@echo off
title "Disable Windows 7/8/8.1 Telemetry"
endlocal & setlocal EnableDelayedExpansion
rem Script created by <github.com/tarampampam> # 2015
rem Github: <https://gist.github.com/tarampampam/a0db45fb0de5976300b1>
rem OS: Windows 7/8/8.1
rem Version 0.2.1
echo.
echo ***************************************************************************
echo * *
echo * Disable Windows 7/8/8.1 Telemetry (+bonus) service *
echo * *
echo ***************************************************************************
echo * *
echo * Script support arguments: *
echo * *
echo * -kb ^| -hotfixes Do NOT uninstall ^& disable updates *
echo * -t ^| -tasks Do NOT disable tasks *
echo * -s ^| -services Do NOT disable services *
echo * -i ^| -ip Do NOT block IP addresses using route *
echo * -f ^| -firewall Do NOT block IP addresses using firewall *
echo * -h ^| -hosts Do NOT add domains to hosts file *
echo * -u ^| -updates Do NOT change windows update settings *
echo * -e ^| -exit Exit when work is complete *
echo * *
echo * Latest version you can find here: ^<http://goo.gl/1MzPtW^> *
echo * *
echo ***************************************************************************
echo * *
echo * PLEASE DISABLE YOUR ANTIVIRUS SOFTWARE BEFORE^^! *
echo * (Sometimes it block access to hosts file, etc) *
echo * *
echo ***************************************************************************
echo.
rem Setup default script settings + declare variables
set ExitOnComplete=0
set UninstallUpdates=1
set DisableTasks=1
set DisableServices=1
set BlockIPaddresses=1
set BlockIPaddressesWithFirewall=1
set AddDomainsToHosts=1
set DisableAutomaticUpdates=1
set FirewallIPlist=
rem Parse passed arguments to script
 arse_passed_params
if "%~1"=="" goto end_parse_passed_params
if "%~1"=="-e" set ExitOnComplete=1
if "%~1"=="-exit" set ExitOnComplete=1
if "%~1"=="-kb" set UninstallUpdates=0
if "%~1"=="-hotfixes" set UninstallUpdates=0
if "%~1"=="-t" set DisableTasks=0
if "%~1"=="-tasks" set DisableTasks=0
if "%~1"=="-s" set DisableServices=0
if "%~1"=="-services" set DisableServices=0
if "%~1"=="-i" set BlockIPaddresses=0
if "%~1"=="-ip" set BlockIPaddresses=0
if "%~1"=="-f" set BlockIPaddressesWithFirewall=0
if "%~1"=="-firewall" set BlockIPaddressesWithFirewall=0
if "%~1"=="-h" set AddDomainsToHosts=0
if "%~1"=="-hosts" set AddDomainsToHosts=0
if "%~1"=="-u" set DisableAutomaticUpdates=0
if "%~1"=="-updates" set DisableAutomaticUpdates=0
shift & goto parse_passed_params
:end_parse_passed_params
goto:checkPermissions
:begin
if %UninstallUpdates%==1 (
call:title "Uninstall evil M$ updates.."
call:uninstall_update "3080149"
call:uninstall_update "3075249"
call:uninstall_update "2952664"
call:uninstall_update "3035583"
call:uninstall_update "3050265"
call:uninstall_update "3068708"
call:uninstall_update "3022345"
call:uninstall_update "3021917"
call:uninstall_update "2876229"
call:uninstall_update "2976978"
call:uninstall_update "3044374"
call:uninstall_update "2990214"
call:uninstall_update "3075853"
call:uninstall_update "3065987"
call:uninstall_update "971033"
call:uninstall_update "2902907"
call:uninstall_update "2976987"
)
if %DisableTasks%==1 (
call:title "Disable some windows tasks.."
call:disable_task "\Microsoft\Windows\Application Experience\AitAgent"
call:disable_task "\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser"
call:disable_task "\Microsoft\Windows\Application Experience\ProgramDataUpdater"
call:disable_task "\Microsoft\Windows\Autochk\Proxy"
call:disable_task "\Microsoft\Windows\Customer Experience Improvement Program\Consolidator"
call:disable_task "\Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask"
call:disable_task "\Microsoft\Windows\Customer Experience Improvement Program\UsbCeip"
call:disable_task "\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector"
call:disable_task "\Microsoft\Windows\PI\Sqm-Tasks"
call:disable_task "\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem"
call:disable_task "\Microsoft\Windows\Windows Error Reporting\QueueReporting"
call:disable_task "\Microsoft\Windows\Maintenance\WinSAT"
call:disable_task "\Microsoft\Windows\Media Center\ActivateWindowsSearch"
call:disable_task "\Microsoft\Windows\Media Center\ConfigureInternetTimeService"
call:disable_task "\Microsoft\Windows\Media Center\DispatchRecoveryTasks"
call:disable_task "\Microsoft\Windows\Media Center\ehDRMInit"
call:disable_task "\Microsoft\Windows\Media Center\InstallPlayReady"
call:disable_task "\Microsoft\Windows\Media Center\mcupdate"
call:disable_task "\Microsoft\Windows\Media Center\MediaCenterRecoveryTask"
call:disable_task "\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask"
call:disable_task "\Microsoft\Windows\Media Center\OCURActivate"
call:disable_task "\Microsoft\Windows\Media Center\OCURDiscovery"
call:disable_task "\Microsoft\Windows\Media Center\PBDADiscovery"
call:disable_task "\Microsoft\Windows\Media Center\PBDADiscoveryW1"
call:disable_task "\Microsoft\Windows\Media Center\PBDADiscoveryW2"
call:disable_task "\Microsoft\Windows\Media Center\PvrRecoveryTask"
call:disable_task "\Microsoft\Windows\Media Center\PvrScheduleTask"
call:disable_task "\Microsoft\Windows\Media Center\RegisterSearch"
call:disable_task "\Microsoft\Windows\Media Center\ReindexSearchRoot"
call:disable_task "\Microsoft\Windows\Media Center\SqlLiteRecoveryTask"
call:disable_task "\Microsoft\Windows\Media Center\UpdateRecordPath"
)
if %DisableServices%==1 (
call:title "Disable services.."
call:disable_service "Diagtrack"
call:disable_service "dmwappushservice"
set RegDataCollection="HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection"
reg query !RegDataCollection!>nul 2>&1 & if %errorLevel%==0 (
reg add !RegDataCollection! /v AllowTelemetry /t REG_DWORD /d 0 /f >nul
)
)
if %BlockIPaddresses%==1 (
call:title "Block M$ servers IP addresses.."
call:block_route "111.221.29.177"
call:block_route "111.221.29.253"
call:block_route "131.253.40.37"
call:block_route "134.170.30.202"
call:block_route "134.170.115.60"
call:block_route "134.170.165.248"
call:block_route "134.170.165.253"
call:block_route "134.170.185.70"
call:block_route "137.116.81.24"
call:block_route "137.117.235.16"
call:block_route "157.55.129.21"
call:block_route "157.55.133.204"
call:block_route "157.56.121.89"
call:block_route "157.56.91.77"
call:block_route "168.63.108.233"
call:block_route "184.86.56.12"
call:block_route "185.13.160.61"
call:block_route "191.232.139.254"
call:block_route "191.232.80.58"
call:block_route "191.232.80.62"
call:block_route "191.237.208.126"
call:block_route "204.79.197.200"
call:block_route "207.46.101.29"
call:block_route "207.46.114.58"
call:block_route "207.46.223.94"
call:block_route "207.68.166.254"
call:block_route "212.30.134.204"
call:block_route "212.30.134.205"
call:block_route "23.102.21.4"
call:block_route "23.99.10.11"
call:block_route "23.218.212.69"
call:block_route "64.4.54.22"
call:block_route "64.4.54.32"
call:block_route "64.4.6.100"
call:block_route "65.39.117.230"
call:block_route "65.52.100.11"
call:block_route "65.52.100.7"
call:block_route "65.52.100.9"
call:block_route "65.52.100.91"
call:block_route "65.52.100.92"
call:block_route "65.52.100.93"
call:block_route "65.52.100.94"
call:block_route "65.52.108.29"
call:block_route "65.55.108.23"
call:block_route "65.55.138.114"
call:block_route "65.55.138.126"
call:block_route "65.55.138.186"
call:block_route "65.55.252.63"
call:block_route "65.55.252.71"
call:block_route "65.55.252.92"
call:block_route "65.55.252.93"
call:block_route "65.55.29.238"
call:block_route "65.55.39.10"
call:block_route "68.232.34.200"
)
if %BlockIPaddressesWithFirewall%==1 (
call:title "Add blocked IP adressess to firewall rule.."
rem For using this shit you must init IP addresses list by calling 'call:block_route "1.1.1.1"' first!
call:block_routes_with_firewall "%FirewallIPlist%"
)
if %AddDomainsToHosts%==1 (
call:title "Find and add M$ domains to HOSTS file (block).."
call:add_to_hosts "--title--"
call:add_to_hosts "a-0001.a-msedge.net"
call:add_to_hosts "a1095.g2.akamai.net"
call:add_to_hosts "ad.doubleclick.net"
call:add_to_hosts "adnexus.net"
call:add_to_hosts "adnxs.com"
call:add_to_hosts "ads1.msads.net"
call:add_to_hosts "ads1.msn.com"
call:add_to_hosts "ads2.msn.com"
call:add_to_hosts "a.ads1.msn.com"
call:add_to_hosts "a.ads2.msn.com"
call:add_to_hosts "ads2.msn.com.c.footprint.net"
call:add_to_hosts "ads.msn.com"
call:add_to_hosts "az361816.vo.msecnd.net"
call:add_to_hosts "az512334.vo.msecnd.net"
call:add_to_hosts "telemetry.microsoft.com"
call:add_to_hosts "ca.telemetry.microsoft.com"
call:add_to_hosts "choice.live.com"
call:add_to_hosts "choice.microsoft.com"
call:add_to_hosts "choice.microsoft.com.nsatc.net"
call:add_to_hosts "compatexchange.cloudapp.net"
call:add_to_hosts "corpext.msitadfs.glbdns2.microsoft.com"
call:add_to_hosts "corp.sts.microsoft.com"
call:add_to_hosts "cs1.wpc.v0cdn.net"
call:add_to_hosts "df.telemetry.microsoft.com"
call:add_to_hosts "diagnostics.support.microsoft.akadns.net"
call:add_to_hosts "diagnostics.support.microsoft.com"
call:add_to_hosts "e9946.g.akamaiedge.net"
call:add_to_hosts "fe2.update.microsoft.com.akadns.net"
call:add_to_hosts "microsoft-hohm.com"
call:add_to_hosts "feedback.microsoft-hohm.com"
call:add_to_hosts "feedback.search.microsoft.com"
call:add_to_hosts "feedback.windows.com"
call:add_to_hosts "i1.services.social.microsoft.com"
call:add_to_hosts "i1.services.social.microsoft.com.nsatc.net"
call:add_to_hosts "i.s1.social.ms.akadns.net"
call:add_to_hosts "legacy-redirection-neurope-prod-hp.cloudapp.net"
call:add_to_hosts "oca.telemetry.microsoft.com"
call:add_to_hosts "oca.telemetry.microsoft.com.nsatc.net"
call:add_to_hosts "onesettings-hk2.metron.live.com.nsatc.net"
call:add_to_hosts "pre.footprintpredict.com"
call:add_to_hosts "preview.msn.com"
call:add_to_hosts "rad.msn.com"
call:add_to_hosts "redirection.prod.cms.msn.com"
call:add_to_hosts "redirection.prod.cms.msn.com.akadns.net"
call:add_to_hosts "redir.metaservices.microsoft.com"
call:add_to_hosts "redir.metaservices.microsoft.com.akadns.net"
call:add_to_hosts "redir.metaservices.microsoft.com.edgesuite.net"
call:add_to_hosts "wes.df.telemetry.microsoft.com"
call:add_to_hosts "reports.wes.df.telemetry.microsoft.com"
call:add_to_hosts "services.wes.df.telemetry.microsoft.com"
call:add_to_hosts "settings.data.glbdns2.microsoft.com"
call:add_to_hosts "settings.data.microsoft.com"
call:add_to_hosts "settings-sandbox.data.glbdns2.microsoft.com"
call:add_to_hosts "settings-sandbox.data.microsoft.com"
call:add_to_hosts "settings-win.data.microsoft.com"
call:add_to_hosts "siweb.microsoft.akadns.net"
call:add_to_hosts "sls.update.microsoft.com.akadns.net"
call:add_to_hosts "spynet2.microsoft.akadns.net"
call:add_to_hosts "spynet2.microsoft.com"
call:add_to_hosts "spynetalt.microsoft.akadns.net"
call:add_to_hosts "spynetalt.microsoft.com"
call:add_to_hosts "spyneteurope.microsoft.akadns.net"
call:add_to_hosts "sqm.df.telemetry.microsoft.com"
call:add_to_hosts "sqm.telemetry.microsoft.com"
call:add_to_hosts "sqm.telemetry.microsoft.com.nsatc.net"
call:add_to_hosts "ssw.live.com"
call:add_to_hosts "ssw.live.com.nsatc.net"
call:add_to_hosts "statsfe1.ws.microsoft.com"
call:add_to_hosts "statsfe1.ws.microsoft.com.nsatc.net"
call:add_to_hosts "statsfe2.update.microsoft.com.akadns.net"
call:add_to_hosts "statsfe2.ws.microsoft.com"
call:add_to_hosts "statsfe2.ws.microsoft.com.nsatc.net"
call:add_to_hosts "support.msn.microsoft.akadns.net"
call:add_to_hosts "watson.microsoft.com"
call:add_to_hosts "survey.watson.microsoft.com"
call:add_to_hosts "telecommand.telemetry.microsoft.com"
call:add_to_hosts "telecommand.telemetry.microsoft.com.nsatc.net"
call:add_to_hosts "telemetry.appex.bing.net"
call:add_to_hosts "telemetry.appex.search.prod.ms.akadns.net"
call:add_to_hosts "telemetry.urs.microsoft.com"
call:add_to_hosts "t.urs.microsoft.com.nsatc.net"
call:add_to_hosts "vortex.data.glbdns2.microsoft.com"
call:add_to_hosts "vortex.data.metron.live.com.nsatc.net"
call:add_to_hosts "vortex.data.microsoft.com"
call:add_to_hosts "vortex-db5.metron.live.com.nsatc.net"
call:add_to_hosts "vortex-sandbox.data.glbdns2.microsoft.com"
call:add_to_hosts "vortex-sandbox.data.microsoft.com"
call:add_to_hosts "vortex-win.data.metron.live.com.nsatc.net"
call:add_to_hosts "vortex-win.data.microsoft.com"
call:add_to_hosts "watson.live.com"
call:add_to_hosts "watson.microsoft.com.nsatc.net"
call:add_to_hosts "watson.ppe.telemetry.microsoft.com"
call:add_to_hosts "watson.telemetry.microsoft.com"
call:add_to_hosts "watson.telemetry.microsoft.com.nsatc.net"
)
if %DisableAutomaticUpdates%==1 (
call:title "Disable automatic windows update (make search, but you must manually select updates to install)"
set RegeditRoot="HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update"
reg add !RegeditRoot! /v AUOptions /t REG_DWORD /d 2 /f>nul
reg add !RegeditRoot! /v IncludeRecommendedUpdates /t REG_DWORD /d 0 /f>nul
)
goto:end
:log
set message=%~1
echo [%time%] %message%
exit /b
:title
set title=%~1
echo. & echo [i] %title%
exit /b
:checkPermissions
if exist %SystemRoot%\System32\fsutil.exe (
fsutil dirty query %systemdrive%>nul 2>&1
) else (
net session >nul 2>&1
)
if %errorLevel%==0 (
goto:begin
) else (
call:log "[Failure] Need administrative permissions"
goto:end
)
exit /b
:uninstall_update
set kb_id=%~1
rem Remove update
start /wait wusa /uninstall /norestart /quiet /kb:%kb_id%
if %errorlevel%==2359303 call:log "Update KB%kb_id% not installed"
if %errorlevel%==1223 call:log "Uninstall cancelled"
if %errorlevel%==3010 call:log "Update KB%kb_id% UNINSTALLED successfully"
rem Add update to Windows Update exceptions (hide update) using PowerShell
set GoodResultCode=100
powershell -ExecutionPolicy RemoteSigned -NoLogo -Noninteractive -Command "Import-Module PSWindowsUpdate; try { Hide-WUUpdate -KBArticleID KB%kb_id% -Confirm:$false; exit %GoodResultCode% } catch { exit 0; }">nul 2>&1
if %errorlevel%==%GoodResultCode% (
call:log "Update KB%kb_id% successfully DISABLED"
) else (
call:log "Cannot disable KB%kb_id%: Update your PowerShell or install PowerShell module 'PSWindowsUpdate'"
)
exit /b
:block_route
set REDIRECT=0.0.0.0
set ip_addr=%~1
call:log "Block route to %ip_addr%"
route -p ADD %ip_addr% MASK 255.255.255.255 %REDIRECT%>nul 2>&1
rem Add all addresses to single string variable (',' is delimiter)
set FirewallIPlist=%FirewallIPlist%%ip_addr%,
exit /b
:block_routes_with_firewall
set ip_list=%~1
if [!FirewallIPlist!] EQU [] (
call:log "Empty IP list. For add IP to firewall block list - block ip by route first"
exit /b
)
if exist %SystemRoot%\System32\netsh.exe (
set FirewallRuleName=Block MS Telemetry
rem Add new rule not exists
netsh advfirewall firewall show rule name="!FirewallRuleName!">nul
if !errorlevel! NEQ 0 (
call:log "Add new firewall rule named '!FirewallRuleName!'"
netsh advfirewall firewall add rule name="!FirewallRuleName!" dir=out interface=any action=block>nul
) else (
netsh advfirewall firewall set rule name="!FirewallRuleName!" new enable=yes>nul
)
rem Check exists rule again, and add addresses to "black list"
netsh advfirewall firewall show rule name="!FirewallRuleName!">nul
if !errorlevel! EQU 0 (
call:log "Add/update IP adresses to rule '!FirewallRuleName!': '!ip_list:~1,-1!'"
netsh advfirewall firewall set rule name="!FirewallRuleName!" new remoteip=!ip_list!>nul
)
) else (
call:log "Windows firewall not accessible (file 'netsh.exe' not exists)"
)
exit /b
 isable_task
set task_name=%~1
call:log "Disable task %task_name%"
schtasks /Change /TN "%task_name%" /DISABLE>nul 2>&1
exit /b
isable_service
set service_name=%~1
set errors_counter=0
call:log "Disable service '%service_name%'"
sc query "%service_name%">nul
if %errorlevel% NEQ 1060 (
sc config "%service_name%" start= disabled>nul
if %errorlevel% NEQ 0 set /a errors_counter=errors_counter+1
sc stop "%service_name%">nul
if %errorlevel% NEQ 0 set /a errors_counter=errors_counter+1
if %errors_counter%==0 (
call:log "Service '%service_name%' disabled successful"
)
) else set /a errors_counter=errors_counter+1 & call:log "Service '%service_name%' not installed"
exit /b
:add_to_hosts
set HOSTS=%SystemRoot%\system32\drivers\etc\hosts
set REDIRECT=0.0.0.0
set block_title=## Block MS telemetry domain names
set write_title=0
set host_name=%~1
if "%host_name%"=="--title--" (
set write_title=1
set host_name=%block_title%
)
find /C /I "%host_name%" %HOSTS%>nul
if %errorlevel% NEQ 0 (
if %write_title% EQU 1 (
echo.>>%HOSTS%
echo.>>%HOSTS%
echo %block_title%>>%HOSTS%
) else (
echo %REDIRECT% %host_name%>>%HOSTS%
call:log "Domain %host_name% ADDED"
)
) else (
if %write_title% NEQ 1 (
call:log "Domain %host_name% ALREADY added"
)
)
exit /b
:end
call:title "Exit after 60 seconds, or press any key for exit now"
timeout /t 60>nul 2>&1
endlocal & if %ExitOnComplete%==1 (exit)
echo on
|
