Outlook + AI.EXE - How not to?

Think this was reported a while back - Office introduced its maligned “ai.exe” process, for whatever Artificial Intelligence Host-ing shenanigans and I’m trying to disable it. I know I can always “delete” the executable, but the next update brings it back alive. I’ve tried with GPOs by adding a “Disallow” rule through “Computer Configuration>Windows Settings>Software Restriction Policies” but process still shows up. Anyone has any ideas on how to stop Office apps from spawning this?

PS: Yes - there’s no official way to disable AI other than turning off ALL of the connected features, but that will also kill synonyms and what not, but those are kinda handy to be fair.

I red some microsoft forum post about it. And acording to microsoft there is obviously no function to disable it.

Best option is just keep killing the proces.

Yes - I was thinking on more “outside the box” solutions to this, like trying to prevent the process from starting (like I tried to do through GPO)

open task manager.
go to startup and if ai.exe is there set it to disable.
go to services.
look up the ai.exe service and disable it if the option exists.
reboot.
if all is ok. then open task manager and delete the startup entry for ai.exe if it was there initally.

if none of that is applicable.
look in scheduled tasks it may be starting from there. you just set the rule to disable and that should stop it from starting or attempting to start it in services.

1 Like

I today heard that copliot, can listn to a meeing, and sumarise it, and then make a todo list.

I don’t want microsoft reading my documents

Digital brother is watching you

2 Likes

sadly no - it’s a child process from every Office app, so it wouldn’t be a service or a scheduled task to disable.

Made me think of discusion i had with my dad. Officee 97 was the last good release.

after that its all shit

dunno if you have read this.

then i read through the rest of it and it should definitely be an optional install not something that comes pre installed and you can only partially opt out of.
it still sends your data just not with your user id… (claimed)

so after reading that.
i would just rename the file to something other than ai.exe (ai.exe.orig will do) and create a dummy empty file ai.exe. make it read only.
stick it in the original folder and see what happens.
if it breaks ms office then just delete the new file and rename the old one back.

This article is for Windows rather than Office. I did get ahold of Copilot/Cortana through GPOs and it’s not a problem there (actually through GPOs you can nuke all this stuff from orbit in my experience). It’s on Office that I’m having problems… which is where I think I should go next - ADMX templates for Office??

yeah thought it might be relevant because office is kind of integrating with windows…

anyways.
you have group policy’s for the office 360?..

then there should be an entry in computer config/admin templates. (gpedit)
(check user config also but computer config will take priority if both exist)
if your struggling to find it click all settings and it should be listed there alphabetically. (hopefully)

if you cant find it there then the registry is probably the last place to look
as edits here can kill your system. USER DISCRETION do this at your own risk.

if it exists ai.exe launch should be in with the rest of the keys for each application its opened by.
likely a PS or a command prompt string. set as a key.
so outlook may have a string that loads the ai.exe
simplest way is probably search for ai.exe and then disable every entry you find.
but as i say this comes with a risk so make a restore point at the very least before you make edits.

Apparently yes - this is a thing (and it makes sense for corporate environments):
https://www.microsoft.com/en-us/download/details.aspx?id=49030

Will tinker exactly on WHICH GPO translates into what registry key/value is, hopefully this should “kill” this AI nonsense

Found this page that does describe what the Microsoft 365 Copilot does (aka Office 365) and how to limit its use with policy settings:

Did an initial test with my AD and unfortunately it does NOT turn off the AI.exe process. Will look at this further.

Edit: Conversely, will have to monitor the network traffic of that one process to see if it’s sending any information at all after this. (Again, not ideal)

Did my resarch, and unfortunately, none of the Microsoft 365 ADMX options (i.e. GPOs) allow for “Disable” the AI.EXE process.

Problem is that, while you can set up an “AppLocker policy” or a “Software Restriction Policy” which prevents you from run the process directly, Outlook.exe is STILL allowed to spawn this as a child process, which is baffling to me!

While I figure if I can propagate a direct file restriction policy through GPOs, I just set the AI.exe file Security Settingsto only be read by SYSTEM. That truly prevents this process from ultimately being read by anything, and it still keeps it alive to be updated by the Windows Installer process:

The files I’ve locked for now are:

%ProgramFiles%\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.dll
%ProgramFiles%\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe

like i said mate you could try feeding it a dummy file and see what happens.

rename the original
create an empty txt file. give it the name ai.exe and put it in the original folders.
then when ai.exe is called it sends back loaded file successfully but will load nothing but an empty file.

if its a tertiary plugin, then the applications that load it initially should still work.

if they don’t then just delete the new file and rename the old back.

I hear you, but I don’t run just ONE computer for this household - want to have an approach that is repeatable and unassisted as possible.

1 Like