O&O ShutUp10 Free antispy tool for Windows 10

[alacran]

 

At the most one can say that the tool gives you more control (which is not full control), it's just about calling things with their name.

 

jaclaz

 

 

I totally agree, it has a good collection of changes required in registry, but that is not enough. We need to make a second filter using Firewall in OS, and maybe a third one using Router settings, and blocking all ports we don't have an specific need for them.

 

It has to be a way to stop this "phone home" behavior on 10. 

 

I'm using 7 and running Windows Firewall Notifier on it there is almost nothing to block.

[NoelC]

An implicit assumption may be that there can be a single, easy to manage set of rules that will block unwanted communications but allow those essential for ongoing use - such as Windows Update, using tools that do online update checks, and even buying/using things from the Windows Store.

 

I'm not sure there can be such a set.  And even if possible it would be a TREMENDOUS amount of work to keep up with all the changes Microsoft will now be making all the time.

 

More and more Windows 10 feels like...

 

 

-Noel

[DonDamm]

@NoelC

 

the addys you mentioned above belong to the following

 

104.73.38.54:443  Alex Xu, 1578 Virginia Road, San Marino, CA; Defense.Net, Inc, Jacksonville FL
157.55.240.220:443 Microsoft Corp., Redmond, WA
157.56.96.58:443 Microsoft Corp., Redmond, WA
172.224.177.145:443 Akamai Technologies, Inc., Cambridge, MA
172.224.178.197:443 Akamai Technologies, Inc., Cambridge, MA
172.224.180.140:443 Akamai Technologies, Inc., Cambridge, MA
178.255.83.1:80 Comodoca, Unit 7, Campus Road, Listerhills Science Park, Bradford, BD7 1HR, United Kingdom
178.255.83.2:80 Comodoca, Unit 7, Campus Road, Listerhills Science Park, Bradford, BD7 1HR, United Kingdom
192.116.242.20:80 Srartcom Ltd, Petach-Tikva,Israel www.startssl.com
23.15.5.197:80 Akamai Technologies, Inc., Cambridge, MA
23.15.5.213:80 Akamai Technologies, Inc., Cambridge, MA
23.4.37.163:80 Akamai Technologies, Inc., Cambridge, MA
23.4.43.27:80 Akamai Technologies, Inc., Cambridge, MA
23.74.2.58:80 Akamai Technologies, Inc., Cambridge, MA
23.74.2.88:80 Akamai Technologies, Inc., Cambridge, MA
64.4.54.116:443 Microsoft Corp., Redmond, WA
65.55.44.108:443 Microsoft Corp., Redmond, WA
66.119.114.157:443 NITNETWORK, 3867 SE Evans Terrace, Stuart, FL

 

It is interesting to note that they are all through port 80 (http) or 443 (https). Akamai is a major player and is involved in both good and bad stuff. I've never heard of NITNE or NitNetwork.

 

:^)

[NoelC]

Yes, they're all http: or https: type connections.  I don't see TCP connections for any other ports at this point.

 

I suspect most are "CDN" (Content Delivery Network) type addresses.  Microsoft is putting a helluva load on the internet with Windows 10 and they know it will require all the load handling measures that can be mustered.

 

I'm more suspicious of the https: (port 443) ones in general, as these would represent something Microsoft would not want others to see.  Plus the encryption / decryption process takes extra resources.

 

What I didn't list were the amount of contacts.

 

Example:  I've run Windows 10 all day in a VM today.  Have done some surfing with it, but not very much else (other than starting some applications and taking some screen grabs).  For all the huge amount of effort I've put into blocking its chattiness online (AND making Updates NOT be automatic), these non-LAN addresses were logged as successfully being contacted via TCP today.  I'm listing the number of times first, with the port after:

Communications that succeeded: Nbr ofConns   By              Address 3       svchost         23.13.224.238:443   https: to Akamai Technologies, Cambridge2       svchost         23.13.224.50:443    https: to Akamai Technologies, Cambridge4       svchost         23.36.88.190:443    https: to Akamai Technologies, Cambridge2       svchost         65.55.138.111:443   https: to Microsoft Hosting, Redmond2       svchost         157.55.133.204:443  https: to Microsoft Azure, Redmond4       svchost         157.55.250.220:443  https: to Microsoft Azure, Redmond2       svchost         23.14.84.57:80      http: to Akamai Technologies, Cambridge4       svchost         93.184.215.200:80   http: to Edgecast Networks, Wichita Communications that were blocked in the same time period: 1       dmclient        64.4.54.253:443     https: to Microsoft bingbot, Redmond2       SIH client      157.55.133.204:443  https: to Microsoft Azure, Redmond6       logtransport    192.150.19.174:443  https: to hl2rcv.adobe.com, Saratoga2       taskhostw       23.4.37.163:80      http: to Akamai Technologies, Cambridge2       taskhostw       23.4.43.27:80       http: to Akamai Technologies / NTT America, Cambridge2       taskhostw       23.14.84.115:80     http: to Akamai Technologies, Cambridge2       taskhostw       23.14.84.154:80     http: to Akamai Technologies, Cambridge6       taskhostw       178.255.83.1:80     http: to ocsp.comodoca.com, London5       taskhostw       178.255.83.2:80     http: to crl.comodoca.com, London

Note that 2 connections by SIH (Silent Install Helper) Client were blocked 157.55.250.220:443 (which is one of the addresses listed as successfully contacted by svchost).  This probably implies the need for improvement in the firewall setup, which at the moment I have permitting communications by svchost that do not fall in specific blacklists.  The intent is to keep Windows Update capable of working, though not automatically.

 

 

-Noel

Edited September 2, 2015 by NoelC

[jaclaz]

Well it looks every day more people and also sofware companies are starting to try to stop this spying tactics in Win10 see here for more info and download:

 

The French way (JFYI):

https://phrozensoft.com/2015/09/windows-privacy-tweaker-4

 

 

Windows 10, Microsoft’s latest upgrade to its operating system, comes bundled with telemetry and tracking services that are enabled by default. While the company is insisting that it was 'not spying' but simply trying to enhance the program by understanding what users do, Windows 10 is constantly collecting users’ data, sharing Wi-Fi passwords to contacts (albeit with encryption), and collects data and usage patterns exhibited by every user of Windows 10.

But don't be fooled, even older versions of Windows shared some information with Microsoft. So, your sense of privacy and security may have been severely compromized for a long time without you knowing about it.

But all your suspicions may be resolved because now there is Phrozensoft Windows Privacy Tweaker that easily restores all your settings to it maximum safety levels. Use it and you have no more issues about your privacy or online safety.

We take care about that.

Is it only for Windows 10?

No! it also detect some privacy issues for Windows Vista, Windows 7 and Windows 8/8.1

How it works

To achieve the maximum level of privacy and security, simply uncheck all the unsafe Red Fields to the safe Green Fields.

Notice: Tweaking Service and Scheduled Tasks might require the reboot of your computer to be 100% applied

 

 

jaclaz

[TELVM]

The French way (JFYI):

https://phrozensoft.com/2015/09/windows-privacy-tweaker-4

 

^ It paints Smartscreen in red:

 

 

On W7 systems where Internet Exploder is not used (Pale Moon only, thanks), do you see any problem with disabling Smartscreen?

 

(BTW this Windows Privacy Tweaker little program attempted an outbound connection the first time I run it ...    )

[jaclaz]

On W7 systems where Internet Exploder is not used (Pale Moon only, thanks), do you see any problem with disabling Smartscreen?

Of course not.

(BTW this Windows Privacy Tweaker little program attempted an outbound connection the first time I run it ...    )

Interesting.

Though most probably innocuous , yet another example of why a "real" external firewall is a good idea, and indirect proof that we have been forcibly put in the condition of never trusting anyone .

jaclaz

[Tripredacus]

Yes, they're all http: or https: type connections.  I don't see TCP connections for any other ports at this point.

Have you been looking at any outgoing UDP connections as well?

[NoelC]

@Tripredacus, the only UDP I see that goes outside is an occasional time sync request to 191.233.81.105:123.  There are multicasts but they're link-local and/or not getting outside my router (nor is IPv6 going anywhere outside my LAN).

 

I am presently waiting for an update to the Sphinx Windows Firewall Control software to solve a minor issue I've encountered in using it to manage multiple systems.

 

@TELVM, I agree, blow that SmartScreen garbage away!

 

Near as I can tell Microsoft has not yet corrupted their own firewall by building a path around it.  This is one of the reasons I like the Sphinx Windows Firewall Control software.  It's just a management interface to the system firewall, which is quite effective.

 

-Noel

Edited September 4, 2015 by NoelC

[TELVM]

... @TELVM, I agree, blow that SmartScreen garbage away! ...

 

Done and, as they say in France, avec plaisir!

 

[alacran]

 

Well it looks every day more people and also sofware companies are starting to try to stop this spying tactics in Win10 see here for more info and download:

 

The French way (JFYI):

https://phrozensoft.com/2015/09/windows-privacy-tweaker-4

 

jaclaz

 

 

And here another one: https://www.ashampoo.com/en/usd/pin/1004/security-software/Antispy-for-Windows-10

 

alacran

[NoelC]

It just occurred to me that if many of these "hacks" to S Windows TFU mess up Windows, this could be a bright spot.  Microsoft support will get call after call after call where the user says "well, of course I blocked your stupid telemetry, now fix the problems I caused!"

 

Maybe the support organization will report unprecedented costs up to the losers in charge.

 

-Noel