194
141
Some of the update patches pushed to Windows 7, 8, and 8.1 during this year seem to be solely for the purpose of gather data from a user's system.
Is there a way to disable the telemetry through some setting(s)?
Or is it necessary to dig up which update patches are involved in the data gathering, and remove those?
x457812
Posted 2015-09-13T17:51:42.050
Reputation: 2 219
164
Some telemetry can be disabled through settings.
This can be done manually.
There are also 3rd-party utilities such as Windows 10 Privacy Fixer and O&O ShutUp10 which fix these settings in Windows 10.
Is it necessary to dig up which update patches are involved in the data gathering, and remove those?
Disable the Windows Customer Experience Improvement Program (CEIP)
Note:
Disabling CEIP and the related Task Scheduler tasks that control this program can improve Windows system performance.
Start "Control Panel" > "Action Center" > "Change Action Center settings".
Click "Customer Experience Improvement Program settings".
Select "No, I don't want to participate in the program" then click "Save changes".
Start > "Control Panel" > "Administrative Tools" > "Task Scheduler".
In the Task Scheduler (Local) pane of the Task Scheduler dialog box, expand "Task Scheduler Library" > "Microsoft" > "Windows" and open the "Application Experience" folder.
Disable the "AITAgent" and "ProgramDataUpdater" tasks.
In "Task Scheduler Library" > "Microsoft" > "Windows", open the "Customer Experience Improvement Program" folder.
Disable the "Consolidator", "KernelCeipTask", and "UsbCeip" tasks.
Source Privacy Windows 10, Windows 7, Linux MINT - How do they compare?
As Anixx has pointed out, there are some telemetry services that cannot be disabled through settings:
- Telemetry-4xd,
- refreshgwxconfig-B,
- WSRefreshBannedAppsListTask,
- Time-5d,
- refreshgwxconfigandcontent,
- Logon-5d,
- MachineUnlock-5d,
- OutOfIdle-5d,
- OutOfSleep-5d,
- Secure-Boot-Update, and
- Tpm-Maintenance.
Also on any program crash the system reports the crash data to a server (although it is not connected with any sheduled task)
Stop Windows Telemetry/Tracking/Upgrading to Windows 10
Below are instructions for disabling the unwanted telemetry/tracking in Windows 7 and 8.1 and removing all updates associated with upgrading to Windows 10.
Here is the list of Windows updates to remove.
- Before uninstalling them and rebooting make sure that you have Windows Update set to not automatically install updates:
KB3065988 Windows Update Client for Windows 8.1 and Windows Server 2012 R2: July 2015 more info
KB3083325 Windows Update Client for Windows 8.1 and Windows Server 2012 R2: September 2015 more info
KB3083324 Windows Update Client for Windows 7 and Windows Server 2008 R2: September 2015 more info
KB2976978 Compatibility update for Windows 8.1 and Windows 8 more info
KB3075853 Windows Update Client for Windows 8.1 and Windows Server 2012 R2: August 2015 more info
KB3065987 Windows Update Client for Windows 7 and Windows Server 2008 R2: July 2015 more info
KB3050265 Windows Update Client for Windows 7: June 2015 more info
KB3050267 Windows Update Client for Windows 8.1: June 2015 more info
KB3075851 Windows Update Client for Windows 7 and Windows Server 2008 R2: August 2015 more info
KB2902907 MS Security Essentials/Windows Defender related update [no description/information available]
KB3068708 Update for customer experience and diagnostic telemetry more info
KB3022345 Update for customer experience and diagnostic telemetry more info
KB2952664 Compatibility update for upgrading Windows 7 more info
KB2990214 Update that enables you to upgrade from Windows 7 to a later version of Windows more info
KB3035583 Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1 more info
KB971033 Description of the update for Windows Activation Technologies more info
KB3021917 Update to Windows 7 SP1 for performance improvements more info
KB3044374 Update that enables you to upgrade from Windows 8.1 to a later version of Windows more info
KB3046480 Update helps to determine whether to migrate the .NET Framework 1.1 when you upgrade Windows 8.1 or Windows 7 more info
KB3075249 Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7 more info
KB3080149 Update for customer experience and diagnostic telemetry more info
KB3083324 Windows Update Client for Windows 7 and Windows Server 2008 R2: September 2015 more info
KB3083325 Windows Update Client for Windows 8.1 and Windows Server 2012 R2: September 2015 more info
KB3083710 Windows Update Client for Windows 7 and Windows Server 2008 R2: October 2015 more info
KB3083711 Windows Update Client for Windows 8.1 and Windows Server 2012 R2: October 2015 more info
KB3112336 Windows Update Client for Windows 8.1 and Windows Server 2012 R2: December 2015 more info
KB3123862 Updated capabilities to upgrade Windows 8.1 and Windows 7
They can be uninstalled manually via elevated command prompt with the following commands:
wusa /uninstall /kb:3065988 /quiet /norestart
wusa /uninstall /kb:3083325 /quiet /norestart
wusa /uninstall /kb:3083324 /quiet /norestart
wusa /uninstall /kb:2976978 /quiet /norestart
wusa /uninstall /kb:3075853 /quiet /norestart
wusa /uninstall /kb:3065987 /quiet /norestart
wusa /uninstall /kb:3050265 /quiet /norestart
wusa /uninstall /kb:3050267 /quiet /norestart
wusa /uninstall /kb:3075851 /quiet /norestart
wusa /uninstall /kb:2902907 /quiet /norestart
wusa /uninstall /kb:3068708 /quiet /norestart
wusa /uninstall /kb:3022345 /quiet /norestart
wusa /uninstall /kb:2952664 /quiet /norestart
wusa /uninstall /kb:2990214 /quiet /norestart
wusa /uninstall /kb:3035583 /quiet /norestart
wusa /uninstall /kb:971033 /quiet /norestart
wusa /uninstall /kb:3021917 /quiet /norestart
wusa /uninstall /kb:3044374 /quiet /norestart
wusa /uninstall /kb:3046480 /quiet /norestart
wusa /uninstall /kb:3075249 /quiet /norestart
wusa /uninstall /kb:3080149 /quiet /norestart
wusa /uninstall /kb:2977759 /quiet /norestart
wusa /uninstall /kb:3083710 /quiet /norestart
wusa /uninstall /kb:3083711 /quiet /norestart
wusa /uninstall /kb:3112336 /quiet /norestart
wusa /uninstall /kb:3123862 /quiet /norestart
Don’t forget to reboot afterwards. You can proceed to finish the next steps before rebooting.
The following services should be removed:
- In an elevated command prompt run the following:
sc stop DiagTrack
sc stop dmwappushservice
sc delete DiagTrack
sc delete dmwappushservice
echo "" > C:\ProgramData\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl
Open the Task Scheduler (Win key then type "sched"). Under Task Scheduler Library -> Microsoft -> Windows delete the following items:
- Everything under "Application Experience
- Everything under "Autochk"
- Everything under "Customer Experience Improvement Program"
- Under "Disk Diagnostic" delete only the "Microsoft-Windows-DiskDiagnosticDataCollector"
Under "Maintenance" "WinSAT" "Media Center" and click the "status" column, then select all non-disabled entries and disable them.
Now you can reboot. When you open Windows Update again it will ask to install whichever updates above were removed. Right-click on each one and select "hide".
Finally, log in to your broadband router and look for an option like "content filtering" or "block sites".
- Add the following hosts to be blocked. On a Netgear router each host is a keyword that must be added.
Note, as Matthew Steeples has pointed out, a-0001.a-msedge.net is a CDN endpoint and has uses in non-telemetry scenarios.
134.170.30.202
137.116.81.24
204.79.197.200
23.218.212.69
65.39.117.230
65.55.108.23
a-0001.a-msedge.net
choice.microsoft.com
choice.microsoft.com.nsatc.net
compatexchange.cloudapp.net
corp.sts.microsoft.com
corpext.msitadfs.glbdns2.microsoft.com
cs1.wpc.v0cdn.net
df.telemetry.microsoft.com
diagnostics.support.microsoft.com
fe2.update.microsoft.com.akadns.net
feedback.microsoft-hohm.com
feedback.search.microsoft.com
feedback.windows.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
redir.metaservices.microsoft.com
reports.wes.df.telemetry.microsoft.com
services.wes.df.telemetry.microsoft.com
settings-sandbox.data.microsoft.com
sls.update.microsoft.com.akadns.net
sqm.df.telemetry.microsoft.com
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net
statsfe1.ws.microsoft.com
statsfe2.update.microsoft.com.akadns.net
statsfe2.ws.microsoft.com
survey.watson.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.appex.bing.net:443
telemetry.microsoft.com
telemetry.urs.microsoft.com
vortex.data.microsoft.com
vortex-sandbox.data.microsoft.com
vortex-win.data.microsoft.com
watson.live.com
watson.microsoft.com
watson.ppe.telemetry.microsoft.com
watson.telemetry.microsoft.com
watson.telemetry.microsoft.com.nsatc.net
wes.df.telemetry.microsoft.com
Source Stop Windows Telemetry/Tracking/Upgrading to Win10
Windows 10 Privacy Fixer
Windows 10 Privacy Fixer provides a privacy check with options to fix a number of settings, including those related to Telemetry.
Source Windows 10 Privacy Fixer.
O&O ShutUp10
O&O ShutUp10 is a tiny portable tool which makes it easy to tweak Windows 10's many privacy settings.
Launching the program displays almost 50 options, organised into various categories: Security (telemetry, wifi sense, DRM), Privacy (Cortana, input personalisation, app permissions), Windows Update (disable peer-to-peer updates, disable automatic updates) and more. These aren't always clearly described, but clicking any item displays more details on what it does.
There are options to disable only the worst offenders (turn off telemetry, peer-to-peer updates, keep Windows Update and SmartScreen), turn off everything, or tweak individual settings.
ShutUp10 offers to create a system restore point before it makes any changes, useful if your tweaking breaks something important and you need an "undo".
There's also a separate option to restore Windows 10's default privacy settings, which might also be handy if they're generally messed up and you'd like to start again.
Source O&O ShutUp10.
Image source Windows 10 Is Watching: Should You Be Worried?
I am not affiliated with 10 Privacy Fixer or O&O ShutUp10.
DavidPostill
Posted 2015-09-13T17:51:42.050
Reputation: 118 938
1I cannot find Customer Experience Improvement Program settings on Windows 8.1 – Matias Cicero – 2015-09-13T23:46:08.607
6Downvote. Disabling this program does not disable all the telemetry. For instance, the task Telemetry-4xd will be still running at 20:00 every day, at least on Windows 8.1. Disabling or deleting this task is impossible, Windows says the user (even administrator) has insufficient privilegies. – Anixx – 2015-09-14T07:49:25.337
2@Anixx Would it be possible to find the executable responsible, and delete it from a Linux rescue disk (circumventing any privileges problem on the Windows side)? – dodgethesteamroller – 2015-09-14T08:09:12.410
2@dodgethesteamroller the executable for Telemetry-4xd is GWX.exe (Windows 10 downloader). Yes. One can delete or rename this file which I did, but a new update may restore it. – Anixx – 2015-09-14T08:15:35.120
2I have the following tasks related to telemetry which cannot be disabled: Telemetry-4xd, refreshgwxconfig-B, WSRefreshBannedAppsListTask, Time-5d, refreshgwxconfigandcontent, Logon-5d, MachineUnlock-5d, OutOfIdle-5d, OutOfSleep-5d, Secure-Boot-Update, Tpm-Maintenance. Also on any program crash the system reports the crash data to a server (although it is not connected with any sheduled task) – Anixx – 2015-09-14T08:26:53.197
The question was how to do this via settings, rather than uninsyallin updates... – Anixx – 2015-09-14T08:54:28.950
1Have you checked the services if there is a service running called "Diagnostics Tracking Service"? Have you tried disabling this one? – A1985 – 2015-09-14T09:13:59.520
2@Anixx - If an answer was only limited by what can be done through a setting, a complete answer, would not exist. Not everything can be disabled by a setting. – Ramhound – 2015-09-14T16:02:23.047
3Probably don't want to include a-0001.a-msedge.net in your list of hosts to block. That's a CDN endpoint and has uses in non-telemetry scenarios – Matthew Steeples – 2015-09-14T16:03:55.293
@MatthewSteeples Thanks. I've added a note to that effect. – DavidPostill – 2015-09-14T17:07:43.787
Will removing all of those windows update related patches prevent normal patching from occurring? I know in the past when updating a fresh install, I'd get to a point where installing a windows update service patch would unlock a large number of new patches when installed. I can't recall if that happened in Win7 or only in Vista/XP. (I know I wasn't paying enough attention during any of my 8/8.1 installs to notice this sort of pattern.) – Dan is Fiddling by Firelight – 2015-09-14T20:50:22.150
@DanNeely These patches are either related to telemetry or for downloading Windows 10. I've no idea whether they are prerequisites for the installation of other kinds of (normal) patches. – DavidPostill – 2015-09-14T20:53:51.823
Do you have a citation for all of those patches being problematic other than a blog with a late 90's style that's largely full of seemingly random non-tech content. Elsewhere I've only seen 4 patches implicated in spreading W10's telemetry downward; and alaya.net does not appear to be particularly credible. – Dan is Fiddling by Firelight – 2015-09-14T21:00:56.313
@DanNeely Removing telemetry from windows 7 and 8.x, Microsoft intensifies data collection on Windows 7 and 8 systems, Microsoft Releases Updates To Spy On Windows 7, 8 and 8.1 Users and many more if you search for "windows remove telemetry patches"
– DavidPostill – 2015-09-14T21:08:44.153@Andre I have already deleted diagtrack long ago. Stll Windows connects to its servers on each crash. – Anixx – 2015-09-15T08:11:04.197
1Could you please update the wusa /uninstall command list to also hide the updates ? Thanks – André Borie – 2015-09-15T08:57:38.000
1
@AndréBorie wusa is not able to hide updates. See Hide Windows 7 Updates that you do not Ever Want to Install for manual instructions. See How to hide updates in Windows Updates without GUI for a VB script that could be used with some modifications.
Just pointing out that at http://goo.gl/yzKTlL they report: 'The KB 2990214 patch for Windows 7 (and KB 3044374 for Windows 8.1) is billed as an "update that enables you to upgrade to a later version of Windows." It was very poorly documented when it was released, but we have since been assured by Windows product manager Joseph Conway that it contains "improvements in the overall Windows Update client, which is why it was released as Important." His explanation left several "important" questions in its wake which have not been answered as yet'. Should we really uninstall that one too?
– jj_ – 2016-01-28T21:59:13.707Also, are there actually any performance implications with uninstalling KB3021917 (Update to Windows 7 SP1 for performance improvements)? ... Self answer: looking at: https://support.microsoft.com/en-us/kb/3021917 I guess not... "*This update performs diagnostics in Windows 7 Service Pack 1 (SP1) in order to determine whether performance issues may be encountered when the latest Windows operating system is installed.*"
– jj_ – 2016-01-28T22:10:18.2101@jj_ That's a good thing to point out. I have no personal opinion on any of this. I have merely provided sources of information and I leave it up to individual readers to choose with updates they are happy (or not) to install/uninstall. – DavidPostill – 2016-01-28T22:10:40.070
Also one quick important advice: don't install Windows Optional Updates! Read here: http://www.infoworld.com/article/2981947/microsoft-windows/the-truth-about-windows-7-and-81-spy-patches-kb-3068708-3022345-3075249-and-3080149.html (moreover it also discusses how to quickly disable Office CEIP).
– jj_ – 2016-01-28T22:30:18.667Hi David. Thx for such an exhaustive list. I was wondering about step 4: Can I block those IP addresses by putting them in hosts (mapping them to 127.0.0.1)? PS: I am applying all your steps on Windows 8.1, after seeing in the morning that my SSD disk was used 95% by some Windows compatibility process (I assume part of telemetry). It interferes with the sound track I play using a Bluetooth box in my sleeping room :|? – TT. – 2016-11-04T06:39:01.227
1Wow, it really is that simple. – mbx – 2017-01-26T18:04:02.247
1A lot of these updates have nothing to do with telemetry. For example KB971033 is the Windows Activation Technologies update and has nothing to do with telemetry. Most of the telemetry update lists are polluted with updates that supposedly have other issues but DON'T install or enhance the telemetry system at all. Some of these updates are also required for other software or updates to function. Beware. – Jody Lee Bruchon – 2018-05-30T12:50:30.723
9
Rob Seder looked into Windows telemetry in his blog post, and below instructions (slightly reformatted here) were added by someone named "Olli" as a comment to the blog post:
You can disable telemetry as follows:
Open Command Prompt as administrator (by clicking right mouse button on Start button, or by pressing Win+X shortcut) and enter the following 4 commands (hit enter between each command):
sc delete DiagTrack
sc delete dmwappushservice
echo "" > C:\ProgramData\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl
reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection" /v AllowTelemetry /t REG_DWORD /d 0 /f
Disclaimers:
user100487
Posted 2015-09-13T17:51:42.050
Reputation: 524
1This can't work for all versions, surely? – Hashim – 2017-02-25T01:01:33.887
1seems reasonable :O – Francisco Tapia – 2015-09-14T17:11:04.833
7@user20574 No, the new Windows updates will override that, too. – Reinstate Monica -- notmaynard – 2015-09-14T19:24:39.473
Would connecting to the internet via a VPN tunnel to a Linux machine where you use the browser from suffice? :) – Juha Untinen – 2015-09-15T11:15:02.673
11If you find a real solution, the next update will nullify it... I have been a Windows user for 2 decades, but this privacy thing is disgusting, so I ended up testing Linux distros. I am not sure I'll find an acceptable, but any of them is still better than a spyware. (The current results are : ubuntu > mint despite the fact that everybody recommends mint. I'll check fedora 23 alpha, maybe a wayland distro is better than these one. I can turn off mouseaccel after 6 years. I tried every accelfix, nothing worked by win7.) – inf3rno – 2015-09-16T04:13:46.017
2I went through DavidPostill's methods for win 8.1 earlier and I had a happy machine for a while. With shades of @inf3rno's comment Microsoft has struck back with a vengeance. Offending updates can no longer be removed after a restart. I suspect some registry tampering will be required now. – r3mnant – 2016-01-28T21:33:25.173
I did a fresh install of Windows 7 SP1 and did not enable updates beyond the Sha256 signature support one. At this point MS is more of a threat than the Russian or Chinese hackers that will exploits an unpatched system. If you're run a software like Private-firewall and activate the process detection system, it should go towards compensating for the slack in security from not updating. – thebunnyrules – 2017-12-18T15:47:13.927