Stopping windows 10 updates

Eddie00773 · August 13, 2016, 12:12pm

I was looking around to fine a way of stopping windows 10 from updating, when I came across this article on the windows club: http://www.thewindowsclub.com/windows-update-stuck-downloading-updates
This got me thinking. Wouldn't it work just making a .bat file to run on startup that turned off these services? Surely if you never turned them on they cannot update your PC. Does anyone know if there would be any side effects to this?
Cheers
Ed

CrossCarbon · August 13, 2016, 12:27pm

PFsense box should do. Just block your pc from phoning home and meanwhile preventing servers from sending something in.

Eddie00773 · August 13, 2016, 1:02pm

I know of the inherent vulnerabilities of not updating, but what I meant was, do these processes do anything other than update the PC?

Eddie00773 · August 13, 2016, 1:03pm

I wish I could, but I don't have that kind of money, I can't even afford a new gigabit switch. Plus, I am pretty poor at networking.

kewldude007 · August 13, 2016, 1:14pm

Nope

pnkfld7892 · August 13, 2016, 2:35pm

The problem with the .bat file method is that there are other processes that will restart the wuauserv and bits services. Like automatic update on your office and other m$ products. If you have a consumer grade router, which i'm sure you do, you could block the IP addresses that these services use on it's block list. No new box required.

Eddie00773 · August 13, 2016, 3:01pm

Sadly I don't have access to our router. But I don't use any other MS products. But just for future referance, is there a list/ breakdown of these MS IP addresses?
Thanks
Ed

CrossCarbon · August 13, 2016, 3:06pm

List is NOT made by me:
Bad Servers:
www.msdn.com
msdn.com
www.msn.com
msn.com
go.microsoft.com
msdn.microsoft.com
office.microsoft.com
microsoftupdate.microsoft.com
wustats.microsoft.com
support.microsoft.com
www.microsoft.com
microsoft.com
update.microsoft.com
download.microsoft.com
microsoftupdate.com
windowsupdate.com
windowsupdate.microsoft.com
a-msegde.net
You can't block above names with hosts file. They all were hardcoded in this DLL:
%WINDIR%\system32\dnsapi.dll

more terror about MS from long time poster at dslreports:

All text typed on the keyboard is stored in temporary files, and sent (once per 30 mins) to:
oca.telemetry.microsoft.com.nsatc.net
pre.footprintpredict.com
reports.wes.df.telemetry.microsoft.com
footprintpredict.com
footprintdns.com

Telemetry is sent once per 5 minutes, to:
vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net

Typing the name of any popular movie into your local file search starts a telemetry process that indexes all media files on your computer and transmits them to:
df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
cs1.wpc.v0cdn.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com

When a webcam is first enabled, ~35mb of data gets immediately transmitted to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net

Everything that is said into an enabled microphone is immediately transmitted to:
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
vortex-sandbox.data.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
telemetry.appex.bing.net
telemetry.urs.microsoft.com
cs1.wpc.v0cdn.net
statsfe1.ws.microsoft.com

As for bad updates for Win7/8/8.1:
KB2952664 Compatibility update for upgrading Windows 7
KB2990214 Update that enables you to upgrade from Windows 7 to a later version of Windows
KB3021917 Update to Windows 7 SP1 for performance improvements
KB3022345 Update for customer experience and diagnostic telemetry
KB3035583 Update installs get windows 10 app in Windows 8.1 and Windows 7 SP1
KB3068708 (replaces KB3022345) Update for customer experience and diagnostic telemetry
KB3075249 Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
KB3080149 Update for customer experience and diagnostic telemetry

KB3139929 Patches InternetExplorer to download and install KB3146449
KB3146449 Brings an "Add-Generator" to Win7, Win8/8.1 to update to Windows10

Eddie00773 · August 13, 2016, 3:09pm

Thanks, that list is longer than expected. I knew it was pretty bad, but I didn't realise just how extensive it was.
cheers

anon93513649 · August 13, 2016, 3:12pm

Yea Microsoft just likes to be in touch with you ;)
They just simply worried about how you are!

also somebody made this list
https://forum.teksyndicate.com/t/how-to-make-windows-10-not-suck-as-bad/85393

Tho i highly recommend not using Windows, unless its Windows Bob!

Eddie00773 · August 13, 2016, 3:14pm

I will leave windows behind happily the moment TIA Portal and Solidworks get a linux version.
But thanks for the list, much appreciated.

CrossCarbon · August 13, 2016, 3:20pm

Sadly I forgot! That sits together with a list of bad Win7/8/8.1 updates in a file named "BadMicrosoft" in my txt collection folder.

KernelModeCommander · August 13, 2016, 3:21pm

I feel you Eddie, I have declined win10 for this very reason, spy data collection, and automatic updates that turn the bad features back on when you obviously have made it clear you don't want them!

However you need win10 for DX12 right? That's one thing that has been bugging me about refusing to downgrade to win10 (lol yea it's a downgrade in terms of not being friendly to it's users and treating them as enemies)

So I don't understand though, win10 won't let you block those servers from within it? You need an external router/firewall to block the outgoing phone homes + data stealing and the incoming updates, is that correct?

Well how about if we create a custom driver that overrides windows's refusal to let you block those and blocks them anyway! Or how about a patched kernel that disables the auto updates or the phone homes / data theft or both!

Has win10 done anything extra special that make it more difficult to use a patched kernel, or load unsigned custom drivers?

I know in Win 7 + 8 there's that patch to the kernel that disables patchguard (so you can patch the kernel data structures on the fly again like the old days) and it also enables loading unsigned drivers again as well! :)

It's probably been updated to win10 if the same method is workable still! It would be tricky to find the code in the kernel that can be nopped or conditional jump flipped to block automatic updates or the data theft, but it could be done! (With a little time and dedication of course)

Perhaps even it could become more advanced to where you could run the auto updates but the patch will still prevent it from sending your data outbound, and prevent itself from being removed, unless of course it's an update to the kernel which will require updating the patch for the newer kernel!

This may be just what we need to make win10 usable! Maybe on my spare rig without the internet hooked up I could explore this idea, for the sake of trying to make win10 behave it self while in your house on your machine and not be a data theif! Yes for the community, that's the only reason I'll even touch win10, trying to make it acceptable for actual use!

Eddie00773 · August 13, 2016, 3:35pm

There are a load of cool, interesting things done in windows 10, I like the idea of cortana. (If only it worked for you not Microsoft) the more I look into windows 10 the more I just think that they made a really good OS but then afterwards added all this crap on. There is a lot of potential with windows 10, but then they used it to exploit their user base instead of support them.
I have always thought, the biggest thing to encourage linux adoption won't be linux itself, the OS could have the cure for cancer integrated and lots would still ignore it. But the biggest help for linux would be a shitty windows OS.
The strange thing about windows 10 updates is there is an option to disable updates completely, they just didn't give it a button in the GUI, you can even find it in the registry. However when I tried to enable that option something rather strange happened with the permissions. I may have made a mistake, but no matter what I tried (I was using admin) I couldn't get the correct permissions working, and if I tried editing permissions it would just wreck havoc with my PC to the point I needed to restore the registry.
I'm afraid with the kernel workaround you are going over my head somewhat, but from what little I know about such things it sounds plausible, if a rather large amount of work. The biggest worry I have with fixes like that is unless you write them yourself (which I couldn't do) you wouldn't know for sure that you aren't essentially installing a massive backdoor for viruses and such. But if you do have a play around with it and make some headway, let me know. Its something I would definitely be inters ted in following.
Ed

pnkfld7892 · August 13, 2016, 4:11pm

Yep, exact reason why Ubuntu Mate is my main daily driver now. Windows only gets up when I want to game. which is about once per week. They can get my telemetry of "wwwwwwwwwwwwwwwwwwwwwwwwwaaadaasssazeaeeeeqwqqqq2323423421" etc.
Good luck making use of that shit XD