjust it accordingly as its author allows code modifications or the sharing of the code or components.

Update: Aegis is no longer maintained. Check out Ancile, a fork that is in active development.

Aegis in detail

Aegis is updated regularly to reflect changes that Microsoft makes, for instance by taking into account new updates or modified updates.


The application is offered via a Mega download currently. The package is offered as a zip file that you need to download to your system. Once you have unpacked it, you find several command files listed in the directory that you can edit directly using any plain text editor.

The file setacl.exe, in case you are wondering supports the managing of Windows permissions from the command line.


How to use it

All you need to do is right-click on the file aegis.cmd and select "run as administrator" to get started. Follow the on-screen instructions from that moment on to complete the process.

Note: It is highly recommended to create a system backup before the program is run on a machine as you may not have any options to undo the changes should things go wrong.

So what does it do in detail?

  • Disables or hides the Windows 10 download directory.
  • Disables GWX (Get Windows 10), OneDrive, Telemetry, Wifisense.
  • Uninstalls or hides 31 KB updates.
  • Disables 31 schedules tasks.
  • Uninstalls Diagtrack.
  • Disables Remote Registry.
  • Blocks 188 Microsoft Hosts on 221 IPs.
  • Change Windows Update settings to check/notify instead of download/install.

The Windows Updates that the program uninstalls or hides

kb updatedescription
kb971033update for windows activation technologies
kb2902907description not available, update was pulled by microsoft
kb2922324description not available, update was pulled by microsoft
kb2952664update for upgrading windows 7
kb2976978update for windows 8.1 and windows 8
kb2977759update for windows 7 rtm
kb2990214update that enables you to upgrade from windows 7 to a later version of windows
kb2999226update that enables you to run windows 10 applications on earlier versions of windows
kb3012973upgrade to windows 10
kb3014460update for windows insider preview / upgrade to windows 10
kb3015249update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
kb3021917update for windows 7 sp1 for performance improvements
kb3022345update for customer experience and diagnostic telemetry
kb3035583update installs get windows 10 app in windows 8.1 and windows 7 sp1
kb3044374update that enables you to upgrade from windows 8.1 to windows 10
kb3046480update for migrating .net when upgrading to later version of windows
kb3050265update for windows update client for windows 7 june 2015
kb3050267update for windows update client for windows 8.1 june 2015
kb3065987update for windows update client for windows 7 and windows server 2008 r2 july 2015
kb3065988update for windows update client for windows 8.1 and windows server 2012 r2 july 2015
kb3068708update for customer experience and diagnostic telemetry
kb3075249update that adds telemetry points to consent.exe in windows 8.1 and windows 7
kb3075851update for windows update client for windows 7 and windows server 2008 r2 august 2015
kb3075853update for windows update client for windows 8.1 and windows server 2012 r2 august 2015
kb3080149update for customer experience and diagnostic telemetry
kb3083324update for windows update client for windows 7 and windows server 2008 r2 september 2015
kb3083325update for windows update client for windows 8.1 and windows server 2012 r2 september 2015
kb3083710update for windows update client for windows 7 and windows server 2008 r2 october 2015
kb3083711update for windows update client for windows 8.1 and windows server 2012 r2 october 2015
kb3112343update for windows update client for windows 7 and windows server 2008 r2 december 2015
kb3112336update for windows update client for windows 8.1 and windows server 2012 r2 december 2015
Read also:  LoadedDllsView: display dlls loaded by Windows processes

Closing Words

Aegis is a sophisticated program that is updated regularly to block Windows 10 components, updates designed solely for the promotion or installation of Windows 10, and other undesirable components on systems running Windows 7 or 8.

Author Rating
4.5 based on 45 votes
Software Name
Operating System
Software Category
Landing Page

Please share this article


Filed under:

Responses to Aegis: Block all Windows 10 components on Windows 7 and 8

  1. yoav January 26, 2016 at 3:32 pm #

    It's pretty crazy that Windows users have to install software to protect themselves from Microsoft.

    • Jeff January 26, 2016 at 6:09 pm #

      @yoav -- exactly my thoughts. That this needs to exist is sad & shameful.

      • Corky January 26, 2016 at 8:08 pm #

        Do you know Jeff personally then Andrew?
        I only ask as it seems a rather large assumption to make that someone uses Google services, not that Google services are in any way, shape, or form comparable to Windows 10, in case you can't work it out Windows 10 is an operating system and Google services are not.

    • Andrew January 26, 2016 at 6:18 pm #

      Says a guy who uses google services...

      • yoav January 26, 2016 at 7:43 pm #

        I never bought anything from Google, so my expectations are different. I did buy an operating system from MS and I expect to own it completely. MS is infringing on my ownership rights and I resent that.

      • Gary D January 26, 2016 at 8:56 pm #


        I remember your name appearing in the comments on other Win 10 articles regarding telemetry, forced botched upgrades, etc., written by Martin.
        From what I remember, you were extremely pro Win 10.
        You regarded anybody who did not want to update to Win 10 as tin foil hat wearing, paranoid, conspiracy freaks.
        Of course, I may be wrong and maybe I have remembered the comments made by a different Andrew...................

        Thanks Martin for this article and the Aegis web site link.

      • Jeff January 26, 2016 at 9:52 pm #

        @Gary, no I think you're right. If not him, then it's always someone. I said then, and I say it now, that I think MS employs shills to find Win 10 articles on the web and comment in favor of Win 10. If that puts a tin foil hat on my head, so be it.

        The campaign seems to be to find people complaining about W10's privacy issues, and paint them as being deranged lunatics or conspiracy theorists. From what we've seen from MS' unprecedented level of aggression in forcing W10 on people, I wouldn't put it past them.

  2. Valrobex January 26, 2016 at 4:31 pm #

    @ yoav - Yes it is pretty crazy but thankfully there are folks out there who are interested and technically proficient enough to offer solutions to those of us who are just "somewhat educated" users. That's one of the terrific benefits offered by Martin through this blogsite. Thanks, once again, Martin.

  3. Dukislav January 26, 2016 at 5:27 pm #

    • thepower February 4, 2016 at 9:23 pm #

      Thanks for providing this link. I will go through the other programs and pull in any bits we may be missing.

  4. Grumpseasily January 26, 2016 at 5:33 pm #

    Just a "thank you, Martin" for another highly appreciated article.

  5. Henk van Setten January 26, 2016 at 5:58 pm #

    This looks good. Checking and if necessary uninstalling that complete list of KBs will certainly come in handy.

    Thanks for posting this, Martin!

  6. Unknown January 26, 2016 at 6:20 pm #

    And this is why I check every single update what the update contains before I install it, just to avoid getting any of the Windows 8+ crap.

    Windows 7 ftw!

  7. Corky January 26, 2016 at 8:16 pm #

    If pro-Microsoft people are having problems understanding why there's so much hate for Microsoft and Windows 10 you only have to look at the amount updates pushed onto peoples computers and the 31 scheduled tasks, while that maybe great if you want to take Microsoft up on their offer it's not if you don't.

    If you received 31 telemarketing phone calls in the last 6 months all from the same company and they continued calling even after you told them you're not interested you would probably start getting a little annoyed, you would probably be wondering what you have to do or say to get them to leave you alone.

    • Gary D January 27, 2016 at 12:31 am #


      Your comparison between MS and Telemarketers is the best summation of the Windows upgrade situation I've read.
      Simple analogy, easily understood even by Win 10 shills/trolls.
      Wish I'd thought of it ! :-(

  8. Stefan January 26, 2016 at 10:37 pm #

    There's already a little program that works on 7, 8 and also 10.

    On my machine, the above program didn't hide the "updates", but right click "Hide update"

    PS: source code is available

  9. DaVinci January 26, 2016 at 11:23 pm #

    All of these are clones of the original, called Block Windows. It's the first one of those, and features way more stuff. Check it out, works flawless.

    top Windows 7 through 10 Nagging and Spying updates, Tasks, IPs, and services. Works with Windows 7 through 10

    BlockWindows.bat - Right Click and "Run as Admin"
    hosts.bat - Works with Windows 7 and 8. Appends current hosts file. Run from your Downloads directory. Doesn't work on Windows 10, copy hosts file to your router or firewall if using Windows 10
    hosts2.bat - Blocks M$ hosts with firewall BLOCKS most M$ sites OUTLOOK,HOTMAIL,ETC REM any you use
    hosts - DNS file of MS hosts to block
    hostlist - MS Hosts file to blocking for router or firewall use
    hosts-dnsmasq - Hosts file for dd-wrt and other routers
    HideWindowsUpdates.vbs - Hides blocked updates, to reinstall click 'show hidden updates'
    DisableWiFiSense.reg - Adds registry to disable WiFi Sense, which steals your wifi password without your consent.
    unblock.bat - Unblocks hosts2.bat blocking

    • neal January 27, 2016 at 8:11 am #

      All the "clones" or dedicated Windows 10 anti spy programs do the same thing, and there is no "original." In fact judging project start date it isn't the first one, there were other user create bat files created doing similar things during the Windows 10 preview period.

      Anyways it is not too difficult to look at network logs and then create host file entries or look at Windows services and manually disable them, or create a bat file to do it.

      In fact I like the programs better, instead of running separate multiple bat files, they put everything in application and create a UI that does it all in one click including option to undue any changes if something inadvertently breaks.

      And sense the author was kind enough to put it on github, the only thing that I think is not included in the third party anti spy applications is the host files for routers.

    • John January 27, 2016 at 12:26 pm #

      that one is outdated by now. Doesn't include latest updates etc.

      • thepower February 4, 2016 at 7:48 pm #

        Hi John,

        Aegis has been updated recently and now includes 48 kb updates among other improvements. :-)

  10. jasray January 27, 2016 at 1:03 am #

    Sooner or later, I think users will figure out that Microsoft techs, Mark Russinovich is one (and he has trained an elite core of experts), aren't exactly "dumb" and the computers that are running such "blocking scripts and programs" will become completely "static" and, most likely, inoperable. In other words, the MS Techs will simply say, "If you are going to use Windows and want update M, O, and P, then, the settings on your computer will have to change in order for the update to come through [which it can't do at this moment because you are blocking it with some silly toy a nerd made to showoff to his buddies], and we won't tell you what settings those are--go back and undo everything--good luck.

    • User January 27, 2016 at 2:28 pm #

      Well, in that case I will totally switch to Linux cause it's intolerable to feel raped by any company that one support by buying their product. It is like being force fed by your local gyros restaurant.

  11. David January 27, 2016 at 10:49 am #

    I thought there was no API to hide updates. Maybe that was incorrect. Does this uninstall and hide them?

    • meifter January 27, 2016 at 11:14 am #


      Disable gwx/skydrive(aka onedrive)/spynet/telemetry/wifisense, disable/hide windows 10 download directory, uninstall/hide 31 kb updates (see list below), disable 31 scheduled tasks (optional components that phone home to microsoft), uninstall diagtrack, disable remote registry, block 188 microsoft hosts (221 ip's), change windows update settings to check/notify but do not download/install

      Windows Update:

      This script will not block Windows Update, however it will change your Windows Update settings to check/notify but do not download/install.

    • Corky January 27, 2016 at 12:47 pm #

      From the Windows update GUI, when it lists the available updates, right click the update you want to hide and click hide this update, that's assuming you've set Windows update not to install updates automatically.

    • thepower February 4, 2016 at 7:53 pm #

      We hide updates using a small vbs script that someone shared on serverfault.

      It mostly works pretty well however Microsoft has been un-hiding and re-pushing certain updates lately so it is an ongoing battle.

  12. Ann January 27, 2016 at 11:37 am #

    hey Martin,

    please check this.
    I'm curious if uninstalling all those KB's leaves still something on or not and if this kind of stufuW10 programs are still needed

    • thepower February 4, 2016 at 7:56 pm #

      Aegis does everything SAB does plus a lot more (note they use host blocking, we use persistent static null routes, but I checked our lists against theirs and we aren't missing anything).

  13. Hans van Aken January 27, 2016 at 5:58 pm #

    Had to use Internet Explorer to download aegis v. 1.9. Irony?
    Suppose because of the new security settings in Firefox 44.
    Took a while until I had the idea.
    GWX Control Panel registered the changes and says
    "At least one hidden download folder was found".
    Thanks, Martin, for another great article and thanks
    to the author of the script. Great work!

    • thepower February 4, 2016 at 7:57 pm #

      Sorry you had a problem, the project is now hosted on Github so hopefully that will make it easier for users to download the files. :-)

  14. Hans van Aken January 27, 2016 at 8:32 pm #

    Had to use Internet Explorer to download aegis v. 1.9. Irony?
    Suppose because of the new security settings in Firefox 44.
    Took a while until I had the idea.
    GWX Control Panel registered the changes and says
    "At least one hidden download folder was found".
    Thanks, Martin, for another great article and thanks
    to the author of the script. Great work!

  15. Hy January 29, 2016 at 11:41 am #

    I ran Aegis and found it to be a little overly-aggressive in its blocking for my taste. It blocks Bing webpages and Skype login page, as well as Microsoft pages where I look up KB update info. I could learn to live without the occasional Bing image, video, map, and news search, but I have to be able to login to the Skype website to manage my account, so this is a dealbreaker for me.

    I reverted back to the system restore point I made and got rid of Aegis. I'm sticking with GWX Control Panel and its realtime monitoring protection for now.

    • thepower February 4, 2016 at 7:58 pm #


      Based on user feedback (including yours) we have removed the blocks for bing, hotmail, msn, outlook, and skype in v1.10. If you find anything else that you feel shouldn't be blocked please let us know. And of course you can always modify the code and remove anything you like, it's all open source and plain text.

      • Hy February 4, 2016 at 8:39 pm #

        @thepower: Thanks very much for the response and for letting me know! Sounds like a good decision to remove the blocks for those domains. I think I will give Aegis a try again.

        It sounds like Aegis is a cross/combination of Spybot Anti-Beacon (which blocks telemetry) and GWX Control Panel, which blocks forced Windows 10 upgrade. Would that be a fair characterization of Aegis--that it does both?

        Is Aegis fully compatible with both SAB and GWX CP? I am currently runing both, and wonder if Aegis is still necessary and if so, if it would work with both of them side-by-side with no problems.

        Thanks for letting me know!

      • Hy February 4, 2016 at 8:42 pm #

        P.S. @thepower: Thanks for your important, invaluable work on this project to help people protect their privacy!

    • thepower February 4, 2016 at 9:27 pm #


      At this point I would say it is a combination of at least 5 or 6 others scripts and utilities, including the 2 you mentioned. I try to watch out for anything it may be missing and add those bits. It would probably be redundant but I don't see any reason why it would cause a problem to run it in combination with them. However if you have any problems please let us know.

  16. icy January 30, 2016 at 10:41 am #

    You can allways safely update windows 7 via Simplix UpdatePack7R2
    You can eliminate a lot of microsoft shit by using Winreducer for win7 to win 10

  17. Tom Hawack January 30, 2016 at 2:10 pm #

    You have to be careful with mistakes.

    Among the Windows Updates that the AEGIS program uninstalls or hides is :
    kb2999226 : update that enables you to run windows 10 applications on earlier versions of windows

    I haven't run the AEGIS application (fortunately!) but I have removed the KB2999226 after reading their description about it.
    Then I ran a program which wouldn't start anymore : 'Simple DNSCrypt' : a popup specified that file api-ms-win-crt-runtime-l1-1-0.dll was missing.

    I searched for information and found out that the file api-ms-win-crt-runtime-l1-1-0.dll was part of the KB2999226.
    Microsoft states KB2999226 as "Update for Universal C Runtime in Windows"
    AEGIS states KB2999226 as "update that enables you to run windows 10 applications on earlier versions of windows"
    -> Find the culprit.

    I followed advise found (done for the same file missing problem but for another app) at

    That is, I reinstalled KB2999226, uninstalled then re-installed Microsoft Visual C++ Redistributable Package 2015 for both x86 and x64 (I'm on Win7 x64), and all is fine again, api-ms-win-crt-runtime-l1-1-0.dll back in place and 'Simple DNSCrypt' running correctly.

    For whom this may concern : be aware of what a good intention can lead to if unskilled.

    • thepower February 4, 2016 at 8:01 pm #

      Hi Tom,

      This was an intentional choice rather than a 'mistake'. Although you could argue it was not a good choice. We have so far only had one person report this to us as an issue - maybe that was you? :-)

      I am still on the fence about this, since we feel like it's better to err on the side of caution, and a user can always comment out this one update in the code so that it won't be blocked.

      • Tom Hawack February 4, 2016 at 8:42 pm #

        Well, the fact is that applications requiring Microsoft Visual C++ Redistributable Package 2015 may be blocked without the KB2999226 update. I haven't found any relationship between this update and Windows 10, unless one argues that if Windows 10 has it natively then it is suspicious, in which case applications such as .Net Framework would be suspicious once they are built in the latest Windows version but require an install for previous versions...
        What I mean is that I can understand the awareness Microsoft's aggressive Win10 upgrade policy has and continues to stir, and that I realize that this distrust can lead to automatism and the mistakes this can carry, as in "real" life. In this case, removing KB2999226 is a mistake.

        I wasn't the one who reported as you mention it above. We are at least two then, hoping a plain user totally out of the computing basics will not have been a third, anonymous and maybe deeply annoyed. You have to be careful and I don't understand how your choice might have been deliberate and not a mistake : this IS an authentic BIG mistake, sorry to say so.

    • thepower February 4, 2016 at 9:20 pm #


      I'm sorry this caused you a problem, and I want to thank you for your feedback. I appreciate what you are saying. When I say it was not a mistake I simply meant it in the context as it was not an accident that we blocked it - we did it on purpose. However I don't necessarily claim it was a good choice.

      In any case I am always open to user feedback and I often change my mind after listening to what people have to say and learning new information. In this case it seemed prudent at the time and I was not aware that it was going to cause other problems so I will definitely take a look at that update and re-evaluate. :-)

      • Tom Hawack February 4, 2016 at 9:35 pm #

        I've always focused on the intention, far more important to me than the result. I know you have good intentions and your work proves it. After that, opinions may diverge. My point was more to share a difficulty and its solution than to emphasize on what I call a mistake but which may be arguable even if, in this case, it doesn't come to my understanding.

        No bigger problem than that. It wasn't an issue for me (even if I'd dare not even imagine getting on a work such as yours with this application), so the comment was motivated -- very frankly -- at 49% by an immediate irritation and at 51% by a "good action" :)

        There are much bigger problems in life and even within the cyberworld.

        All the best, thepower (is with you!)

    • thepower February 8, 2016 at 7:56 pm #

      Tom, this update has been removed from the latest version. Please let us know if you have any questions.

      • Tom Hawack February 8, 2016 at 8:09 pm #

        Thanks, thepower, for bringing this public, and be thanked, you (and the Aegis Team) for your work, your commitment to a better Web. As in life, reasons to frown and reasons to smile :)

        I had forgotten to mention in my first posts that the KB2999226 update was the only one in your list that I had not already uninstalled and/or hidden from updates, this explains also why I focused on it (I was telling myself then "What, I've missed one, I still have an intruder on board?!" ...

        All is well, keep up the good work.

  18. thepower February 4, 2016 at 8:03 pm #


    Thanks for the mention. FYI a new version has been released with many improvements. Also we have moved the project to GitHub. Please let us know if you have any questions. Thanks. :-)

  19. Foo Nonymus February 5, 2016 at 5:03 am #

    I didn't realise that before but the name gwx.exe seemed to be weird name to give to the Windows 10 updater. Now I finally realised what it stands for. It's "Get Windows X", or "Get Windows 10"!

    X = 10 in Roman numerals, that definition explains the name perfectly I think.

    • Tom Hawack February 5, 2016 at 10:43 am #

      Now that you mention it... indeed.
      I'll stick on WVII for the time being, which could lead to KWVII (Keep Windows 7) :)

  20. Thane Ahrens February 10, 2016 at 10:34 pm #

    I have just run the Aegis script "aegis-voat-1.11". Now I can't access Hotmail. My we browser no longer connects to How can I fix this?

    • Martin Brinkmann February 10, 2016 at 10:37 pm #

      Check the hosts file and see if it lists the host. You find it in c:\windows\drivers\etc

      • João Mendes March 3, 2016 at 9:09 pm #

        What lines of code in the HOSTS file do I need to erase exactly? A friend of mine (who's more tech savy than me) recommended me Aegis because of the constant Windows 10 nagging message, but now I can't access my e-mail because Hotmail seems to have been blocked... How do I re-enable this to be able to use all the functions of the e-mail?

      • Martin Brinkmann March 3, 2016 at 9:48 pm #

        I'm not using hotmail, but start with as this is the entry point and used when you open the web interface.

    • Hy February 11, 2016 at 4:15 am #

      @Thane Ahrens: When I ran Aegis, it blocked connections from the computer to many Microsoft domains, including Hotmail, etc.. (See comments above.) As Martin suggested to you, you can see if the website you are no longer able to connect to is listed as being blocked in your HOSTS file, and then you could edit your HOSTS file and remove the entry or entries that are affecting you.

      Alternatively, you can also boot into Safe Mode and run System Restore, restoring your machine back to the time just before you ran Aegis. That's the method I followed, because I could not find the websites being blocked in my HOSTS file.

  21. Thane Ahrens February 10, 2016 at 10:36 pm #

    *web browser

    • Thane Ahrens February 10, 2016 at 11:32 pm #

      Problem fixed. I got a reply from another place ( ). If anyone else has an issue with this, here was the response and this fixed it:

      Hey, sorry you are having a problem. I checked on that and we aren't blocking hotmail on purpose but it looks like one of the host blocks we are doing matches that host you mentioned.

      Here's what you can do to fix it immediately, run this in an admin command prompt:

      route delete
      route delete
      route delete
      route delete
      route delete
      route delete
      route delete
      route delete
      route delete
      route delete
      route delete
      route delete
      I will go ahead and remove those host blocks so that it won't happen again in the future. Give me a few minutes and I will push the update. You can grab the latest version here:

      Let me know if you have any other questions. :-)

      • Hy February 11, 2016 at 7:19 am #

        Good to know. Thanks for posting this!

  22. User February 11, 2016 at 3:38 pm #

    For the first time and out of nowhere this month, my Windows 8.1 machine doesn't let me run the aegis script and gives me a "Windows script host access is disabled on this machine" error. A little googling showed me the simple registry fix to switch it back on. A paranoid person might think MS is putting that in there attempting to block this new tool.

    • Tom Hawack February 11, 2016 at 3:57 pm #

      Since we're not paranoid we won't think that :)

  23. Alessaa February 25, 2016 at 8:19 pm #

    Great work! But i have a question: with Aegis installed, can Microsoft still copy the content of your HDD or copy an

    index of all the files on your computer? or still save all the keystrokes you are typing, or record every program

    you are using and check it's license? Or can we be certain that future software will really be able to block all

    Windows 10 spying and collecting..?

    Specially since i read that updates are mandatory on windows 10.. and the EULA is crazy..

    I want to buy a new computer..but now the new Skylake processors line (6700K..) will not recieve security updates on

    windows 7 after July 2017... MS is doing that to force everyone to change to windows 10, or stay with old outdated


    I would prefer to buy new Skylake processors and new DDR4 memory and run windows 10..

    But it seems is Windows 7 and old Processors are the last possible option for a Personal Computer?

    At least until jan 2020 when windows will not make any more security updates for System 7..

  24. Scalar September 12, 2016 at 12:19 pm #

    Hi Martin,

    The project aegis-voat has been discontinued since Jul 2016 due to personal issue with the operator/owner of Visit for more details.

    Fortunately Matthew Linton has picked it up and continue it as a fork & rework with a new project-name 'Ancile'. and

    I wonder if you could consider to make a review of the new Ancile?

    Many thanks for your attention.


    • Martin Brinkmann September 12, 2016 at 2:00 pm #

      Thanks, I have published a review and updated this one.

      • Scalar September 12, 2016 at 3:53 pm #

        Great, thanks :)

        CU Scalar

Leave a Reply