ptd163 Posted July 30, 2015 Posted July 30, 2015 (edited) First, credit where is credit is due. I originally found this posted in /r/Windows10 by /u/C-Ron. I'm reposting this here for the people that don't browse Reddit so they can benefit from it. Link to reddit post that contains original guide text (as recommended by Tripredacus) First Time Setup Spoiler Do not use Express Settings. Hit Customize, and make sure everything is turned off. It's strongly recommended that you use a local account with Windows 10. Settings App Spoiler Head to Start > Settings > Privacy, and disable everything, unless there are some things you really need. While within the Privacy page, go to Feedback, select Never in the first box, and Basic in the second box. Head to Settings > Update and Security > Advanced Options > Choose how updates are delivered, and turn the first switch off. Disable Cortana by clicking the Search bar/icon. (Optional) Disable web search in Search by going to Settings, and turning off Search online and include web results. Change the name of your PC by going to Start (or hitting the Windows key), typing About PC, and clicking Rename PC. Scheduled Tasks Spoiler Open up the Command Prompt by launching cmd as an administrator, and enter the following: sc delete DiagTracksc sc delete dmwappushserviceecho echo "" > C:\ProgramData\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl echo y|cacls C:\ProgramData\Microsoft\Diagnosis\ETLLogs\AutoLogger\AutoLogger-Diagtrack-Listener.etl /d SYSTEM Here's a list of tasks to delete courtesy of Technie007. You need to go into Task Scheduler to delete them. Microsoft -> Windows -> Application Experience -> Microsoft Compatibility Appraiser Microsoft -> Windows -> Application Experience -> ProgramDataUpdater Microsoft -> Windows -> Autochk -> Proxy Microsoft -> Windows -> Customer Experience Improvement Program -> Consolidator Microsoft -> Windows -> Customer Experience Improvement Program -> KernelCeipTask Microsoft -> Windows -> Customer Experience Improvement Program -> UsbCeip Microsoft -> Windows -> DiskDiagnostic -> Microsoft-Windows-DiskDiagnosticDataCollector Microsoft -> Windows -> PI -> Sqm-Tasks Microsoft -> Windows -> Power Efficiency Diagnostics -> AnalyzeSystem Microsoft -> Windows -> Windows Error Reporting -> QueueReporting Or use this command script to do everything automatically. You will have to accept a UAC prompt if you have it turned on because it auto elevates itself. Group Policy Editor Spoiler How to get the Group Policy Editor on Home version: https://www.itechtics.com/enable-gpedit-windows-10-home/ Open up the Group Policy Editor by launching gpedit.msc as an administrator and make the following changes: Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds. Double click Telemetry, hit Enabled, set the value to 0 and click apply. It's counter-intuitive, I know, but that is actual way to do it. Proof NOTE: This only works in the Enterprise edition, but the final step provides a decent enough workaround for Pro users. Computer Configuration > Administrative Templates > Windows Components > OneDrive, double click Prevent the usage of OneDrive for file storage, hit Enabled, then apply. Computer Configuration > Administrative Templates > Windows Components > Windows Defender, double click Turn Off Windows Defender, hit Enabled, then apply. Registry Editor Spoiler NOTE: Taking ownership of the keys may be required. This tool will allow you to do that. Value Changes Open up the Registry Editor by launching regedit as an administrator. Go through and make the following changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\DataCollection, select AllowTelemetry, change its value to 0, then apply. If any of the referenced keys don't exist then create them with the above values. Deletions Open up the Registry Editor by launching regedit as an administrator. Go through and delete the following keys and/or values: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\AutoLogger\AutoLogger-Diagtrack-Listener HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WMI\AutoLogger\SQMLogger Hosts File Spoiler First, download the Take Ownership tweak and enable it. Then, head to the Hosts File by going through C:\Windows\System32\Drivers\Etc, take ownership of the hosts file, and add the following IPs into it: NOTE: If you add these domains manually and then use DWS_Lite you will end up with duplicate domains. Use HostMan to remove the duplicates. Spoiler 0.0.0.0 a-0001.a-msedge.net 0.0.0.0 a-0002.a-msedge.net 0.0.0.0 a-0003.a-msedge.net 0.0.0.0 a-0004.a-msedge.net 0.0.0.0 a-0005.a-msedge.net 0.0.0.0 a-0006.a-msedge.net 0.0.0.0 a-0007.a-msedge.net 0.0.0.0 a-0008.a-msedge.net 0.0.0.0 a-0009.a-msedge.net 0.0.0.0 a.ads1.msn.com 0.0.0.0 a.ads2.msn.com 0.0.0.0 a.ads2.msads.net 0.0.0.0 a.rad.msn.com 0.0.0.0 ac3.msn.com 0.0.0.0 ad.doubleclick.net 0.0.0.0 ads.msn.com 0.0.0.0 ads1.msn.com 0.0.0.0 ads1.msads.net 0.0.0.0 adnexus.net 0.0.0.0 adnxs.com 0.0.0.0 aidps.atdmt.com 0.0.0.0 aka-cdn-ns.adtech.de 0.0.0.0 apps.skype.com 0.0.0.0 az361816.vo.msecnd.net 0.0.0.0 az512334.vo.msecnd.net 0.0.0.0 b.ads1.msn.com 0.0.0.0 b.ads2.msads.net 0.0.0.0 b.rad.msn.com 0.0.0.0 bs.serving-sys.com 0.0.0.0 c.atdmt.com 0.0.0.0 c.msn.com 0.0.0.0 cdn.atdmt.com 0.0.0.0 cds26.ams9.msecn.net 0.0.0.0 choice.microsoft.com 0.0.0.0 choice.microsoft.com.nsatc.net 0.0.0.0 compatexchange.cloudapp.net 0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com 0.0.0.0 cdnjs.cloudflare.com.cdn.cloudflare.net 0.0.0.0 cs1.wpc.v0cdn.net 0.0.0.0 cdp1.public-trust.com 0.0.0.0 corp.sts.microsoft.com 0.0.0.0 db3aqu.atdmt.com 0.0.0.0 df.telemetry.microsoft.com 0.0.0.0 diagnostics.support.microsoft.com 0.0.0.0 e2835.dspb.akamaiedge.net 0.0.0.0 e8218.ce.akamaiedge.net 0.0.0.0 e7341.g.akamaiedge.net 0.0.0.0 e7502.ce.akamaiedge.net 0.0.0.0 ec.atdmt.com 0.0.0.0 feedback.windows.com 0.0.0.0 feedback.microsoft-hohm.com 0.0.0.0 feedback.search.microsoft.com 0.0.0.0 fe2.update.microsoft.com.akadns.net 0.0.0.0 fe2.ws.microsoft.com.nsatc.net 0.0.0.0 flex.msn.com 0.0.0.0 g.msn.com 0.0.0.0 h1.msn.com 0.0.0.0 hostedocsp.globalsign.com 0.0.0.0 i1.services.social.microsoft.com 0.0.0.0 i1.services.social.microsoft.com.nsatc.net 0.0.0.0 li581-132.members.linode.com 0.0.0.0 lb1.www.ms.akadns.net 0.0.0.0 live.rads.msn.com 0.0.0.0 m.adnxs.com 0.0.0.0 m.hotmail.com 0.0.0.0 msedge.net 0.0.0.0 msftncsi.com 0.0.0.0 msnbot-65-55-108-23.search.msn.com 0.0.0.0 msntest.serving-sys.com 0.0.0.0 oca.telemetry.microsoft.com 0.0.0.0 oca.telemetry.microsoft.com.nsatc.net 0.0.0.0 pre.footprintpredict.com 0.0.0.0 preview.msn.com 0.0.0.0 pricelist.skype.com 0.0.0.0 rad.live.com 0.0.0.0 rad.msn.com 0.0.0.0 redir.metaservices.microsoft.com 0.0.0.0 reports.wes.df.telemetry.microsoft.com 0.0.0.0 s.gateway.messenger.live.com 0.0.0.0 schemas.microsoft.akadns.net 0.0.0.0 schemas.microsoft.akadns.net 0.0.0.0 secure.adnxs.com 0.0.0.0 secure.flashtalking.com 0.0.0.0 services.wes.df.telemetry.microsoft.com 0.0.0.0 settings-win.data.microsoft.com 0.0.0.0 settings-sandbox.data.microsoft.com 0.0.0.0 sls.update.microsoft.com.akadns.net 0.0.0.0 sO.2mdn.net 0.0.0.0 sqm.df.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com 0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net 0.0.0.0 static.2mdn.net 0.0.0.0 statsfe2.ws.microsoft.com 0.0.0.0 statsfe1.ws.microsoft.com 0.0.0.0 statsfe2.update.microsoft.com.akadns.net 0.0.0.0 survey.watson.microsoft.com 0.0.0.0 telecommand.telemetry.microsoft.com 0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net 0.0.0.0 telemetry.appex.bing.net 0.0.0.0 telemetry.appex.bing.net:443 0.0.0.0 telemetry.urs.microsoft.com 0.0.0.0 telemetry.microsoft.com 0.0.0.0 ui.skype.com 0.0.0.0 view.atdmt.com 0.0.0.0 vortex-bn2.metron.live.com.nsatc.net 0.0.0.0 vortex-cy2.metron.live.com.nsatc.net 0.0.0.0 vortex.data.microsoft.com 0.0.0.0 vortex-win.data.microsoft.com 0.0.0.0 vortex-sandbox.data.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com 0.0.0.0 watson.telemetry.microsoft.com.nsatc.net 0.0.0.0 wes.df.telemetry.microsoft.com 0.0.0.0 watson.ppe.telemetry.microsoft.com 0.0.0.0 watson.live.com 0.0.0.0 watson.microsoft.com 0.0.0.0 www.go.microsoft.akadns.net 0.0.0.0 www.msftncsi.com 0.0.0.0 65.39.117.230 0.0.0.0 134.170.30.202 0.0.0.0 137.116.81.24 Or continue to the pastebin link. Doesn't matter to me. And if you want, click here for a hosts file that is complete and total overkill. From what I can tell, it's a list of every Microsoft domain known to man merged with the MVPS domain list. Useful Software/Scripts/Forum Threads Spoiler Destroy Windows 10 Spying FOSS created by @Nummer hosted on Github. It's quite effective at cutting out unnecessary data collection and metro crapware. http://dws.wzor.net Windows Update MiniTool An alternative way to update Windows created by stupid user from Ru-Board. It can configure your automatic update settings, has an offline mode, and other features. You will never have to use the Settings version of Windows Updates if you use this. http://forums.mydigitallife.info/threads/64939-Windows-Update-MiniTool (English Re-host. Requires registration.) http://forum.ru-board.com/topic.cgi?forum=5&topic=48142#2 (stupid uer's original thread.) TinyWall A free, lightweight, easy-to-use front end for the Windows Firewall. It requires no configuration as it blocks all outgoing connections unless explicitly whitelist it by default. However, you may want to set it to always run as admin to prevent a privilege arms race. http://tinywall.pados.hu Windows Firewall Configuration - Truly Block EVERYTHING... If you still want to use a deny-by-default approach with Windows Firewall, but don't want to use TinyWall you can follow a guide posted by CODYQX4 on the My Digital Life Forums. It uses Windows Firewall Control, another front end for Windows Firewall. http://forums.mydigitallife.info/threads/64640-Windows-Firewall-Configuration-Truly-Block-EVERYTHING HostsMan A simple, free hosts file manager with a built-in editor and updater (no need for notepad). It can subscribe to several hosts file lists simultaneously that are automatically updated when a new version is released. It can also scan the hosts file for errors, duplicates and possible hijacks. http://www.abelhadigital.com/hostsman OneDrive Uninstaller Run this script to completely uninstall OneDrive from your machine. Link. Also please remember this is not an exhaustive list so feel free to post things that can improve this post an I'll add it to this post and credit you. Lastly, to paraphrase NoelC: try things for yourself. Keep good notes on what you do, on what works, and save original files. The knowledge gained from the experience of seeing how things work is invaluable. 7/29/15: Changed IPs to 0.0.0.0 as recommended by NoelC. 7/31/15: Expanded telemetry list and added overkill, nuke-from-orbit list. 7/31/15: Reformatted the OP, reflected as many IPs as possible into hostnames, added Techie007's post to the relevant sections, and added gpedit.msc fix for Home users. 8/3/15: Added tomasz86's OneDrive uinstaller and automated services & scheduled tasks command script. 8/5/15: Added useful software/scripts section. 1/9/16: Renamed useful software/scripts to useful software/scripts/forum threads and added stuff to it. 6/26/16: Reformatted to be readable with the new forum software. Edited July 6, 2016 by ptd163 15
NoelC Posted July 30, 2015 Posted July 30, 2015 Nice! Suggest using 0.0.0.0 instead of 127.0.0.1 on each entry in the hosts file you want to abort. I wonder what some of those settings will do in terms of allowing Insiders to remain active... -Noel 1
Tripredacus Posted July 30, 2015 Posted July 30, 2015 We've known about the Express Settings thing for a while. You should edit your post and link to the reddit threads you got this information from, presuming that author wasn't doing anything illegal.
ptd163 Posted July 30, 2015 Author Posted July 30, 2015 Suggest using 0.0.0.0 instead of 127.0.0.1 on each entry in the hosts file you want to abort. Huh. That's what Unchecky uses as well. What's the difference between 0.0.0.0 and 127.0.0.1?
Tripredacus Posted July 30, 2015 Posted July 30, 2015 Suggest using 0.0.0.0 instead of 127.0.0.1 on each entry in the hosts file you want to abort. Huh. That's what Unchecky uses as well. What's the difference between 0.0.0.0 and 127.0.0.1? A webserver (IIS/Apache) may be running on the computer, for one. AKA "home" is a valid address.
NoelC Posted July 30, 2015 Posted July 30, 2015 Try pinging both. Requests rerouted to 0.0.0.0 fail at a more basic level. Failure / abort is the goal. -Noel
ptd163 Posted July 31, 2015 Author Posted July 31, 2015 Expanded telemetry list and added overkill list. 1
Techie007 Posted July 31, 2015 Posted July 31, 2015 Good list so far. Here are some more items to add to it: Delete the following Scheduled Tasks: Microsoft -> Windows -> Application Experience -> Microsoft Compatibility AppraiserMicrosoft -> Windows -> Application Experience -> ProgramDataUpdaterMicrosoft -> Windows -> Autochk -> ProxyMicrosoft -> Windows -> Customer Experience Improvement Program -> ConsolidatorMicrosoft -> Windows -> Customer Experience Improvement Program -> KernelCeipTaskMicrosoft -> Windows -> Customer Experience Improvement Program -> UsbCeipMicrosoft -> Windows -> DiskDiagnostic -> Microsoft-Windows-DiskDiagnosticDataCollectorMicrosoft -> Windows -> PI -> Sqm-TasksMicrosoft -> Windows -> Power Efficiency Diagnostics -> AnalyzeSystemMicrosoft -> Windows -> Windows Error Reporting -> QueueReporting And delete the following Registry keys: HKLM -> SYSTEM -> CurrentControlSet -> Control -> WMI -> AutoLogger -> AutoLogger-Diagtrack-ListenerHKLM -> SYSTEM -> CurrentControlSet -> Control -> WMI -> AutoLogger -> SQMLogger There's a lot more lurking in the registry, but the above is all I am sure about at the moment. 1
NoelC Posted July 31, 2015 Posted July 31, 2015 Interesting to see the expansion of the hosts list, including some nameless IP addresses in there now. I'd have loved to see some comments on those entries describing where they go, though I am using the list now to see what - if anything - doesn't work. So far, it seems to be able to check Windows Update for updates, and I seem to be able to access OneDrive via a web browser (I wouldn't want that any other way). I'm actually expecting an improved experience as a result of these changes. -Noel
JorgeA Posted July 31, 2015 Posted July 31, 2015 Good list so far. Here are some more items to add to it: Delete the following Scheduled Tasks: Microsoft -> Windows -> Application Experience -> Microsoft Compatibility AppraiserMicrosoft -> Windows -> Application Experience -> ProgramDataUpdaterMicrosoft -> Windows -> Autochk -> ProxyMicrosoft -> Windows -> Customer Experience Improvement Program -> ConsolidatorMicrosoft -> Windows -> Customer Experience Improvement Program -> KernelCeipTaskMicrosoft -> Windows -> Customer Experience Improvement Program -> UsbCeipMicrosoft -> Windows -> DiskDiagnostic -> Microsoft-Windows-DiskDiagnosticDataCollectorMicrosoft -> Windows -> PI -> Sqm-TasksMicrosoft -> Windows -> Power Efficiency Diagnostics -> AnalyzeSystemMicrosoft -> Windows -> Windows Error Reporting -> QueueReporting And delete the following Registry keys: HKLM -> SYSTEM -> CurrentControlSet -> Control -> WMI -> AutoLogger -> AutoLogger-Diagtrack-ListenerHKLM -> SYSTEM -> CurrentControlSet -> Control -> WMI -> AutoLogger -> SQMLogger There's a lot more lurking in the registry, but the above is all I am sure about at the moment. It'll be interesting to see if these get added back without the user's knowledge or input, the way that certain Windows Updates reappear even after you hide them. --JorgeA
Techie007 Posted July 31, 2015 Posted July 31, 2015 Going from preview build to the next build, yes, they always came back. We will have to see on Windows Updates.
ptd163 Posted August 1, 2015 Author Posted August 1, 2015 (edited) Interesting to see the expansion of the hosts list, including some nameless IP addresses in there now. I'd have loved to see some comments on those entries describing where they go I reflected as many IPs into hostnames as possible with nslookup. A server failure, A non-existent host, and a timeout are why the 3 remain. If there were any comments about the nameless IPs it wasn't in the Reddit thread this post started from. Edited August 1, 2015 by ptd163
NoelC Posted August 1, 2015 Posted August 1, 2015 (edited) I'd be more interested in what parts of Windows accessed those locations, actually. And yes, I would expect ALL of these tweaks to be undone with anything more than the most minimal Windows Update. Microsoft thinks they have everyone conditioned to accept that kind of crap now. The tweakers of the future will have to be re-tweakers - programs that run at startup and make sure things stay as the user wants them. Not a big deal, really, but more of a pain than the "set it and forget it" stance we're used to. Nice job on the reformatting of the OP by the way. -Noel Edited August 1, 2015 by NoelC 1
bphlpt Posted August 1, 2015 Posted August 1, 2015 (edited) FWIW, I'm not saying at all that those three nameless IP's should be removed from your list, but for me: 65.39.117.230 -- Webpage not available -- took too long to respond134.170.30.202 -- went to http://www.microsoft.com/en-us/windows/apps-and-games137.116.81.24 -- brought up a page that just had "Ok" on it, whatever that means. Cheers and Regards Edited August 1, 2015 by bphlpt 1
fafreeman Posted August 1, 2015 Posted August 1, 2015 (edited) [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection]"AllowTelemetry"=dword:00000000 apparently thats the key enterprise sets when you disable telemetry in group policy. the key appears to work on home and pro since it does disable, greys out, the data and usage box. it will also set what ever telemetry setting you have to the lowest one, basic, which it too does on enterprise. it just needs more testing to make sure. Edited August 1, 2015 by fafreeman 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now