Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Martin Brinkmann’s deep dive into removing telemetry in Win7 and 8.1

    Home Forums AskWoody blog Martin Brinkmann’s deep dive into removing telemetry in Win7 and 8.1

    This topic contains 34 replies, has 10 voices, and was last updated by  Anonymous 2 months, 1 week ago.

    • Author
      Posts
    • #93675 Reply

      woody
      Da Boss

      On the heels of Günter Born’s discoveries about the just-reissued “snooping” Win7 and 8.1 patches KB 2952664 and KB 2976978, Martin Brinkmann at Ghack
      [See the full post at: Martin Brinkmann’s deep dive into removing telemetry in Win7 and 8.1]

      5 users thanked author for this post.
    • #93681 Reply

      Microfix
      AskWoody Lounger

      Funnily enough, I have done all of this via various forums and walkthroughs except the firewall blocks.

      Blocking Microsoft Servers

      Caution: Some servers and IP addresses may be used by other Windows services. If you notice that some are not working anymore, disable them one by one until you find the culprit that you need to exclude from the blocking.

      Note: the following servers cannot be blocked using the hosts file. You need to block them using another means, e.g. router firewall or installed firewall.

      onesettings-hk2.metron.live.com.nsatc.net
      onesettings-bn2.metron.live.com.nsatc.net
      onesettings-cy2.metron.live.com.nsatc.net
      vortex-hk2.metron.live.com.nsatc.net
      vortex-db5.metron.live.com.nsatc.net

      Other servers you may want to block:

      134.170.30.202
      137.116.81.24
      204.79.197.200
      23.218.212.69
      65.39.117.230
      65.55.108.23
      a-0001.a-msedge.net
      choice.microsoft.com
      choice.microsoft.com.nsatc.net
      compatexchange.cloudapp.net
      corp.sts.microsoft.com
      corpext.msitadfs.glbdns2.microsoft.com
      cs1.wpc.v0cdn.net
      df.telemetry.microsoft.com
      diagnostics.support.microsoft.com
      fe2.update.microsoft.com.akadns.net
      feedback.microsoft-hohm.com
      feedback.search.microsoft.com
      feedback.windows.com
      i1.services.social.microsoft.com
      i1.services.social.microsoft.com.nsatc.net
      oca.telemetry.microsoft.com
      oca.telemetry.microsoft.com.nsatc.net
      pre.footprintpredict.com
      redir.metaservices.microsoft.com
      reports.wes.df.telemetry.microsoft.com
      services.wes.df.telemetry.microsoft.com
      settings-sandbox.data.microsoft.com
      settings-win.data.microsoft.com
      sls.update.microsoft.com.akadns.net
      sqm.df.telemetry.microsoft.com
      sqm.telemetry.microsoft.com
      sqm.telemetry.microsoft.com.nsatc.net
      statsfe1.ws.microsoft.com
      statsfe2.update.microsoft.com.akadns.net
      statsfe2.ws.microsoft.com
      survey.watson.microsoft.com
      telecommand.telemetry.microsoft.com
      telecommand.telemetry.microsoft.com.nsatc.net
      telemetry.appex.bing.net
      telemetry.appex.bing.net:443
      telemetry.microsoft.com
      telemetry.urs.microsoft.com
      vortex.data.microsoft.com
      vortex-sandbox.data.microsoft.com
      vortex-win.data.microsoft.com
      watson.live.com
      watson.microsoft.com
      watson.ppe.telemetry.microsoft.com
      watson.telemetry.microsoft.com
      watson.telemetry.microsoft.com.nsatc.net
      wes.df.telemetry.microsoft.com

      Is there a quick method to implement these firewall blocks other than one by one? (using windows firewall) or is it trial and error per device and set-up?

      | x64 Group B: W7 Pro & W8.1 Pro | | x64 Group W: 3 x Linux Hybrids |
        No problem can be solved from the same level of consciousness that created IT - AE
      3 users thanked author for this post.
      • #93696 Reply

        woody
        Da Boss

        Wish I could thank you twice!

        As for automating it – take a look here

        http://windowsitpro.com/powershell/hand-crafted-firewall-rules-powershell

        Anything strike you?

        • #93729 Reply

          Microfix
          AskWoody Lounger

          Thanks for the ‘Hand-Crafted Firewall Rules with PowerShell’ link Woody, will tinker with this on our other machine when time permits.
          Hmm..as for the firewall rule-set scripting posted anonymously,
          I’ll sit on it for now until MrBrian has researched the new patches and posted the findings.
          Thanks guys

          | x64 Group B: W7 Pro & W8.1 Pro | | x64 Group W: 3 x Linux Hybrids |
            No problem can be solved from the same level of consciousness that created IT - AE
      • #93889 Reply

        Noel Carboni
        AskWoody MVP

        If you’re really serious about your firewall, check into the Sphinx Windows Firewall product. It’s what I use. It leverages the Windows Base Filtering Engine with a MUCH more manageable configuration interface. A key feature is that you specify sites to block by name, and it manages the ongoing correlation between name and address by watching DNS resolutions.

        There were several in Martin’s list that I hadn’t seen before (onesettings-*.metron.live.com.nsatc.net) . Now they’re in my firewall block list AND DNS server blacklist.

        I’m a little worried that Martin’s blacklist entry, fe2.update.microsoft.com.akadns.net, might ultimately get in the way of completing Windows Updates. That process seems to need fe2.update.microsoft.com (without the CDN name extension).

        -Noel

        • This reply was modified 2 months, 1 week ago by  Noel Carboni.
    • #93692 Reply

      anonymous

      My Windows 7 advice, which is based upon my testing at https://www.askwoody.com/forums/topic/care-to-join-a-win7-snooping-test/, is gentler, and each action in my advice can be individually undone at a later date if needed. That thread may seem a bit disjointed now because comment nesting levels were lost during Woody’s recent comment migration.

      The first step in my advice is to turn off the operating system’s Customer Experience Improvement Program, as shown in Mr. Brinkmann’s article.

      Turning off the operating system’s Customer Experience Improvement Program isn’t sufficient though; see https://www.askwoody.com/forums/topic/care-to-join-a-win7-snooping-test/#post-21467 for why. As a result, one should also do the actions at https://www.askwoody.com/forums/topic/care-to-join-a-win7-snooping-test/#post-21435 and https://www.askwoody.com/forums/topic/care-to-join-a-win7-snooping-test/#post-21451.

      Note 1: My advice is in regards to only the “bad” Windows 7 updates KB2952664, KB3068708, and KB3080149.

      Note 2: I haven’t yet tested the version of KB2952664 that was released on February 9, 2017. When available, test results will be posted at the first link mentioned in this message.

      MrBrian

      7 users thanked author for this post.
      • #93698 Reply

        woody
        Da Boss

        MrBrian –

        Any chance I could convince you to sign up for an account? I promise it’ll be painless and completely anonymous. Email me woody@askwoody.com

        Using an account would make it sooooo much easier to look at all of your posts.

        And, speaking of which, when the dust settles, if you could pull together your findings on this topic and email them to me, I’ll turn them into a Knowledge Base article. Great stuff….

        7 users thanked author for this post.
        • #93726 Reply

          Microfix
          AskWoody Lounger

          Yes MrBrian,
          The forum would be honoured with your presence as a member given the knowledge and help you have supplied previously.
          Go on, sign up!

          | x64 Group B: W7 Pro & W8.1 Pro | | x64 Group W: 3 x Linux Hybrids |
            No problem can be solved from the same level of consciousness that created IT - AE
          4 users thanked author for this post.
      • #93736 Reply

        ch100
        AskWoody MVP

        @mrbrian
        I believe that you and others have conclusively proved that KB3068708 and KB3080149 are fully compliant with CEIP, so there is no need to take extra steps or avoid those patches or disable services.

        Notes:
        1. KB3022345 rarely gets a mention because it was withdrawn for being faulty, but there is a small chance that those who do not have KB3068708 and/or KB3080149 still have KB3022345 which has the same effect with the other 2 better known and currently supported patches which supersede KB3022345.
        2. It it still unclear to me what KB3021917 is supposed to do. It is often quoted as a telemetry patch, but like KB2952664 is not offered to Windows Server 2008 R2 and it is unticked by default on Windows Update for Windows 7. Windows Server 2008 R2 receives the DiagTrack service via KB3068708/KB3080149, so it is not a matter of Server OS not getting telemetry updates.
        3. If KB30608708/KB3080149 are good enough for Enterprise and Servers, I would suggest that they are good enough for regular end-users.

        • #93764 Reply

          abbodi86
          AskWoody MVP

          only extends bult-in WDI Client and adds a Performance Power Tracker
          i highly doubt it sends any telemetry data

          anyway, it’s related to this task:
          “\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor”

          1 user thanked author for this post.
    • #93709 Reply

      anonymous

      This batch file may help speed up the disabling of tasks. Save as disabletasks.bat. Right-click and run as administrator. Much faster than browsing task scheduler.

      
      @ECHO OFF
      REM --- remember to invoke from ELEVATED command prompt!
      REM --- or start the batch with context menu "run as admin".
      goto check_Permissions
      
      :check_Permissions
          echo Administrative permissions required. Detecting permissions...
      
          net session >nul 2>&1
          if %errorLevel% == 0 (
              goto getgoing
          ) else (
              echo Failure: Current permissions inadequate.
      	echo Close, then right-click file and choose "Run as Administrator"
          )
      
          pause >nul
      :getgoing
      SETLOCAL
      echo [ Remove and Block Win10 for Win7 ]
         echo.
      :prompt
         set /p yesno=* create system restore point? (y/n):  
         if /i "%yesno:~,1%" equ "y" goto rpoint
         if /i "%yesno:~,1%" equ "n" goto main
         echo.
         goto prompt
      
      :main
      
      timeout 5
      
      REM --- Disable tasks
      echo Disabling tasks...
      schtasks /change /disable /tn "\microsoft\windows\application experience\aitagent"
      schtasks /change /disable /tn "\microsoft\windows\application experience\microsoft compatibility appraiser"
      schtasks /change /disable /tn "\microsoft\windows\application experience\programdataupdater"
      schtasks /change /disable /tn "\microsoft\windows\autochk\proxy"
      schtasks /change /disable /tn "\microsoft\windows\customer experience improvement program\consolidator"
      schtasks /change /disable /tn "\microsoft\windows\customer experience improvement program\kernelceiptask"
      schtasks /change /disable /tn "\microsoft\windows\customer experience improvement program\usbceip"
      schtasks /change /disable /tn "\microsoft\windows\diskdiagnostic\microsoft-windows-diskdiagnosticdatacollector"
      schtasks /change /disable /tn "\microsoft\windows\maintenance\winsat"
      schtasks /change /disable /tn "\microsoft\windows\media center\activatewindowssearch"
      schtasks /change /disable /tn "\microsoft\windows\media center\configureinternettimeservice"
      schtasks /change /disable /tn "\microsoft\windows\media center\dispatchrecoverytasks"
      schtasks /change /disable /tn "\microsoft\windows\media center\ehdrminit"
      schtasks /change /disable /tn "\microsoft\windows\media center\installplayready"
      schtasks /change /disable /tn "\microsoft\windows\media center\mcupdate"
      schtasks /change /disable /tn "\microsoft\windows\media center\mediacenterrecoverytask"
      schtasks /change /disable /tn "\microsoft\windows\media center\objectstorerecoverytask"
      schtasks /change /disable /tn "\microsoft\windows\media center\ocuractivate"
      schtasks /change /disable /tn "\microsoft\windows\media center\ocurdiscovery"
      schtasks /change /disable /tn "\microsoft\windows\media center\pbdadiscovery"
      schtasks /change /disable /tn "\microsoft\windows\media center\pbdadiscoveryw1"
      schtasks /change /disable /tn "\microsoft\windows\media center\pbdadiscoveryw2"
      schtasks /change /disable /tn "\microsoft\windows\media center\pvrrecoverytask"
      schtasks /change /disable /tn "\microsoft\windows\media center\pvrscheduletask"
      schtasks /change /disable /tn "\microsoft\windows\media center\registersearch"
      schtasks /change /disable /tn "\microsoft\windows\media center\reindexsearchroot"
      schtasks /change /disable /tn "\microsoft\windows\media center\sqlliterecoverytask"
      schtasks /change /disable /tn "\microsoft\windows\media center\updaterecordpath"
      schtasks /change /disable /tn "\microsoft\windows\pi\sqm-tasks"
      schtasks /change /disable /tn "\microsoft\windows\power efficiency diagnostics\analyzeSystem"
      schtasks /change /disable /tn "\microsoft\windows\setup\gwx\refreshgwxconfigandcontent"
      schtasks /change /disable /tn "\microsoft\windows\windows error reporting\queuereporting"
      echo - done
      timeout 5
      
      REM --- Kill services
      echo Killing Diagtrack-service (if it still exists)...
      sc config DiagTrack start= disabled
      net stop DiagTrack
      echo - done
      
         echo [ Complete - Remove and Block Win10 for Win7 %date% %time% ]
         echo [ Press any key to exit ]
         echo.
         pause >nul
      shutdown /r /f /t 00
         exit
      
      :rpoint
         wmic.exe /namespace:\\root\default path systemrestore call createrestorepoint "Remove and Block 10", 100, 12
         if %errorlevel% == 0 goto main
         echo.
         set /p yesno=" failed to create system restore point. continue? (y/n):  "
         if /i "%yesno:~,1%" equ "y" goto main
         if /i "%yesno:~,1%" equ "n" (
            echo.
            echo [ done - any key to exit ]
            echo.
            pause >nul
            exit
         )
      
      goto prompt
      REM --- EOF
      
    • #93711 Reply

      abbodi86
      AskWoody MVP

      Another bad practice guide
      most of these “aggressive” steps are not required in Windows 7/8.1
      they belong to paranoial Windows 10, which have built-in telemetry

      a real “deep diver” into Appraiser/Diagtrack patches would have found a simpler walkthrough

      and why a very old pre-telemetry era patch like KB971033 is related?

      well, i guess the “confusion” must be fed to keep it going 🙂

      3 users thanked author for this post.
      • #93717 Reply

        woody
        Da Boss

        Hmmmm… So Win7 and 8.1, even with these “snooping” KBs isn’t sending personally identifiable details to Microsoft?

        If that’s the case, why on earth doesn’t Microsoft come out and say it? Promise it?

        You’re as skeptical of Microsoft as I am. 🙂

        • #93722 Reply

          ch100
          AskWoody MVP

          I think @abbodi86 pointed that the script covers a lot more than it should (for Win7/8.1), while rolling back becomes difficult once the damage is done.
          There are a lot less issues to be addressed than those in the script to control telemetry and @abbodi86 posted in the past and I think the analysis done separately by @mrbrian on the old site also addressed those issues comprehensively.
          Those less technical have to understand that Windows is a very complex SYSTEM and rarely one setting does not have influence over the behaviour of the whole. This is even more important for those settings and configurations not exposed in the GUI.

          I post here all that is to control telemetry completely without keeping lists and using
          extreme solutions.

          1. Do not install KB2952664 (I install it, but this is really a very good example of an entirely optional patch, regardless of how it is classified by WU)
          2. Disable CEIP

          There is nothing more to do and it is all supported in full

          2 users thanked author for this post.
        • #93759 Reply

          abbodi86
          AskWoody MVP

          That’s not what i ment or want to discuss, the type/amount of data they send is debatable

          what i mean, for Windows 7/8.1 it’s very easily to isolate or prevent these KBs effects without all those FUD-type steps

          Compatibility Appraiser (aka KB2952664/KB2976978)
          it only add/interact with these schedule tasks:
          “\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser”
          “\Microsoft\Windows\Application Experience\ProgramDataUpdater”
          “\Microsoft\Windows\Application Experience\AitAgent”

          Diagnostics Tracking (aka Unified Telemetry Client / Asimov)
          not avoidable for Monthly Quality Rollup model, but it only adds these components:
          “DiagTrack” service
          “AutoLogger-Diagtrack-Listener” event trace session
          “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Diagnostics\DiagTrack” registry

          the other updates (aka telemetry points) are not affective without active DiagTrack/AutoLogger

          1 user thanked author for this post.
      • #93737 Reply

        Microfix
        AskWoody Lounger

        abbodi86, I agree with you on this as, once these scripts are initiated, how do you know which are the offending ones to the system? (on a relative tangent to your observations)
        There is no undo for a batch script file, which is why I am going to wait for now.
        Thanks for the reminder.

        | x64 Group B: W7 Pro & W8.1 Pro | | x64 Group W: 3 x Linux Hybrids |
          No problem can be solved from the same level of consciousness that created IT - AE
        • #93786 Reply

          abbodi86
          AskWoody MVP

          Deleting files and services, offending

          blocking all those urls is just superfluous, MSFT documents the telemetry endpoints
          https://www.askwoody.com/forums/topic/the-case-for-not-updating-windows-7-ever/#post-21644
          other urls are either Windows 10 related, or forks for official urls

          • #93897 Reply

            Noel Carboni
            AskWoody MVP

            blocking all those urls is just superfluous…

            Microsoft documents the official DNS Endpoints that is used for telemetry:

            basically they are:
            vortex.data.microsoft.com
            vortex-win.data.microsoft.com
            settings-win.data.microsoft.com
            oca.telemetry.microsoft.com
            sqm.telemetry.microsoft.com
            watson.telemetry.microsoft.com

            I guess it depends on whether you consider your system “private” if it isn’t contacting the official telemetry servers. I personally don’t care to have anyone know when I’m at my computer at all, unless I initiate the online connection.

            Make no mistake, Windows contacts a lot of other servers online all on its own. There are more than you listed that indirectly spill the beans.

            Just a few examples:

            • iecvlist.microsoft.com
            • ieonline.microsoft.com
            • r20swj13mr.microsoft.com
            • spynet2.microsoft.com
            • spynetalt.microsoft.com

            And many more.

            There is nothing simple about Windows’ online chattiness. It’s been developed over decades. To be fair, that’s what a “cloud-integrated” system is about. But the simple fact is that some people prefer NOT to be “cloud-integrated”.

            -Noel

      • #93894 Reply

        Noel Carboni
        AskWoody MVP

        I tend to agree about blocking the various updates in complex ways. A fully updated system can be generally protected from spilling the beans online. Creating what Microsoft calls a “fragmented” system is NOT a good idea, unless you’re sure the pieces you’re blocking from being installed are entirely separate and well-isolated from everything else. That being said, this is MICROSOFT we’re talking about. What are the chances that ANYTHING is perfectly modular? Especially now in the day and age of them not doing system testing any more.

        Regarding the blacklists… I’ve watched systems contact many sites. Initially a system’s online activity is quite daunting in its complexity, and lists such as what Mr. Brinkman has gathered are helpful for those trying to get a handle on what their systems do.

        I’m glad he listed ALL of Microsoft’s snooping servers, even though Windows 7 or 8 may not be known to contact them today. Microsoft is currently busy making “cumulative updates” for our older systems now, right? Who’s to say they’re not going to shoehorn software in there that contacts today’s “Windows 10-only” servers in the future?

        Also, I have a single DNS blacklist for my entire network, so I was able to compare his entire list with mine (I had a few more Microsoft servers, actually, in my list, but I didn’t have the onesettings-*.metron.live.com.nsatc.net entries he posted).

        Wanting multiple layers of protection from the things you don’t want your computer doing is NOT “paranoia”. It’s simply wanting multiple layers of protection. I suggest keeping an open mind about labeling those who might be more concerned than you are with names they might not appreciate. FUD stands for fear, uncertainty, and doubt – something that’s quite to be expected of folks who haven’t spent a lifetime studying how Windows works.

        MY only worry with publishing this kind of information for all to see is that if enough users follow it, Microsoft will likely notice and up their game, making things worse for everyone. Let’s hope it doesn’t come to that.

        -Noel

        • #93898 Reply

          anonymous

          A few months ago, on a similar thread, someone mentioned that M$ regularly change or “update” the URL’s of their snooping servers, likely bc M$ know that some Win 7/8.1 users are blocking their snooping servers with firewalls.
          So, it may be better to use the whitelisting method for the firewall, instead of the blacklisting method.

          Bear in mind that blocking a M$ snooping server may disable a M$ program or feature.

    • #93712 Reply

      WildBill
      AskWoody Lounger

      As for Mr. Brinkmann’s suggestions, I found I had already installed KB2976978 and KB3080149. I uninstalled them today. The Diagnostic Tracking Service is already disabled and the other KB’s he recommends I can’t find that they’re installed on my 8.1 machine. If I discover them later, I’ll get rid of them. As for KB3044374 (to upgrade from 8.1 to 10); I’ll keep that for now. I still want to upgrade to Windows 10 (hopefully for free). I’m not in the CEIP, so that peeper is taken care of… for now.
      UPDATE: After I uninstalled the updates above, KB3080149 reappeared; Recommended but unchecked. Not letting Windows Update the ability to install anything but Important. However, KB3121461 reappeared as Important. Not part of the list; a Security Update published on 1/11/2016.

      Wild Bill Rides Again...

      • This reply was modified 2 months, 1 week ago by  WildBill.
      • #93714 Reply

        woody
        Da Boss

        The Win10 upgrade from Win7/8.1 is still free as a breeze and working fine. I tested it on Thursday.

        3 users thanked author for this post.
        • #93716 Reply

          WildBill
          AskWoody Lounger

          Wonderful, woody! Still interested in Cortana, the nosy babe… but my Android phone doesn’t have enough storage to update my apps or add her. Unless I uninstalled Pokemon GO… would like to update that & play some again.

          Wild Bill Rides Again...

    • #93727 Reply

      ch100
      AskWoody MVP

      Many files are at version 10.0.14393.0 which brings the patch at the Windows 10 1607 level, but some are at 10.0.14979.1011.
      Which version of Windows 10 is 10.0.14979.1011?

      https://support.microsoft.com/en-us/help/2952664/compatibility-update-for-keeping-windows-up-to-date-in-windows-7

      • #93742 Reply

        abbodi86
        AskWoody MVP

        Very likely RS2 = Creators Update

        the build lab string rs_fun_compat_dev1_apr:
        rs = redstone
        fun = fundamentals
        compat = compatibility
        dev = develpoment
        apr = appraiser

        1 user thanked author for this post.
    • #93735 Reply

      Microfix
      AskWoody Lounger

      On a related side note to this topic,
      I have mentioned this utility before which helps immensely.
      https://www.safer-networking.org/spybot-anti-beacon/

      Tip: Use the portable free edition.

      Ran this 2-3 months ago and never had a problem at all.
      For Win 7,8,& 8.1 but no mention of windows 10 although the scripts cover windows 10 telemetry.

      | x64 Group B: W7 Pro & W8.1 Pro | | x64 Group W: 3 x Linux Hybrids |
        No problem can be solved from the same level of consciousness that created IT - AE
      1 user thanked author for this post.
      • #94013 Reply

        LoneWolf
        AskWoody Lounger

        Like Rob, I too use Spybot Anti-Beacon for home systems. Easy to set up, easy to reverse and remove. It also can update itself, and works on Windows 7 – 10.

    • #93762 Reply

      woody
      Da Boss

      I just got a message from Eric Vaughan, over at Tweakhound.

      He’s just resurrected and dusted off a script for blocking telemetry in Win7. Worth a look, to compare and contrast.

      https://tweakhound.com/2017/02/11/blocking-windows-7-telemetry/

      • #93792 Reply

        abbodi86
        AskWoody MVP

        I still see the dust over the script 😀
        GWX KB3035583 is ended/removed, likewise KB3123862
        KB3068708/KB3075249/KB3080149 are already covered by Monthly rollup, no point of uninstalling/hiding them

        1 user thanked author for this post.
        • #93812 Reply

          Microfix
          AskWoody Lounger

          Cool Woody and thanks to Eric at tweakhound.

          abbodi86, there is nothing stopping anyone downloading/editing/removing non existent paths in the .bat file for their system.
          i.e. all the GWX related data which no longer exists.
          The same applies for .reg files.

          Hmmm…noticed that Windows media player is mentioned, although I don’t use it, I take it that pulse telemetry is still being sent to MS?

          On my tux m/c as I type but, will do surgery on this later this weekend.

          | x64 Group B: W7 Pro & W8.1 Pro | | x64 Group W: 3 x Linux Hybrids |
            No problem can be solved from the same level of consciousness that created IT - AE
          • #93905 Reply

            abbodi86
            AskWoody MVP

            How should i know 🙂
            WMP/Media Center/CEIP stuff exist in Windows 7 since 2009-RTM
            suddenly, the fear makers are seeing them as 2014-telemetry related 😀

    • #93904 Reply

      abbodi86
      AskWoody MVP

      Make no mistake, Windows contacts a lot of other servers online all on its own. There are more than you listed that indirectly spill the beans.

      Just a few examples:

      • iecvlist.microsoft.com
      • ieonline.microsoft.com
      • r20swj13mr.microsoft.com
      • spynet2.microsoft.com
      • spynetalt.microsoft.com

      And many more.

      There is nothing simple about Windows’ online chattiness. It’s been developed over decades. To be fair, that’s what a “cloud-integrated” system is about. But the simple fact is that some people prefer NOT to be “cloud-integrated”.

      -Noel

      Of course it is
      but i’m not discussing all Windows phone-home contacts, the topic is specific about telemetry patches

      mising thing with so-called “snooping” that precede telemetry era doesn’t help except in feeding the FUD

    • #94122 Reply

      anonymous

      W7 x64 SP1 non-techie.
      I see some people in the comments recommended disabling WebCache in the Task Scheduler. What do our resident experts think?

    • #94251 Reply

      Anonymous

      Recently I was given a rather old (from 2013) Lenovo nettop with Windows 10. After some service, including cleaning from the dust, restoring the original configuration (Windows 8 Single Language) and making snapshot of the clean system, I decided to perform a clean installation of Windows 8.1 Single Language. So, I prepared the USB installation media using the Microsoft Media Creation Tool. After installation and activation, the system was updated using the WSUS Offline tool.
      Just in case, I checked the list of installed updates looking for the telemetry updates. Surprisingly, KB2976978 was found in the system with the install date 21.11.2014. It is impossible to uninstall it.
      The WSUS Offline is known not to contain this update, but I additionally checked the updates downloaded by WSUS Offline and KB2976978 was not found. So, the only explanation is that KB2976978 was included to the installation image downloaded from Microsoft.
      It should be noted that:
      1) No other telemetry updates (at least from the list presented in Martin Brinkmann’s post) were found in the system.
      2) The DiagTrack service is absent in the system.
      3) According to the Task Scheduler, the system seems to respect the CEIP opt out choice – even with the corresponding “telemetry” tasks enabled and the triggers set, the “Last Run Time” is “Never” for CEIP tasks (except for Consolidator, which is expected), DiskDiagnosticDataCollector and WinSAT.
      Hope this information can be useful.

      • This reply was modified 2 months, 1 week ago by  Kirsty.
      • This reply was modified 2 months, 1 week ago by  Kirsty.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Martin Brinkmann’s deep dive into removing telemetry in Win7 and 8.1

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.