Thanks for the tip on peerblock, interesting program, still exploring and liking how it works. Will the list that is being worked on be posted? Regards
Include xBox x86: Microsoft-Windows-Client-Features-Package-AutoMerged-xbox~31bf3856ad364e35~amd64~~10.0.10240.16384
@lite8 ProviderKey related to netsh wfp show filters (Windows Filtering Platform}, file filters.xml Find ProviderKey in regedit.
I've been playing a bit with Win10 on VMware Workstation and found out how to capture all traffic that happens on the NAT interface. It will capture everything even before Windows fully boot up. It is saved into PCAP file which can be loaded into Wireshark or similar tools. I prefer it to running some other sniffing tools within virtualized OS itself. Maybe it will be of some use to some of you who would like to inspect it all traffic thoroughly. You can try it for yourselves by running following command on host as admin: Code: "C:\Program Files (x86)\VMware\VMware Workstation\vnetsniffer.exe" /e /w C:\win10spy.pcap vmnet8 vmnet8 is a default network interface for virtual NAT connectivity. You can check if it's yours as well in VMware workstation by going to Edit -> Virtual Network Editor Also make sure your virtual machine's network card is set to NAT (not bridged or anything). Then you can load the file (C:\win10.pcap in this example) in Wireshark on your host computer and analyze all traffic. I played with it just a while and my findings so far are: When you set your Windows Firewall to block all incoming and outcoming connections, Windows Firewall will truly block everything except during boot time where some traffic unfortunately happens When using above firewall setup (block all out/in connection by WinFirewall), whitelising Windows update services don't make updating work like it used to in pprevious Windows versions) When installing updates (manually by .msu), some Firewall rules were created without permission, resulting in some traffic leaking out Takeaway I get what I found so far is, that if I were to use Win10 as main operating system I would set firewall to block everything and only whitelist to allow basic networking and features: ICMP protocol for "System" process to allow pinging UDP port 53 svchost (dnscache service) for DNS resolving UDP local port 68 remote port 67 for svchost-dhcp service if using DHCP UDP port 123 for svchost-w32time for time synchronization From there on I would only whitelist network applications like browser/torrent/online games etc. For updating Windows it would be best to only download and install .msu packages manually every now and then (which would be very easy in Win10 as they are cumulative, so only one .msu file), making sure to go offline during update and then ensuring no unwanted firewall rules were created by the update process. Doing all this should block all spying traffic. What do you think?
cant find this key WFPLWFS Microsoft Windows Filtering Platform Microsoft Corporation c:\windows\system32\drivers\wfplwfs.sys 7/10/2015 6:23 AM cant be disabled cant find in xml also
Can someone remember which service it is that "checks" KMS activations in with Microsoft? Can't seem to find the tip about it again.
here is my hosts list, it has a couple of extra entries that i gathered from other sources on the net, it's also alphabetically sorted... i merged most of the OP entries, except the skype ones h.t.t.p://pastebin.com/T3pZe1P5 remove http dots there are some ips on the list, you have to block them in a firewall, putting them in a hostfile doesn't block them
Ah secret knowledge that nobody can follow how this will ever lead to anything, given out piecemeal, by someone new. Well I'm sold this is definitely going to be more effective than actual known working factually based techniques. Somehow. /puts down his MASSIVE SARCASM quotes.
What I was referring to was something that sends out to Microsoft whenever a KMS activation is made. Cannot for the life of me find what it was called now.
Thank you so much for the app But I'm just wondering why the app name is S.M.R.T? I thought it was for hard disk related thing. I thought that Win 10 Collector Edition Blaster would be better since people will google how to blast off the collecting feature of Windows 10 for good.
Has anyone looked into what exactly the Tile Data model server service (their random capitals, not mine...) is up to, and why even with "apps" removed it cannot seem to be killed? Personally, I really really want to kill that one if possible.