• 2000007: Turning off the worst Windows 7 and 8.1 snooping

    Home » Forums » Knowledge Base » 2000007: Turning off the worst Windows 7 and 8.1 snooping


    AKB 2000007: Turning off the worst Windows 7 and 8.1 snooping

    By @woody

    Published 21 May 2017 rev 1.0

    This is likely the most controversial topic for Windows 7 (and 8.1) customers, everywhere. I expect the comments will go on forever.

    We know that Microsoft is snooping. We know that the snooping is getting worse. But we don’t know what’s being snooped. We don’t know how the “telemetry” is used to change things. And we don’t have any way to review the collected data, contest it, or delete it.

    In other words, we’re flying blind. In the absence of hard facts from Microsoft, all we really have is an uneasy sense that many of the more recent Win7 and 8.1 updates are sending more data back to the mothership than some folks would like.

    That said, here’s what I would suggest for a moderately concerned Windows 7 or 8.1 user.

    Step 1. Turn off the Customer Experience Improvement Program.

    Click Start > Control Panel > Action Center. On the left, click the link to Change Action Center settings. Under Related settings, click Customer Experience Improvement Program settings. Choose No, I don’t want to participate in the program. Click Save changes.

    Step 2. Uninstall KB 2952664 (Win7) or KB2976978 (Win8.1) if you can.

    Click Start > Control Panel > Programs > Programs and Features > Installed Updates, then Uninstall an update. Sort the list by Name or “Installed on” date. Look for “Update for Windows 7 (KB2952664).” Right-click on it and choose Uninstall.

    Unfortunately, KB 2976978 can’t always be uninstalled.

    Step 3. If you are not going to upgrade this computer directly to Windows 10, uninstall KB 3150513 if you can.

    Instructions are similar.

    There’s a lengthy discussion by @PKCano in AKB 2952664 including several suggestions from @MrBrian for disabling specific services and a synopsis by @abbodi86. AKB 2952664 also lists several additional KB patches you may want to delete.

    Perhaps not surprisingly, this is exactly the approach recommended by @MrBrian.

    To haul out the bigger guns, if you’re handy with batch files, there’s a script maintained by @abbodi86 that’ll stop the Unified Telemetry Client service and the Compatibility Telemetry Appraiser services and remove their registry entries. (If you have to ask, “What’s a script?” don’t bother with this approach — it’s too advanced for you.)

    Many of you are looking for blocklists — a specific list of KB numbers to uninstall, and/or a list of services to disable and/or a list of ports to block. You’re welcome to post your favorite list here, in the replies. But for those of you who don’t want to wade into the deep part of the gene pool, realize that we fundamentally don’t know what Microsoft’s doing.

    10 users thanked author for this post.
    Viewing 11 reply threads
    • #117333

      In my opinion, of the three steps listed, only step 1 is mandatory. If you’ve done step 1, then even if you don’t do step 2, according to my Windows 7 tests, very little telemetry from KB 2952664 (Win7) gets transmitted to Microsoft. If you’ve done step 1, then the main reason to do step 2 is to stop the gathering of telemetry, which happens even if step 1 is done, and can consume nontrivial cpu and disk resources.

      6 users thanked author for this post.
    • #117334
      3 users thanked author for this post.
    • #117336

      From Windows 7, Windows 8 and Windows 10 Telemetry Updates (Diagnostic Tracking):

      “There are a few more settings that you can turn off that may send telemetry information:

      To turn off Windows Update telemetry, you have two choices. Either turn off Windows Update, or set your devices to be managed by an on premises update server, such as Windows Server Update Services (WSUS) or System Center Configuration Manager (SCCM).

      Turn off Windows Defender Cloud-based Protection and Automatic sample submission in Settings > Update & security > Windows Defender.

      Manage the Malicious Software Removal Tool in your organization. For more info, see Microsoft KB article 891716.”

      I’ll add one more: Windows Error Reporting.

      2 users thanked author for this post.
    • #117338

      For those interested in privacy issues involving network connections to Microsoft, both telemetry and non-telemetry, you may wish to browse Links: Microsoft privacy statements and Windows network connections to Microsoft.

      2 users thanked author for this post.
    • #117361

      As a somewhat easier way to find random “KB” numbers in the list of installed updates, at least in Windows 7, the “Search Installed Updates” box at the right-hand end of the Address Bar can be used to search for a specific KB number.

      After going to Control Panel, Programs and Features, and clicking on “View Installed Updates” in the left side bar (and waiting for awhile for the list of updates to come up…), then the Search Installed Updates function can be used.

      EG: to find if KB2952664 is currently installed on a system, just start typing KB2952664 in the Search Installed Updates field.  As you type K, B, 2, 9, 5, 2… the list of installed updates will be narrowed down to any matching as much of the KB number as you have entered.

      Once you have found the update you are looking for (or not if nothing is found), it can be clicked on to see if it can be uninstalled.

      Repeat for KB3150513 (or any other KB you are looking for).

      This is much easier that scrolling down a HUGE list of updates on a system (eg: my current old laptop has 536 updates installed!), and doesn’t require any sorting or grouping of the update list.

      I can’t remember where I found out about this, but I know it is sure lots easier than trying to find an update by scrolling up and down, and trying to pick the KB number out of a mass of text on the screen.

      3 users thanked author for this post.
      • #117553

        If you click on the title of the column (Update name, date, etc) it will sort on that column. It is a toggle – first click ascending, next click descending, etc. That puts the updates in each section (updates, Security update. .NET…) in alphanumeric order, and looking for an update by its KB number is easy.
        (Works like a spreadsheet)

        1 user thanked author for this post.
    • #117382

      Turn off Windows Defender Cloud-based Protection and Automatic sample submission in Settings > Update & security > Windows Defender.

      Don’t see any such thing on Win7 ? Could this apply only to later OS ?

      1 user thanked author for this post.
      • #117501

        Pertinent settings in Windows Defender on Win 7:



        There might be some terminology confusion on Windows 7 between “Microsoft Security Essentials” and “Windows Defender”, since the former grew into the latter on later OS versions. If you have MSE, note the MAPS setting:



        4 users thanked author for this post.
    • #117677

      Don’t see any such thing on Win7

      When I searched for Windows Defender, this is what I got:





      Win 7 SP1 Home Premium 64-bit; Office 2010; Group B (SaS); Former 'Tech Weenie'
    • #117939


      I’m a newbie from the Comments on AKB 2000003 “Group B” ongoing list of w 7 & w 8.1 updates.  Thank you for the telemetry preventive course of action.  Will pass on to other newbies who need the help.

    • #153814

      Woody, you may want to let folks know about this fantastic tool:


      Between this and the scripts and settings mentioned above, you can get pretty good protection against snooping.

      1 user thanked author for this post.
      • #153824

        With third-party, particularly ones that make changes to the Registry and the Hosts file, it is highly recommended that you understand what it does before using it.

        1 user thanked author for this post.
      • #153875

        I came across a youtube video by Barnacules Nerdgasm on S&D Anti-Beaon by accident recently. There are details and links here, and is well worth the time to view.
        PS It’s a couple of years old, but gives a good idea to the novice.

    • #188268

      The next time you rebuild a Win7 machine, follow this process to avoid the vast majority of the known/suspected snooping updates:

      Change the Windows Update setting to NEVER and never change that, ever
      After Win7 install, BEFORE you start Windows Update, Install KB3020369 and KB3138612.
      Start Windows Update. A list of +-200 will be offered
      Go down the list of proposed updates till you get to the first one that is NOT labeled Security
      select the first one, look to the right for the release date
      If that date is at or before December 31, 2014, accept it. In other words leave it checked.
      If that date is AFTER December 31, 2014, Right-click on it and choose Hide.
      Do not check any unchecked update
      Do not use ANY optional updates, especially drivers
      Do this on each successive Windows Update pass.

      This methodology is based on the fact that ALL Windows 7 development ended on December 31, 2014. Virtually all the updates that were not Security are in fact unnecessary and contain the vast majority of the privacy/snooping/Win10 updates.

      I have used this procedure many times over the last several years and results have been excellent. No problems whatsoever.

      I must add this information however. I do not install any “roll-ups” except .net. I install the security only updates that can be gotten from the catalog for October 2016 through May 2017, and have not applied any, not a single update since. My 150 or so clients have never experienced a problem since I began this policy. In fact they run flawlessly and turned into stable reliable systems.


      12 users thanked author for this post.
      • #205416

        You are dead on about drivers. I always get new hardware driver versions straight from the OEMs and never from Microsoft. There have been several occasions where Microsoft’s versions of the OEM’s newer hardware drivers messed up things on my computers.

        Drivers which you should never accept from Microsoft, and which you should always get from the OEMs:




        ME (Intel Management Engine)



        It is what it is, from years of past experience.


    • #218629

      Using Canadian Techs’ recommendations of avoiding any non-security updates from January 2015 forward, I browsed my installed updates list and come across several. KB2990214 and KB3075851 have multiple posts here saying to avoid them. Should I uninstall them now or better at this point to just leave things alone? I don’t want W10 force installing but haven’t had any issues of that so far.

      Others listed as installed.

      KB4345459 : But this was from https://www.askwoody.com/forums/topic/2000003-ongoing-list-of-group-b-monthly-updates-for-win7-and-8-1/ so it must be okay.

      • #218636

        The patches listed at the top of AKB2000003 as having telemetry are probably the worst offenders. Uninstall them. Turn off CEIP, Windows error reporting, and Smart Screen Filter. There is no way yo are going to avoid the telemetry, but those things should minimize it.

        1 user thanked author for this post.
      • #218665

        If and when I find any of the following updates on a system, I uninstall them routinely:
        KB3022345 SFC
        KB3068708 SFC & telemetry enabler
        KB3075249 telemetry enabler
        KB3080149 telemetry enabler


        7 users thanked author for this post.
        • #218844

          @CT:  If I ever had a reference on uninstalling an update from the computer, I have long since misplaced it.  Could you possibly provide some simple instructions for this action?  Your assistance  is sincerely appreciated, as always.  Your advice is always “right on” and very much appreciated.    🙂

          • #218845


            Windows Update, Installed updates, WAIT a long time till you see the green bar complete its long trip to the right

            Now, one at a time, search for each of the listed updates, uninstall them. You must remove the earlier search item, then wait until the list is re-created each time. You need to wait till you see the number at the bottom of the search window exceed a few hundred.

            You do not need to restart after each uninstall, click later, until you are done.

            Then, clear the search box and after the list is again displayed (the number at the bottom again exceeds several hundred), enter another KB number.

            Restart the PC. It may take a long time to process this.


        • #218858

          KB3184143 is okay to install on Win7 & Win8.1 – this update removes the GWX stuff; no concrete evidence of any “snooping” stuff in the update files

    • #2071612


      (Is this the correct way to thank the author??)

      • #2071784

        Many times the posts with just “thanks” on them get removed – there could be a great many of them otherwise.
        The best way to thank, is to Register (it’s free, or you can donate). Then, there is a “Thanks” button that will get your message across along with your ID.
        (And you won’t have to wait for your post to be moderated)

    Viewing 11 reply threads
    Reply To: 2000007: Turning off the worst Windows 7 and 8.1 snooping

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: