Remove rivers of junk flowing into your computer.

Extraneous software = vulnerability.

Updated:  20161008

You don’t use it.  You don’t know what it can do.  You don’t really know how it might be misused.  Therefore it should be removed and an attack (or exploitation) vector eliminated.

It’s a two-for-one really.  First, bad guys can’t come in and do bad stuff through some bug or flaw in a software if it isn’t there.  Fairly unlikely.  But secondly (and more likely), your children might just figure out how to get around one of your security controls by exploiting a flaw in one of these programs.  Maybe accidentally, maybe on purpose.

Why risk it when they don’t really provide any value?

And as stated before, these programs constantly attempt to communicate across your Internet connection.  Good filtering in the Device and Network Zones will block those attempts.  That’s a SLEW of data in your logs, which are already hard to read.  Remember, as you monitor the connections that must be made to enable home-school streaming or other wholesome applications, all of those blocks create noise in your logs.

A Windows 10 machine reaches out to 20 or 30 different domains every first login.  Domains like bing.com, windows.com, windows.net, office.net, office.com, microsoft.com, live.com, live.net, and so on and so forth.  Hard to tell what’s valid and what isn’t.  It’s also hard to tell what is at each of these sites–I don’t want to open them all, naturally (bing.com, for instance).  So what can I open and where must I be more careful?

Dejunkification quiets the noise

Recommended for Removal

  • Get Office
  • Get Skype
  • Get Started
  • Groove Music
  • Maps
  • Microsoft Solitare Collection
  • Money
  • Movies & TV
  • News
  • People
  • Phone Companion
  • Store
  • Sports
  • Weather
  • Xbox

Optional

  • 3D Builder
  • Alarms and Clock
  • Calculator
  • Calendar and Mail
  • Camera
  • OneNote
  • Photos
  • Voice Recorder

Removal not Allowed

  • Contact Support
  • Cortana
  • Microsoft Edge
  • Windows Feedback

Readiness

Unfortunately, this does not have a point-and-click interface.  We will open a PowerShell command prompt and type (or copy and paste) in a few commands.  There’s no real way to damage your system, so please don’t worry.  Either it will work or it won’t–but nothing bad will happen.  If the program does not go away, check for a typo and try again.

windows-10-powershell-as-admin

Figure 1

In the “Search Windows” or “Cortana” bar, type in “PowerShell”.  It should find an app as depicted in the screenshot.  Do not use the “Enter” key, but instead right-click and select “Run as Administrator” (figure 1).  Yes, even if you are already logged in as the admin.  Some of these commands will not work work without the admin privilege and by default the PowerShell interface will open up as a normal user.

Whether or not you understood the last paragraph, just trust me on this one.

The PowerShell interface will open and present a blinking cursor on a blue background.  It may take a second to get fully ready, so please be patient.

windows-10-powershell-success

Figure 2

windows-10-powershell-failure

Figure 3

The next two screen shots depict a success and failure based upon the fully correct command.  The first one (figure 2) shows an executed command.  It disappears and goes back to the blinking cursor.  The second screen shot (figure 3) really looks ugly with nasty red statements of “error” and such.  This usually indicates a typo (notice the extra “W” on the end.

Oh, and if you accidentally enter the same command twice, don’t panic–nothing will happen.  It will “complete” happily, have no work to do, it will successfully “not” do it.

The command begins with the words “Get-AppxPackage” and ends with “Remove-AppxPackage”.  In the middle it names the package surrounded by asterisks and uses the “pipe” character, i.e. “|”, usually found with the backslash above the enter key.  Use the entire command at once and hit enter.  I’ve used a different font in order to make it as clear as possible.

Now that you get the idea, the section below lists the moving parts.  Consider each one–I don’t know of anyway that the Windows Calculator can be misused, for example.  It probably is safe to leave, so we marked it “optional” above.  Groove Music, however, opens up a pathway to thousands of sexually explicit album covers–not the music, but the IMAGE on the cover of the album.  We recommend that it should go, hence the inclusion on the “removal list” above.

Update Note:  Microsoft will occasionally push out update compilations, a little like the old “Service Pack” from previous versions of Windows.  These will often RESET all the software this article removes, so, as always, check up  every once-in-a-while.

Update Note #2  Critical Armor has reordered this list to make things easier.  Often one can simply hit the up arrow in PowerShell to bring up the last command and then edit it quickly to the next command.  For instance, “windowscamera” easily becomes “windowscommunicationsapps” with fewer keystrokes.

Update Note #3:  Critical Armor uninstalls the default OneNote.  Microsoft offers the full desktop version of OneNote without charge on their website.  It really is far superior than the Windows 10 preinstalled version.

Syntax

Uninstall Calendar and Mail:

Get-AppxPackage *windowscommunicationsapps* | Remove-AppxPackage

Uninstall Camera:

Get-AppxPackage *windowscamera* | Remove-AppxPackage

Uninstall Maps:

Get-AppxPackage *windowsmaps* | Remove-AppxPackage

Uninstall Store:

Get-AppxPackage *windowsstore* | Remove-AppxPackage

Uninstall Phone Companion:

Get-AppxPackage *windowsphone* | Remove-AppxPackage

Uninstall Money:

Get-AppxPackage *bingfinance* | Remove-AppxPackage

Uninstall News:

Get-AppxPackage *bingnews* | Remove-AppxPackage

Uninstall Sports:

Get-AppxPackage *bingsports* | Remove-AppxPackage

Uninstall Weather:

Get-AppxPackage *bingweather* | Remove-AppxPackage

Uninstall Movies & TV:

Get-AppxPackage *zunevideo* | Remove-AppxPackage

Uninstall Groove Music:

Get-AppxPackage *zunemusic* | Remove-AppxPackage

Uninstall OneNote:

Get-AppxPackage *onenote* | Remove-AppxPackage

Uninstall People:

Get-AppxPackage *people* | Remove-AppxPackage

Uninstall Xbox:

Get-AppxPackage *xboxapp* | Remove-AppxPackage

Uninstall Get Office:

Get-AppxPackage *officehub* | Remove-AppxPackage

Uninstall Microsoft Solitaire Collection:

Get-AppxPackage *solitairecollection* | Remove-AppxPackage

Uninstall Photos:

Get-AppxPackage *photos* | Remove-AppxPackage

Uninstall Get Skype:

Get-AppxPackage *skypeapp* | Remove-AppxPackage

Uninstall Get Started:

Get-AppxPackage *getstarted* | Remove-AppxPackage

Uninstall Get Started:

Get-AppxPackage *feedbackhub* | Remove-AppxPackage

Microsoft Messaging:

Get-AppxPackage *messaging* | Remove-AppxPackage

Windows Phone (again?):

Get-AppxPackage *commsphone* | Remove-AppxPackage

Microsoft WiFi:

Get-AppxPackage *connectivitystore* | Remove-AppxPackage

Prepaid WiFi and Cellular:

Get-AppxPackage *oneconnect* | Remove-AppxPackage

Reinstall

windows-10-restore-app-packages

Figure 4

If, for whatever reason, a need arises to reinstall these programs use the script below.  Please note, the script replaces all of them–so if you want one back, you’ll have to put them all back and then take all of the rest away.  It will take some time and may not appear to be doing all that much, so as always, be patient (figure 4).

Get-AppxPackage -AllUsers| Foreach {Add-AppxPackage -DisableDevelopmentMode -Register $($_.InstallLocation)\AppXManifest.xml”}

And that’s about it.

Review

The above makes a good technical case for removing these programs–that of the false positives in the logs.  Turning our attention to the false negatives, let us think about what happens if a security control fails.  Perhaps we leave Zune TV & Movies installed, since, after all, we’ve restricted those domains with a network or device zone control.  And safe in the knowledge that no security control will ever crash, we go about our lives.

And then, next Tuesday, the unthinkable happens.  The security control fails and leaves TV & Movies unprotected.

Now anyone who uses the computer may open the app and browse through all the titles, descriptions, and cover “art” of all the movies and TV shows available for purchase.  The user probably cannot purchase one, but the covers are generally bad enough.  No teenage boy needs to have those images echoing around in their minds.

And that is a risk we can easily avoid.

Next up–creating restricted accounts on Windows to prevent system changes and application install.  Critically important if, after all of that work to control the installed applications, we want to keep them (or something much worse) from coming back.

Keep on building the castle!