News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • 2000012: Neutralize Telemetry & Sustain Win 7, 8.1 Monthly Rollup Model

    Posted on abbodi86 Comment on the AskWoody Lounge

    Home Forums Knowledge Base 2000012: Neutralize Telemetry & Sustain Win 7, 8.1 Monthly Rollup Model

    This topic contains 82 replies, has 24 voices, and was last updated by  abbodi86 1 day, 9 hours ago.

    • Author
      Posts
    • #219238 Reply

      abbodi86
      AskWoody_MVP

      AKB 2000012: How To Neutralize Telemetry and Sustain Windows 7 and 8.1 Monthly Rollup Model

      by @abbodi86

      Published September 24, 2018 | rev 1.0

       
      # Background #

      Microsoft had backported two main parts of Windows 10 Telemetry system to Windows 7 and 8.1

      1) Unified Telemetry Client

      – introduced in updates KB3068708/KB3080149, and became part of the Monthly Rollup since October 2016 preview rollup

      – represented by the Diagnostics Tracking Service (DiagTrack) and the event trace session (AutoLogger-Diagtrack-Listener)

      – handle the diagnosis tracking and logging, and the online telemetry reporting endpoints

      2) Microsoft Compatibility Appraiser

      – introduced in KB2952664/KB2976978, and now become part of the Monthly Rollup staring September 2018 preview rollup

      – represented by the “Application Experience” schedule tasks (Microsoft Compatibility Appraiser, ProgramDataUpdater, AitAgent)

      – the actual telemetry controller and runner, handles the compatibility evaluation and collecting, and device inventory

       
      # Neutralization #

      Despite the infamous reputation and some exaggeration, these Telemetry components in Windows 7/8.1 updates are not deeply implemented into OS and can be easily disabled or eliminated
      this can be done officially with few manual steps, or a simple batch script (with exra little-aggressive setings)

      1) W10Tel.cmd

      – copy or download the contents from this paste bin, and save as .cmd file
      https://pastebin.com/zeJFe08G

      – execute it after installing the Monthly Rollup and rebooting
      you only need to run it once, and to be safe, once after each new rollup installation

      – you can also use Task Scheduler to run the script with each system startup, e.g.
      copy the script to C:\Windows directory
      open command prompt as administrator, and execute:
      SCHTASKS /Create /F /RU "SYSTEM" /RL HIGHEST /SC ONSTART /TN W10Telemetry /TR "cmd /c %windir%\W10Tel.cmd"

      2) Manual:

      the demonstration is done on Windows 7, same steps applies for Windows 8.1 too

      – DiagTrack service

      open Services from Task Manager
      or from Control Panel > Administrative Tools > Services

      find Diagnostics Tracking Service, right-click and select Properties
      change Startup type to Disabled, then click on Stop button

      – WMI AutoLogger-Diagtrack-Listener

      right-click on Computer icon and select Manage (This PC in Windows 8.1)
      or from Control Panel > Administrative Tools > Computer Management

      expand to the node Performance > Data Collector Sets

      from Event Trace Sessions, right-click on AutoLogger-Diagtrack-Listener or Diagtrack-Listener and Stop it (you may also delete it afterwards)

      from Startup Event Trace Sessions, right-click on AutoLogger-Diagtrack-Listener and select Properties, then clear Enabled check from Trace Session tab (you may also delete it afterwards)

      you can also disable AITEventLog and SQMLogger too (those are already exist in the system, not added by updates)





      null

      – Compatibility Appraiser tasks

      launch Task Scheduler from Start Menu
      or from Control Panel > Administrative Tools > Task Scheduler

      goto Task Scheduler Library > Microsoft > Windows > Application Experience
      disable all tasks (you may also delete them too)

      do the same with tasks in Customer Experience Improvement Program




       
      # Closure #

      Deleting schedule tasks or WMI logger is totally safe, and just to avoid being re-enabled unexpectedly
      they don’t affect the OS functions in any way

      Except the show stopper bugs and errors, Monthly Rollup does not need to be avoided for the sake of telemetry hustle

      Total of 48 users thanked author for this post. Here are last 20 listed.
    • #219315 Reply

      anonymous

      Thank you @abbodi86 , for collecting these ideas together at the top of a new topic. I think this option fits my needs better than group hopping. My needs may be different than others. It is good to have alternative methods described so well.

      5 users thanked author for this post.
    • #219320 Reply

      OldBiddy
      AskWoody Plus

      Egads this is too advanced for the likes of me. I鈥檒l just have to consider going back to Group B or just accept the tracking. Rats!

    • #219332 Reply

      Microfix
      Da Boss

      @abbodi86, Nice post! NEEDS TO BE AN AKB 馃槈
      I have a couple of questions..
      1. Regarding switches: /d 1 /f do these switches signify:
      /d=decimal聽聽聽聽 1=numerical value (1=on 0=off)聽聽聽 /f=聽force (Thanks PKCano)

      2. Having run the cmd
      sc stop Diagtrack then sc delete Diagtrack
      wouldn’t most of the pastebin script be redundant in that case? then I could manually adapt to suit the systems.

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      2 users thanked author for this post.
      • #219491 Reply

        abbodi86
        AskWoody_MVP

        Yes, 0 and 1 are mostly the binary translation of ON and OFF

        i never use or recommend sc delete Diagtrack
        disabling the service is perfectly enough

        and WMI Autologger and Compatibility Appraiser can still function without it

        2 users thanked author for this post.
        • #219522 Reply

          Microfix
          Da Boss

          Had these done anyway for W7/ W8.1, just better to check against the script for anything I may have missed. IIRC I done most of these via Task Scheduler, cmd prompt and registry edits (exported before deletion where applicable) over a year ago. Just a different method of what I’d already done 馃檪 All good!
          Script is now on standby for October 2018 patches onward for re-introduction in SQMR updates. sigh.

          ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

    • #219353 Reply

      fernlady
      AskWoody Lounger

      Egads this is too advanced for the likes of me. I鈥檒l just have to consider going back to Group B or just accept the tracking. Rats!

      Don’t feel bad, its waay over my head also!

      Windows 7 Home Premium x64 AMD Group A Realtek PCLe GBE Family Controller

      2 users thanked author for this post.
      • #219401 Reply

        OldBiddy
        AskWoody Plus

        Thank you, @fernlady. Maybe it鈥檚 time for me to just move on to a Chromebook or MacBook at this point. Although Google鈥檚 snooping may be worse than MS鈥檚.

    • #219503 Reply

      Noel Carboni
      AskWoody_MVP

      Nice script.

      Only thing is that I tend more to disable jobs than delete them, though the point could be made that deleting a job does make it more difficult for the software to re-enable.

      -Noel

      2 users thanked author for this post.
      • #219523 Reply

        Microfix
        Da Boss

        There is exactly that scenario Noel (I’m covering all bases), from my POV the Diagtrack service was removed to make it more difficult for MS to re-introduce (unless a SFC repair is done). One has to wonder whether the Diagtrack service will be introduced into SQMR patches as well as kb3068708/ kb3080149?

        ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

        • #219547 Reply

          Noel Carboni
          AskWoody_MVP

          For what it’s worth, this script doesn’t break serviceability as checked by SFC, so I wouldn’t think an SFC /SCANNOW would change anything back. DISM on the other hand, I don’t know.

          ScreenGrab_W10VM_2018_09_25_092551

          -Noel

          Attachments:
          2 users thanked author for this post.
        • #219561 Reply

          abbodi86
          AskWoody_MVP

          Diagtrack is part of SMQR since October 2016

          1 user thanked author for this post.
          • #219565 Reply

            Microfix
            Da Boss

            You are correct abbodi86. One observation I have found is, that having removed Diagtrack completely a few months ago, I check after every monthly SQMR patch installation and have found no evidence that it returns on two different computers (both W8.1)

            ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

            2 users thanked author for this post.
            • #225511 Reply

              Ascaris
              AskWoody_MVP

              Agreed… I had the same experience with 8.1 since the first SMQR to contain the telemetry rolled my way.聽 Wow, has it been two years since Patchocalypse already??

              I installed the rollup (following the Group A suggestions), then immediately used Abbodi86’s guide that was current at that time to ferret out the nooks and crannies where the telemetry bits were hiding (thanks once again for that, Abbodi86).

              I removed rather than disabled the DiagTrack service, and as you said, Microfix, it never came back while pursuing Group A (I kept checking after each SMQR to be sure).聽 I know that disabling it is sufficient to keep it from doing what it does, but there is something satisfying about deleting the loathsome thing rather than simply disabling it, and as has been noted, it’s easier to simply turn a service back on than to reinstall one (though the SMQRs could easily do either).

              Group "L" (KDE Neon User Edition 5.17.4).

              1 user thanked author for this post.
    • #219557 Reply

      Noel Carboni
      AskWoody_MVP

      @abbodi86, have you done performance testing to determine if not logging events gives back any machine performance?

      Long ago I had done all of what you described, except disabling the AutoLogger-Diagtrck-Listener trace logging. I can’t imagine it will do THAT much for performance, but hey, every little bit helps. I’ll report back after I get another run of nightly jobs tonight and can compare the times.

      Thank you for sharing your knowledge here!

      -Noel

      1 user thanked author for this post.
      • #219562 Reply

        abbodi86
        AskWoody_MVP

        Not really, the idea of this block/disable tweaks is not for the sake of performance
        just to keep unnecessary addions away

        Compatibility Appraiser (CompatTelRunner.exe) will cunsume high amount of system resources during evaluation, specially first time

        1 user thanked author for this post.
      • #219755 Reply

        Noel Carboni
        AskWoody_MVP

        By the way, my nightly product builds took no less time last night than the night prior, when I had not disabled the log. 55 minutes 14 seconds vs. 55 minutes 18 seconds. The builds vary more than that from night to night.

        -Noel

    • #219566 Reply

      johnf
      AskWoody Lounger

      Nadella’s gang has some competition in the race to collect Telemetry, it seems:

      Google secretly logs users into Chrome whenever they log into a Google site

      Firefox collects data on you through hidden add-ons

      3 users thanked author for this post.
      • #219567 Reply

        geekdom
        AskWoody Plus

        There’s no monopoly on telemetry.

        Group G{ot backup} TestBeta On hiatus.
        Win7Pro 路 x64 路 SP1 路 i3-3220 路 RAM 8GB 路 Firefox: uBlock Origin - NoScript 路 HDD 路 Canon Printer 路 Microsoft Security Essentials 路 Windows: Backup - System Image - Rescue Disk - Firewall
        2 users thanked author for this post.
    • #219660 Reply

      jburk07
      AskWoody Plus

      Thanks for these excellent and clear instructions, @abbodi86! I wouldn’t mind going to Group B for my own machine, but it would be a pain to to go that route for the other 2 machines I update, and I wouldn’t have attempted the script since I wouldn’t know how to undo something if I mess up in executing the process. But these manual steps are very clear and not onerous. I had done some of them earlier, but I’ll be interested to see what happens to my settings after the October rollup.

      I really appreciate your time and effort.

      Group A Win7 x64 Home Premium SP1 Ivy Bridge

      1 user thanked author for this post.
    • #222570 Reply

      WildBill
      AskWoody Plus

      1) Unified Telemetry Client

      鈥 introduced in updates KB3068708/KB3080149, and became part of the Monthly Rollup since October 2016 preview rollup

      Did NOT know this was in Monthly Rollup. Never install previews (& never will), so it’s been baked in since November 2016. I was surprised since Windows Update still shows as Recommended (do not receive Recommended updates the same as Important). Followed your manual instructions for disabling Telemetry Client services (I had already disabled DiagTrack) & Compatibility Appraiser tasks. Am still switching to Group B after Patch Tuesday, especially if KB2976978 still shows in Windows Update as Important, like KB3010149 does in Recommended. Would rather be Safe (& on Win8.1) than Sorry (& on Win10 whatever).

      Windows 8.1, 64-bit, back in Group A... & leaning toward Windows 10 V1909. As long as it's a Lot Less Buggy!
      Wild Bill Rides Again...

      2 users thanked author for this post.
      • #223384 Reply

        abbodi86
        AskWoody_MVP

        Some updates cannot be totally superseded (from Windows Update POV) except with metadata
        and preview rollups cannot metadata-supersede important updates (KB2976978) in this case

        KB3080149 is not completely superseded for Windows 8.1
        likewise WU client update KB3044374

    • #225429 Reply

      anonymous

      Thank you so much for the script! Just to clarify: Is there any functional difference between running this script after installing a rollup versus exclusively installing Security Only patches? In other words, does a Group A system where one installs the latest rollup and then runs the above script make any additional network connections than an identical system that has installed only Group B patches? Would there be any additional (telemetry related) CPU usage on the Group A version?

      If the answer is no, then it seems the reasons for going Group B are rapidly vanishing!

      1 user thanked author for this post.
      • #225502 Reply

        abbodi86
        AskWoody_MVP

        No, the script disable any backported telemetry activity

        i remember @mrbrian made a test to verify that, but i can’t find his post
        you are welcome to take my word or doing a test 馃檪

        2 users thanked author for this post.
    • #226618 Reply

      anonymous

      Is it safe to delete diagtrack.dll?

      • #226659 Reply

        abbodi86
        AskWoody_MVP

        SFC will nag about it and restore it, Win8.1 dism /restore-health likewise

        so the deletion is not needed

    • #327473 Reply

      anonymous

      I just noticed the cmd script is unable to access certain subdirectories under the C:\ProgramData\Microsoft\Diagnosis path. (The icacls command issues “Access is denied.”) If I try to manually view the contents of these subdirectories, it’s not enough to simply access as administrator; I’m told I have to take ownership of the directory.

      • #327479 Reply

        PKCano
        Da Boss

        I believe the script that creates the Task Scheduler task sets it up to run as “System,” not as administrator.

    • #347244 Reply

      BobVila
      AskWoody Lounger

      I’ve been in group b since the beginning.

      The last time I updated though was the first聽important Service Stack update back in 05-26-2017 with KB4019264.聽 I knew there was things I had to do to keep up with Security since then, but every time I would come here and try to figure out which I had to do the list was long and didn’t have the time to fuss, so I just kept procrastinating. Lately though聽I Knew it was time I had to do something. After spending a hour reading which ones I needed to install, and during that I came across Woody saying it’s just best now to just go to group and save yourself all the hassle of keeping up with group B… and then I found this post thread he by abbodi86

      Thank heavens, I absolutely love it! So simple. I’ve now become Group A and I’ll just run this script.

      So I go to Windows update expecting to find all kinds things since I’ve been in group b for so long, but the only thing I saw needed聽(besides NET, Visual c++)聽was this 2019-03 monthly Quality Rollup for Win7 KB4489878 ..oddly though I did not see Service Stack Update聽KB4490628 that was suppose to be there, and I don’t have it installed either – why did the SSU聽not show up? ..because as I said the last SSU or any update I did was back in 2017!聽 I did not want to install KB4490628 separately though since it was not listed so I just went ahead with KB4489878聽 ..hopefully since I assume it’s cumulative it contains everything I need?

      Anyway I installed it, quick and easy,聽and after reboot I ran abbodi86 telemetry cmd聽and here’s what it did:

      abbodi86telemetry

      ..it was nice not to fuss with doing it all manually any more!聽 I see there was some things in the script it says it did not do, and I assume that was because of obvious reasons?聽I changed the script to聽/t 30 ..only because I needed an extra moment to take the screenshot and I only had one chance to catch what it said, so I made sure I had time and gave it 30 secs

      Thank you abbodi86

      Attachments:
      • #347255 Reply

        PKCano
        Da Boss

        So I go to Windows update expecting to find all kinds things since I鈥檝e been in group b for so long, but the only thing I saw needed (besides NET, Visual c++) was this 2019-03 monthly Quality Rollup for Win7 KB4489878 ..oddly though I did not see Service Stack Update KB4490628 that was suppose to be there, and I don鈥檛 have it installed either 鈥 why did the SSU not show up?

        The Servicing Stack did not show up because it HAS to be installed exclusively (by itself). It does not show up in the Important Updates queue until there are no pending updates (checked or unchecked) in the update queue. The Servicing Stack is the update for the updating mechanism and is very important. You should install it.

        I see there was some things in the script it says it did not do, and I assume that was because of obvious reasons.

        The script needs to be run as “System,” not just from an eleveted command prompt. Along with the script, there is a command line in @abbodi86 ‘s AKB that sets up a Scheduled Task, run as “System” on bootup. To make it work, locate the script in the correct folder and run the command to create the Scheduled Task as per the instructions in the AKB.

        2 users thanked author for this post.
      • #347407 Reply

        abbodi86
        AskWoody_MVP

        Like @pkcano said, while it’s best to create/run Scheduled Task as “System”, there is no need to worry about those Access denied files, they don’t have an effect as long as DiagTrack service and WMI tracker are disabled, and the Appraiser tasks

        1 user thanked author for this post.
    • #347276 Reply

      BobVila
      AskWoody Lounger

      I created a new reply to you PKCano and it showed up, but聽when I edited it and submitted then it聽completely disappeared? Was it聽deleted?聽…I’m just learning this forums format so,聽pardon. I will retype it again…

      The Servicing Stack did not show up because it HAS to be installed exclusively (by itself). It does not show up in the Important Updates queue until there are no pending updates (checked or unchecked) in the update queue. The Servicing Stack is the update for the updating mechanism and is very important. You should install it.

      Okay then, thank you. I created a partition image just before I started so I will just restore it and do it in the correct order this time with the SSU manually done first聽– if that would be best?聽 I don’t mind restoring聽at all it’s easy, and actually prefer it if it’s the best thing to do here?

       

      The script needs to be run as 鈥淪ystem,鈥 not just from an eleveted command prompt. Along with the script, there is a command line in @abbodi86 鈥榮 AKB that sets up a Scheduled Task, run as 鈥淪ystem鈥 on bootup. To make it work, locate the script in the correct folder and run the command to create the Scheduled Task as per the instructions in the AKB.

      Most things say succeeded, and I thought the few things listed in my screenshot that did not succeed was just because I already聽had all the tasks previously set聽disabled and in Services had the tracking disabled too. Most of his script worked and I see the things deleted out of the task scheduler now. PCKano you are saying聽not even if I right click and run as Admin it won’t work?

      I can set it up as a task but only want/need to run once, but reading it again聽abbodi86 says in the first post:

      鈥 execute it after installing the Monthly Rollup and rebooting
      you only need to run it once, and to be safe, once after each new rollup installation

      …that’s what I did – does his first posts first method聽need to be re-worded again because I’m confused. It says just run it once each time you install a new rollup,聽and so it’s a cmd file and so I just ran it,聽even right click to run as admin.聽 If there was more to his first method why is it not listed?聽..thanks for your patience.

      • #347279 Reply

        PKCano
        Da Boss

        Your original reply got caught in the spambucket. It was due to too fast on the trigger with submit/edit/submit/edit. Slow down and let the system catch up between operations.

        1 user thanked author for this post.
      • #347284 Reply

        PKCano
        Da Boss

        The telemetry functionality of KB2952664 was built into the 2019-09 Preview Rollup and the subsequent Monthly Rollups starting with 2019-10 SQMR. That’s the reason to necessitate rerunning the script.

        The command creating the Scheduled Task sets it up to run as “System” on bootup. I guess if you have manually deleted the Diagtrack and CEIP related parts, you should be OK. But I don’t trust MS to not put them back next month, so I set mine up to automatically execute as a Scheduled Task. Maybe I’m just lazy! LOL 馃檪 (or my memory is failing in my old age)

        1 user thanked author for this post.
    • #347314 Reply

      BobVila
      AskWoody Lounger

      Thank you PKCano. You really didn’t answer my main questions though;聽also to say I didn’t manually delete Diagtrack etc but聽his script did, with his 1st way which聽just says to execute it聽and is how I ran it.聽But you said no and that I needed to to it as a “System” task on boot up.聽 Well so I just ran his 2nd way聽adding in his聽scheduled task script was pretty easy. I even see the task added in there now as W10Telemetry, and so I rebooted to let her run and tracked what it did but聽really聽don’t see it did anything more because I ‘think’聽as my above聽screenshot shows, it already did everything that was there available to do in his first method.

      Did you look at my screenshot above?聽 Perhaps when abbodi86聽looks at the screenshot since he wrote the script he will understand right away what was done or what’s聽needed now.聽 I really don’t think I need to do anything more?聽 The question though was and is his method #1 to Manually run his聽‘W10Tel.cmd’ good enough? Yes/No? ..or is it better to run his method 2 within the task scheduler – I like some clarification on this from聽abbodi86 too if I may please.

      Also my聽hinting asking you did I need to restore my OS image and do it all again just because I did not install聽the latest KB4490628 Servicing Stack Update first? ..so聽just now instead of restoring I installed it was聽very quick wanting no reboot.聽I see聽this SSU KB4490628聽changed the previous version numbering聽from 6.1.7601.18766 up to 6.1.7601.24383.聽 Also just checking聽at WU it聽still has nothing new for me.

      I’ve now set his W10Telemetry task as disabled and won’t need to run it until I do the next rollup when its imperative. Or聽like he says I will just run his method #1聽‘W10Tel.cmd’ Manually after the next time I do a cumulative rollup. Yes/No

      Thank you

      • #347319 Reply

        PKCano
        Da Boss

        Manually or as a Task – whatever gets the job done. Until you forget to run it……..

        If the SSU installed, you should be good. No need to restore.

        2 users thanked author for this post.
    • #347487 Reply

      BobVila
      AskWoody Lounger

      Like @pkcano said, while it鈥檚 best to create/run Scheduled Task as 鈥淪ystem鈥, there is no need to worry about those Access denied files, they don鈥檛 have an effect as long as DiagTrack service and WMI tracker are disabled, and the Appraiser tasks

      Thank you.聽 I’ll do both then, I like to manually look at what the cmd prompt says when I first manually run 鈥榃10Tel.cmd鈥櫬燼fter an update, and then manually聽reboot, but before rebooting聽I will also toggle my Schedule Tasks W10Telemetry back on and then let it聽reboot… might not be necessary to do it both ways but won’t hurt right… (then afterwards I’ll disable the task until the next time I update (which is not often) ..because聽no sense to have it run everyday for no reason right ..until of course the next update. I only update once every few months anyway when something is imperative or is the right MS-DEFCON

      Thanks again, and nice work

      PS –聽it feels GREAT to move to the easier Group A now.. I see why Woody (and others) suggest it.

    • #348182 Reply

      BobVila
      AskWoody Lounger

      Is there a script like this for Win10 to聽neutralize telemetry on Win10 too?

      I’ve seen some programs like O&O etc, but just wondering if someone is maintaining a聽script to do it like is done here,聽or if it’s not that easy since 10 is more complex, what is the best聽program to do it on Win10?

      • #348257 Reply

        abbodi86
        AskWoody_MVP

        No

        Telemetry is deeply baked into Windows 10, disabling it completely is a lost cause
        disabling it mostly might break other things

        5 users thanked author for this post.
        • #348302 Reply

          EP
          AskWoody_MVP

          not only that but (here’s the shocker) disabling telemetry completely in win10 “encourages” the win10 update assistant to upgrade any machine to the newest feature update available (unconditionally), regardless of windows update blocking settings, bypassing them [aka. “forced automatic upgrades”].

          remember this old Computerworld article folks:
          https://www.computerworld.com/article/3261570/microsoft-forces-win10-1709-upgrades-on-pcs-set-to-restrict-telemetry.html

          back then in that article, someone using O&O Shutup10 to disable telemetry completely (the diagnostic data set to 0) caused a Win10 machine to force upgrade to v1709.

          so in essence attempting to disable telemetry completely in win10 seems to make things worse, not better.

          5 users thanked author for this post.
    • #348369 Reply

      BobVila
      AskWoody Lounger

      Okay thank you guys, I understand don’t try to disable telemetry completely, and so then what is the balance, what is the聽most practical聽method that can be safely done聽with Win10?

      I know I want to at least stop Win10 from auto updating itself, and perhaps this link below ‘may be’聽the latest method聽– have you seen this one: ?

      https://github.com/WereDev/Wu10Man

      …or is there something better? (Yes EP I read the Computer world article, thank you)

      As far as telemetry, again what are the聽minimal things we can do to tame it, without causing a fuss?

      (I don’t mind if you move this post as I don’t want to hijack this Win7/8.1 thread.聽 I have Win7, Win8, and Win10 computers on my network, and Win7/8 worked perfectly with your W10Tel.cmd – I love it, thank you! …now I need to do a similar (or at least a minimum)聽of settings for Win10)

      • #348367 Reply

        PKCano
        Da Boss

        Create a Topic under the version of Win10 you have. Make the title reflect your question about limiting telemetry.

        You can use the Forum tree at the bottom of the right-hand (woodgrain) panel to find the link you need. Topic creation is at the bottom of the page in that Forum. Good exercise!

        3 users thanked author for this post.
    • #1874954 Reply

      anonymous

      Many thanks for the removal script!

      Just one question: If I understood it correctly, the script first adds a value HaveUploadedForTarget to the key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Appraiser, and a few steps after, it deletes the whole Appraiser key.

      Is this supposed to be this way or should it be the other way round?

      2 users thanked author for this post.
      • #1875123 Reply

        abbodi86
        AskWoody_MVP

        It actually should be the other way around, but the HaveUploadedForTarget may not haveany effect

        anyway, updated the script and added support for Win7 EOS KB4493132

        5 users thanked author for this post.
        • #1875310 Reply

          anonymous

          Great, thanks for the quick reply & fix!

    • #1883369 Reply

      Pierre77
      AskWoody Plus

      KB 4493123 has reared its ugly head again on PCs running Windows 7 Home Premium x64 as of today 24 July (Sydney Australia date). Have hidden them again.

      1 user thanked author for this post.
    • #1884955 Reply

      EP
      AskWoody_MVP

      born is reporting about the KB4493132 update showing up again recently:
      https://borncity.com/win/2019/07/24/windows-7-new-notification-update-kb4493132-july-2019/

      the enterprise and professional editions of Windows 7 will not be offered the KB4493132 update; only “consumer” editions of Windows 7 (home and ultimate) will have it offered

      • This reply was modified 4 months, 2 weeks ago by  EP.
      1 user thanked author for this post.
    • #1896548 Reply

      anonymous

      @abbodi86 and all –

      Is it possible to get a listing of the W10Tel.cmd script if it is not too big? Our network policy blocks download sites for security reasons. We would be violating policy if we download it from a different network… That’s a no-no.

      • #1896562 Reply

        PKCano
        Da Boss

        You can copy and paste it into Notepad. It’s just a small amount of text. Then save it as .cmd on your computer.

        2 users thanked author for this post.
    • #1899530 Reply

      TonyC
      AskWoody Lounger

      My home PC (Win 7 x64) has 3 user IDs defined on it: a user ID with administrative privileges which I use only for system maintenance tasks, a user ID without administrative privileges which I use for day-to-day tasks, and a similar user ID that my wife uses for her day-to-day tasks. If I wish to use W10Tel.cmd on my system, is it sufficient to run it on the user ID that I use for system maintenance tasks, or do I have to run it on all 3 user IDs?

      • #1899682 Reply

        abbodi86
        AskWoody_MVP

        All the changes done by the script are system-wide (except the Win 7 EOS notification part (which you don’t need if you don’t install KB4493132)

        running it with the administrative user ID would be enough for all

        3 users thanked author for this post.
        • #1900975 Reply

          anonymous

          ? says:

          sorry to bother, can i cut :

          :: ############################
          :: # End Of Support KB4493132 #
          :: ############################
          From there to the end of this section.

          to not run the EOL portion and still have the functionality of your patch? in case the winx upgrade appraisal components are (somehow) added between now and 1/2019. i’m planning to run without “Security Only” patches that contain this “appraisal” nonsense while updating IE and MSE until then…

          thank you!

          Moderator note: Please do not publish @abbodi86 ‘s script on this site.

          • #1901007 Reply

            anonymous

            ? says:

            my apologies, will not do that again

          • #1901056 Reply

            abbodi86
            AskWoody_MVP

            Yes, no problem
            be sure to keep the :proceed line

            • #1901141 Reply

              anonymous

              ? says

              abbodi86:

              reply much appreciated, so i can cut from:

              if (…聽 blah blah…) (7601 go to) :proceed (from here)

              cut all of EOS info

              then pick up at:

              :proceed

              UTC stuff? just want it to work in case i need to run it.

               

               

            • #1901166 Reply

              abbodi86
              AskWoody_MVP

              Yes, basically from line 15 to 31

            • #1901178 Reply

              anonymous

              ? says:

              got it, thank you, kind sir! i see the green defcon flag has been raised and since i’m nowhere near to be considered a “normal,” (user) or anything for that matter (left-handed, dyslexic) i think i’ll sit back, relax have a cold drink and see how this all plays out…

              again, thank you abbodi86!

            • #1901257 Reply

              walker
              AskWoody Lounger

              @abbodi86:聽聽 Since I don’t know what I’m doing (very computer illiterate), I will just watch and see how things turn out (for the present time).聽聽 Thank you for all of the excellent information and guidance you continually provide for all of us “users”.聽聽聽 You do an outstanding job, which is very much appreciated!聽

      • #1899689 Reply

        Carl D
        AskWoody Lounger

        Tony,

        just run it with your Admin account and it will cover all 3 accounts.

        I don’t have a Windows 7 setup to test it with at the moment but I have always right clicked on W10Tel.cmd and selected “Run as Administrator” from my Admin account (it may prompt to run it as Administrator even if you don’t do that but I’m not sure).

        If you run it from either of the 2 Standard accounts it would probably still prompt you to run it as Administrator and it would probably cover all 3 accounts. Once again, I’m not sure about that so if anyone else knows for sure please chime in.

        Anyway, easiest thing to do would be to just run it from your main Admin account and it will cover all 3 as I have already mentioned.

        Edit: abbodi86 beat me to it (thanks, abbodi). Must learn to type faster.

        2 users thanked author for this post.
    • #1899868 Reply

      ek
      AskWoody Lounger

      In recent years I religiously kept doing a number of tweaks (some described in this thread, some on other blogs) to stop telemetry on my Win 7 systems.聽 But MS kept pushing updates that re-activated telemetry. So frustrating & disappointing.

      The only thing that really works for me – and is easily reversible – was implementing a Pihole adblocker at home and adding a blocklist a github site maintains for blocking MS telemetry.聽 The blocklist works well, is easy to disable if needed and is completely independent of Windows.

    • #1900097 Reply

      Ed
      AskWoody Lounger

      The only one I was able to find there appears to be designed for Win 10’s telemetry and I don’t know if they’d be the same for Win 7. Since you specifically stated you’re running Win 7 is there any chance you could provide more specific info? Like the list’s file name maybe?

    • #1904223 Reply

      TonyC
      AskWoody Lounger

      I ran W10Tel.cmd for the first time on my W7x64 (Home Premium) system today. It generated a number of error messages which are displayed on the screen shot of the command prompt window below.

      W10Tel2

      W10Tel2.cmd is W10Tel.cmd without the W7 EOS KB4493132 section (lines 15 to 31) – I don鈥檛 have KB4493132 installed. As can be seen, I redirected the normal output to a text file, but the error messages appeared in the command prompt window.

      I鈥檓 not expecting an explanation of what each error message means. But I would like to be reassured that such error messages are expected simply because every W7 system is different.

      Attachments:
      • #1904258 Reply

        abbodi86
        AskWoody_MVP

        Such errors are expected, the script is straight forward, it try to remove the registry values and/or files without checking if they exist or not
        actually, running reg query will also output error, therefore, it will not make a difference to check or add

        so, just ignore the errors 馃檪

        to redirect error output add 2>&1 after text file
        W10Tel2.cmd W10Tel2.log 2>&1

        2 users thanked author for this post.
    • #1904253 Reply

      anonymous

      ? says:

      TonyC, maybe have a look at the powershell Bob Villa posted up in #347244 on march 31st while awating abbodi86’s reply?

      1 user thanked author for this post.
      • #1904275 Reply

        TonyC
        AskWoody Lounger

        Yes, I did see Bob’s post and noticed a number of error messages in his command prompt window. Bob appeared to be seeking the same reassurance that I was seeking.

        1 user thanked author for this post.
    • #1904580 Reply

      anonymous

      I had been holding back updates on my systems (Windows 7 and 8.1), and liked the sentiment behind this “script”.

      Anyway, long story, I did not see anything specifically mentioning in this thread that you may need to enable DiagTrack in to install some updates. In my case, KB4507448.

      Check your “Application” event log,聽 and if you see an ‘0x800f0816’ error. Try enabling DiagTrack.

      NOTES:
      Essentially, the message states that it cannot change the state of the update to “staged”:
      Package KB4507448 failed to be changed to the Staged state. Status: 0x800f0816.

      After enabling:
      Initiating changes for package KB4507448. Current state is Resolved. Target state is Staged. Client id: WindowsUpdateAgent.

      That error does not appear to be documented\detailed. For example, in this powershell snippet (NOTE: I feed in two error codes just to confirm the Win32Exception object actually works for the ‘Facility’):

      0x800f0816,0x800f0001 | % { ‘Facility: {0}, Error: {1}, {2}’ -f @(($_ -shr 16 -band 0xfff), ($_ -band 0xffff), ([ComponentModel.Win32Exception]$_).Message) }

      I get these results:

      Facility: 15, Error: 2070, Unknown error (0x800f0816)
      Facility: 15, Error: 1, A section name marker in the INF is not complete, or does not exist on a line by itself

       

      Regard,
      Richard Rudek

    • #1930910 Reply

      anonymous

      ? says:

      @abbodi86,

      if you can tell me why Application Experience (CEIP) runs (RunAsInvoker) (compatibility fix runs because it it blocked?) when i update MSE even though it is disabled in the Task Scheduler i would appreciate it. i am opted in to Basic spynet in MSE settings because the real time scanning only works if opted in. i see the invoker run in event log\application experience and can flush out the xml to %temp% (users\appdata\local\temp:

      “xml version=”1.0″

      Event xmlns=”http://schemas.microsoft.com/win/2004/08/events/event”

      System

      Provider Guid=”{EEF54E71-0661-422D-9A98-82FD4940B820}” Name=”Microsoft-Windows-Application-Experience”/

      EventID>500</EventID Version>0</Version Level 4 /Level Task 0 /Task

      Opcode 0 /Opcode Keywords 0x1000000000000000 /Keywords

      TimeCreated SystemTime=”2019-09-01 Z”/

      EventRecordID 514 /EventRecordID Correlation/ Execution ThreadID=”2184″ ProcessID=”2540″/

      Channel Microsoft-Windows-Application-Experience/Program-Telemetry /Channel

      Computer ?-PC /Computer Security UserID=”S-1-5-20″/ /System- UserData

      CompatibilityFixEvent xmlns=”http://www.microsoft.com/Windows/Diagnosis/PCA/events”

      xmlns:auto-ns2=”http://schemas.microsoft.com/win/2004/08/events”

      ProcessId>2540</ProcessId

      StartTime 2019-09-01 Z /StartTime FixID {1C2D58C3-DCD2-41E3-BD0B-25F05028C655} /FixID

      Flags 0x40102 /Flags ExePath C:\Windows\SERVIC~2\NETWOR~1\AppData\Local\Temp\MpSigStub.exe /ExePath

      FixName>RunAsInvoker /FixName/CompatibilityFixEvent /UserData /Event”

      thank you!

      • #1931575 Reply

        abbodi86
        AskWoody_MVP

        This is not the Appraiser running

        it’s just regular compatibility fix that’s get applied for some programs, part of Application Experience service

        like i said before, the Telemetry Appraiser hooks in (or hijack) the built-in Application Compatibility Experience tasks and event log channels
        but it’s still function as old behavior and provide compatibility shim for programs

        1 user thanked author for this post.
        • #1931711 Reply

          anonymous

          ? says:

          ok, great! i missed it when you said it before so thank you for repeating yourself and now i know why it’s in the logs. on another note i was checking for old telemetry patches and i have KB3021927 showing in hklm\software\microsoft\windows\currentversion\componentbasedservicing\applicability\evaluationcache with current state value=0 (not installed) and applicability state value=112 (fully installed, available for binding) i installed it when it was offered as an “enhancement” in 2015 and then uninstalled it via wusa when i found out what it really was, so i gusee it is stuck in the win sxs basement…

          thanks again for your reply

        • #1934402 Reply

          abbodi86
          AskWoody_MVP

          You probably mean KB3021917

          ApplicabilityEvaluationCache reflect the result of Windows Update
          it’s deleted with each new update installation or uninstallation, and created by WU upon search

          ApplicabilityState 70 (112) means the update is considered valid by WU and will be offered
          it doesn’t mean the update is installed

          1 user thanked author for this post.
          • #1934438 Reply

            anonymous

            ? says:

            abbodi86, you make the world a much better place! yes, i have middle number dyslexia and KB burnout it is KB3021917 and it only shows up in Nir’s WinUpdatesList tool. and yes as you say the correct ApplicabilityState value is 0x70 (112) (valid).

            so the …\cache is a what if pile rather than a what is pile? no wonder i can’t wusa it out of existence, i already did. i really do appreciate you always generously sharing your knowledge…

            thank you!

            1 user thanked author for this post.
            • #1934463 Reply

              abbodi86
              AskWoody_MVP

              You are welcome

              Yep, only CurrentState reflect the updates status on the system
              0 – not installed
              50 (80) – installed / superseded
              70 (112) – installed / active

              1 user thanked author for this post.
    • #1950206 Reply

      Jim C
      AskWoody Lounger

      Thank you so much.聽 After finding out, Mic-SOB’s again added their telemetry BS, I was ready to throw in the towel. Giving up on all updates, till the bitter end of Win 7. I had already done everything you suggested long ago. The one thing I wasn’t sure about, if I downloaded updates with telemetry included, would telemetry reset what I disable and/or create new files that were deleted? Now I know the answer is No. Thanks again, your hard work is very much appreciated!!!

      1 user thanked author for this post.
    • #1970341 Reply

      WSkxxxk
      AskWoody Plus

      Using the physical-sciences principle of “confirm what you think you know” (but really, I believe am just kicking a dead horse), with the new inclusion (in Sep 2019) by MS of telemetry in Win7 & 8.1 “security only” patches, it appears that there is absolutely no reason to stay in Group B, as you have to use one of the methods of this thread in either Group B or Group A, and in Group B you are passing up Win fixes and improvements.聽 True?

      Any reasons for the contrary?

      • #1970348 Reply

        PKCano
        Da Boss

        You hit the nail on the head.
        If you pass up security-only patches, well, you pass up security.
        You can stop the telemetry, but if you don’t have the security…………

        1 user thanked author for this post.
    • #1974849 Reply

      Lori
      AskWoody Plus

      Thanks! I wouldn’t know how to do the script, but the manual steps were very clear and easy. Much appreciated!

    • #1977797 Reply

      Guest
      AskWoody Lounger

      Could the script be added to include the following?

      The July Security Only update that adds telemetry creates a folder, Migration\WTR, with a file, CompatTelemetry, that lists the changes that include some not already in the script.聽 They are..

      [System.File]
      “%windir%\system32\CompatTel\* [*]”
      “%windir%\system32\ [aepdu.dll]”
      “%windir%\system32\ [devinv.dll]”
      “%windir%\system32\appraiser\* [*]”
      “%windir%\system32\ [acmigration.dll]”
      “%windir%\system32\ [appraiser.dll]”
      “%windir%\system32\ [invagent.dll]”
      “%windir%\system32\ [generaltel.dll]”
      “%windir%\system32\Tasks\Microsoft\Windows\Application Experience\ [Microsoft Compatibility Appraiser]”
      “%windir%\system32\Tasks\Microsoft\Windows\Application Experience\ [ProgramDataUpdater]”
      “%windir%\appcompat\programs\ [FullCompatReport.xml]”
      “%windir%\appcompat\UA\* [*]”
      “%windir%\appcompat\Appraiser\* [*]”

      [System.Registry]
      “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\ClientTelemetry\* [*]”
      “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Appraiser\* [*]”
      “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\UpgradeExperienceIndicators\* [*]”
      “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\OneSettings\* [*]”
      “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\TelemetryController\* [*]”
      “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Shared\ [UpgExIndChecksum]”

      • #1978033 Reply

        abbodi86
        AskWoody_MVP

        CompatTelemetry.inf is used to exclude the listed files and registry if you decided to upgrade Windows 7 to Windows 10 (or 8.1)

        removing that file or any other related system files will break SFC integrity

        and it’s not needed at all
        like i said, disabling the schedule tasks and WMI logger should be enough

        2 users thanked author for this post.
    • #2017648 Reply

      abbodi86
      AskWoody_MVP

      Updated W10Tel.cmd script with entries to suppress Win 7 EOS notification (installed with KB4530734 and SO KB4530692)
      https://pastebin.com/zeJFe08G

      • This reply was modified 1 day, 9 hours ago by  abbodi86.
      2 users thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: 2000012: Neutralize Telemetry & Sustain Win 7, 8.1 Monthly Rollup Model

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel