Windows7/8 - Updates To Hide To Prevent Windows 10 Upgrade / Disable Telemetry

I have been noticing lately a lot of people keep asking the same question on how to prevent the Windows 10 upgrade so here is a list of updates that need to be hidden in order to prevent the Windows 10 Upgrade or prevent updates that enable Telemetry, some of them are system preparation for the upgrade so you may not find them all in your updates list until a pre-requistie update was installed before.

If doing a clean installation of Windows 7 or 8, you need to scan the list of updates carefully everytime updates appear to ensure none of them re-appears as Micro$h4ft has been showing some of them again even if you hide them.

If you have already installed Windows and did a few updates, then head over to Control Panel > Programs and Features > View Installed Updates then go from the top to the bottom through the list to ensure none of them is installed, if you do find one installed, then uninstall it, reboot, then check for updates and once it appears right click on it and hide it.

These Windows 10 upgrade activation updates are like a virus really, only thing is, it's a legit virus

=============================================================
First of all, for Windows 7 users, let's install the Disable IE 10 and IE 11 toolkit in order for them to not showup in Windows Updates because if one installs them, he would get KB2670838 installed automatically as they come bundled with them which will break the AERO functionality on many systems and/or display blurry fonts in your browser on some sites.

IE10 BlockerToolkit

IE11 BlockerToolkit

Once you run any of the above downloaded EXEs, it will ask you to extract the contents to a folder. Select the folder you want then go through the Read Me File for instructions.

Here is how I blocked IE 10/11 on my system. Note that my computer name is PREDATOR hence you need to replace PREDATOR with your computer name.

http://i.imgur.com/o4hts1U.png

=============================================================
KB2505438 (Although it claims to fix performance issues, it often breaks fonts)
KB2670838 (The EVIL Update, breaks AERO on Windows 7 and makes some fonts on websites fuzzy, Windows 7 specific update only, do not install IE10 or 11 otherwise it will be bundled with them, IE9 is the max version you should install)
KB2882822 (Very fishy update that just popped up with not enough detail about it)
KB2902907 (Microsoft Security Essentials)
KB2952664 ("Get Windows 10" Assistant)
KB2976978 (Windows 10 Upgrade preparation for Windows 8)
KB2977759 (Windows 10 Upgrade preparation for Windows 7)
KB2990214 (Windows 10 Upgrade preparation for Windows 7)
KB3012973 (Force Trigger Download and Install of Windows 10)
KB3015249 (Adds telemetry points to consent.exe in Windows 7 & Windows 8)
KB3021917 (Windows 10 Upgrade preparation + Telemetry)
KB3022345 (Telemetry)
KB3035583 (GWX Update installs the "Get Windows 10" app in Windows 7 & Windows 8)
KB3042058 (Microsoft claims its a security update but it contains Winlogon Spying)
KB3044374 (Windows 10 Upgrade for Windows 8 systems)
KB3050267(Windows 10 upgrade preparation but also adds the option in GPEDIT to disable Windows 10 upgrade altogether so you may want to actually install this)
KB3064683 (Windows 10 Upgrade for Windows 8)
KB3065987 (Windows 10 Upgrade for Windows 7)
KB3065988 (Windows 10 Upgrade for Windows 8)
KB3068708 (Telemetry)
KB3072318 (Windows 10 Upgrade preparation for Windows 8)
KB3074677 (Windows 10 Upgrade preparation)
KB3075249 (Telemetry)
KB3075851 (Windows 10 Upgrade for Windows 7)
KB3075853 (Windows 10 Upgrade for Windows 8)
KB3080149 (Telemetry)
KB3081437 (Windows 10 Upgrade preparation)
KB3081454 (Windows 10 Upgrade preparation)
KB3081954 (Telemetry Update for Windows 7)
KB3083324 (Windows 10 Upgrade preparation for Windows 7)
KB3083325 (Windows 10 Upgrade preparation for Windows 8)
KB3083710 (Update for the Windows Update client with sketchy details for Windows 7, see this thread)
KB3083711 (Update for the Windows Update client with sketchy details for Windows 8, see this thread)
KB3086255 (Flagged as an Important update. It disables SafeDisc games in Windows Vista, 7, and 8/8.1)
KB3088195 (Miscorosft Claims it's a security update but also has a key logger on the Kernel Level)

KB3090045 (Windows 10 Upgrade Update for Windows 7/8)
KB3093983 (Microsoft claims it's a security update but it contains IE spying)
KB3102810 (Fixes an issue regarding long wait while searching for Windows Updates but also has Windows 10 Upgrade preparation for Windows 7)
KB3102812 (Fixes an issue regarding long wait while searching for Windows Updates but also has Windows 10 Upgrade preparation for Windows 8)
KB3107998 (Removes Lenovo USB Blocker)
KB3112336 (Windows 10 Upgrade for Windows 8)
KB3112343 (Windows 10 Upgrade for Windows 7)
KB3123862 (Windows 10 Upgrade for Windows 7 & 8)
KB3135445 (Windows 10 Upgrade for Windows 7)
KB3135449 (Windows 10 Upgrade for Windows 8)
KB3138612 (Fishy update to for Windows Updates)
KB3138615
KB3139929 (Fishy update for Windows 7/8 to Windows 10 Upgrade)
KB3146449 (Windows 10 Upgrade for Windows 7/8)
=============================================================
To uninstall all the above updates in one shot rather than looking for any of them if they are installed or not as it can be a daunting task to go through the large list of installed updates, @Ethremcreated a great script that does this job. Please make sure to rep him for his hard work.

Download the "Remove Telemetry-Win10 Upgrade Updates Script" then extract it from the ZIP file. After that, you need to right click on it and choose Run as Administrator and wait for the on screen message to display that all updates have been uninstalled.

Reboot after that and search for Windows updates again, once you see them bad updates re-appear, just right click on them and select HIDE from the context menu.

To do this manually for each update, simply run the below command in an elevated command prompt.

Code:

wusa /uninstall /kb:2505438 /norestart

Replace the number in red with the KB Update # you want to uninstall.

=============================================================
Additionally, please go to Task Scheduler and disable the following items:

Note: instead of doing this manually, you can simply download this batch file I created, right click on it and choose Run as Administrator and it will disable all the privacy related tasks.

Download Disable Task Scheduler Privacy Related tasks Batch File

http://i.imgur.com/MwOB7K2.png

http://i.imgur.com/LS0eplm.png

http://i.imgur.com/bfik5z9.png

http://i.imgur.com/2B93nba.png

=============================================================
Please ensure you have KB3050265 (Which fixes a major leak in Windows Updates that causes slow scanning and also adds the option to disable automatic update to the latest Windows Virus) then head over to Group Policy Editor and to this:
View attachment 128267

=============================================================
Finally, create an empty TXT in notepad and copy/paste the below text then save it as hosts without any extension; then copy this file to C:\Windows\System32\drivers\etc overwriting the existing file then reboot.

This hosts file will block OpenCandy Malware, Telemetry, and a few dangerous domains like SourceForge. Feel free to remove any entry you don't want to block.

Spoiler: Phoenix Hosts File

Code:

[FONT=Georgia]# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#    127.0.0.1       localhost
#    ::1             localhost

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 bi.bisrv.com
127.0.0.1 www.softonic.com
127.0.0.1 softonic.com
127.0.0.1 sourceforge.net
127.0.0.1 www.bestvistadownloads.com
127.0.0.1 image.online-convert.com/convert-to-ico
127.0.0.1 tracking.opencandy.com.s3.amazonaws.com
127.0.0.1 media.opencandy.com
127.0.0.1 cdn.opencandy.com
127.0.0.1 tracking.opencandy.com
127.0.0.1 api.opencandy.com
127.0.0.1 offer.alibaba.com
127.0.0.1 t.nuvidp.com
127.0.0.1 data.causingcopeirritating.info
127.0.0.1 www.toastedballs.com
127.0.0.1 a.ads1.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 a.ads2.msn.com
127.0.0.1 a.rad.msn.com
127.0.0.1 a-0001.a-msedge.net
127.0.0.1 a-0002.a-msedge.net
127.0.0.1 a-0003.a-msedge.net
127.0.0.1 a-0004.a-msedge.net
127.0.0.1 a-0005.a-msedge.net
127.0.0.1 a-0006.a-msedge.net
127.0.0.1 a-0007.a-msedge.net
127.0.0.1 a-0008.a-msedge.net
127.0.0.1 a-0009.a-msedge.net
127.0.0.1 ac3.msn.com
127.0.0.1 ad.doubleclick.net
127.0.0.1 adnexus.net
127.0.0.1 adnxs.com
127.0.0.1 ads.msn.com
127.0.0.1 ads1.msads.net
127.0.0.1 ads1.msn.com
127.0.0.1 aidps.atdmt.com
127.0.0.1 aka-cdn-ns.adtech.de
127.0.0.1 a-msedge.net
127.0.0.1 az361816.vo.msecnd.net
127.0.0.1 az512334.vo.msecnd.net
127.0.0.1 b.ads1.msn.com
127.0.0.1 b.ads2.msads.net
127.0.0.1 b.rad.msn.com
127.0.0.1 bs.serving-sys.com
127.0.0.1 c.atdmt.com
127.0.0.1 c.msn.com
127.0.0.1 cdn.atdmt.com
127.0.0.1 cds26.ams9.msecn.net
127.0.0.1 choice.microsoft.com
127.0.0.1 choice.microsoft.com.nsatc.net
127.0.0.1 compatexchange.cloudapp.net
127.0.0.1 corp.sts.microsoft.com
127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com
127.0.0.1 cs1.wpc.v0cdn.net
127.0.0.1 db3aqu.atdmt.com
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 diagnostics.support.microsoft.com
127.0.0.1 ec.atdmt.com
127.0.0.1 feedback.microsoft-hohm.com
127.0.0.1 feedback.search.microsoft.com
127.0.0.1 feedback.windows.com
127.0.0.1 flex.msn.com
127.0.0.1 g.msn.com
127.0.0.1 h1.msn.com
127.0.0.1 i1.services.social.microsoft.com
127.0.0.1 i1.services.social.microsoft.com.nsatc.net
127.0.0.1 lb1.www.ms.akadns.net
127.0.0.1 live.rads.msn.com
127.0.0.1 m.adnxs.com
127.0.0.1 msedge.net
127.0.0.1 msftncsi.com
127.0.0.1 msnbot-65-55-108-23.search.msn.com
127.0.0.1 msntest.serving-sys.com
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 pre.footprintpredict.com
127.0.0.1 preview.msn.com
127.0.0.1 rad.live.com
127.0.0.1 rad.msn.com
127.0.0.1 redir.metaservices.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 schemas.microsoft.akadns.net
127.0.0.1 secure.adnxs.com
127.0.0.1 secure.flashtalking.com
127.0.0.1 services.wes.df.telemetry.microsoft.com
127.0.0.1 settings-sandbox.data.microsoft.com
127.0.0.1 settings-win.data.microsoft.com
127.0.0.1 sls.update.microsoft.com.akadns.net
127.0.0.1 sqm.df.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 ssw.live.com
127.0.0.1 static.2mdn.net
127.0.0.1 statsfe1.ws.microsoft.com
127.0.0.1 statsfe2.ws.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.microsoft.com
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 v10.vortex-win.data.microsoft.com
127.0.0.1 vortex.data.glbdns2.microsoft.com
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 vortex-bn2.metron.live.com.nsatc.net
127.0.0.1 vortex-cy2.metron.live.com.nsatc.net
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 vortex-win.data.metron.live.com.nsatc.net
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 watson.live.com
127.0.0.1 web.vortex.data.microsoft.com
127.0.0.1 www.msftncsi.com
::1 localhost[/FONT]

(Note: You may notice that my list of entries in the HOSTS file are less than those found on other sites, reason being is after testing, when some of the addresses were in the HOSTS file, it caused problems connecting to some Micro$h4ft sites like the Micro$h4ft Office account page for managing your office subscriptions and OneDrive; but as long as you use this list along with O&O Shutup10 you should be safe.)

 

People can simplify it by using he GWX Control Panel

 

I know about GWX Control Panel and it's good to use it in conjunction with this guide. I don't think GWX Control Panel hides the telemetry updates as well does it?

 

For the average user who simply doesn't want Win10 at all or at this time, GWX is the easiest.

 

True, I like to not have them updates installed in the first place. The manual way if you know what I mean.

 

The Evil Update KB2670838, is way less of an issue now than it was with the first year or so's versions, as other updates have also moved on.

IE10/11/KB2670838 no longer causing font issues in other software, unless you're still using an ancient install of W7 with lots of old KB update versions bogging it down. A fresh install of W7 SP1 + IE11, then run WU = no problem with blurry fonts.