![]() |
MS-DEFCON 3:
Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems.
|
-
2000012: Neutralize Telemetry & Sustain Win 7, 8.1 Monthly Rollup Model
Home › Forums › Knowledge Base › 2000012: Neutralize Telemetry & Sustain Win 7, 8.1 Monthly Rollup Model
Tagged: KB 2952664, KB 2976978, Monthly rollup, telemetry, Windows Telemetry
- This topic has 92 replies, 29 voices, and was last updated 10 months ago.
Viewing 41 reply threads-
AuthorPosts
-
-
September 24, 2018 at 9:07 am #219238
abbodi86
AskWoody_MVPAKB 2000012: How To Neutralize Telemetry and Sustain Windows 7 and 8.1 Monthly Rollup Model
by @abbodi86
Published September 24, 2018 | rev 1.0
# Background #Microsoft had backported two main parts of Windows 10 Telemetry system to Windows 7 and 8.1
1) Unified Telemetry Client
– introduced in updates KB3068708/KB3080149, and became part of the Monthly Rollup since October 2016 preview rollup
– represented by the Diagnostics Tracking Service (DiagTrack) and the event trace session (AutoLogger-Diagtrack-Listener)
– handle the diagnosis tracking and logging, and the online telemetry reporting endpoints
2) Microsoft Compatibility Appraiser
– introduced in KB2952664/KB2976978, and now become part of the Monthly Rollup staring September 2018 preview rollup
– represented by the “Application Experience” schedule tasks (Microsoft Compatibility Appraiser, ProgramDataUpdater, AitAgent)
– the actual telemetry controller and runner, handles the compatibility evaluation and collecting, and device inventory
# Neutralization #Despite the infamous reputation and some exaggeration, these Telemetry components in Windows 7/8.1 updates are not deeply implemented into OS and can be easily disabled or eliminated
this can be done officially with few manual steps, or a simple batch script (with exra little-aggressive setings)1) W10Tel.cmd
– copy or download the contents from this paste bin, and save as .cmd file
https://pastebin.com/zeJFe08G– execute it after installing the Monthly Rollup and rebooting
you only need to run it once, and to be safe, once after each new rollup installation– you can also use Task Scheduler to run the script with each system startup, e.g.
copy the script to C:\Windows directory
open command prompt as administrator, and execute:
SCHTASKS /Create /F /RU "SYSTEM" /RL HIGHEST /SC ONSTART /TN W10Telemetry /TR "cmd /c %windir%\W10Tel.cmd"
2) Manual:
the demonstration is done on Windows 7, same steps applies for Windows 8.1 too
– DiagTrack service
open Services from Task Manager
or from Control Panel > Administrative Tools > Servicesfind Diagnostics Tracking Service, right-click and select Properties
change Startup type to Disabled, then click on Stop button– WMI AutoLogger-Diagtrack-Listener
right-click on Computer icon and select Manage (This PC in Windows 8.1)
or from Control Panel > Administrative Tools > Computer Managementexpand to the node Performance > Data Collector Sets
from Event Trace Sessions, right-click on AutoLogger-Diagtrack-Listener or Diagtrack-Listener and Stop it (you may also delete it afterwards)
from Startup Event Trace Sessions, right-click on AutoLogger-Diagtrack-Listener and select Properties, then clear Enabled check from Trace Session tab (you may also delete it afterwards)
you can also disable AITEventLog and SQMLogger too (those are already exist in the system, not added by updates)
– Compatibility Appraiser tasks
launch Task Scheduler from Start Menu
or from Control Panel > Administrative Tools > Task Schedulergoto Task Scheduler Library > Microsoft > Windows > Application Experience
disable all tasks (you may also delete them too)do the same with tasks in Customer Experience Improvement Program
# Closure #Deleting schedule tasks or WMI logger is totally safe, and just to avoid being re-enabled unexpectedly
they don’t affect the OS functions in any wayExcept the show stopper bugs and errors, Monthly Rollup does not need to be avoided for the sake of telemetry hustle
Total of 54 users thanked author for this post. Here are last 20 listed.
-
September 24, 2018 at 1:12 pm #219315
anonymous
GuestThank you @abbodi86 , for collecting these ideas together at the top of a new topic. I think this option fits my needs better than group hopping. My needs may be different than others. It is good to have alternative methods described so well.
-
September 24, 2018 at 1:20 pm #219320
-
September 24, 2018 at 1:49 pm #219332
Microfix
AskWoody MVP@abbodi86, Nice post! NEEDS TO BE AN AKB 😉
I have a couple of questions..
1. Regarding switches: /d 1 /f do these switches signify:
/d=decimal 1=numerical value (1=on 0=off) /f= force (Thanks PKCano)2. Having run the cmd
sc stop Diagtrack then sc delete Diagtrack
wouldn’t most of the pastebin script be redundant in that case? then I could manually adapt to suit the systems.-
September 24, 2018 at 10:50 pm #219491
abbodi86
AskWoody_MVP-
September 25, 2018 at 6:21 am #219522
Microfix
AskWoody MVPHad these done anyway for W7/ W8.1, just better to check against the script for anything I may have missed. IIRC I done most of these via Task Scheduler, cmd prompt and registry edits (exported before deletion where applicable) over a year ago. Just a different method of what I’d already done 🙂 All good!
Script is now on standby for October 2018 patches onward for re-introduction in SQMR updates. sigh.
-
-
-
September 24, 2018 at 3:06 pm #219353
fernlady
AskWoody LoungerEgads this is too advanced for the likes of me. I’ll just have to consider going back to Group B or just accept the tracking. Rats!
Don’t feel bad, its waay over my head also!
Windows 7 Home Premium x64 AMD Group A Realtek PCLe GBE Family Controller
-
September 24, 2018 at 5:12 pm #219401
-
-
September 24, 2018 at 11:06 pm #219503
Noel Carboni
AskWoody_MVP-
September 25, 2018 at 6:31 am #219523
Microfix
AskWoody MVPThere is exactly that scenario Noel (I’m covering all bases), from my POV the Diagtrack service was removed to make it more difficult for MS to re-introduce (unless a SFC repair is done). One has to wonder whether the Diagtrack service will be introduced into SQMR patches as well as kb3068708/ kb3080149?
-
September 25, 2018 at 8:30 am #219547
Noel Carboni
AskWoody_MVPFor what it’s worth, this script doesn’t break serviceability as checked by SFC, so I wouldn’t think an SFC /SCANNOW would change anything back. DISM on the other hand, I don’t know.
-Noel
Attachments:
You must be logged in to access attached files.
-
September 25, 2018 at 9:21 am #219561
abbodi86
AskWoody_MVP-
September 25, 2018 at 9:43 am #219565
Microfix
AskWoody MVPYou are correct abbodi86. One observation I have found is, that having removed Diagtrack completely a few months ago, I check after every monthly SQMR patch installation and have found no evidence that it returns on two different computers (both W8.1)
-
October 18, 2018 at 2:39 pm #225511
Ascaris
AskWoody_MVPAgreed… I had the same experience with 8.1 since the first SMQR to contain the telemetry rolled my way. Wow, has it been two years since Patchocalypse already??
I installed the rollup (following the Group A suggestions), then immediately used Abbodi86’s guide that was current at that time to ferret out the nooks and crannies where the telemetry bits were hiding (thanks once again for that, Abbodi86).
I removed rather than disabled the DiagTrack service, and as you said, Microfix, it never came back while pursuing Group A (I kept checking after each SMQR to be sure). I know that disabling it is sufficient to keep it from doing what it does, but there is something satisfying about deleting the loathsome thing rather than simply disabling it, and as has been noted, it’s easier to simply turn a service back on than to reinstall one (though the SMQRs could easily do either).
Group "L" (KDE Neon Linux 5.21.4 User Edition)
1 user thanked author for this post.
-
-
-
-
-
September 25, 2018 at 8:55 am #219557
Noel Carboni
AskWoody_MVP@abbodi86, have you done performance testing to determine if not logging events gives back any machine performance?
Long ago I had done all of what you described, except disabling the AutoLogger-Diagtrck-Listener trace logging. I can’t imagine it will do THAT much for performance, but hey, every little bit helps. I’ll report back after I get another run of nightly jobs tonight and can compare the times.
Thank you for sharing your knowledge here!
-Noel
1 user thanked author for this post.
-
September 25, 2018 at 9:25 am #219562
abbodi86
AskWoody_MVPNot really, the idea of this block/disable tweaks is not for the sake of performance
just to keep unnecessary addions awayCompatibility Appraiser (CompatTelRunner.exe) will cunsume high amount of system resources during evaluation, specially first time
1 user thanked author for this post.
-
September 25, 2018 at 11:31 pm #219755
Noel Carboni
AskWoody_MVP
-
-
September 25, 2018 at 9:47 am #219566
johnf
AskWoody LoungerNadella’s gang has some competition in the race to collect Telemetry, it seems:
Google secretly logs users into Chrome whenever they log into a Google site
-
September 25, 2018 at 9:50 am #219567
geekdom
AskWoody PlusThere’s no monopoly on telemetry.
On Hiatus {with backup and coffee}
offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender TRV=1909 WuMgr
offline▸ Win10Pro 20H2.19042.685 x86 Atom N270 RAM2GB HDD WindowsDefender WuMgr GuineaPigVariant
online▸ Win10Pro 20H2.19042.804 x64 i5-9400 RAM16GB HDD Firefox86.0 WindowsDefender TRV=20H2 WuMgr
-
-
September 25, 2018 at 3:18 pm #219660
jburk07
AskWoody PlusThanks for these excellent and clear instructions, @abbodi86! I wouldn’t mind going to Group B for my own machine, but it would be a pain to to go that route for the other 2 machines I update, and I wouldn’t have attempted the script since I wouldn’t know how to undo something if I mess up in executing the process. But these manual steps are very clear and not onerous. I had done some of them earlier, but I’ll be interested to see what happens to my settings after the October rollup.
I really appreciate your time and effort.
Linux Mint Cinnamon 19.2
Group A:
Win7 Pro x64 SP1 Haswell, 0patch Pro, dual boot with Linux
Win7 Home Premium x64 SP1 Ivy Bridge, 0patch Pro
Win 10 Pro x64 v2004 Ivy Bridge, dual boot with Linux1 user thanked author for this post.
-
October 7, 2018 at 9:16 am #222570
WildBill
AskWoody Plus1) Unified Telemetry Client
– introduced in updates KB3068708/KB3080149, and became part of the Monthly Rollup since October 2016 preview rollup
Did NOT know this was in Monthly Rollup. Never install previews (& never will), so it’s been baked in since November 2016. I was surprised since Windows Update still shows as Recommended (do not receive Recommended updates the same as Important). Followed your manual instructions for disabling Telemetry Client services (I had already disabled DiagTrack) & Compatibility Appraiser tasks. Am still switching to Group B after Patch Tuesday, especially if KB2976978 still shows in Windows Update as Important, like KB3010149 does in Recommended. Would rather be Safe (& on Win8.1) than Sorry (& on Win10 whatever).
2 Machines for Now!
#1: Windows 8.1, 64-bit, back in Group A.
#2: Getting close to buying a refurbished Windows 10 64-bit, recently updated to v1909. Have broke the AC adapter cord going to the 8.1 machine, but before that, coaxed it into charging. Need to buy new adapter if wish to continue using it.
Wild Bill Rides Again... -
October 18, 2018 at 10:33 am #225429
anonymous
GuestThank you so much for the script! Just to clarify: Is there any functional difference between running this script after installing a rollup versus exclusively installing Security Only patches? In other words, does a Group A system where one installs the latest rollup and then runs the above script make any additional network connections than an identical system that has installed only Group B patches? Would there be any additional (telemetry related) CPU usage on the Group A version?
If the answer is no, then it seems the reasons for going Group B are rapidly vanishing!
1 user thanked author for this post.
-
October 23, 2018 at 2:48 pm #226618
-
October 24, 2018 at 12:24 am #226659
-
-
February 15, 2019 at 11:25 am #327473
anonymous
GuestI just noticed the cmd script is unable to access certain subdirectories under the C:\ProgramData\Microsoft\Diagnosis path. (The icacls command issues “Access is denied.”) If I try to manually view the contents of these subdirectories, it’s not enough to simply access as administrator; I’m told I have to take ownership of the directory.
-
February 15, 2019 at 11:33 am #327479
-
-
March 31, 2019 at 9:11 am #347244
BobVila
AskWoody LoungerI’ve been in group b since the beginning.
The last time I updated though was the first important Service Stack update back in 05-26-2017 with KB4019264. I knew there was things I had to do to keep up with Security since then, but every time I would come here and try to figure out which I had to do the list was long and didn’t have the time to fuss, so I just kept procrastinating. Lately though I Knew it was time I had to do something. After spending a hour reading which ones I needed to install, and during that I came across Woody saying it’s just best now to just go to group and save yourself all the hassle of keeping up with group B… and then I found this post thread he by abbodi86
Thank heavens, I absolutely love it! So simple. I’ve now become Group A and I’ll just run this script.
So I go to Windows update expecting to find all kinds things since I’ve been in group b for so long, but the only thing I saw needed (besides NET, Visual c++) was this 2019-03 monthly Quality Rollup for Win7 KB4489878 ..oddly though I did not see Service Stack Update KB4490628 that was suppose to be there, and I don’t have it installed either – why did the SSU not show up? ..because as I said the last SSU or any update I did was back in 2017! I did not want to install KB4490628 separately though since it was not listed so I just went ahead with KB4489878 ..hopefully since I assume it’s cumulative it contains everything I need?
Anyway I installed it, quick and easy, and after reboot I ran abbodi86 telemetry cmd and here’s what it did:
..it was nice not to fuss with doing it all manually any more! I see there was some things in the script it says it did not do, and I assume that was because of obvious reasons? I changed the script to /t 30 ..only because I needed an extra moment to take the screenshot and I only had one chance to catch what it said, so I made sure I had time and gave it 30 secs
Thank you abbodi86
Attachments:
You must be logged in to access attached files.
-
March 31, 2019 at 9:12 am #347255
PKCano
ManagerSo I go to Windows update expecting to find all kinds things since I’ve been in group b for so long, but the only thing I saw needed (besides NET, Visual c++) was this 2019-03 monthly Quality Rollup for Win7 KB4489878 ..oddly though I did not see Service Stack Update KB4490628 that was suppose to be there, and I don’t have it installed either – why did the SSU not show up?
The Servicing Stack did not show up because it HAS to be installed exclusively (by itself). It does not show up in the Important Updates queue until there are no pending updates (checked or unchecked) in the update queue. The Servicing Stack is the update for the updating mechanism and is very important. You should install it.
I see there was some things in the script it says it did not do, and I assume that was because of obvious reasons.
The script needs to be run as “System,” not just from an eleveted command prompt. Along with the script, there is a command line in @abbodi86 ‘s AKB that sets up a Scheduled Task, run as “System” on bootup. To make it work, locate the script in the correct folder and run the command to create the Scheduled Task as per the instructions in the AKB.
-
March 31, 2019 at 10:01 pm #347407
abbodi86
AskWoody_MVPLike @PKCano said, while it’s best to create/run Scheduled Task as “System”, there is no need to worry about those Access denied files, they don’t have an effect as long as DiagTrack service and WMI tracker are disabled, and the Appraiser tasks
1 user thanked author for this post.
-
-
March 31, 2019 at 10:45 am #347276
BobVila
AskWoody LoungerI created a new reply to you PKCano and it showed up, but when I edited it and submitted then it completely disappeared? Was it deleted? …I’m just learning this forums format so, pardon. I will retype it again…
The Servicing Stack did not show up because it HAS to be installed exclusively (by itself). It does not show up in the Important Updates queue until there are no pending updates (checked or unchecked) in the update queue. The Servicing Stack is the update for the updating mechanism and is very important. You should install it.
Okay then, thank you. I created a partition image just before I started so I will just restore it and do it in the correct order this time with the SSU manually done first – if that would be best? I don’t mind restoring at all it’s easy, and actually prefer it if it’s the best thing to do here?
The script needs to be run as “System,” not just from an eleveted command prompt. Along with the script, there is a command line in @abbodi86 ‘s AKB that sets up a Scheduled Task, run as “System” on bootup. To make it work, locate the script in the correct folder and run the command to create the Scheduled Task as per the instructions in the AKB.
Most things say succeeded, and I thought the few things listed in my screenshot that did not succeed was just because I already had all the tasks previously set disabled and in Services had the tracking disabled too. Most of his script worked and I see the things deleted out of the task scheduler now. PCKano you are saying not even if I right click and run as Admin it won’t work?
I can set it up as a task but only want/need to run once, but reading it again abbodi86 says in the first post:
– execute it after installing the Monthly Rollup and rebooting
you only need to run it once, and to be safe, once after each new rollup installation…that’s what I did – does his first posts first method need to be re-worded again because I’m confused. It says just run it once each time you install a new rollup, and so it’s a cmd file and so I just ran it, even right click to run as admin. If there was more to his first method why is it not listed? ..thanks for your patience.
-
March 31, 2019 at 10:54 am #347279
-
March 31, 2019 at 11:18 am #347284
PKCano
ManagerThe telemetry functionality of KB2952664 was built into the 2019-09 Preview Rollup and the subsequent Monthly Rollups starting with 2019-10 SQMR. That’s the reason to necessitate rerunning the script.
The command creating the Scheduled Task sets it up to run as “System” on bootup. I guess if you have manually deleted the Diagtrack and CEIP related parts, you should be OK. But I don’t trust MS to not put them back next month, so I set mine up to automatically execute as a Scheduled Task. Maybe I’m just lazy! LOL 🙂 (or my memory is failing in my old age)
1 user thanked author for this post.
-
-
March 31, 2019 at 1:30 pm #347314
BobVila
AskWoody LoungerThank you PKCano. You really didn’t answer my main questions though; also to say I didn’t manually delete Diagtrack etc but his script did, with his 1st way which just says to execute it and is how I ran it. But you said no and that I needed to to it as a “System” task on boot up. Well so I just ran his 2nd way adding in his scheduled task script was pretty easy. I even see the task added in there now as W10Telemetry, and so I rebooted to let her run and tracked what it did but really don’t see it did anything more because I ‘think’ as my above screenshot shows, it already did everything that was there available to do in his first method.
Did you look at my screenshot above? Perhaps when abbodi86 looks at the screenshot since he wrote the script he will understand right away what was done or what’s needed now. I really don’t think I need to do anything more? The question though was and is his method #1 to Manually run his ‘W10Tel.cmd’ good enough? Yes/No? ..or is it better to run his method 2 within the task scheduler – I like some clarification on this from abbodi86 too if I may please.
Also my hinting asking you did I need to restore my OS image and do it all again just because I did not install the latest KB4490628 Servicing Stack Update first? ..so just now instead of restoring I installed it was very quick wanting no reboot. I see this SSU KB4490628 changed the previous version numbering from 6.1.7601.18766 up to 6.1.7601.24383. Also just checking at WU it still has nothing new for me.
I’ve now set his W10Telemetry task as disabled and won’t need to run it until I do the next rollup when its imperative. Or like he says I will just run his method #1 ‘W10Tel.cmd’ Manually after the next time I do a cumulative rollup. Yes/No
Thank you
-
March 31, 2019 at 1:36 pm #347319
-
-
April 1, 2019 at 7:28 am #347487
BobVila
AskWoody LoungerLike @pkcano said, while it’s best to create/run Scheduled Task as “System”, there is no need to worry about those Access denied files, they don’t have an effect as long as DiagTrack service and WMI tracker are disabled, and the Appraiser tasks
Thank you. I’ll do both then, I like to manually look at what the cmd prompt says when I first manually run ‘W10Tel.cmd’ after an update, and then manually reboot, but before rebooting I will also toggle my Schedule Tasks W10Telemetry back on and then let it reboot… might not be necessary to do it both ways but won’t hurt right… (then afterwards I’ll disable the task until the next time I update (which is not often) ..because no sense to have it run everyday for no reason right ..until of course the next update. I only update once every few months anyway when something is imperative or is the right MS-DEFCON
Thanks again, and nice work
PS – it feels GREAT to move to the easier Group A now.. I see why Woody (and others) suggest it.
-
April 2, 2019 at 2:45 pm #348182
BobVila
AskWoody LoungerIs there a script like this for Win10 to neutralize telemetry on Win10 too?
I’ve seen some programs like O&O etc, but just wondering if someone is maintaining a script to do it like is done here, or if it’s not that easy since 10 is more complex, what is the best program to do it on Win10?
-
April 2, 2019 at 5:56 pm #348257
abbodi86
AskWoody_MVP-
April 2, 2019 at 9:51 pm #348302
EP
AskWoody_MVPnot only that but (here’s the shocker) disabling telemetry completely in win10 “encourages” the win10 update assistant to upgrade any machine to the newest feature update available (unconditionally), regardless of windows update blocking settings, bypassing them [aka. “forced automatic upgrades”].
remember this old Computerworld article folks:
https://www.computerworld.com/article/3261570/microsoft-forces-win10-1709-upgrades-on-pcs-set-to-restrict-telemetry.htmlback then in that article, someone using O&O Shutup10 to disable telemetry completely (the diagnostic data set to 0) caused a Win10 machine to force upgrade to v1709.
so in essence attempting to disable telemetry completely in win10 seems to make things worse, not better.
-
-
-
April 3, 2019 at 7:37 am #348369
BobVila
AskWoody LoungerOkay thank you guys, I understand don’t try to disable telemetry completely, and so then what is the balance, what is the most practical method that can be safely done with Win10?
I know I want to at least stop Win10 from auto updating itself, and perhaps this link below ‘may be’ the latest method – have you seen this one: ?
https://github.com/WereDev/Wu10Man
…or is there something better? (Yes EP I read the Computer world article, thank you)
As far as telemetry, again what are the minimal things we can do to tame it, without causing a fuss?
(I don’t mind if you move this post as I don’t want to hijack this Win7/8.1 thread. I have Win7, Win8, and Win10 computers on my network, and Win7/8 worked perfectly with your W10Tel.cmd – I love it, thank you! …now I need to do a similar (or at least a minimum) of settings for Win10)
-
April 3, 2019 at 7:34 am #348367
PKCano
ManagerCreate a Topic under the version of Win10 you have. Make the title reflect your question about limiting telemetry.
You can use the Forum tree at the bottom of the right-hand (woodgrain) panel to find the link you need. Topic creation is at the bottom of the page in that Forum. Good exercise!
-
-
July 14, 2019 at 4:00 pm #1874954
anonymous
GuestMany thanks for the removal script!
Just one question: If I understood it correctly, the script first adds a value HaveUploadedForTarget to the key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Appraiser, and a few steps after, it deletes the whole Appraiser key.
Is this supposed to be this way or should it be the other way round?
-
July 24, 2019 at 1:09 am #1883369
Pierre77
AskWoody Plus-
July 24, 2019 at 3:48 am #1883682
anonymous
Guest? says:
do you mean KB4493132 the Windows 7 SP1 Support Notification
https://support.microsoft.com/en-us/help/4493132/windows-7-update-kb4493132 -
July 24, 2019 at 3:50 am #1883685
anonymous
Guest? says:
nevermind:
https://www.digitaltrends.com/computing/microsoft-pushing-out-windows-7-end-of-support-alerts/from yesterday 7/22
thanks, Pterre77
-
-
July 24, 2019 at 12:12 pm #1884955
EP
AskWoody_MVPborn is reporting about the KB4493132 update showing up again recently:
https://borncity.com/win/2019/07/24/windows-7-new-notification-update-kb4493132-july-2019/the enterprise and professional editions of Windows 7 will not be offered the KB4493132 update; only “consumer” editions of Windows 7 (home and ultimate) will have it offered
-
This reply was modified 1 year, 8 months ago by
EP.
1 user thanked author for this post.
-
This reply was modified 1 year, 8 months ago by
-
July 29, 2019 at 5:29 pm #1896548
anonymous
Guest-
July 29, 2019 at 5:30 pm #1896562
-
-
July 31, 2019 at 4:05 pm #1899530
TonyC
AskWoody LoungerMy home PC (Win 7 x64) has 3 user IDs defined on it: a user ID with administrative privileges which I use only for system maintenance tasks, a user ID without administrative privileges which I use for day-to-day tasks, and a similar user ID that my wife uses for her day-to-day tasks. If I wish to use W10Tel.cmd on my system, is it sufficient to run it on the user ID that I use for system maintenance tasks, or do I have to run it on all 3 user IDs?
-
July 31, 2019 at 7:45 pm #1899682
abbodi86
AskWoody_MVP-
August 2, 2019 at 7:17 am #1900975
anonymous
Guest? says:
sorry to bother, can i cut :
:: ############################
:: # End Of Support KB4493132 #
:: ############################
From there to the end of this section.to not run the EOL portion and still have the functionality of your patch? in case the winx upgrade appraisal components are (somehow) added between now and 1/2019. i’m planning to run without “Security Only” patches that contain this “appraisal” nonsense while updating IE and MSE until then…
thank you!
Moderator note: Please do not publish @abbodi86 ‘s script on this site.
-
August 2, 2019 at 7:25 am #1901007
-
August 2, 2019 at 8:06 am #1901056
-
August 2, 2019 at 9:55 am #1901141
-
August 2, 2019 at 11:06 am #1901166
-
August 2, 2019 at 11:52 am #1901178
anonymous
Guest? says:
got it, thank you, kind sir! i see the green defcon flag has been raised and since i’m nowhere near to be considered a “normal,” (user) or anything for that matter (left-handed, dyslexic) i think i’ll sit back, relax have a cold drink and see how this all plays out…
again, thank you abbodi86!
-
August 2, 2019 at 2:59 pm #1901257
walker
AskWoody Lounger@abbodi86: Since I don’t know what I’m doing (very computer illiterate), I will just watch and see how things turn out (for the present time). Thank you for all of the excellent information and guidance you continually provide for all of us “users”. You do an outstanding job, which is very much appreciated!
-
-
-
-
July 31, 2019 at 7:50 pm #1899689
Carl D
AskWoody LoungerTony,
just run it with your Admin account and it will cover all 3 accounts.
I don’t have a Windows 7 setup to test it with at the moment but I have always right clicked on W10Tel.cmd and selected “Run as Administrator” from my Admin account (it may prompt to run it as Administrator even if you don’t do that but I’m not sure).
If you run it from either of the 2 Standard accounts it would probably still prompt you to run it as Administrator and it would probably cover all 3 accounts. Once again, I’m not sure about that so if anyone else knows for sure please chime in.
Anyway, easiest thing to do would be to just run it from your main Admin account and it will cover all 3 as I have already mentioned.
Edit: abbodi86 beat me to it (thanks, abbodi). Must learn to type faster.
PC 1: Gigabyte GA-B250M-D3H Motherboard, Intel i5-7600 CPU, 32GB RAM, NVIDIA GeForce GTX 1050 Graphics Card, 1x Samsung 870 EVO 250GB SSD, 1x Samsung 860 EVO 250GB SSD, Windows 10 Professional 20H2 64bit.
PC 2: Asus H81M-PLUS Motherboard, Intel i3-4160 CPU, 16GB RAM, NVIDIA GeForce GTX 1030 Graphics Card, 1x Samsung 870 EVO 250GB SSD, 1x Samsung 860 EVO 250GB SSD, Windows 10 Home 20H2 64bit.
-
-
July 31, 2019 at 10:11 pm #1899868
ek
AskWoody LoungerIn recent years I religiously kept doing a number of tweaks (some described in this thread, some on other blogs) to stop telemetry on my Win 7 systems. But MS kept pushing updates that re-activated telemetry. So frustrating & disappointing.
The only thing that really works for me – and is easily reversible – was implementing a Pihole adblocker at home and adding a blocklist a github site maintains for blocking MS telemetry. The blocklist works well, is easy to disable if needed and is completely independent of Windows.
-
August 1, 2019 at 5:24 am #1900097
Ed
AskWoody Lounger -
August 6, 2019 at 11:40 am #1904223
TonyC
AskWoody LoungerI ran W10Tel.cmd for the first time on my W7x64 (Home Premium) system today. It generated a number of error messages which are displayed on the screen shot of the command prompt window below.
W10Tel2.cmd is W10Tel.cmd without the W7 EOS KB4493132 section (lines 15 to 31) – I don’t have KB4493132 installed. As can be seen, I redirected the normal output to a text file, but the error messages appeared in the command prompt window.
I’m not expecting an explanation of what each error message means. But I would like to be reassured that such error messages are expected simply because every W7 system is different.
Attachments:
You must be logged in to access attached files.
-
August 6, 2019 at 12:37 pm #1904258
abbodi86
AskWoody_MVPSuch errors are expected, the script is straight forward, it try to remove the registry values and/or files without checking if they exist or not
actually, running reg query will also output error, therefore, it will not make a difference to check or addso, just ignore the errors 🙂
to redirect error output add 2>&1 after text file
W10Tel2.cmd W10Tel2.log 2>&1
3 users thanked author for this post.
-
August 6, 2019 at 2:57 pm #1904276
-
-
-
August 6, 2019 at 12:14 pm #1904253
anonymous
Guest-
August 6, 2019 at 2:56 pm #1904275
-
-
August 7, 2019 at 5:37 am #1904580
anonymous
GuestI had been holding back updates on my systems (Windows 7 and 8.1), and liked the sentiment behind this “script”.
Anyway, long story, I did not see anything specifically mentioning in this thread that you may need to enable DiagTrack in to install some updates. In my case, KB4507448.
Check your “Application” event log, and if you see an ‘0x800f0816’ error. Try enabling DiagTrack.
NOTES:
Essentially, the message states that it cannot change the state of the update to “staged”:
Package KB4507448 failed to be changed to the Staged state. Status: 0x800f0816.After enabling:
Initiating changes for package KB4507448. Current state is Resolved. Target state is Staged. Client id: WindowsUpdateAgent.That error does not appear to be documented\detailed. For example, in this powershell snippet (NOTE: I feed in two error codes just to confirm the Win32Exception object actually works for the ‘Facility’):
0x800f0816,0x800f0001 | % { ‘Facility: {0}, Error: {1}, {2}’ -f @(($_ -shr 16 -band 0xfff), ($_ -band 0xffff), ([ComponentModel.Win32Exception]$_).Message) }
I get these results:
Facility: 15, Error: 2070, Unknown error (0x800f0816)
Facility: 15, Error: 1, A section name marker in the INF is not complete, or does not exist on a line by itselfRegard,
Richard Rudek -
September 1, 2019 at 1:44 pm #1930910
anonymous
Guest? says:
if you can tell me why Application Experience (CEIP) runs (RunAsInvoker) (compatibility fix runs because it it blocked?) when i update MSE even though it is disabled in the Task Scheduler i would appreciate it. i am opted in to Basic spynet in MSE settings because the real time scanning only works if opted in. i see the invoker run in event log\application experience and can flush out the xml to %temp% (users\appdata\local\temp:
“xml version=”1.0″
Event xmlns=”http://schemas.microsoft.com/win/2004/08/events/event”
System
Provider Guid=”{EEF54E71-0661-422D-9A98-82FD4940B820}” Name=”Microsoft-Windows-Application-Experience”/
EventID>500</EventID Version>0</Version Level 4 /Level Task 0 /Task
Opcode 0 /Opcode Keywords 0x1000000000000000 /Keywords
TimeCreated SystemTime=”2019-09-01 Z”/
EventRecordID 514 /EventRecordID Correlation/ Execution ThreadID=”2184″ ProcessID=”2540″/
Channel Microsoft-Windows-Application-Experience/Program-Telemetry /Channel
Computer ?-PC /Computer Security UserID=”S-1-5-20″/ /System- UserData
CompatibilityFixEvent xmlns=”http://www.microsoft.com/Windows/Diagnosis/PCA/events”
xmlns:auto-ns2=”http://schemas.microsoft.com/win/2004/08/events”
ProcessId>2540</ProcessId
StartTime 2019-09-01 Z /StartTime FixID {1C2D58C3-DCD2-41E3-BD0B-25F05028C655} /FixID
Flags 0x40102 /Flags ExePath C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp\MpSigStub.exe /ExePath
FixName>RunAsInvoker /FixName/CompatibilityFixEvent /UserData /Event”
thank you!
-
September 1, 2019 at 10:19 pm #1931575
abbodi86
AskWoody_MVPThis is not the Appraiser running
it’s just regular compatibility fix that’s get applied for some programs, part of Application Experience service
like i said before, the Telemetry Appraiser hooks in (or hijack) the built-in Application Compatibility Experience tasks and event log channels
but it’s still function as old behavior and provide compatibility shim for programs1 user thanked author for this post.
-
September 2, 2019 at 2:00 am #1931711
anonymous
Guest? says:
ok, great! i missed it when you said it before so thank you for repeating yourself and now i know why it’s in the logs. on another note i was checking for old telemetry patches and i have KB3021927 showing in hklm\software\microsoft\windows\currentversion\componentbasedservicing\applicability\evaluationcache with current state value=0 (not installed) and applicability state value=112 (fully installed, available for binding) i installed it when it was offered as an “enhancement” in 2015 and then uninstalled it via wusa when i found out what it really was, so i gusee it is stuck in the win sxs basement…
thanks again for your reply
-
September 3, 2019 at 10:07 am #1934402
abbodi86
AskWoody_MVPYou probably mean KB3021917
ApplicabilityEvaluationCache reflect the result of Windows Update
it’s deleted with each new update installation or uninstallation, and created by WU upon searchApplicabilityState 70 (112) means the update is considered valid by WU and will be offered
it doesn’t mean the update is installed1 user thanked author for this post.
-
September 3, 2019 at 11:06 am #1934438
anonymous
Guest? says:
abbodi86, you make the world a much better place! yes, i have middle number dyslexia and KB burnout it is KB3021917 and it only shows up in Nir’s WinUpdatesList tool. and yes as you say the correct ApplicabilityState value is 0x70 (112) (valid).
so the …\cache is a what if pile rather than a what is pile? no wonder i can’t wusa it out of existence, i already did. i really do appreciate you always generously sharing your knowledge…
thank you!
1 user thanked author for this post.
-
September 3, 2019 at 11:57 am #1934463
-
-
-
-
-
September 12, 2019 at 11:42 pm #1950206
Jim C
AskWoody LoungerThank you so much. After finding out, Mic-SOB’s again added their telemetry BS, I was ready to throw in the towel. Giving up on all updates, till the bitter end of Win 7. I had already done everything you suggested long ago. The one thing I wasn’t sure about, if I downloaded updates with telemetry included, would telemetry reset what I disable and/or create new files that were deleted? Now I know the answer is No. Thanks again, your hard work is very much appreciated!!!
1 user thanked author for this post.
-
October 1, 2019 at 12:35 pm #1970341
WSkxxxk
AskWoody PlusUsing the physical-sciences principle of “confirm what you think you know” (but really, I believe am just kicking a dead horse), with the new inclusion (in Sep 2019) by MS of telemetry in Win7 & 8.1 “security only” patches, it appears that there is absolutely no reason to stay in Group B, as you have to use one of the methods of this thread in either Group B or Group A, and in Group B you are passing up Win fixes and improvements. True?
Any reasons for the contrary?
-
October 1, 2019 at 12:46 pm #1970348
-
-
October 5, 2019 at 2:09 am #1974849
-
October 9, 2019 at 3:20 pm #1977797
Guest
AskWoody LoungerCould the script be added to include the following?
The July Security Only update that adds telemetry creates a folder, Migration\WTR, with a file, CompatTelemetry, that lists the changes that include some not already in the script. They are..
[System.File]
“%windir%\system32\CompatTel\* [*]”
“%windir%\system32\ [aepdu.dll]”
“%windir%\system32\ [devinv.dll]”
“%windir%\system32\appraiser\* [*]”
“%windir%\system32\ [acmigration.dll]”
“%windir%\system32\ [appraiser.dll]”
“%windir%\system32\ [invagent.dll]”
“%windir%\system32\ [generaltel.dll]”
“%windir%\system32\Tasks\Microsoft\Windows\Application Experience\ [Microsoft Compatibility Appraiser]”
“%windir%\system32\Tasks\Microsoft\Windows\Application Experience\ [ProgramDataUpdater]”
“%windir%\appcompat\programs\ [FullCompatReport.xml]”
“%windir%\appcompat\UA\* [*]”
“%windir%\appcompat\Appraiser\* [*]”[System.Registry]
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\ClientTelemetry\* [*]”
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Appraiser\* [*]”
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\UpgradeExperienceIndicators\* [*]”
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\OneSettings\* [*]”
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\TelemetryController\* [*]”
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Shared\ [UpgExIndChecksum]”-
October 9, 2019 at 10:05 pm #1978033
abbodi86
AskWoody_MVPCompatTelemetry.inf is used to exclude the listed files and registry if you decided to upgrade Windows 7 to Windows 10 (or 8.1)
removing that file or any other related system files will break SFC integrity
and it’s not needed at all
like i said, disabling the schedule tasks and WMI logger should be enough
-
-
December 10, 2019 at 6:19 pm #2017648
abbodi86
AskWoody_MVP -
January 17, 2020 at 9:39 pm #2086491
DriftyDonN
AskWoody Plus -
February 3, 2020 at 2:31 pm #2125285
bitbasher
AskWoody LoungerUpdated W10Tel.cmd script with entries to suppress Win 7 EOS notification (installed with KB4530734 and SO KB4530692)
https://pastebin.com/zeJFe08G-
This reply was modified 1 year, 4 months ago by
abbodi86.
Will this script work with the last JAN 2020 SO update KB4534314 which also contains EOS notification?
I’m still going to wait for JAN 2020 SO update so MS can fix their black background bug.
-
February 3, 2020 at 3:07 pm #2125295
-
This reply was modified 1 year, 4 months ago by
-
May 7, 2020 at 9:38 pm #2260681
Gordski
AskWoody PlusAnd for those who find this level of task too fiddly and or too complicated there is a nice auto-pilot one click app ‘SpyBot Anti-Beacon’ which makes life easier available from
Safer-Networking.org .
Latest download v3.5 comes as a free version and covers approx 50% of the Microsoft telemetry spy zones and the paid for ‘Plus’ version (€7.99 p/a) is available which enables 100% coverage of all Microsofts embeded telemetry.G.
-
May 8, 2020 at 2:54 am #2260699
-
May 8, 2020 at 8:04 pm #2260900
7ProSP1
AskWoody Loungerfree version and covers approx 50% of the Microsoft telemetry spy zones and the paid for ‘Plus’ version (€7.99 p/a)
The free, portable Debotnet does much more and doesn’t cost a dime.
I had never heard of this extremely useful utility until I read your post.
It has now been added to my arsenal of Microsoft anti-snooping software.
Thanks for sharing.
-
This reply was modified 11 months ago by
7ProSP1.
1 user thanked author for this post.
-
May 19, 2020 at 9:06 pm #2264237
satrow
AskWoody MVPThe free, portable Debotnet does much more and doesn’t cost a dime.
It’s already been deprecated in favour of sharpapp, ghacks report.
-
This reply was modified 11 months ago by
-
May 20, 2020 at 1:03 am #2264279
Alex5723
AskWoody PlusThe free, portable Debotnet does much more and doesn’t cost a dime.
It’s already been deprecated in favour of sharpapp, ghacks report.
Sharpapp is inferior to Debotnet, which still can be used.
-
June 12, 2020 at 7:56 pm #2271894
DriftyDonN
AskWoody Plus-
June 12, 2020 at 9:36 pm #2271910
-
-
-
AuthorPosts
Viewing 41 reply threads -
Welcome to our unique respite from the madness.
It's easy to post questions about Windows 10, Win8.1, Win7, Surface, Office, or browse through our Forums. Post anonymously or register for greater privileges. Keep it civil, please: Decorous Lounge rules strictly enforced. Questions? Contact Customer Support.

Plus Membership
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments. Click here for details and to sign up.
Search Newsletters
Search Forums
Recent Replies
Ascaris on How much RAM does your computer have?
24 minutes agoanonymous on Are you a Consultant or IT Pro?
39 minutes agoLarry B on Chrome messed up my “run browser sandboxed” link
42 minutes agoanonymous on It’s time for 20H2
52 minutes agoSeff on How much RAM does your computer have?
1 hour, 1 minute agoMoonshine on Editing a PDF in Mint
1 hour, 13 minutes agoagoldhammer on How much RAM does your computer have?
2 hours, 13 minutes agoSeff on How much RAM does your computer have?
2 hours, 16 minutes agoOscarCP on Good animated movies and shows for ages ten to one hundred and ten.
4 hours, 23 minutes agoPKCano on 20H2 and and OOB optional March 18 printer problem update
4 hours, 25 minutes agoPKCano on 20H2 and Adobe Flash Player
4 hours, 40 minutes agoPKCano on 2000013: How to clear the Windows Update queue in Win10
4 hours, 44 minutes agodmt_3904 on We’re sorry, but Outlook has run into a problem…
4 hours, 54 minutes agoAlex5723 on Good animated movies and shows for ages ten to one hundred and ten.
5 hours, 5 minutes agoMoonshine on How can I locate Bitlocker key in OEM refurb HP laptop?
5 hours, 12 minutes agoAlex5723 on Initial Apple M1 SoC Support Aims For Linux 5.13 Kernel
5 hours, 48 minutes agomacropod on Find & Replace
6 hours, 6 minutes agoPaul T on 20H2 and Adobe Flash Player
6 hours, 8 minutes agoPaul T on How to determine data type?
6 hours, 9 minutes agoPaul T on It’s time for 20H2
6 hours, 14 minutes agoPaul T on Question about allowing/stopping laptop from turning off USB device
6 hours, 20 minutes agoPaul T on Help requested for a botched 2004 install
6 hours, 28 minutes agoPaul T on Brother printer “driver unavailable” suddenly
6 hours, 36 minutes agoPaul T on Are you a Consultant or IT Pro?
6 hours, 53 minutes agoBrerBear on It’s time for 20H2
7 hours, Just nowSky on Good animated movies and shows for ages ten to one hundred and ten.
7 hours, 29 minutes agoPaul T on How can I locate Bitlocker key in OEM refurb HP laptop?
7 hours, 33 minutes agoOscarCP on Initial Apple M1 SoC Support Aims For Linux 5.13 Kernel
7 hours, 34 minutes agoPaul T on 2000013: How to clear the Windows Update queue in Win10
7 hours, 40 minutes agoAlex5723 on It’s time for 20H2
7 hours, 42 minutes ago
Recent Topics
-
Hackers hacked Swarmshop stolen credit cards database
6 hours, 24 minutes ago
-
DuckDuckGo updates its plugin to block Google’s creepy FLoC
7 hours, 34 minutes ago
-
Initial Apple M1 SoC Support Aims For Linux 5.13 Kernel
5 hours, 49 minutes ago
-
How much RAM does your computer have?
25 minutes ago
-
odd optional update
13 hours, 16 minutes ago
-
Editing a PDF in Mint
1 hour, 14 minutes ago
-
20H2 and and OOB optional March 18 printer problem update
4 hours, 26 minutes ago
-
20H2 and 2020-02 CU for .NET
11 hours, 44 minutes ago
-
20H2 and Adobe Flash Player
4 hours, 40 minutes ago
-
How to set MLB homepage in Edge Chromium
20 hours, 19 minutes ago
-
Scraped data of 500 million LinkedIn users being sold online
21 hours, 18 minutes ago
-
Question about allowing/stopping laptop from turning off USB device
6 hours, 21 minutes ago
-
Office 2010 Installer “Wanted”
16 hours, 57 minutes ago
-
Subscribed topics
7 hours, 50 minutes ago
-
New age olympics – hacking contest
16 hours, 11 minutes ago
-
Questions about installing Brave on Linux Mint
13 hours, 56 minutes ago
-
Testing if I could post a thread
1 day, 8 hours ago
-
File Explorer shortcut 30 – 45 seconds to open a window
16 hours, 33 minutes ago
-
Basic Asset Management Software
23 hours, 40 minutes ago
-
My first OEM Linux PC (laptop)!
17 hours, 20 minutes ago
-
Are you a Consultant or IT Pro?
40 minutes ago
-
Removal of Chromium Edge in 20H2?
1 day, 14 hours ago
-
How determine what Seach Engine is being used?
2 days, 8 hours ago
-
Outlook cannot read the calendar
21 hours, 37 minutes ago
-
Windows 10 Insider Preview build 21354 released to DEV Channel
2 days, 19 hours ago
-
Printer Offline After Every Reboot
7 hours, 47 minutes ago
-
Soviet TV version of Lord of the Rings rediscovered after 30 years
19 hours, 33 minutes ago
-
Chrome messed up my “run browser sandboxed” link
43 minutes ago
-
Extra updates in wushowhide?
3 days, 5 hours ago
-
Windows Update for Business isn’t just
2 days, 14 hours ago
Search for Topics
Recent blog posts
- How much RAM does your computer have?
- Are you a Consultant or IT Pro?
- Windows Update for Business isn’t just
- April 2021 Office non-Security Updates are now available
- Touchscreen misregisters point-and-clicks
- AskWoody Improvements
- The best laptop docking stations and hubs for 2021
- The problem with copyright: fair use
Key Links
Copyright © 2004 – 2021 AskWoody Tech LLC. All rights reserved.