News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • 8.1 and telemetry…

    Home Forums AskWoody support Windows Windows 8.1 Questions: Win 8.1 (and Win 8) 8.1 and telemetry…

    Tagged: 

    This topic contains 21 replies, has 7 voices, and was last updated by  EP 2 weeks, 5 days ago.

    • Author
      Posts
    • #1951345 Reply

      krism
      AskWoody Lounger

      So you have my attention. A couple days ago woody said that the 09 patches were going to actually add telemetry.

      So I grabbed the first 5 pages of https://gist.github.com/xvitaly/eafa75ed2cb79b3bd4e9 and checked my new system. removed and hid kb3044374 and kb2976978. Left kb3138615. Then I did control panel
      administrative tools
      task scheduler
      disable these:
      \Microsoft\Windows\Application Experience\ProgramDataUpdater
      \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser
      \Microsoft\Windows\Application Experience\AitAgent

      But the more I read, the more I am told that there is no way to stop telemetry and still get updates. And this seems to change moment to moment, and opinion to opinion.

      What to do?  Thanks!

    • #1951815 Reply

      Microfix
      Da Boss

      Unfortunately we can’t stop all the telemetry although we can prevent it from reaching it’s destination 😉

      Blocking certain IP’s via any firewall has benefits!
      Tip: Backup your existing firewall settings prior to making any changes.

      There are 3rd party programs out there that can assist in this area such as WPD
      I’ve used this in the past to good effect in windows 7/8.1 and 10, however, I did encounter a site that I use which was blocked by default and freed myself such as outlook 13.107.42.11

      Once I was happy with the firewall ruleset, I exported it for safe keeping as a backup for each OS.

      There are other settings within WPD that will require investigation on your part that also help neutralize unsavoury issues. But for now, look at your firewall rules is my advice.

      (Disclaimer: I have no affiliation with WPD etc..)

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      1 user thanked author for this post.
      • #1952114 Reply

        krism
        AskWoody Lounger

        Many thanks!!  Running 8.1 Pro with windows firewall and BitDefender – ThinkPad T530-2394-3J8, i5-3380M 2.9GHz, Win8.1 Pro x64, 8GB(15GB/s), Sammy 250GB SSD. I downloaded and ran WPD but it doesn’t seem to do anything. I do not have windows defender probably because I am using bitdefender. I tried switching on in WPD windows filtering platform, but neither seems to block the first one in the list 134.170.58.0 – it just times out. Or do I need to turn windows firewall off and turn bitdefender off and turn windows defender on and hope that WPD will function as a firewall (which someone somewhere seemed to indicate it would). Many thanks!!!  Or I suppose I could put the list in hosts but that apparently is easily gotten around by MS.

        • This reply was modified 4 weeks, 1 day ago by  krism.
    • #1952160 Reply

      krism
      AskWoody Lounger

      reply to myself (I talk to myself a lot) I looked in windows firewall/oubound rules and at the top is “WPD MS Telemetry IP Block V35” with all the definitions therin. I do not know if I had to click “copy rules” in WPD but I did so a bunch of times(also to paste into notepad so I have a copy). I note that WPD says spy(checked) ON Windows defender firewall – even though I do not have windows defender running (probably since bitdefender is running?)
      I am only using Blocker/spy.
      When I test the addys in FF it immediately returns with “unable to connect”.
      So I believe I am set. Just run it occasionally to get an update.
      Correct me if I am wrong, please! Thanks!!!

      • This reply was modified 4 weeks, 1 day ago by  krism.
    • #1952171 Reply

      Microfix
      Da Boss

      Ok I see you have achieved the ruleset import cool! 🙂
      For the benefit of others and yourself in future:
      Once you have downloaded WPD,
      run it (whilst online) and click the following selections with the red arrow:

      1

      2

      This will download the firewall ruleset for windows firewall.
      Once done, check the windows firewall to see if the following ruleset has been applied by going to:
      Control Panel/ Windows Firewall/ Advanced Settings/ Outbound rules

      3WF

      My screenshot shows WPD MS Telemetry IP Block V31, yours shows V35 as I have edited mine and not updated for a while.
      I had been following crazymax for a while on github who has his own equivalent IP SpyBlocker but preferred WPD for it’s simplicity and crazymax IP block findings. Best of both IMO

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      Attachments:
      1 user thanked author for this post.
    • #1952179 Reply

      Microfix
      Da Boss

      Double clicking on the Firewall Ruleset for WPD MS Telemetry IP Block V35 and going to scope tab (as shown)

      FWscope

      By clicking on ‘these IP addresses’ one can edit/add or remove IP’s you need to access. When you need to access a site that won’t load, this is where to come to search for the corresponding IP to delete it. This doesn’t take that long comparing to your bookmarks/ favorites IP addresses.

      Once this is all done and your happy, export the firewall settings somewhere safe.

      Note: Not only does this work for Win 8.1 but also for Win7 and 10

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      Attachments:
      1 user thanked author for this post.
    • #1952191 Reply

      anonymous

      I went a different route (prefer doing as much as possible manually or without additional software), so used abbodi86’s guide (here) to disable telemetry tasks and services for my Windows 7 and 8.1 systems. It has worked well so far as all tasks and services stay disabled even after installing monthly rollups.

      For the Windows firewall, I went a little further and set it to block ALL outbound traffic then added a few outbound rules for only items that need it (ex. Firefox, Outlook, Windows Update, TCP port 445 to map a network drive on a local NAS, etc.).

      • #1962605 Reply

        KP
        AskWoody Plus

        I also use abbodi86’s Guide – Manual Method; I think there are no ill-effects.

        What sounded interesting is the WPD software.

        • #1962667 Reply

          krism
          AskWoody Lounger

          There are lots of manual approaches out there, each of which speak to different areas – KBs, telemetry, etc etc etc. They all require I know something – know a lot, actually. The nice thing about WPD is that I don’t have to know anything , particularly about telemetry, as i have no idea which ip to block. I installed WPD and let the first section be as it defaults. For the 3rd section, I deleted all of the apps since I need none of them. For the 2nd, telemetry blocker, section, I use only the “spy” section. That puts about 170 into the windows firewall and I don’t have to do any thinking at all unless something is blocked that I need.  I did separately disable 3 things in task scheduler and uninstall 2 KBs. Easy, and I AM into lazy!!!  I have had nothing be blocked that I needed. easy. Not that it matters but I don’t answer any GRC pings.

          • This reply was modified 3 weeks ago by  krism.
          1 user thanked author for this post.
          • #1962676 Reply

            Microfix
            Da Boss

            The ‘Privacy’ section also works well without looking for GPedit/ Registry/ Task Scheduler settings 😉
            I’ve also done abbodi86’s guide and completely removed the Diagtrack service to no ill effects on our 3 Win7/8.1 Pro systems.

            ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

            • #1962726 Reply

              krism
              AskWoody Lounger

              edit: bad initial answer. changed: Thanks. Yeah, I allowed it (the first section of WPD) to default. Should I be changing things in there? Thanks @microfix !!!

              EDIT: okay, I stopped and disabled the Diagnostics Tracking service and rebooted. we’ll see if it causes me any probs. Thanks! I’ll add that to my little list!

              • This reply was modified 3 weeks ago by  krism.
              • This reply was modified 3 weeks ago by  krism.
              • This reply was modified 3 weeks ago by  krism.
            • #1962744 Reply

              krism
              AskWoody Lounger

              continuation of above post: much of the stuff recommended by abbodi86 scares me – like the registry stuff, particularly because I feel that at some point in time this may be/have been correct, but since MS is continually trying to outsmart us, it will continually need to be changed. The makers of WPD seem to be involved in keeping it current – I assume that means a lot of continual packet sniffing. I do not see that this command stack is being kept up to date.

    • #1952198 Reply

      krism
      AskWoody Lounger

      @microfix! Many many thanks for that very clear guide! WPD should have that in their FAQ! I wish woodys could pin that somewhere! I printed it and also saved the pertinent part to a PDF so I will always have easy access to that in future years. Q: how do you keep it from updating? It seems as though just starting it causes/allows it to update?

      @anon would that really do it ? or might some stuff sneak by 445 etc? I truly don’t know – just wondering.

    • #1952226 Reply

      anonymous

      “@anon would that really do it ? or might some stuff sneak by 445 etc? I truly don’t know – just wondering.”

      No, TCP port 445 doesn’t have anything to do with telemetry. It’s part of the Server Message Block (SMB) protocol used to access network file shares (ex. on a local network server).

    • #1964307 Reply

      Gordski
      AskWoody Plus

      Unfortunately we can’t stop all the telemetry although we can prevent it from reaching it’s destination 😉

      Blocking certain IP’s via any firewall has benefits!
      Tip: Backup your existing firewall settings prior to making any changes.

      There are 3rd party programs out there that can assist in this area such as WPD
      I’ve used this in the past to good effect in windows 7/8.1 and 10, however, I did encounter a site that I use which was blocked by default and freed myself such as outlook 13.107.42.11

      Once I was happy with the firewall ruleset, I exported it for safe keeping as a backup for each OS.

      There are other settings within WPD that will require investigation on your part that also help neutralize unsavoury issues. But for now, look at your firewall rules is my advice.

      (Disclaimer: I have no affiliation with WPD etc..)

      Hi,

      You might want to take a look at the freebie app from SpyBot, ‘Spybot Anti-Beacon’.
      This lists out all Microsoft telemetry gubbins secreted on your PC and enables you to select them all individually and disable them. In the event of updates / patches adding back the telemetry features on restart SpyBot AntiBeacon pushes them off. If need be you can switch individual telemetry enties back on.

      SpyBot Anti-Beacon found 143 entries on my laptop all of which are now ‘immunised’.

      Comment from SPYBOT …….

      Why do you need anti-telemetry?
      We at Safer-Networking Ltd (SpyBot) respect Microsoft’s wish to get feedback from users to improve their operating system, but we firmly believe it is the user’s right to choose how much of their data they wish to share.
      While Microsoft have included the ability to disable certain telemetry options in Windows 10, it can be quite difficult to disable all of these manually. For this reason, we have created a tool that will do this with the click of a button, and can be updated to include telemetry additions added by Microsoft in the future.
      Why should I choose Spybot Anti-Beacon?
      It’s sincere – Spybot Anti-Beacon is transparent and open in what is does, listing details of the changes it makes to your system for those interested.
      It’s affordable – Actually, it’s free! And it’s created by a passionate, privacy-concerned team. There are a lot of anti-telemetry instructions, scripts and tools on the Internet, but we’re careful to include only the real things.
      We are comprehensive – Spybot Anti-Beacon lists optional features to block on a separate page. Our team uses cutting-edge technology and have extensive experience working with malware and spyware.
      It’s flexible – if you’re the family tech guy, you can simply pick up the Portable Edition and carry it on your thumb drive.
      It’s user friendly – press one button and you’re done!
      A simple but clever solution.

      1 user thanked author for this post.
      • #1964389 Reply

        GoneToPlaid
        AskWoody Plus

        Interesting. I will have to check out their other utilities as well. Their Spybot Identity Monitor utility has caught my interest. Spybot’s web site states that they are located in Ireland. The actual company name is Safer-Networking Ltd. Note that I have not yet tried any of their utilities.

    • #1964544 Reply

      anonymous

      ? says:

      does “spybot.” still modify the Hosts file?

      https://www.howtogeek.com/howto/27350/beginner-geek-how-to-edit-your-hosts-file/

      1 user thanked author for this post.
      • #1964548 Reply

        Microfix
        Da Boss

        One of the main reasons I dropped spybot anti-beacon a good while back in favor of WPD.

        ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

        1 user thanked author for this post.
        • #1964716 Reply

          EP
          AskWoody_MVP

          I still use spybot anti-beacon portable edition (not the normal or installable one) to turn off some of the telemetry (not all of it) on my dad’s Toshiba based Win8.1 laptop

    • #1964565 Reply

      anonymous

      ? says:

      thank you, Microfix! i do my best to keep the base os stock and when i installed Spybot on XP last decade was supprised to see what was in the Hosts file as i used to visit it occasionally to check for outside modification(s). good to know WPD leaves the Hosts file as is…

    • #1964681 Reply

      krism
      AskWoody Lounger

      Glad this thread is getting some mileage!

      Spybot was actually the first thing I tried and they wanted money but when I tried to paypal them they (spybot) required my address etc, so I emailed spybot and uninstalled spybot. Then i got @microfix ‘s info about WPD and the rest is history.

      @microfix : I just let the first WPD section default – it says it’s doing 14 basic and 2 additional – do I need to ad anything there? ; in the Blocker section I just use “spy” because I do use Skype occasionally. so that’s about 170 IPs. WPD must be doing an awful lot of packet sniffing to keep up with MS!!! – and that is precisely what I wanted to avoid and why I like WPD: no endless packet sniffing on my end. btdt. pita. I deleted all of the MS apps in the 3rd section so no problem there.

      But repeating a concern I mentioned earlier about all the registry mods in abbodi86 ‘s script would often/occasionally need to be changed to keep up with MS I would think, but then I don’t know!

    • #1964684 Reply

      Microfix
      Da Boss

      You can activate the ‘spy section’ and it will add more firewall rulesets, if however, you run into problems accessing some sites, you need to get the IP of that site and remove it from the WPD Spy IP Block V35 ruleset added to your firewall. This is done within the Scope section.

      It takes time and effort to do so but, IMO it’s worth it on an individual end-user basis.

      ********** Win7 x64/x86 | Win8.1 x64 | Linux Hybrids x64 **********

      1 user thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: 8.1 and telemetry…

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.