NTLite version 2026.04.10936 has landed with a feature set that many Windows administrators have been demanding: the ability to strip Copilot, Recall, and other AI components directly from Windows 11 25H2 installation images. The release marks a significant escalation in the cat-and-mouse game between Microsoft\u2019s aggressive AI integration and the community\u2019s desire for lean, privacy-respecting operating systems.

For those unfamiliar, NTLite is a long-standing Windows customization tool that allows tinkerers and IT professionals to modify official Windows ISO files before deployment. It can remove bundled applications, integrate updates and drivers, tweak settings, and now\u2014courtesy of this update\u2014excise the AI features that have become central to Microsoft\u2019s strategy for Windows 11.

What\u2019s New in NTLite v2026.04.10936

The headline of this release is the addition of dedicated removal components for Copilot, Recall, and related Windows AI services inside Windows 11 25H2 images. Until now, users had to rely on post-installation scripts, Group Policy settings, or registry hacks to disable or hide these features. NTLite\u2019s approach is far more thorough: by removing the packages at the source, the resulting Windows installation is completely free of the targeted components, with no chance of them being re-enabled by a future update.

Specific components that can now be ticked for removal include:

  • Microsoft Copilot (taskbar and sidebar integration)
  • Recall (AI-powered activity timeline and snapshot feature)
  • Windows AI Platform framework packages
  • Cortana remnants (still lurking in some editions)
  • AI-backed shell extensions and contextual suggestions
  • Machine learning models for local inference (if applicable to the edition)

NTLite\u2019s interface has been updated to reflect these options under the \u201cComponents\u201d tab, grouped logically under an \u201cAI Features\u201d category. A new safety rating system warns users when removing certain packages might affect interdependent services, like Windows Search or voice typing, though the developers have engineered the removals to be as clean as possible.

Why Remove Copilot and Recall?

The push to remove these tools isn\u2019t just about saving a few megabytes of disk space. For enterprise IT departments, regulated industries, and privacy-conscious individuals, the mandatory presence of Copilot and Recall represents a significant risk.

Copilot analyzes on-screen content, local files, and user behavior to offer proactive assistance. While Microsoft pledges that data is processed in accordance with privacy policies, the lack of an official \u201coff switch\u201d for the underlying framework has frustrated admins. In environments handling sensitive data\u2014healthcare, finance, legal, government\u2014any AI that \u201csees\u201d screen content is a potential data exfiltration vector, even if unintentional.

Recall takes periodic snapshots of the user\u2019s activity, creating a searchable timeline of everything done on the PC. Security researchers quickly pointed out that a feature with such deep access could become a goldmine for attackers if not properly secured. Microsoft addressed some early concerns by requiring Windows Hello enrollment and encrypting the Recall database, but the fundamental unease remains: a record of all keystrokes and screen states is not something every user wants, regardless of safeguards.

Performance is another motivator. AI features consume CPU, GPU, and memory for local processing, and they maintain constant background telemetry connections. On older hardware, this overhead is noticeable. By stripping these components, NTLite users can reclaim resources and achieve a snappier, more traditional Windows experience.

Windows 11 25H2: The AI Update

Microsoft\u2019s 25H2 feature update for Windows 11, expected later this year, doubles down on the AI-first narrative. Builds already in the Dev and Beta channels show deeper OS-level integration for Copilot, a more pervasive Recall experience, and new \u201cWindows Intelligence\u201d services that tie into the Shell and common dialog boxes. For many, it\u2019s the most opinionated Windows release since the Metro era of Windows 8.

NTLite\u2019s timing is impeccable. By providing removal capabilities before 25H2 reaches general availability, it empowers administrators to evaluate the update without the AI baggage. Test deployments in virtual machines can mimic production environments exactly, with the confidence that the operating system won\u2019t sprout unwanted assistants after imaging.

How NTLite\u2019s Removal Process Works

Technically, NTLite v2026.04.10936 uses Microsoft\u2019s own deployment tools under the hood. When a component is marked for removal, the tool:

  1. Mounts the install.wim or install.esd image file.
  2. Identifies the package IDs for the selected AI components using the system\u2019s Component Store.
  3. Performs a staged removal that cleans up registry entries, file system objects, and scheduled tasks.
  4. Rebuilds the image\u2019s component hive to maintain servicing stack integrity.

The result is a modified ISO that can be installed normally via USB, PXE, or virtual media. Because the packages are gone post-installation, Windows Update will not offer future patches for those components, and the system will never attempt to repair them during a DISM scan. This is a cleaner outcome than simply disabling features with policies, which often leave binaries and background agents running.

Practical Usage for Enterprise Deployments

Large-scale IT departments can incorporate NTLite into their image-building pipeline alongside Microsoft Deployment Toolkit (MDT) or Configuration Manager. A typical workflow might look like this:

  • Start with an official Windows 11 25H2 Enterprise ISO from the Volume Licensing Service Center.
  • Load the ISO into NTLite, select the desired edition (e.g., Enterprise), and configure the AI Features removal list.
  • Inject the latest cumulative update, drivers, and line-of-business apps.
  • Apply unattended answer file settings for domain join, local administrator password, and default user profile customizations.
  • Export the final image and deploy to a test ring.

This approach ensures every new machine\u2014whether a fresh laptop or a reimaged workstation\u2014arrives AI-free out of the box, meeting compliance requirements without requiring manual intervention from help desk staff.

Community and Expert Reactions

Early feedback from the Windows customization community has been overwhelmingly positive. Forum threads on MyDigitalLife, Win-Raid, and the NTLite subreddit are filled with praise for the developer\u2019s willingness to tackle what some call \u201cunnecessary bloat.\u201d One system integrator noted, \u201cWe\u2019ve been holding off on 25H2 validation because of Recall. NTLite just gave us the green light to move forward.\u201d

Security-focused circles are also relieved. Penetration testers and privacy advocates have long been concerned about the attack surface created by persistent AI background services. Some have gone as far as to build custom ISOs by hand\u2014a painstaking process that NTLite now automates.

There is, however, a note of caution. Removing core AI components could inadvertently disable desired functionality. For example, the \u201cVoice Access\u201d accessibility feature relies on some of the same machine learning models used by Copilot. NTLite\u2019s developers have documented these dependencies in the release notes, urging users to carefully review their selections. The tool\u2019s compatibility warnings help mitigate the risk, but a shotgun approach of \u201cremove all AI\u201d might lead to unexpected breakage.

A Step Beyond Group Policy and Scripting

Microsoft has provided official IT controls for Copilot and Recall via the Group Policy administrative templates (ADMX) and modern MDM CSPs. These methods can hide the Copilot icon, disable Recall data collection, and prevent the services from launching. However, they are not infallible:

  • User-level policies can be overridden if the user has local admin rights.
  • Policies only control the behavior\u2014they do not remove the executables or stop them from being updated.
  • Feature updates sometimes reset or ignore older policy settings, requiring constant monitoring.

Post-install PowerShell scripts that run Remove-AppxPackage or DISM /Remove-Package are another common tactic, but these must be executed at the right time in the deployment sequence and often leave behind traces in the WinSxS store. NTLite\u2019s image-level removal avoids all these pitfalls by surgically excising the components before the OS ever boots.

The Privacy Cat-and-Mouse Continues

NTLite\u2019s update is the latest move in a long-running conflict between Microsoft\u2019s vision for Windows and the users who want to control their own PCs. Similar battles have played out over Internet Explorer integration in the 90s, Windows Media Player bundling in the early 2000s, and more recently, the forced inclusion of Cortana and OneDrive in Windows 10.

Each time, third-party tools like NTLite (and its predecessor, nLite) stepped in to offer a escape hatch. The cycle typically goes: Microsoft bundles a new feature; power users object; tools emerge to remove it; Microsoft eventually provides an official off switch, often years later. With AI, the stakes are higher because of the privacy and security implications, and the fact that AI features are becoming more deeply embedded, sharing components with the core OS.

Microsoft\u2019s own documentation warns against removing \u201csystem\u201d packages, and it\u2019s possible that future cumulative updates could fail if they expect certain AI components to be present. NTLite\u2019s rebuild process mitigates this by cleaning up the component store, but enterprise admins will need to stay vigilant and test each Patch Tuesday release.

What\u2019s Next for NTLite and Windows Customization

The NTLite development team has hinted at further enhancements in future releases, including:

  • One-click \u201cPrivacy Profile\u201d presets that group common removals for quick selection.
  • Deeper analysis of dependency graphs to better predict and warn of potential issues from package removal.
  • Support for the next Windows Server release, where AI components are also making an appearance.

On the Microsoft side, the 25H2 update is only the beginning. \u201cWindows Copilot Runtime\u201d and related APIs are evolving quickly, with plans for third-party applications to tap into the same AI models. This could make the removal process even more complex, as applications might begin to rely on the very APIs that NTLite strips. The interplay between OS-level AI services and application compatibility will be a theme to watch.

For now, NTLite v2026.04.10936 delivers what a vocal segment of the Windows user base has been clamoring for: real control over the AI features that ship with Windows. Whether you\u2019re an IT pro tasked with rolling out 25H2 across a cautious enterprise, or a privacy-conscious home user who wants a no-nonsense OS, this release provides a powerful option. As always, the tool is available in both free and licensed versions on the official NTLite website, with the new components fully unlocked in the paid edition.

The message is clear: if Microsoft isn\u2019t going to provide a simple toggle to disable Copilot and Recall at the system level, the community will find\u2014or build\u2014a way. NTLite\u2019s latest update is that way.