Updates to hide to prevent Windows 10 Upgrade / Disable Telemetry

Berryracer

Platinum Member
Oct 4, 2006
2,779
1
81
I have been noticing lately a lot of people keep asking the same question on how to prevent the Windows 10 upgrade so here is a list of updates that need to be hidden in order to prevent the Windows 10 Upgrade or prevent updates that enable Telemetry, some of them are system preparation for the upgrade so you may not find them all in your updates list until a pre-requistie update was installed before.


If doing a clean installation of Windows 7 or 8, you need to scan the list of updates carefully everytime updates appear to ensure none of them re-appears as Micro$h4ft has been showing some of them again even if you hide them.




If you have already installed Windows and did a few updates, then head over to Control Panel > Programs and Features > View Installed Updates then go from the top to the bottom through the list to ensure none of them is installed, if you do find one installed, then uninstall it, reboot, then check for updates and once it appears right click on it and hide it.


These Windows 10 upgrade activation updates are like a virus really, only thing is, it's a legit virus
clear.png





=============================================================
First of all, for Windows 7 users, let's install the Disable IE 10 and IE 11 toolkit in order for them to not showup in Windows Updates because if one installs them, he would get KB2670838 installed automatically as they come bundled with them which will break the AERO functionality on many systems and/or display blurry fonts in your browser on some sites.


IE10 BlockerToolkit


IE11 BlockerToolkit


Once you run any of the above downloaded EXEs, it will ask you to extract the contents to a folder. Select the folder you want then go through the Read Me File for instructions.


Here is how I blocked IE 10/11 on my system. Note that my computer name is PREDATOR hence you need to replace PREDATOR with your computer name.


o4hts1U.png



=============================================================
KB2505438 (Although it claims to fix performance issues, it often breaks fonts)
KB2670838 (The EVIL Update, breaks AERO on Windows 7 and makes some fonts on websites fuzzy, Windows 7 specific update only, do not install IE10 or 11 otherwise it will be bundled with them, IE9 is the max version you should install)
KB2882822 (Very fishy update that just popped up with not enough detail about it)
KB2902907 (Microsoft Security Essentials)
KB2952664 ("Get Windows 10" Assistant)
KB2976978 (Windows 10 Upgrade preparation for Windows 8)
KB2977759 (Windows 10 Upgrade preparation for Windows 7)
KB2990214 (Windows 10 Upgrade preparation for Windows 7)
KB3012973 (Force Trigger Download and Install of Windows 10)
KB3015249 (Adds telemetry points to consent.exe in Windows 7 & Windows 8)
KB3021917 (Windows 10 Upgrade preparation + Telemetry)
KB3022345 (Telemetry)
KB3035583 (GWX Update installs the "Get Windows 10" app in Windows 7 & Windows 8)
KB3042058 (Microsoft claims its a security update but it contains Winlogon Spying)
KB3044374 (Windows 10 Upgrade for Windows 8 systems)
KB3050267
(Windows 10 upgrade preparation but also adds the option in GPEDIT to disable Windows 10 upgrade altogether so you may want to actually install this)
KB3064683 (Windows 10 Upgrade for Windows 8)
KB3065987 (Windows 10 Upgrade for Windows 7)
KB3065988 (Windows 10 Upgrade for Windows 8)
KB3068708 (Telemetry)
KB3072318 (Windows 10 Upgrade preparation for Windows 8)
KB3074677 (Windows 10 Upgrade preparation)
KB3075249 (Telemetry)
KB3075851 (Windows 10 Upgrade for Windows 7)
KB3075853 (Windows 10 Upgrade for Windows 8)
KB3080149 (Telemetry)
KB3081437 (Windows 10 Upgrade preparation)
KB3081454 (Windows 10 Upgrade preparation)
KB3081954 (Telemetry Update for Windows 7)
KB3083324 (Windows 10 Upgrade preparation for Windows 7)
KB3083325 (Windows 10 Upgrade preparation for Windows 8)
KB3083710 (Update for the Windows Update client with sketchy details for Windows 7, see this thread)
KB3083711 (Update for the Windows Update client with sketchy details for Windows 8, see this thread)
KB3086255 (Flagged as an Important update. It disables SafeDisc games in Windows Vista, 7, and 8/8.1)
KB3088195 (Miscorosft Claims it's a security update but also has a key logger on the Kernel Level)
KB3090045 (Windows 10 Upgrade Update for Windows 7/8)
KB3093983 (Microsoft claims it's a security update but it contains IE spying)
KB3102810 (Fixes an issue regarding long wait while searching for Windows Updates but also has Windows 10 Upgrade preparation for Windows 7)
KB3102812 (Fixes an issue regarding long wait while searching for Windows Updates but also has Windows 10 Upgrade preparation for Windows 8)
KB3112343 (Windows 10 Upgrade for Windows 7)
KB3112336 (Windows 10 Upgrade for Windows 8)
KB3112343 (Windows 10 Upgrade for Windows 7)
KB3123862 (Windows 10 Upgrade for Windows 7 & 8)
KB3135445 (Windows 10 Upgrade for Windows 7)
KB3135449 (Windows 10 Upgrade for Windows 8)

=============================================================
To uninstall any of the above listed updates, simply copy/paste one of the below commands according to which update you want to install in an elevated command prompt then hit enter:


wusa /uninstall /kb:2505438 /norestart


Replace the number in red with the KB Update # you want to uninstall.

To uninstall all the bad updates in one shot, Download this batch file:

"Remove Telemetry-Win10 Upgrade Updates Script"

Code:
@echo off
echo [---Uninstalling updates, please be patient---]
wusa /uninstall /kb:2505438 /quiet /norestart
wusa /uninstall /kb:2670838 /quiet /norestart
wusa /uninstall /kb:2882822 /quiet /norestart
wusa /uninstall /kb:2902907 /quiet /norestart
wusa /uninstall /kb:2952664 /quiet /norestart
wusa /uninstall /kb:2976978 /quiet /norestart
wusa /uninstall /kb:2977759 /quiet /norestart
wusa /uninstall /kb:2990214 /quiet /norestart
wusa /uninstall /kb:3012973 /quiet /norestart
wusa /uninstall /kb:3015249 /quiet /norestart
wusa /uninstall /kb:3021917 /quiet /norestart
wusa /uninstall /kb:3022345 /quiet /norestart
wusa /uninstall /kb:3035583 /quiet /norestart
wusa /uninstall /kb:3042058 /quiet /norestart
wusa /uninstall /kb:3044374 /quiet /norestart
wusa /uninstall /kb:3050267 /quiet /norestart
wusa /uninstall /kb:3064683 /quiet /norestart
wusa /uninstall /kb:3065987 /quiet /norestart
wusa /uninstall /kb:3065988 /quiet /norestart
wusa /uninstall /kb:3068708 /quiet /norestart
wusa /uninstall /kb:3072318 /quiet /norestart
wusa /uninstall /kb:3074677 /quiet /norestart
wusa /uninstall /kb:3075249 /quiet /norestart
wusa /uninstall /kb:3075851 /quiet /norestart
wusa /uninstall /kb:3075853 /quiet /norestart
wusa /uninstall /kb:3080149 /quiet /norestart
wusa /uninstall /kb:3081437 /quiet /norestart
wusa /uninstall /kb:3081454 /quiet /norestart
wusa /uninstall /kb:3081954 /quiet /norestart
wusa /uninstall /kb:3083324 /quiet /norestart
wusa /uninstall /kb:3083325 /quiet /norestart
wusa /uninstall /kb:3083710 /quiet /norestart
wusa /uninstall /kb:3083711 /quiet /norestart
wusa /uninstall /kb:3086255 /quiet /norestart
wusa /uninstall /kb:3088195 /quiet /norestart
wusa /uninstall /kb:3090045 /quiet /norestart
wusa /uninstall /kb:3093983 /quiet /norestart
wusa /uninstall /kb:3102810 /quiet /norestart
wusa /uninstall /kb:3102812 /quiet /norestart
wusa /uninstall /kb:3107998 /quiet /norestart
wusa /uninstall /kb:3112336 /quiet /norestart
wusa /uninstall /kb:3112343 /quiet /norestart
wusa /uninstall /kb:3123862 /quiet /norestart
wusa /uninstall /kb:3135445 /quiet /norestart
wusa /uninstall /kb:3135449 /quiet /norestart
echo [---Uninstall complete, restart your computer to finish---]
=======================================================================
Additionally, please go to Task Scheduler and disable the following items:


MwOB7K2.png



LS0eplm.png



bfik5z9.png



2B93nba.png



=============================================================
Finally, create an empty TXT in notepad and copy/paste the below text then save it as hosts without any extension; then copy this file to C :Windows\System32\drivers\etc overwriting the existing file then reboot.


This hosts file will block OpenCandy Malware, Telemetry, and a few dangerous domains like SourceForge. Feel free to remove any entry you don't want to block.


Code:
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#  102.54.94.97  rhino.acme.com  # source server
#  38.25.63.10  x.acme.com  # x client host


127.0.0.1 localhost
127.0.0.1 bi.bisrv.com
127.0.0.1 www.softonic.com
127.0.0.1 softonic.com
127.0.0.1 sourceforge.net
127.0.0.1 www.bestvistadownloads.com
127.0.0.1 image.online-convert.com/convert-to-ico
127.0.0.1 tracking.opencandy.com.s3.amazonaws.com
127.0.0.1 media.opencandy.com
127.0.0.1 cdn.opencandy.com
127.0.0.1 tracking.opencandy.com
127.0.0.1 api.opencandy.com
127.0.0.1 offer.alibaba.com
127.0.0.1 a.ads1.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 a.ads2.msn.com
127.0.0.1 ads1.msads.net
127.0.0.1 ads1.msn.com
127.0.0.1 adsmockarc.azurewebsites.net
127.0.0.1 ads.msn.com
127.0.0.1 b.ads1.msn.com
127.0.0.1 b.ads2.msads.net
127.0.0.1 bingads.microsoft.com
127.0.0.1 dl.delivery.mp.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 sb.scorecardresearch.com
127.0.0.1 spynet2.microsoft.com
127.0.0.1 spynetalt.microsoft.com
127.0.0.1 sqm.df.telemetry.microsoft.com
127.0.0.1 sqm.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 survey.watson.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.microsoft.com
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 watson.live.com
127.0.0.1 watson.microsoft.com
127.0.0.1 watson.ppe.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com.nsatc.net
127.0.0.1 wes.df.telemetry.microsoft.com
::1 localhost
=============================================================
 
Last edited:

MTDEW

Diamond Member
Oct 31, 1999
4,284
37
91
I have a friends laptop here that doesn't want the Windows 10 upgrade.

So I uninstalled update KB 3035583, then hid it to prevent the windows 10 upgrade from showing up in the taskbar.
Then I did a disk cleanup and cleaned all windows system files.(there is no GWX folder or GWX.exe file on the system and the upgrade icon in the taskbar is gone)
I thought that was all I would need to do but...
Now every time when the I check for updates on that PC I keep seeing a windows update has failed..Upgrade to Windows 10 Pro - Failed - Important.
(in other words, now I see that windows 10 upgrade failed listed in the update history many many times, once for every time the system has been checked for updates since i've uninstalled/hidden KB 3035583 )

Should I be uninstalling/hiding some of the other updates you mentioned also?
Or is it good to go "as is" and that failure is always going to be there when checking updates until the "free upgrade" offer is over?
It doesn't prevent any other updates , all other updates update as normal.
And it doesn't actually ever try to download/install the Win10 Pro upgrade.
 

Berryracer

Platinum Member
Oct 4, 2006
2,779
1
81
I have a friends laptop here that doesn't want the Windows 10 upgrade.

So I uninstalled update KB 3035583, then hid it to prevent the windows 10 upgrade from showing up in the taskbar.
Then I did a disk cleanup and cleaned all windows system files.(there is no GWX folder or GWX.exe file on the system and the upgrade icon in the taskbar is gone)
I thought that was all I would need to do but...
Now every time when the I check for updates on that PC I keep seeing a windows update has failed..Upgrade to Windows 10 Pro - Failed - Important.
(in other words, now I see that windows 10 upgrade failed listed in the update history many many times, once for every time the system has been checked for updates since i've uninstalled/hidden KB 3035583 )

Should I be uninstalling/hiding some of the other updates you mentioned also?
Or is it good to go "as is" and that failure is always going to be there when checking updates until the "free upgrade" offer is over?
It doesn't prevent any other updates , all other updates update as normal.
And it doesn't actually ever try to download/install the Win10 Pro upgrade.

A while back, it was only KB 3035583 that needed to be hidden/disabled. But now there are many other updates (mentioned above) which are all preparation for Windows 10 installation such as hardware checks and etc.

When I just formatted 2 days ago and ensured to hide some of the updates mentioned above, I didn't even get the KB 3035583 update. Why? Simply because I didn't install any of the pre-requisties so I advice you to go through his installed updates and uninstall any of the above updates then restart. Then search for updates again and when they re-appear, hide them. Also change the Windows update setting to check for updates but don't download/install (3rd option)
 

cmb110792

Junior Member
Sep 9, 2015
6
0
0
Will you be updating this list as more updates come out? I'm sure Microsoft isn't going to just stop adding things into the telemetry side of things now.
 

Berryracer

Platinum Member
Oct 4, 2006
2,779
1
81
Will you be updating this list as more updates come out? I'm sure Microsoft isn't going to just stop adding things into the telemetry side of things now.
Yes I have an updated guide coming soon, please give me 72 hours and I will post the best guide you've seen on the web to avoid the Windows 10 Virus
 

Underclocked

Platinum Member
Oct 9, 1999
2,041
0
76
berryracer, I would like to suggest you create scripts to uninstall the entire batch that are easily editable to add future KBs. One script to uninstall and one script to hide. For us truly lazy folks. ;)

I just used your list to modify my own (since I already have IE11 installed, I won't uninstall 2670838). I also have TinyWall set up to block most everything :) and some things blocked in my router to help. System works fine, in fact it works faster than ever before (7 Pro).

I only discovered one new one in your list that was installed on my system, so I added it to the batch and ran the whole thing again. Noteworthy was that I had to re-hide ALL of them at the next windows update.

Thanks for your efforts!
 

Underclocked

Platinum Member
Oct 9, 1999
2,041
0
76
KB3075851 tried just now. Looks very suspicious. MS needs to be made to stop doing this crap.
 

Brian Stirling

Diamond Member
Feb 7, 2010
4,000
2
0
Nobody's going to tell M$ to stop tracking you! Every bit of data M$ collects is data the government has easy access to without having to hack into your PC or monitor the comm in/out. Same goes for all other companies that collect data on you and that includes pretty much all the apps you download to your phone.

Orwell could not have imagined 2015...


Brian
 

RampantAndroid

Diamond Member
Jun 27, 2004
6,591
3
81
Nobody's going to tell M$ to stop tracking you! Every bit of data M$ collects is data the government has easy access to without having to hack into your PC or monitor the comm in/out. Same goes for all other companies that collect data on you and that includes pretty much all the apps you download to your phone.

Orwell could not have imagined 2015...


Brian

I've asked before and I'll ask again: What info do you think Windows is reporting?
 

Z15CAM

Platinum Member
Nov 20, 2010
2,184
64
91
www.flickr.com
AnandTech Locked my thread titled "GUARDING WIN7 against WINX'
http://forums.anandtech.com/showthread.php?t=2446840
on this topic where no member can post a response and threatened to ban me.

No doubt this has become a Hot Topic for Enthusiasts and Power Users.

I'll wait awhile before using WINX after I learn how to deal with Telemetry and My Privacy is not at risk.

I would not be surprised if AnandTech doesn't lock this thread and issue warnings.
 
Last edited:

RampantAndroid

Diamond Member
Jun 27, 2004
6,591
3
81
I believe the EULA defines it in broad terms. It is basically anything they want it to be.

You're thinking of the Tech Preview, which said some pretty broad things.

http://www.microsoft.com/en-us/privacystatement/default.aspx

we do not use what you say in email, chat, video calls or voice mail, or your documents, photos or other personal files to target ads to you.

Read the whole thing. They collect data to target you, or to do things/provide services you've asked them to (in addition to the boiler plate "protect our property", "protect lives" and law enforcement stuff.)
 

Z15CAM

Platinum Member
Nov 20, 2010
2,184
64
91
www.flickr.com
Read the whole thing. They collect data to target you, or to do things/provide services you've asked them to (in addition to the boiler plate "protect our property", "protect lives" and law enforcement stuff.)
In my opinion, Bill Gates has made his Billions and don't care any more. He sold his Windows OS with WINX to the NSA and CISIS.

Win7 is probably the last MS OS that actually gives you control of your Privacy.
 
Last edited:

MongGrel

Lifer
Dec 3, 2013
38,751
3,068
121
AnandTech Locked my thread titled "GUARDING WIN7 against WINX'
on this topic where no member can post a response and threatened to ban me.

No doubt this has become a Hot Topic for Enthusiasts and Power Users.

I'll wait awhile before using WINX after I learn how to deal with Telemetry and My Privacy is not at risk.

And maybe there was a reason.

I'm not going anywhere enabling a script for anything, if I remember that one right, off hand.
 
Last edited:

Z15CAM

Platinum Member
Nov 20, 2010
2,184
64
91
www.flickr.com
MongGrel Lifer Posts: 22,409: Respectively - Smart Ass - WINX could very well be MS's Last Stand = Shynet and the NSA has control of it - ROLF
 
Last edited:

escrow4

Diamond Member
Feb 4, 2013
3,339
122
106
AnandTech Locked my thread titled "GUARDING WIN7 against WINX'
http://forums.anandtech.com/showthread.php?t=2446840
on this topic where no member can post a response and threatened to ban me.

No doubt this has become a Hot Topic for Enthusiasts and Power Users.

I'll wait awhile before using WINX after I learn how to deal with Telemetry and My Privacy is not at risk.

I would not be surprised if AnandTech doesn't lock this thread and issue warnings.

Its turning into another conspiracy circlejerk so more than likely. Seen that blacked out Tahoe idling outside BTW? :eek:
 

Brian Stirling

Diamond Member
Feb 7, 2010
4,000
2
0
I've asked before and I'll ask again: What info do you think Windows is reporting?


From Newsweek...

From the moment an account is created, Microsoft begins watching. The company saves customers’ basic information—name, contact details, passwords, demographic data and credit card specifics —but it also digs a bit deeper.

Other information Microsoft saves includes Bing search queries and conversations with the new digital personal assistant Cortana; contents of private communications such as email; websites and apps visited (including features accessed and length of time used); and contents of private folders. Furthermore, “your typed and handwritten words are collected,” the Privacy Statement says, which many online observers liken to a keylogger. Microsoft says they collect the information “to provide you a personalized user dictionary, help you type and write on your device with better character recognition, and provide you with text suggestions as you type or write.”


Yeah, nothing to worry about, move along!

And, you perhaps missed the point about other companies doing much the same.

Just to be clear, as someone from Seattle, do you work for M$ in any capacity, either directly or as a contractor?


Brian