Jump to content

[Guide]Way to Disable Keylogger/ Telemetry v3

aviv00

By aviv00
in Windows 10

 Share

Recommended Posts

aviv00

aviv00

Posted
Posted (edited)

Notices

-Before The panic began, please note its only opinion calling Telemetry a Keylogger
-This Topic is about ensure Keylogger/ Telemetry is disabled as much as possible but we cant be certain, Although
after Testing its working as should

Tested On Lited Windows 10 Enterprise 2015 LTSB N 10240 / 29.7.2015 Build
I don't see the weird dns packets in server 2016 build 10.0.10514

[Guide]Way to Disable Keylogger/ Telemetry v3.1
Removing packages with Powershell script, need to run as TrustedInstaller
Packages like: Windows defender, Telemetry, Onedrive, Cortana...

#Preparation

If u have OS with another lang change "*en-US*,*en-*Package*" to your lang

If u gonna use the script for online / current OS
just change the z: to c:, /image:temp to /online, cd "HKLM:\111\... to cd "HKLM:\Software\...
and also skip the hiving and unloading the reg

For mounted wim, copy dism folder with lastest dism version, cmd to mount:

#Mountdism\dism /Mount-Wim  /WimFile:install.wim /index:1 /MountDir:temp /ScratchDir:.
#Removing packages
### Fully Automatic Removing Packages / Lite'en Windows 10 / 8.x, by Lite8@MDL / Aviv00@MSFN ####Get packages list excluding en-us packages$s = dir .\Windows\servicing\Packages\*.cat -Exclude *en-US*,*en-*Package*# Filter Packages$s = (dir $s -Include *WindowsFeedback*,*Windows-Skype-ORTC*,*Windows-Prerelease*,*Windows-DiagTrack*,*Windows-ContactSupport*,*OneCore-Maps*,*OneDrive*,*TroubleShooting*,*Search2*,*Cortana*,*Xbox*,*Defender* -Exclude *AutoMerged-xbox*).BaseName#Count$s; $s.count# Hive regreg.exe load HKLM\111 ".\Windows\System32\config\software"#cd "HKLM:\111\Microsoft\windows\CurrentVersion\Component Based Servicing\Packages"# Remove Owners from reg$s | foreach { join-path $PSItem \owners | rd }#z:# save reg and unhivereg.exe unload HKLM\111# remove packages$s |  foreach { dism /ScratchDir:. /image:temp /Remove-Package /PackageName:$PSItem }

#Finalizing
#Cleanupdism\dism /image:temp /Cleanup-Image /StartComponentCleanup /ResetBase#Commitdism\dism /Commit-Wim /MountDir:temp /ScratchDir:.#Exportdism\dism /Export-Image /SourceImageFile:install.wim /SourceIndex:1 /DestinationImageFile:install2.wim; if u use ramdisk like me copy install2 to another folder and format the ramdisk to save time

#OneDrive remove servicesc delete OneSyncSvcsc delete OneSyncSvc_24f3a

For Enterprise - open cmd.exe with admin run the code(credit goes to murphy78)
Tested on Enterprise
REG ADD HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection\ /v AllowTelemetry /t REG_DWORD /d 0 /f


Use this Also for Other Editions

Run cmd as admin
then start the process

use Sc.exe to delete the 3 services
run this:
sc delete dmwappushsvcsc delete diagnosticshub.standardcollector.servicesc delete diagtrack

#Deny Diagnosis Folder
and deny system accessing the file AutoLogger-Diagtrack-Listener.etl with cacls


icacls "C:\ProgramData\Microsoft\Diagnosis" /remove:g system /inheritance:r /deny system:(OI)(CI)f


#Blocking Cortana v1.1
Change Search in Firewall advanced to block
or run this in cmd with admin
Powershell Set-NetFirewallRule -DisplayName search -Action BlockDisabling "Windows Connect Now - Config Registrar"Powershell Set-service wcncsvc -StartupType disabled


::todo
#OneDrive
#Removing MetroApps

Extreme / TESTERS ONLY / ADVANCED USERS
This Method should break Internet connective for the OS internal parts
Firefox and standalone application can connect outside
if application use Internal connective OS's components it should break
and might block backdoors planted in OS

Step1
Run autoruns.exe
Uncheck hide windows entries
Search for v6
then uncheck them if u cant uncheck remove them
to restore default settings runnetsh winsock reset

Steps2
MMC -> add snaps-in "cert" -> Computer account, set the cert like in the picture below
http://i59.tinypic.com/24gul9t.jpg


Semi-Extreme - Lossing ipv6 protocol
Explaining - Windows 10 might use those protocols to tunneling the data out to internet.
the whole idea of this Method eventually to disable totally network protocols that integrate to OS
which make IE / OS unable to go out because i dont trust the OS

disabling IPv6
Powershell Set-service Tcpip6 -StartupType disabledPowershell Set-service wanarpv6 -StartupType disabledPowershell Set-service iphlpsvc -StartupType disabled

Index(Please PM to add More to Index):
http://forums.mydigitallife.info/threads/57339-Guide-Way-to-Disable-Keylogger?p=1028934&viewfull=1#post1028934 reg by Michel Edited by aviv00
2
Link to comment
Share on other sites

jaclaz

jaclaz

Posted
Posted

 

Well, NO. :no:

That article, like a zillion other similar articles, points out how by accepting their privacy policy you allow them to keylog, which does not mean that there is (at the moment) a keylogger, nor that it is activated. 

 

What Trip is asking is actual proof that such keylogger:

a. exists

b. is active

 

jaclaz

Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted

Yes, there's no proof whatever of such keylogger's existence, up to now. :yes:

And that begs the question: can it possibly, despite not existing (as seems to be the case) be actually already activated? dubbio.gif

Well, the point is that they are allowed (by you) to use one.

 

Whether it is there and can be remotely activated, or it can be downloaded automagically (and as well activated) does not change the authorization you gave them to use one.

 

It is entirely possible that the provision is the result of some retarded MS engineer mis-explaining the "feature" to a retarded MS attorney (or that the latter mis-understood the former), or it could be just a "preventive", "demonstrative" provision, just a social experiment to see how much retarded are the final users, still it represents one of the reasons why I put to use my good ol'sticks (the 10 feet ones that were too d@mn heavy for NOT touching Vista :ph34r:) for NOT touching the stupid new OS:

http://www.msfn.org/board/topic/125258-nlite-and-microxp/#entry807225

 

Let's put this into perspective.

 

When you want to track usage of a product, you ask (possibly politely) your customers (final users) to provide feedback, usually by asking them to fill a questionnaire or poll.

When you want to beta test something, you find a number of beta testers

  • that usually are a restricted number of "advanced" users asking them to report bugs, inconsistencies, provide suggestions, etc.

     

    In any case BOTH approaches have two key characteristics:

    1. it is done on a voluntary basis

    2. the user knows EXACTLY the information that he/she provides

     

    No issues with #1. :)

    Many about #2. :(

     

    Now, IF the data gathered and collected was in the form of a plain .txt file (or a .xls, or a .mdb or the awful .xml, etc. or the format was OPEN and a viewer for it was provided) AND the feedback would consist of a limited (human readable) amount of data (say compressed into an archive) and sent to MS - say - once a week AND there would be an explicit consent required to send the data AND the data was collected in a public searchable/accessible database (in an anonymous form) THEN MAYBE I could THINK of sending them some detail on the usage I make of the OS.

     

    That is a generic issue with any kind of statistical result, if no RAW data is public, the results may well be wrong or manipulated.

     

    Remember that Windows 8/8.1 is (according to them) the result of telemetry/users feedback, so, someone, somewhere and en masse  must have made them think that it was a good idea.

    OR they lied to us, inventing the consensus that never was (and this is not a good precedent record).

     

    jaclaz   

     

     

  • This is connected with oligarchy AND NOT democracy, the process implies that there are a number of people that have a certain number of working neurons and use them when providing feedback.
Link to comment
Share on other sites
NoelC

NoelC

Posted
Posted

Trust mother Microsoft.  She will take care of you.

 

In all seriousness, what makes you think they weren't tracking everything you were doing already?

 

Their foot is already WAY in your door, and has been for years.  We install software and scramble security features to prevent automatic installation of software.  Yet most folks leave Windows configured to install updates automatically.  Many use cloud services and back up their private data to who knows where.

 

Yes, fully half the people in the world are of below average intelligence.

 

Thing is, something holds Microsoft back from being completely stupid about it, though...  If someone DOES have private information Microsoft has collected get out by Microsoft's own negligence, just think of the liability!  Stupid EULA that no one reads notwithstanding, they have a LOT to lose in a serious lawsuit.

 

-Noel

Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted

Yes, fully half the people in the world are of below average intelligence.

No. :no:

Fully half the people in the world may be ignorant, in the sense of not knowing or not knowing enough about something (ignorance has nothing to do with intelligence or lack of it, and can usually be cured :yes:).

 

Please take note how "serious lawsuit" could be considered an oximoron :w00t:, and you need a special license to post one of those on MSFN :whistle:

 

Seriously, the point is IMHO not much about the actual data (if any), but about the concept, you are asked to authorize the collection of *any* data in an unspecified amount, with unspecified means, and without any control on which data is collected and transmitted.

 

I personally find this a "serious" issue.

 

jaclaz

.

Link to comment
Share on other sites
NoelC

NoelC

Posted
Posted

Don't get me wrong, I'm with you - online privacy is a VERY serious issue.

 

But it's been a long time an issue; there's nothing special about now, except that maybe the powers that be are pushing the boundaries a little further.

 

"Online privacy" - there's your oxymoron.

 

-Noel

Link to comment
Share on other sites
NoelC

NoelC

Posted
Posted (edited)

By the way, regarding Microsoft having a size 13 boot in the door...

 

I see that Microsoft, with the latest spate of Win 8.1 updates, restored all the root namespaces that I keep removing (without downside) to make Explorer work the way I want it.

 

I see that they did something to have Internet Explorer prompt again to ask "Use Recommended Settings?" - which in my case are FAR less secure than those I have chosen.  Most anyone who doesn't understand that the question really means "Return IE to default settings or keep using those you've set" would take the recommendation.

 

These are just the parts that are easy to see. 

 

So my tongue-in-cheek comment above ("Trust mother Microsoft") is actually more than a joke.  It's real.  By choosing to use Windows - any version that runs on modern hardware - you are implicitly choosing to trust Microsoft - to partner with them, no ifs ands or buts.  Either you're with them or against them.  There's no middle ground that everyone loves to think exists, where you've bought software that does what you want, when you want, without ulterior motives.  Where YOU'RE in charge.  It's simply not there.

 

It's up to you to decide whether partnering with Microsoft provides value.

 

Recall what a big deal it was when Microsoft announced they'd stop supporting XP?  OMG!  So many people worried that XP would just stop working the very next day.  Perhaps they should rejoice instead!  No longer is Microsoft drop-loading whatever they want into your XP system.  Chances are it will remain as stable as it is, and no new spying will take place. 

 

Imagine the sheer psychological power in convincing sheeple that instability - Microsoft being able to change your OS at will through automatic updates - is somehow preferable over stability.  It's the same power they're trying to wield by telling people that Windows 10 is an all-new marvel.

 

Everyone needs to leave behind the misconception that by falling in with the crowd they're making the right decision.  Right now!  Note that I did not say that this would mean you would stop using Microsoft software.  Use it as long as you get value from it, but go into the partnership with your eyes open!  And always remember that All Your Datas Are Belong To Microsoft.

 

I agree - "No".  I was wrong - more than half the people of this world are stupid.  And ignorant.  And whether a cure exists is irrelevant, they're already stuck in the web.

 

-Noel

Edited by NoelC
Link to comment
Share on other sites
NoelC

NoelC

Posted
Posted

Recall what a big deal it was when Microsoft announced they'd stop supporting XP?  OMG!  So many people worried that XP would just stop working the very next day.  Perhaps they should rejoice instead!  No longer is Microsoft drop-loading whatever they want into your XP system.  Chances are it will remain as stable as it is, and no new spying will take place. 

 

But WAIT!

 

Dropping support doesn't mean what it sounds like!

 

I just fired up an XP VM to check, and lo and behold there's an October 2014 "Malicious Software Removal Tool" sitting there waiting in Windows Update.

 

Malicious by whose definition, I wonder?

 

Stopping support indeed!

 

-Noel

Link to comment
Share on other sites
jaclaz

jaclaz

Posted
Posted

 

Dropping support doesn't mean what it sounds like!

 

To be fair, once upon a time in a far away galaxy, in order to be able to drop support you needed to provide it until the change. :whistle:

Otherwise people won't notice it.

 

Claiming that you supported it and that you will stop doing that on a given date (and bragging a lot about it and how dangerous it will be if you don't switch to the new supported OS before that) is not exactly the same.

 

jaclaz

Link to comment
Share on other sites
Tripredacus

Tripredacus

Posted
Posted

But WAIT!

 

Dropping support doesn't mean what it sounds like!

 

I just fired up an XP VM to check, and lo and behold there's an October 2014 "Malicious Software Removal Tool" sitting there waiting in Windows Update.

 

Malicious by whose definition, I wonder?

 

Stopping support indeed!

 

-Noel

This seems to still be missed by people online. XP support has ended but that doesn't mean you stop seeing new updates offered by Windows Updates for non-OS products. This includes the Malicious Software Removal Tool, Office or whatever else.

Link to comment
Share on other sites
HarryTri

HarryTri

Posted
Posted (edited)

THEN MAYBE I could THINK of sending them some detail on the usage I make of the OS.

 

 

I'm not enthusiastic about it either but isn't it what Google - for example - already does with Android? Of course they ask for your agreement first.

Correction, it's not Google itself but the vendors of the Android phones who ask for the usage data. I suppose Google does the same with e.g. Google Note.

Edited by HarryTri
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...