Resources for Disabling Windows 7 / 8 / 10 Telemetry & Data-Collection

[Delicieuxz]

For Windows 7

 

Disable, Uninstall, and Block, Windows 7 / 8 Telemetry & Data-Collection

 

 

Since around August 2015, Microsoft has occasionally back-added telemetry collection into Windows 7 and 8(.1) through the updates that are installed by Windows Update. 

 

These updates are not required, and can be declined from installing and also will not be downloaded and installed if Windows Update is disabled. But, if a person has automatic updates enabled these updates will be automatically installed. If a person doesn't want these to be installed, they can be quickly uninstalled and blocked from being re-downloaded and installed by running a script that knows which updates to permanently block from being searched-for by Windows Update, and from being downloaded and installed.

 

Aegis Script is one such script, though it was last updated May 18, 2016.

 

The Aegis script will also remove and block any prompts in Windows 7 and 8 about downloading and installing Windows 10.

 

Original script link, and discussion: Script for Win 7/8 to block all telemetry updates and Windows 10 upgrade components

Direct-download backup link for Aegis v1.18: https://mega.nz/#!dhExAbBa!fehYhbTNz5dIBh72psfXLfwv9wMk0uhMpGli-c0pBn4

 

For a list of the Windows 7 and 8(.1) updates that the Aegis script addresses, and also of the post Aegis scrip Windows updates to avoid because they have telemetry in them, see the bottom of this post.

 

 

For identifying data-collection-containing updates since 2016, here is an updated list of which updates to avoid or uninstall: https://pastebin.com/jWX2zHdr

 

 

 

Windows 7 / 8: A thorough guide to identifying telemetry updates, removing the telemetry service, and blocking Microsoft's telemetry servers

 

https://www.ghacks.net/2017/02/11/blocking-telemetry-in-windows-7-and-8-1/

 

 

 

 

 

For Windows 10

 

Disable Windows 10 Telemetry

 

 

Disclaimer: This first suggestion likely has no effect on the amount of telemetry Windows 10 collects

 

It is suggested that Windows 10 telemetry and data collection can be disabled by following the guide here: How to disable Telemetry and Data Collection in Windows 10

 

Note the part of the guide where it says:

Quote

Go to Services and Applications -> Services in the left pane. In the services list, disable the following services:

 

Diagnostics Tracking Service
dmwappushsvc

Since the Windows 10 version 1151 update, "Diagnostics Tracking Service" has been changed to "Connected User Experiences and Telemetry service". So, a person will have to follow the same given instructions regarding "Connected User Experiences and Telemetry service" instead of "Diagnostics Tracking Service" if their Windows 10 version is newer than 1151.

 

 

 

Setting up a custom firewall to block Microsoft telemetry servers

 

Download and install this custom hosts file, and this custom PeerBlock Microsoft IP list which is regularly updated from information obtained via Wireshark: https://encrypt-the-planet.com/windows-10-anti-spy-host-file/

 

Review this thorough guide (a website account is needed to view it): https://encrypt-the-planet.com/completely-disable-windows-10-telemetry/

 

 

 

Privacy Guide for Windows 10 version 1803

 

This guide includes instructions on how to disable or remove various invasive or unwanted aspects of Windows 10. Some of what the guide includes instructions for:

 

- Basic Windows 10 set-up choices

- How to remove various apps, such as Windows Store, and other native Win 10 apps

- How to disable Cortana via registry

- How to remove various telemetry services and scheduled tasks

 

Some of what this guide shows instructions for may already be done by programs such as O & O ShutUp10.

 

https://fdossena.com/?p=w10debotnet/index_1803.frag

 

 

 

O&O ShutUp10

 

Quoted from the develop website:

 

O&O ShutUp10 means you have full control over which comfort functions under Windows 10 you wish to use, and you decide when the passing on of your data goes too far.

 

Using a very simple interface, you decide how Windows 10 should respect your privacy by deciding which unwanted functions should be deactivated.

 

O&O ShutUp10 is entirely free and does not have to be installed – it can be simply run directly and immediately on your PC. And it will not install or download retrospectively unwanted or unnecessary software, like so many other programs do these days!

 

O&O ShutUp10: https://www.oo-software.com/en/shutup10

 

 

 

Spybot Anti-Beacon

 

Another tool for blocking unwanted communication between a PC and Microsoft is Spybot Anti-Beacon: https://www.safer-networking.org/spybot-anti-beacon/

 

 

 

Disconnect Microsoft telemetry server connections

 

From: https://docs.microsoft.com/en-gb/windows/privacy/configure-windows-diagnostic-data-in-your-organization

Endpoints

The Microsoft Data Management Service routes data back to our secure cloud storage. Only Microsoft personnel with a valid business justification are permitted access.

The following table defines the endpoints for Connected User Experiences and Telemetry component:

 

Windows release	Endpoint
Windows 10, versions 1703 and 1709	Diagnostics data: v10.vortex-win.data.microsoft.com/collect/v1 Functional: v20.vortex-win.data.microsoft.com/collect/v1 Windows Advanced Threat Protection is country specific and the prefix changes by country for example: de.vortex-win.data.microsoft.com/collect/v1 settings-win.data.microsoft.com
Windows 10, version 1607	v10.vortex-win.data.microsoft.com settings-win.data.microsoft.com

 

The following table defines the endpoints for other diagnostic data services:

Service	Endpoint
Windows Error Reporting	watson.telemetry.microsoft.com
Online Crash Analysis	oca.telemetry.microsoft.com
OneDrive app for Windows 10	vortex.data.microsoft.com/collect/v1

 

More details on Windows 10 endpoints and ways to disconnect them: https://docs.microsoft.com/en-us/windows/privacy/manage-windows-endpoints

 

 

 

 

 

If you are aware of updated information regarding telemetry and data collection in Windows 7 / 8 / 10, or know improved methods to disable it, please share it.

 

 

------------------------------------------------

 

Overview of what the Aegis script does

 

Direct-download backup link for Aegis v1.18: https://mega.nz/#!dhExAbBa!fehYhbTNz5dIBh72psfXLfwv9wMk0uhMpGli-c0pBn4

 

(This information was retrieved from an archived version of the voat.co page discussing Aegis, via http://pastebin.com/1Xb2h39Z, and was last updated March 27, 2016, and so will not mention any changes to the script after that time)

 

Description: Blocks 201 bad hosts, change windows update to check/notify (do not download/install), disable automatic delivery of internet explorer via windows update, disable ceip/gwx/skydrive(aka onedrive)/spynet/telemetry/wifisense, disable remote registry, disable 31 scheduled tasks, disable windows 10 download directory, remove diagtrack, sync time to ntp.org, hide/uninstall 50 kb updates (see below).

 

Directions: Download, unzip, disable anti-virus, right click on aegis.cmd, click "run as administrator", follow on-screen instructions.

 

Note: If unable to uninstall some kb's this post may help.

 

Internet Explorer:

Some updates which may contain critical security patches for ie, as well as automated delivery of ie and related updates, will be blocked. Due to the obvious security risk posed by running an unpatched browser we strongly advise to uninstall ie. If you plan to continue to use ie you should probably not run this script - or manually patch and do so at your own risk.

 

Liability:

All code except sed and setacl is provided as open source so you can look and see for yourself what it does. It has been thoroughly tested on my own systems and scanned with VirusTotal, and to the best of my knowledge it does not contain any harmful or malicious elements. However I assume no liability for any problems so use it at your own risk.

 

License:

There is no official license - you are welcome to modify and share my code and you do not have to give me credit. I do appreciate any feedback and I will give you credit if I use your ideas. This script is the product of a collaborative effort and does not belong to any one person.

 

Windows Update:

This script will not block Windows Update however it will change your Windows Update settings to 'check/notify but do not download/install'. If you have problems getting Windows Update to work properly after running the script you may need to run the Windows Update Troubleshooter or the System Update Readiness Tool. If you have recently installed updates and have not yet rebooted you should reboot before running the script. If you are on a fresh install you may want to install all updates before running Aegis for the first time, otherwise it may take a long time to update.

 

 

Here is a possibly-incomplete listing of updates that Aegis removes and blocks, using the format:

kb update ID

update description

 

 

kb971033

update for windows activation technologies

 

kb2882822

update for adding itracerelogger interface support

 

kb2902907

description not available, update was pulled by microsoft

 

kb2922324

description not available, update was pulled by microsoft

 

kb2952664

update for upgrading windows 7

 

Ugh, screw this.

 

 

1. [kb2976978](https://support.microsoft.com/en-us/kb/2976978) | update for windows 8.1 and windows 8
2. [kb2977759](https://support.microsoft.com/en-us/kb/2977759) | update for windows 7 rtm
3. [kb2990214](https://support.microsoft.com/en-us/kb/2990214) | update that enables you to upgrade from windows 7 to a later version of windows
4. [kb3012973](https://support.microsoft.com/en-us/kb/3012973) | upgrade to windows 10
5. [kb3014460](https://support.microsoft.com/en-us/kb/3014460) | update for windows insider preview / upgrade to windows 10
6. [kb3015249](https://support.microsoft.com/en-us/kb/3015249) | update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
7. [kb3021917](https://support.microsoft.com/en-us/kb/3021917) | update for windows 7 sp1 for performance improvements
8. [kb3022345](https://support.microsoft.com/en-us/kb/3022345) | update for customer experience and diagnostic telemetry
9. [kb3035583](https://support.microsoft.com/en-us/kb/3035583) | update installs get windows 10 app in windows 8.1 and windows 7 sp1
10. [kb3042058](https://support.microsoft.com/en-us/kb/3042058) | update for cipher suite priority order (contains winlogon spying elements)
11. [kb3044374](https://support.microsoft.com/en-us/kb/3044374) | update that enables you to upgrade from windows 8.1 to windows 10
12. [kb3046480](https://support.microsoft.com/en-us/kb/3046480) | update for migrating .net when upgrading to later version of windows
13. [kb3058168](https://support.microsoft.com/en-us/kb/3058168) | activate windows 10 from windows 8 or windows 8.1, and windows server 2012 or windows server 2012 r2 kms hosts
14. [kb3064683](https://support.microsoft.com/en-us/kb/3064683) | update for windows 8.1 oobe modifications to reserve windows 10
15. [kb3065987](https://support.microsoft.com/en-us/kb/3065987) | update for windows update client for windows 7 and windows server 2008 r2 july 2015
16. [kb3065988](https://support.microsoft.com/en-us/kb/3065988) | update for windows update client for windows 8.1 and windows server 2012 r2 july 2015
17. [kb3068708](https://support.microsoft.com/en-us/kb/3068708) | update for customer experience and diagnostic telemetry
18. [kb3072318](https://support.microsoft.com/en-us/kb/3072318) | update for windows 8.1 oobe modifications to reserve windows 10
19. [kb3074677](https://support.microsoft.com/en-us/kb/3074677) | compatibility update for upgrading to windows 10
20. [kb3075249](https://support.microsoft.com/en-us/kb/3075249) | update that adds telemetry points to consent.exe in windows 8.1 and windows 7
21. [kb3075851](https://support.microsoft.com/en-us/kb/3075851) | update for windows update client for windows 7 and windows server 2008 r2 august 2015
22. [kb3075853](https://support.microsoft.com/en-us/kb/3075853) | update for windows update client for windows 8.1 and windows server 2012 r2 august 2015
23. [kb3080149](https://support.microsoft.com/en-us/kb/3080149) | update for customer experience and diagnostic telemetry
24. [kb3081437](https://support.microsoft.com/en-us/kb/3081437) | august 18, 2015, compatibility update for upgrading to windows 10
25. [kb3081454](https://support.microsoft.com/en-us/kb/3081454) | september 8, 2015, compatibility update for upgrading to windows 10
26. [kb3081954](https://support.microsoft.com/en-us/kb/3081954) | update for work folders improvements in windows 7 sp1 (contains telemetry elements)
27. [kb3083324](https://support.microsoft.com/en-us/kb/3083324) | update for windows update client for windows 7 and windows server 2008 r2 september 2015
28. [kb3083325](https://support.microsoft.com/en-us/kb/3083325) | update for windows update client for windows 8.1 and windows server 2012 r2 september 2015
29. [kb3083710](https://support.microsoft.com/en-us/kb/3083710) | update for windows update client for windows 7 and windows server 2008 r2 october 2015
30. [kb3083711](https://support.microsoft.com/en-us/kb/3083711) | update for windows update client for windows 8.1 and windows server 2012 r2 october 2015
31. [kb3086255](https://support.microsoft.com/en-us/kb/3086255) | september 8, 2015, security update for the graphics component in windows (breaks safedisc)
32. [kb3088195](https://support.microsoft.com/en-us/kb/3088195) | october 13, 2015, security update for windows kernel (reported to contain a keylogger)
33. [kb3090045](https://support.microsoft.com/en-us/kb/3090045) | windows update for reserved devices in windows 8.1 or windows 7 sp1 (windows 10 upgrade elements)
34. [kb3093983](https://support.microsoft.com/en-us/kb/3093983) | security update for internet explorer: october 13, 2015 (ie spying elements)
35. [kb3102810](https://support.microsoft.com/en-us/kb/3102810) | windows 10 upgrade elements
36. [kb3102812](https://support.microsoft.com/en-us/kb/3102812) | windows 10 upgrade elements
37. [kb3112343](https://support.microsoft.com/en-us/kb/3112343) | update for windows update client for windows 7 and windows server 2008 r2 december 2015
38. [kb3112336](https://support.microsoft.com/en-us/kb/3112336) | update for windows update client for windows 8.1 and windows server 2012 r2 december 2015
39. [kb3123862](https://support.microsoft.com/en-us/kb/3123862) | updated capabilities to upgrade windows 8.1 and windows 7
40. [kb3135445](https://support.microsoft.com/en-us/kb/3135445) | windows update client for windows 7 and windows server 2008 r2: february 2016
41. [kb3135449](https://support.microsoft.com/en-us/kb/3135449) | windows update client for windows 8.1 and windows server 2012 r2: february 2016
42. [kb3138612](https://support.microsoft.com/en-us/kb/3138612) | windows update client for windows 7 and windows server 2008 r2: march 2016
43. [kb3138615](https://support.microsoft.com/en-us/kb/3138615) | windows update client for windows 8.1 and windows server 2012 r2: march 2016
44. [kb3139929](https://support.microsoft.com/en-us/kb/3139929) | security update for internet explorer: march 8, 2016
45. [kb3146449](https://support.microsoft.com/en-us/kb/3146449) | updated internet explorer 11 capabilities to upgrade windows 8.1 and windows 7

 

 

 

 

Updates including post-Aegis that contain telemetry, updated to June 2018:

 

Windows 7/8/8.1 Updates to avoid as of the June 2018 "Patch Tuesday":
 
KB971033,  Activation exploits
KB2876229, Skype
KB2882822, replaced by KB3068708
KB2952664, telemetry crap
KB2970228, new Russian ruble symbol, breaks fonts
KB2976978, Windows 10 update crap for Win8
KB2977759, telemetry crap
KB2982791, Causes crashes
KB2990214, telemetry crap
KB3004394, faulty update
KB3018238, only applies to Windows Server 2008
KB3021917, telemetry crap
KB3022345, telemetry crap
KB3035583, telemetry crap
KB3050265, telemetry crap
KB3065987, telemetry crap
KB3068708, telemetry crap
KB3075249, telemetry crap
KB3075851, telemetry crap
KB3080149, telemetry crap
KB3081954, telemetry crap
KB3083324, telemetry crap
KB3083710, telemetry crap
KB3097877, Casuses crashes
KB3102810, telemetry crap
KB3107998, Lenovo fix to remove blocker
KB3112336, More WIN10 crap
KB3112343, More WIN10 crap + MS monitoring of win10 upgrade
KB3121255, crash during backup of PI Data server fails
KB3123862, Windows 10 update crap
KB3125574, Apr 2016 rollup with bad ones in it
KB3133977, BitLocker can't encrypt the drive and the service crashes
KB3135445, WIN7 update client to force WIN10
KB3137061, Azure virtual machines network outage data corruption
KB3138901, No Internet multiple users log on Remote Desktop Services
KB3139923, MSI repair doesn't work after you install updates
KB3147071, Connection to Oracle database fails. Causes browser lockups?
KB3150513, telemetry crap
 
other:
KB3184143 removes the Get Windows 10 app
KB3172605 July 2016 update rollup (re-released Sep 13 2016)
KB3179573 August 2016 Rollup

[Delicieuxz]

I've organized the OP a bit more, and have also this additional method of stopping Windows 10 telemetry to look into:

 

 

Disconnect Microsoft telemetry server connections

 

From: https://docs.microsoft.com/en-gb/windows/privacy/configure-windows-diagnostic-data-in-your-organization

Endpoints

The Microsoft Data Management Service routes data back to our secure cloud storage. Only Microsoft personnel with a valid business justification are permitted access.

The following table defines the endpoints for Connected User Experiences and Telemetry component:

 

Windows release	Endpoint
Windows 10, versions 1703 and 1709	Diagnostics data: v10.vortex-win.data.microsoft.com/collect/v1 Functional: v20.vortex-win.data.microsoft.com/collect/v1 Windows Advanced Threat Protection is country specific and the prefix changes by country for example: de.vortex-win.data.microsoft.com/collect/v1 settings-win.data.microsoft.com
Windows 10, version 1607	v10.vortex-win.data.microsoft.com settings-win.data.microsoft.com

 

The following table defines the endpoints for other diagnostic data services:

Service	Endpoint
Windows Error Reporting	watson.telemetry.microsoft.com
Online Crash Analysis	oca.telemetry.microsoft.com
OneDrive app for Windows 10	vortex.data.microsoft.com/collect/v1

 

More details on Windows 10 endpoints and ways to disconnect them: https://docs.microsoft.com/en-us/windows/privacy/manage-windows-endpoints