Think this was reported a while back - Office introduced its maligned “ai.exe” process, for whatever Artificial Intelligence Host-ing shenanigans and I’m trying to disable it. I know I can always “delete” the executable, but the next update brings it back alive. I’ve tried with GPOs by adding a “Disallow” rule through “Computer Configuration>Windows Settings>Software Restriction Policies” but process still shows up. Anyone has any ideas on how to stop Office apps from spawning this?
PS: Yes - there’s no official way to disable AI other than turning off ALL of the connected features, but that will also kill synonyms and what not, but those are kinda handy to be fair.
open task manager.
go to startup and if ai.exe is there set it to disable.
go to services.
look up the ai.exe service and disable it if the option exists.
reboot.
if all is ok. then open task manager and delete the startup entry for ai.exe if it was there initally.
if none of that is applicable.
look in scheduled tasks it may be starting from there. you just set the rule to disable and that should stop it from starting or attempting to start it in services.
then i read through the rest of it and it should definitely be an optional install not something that comes pre installed and you can only partially opt out of.
it still sends your data just not with your user id… (claimed)
so after reading that.
i would just rename the file to something other than ai.exe (ai.exe.orig will do) and create a dummy empty file ai.exe. make it read only.
stick it in the original folder and see what happens.
if it breaks ms office then just delete the new file and rename the old one back.
This article is for Windows rather than Office. I did get ahold of Copilot/Cortana through GPOs and it’s not a problem there (actually through GPOs you can nuke all this stuff from orbit in my experience). It’s on Office that I’m having problems… which is where I think I should go next - ADMX templates for Office??
yeah thought it might be relevant because office is kind of integrating with windows…
anyways.
you have group policy’s for the office 360?..
then there should be an entry in computer config/admin templates. (gpedit)
(check user config also but computer config will take priority if both exist)
if your struggling to find it click all settings and it should be listed there alphabetically. (hopefully)
if you cant find it there then the registry is probably the last place to look
as edits here can kill your system. USER DISCRETION do this at your own risk.
if it exists ai.exe launch should be in with the rest of the keys for each application its opened by.
likely a PS or a command prompt string. set as a key.
so outlook may have a string that loads the ai.exe
simplest way is probably search for ai.exe and then disable every entry you find.
but as i say this comes with a risk so make a restore point at the very least before you make edits.
Found this page that does describe what the Microsoft 365 Copilot does (aka Office 365) and how to limit its use with policy settings:
Did an initial test with my AD and unfortunately it does NOT turn off the AI.exe process. Will look at this further.
Edit: Conversely, will have to monitor the network traffic of that one process to see if it’s sending any information at all after this. (Again, not ideal)
Did my resarch, and unfortunately, none of the Microsoft 365 ADMX options (i.e. GPOs) allow for “Disable” the AI.EXE process.
Problem is that, while you can set up an “AppLocker policy” or a “Software Restriction Policy” which prevents you from run the process directly, Outlook.exe is STILL allowed to spawn this as a child process, which is baffling to me!
While I figure if I can propagate a direct file restriction policy through GPOs, I just set the AI.exe file Security Settingsto only be read by SYSTEM. That truly prevents this process from ultimately being read by anything, and it still keeps it alive to be updated by the Windows Installer process:
like i said mate you could try feeding it a dummy file and see what happens.
rename the original
create an empty txt file. give it the name ai.exe and put it in the original folders.
then when ai.exe is called it sends back loaded file successfully but will load nothing but an empty file.
if its a tertiary plugin, then the applications that load it initially should still work.
if they don’t then just delete the new file and rename the old back.
