(Outdated) How to deactivate Windows 10 spy functions

bl4uni · Sep 12, 2015

Hello guys,
I'm gonna tell you how to deactivate all the "basic" spy functions if youre using windows 10. Sorry that all the pictures are in german, anyway this should not disrupt you as everything is fairly easy to understand.

1. Settings (working)

First, you open the start Menu and click settings:

Then you navigato to Privacy and make sure it looks the same as it does in the following pictures.
1: OFF
2: doesn't really matter
3: OFF
4: OFF

Scroll down and select Feedback and Diagnosis.
Feedback: NEVER

Also it is very important that you disable Cortana. To do this, you click on the Search Bar and select the gearwheel. Make sure everything is turned OFF.

2. Disabling Telemetry (maybe not working)

You open the search bar and type regedit:

Open the programm and search for the following key:
HKEY_LOCAL_MACHINESOFTWARE\Policies\Microsoft\Windows\DataCollection
If there is no key, but the default one we will create a DWORD 32 bit Key named AllowTelemetry . You can do this by right clicking and selecting New:

Keep the Data as it is, to zero. If you happen to already have the key, because you are using the Enterprise Version of Windows 10, make sure it is set to zero.
Just for the understanding: There are people saying that this won't affect anything. Actually by now, we don't know if it does something or not. But one thing is sure: It doesn't hurt you.

3. Disallowing the connection to Windows Servers (maybe not working)

This will definitely work. First of, you need to open the Windows Prompt with Administrative Rights. Once again, open the search bar and type cmd. Next you need to right click and select Open as Administrator:

You will now navigate to drivers\etc\ by using the following command: cd drivers\etc

Open the hosts file by typing notepad hosts and add all of the following text to it:

Code:

127.0.0.1 compatexchange.cloudapp.net
127.0.0.1 a-0001.a-msedge.net
127.0.0.1 choice.microsoft.com
127.0.0.1 choice.microsoft.com.nsatc.net
127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 redir.metaservices.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 services.wes.df.telemetry.microsoft.com
127.0.0.1 settings-sandbox.data.microsoft.com
127.0.0.1 sls.update.microsoft.com.akadns.net
127.0.0.1 sqm.df.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 statsfe2.ws.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.microsoft.com
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 watson.ppe.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com.nsatc.net

At the end, just save by clicking File and Save.
This will disallow every attempt your Computer makes to contact the Windows Telemetry Servers by redirecting it to localhost.

4. Deactivating Spy Services (working)

Open the Search bar and type services. Open the first result:

Scroll down and search for a Service named DiagTrack. Select Starting Type: Deactivated and if you want to close it right away click on Terminate. (If it doesnt say terminate but something else which means the same, thats the button you need to click. It should be located to the right from the Button which says Start.)

Do this again but with another Service named dmwappushsvc.

If you have any questions or suggestions for this tutorial just tell me in this thread.

With friendly Regards
bl4uni

Derp · Sep 12, 2015

bl4uni said:
Hello guys,
I'm gonna tell you how to deactivate all the "basic" spy functions if youre using windows 10. Sorry that all the pics are in german, anyway this should not disrupt you as everything is fairly easy to understand.

1. Disabling Telemetry
First you open the search bar and type "regedit":

Open the programm and search for the following key:
HKEY_LOCAL_MACHINESOFTWARE\Policies\Microsoft\Windows\DataCollection
If there is no key, but the default one we will create a DWORD 32 bit Key named AllowTelemetry . You can do this by right clicking and selecting New:

Keep the Data as it is, to zero. If you happen to already have the key, because you are using the Enterprise Version of Windows 10, make sure it is set to zero.
Just for the understanding: There are people saying that this won't affect anything. Actually by now, we don't know if it does something or not. But one thing is sure: It doesn't hurt you.

2. Disabling the connection to Windows Servers
This will definitely work. First of, you need to open the Windows Prompt with Administrative Rights. Once again, open the search bar and type cmd. Next you need to right click and select Open as Administrator:

You will now navigate to drivers\etc\ by using the following command: cd drivers\etc

Open the hosts file by typing notepad hosts and add all of the following text to it:

Code:

127.0.0.1 compatexchange.cloudapp.net 127.0.0.1 a-0001.a-msedge.net 127.0.0.1 choice.microsoft.com 127.0.0.1 choice.microsoft.com.nsatc.net 127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com 127.0.0.1 df.telemetry.microsoft.com 127.0.0.1 oca.telemetry.microsoft.com 127.0.0.1 oca.telemetry.microsoft.com.nsatc.net 127.0.0.1 redir.metaservices.microsoft.com 127.0.0.1 reports.wes.df.telemetry.microsoft.com 127.0.0.1 services.wes.df.telemetry.microsoft.com 127.0.0.1 settings-sandbox.data.microsoft.com 127.0.0.1 sls.update.microsoft.com.akadns.net 127.0.0.1 sqm.df.telemetry.microsoft.com 127.0.0.1 sqm.telemetry.microsoft.com 127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net 127.0.0.1 statsfe2.ws.microsoft.com 127.0.0.1 telecommand.telemetry.microsoft.com 127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net 127.0.0.1 telemetry.appex.bing.net 127.0.0.1 telemetry.microsoft.com 127.0.0.1 telemetry.urs.microsoft.com 127.0.0.1 vortex-sandbox.data.microsoft.com 127.0.0.1 vortex-win.data.microsoft.com 127.0.0.1 vortex.data.microsoft.com 127.0.0.1 watson.ppe.telemetry.microsoft.com 127.0.0.1 watson.telemetry.microsoft.com 127.0.0.1 watson.telemetry.microsoft.com.nsatc.net

At the end, just save by clicking File and Save.
This will disallow every attempt your Computer makes to contact the Windows Telemetry Servers by redirecting it to localhost.
If you have any questions or suggestions for this tutorial just tell me in this thread.

With friendly Regards
bl4uni

I didn't know about the first Registry part,
Anyway, about the second part

That will not work, Windows 10 Can skip the whole hosts file and ignore everything , even if you found a way to block the domains, their server's IP's are hard coded,

Packet Sniffing won't help neither, The only way to log the traffic is by creating a bridge between 2 computers and then log the traffic in the second computer,

In a few words:

You have to blacklist the IP's from your router

bl4uni · Sep 12, 2015

Alright, I didn't know that. I already did that with my router, just thought you cant really make a good tutorial about that, because every routers configuration is different. The registry part is said to only work on Enterprise Versions, still there is no evidence that it doesn't work on other versions. I will soon update this thread with methods that are working.

EDIT: Added a method which will definitely work.

Bluscream · Sep 12, 2015

Easiest solution; Dont use Windows 10

bl4uni · Sep 12, 2015

I really like Windows 10 though.

Derp · Sep 13, 2015

bl4uni said:
I really like Windows 10 though.

May I ask Why?

Asphyxia · Sep 13, 2015

Here is my single tip of advice --- when you are installing Windows 10 and are given the slider options, select "No" for everything. It pretty much turns off most of the spying behavior.

bl4uni · Sep 13, 2015

Derp said:
May I ask Why?

Sure. I used Windows 7 before and I think the Design of Win10 is way more attractive. Also it boots about 5 Seconds faster. This doesnt really matter for me, because I have a SSD but it may matter for a lot of people. I also like the multitasking functions it comes with.

Asphyxia said:
Here is my single tip of advice --- when you are installing Windows 10 and are given the slider options, select "No" for everything. It pretty much turns off most of the spying behavior.

You're right, it turns off most. But for example the Feedback will still be on Automatic which basically means that Windows can request your data whenever it wants. And this is just one of many examples. The advices I gave above, especially the one where you deactivate the Services, will turn stuff off that you cant turn off by just selecting "No" while installing.

Yismokesbong · Sep 13, 2015

Very good tutorial, glad to have you here.

crysis · Sep 16, 2015

Thanks for this tutorial

Asphyxia · Sep 17, 2015

We should have the IP addresses monitored --- then create a blacklist on all Microsoft collection servers or their IP ranges.

bl4uni · Sep 17, 2015

Yismokesbong said:
Very good tutorial, glad to have you here.

crysis said:
Thanks for this tutorial

Thanks guys.

Asphyxia said:
We should have the IP addresses monitored --- then create a blacklist on all Microsoft collection servers or their IP ranges.

Thats a good idea. When I resolve the URL's, I get the following IP's:

Code:

23.99.10.11
64.4.54.32
65.52.100.7
65.52.100.9
65.52.100.11
65.52.100.91
65.52.100.92
65.52.100.94
65.52.108.29
65.52.108.153
65.55.29.238
65.55.130.50
65.55.252.43
65.55.252.63
65.55.252.92
65.55.252.93
111.221.29.177
131.253.40.37
157.55.133.204
168.63.108.233
191.232.139.254
195.138.255.34
204.79.197.200

kingston · Feb 18, 2016

You are walking in the dark. The best way to disable spying crap in win10 is to wipe your drive clean and stop using that system. You basically can disable just stuff that you see but there is way more that you don't see and you can't disable that. BTW telemetry is nothing new - it exists even in win7 and blocking it is a basic task to do. Not with the funny registry edit though... and yes, 5 secs faster boot is definitely a good reason to install this spying shit and share all you got there with authorities.

Try to disable WebRTC and DNS leaks in win10

And that's just where the real fun begins...

(Outdated) How to deactivate Windows 10 spy functions

bl4uni

Active Member

Derp

bl4uni

Active Member

Bluscream

bl4uni

Active Member

Derp

Asphyxia

Owner

bl4uni

Active Member

Yismokesbong

Member

crysis

Member

Asphyxia

Owner

bl4uni

Active Member

kingston