Removing the garbage from Windows 10, and burn Cortana the Witch!

There was an episode of TheTek on February 28th, and I must of missed it because I would of made this post.

When I have to deal with new installations of Windows there is SO MUCH SHIT that comes with it, including he privacy settings that are set to send out as much information as possible. I wanted to share with the group what I use to get rid of the vast majority of it.

After updating Windows, use the .bat file in a power-shell to batch remove Cortana, and most (not all) of the other Windows bloat apps and privacy settings.

Some problems.

  1. Candy Crush and one other program magically appears shortly afterwards....
  2. You have to double-check the privacy settings. It gets almost everything, but it misses a couple. You can add to the file in notepad to change some settings if you setup multiple computers like I do. There is an "undo", but if you try to remove stuff again, it is hard to remove Cortana.

I hope it is of use to those on the forums:
http://www.hwinfo.com/misc/RemoveW10Bloat.htm

1 Like

1) open disk drive
2) insert Linux distro
3) install Linux
4) use Linux

Sorry to say it, but you will not remove the spying and not be able to remove cortana.

1 Like

As stated in the post, it will not remove all.

Follow that to remove the built-in apps of your choice http://www.howtogeek.com/224798/how-to-uninstall-windows-10s-built-in-apps-and-how-to-reinstall-them/ and after install Ultimate Windows Tweaker and tweaks the security parameters as your wish

You can't get rid of Cortana using those. The Cortana service has to be stopped, the files renamed/permissions changed in order to be removed. The file I posted allows you to do this.

Then of course Windows 10 does a big update, one of the image ones that looks and feels like an OS refresh and all of the shit is back...

I run Linux for different reasons but I can understand why many power users are deeply concerned by the direction MS has taken with Windows.

1 Like

That is why I said update Windows first.

Sorry I forgot the proof. Ding, Dong, the Witch is dead. And no I didn't just "End task" for a second while I took the screenshot...

Do you have a machine running wire shark on hand to check the outgoing connections?

Just as a reminder, the list of currently known servers windows phones to:
www.msdn.com
msdn.com
www.msn.com
msn.com
go.microsoft.com
msdn.microsoft.com
office.microsoft.com
microsoftupdate.microsoft.com
wustats.microsoft.com
support.microsoft.com
www.microsoft.com
microsoft.com
update.microsoft.com
download.microsoft.com
microsoftupdate.com
windowsupdate.com
windowsupdate.microsoft.com
You can't block above names with hosts file. They all were hardcoded in this DLL:
%WINDIR%\system32\dnsapi.dll

more terror about MS from long time poster at dslreports:

All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com

Telemetry is sent once per 5 minutes, to:
vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

Typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:
df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

2 Likes

Well I disable indexing on the computers. The webcam app is removed (and I don't own one). I did not see anything transmitting when I used my microphone.... And the only thing I caught with my eyes was a IP that traced to Microsoft Azure HQ. Which I have no idea what service is using that. I don't have One Drive running or installed for that matter.

About the DLL file, you need Windows Update to install security patches, the others I have no idea why they would need to be in there...

I will try this on a fresh install when I go back to work on Thursday :)

You can disable allot of the telemetry tracking, but unfortunatly not all of it.
Some of that stuff seems to be hard codded in the OS.
Even with all the stuff disabled due tutorials and guides, it still does continue to phone home.

1 Like

Yeah its terrible, and i´m even not suprised if windows 7 and 8.1 do the same thing nowdays.
I have auto update disabled, but i have the feeling that MS is still doing patches to my system without letting me know.
Ever since Windows10 is out, and they started to force people over.

This is what I noticed was "new". Not sure how to interpret that.

Yeah those isatap adapers are hidden in the device manager.
VPN client software also uses some sort of a tap adapter.