Windows 10

[alt3rn1ty]

Reference all the Telemetry going on in Windows 10 ( and being back ported to Win 7 / 8 )

 

An old trusty name has popped up recently with a new tool :

 

Click >> Spybot Anti-Beacon << Click

 

Turns off the following ..

 

Spybot Anti-Beacon for Windows 10 is a small utility designed to block and stop the various tracking (aka telemetry) issues that come with Windows 10. Seeing the bunch of incomplete or broken scripts to disable tracking in Windows 10, and the tools that install adware or worse in exchange for their function, we wrapped disabling tracking up in a small tool that’s free and clean. With the upcoming news about telemetry in Windows 7 and 8.1, Spybot Anti-Beacon has added support for those as well.

Supported OS: Windows 7, Windows 8, Windows 8.1, Windows 10

[InsanePlumber]

hosts  file.
 

hosts location for windows 7, 8, 10.

%SystemRoot%\system32\drivers\etc\hosts

Add to hosts file.

# Windows 10 reporting domains.
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 pre.footprintpredict.com
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 sls.update.microsoft.com.akadns.net
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 ssw.live.com
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 adnexus.net
0.0.0.0 a-msedge.net
0.0.0.0 apps.skype.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 c.msn.com
0.0.0.0 cdn.atdmt.com
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 db3aqu.atdmt.com
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 g.msn.com
0.0.0.0 h1.msn.com
0.0.0.0 lb1.www.ms.akadns.net
0.0.0.0 live.rads.msn.com
0.0.0.0 m.adnxs.com
0.0.0.0 m.hotmail.com
0.0.0.0 msedge.net
0.0.0.0 msftncsi.com
0.0.0.0 msnbot-65-55-108-23.search.msn.com
0.0.0.0 msntest.serving-sys.com
0.0.0.0 pre.footprintpredict.com
0.0.0.0 preview.msn.com
0.0.0.0 pricelist.skype.com
0.0.0.0 s.gateway.messenger.live.com
0.0.0.0 schemas.microsoft.akadns.net
0.0.0.0 secure.flashtalking.com
0.0.0.0 sls.update.microsoft.com.akadns.net
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 www.msftncsi.com

 

Save file.

 

Run -> cmd

ipconfig /flushdns

And bye bye M$.

[alt3rn1ty]

Good research on the hosts file entries :

 

Is there any chance that MS could undermine that by Windows Defender making changes to the hosts file and re-enabling telemetry ?, pretty sure I have heard of that being done before ( though I think it was when Windows Defender used to be called Microsoft Security Essentials that it would occasionally meddle with the hosts file )

 

Spybot Anti-Beacon has this option :

 

Stay protected:

         Refresh immunization after each system restart

 

It also sets a bunch of Registry keys to prevent services

 

 

 

 

I still need to switch some options on, but the above are defaults on my machine

[InsanePlumber]

@alt3rn1ty

"Windows Defender"

This cancer and its other varieties and transplants (Windows Media Player Old Drivers, Windows Firewall, and many others) has been cut by me from windows at the installer level.

Using windows automated installation kit for windows 7.

 

For me it looks like this when I ran for the first time.

Above mentioned Windows 7 64Bit.

[Arthmoor]

You should be aware that several tech sites have confirmed that telemetry on Windows 10 bypasses the hosts file for those lookups. I have no idea if that's also true for Windows 7 or 8 though.

[InsanePlumber]

You should be aware that several tech sites have confirmed that telemetry on Windows 10 bypasses the hosts file for those lookups. I have no idea if that's also true for Windows 7 or 8 though.

Why am I not surprised...

 

EDIT

At home I have four laptops and desktop (all windows 7 64 bit) connect to the Internet through an old desktop which now serves as a Router, DNS, NAS (Debian)

And on him I have a host with more than 20,000 "bad"  URL/IP blocked.

 

I even do not need use so often adblock.

Certainly not as often as it did before have hosts on Debian Router.

[VaultDuke]

OMG, i just got a clear type setting for my screen that doesn't suck. The trick was to chose the WORST looking option on the first (of 5) configuration screens.

(i really should upgrade beyond FHD next year)

[InsanePlumber]

For those interested blocking IP using the host file.

host file with 356,328 unique entries.

[Arthmoor]

As has been mentioned before, Windows 10 bypasses the Hosts file for any of the telemetry/spyware domains Microsoft is using.

[InsanePlumber]

It contains many malicious URL's addresses not only M$ spying.

 

As has been mentioned before, Windows 10 bypasses the Hosts file for any of the telemetry/spyware domains Microsoft is using.

Well, maybe someone is as insane as I am and has a Linux router.
Besides this file it works not only for W10 but also for w7 w8 and linux.

[alt3rn1ty]

If you consider Adobe Flash to be a Security / Privacy threat

 

By default Windows ( Since Windows 8 ) installs Adobe Flash

 

Windows 10 Privacy options make no mention of this whatsoever, which is surprising considering how intrusive adobes spyware is, and how vulnerable it has made operating systems to browser attacks .. Historically Flash has been the number 1 vector quite often for malware to abuse and infiltrate peoples computers ( quite often competing neck-and-neck with the java browser plugin which java runtime used to install by default ), there was one zero day exploit quite recently which had been for sale to anyone who wanted a hook into peoples systems for over four years before adobe got around to fixing it.

 

Have a read of the following article on various methods needed to disable it

 

http://www.howtogeek.com/222275/how-to-uninstall-and-disable-flash-in-every-web-browser/

 

The only off switch in Windows 10 is in Windows Edge advanced settings, but that setting obviously is only for the Edge browser.

 

 

If you want to permanently disable this software from being installed by Microsoft :

 

1. Its in a protected system folder, so you will need to be at least on an Admin account

2. Even with an Admin account you will need to take ownership of a folder and its contents ..

 

C: \ Windows \ System32 \ Macromed \ Flash \  <<-- This folder

C: \ Windows \ SysWOW32 \ Macromed \ Flash \  <<-- And this folder

 

What we need to do is :

Take ownership of all files in the flash folder

Then delete them

Then delete the flash folder

Then create a FILE called flash ( so that a folder cannot be recreated, the file MUST NOT have a dot three letter extension )

 

So to do all the above, make a .bat file with Notepad, which contains the following

# take ownership
takeown /f C:\Windows\SysWOW64\Macromed\Flash\*.*
takeown /f C:\Windows\System32\Macromed\Flash\*.*
 
# extend access
cacls C:\Windows\SysWOW64\Macromed\Flash\*.* /E /T /G %UserDomain%\%UserName%:F
cacls C:\Windows\System32\Macromed\Flash\*.* /E /T /G %UserDomain%\%UserName%:F
 
# delete
del C:\Windows\SysWOW64\Macromed\Flash\*.* /Q
del C:\Windows\System32\Macromed\Flash\*.* /Q
rd C:\Windows\SysWOW64\Macromed\Flash
rd C:\Windows\System32\Macromed\Flash
 
# create flash file, so that flash folder cannot be remade
copy /Y NUL > C:\Windows\SysWOW64\Macromed\Flash
copy /Y NUL > C:\Windows\System32\Macromed\Flash
attrib +s +r C:\Windows\SysWOW64\Macromed\Flash
attrib +s +r C:\Windows\System32\Macromed\Flash

 

Save it somewhere as PermanentlyDisableWin10Flash.bat

 

Now right click it, and choose "Run as administrator"

 

If you now go have a look in both Macromed folders, you should find a file called flash ( the folder flash and its contents are now gone, and windows will not be able to make a flash folder in future, so any re-install of flash will always fail )

 

 

( Heres the same idea but being used to block windows old GWX folder, which is where windows stored the files for the Windows 10 update http://www.afkmods.com/index.php?/topic/4193-windows-10/page-3#entry156055

It worked well enough for me for a while before I decided to let the update happen )

 

That idea is still working quite well

Windows has not managed to recreate the flash folder on my system, so cant re-install flash or any updates to its setup

[VaultDuke]

You can disable the integrated flash in internet explorer as well. I don't think the integrated flash does anything else than run in the browser. Pretty sure disabling it in edge and ie gets rid of any security issues. If i was willing to go through so many hoops like you to maintain my computer, i'd be using linux.

[alt3rn1ty]

I dual boot linux

 

The previous post was primarily to show the method of replacing a folder with a file works as an effective block, in action.

 

So anyone still wanting to block gwx installation so they do not get upgraded to win 10 could have confidence in using the same method

[alt3rn1ty]

For all your Video and Audio playback needs on Windows 10 ( and a few less opportunities for MS free software data grabbing apps to jump in as default players )

 

VLC Media Player has been updated to version 2.2.2 - I only just noticed because I wanted to watch SPECTRE and did not fancy letting any of MS free software launching by default

 

The previous version was a bit clunky on Win 10, but this new version seems to be working well.

 

 

I have been noticing little details about default associations recently, the old Windows Picture and Fax Viewer has been removed by microsoft as an option to set as a viewer. Probably because the new apps can link with OneDrive and the cloud to gather your usage data.

You now have to use a registry key to get it back as a nice little viewer again, otherwise the new apps like Photo get the prime time by default

http://www.howtogeek.com/225844/how-to-make-windows-photo-viewer-your-default-image-viewer-on-windows-10/?PageSpeed=noscript

 

I think Music and Video have also been saying "move over old timer" to Windows Media Player too, but I would rather have VLC in those cases.

[Arthmoor]

Well isn't this special: http://www.ghacks.net/2016/03/09/security-update-ms16-023-installs-new-get-windows-10-functionality/

[Leonardo]

Indeed, typical M$ trying to patch their own web browser when it's obvious that IE is nothing to waste more energy on.  Why not they ever confess that IE doesn't get anymore attention and advice people NOT to use IE due for being buggy.

[VaultDuke]

Why not they ever confess that IE doesn't get anymore attention and advice people NOT to use IE due for being buggy.

isn't that exactly what they do in Win 10? ;P

[Leonardo]

Are they?  Then why release a security update for IE11 when pushing for the Windows10 offer at the same time.  I would say that's typical M$ and I find it very suspect to say the least.

[VaultDuke]

Because they give a support time for all their products, and IE 11 is still supported on win 7 until 2020. They made it clear that users should switch to edge on Win 10 going forward, and that IE is only maintained on that platform for all those stupid business programs that rely on its trident rendering engine. If not for those, they would have dropped it all together in Win 10 (still would need to provide updates for it on Win 7 until 2020 though). They tried to make Edge backwards compatible with trident engine, but even then, the old code slowed the new browser down too much, hence the double solution now.

[Leonardo]

That's a bad excuse from M$ IMO and all they want to do is to force users to continue using Windows that have made M$ what it is today dominating the multitasking OS for computers.

[alt3rn1ty]

Well isn't this special: http://www.ghacks.net/2016/03/09/security-update-ms16-023-installs-new-get-windows-10-functionality/

 

Its moments like this in Win 10 ongoing surprising developments that makes me think they are desperate for Win 10 to dominate ..

 

Someone mentioned Vulkan a while back, and I have been keeping an eye on it, but also wonder if this is cause for MS desperation :

 

http://www.kitguru.net/components/graphic-cards/anton-shilov/valve-directx-12-does-not-make-a-lot-of-sense-vulkan-does/

 

https://en.wikipedia.org/wiki/Vulkan_(API)

 

And now supported by NVidias' more recent drivers ..

 

http://www.geforce.com/whats-new/articles/vulkan-graphics-api-launches-nvidia-gpus-game-ready

 

Is it such a big threat to DirectX to cause MS so much concern ?

Good news for Linux future if all developers are backing it.

Apparently everyone is apart from MS.

Even PS4 could support Vulkan API.

[lmstearn]

A competitive field like that makes everyone a winner. Good luck to them. DX is a formidable opponent.

[alt3rn1ty]

For anyone not wanting to try the file replacing the GWX folder trick, I believe there is now another reliable way of stopping Win 10 trying to upgrade win 7 and win 8 users ..

 

Steve Gibsons Never10

 

 

If its anything like his other utilities it will work very well, aswell as being very meticulous and proud of producing very efficient code this is particularly in his interest to get right because Steve does not want to go to Win 10 .. ever. He is going to upgrade everything to Win 7 and stay on that OS for all of his machines eventually.

 

I think when I get around to re-installing from scratch from my Win 7 discs, I will be using the same to stick on 7 until eventually going completely linux.

 

Dont be surprised if you run Never10, click a button, and thats it. He programs in assembler, so these kind of tools he does occasionally are small and very quick at what they do.

[InsanePlumber]

@alt3rn1ty

The easiest way I know to make Windows 7 never update automatically in to Windows 10.

 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate]
"DisableOSUpgrade"=dword:00000001

[Leonardo]

Someone mentioned Vulkan a while back, and I have been keeping an eye on it, but also wonder if this is cause for MS desperation :

 

http://www.kitguru.net/components/graphic-cards/anton-shilov/valve-directx-12-does-not-make-a-lot-of-sense-vulkan-does/

 

https://en.wikipedia.org/wiki/Vulkan_(API)

 

And now supported by NVidias' more recent drivers ..

 

http://www.geforce.com/whats-new/articles/vulkan-graphics-api-launches-nvidia-gpus-game-ready

 

Is it such a big threat to DirectX to cause MS so much concern ?

Good news for Linux future if all developers are backing it.

Apparently everyone is apart from MS.

Even PS4 could support Vulkan API.

Yep, I notice that Vulkan Run Time Libraries 1.0.3.0 was installed on my computer the other day.

 

I would say it is a serious threat to M$ and their DirectX software, which have dominated gaming on Windows for too long and I think it's time someone put a stop to DirectX dominance.