If you own Windows 7 or 8 and you have activated automatic updates you may have silently got some spying software on your machine.

At GHacks.net you can find instructions on how to remove those updates (http://www.ghacks.net/2015/08/28/microsoft-intensifies-data-collection-on-windows-7-and-8-systems/) from your computer.

And if you're fond of online security and you don't mind a bit of geek talk here is the show were I've learned about it.

Security Now - Episode 523 (https://www.youtube.com/watch?v=dB9zKOJJYaI)

And if you're fond of online security and you don't mind a bit of geek talk here is the show were I've learned about it.

Security Now - Episode 523 (https://www.youtube.com/watch?v=dB9zKOJJYaI)
Yup - another classic Security Now episode.

In this episode of Steve Gibson's Security Now, he concludes with a discussion of uBlock Origin - good stuff !

uBlock Origin is a free and open source, cross-platform browser extension for content-filtering, including ad-blocking. It is available for several browsers, including Chrome, Firefox, and Safari.

The original developer, Raymond Hill ((a.k.a. "gorhill"), continues to work on "uBlock Origin", aka uBlockO. A spinoff has the original "uBlock" name and an earlier version of the code, as explained at:

http://www.ghacks.net/2015/04/25/official-ublock-origin-add-on-lands-for-firefox/,
https://en.wikipedia.org/wiki/UBlock, or
by Steve Gibson in this week's Security Now podcast.

Leo Laporte was noticeably uncomfortable with uBlock (at the end of the show), as it disabled most of his twit.tv site, including his ads which are his primary source of revenue. Leo and Steve have a long tradition of not seeing eye to eye on such matters on Security Now, which divergence of views they both seem to tolerate with amusement.

I've been uBlock for the last week (in Firefox on Linux), and so far it does what it says it does, no problem. I have enabled almost all of the 3rd party filter-lists, and so far what I want to work, works fine, with less snooping and risk from other sites that normally would have been linked in, and faster, thanks to less being downloaded to my browser.

Yup - another classic Security Now episode.

In this episode of Steve Gibson's Security Now, he concludes with a discussion of uBlock Origin - good stuff !


I got that and quite a few others usefull tips from this site:

https://www.privacytools.io/ <-- it has a list of Firefox extensions around the middle of the website.

That you made me aware of a couple of weeks ago, also presented in one of the SecurityNow episodes.

Anyone know about Opera browser?

Anyone know about Opera browser?
I know Opera cannot be removed easily. Very difficult.

You may remove those updates (http://www.ghacks.net/2014/12/11/how-to-remove-installed-windows-updates-and-block-them-afterwards/) using the Control Panel, or by running the following commands using an elevated command prompt [C:\]:


wusa /uninstall /kb:3068708 /quiet /norestart
wusa /uninstall /kb:3022345 /quiet /norestart
wusa /uninstall /kb:3075249 /quiet /norestart
wusa /uninstall /kb:3080149 /quiet /norestart

I searched for those KBs in the "Installed Updates" (Win 7) without any being found but, taking a hint from this comment:

dusanmal (http://www.maletic.org) September 2, 2015 at 5:12 pm
@AllThingsFirefox On both of my machines, one 7, one 8.1 I explicitly opted out from CEIP at the install time and I have checked that I am still opted out... Three of four updates were installed despite this opt-out (the only non-present was one that was upgraded itself 302*...). Hence, maybe these are additional parts of CEIP in some manner but they also operate on their own and will be installed on CEIP-opted-out machines.
Update 306* appears now (after removal) as "Important" update and 307* and 308* as "additional".


... I simply ran "C:\" as admin and ran all 4, just to make certain they are not there any more... none of the ran commands returned an error message... hmmm...

@Herve, yes, the commands are a bit silly. They should not have added the "/quiet" parameter in there. That has suppressed any notice of having done something like: removed update or update not found.

So you could try these commands instead in an "elevated console" (geek name for cmd run "As administrator").



wusa /uninstall /kb:3068708 /norestart
wusa /uninstall /kb:3022345 /norestart
wusa /uninstall /kb:3075249 /norestart
wusa /uninstall /kb:3080149 /norestart

Thanks Ilie!

With the "/quiet " switch removed, I did get the "The update KB****** is not installed on this computer" error message :)


Edit:




wusa /uninstall /kb:3068708 /norestart
wusa /uninstall /kb:3022345 /norestart
wusa /uninstall /kb:3075249 /norestart
wusa /uninstall /kb:3080149 /norestartWell, running the first two on the above list, no updates were found.

However, for completeness sake I also ran the next two... and they indeed did get uninstalled... I then re-checked them and, this time, they were not found!

I'll check them again the next time I restart my computer because I now have some suspicion that those may get automatically re-installed/"repaired."

Good thread thanks full of useful in formation.

I turned of updates in april 2013. Though in update history i noticed one sneaked in last march, a search revealed it was a Security Update for Windows Vista, strange as i am using 7. It was not one on the list thankfully. Maybe it came on when i restored it to its factory condition, i do not remember exactly when i did that.

Three of those updates are in the optional update list except for kb:3022345, that i cannot seem to find. Command prompt also said it was not installed. So it appears i am ok.

I assume that you know of a free program, peer block, that can block windows from connecting to you system among many other things.

One day i will do a reformat and never install any updates.

I have a friend who still uses xp and has never installed one update. They are turned of out of necessity. He has never had a problem.

I'm pretty well done with all the windows stuff, I think. I might ~finally~ throw in the towel and go for linux based systems.

Full circle, back to unix, where I started.

...

... I simply ran "C:\" as admin and ran all 4, just to make certain they are not there any more... none of the ran commands returned an error message... hmmm...Same here.

I am not sure what this means: "It is recommended to "hide" them afterwards so that they are not picked up and installed again on the computer system"

[...]
I am not sure what this means: "It is recommended to "hide" them afterwards so that they are not picked up and installed again on the computer system"

I take this to mean that once uninstalled, these updates will again show up on the list of "Available updates."

On the "Windows Update" pop-up window, there is a "Restore hidden updates" that makes these avoided updates visible to updates searches. When one right clicks on updates in the "Available Updates", one can see a "Hide update" option on the menu. Clicking the option removes the update from the list of updates one can chose to install.

My guess is that those particular updates are tagged a certain way so as to become invisible to the Windows routine that checks which updates have not yet been installed. May be that particular tag/switch returns "already installed" or a "don't install" to the update search.

...

... I simply ran "C:\" as admin and ran all 4, just to make certain they are not there any more... none of the ran commands returned an error message... hmmm...Same here.

I am not sure what this means: "It is recommended to "hide" them afterwards so that they are not picked up and installed again on the computer system"

Yes, this was pretty obscure and it took me a while to find this "feature". Also I am not sure that "hidding" that anything more that just as the name says, meaning: making it invsibile to human eye. It should have been called "Don't install" or "Ignore Update".

Any way, you need to open the list of Available Updates and then Right Click the one you want to hide and select "Hide".

Attached is a screen shot.

Click to enlarge:
31017

[...]

I'll check them again the next time I restart my computer because I now have some suspicion that those may get automatically re-installed/"repaired."

I re-checked after boot and none were" re-installed" or "Repaired." i.e. still "Not Installed On this Computer."

Now I'll watch for them if they show up in the next batch of "New Updates Available" when launching the "Check for Updates"?

Hey thanks Illie, great of you to share, I did a spot check (Window 7), I had KB3022345, KB3068708, did uninstalled, I'll check periodically to see what ''Window patches'' come my way!

Inspired by this thread, I googled around a bit. It is much worse than the 4 updates.
I found this page that I have run: http://www.hakspek.com/security/windows-script-to-remove-all-windows-10-telemetry-updates/
If you have windows 7 or 8 and do not want to have the windows 10, it's fine to run it.
scroll down to:
In order to rid your system of Microsoft sponsored spyware, follow the steps below.
1.Download .zip file from here
2.Unzip to known location
3.Go to unzipped location
4.Right click on block_w10.cmd
5.Click “run as administrator”
6.Follow on-screen instructions

After rebooting I checked what was left, and it had missed 2, which I remove manually as Ilie has described.

Next time it rains a day or two, then it's goodbye Windows, it's not funny any more !!!

Johnny :)

As predictable as clockwork...

3 of the uninstalled updates showed up, anew, on my "New Updates Available For Download" list:

Update for Windows 7 (KB3080149) (Optional)
Update for Windows 7 (KB3075249) (Optional)

Update for Windows 7 (KB3068708) Important

... so, I unchecked and "hid" them and hopefully they'll stay parked there so they do not get check-marked accidentally and installed with the next batch of updates.

Edit:
Checking the list found at the link provided (http://www.hakspek.com/security/windows-script-to-remove-all-windows-10-telemetry-updates/) by Johnny, above, two more "updates" got uninstalled although a search for them on the list of "Installed Updates" didn't return anything:


wusa /uninstall /kb:3021917 /norestart *
wusa /uninstall /kb:3035583 /norestart
wusa /uninstall /kb:2990214 /norestart
wusa /uninstall /kb:3044374 /norestart
wusa /uninstall /kb:2952664 /norestart *
wusa /uninstall /kb:3022345 /norestart
wusa /uninstall /kb:3068708 /norestart
wusa /uninstall /kb:3080149 /norestart
wusa /uninstall /kb:3075249 /norestart

I did not have so much time yesterday to post the/my result. It was on a laptop with 4 GB Ram and Windows 7 Home edition.

First, the title on http://www.hakspek.com/security/windows-script-to-remove-all-windows-10-telemetry-updates/ can be a bit misleading. It IS about Windows 7 -> 10.

My laptop is now running much more smoother than before, nearly like is was a new one.

I also have newer stationary computer with Windows 10 Pro downloaded a couple of weeks ago. It took me several hours to make it 'my own computer'.

One can not download Windows 10 without accepting the terms, which mainly are, that Microsoft can do what ever they will with our data AND computers.

Despite our efforts to get rid of all their crab,
As predictable as clockwork... they WILL find other ways to get what they want, so it will be an endless fight/game what ever, to protect our computers.

Cheers, Johnny :)

Has anyone tried the disconnect Firefox addon?

I does not provide information like ghostery.

Has anyone tried the disconnect Firefox addon?

I does not provide information like ghostery.

I'm not quite sure what you mean, but here is Ghostery: https://addons.mozilla.org/en-us/firefox/addon/ghostery/?src=search

Johnny :)

Has anyone tried the disconnect Firefox addon?

I does not provide information like ghostery.

I'm not quite sure what you mean, but here is Ghostery: https://addons.mozilla.org/en-us/firefox/addon/ghostery/?src=search

Johnny :)

If you check out this link from Ilie Pandia https://www.privacytools.io/ it has a list of Firefox extensions around the middle of the website. There is some good stuff on there.

I removed Ghostery and installed Disconnect. Ghostery provides details of blocked trackers, Disconnect does not. So i reinstalled Ghostery and i am now running both.

Ah i get it Disconnect is compatible with other filtering addons, but if i want to see the blocking info then i have to remove others like adblock plus. Disconnect has to be installed first. I am not doing this so i will assume that its working alongside ghostery.

Another "feature" that I had never seen before on my machine and which appeared after those fated "Windows Updates," is the one where one needs to "Unblock" downloaded programs or attachments so that one can run or read them without going through hoops to clear them for access... what a pain! Especially when one has folders after folders and subfolders (AKA subdirectories) full of those tagged files....

How to perform a "Bulk Unblocking" of these files and programs?


http://thewindowsclub.thewindowsclubco.netdna-cdn.com/wp-content/uploads/2012/08/blocked-box-600x300.jpg

http://cdn9.howtogeek.com/wp-content/uploads/2012/11/image41.png

So I braced myself for some Google-Fu and found this explanation and solution that's the best, so far:

From: Utility to recursively “Unblock” files downloaded from the Internet (http://sharemypoint.in/2008/11/06/utility-to-recursively-unblock-files-downloaded-from-internet/)
... Sysinternals Suite has an answer to our problem: they have a utility called “Streams.exe (http://www.microsoft.com/technet/sysinternals/utilities/Streams.mspx)” which is a console application.

[For the unblocking of a single file] run the command line:
streams -d filename
If you have a whole folder of files you want to unblock recursively, you can run the same command with the folder name and the -s switch to process all the files in that folder and any subfolders.
streams -s -d foldernameNote: You have to be running the command prompt as administrator or you'll get an "Access is Denied" error message.


Streams v1.53 - Enumerate alternate NTFS data streams
Copyright (C) 1999-2005 Mark Russinovich
Sysinternals - www.sysinternals.com (http://www.sysinternals.com)

usage: streams.exe [-s] [-d] <file or directory>
-s Recurse subdirectories (http://encyclopedia2.thefreedictionary.com/recurse+subdirectories)
-d Delete streamsFollowing are results of a command I ran to list all these files (Accept the EULA if you are running this for first time)

C:\>c:\SysInternalsSuite\streams.exe -s c:\SysInternalsSuite

Streams v1.56 - Enumerate alternate NTFS data streams
Copyright (C) 1999-2007 Mark Russinovich
Sysinternals - www.sysinternals.com (http://www.sysinternals.com)

c:\SysInternalsSuite\accesschk.exe:
:Zone.Identifier:$DATA 26
c:\SysInternalsSuite\AccessEnum.exe:
:Zone.Identifier:$DATA 26
c:\SysInternalsSuite\AdExplorer.chm:
:Zone.Identifier:$DATA 26
c:\SysInternalsSuite\ADExplorer.exe:
:Zone.Identifier:$DATA 26
c:\SysInternalsSuite\ADInsight.chm:
:Zone.Identifier:$DATA 26
c:\SysInternalsSuite\ADInsight.exe:
:Zone.Identifier:$DATA 26

[The únblocking would come about with the use of the -d switch which deletes these "Zone.Identifier:$DATAxy" tags.

To give an idea of what the command line in a DOS box "Run As Administrator" could look like with nested folders:


Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>cd\

C:\>E:\Downloads\Disk-Sys-Tools\Streams\streams.exe -s -d E:\DownloadsOriginal Sysinternals article (https://technet.microsoft.com/en-in/sysinternals/bb897440.aspx?f=255&MSPPError=-2147217396):

Streams v1.56
By Mark Russinovich, Published: April 27, 2007

Introduction
The NTFS file system provides applications the ability to create alternate data streams of information. By default, all data is stored in a file's main unnamed data stream, but by using the syntax 'file:stream', you are able to read and write to alternates. Not all applications are written to access alternate streams, but you can demonstrate streams very simply. First, change to a directory on a NTFS drive from within a command prompt. Next, type 'echo hello > test:stream'. You've just created a stream named 'stream' that is associated with the file 'test'. Note that when you look at the size of test it is reported as 0, and the file looks empty when opened in any text editor. To see your stream enter 'more < test:stream' (the type command doesn't accept stream syntax so you have to use more).

NT does not come with any tools that let you see which NTFS files have streams associated with them, so I've written one myself. Streams will examine the files and directories (note that directories can also have alternate data streams) you specify and inform you of the name and sizes of any named streams it encounters within those files. Streams makes use of an undocumented native function for retrieving file stream information.

Using Streams
Usage: streams [-s] [-d] <file or directory>
-s Recurse subdirectories.

-d Delete streams.
Streams takes wildcards e.g. 'streams *.txt'.

Download Streams (https://download.sysinternals.com/files/Streams.zip)
(41 KB)


Now... how to prevent 'em "blocks" to keep popping up with each new download?

From: Permanently disable file unblock security feature in vista (http://sharemypoint.in/2008/11/08/permanently-disable-file-unblock-security-feature-in-vista/)
[...]

On further analysis I came across a way to permanently disable the blocking process in vista using the group policies


In Windows Vista, Click Start.
In the Search box, Run box or console window type: GPEDIT.MSC to bring up the Group Policy Object editor.
Navigate to User Configuration > Administrative Templates > Windows Components > Attachment Manager. Here you will find a couple of policies related to this feature, but to disable it you'll want to ENABLE the policy called "Do not preserve zone information in file attachments".






http://sharemypoint.in/wp-content/uploads/2008/11/vistadisablefileunblockfeatureusinggrouppolicy-thumb.gif (http://sharemypoint.in/wp-content/uploads/2008/11/vistadisablefileunblockfeatureusinggrouppolicy.gif)






Close the GPO editor.



Either logoff your computer, or refresh the local policy by typing the following command in a Command Prompt or in the Run box:



gpupdate /force
So you can deploy this to all users (Not advisable) but if there is a pressing need to do it then this is the way to go.
That should give anyone, geek enough to understand the above, some ideas as to how to proceed with Win-7/-8/-8.1/-10.

Yep... Johnny, the site is now off:

"This Account Has Been Suspended".

¬¬

But thanks for the tip. I'll search for another source for that zip file.


Inspired by this thread, I googled around a bit. It is much worse than the 4 updates.
I found this page that I have run: http://www.hakspek.com/security/windows-script-to-remove-all-windows-10-telemetry-updates/
If you have windows 7 or 8 and do not want to have the windows 10, it's fine to run it.
scroll down to:
In order to rid your system of Microsoft sponsored spyware, follow the steps below.
1.Download .zip file from here
2.Unzip to known location
3.Go to unzipped location
4.Right click on block_w10.cmd
5.Click “run as administrator”
6.Follow on-screen instructions

After rebooting I checked what was left, and it had missed 2, which I remove manually as Ilie has described.

Next time it rains a day or two, then it's goodbye Windows, it's not funny any more !!!

Johnny :)

Yep... Johnny, the site is now off:

"This Account Has Been Suspended".

¬¬

But thanks for the tip. I'll search for another source for that zip file.


Inspired by this thread, I googled around a bit. It is much worse than the 4 updates.
I found this page that I have run: http://www.hakspek.com/security/windows-script-to-remove-all-windows-10-telemetry-updates/
If you have windows 7 or 8 and do not want to have the windows 10, it's fine to run it.
scroll down to:
In order to rid your system of Microsoft sponsored spyware, follow the steps below.
1.Download .zip file from here
2.Unzip to known location
3.Go to unzipped location
4.Right click on block_w10.cmd
5.Click “run as administrator”
6.Follow on-screen instructions

After rebooting I checked what was left, and it had missed 2, which I remove manually as Ilie has described.

Next time it rains a day or two, then it's goodbye Windows, it's not funny any more !!!

Johnny :)

Hi Inaiá.

I googled block_w10.cmd and found this site: http://www33.zippyshare.com/v/IrP7nYR6/file.html# when you unzip it, it is a .bat file, but it seems to be the same.

The whole file is also here: https://github.com/WindowsLies/BlockWindows/blob/master/BlockWindows.bat

I do not remember if I ran it on this machine (win 10) if I did, it is removed from the drive, if that is the case it means WAR !!!

Remember if you have 'No Script' on your computer to allow the site.

Cheers Johnny :)

ps: remember also to run the .bat file as administrator !!

The whole file is also here: https://github.com/WindowsLies/BlockWindows/blob/master/BlockWindows.bat

I'm glad to see that bat script addresses KB2952664 which installs a program that scans all your files called: CompatTelRunner.EXE

I found that thing in task manager, using my precious cpu, and I wondered what it was. My research turned up this:

http://superuser.com/questions/944067/windows-disk-i-o-100-at-boot-for-20-minutes



Short answer: it's "legitimate" disk usage by a MS tool, just like the MsMpEng (MS Malware Protection Engine) it's scanning your disk regularly.

How do I get to that statement? Well, I have had the same behaviour on my Win 7 machines and did some digging. First, I used the Resource Monitor and found CompatTelRunner.exe reading what looked like all of my disks/files, like e.g. a malware scanner does. During that time it was also writing to a directory ( C:\windows\temp\compattelemetrylogs ). When it was done with the disk work, it started showing network activity on the upstream (matching what is mentioned in an Avast Forum Entry). I checked the above directory and found confirmed what the file and directory names hint at: it seems to be "Compatibility Telemetry Information". That means that MS seems to be scanning all PCs that have the update installed (i.e. all that are Win10-compatible), collecting information about all installed programs and features (read: about "everything"), and then sends at least part of that information or a status report to MS servers (I have not network-screened it... yet).

The frequent re-releases of the update can mean many different things, like compatibility updates, scan rule updates, anything, really. However, I don't like that MS scrapes all of my machines (and everyone else's, too) for information and does not tell me about it. Even if that information may be helpful or even necessary in providing the seamless upgrade path to Win10.

If you don't want to go to Win10 on that machine, you should consider removing the upgrade.


edit--I run Windows 7 Enterprise and this is on my work computer, which I use to write code.

The whole file is also here: https://github.com/WindowsLies/BlockWindows/blob/master/BlockWindows.bat

I'm glad to see that bat script addresses KB2952664 which installs a program that scans all your files called: CompatTelRunner.EXE

I found that thing in task manager, using my precious cpu, and I wondered what it was. My research turned up this:

http://superuser.com/questions/944067/windows-disk-i-o-100-at-boot-for-20-minutes



Short answer: it's "legitimate" disk usage by a MS tool, just like the MsMpEng (MS Malware Protection Engine) it's scanning your disk regularly.

How do I get to that statement? Well, I have had the same behaviour on my Win 7 machines and did some digging. First, I used the Resource Monitor and found CompatTelRunner.exe reading what looked like all of my disks/files, like e.g. a malware scanner does. During that time it was also writing to a directory ( C:\windows\temp\compattelemetrylogs ). When it was done with the disk work, it started showing network activity on the upstream (matching what is mentioned in an Avast Forum Entry). I checked the above directory and found confirmed what the file and directory names hint at: it seems to be "Compatibility Telemetry Information". That means that MS seems to be scanning all PCs that have the update installed (i.e. all that are Win10-compatible), collecting information about all installed programs and features (read: about "everything"), and then sends at least part of that information or a status report to MS servers (I have not network-screened it... yet).

The frequent re-releases of the update can mean many different things, like compatibility updates, scan rule updates, anything, really. However, I don't like that MS scrapes all of my machines (and everyone else's, too) for information and does not tell me about it. Even if that information may be helpful or even necessary in providing the seamless upgrade path to Win10.

If you don't want to go to Win10 on that machine, you should consider removing the upgrade.


edit--I run Windows 7 Enterprise and this is on my work computer, which I use to write code.

Here is a great free tool IMO, so you can see what is happening and has happened (history) on your computer: http://systemexplorer.net/

Johnny :)

Thank you, Johnny!

I downloaded the file on the second link you provided and will run it in my notebook.

Let's persevere.

Hugs,

Inaiá




Yep... Johnny, the site is now off:

"This Account Has Been Suspended".

¬¬

But thanks for the tip. I'll search for another source for that zip file.


Inspired by this thread, I googled around a bit. It is much worse than the 4 updates.
I found this page that I have run: http://www.hakspek.com/security/windows-script-to-remove-all-windows-10-telemetry-updates/
If you have windows 7 or 8 and do not want to have the windows 10, it's fine to run it.
scroll down to:
In order to rid your system of Microsoft sponsored spyware, follow the steps below.
1.Download .zip file from here
2.Unzip to known location
3.Go to unzipped location
4.Right click on block_w10.cmd
5.Click “run as administrator”
6.Follow on-screen instructions

After rebooting I checked what was left, and it had missed 2, which I remove manually as Ilie has described.

Next time it rains a day or two, then it's goodbye Windows, it's not funny any more !!!

Johnny :)

Hi Inaiá.

I googled block_w10.cmd and found this site: http://www33.zippyshare.com/v/IrP7nYR6/file.html# when you unzip it, it is a .bat file, but it seems to be the same.

The whole file is also here: https://github.com/WindowsLies/BlockWindows/blob/master/BlockWindows.bat

I do not remember if I ran it on this machine (win 10) if I did, it is removed from the drive, if that is the case it means WAR !!!

Remember if you have 'No Script' on your computer to allow the site.

Cheers Johnny :)

ps: remember also to run the .bat file as administrator !!

Really appreciate the terrific advice on this thread (I turned off Windows updates years ago and amazingly, stopped having problems with my PC ever since!). But I do wonder how long it will be before our lack of updates makes our OS incompatible with other (newer) programs??

I'd just like to issue a general warning about download .BAT or .COM files from various sites to help you stuff in the core of the Operating System. I personally never do that as I do not trust a program to have that kind of access on my computer.

The problem: even if the program/script authors are very good and well meaning people, it is incredibly easy for those tools be hijacked into doing a bunch of other stuff that they should not be doing.

The solution: while more difficult, I prefer finding a tutorial that shows me how to do things manually. It may take 2 hours to finally get it, instead of 1 minute, but at least I have an idea what I was doing instead of using a "black box" and trusting that it is "genuine".

@KiwiElf: lack of updates will almost never cause problems with newer programs. So that is not a concern. Lack up updates can sometimes leave your system open to vulnerabilities. So dammed if you do... dammed in you don't... My personal solution: I do not do automatic updates, I get notified that an update is available and I read the description and do my best to make an informed decision whether I want that on my system or not. And as I side note: I have been running the old Windows XP for many, many years with the updates disabled, but I had what was called back then "Service Pack 2".

I'd just like to issue a general warning about download .BAT or .COM files from various sites to help you stuff in the core of the Operating System. I personally never do that as I do not trust a program to have that kind of access on my computer.

The problem: even if the program/script authors are very good and well meaning people, it is incredibly easy for those tools be hijacked into doing a bunch of other stuff that they should not be doing.

The solution: while more difficult, I prefer finding a tutorial that shows me how to do things manually. It may take 2 hours to finally get it, instead of 1 minute, but at least I have an idea what I was doing instead of using a "black box" and trusting that it is "genuine".

@KiwiElf: lack of updates will almost never cause problems with newer programs. So that is not a concern. Lack up updates can sometimes leave your system open to vulnerabilities. So dammed if you do... dammed in you don't... My personal solution: I do not do automatic updates, I get notified that an update is available and I read the description and do my best to make an informed decision whether I want that on my system or not. And as I side note: I have been running the old Windows XP for many, many years with the updates disabled, but I had what was called back then "Service Pack 2".

I totally agree with you, that is why one have to save the file (.bat .cmd ) and check the contents before one run the file. I think it is the first time I ever had run a stranger .bat file on my machine, but of course I checked it.

That is why I also made attention to that file https://github.com/WindowsLies/BlockWindows/blob/master/BlockWindows.bat which one can copy and paste to a .bat file.

But your warning is definitely in place.


My personal solution: I do not do automatic updates, I get notified that an update is available and I read the description and do my best to make an informed decision whether I want that on my system or not.

Many times just saying virtually nothing, and for Win 10 you have to download the file/s and then remove them, if you do not like them.


Johnny :)

Really appreciate the terrific advice on this thread (I turned off Windows updates years ago and amazingly, stopped having problems with my PC ever since!). But I do wonder how long it will be before our lack of updates makes our OS incompatible with other (newer) programs??

Dont upgrade your software. It worked perfectly well when it was new. If it works don't fix it.

I have a friend running Windows 98. Never an update, same old software, hosts a website no problems. If a bug causes a problem with a program, then just reinstall it. Hey presto good as new.

I was looking today at various tasks Windows is set to do and discovered I was taking part in Windows Customer Experiece Program despite not opting to take part when installing Win. Possible some update has turned it on without my knowledge. A few searches later I had it all disabled again.

You will need to take a look at your own individual Task Scheduler to see what various 'things' are set to run.

Assuming you find things turned on... A simple set of instructions can be found here.

https://pubs.vmware.com/view-51/topic/com.vmware.view.administration.doc/GUID-BE82165B-13BC-4FD9-A9CF-FBEF6343D98A.html

Note: In Win7 I couldn't see Action Centre in the Control Panel listings but typing Action into search box, (top right CP), brought me straight to it.

I'm not really tech savvy but this seems a reasonable procedure to follow. If you know different do share. :)