It doesn´t work this way? Code: PowerShell.exe -ExecutionPolicy UnRestricted -File .\TrackingWiz.ps1 or Code: TYPE .\TrackingWiz.ps1 | PowerShell.exe -noprofile - or, to make the change permanent for the current user Code: reg add "HKCU\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell" /v "ExecutionPolicy" /t REG_SZ /d "Unrestricted" /f
By the way, NTLite (the new nLite) has Windows 10 TP support and can remove the Unified Telemetry Client!
If you use nlite for the add-package features, you're doing it wrong. It's for removing packages and 'lite'ing the image.
Sigh you guys need to learn that there is no silver bullet for the Telemetry. This is going to be a bit messy in regards of taking care of it to turn it off. That being said I'm going to establish some rules for taking care of this. Rule #1: No reverse Engineering / File replacement Rule #2: It must be easy to undo. (we would have to stop multiple services to do a file replacement of the dnsapi) Rule #3: It has to be on a live copy and not in the WIM editing This means we need to be able to do it on a live copy of the Operating system as doing WIM modifications is a pain in the ass. Also editing of the dnsapi messes with the internet connection for the dns lookup function. If we mess it up at all then you won't be able to access any sites. You'll also break Windows update as your sites will not be able to resolve.
Wim edit is the silver bullet. Spoiler Stop acting like an MDL Mom, these are our computers, no one cares about your rules, we'll always do things our way. Some people will want to fully remove this crap via Install_Wim_Tweak and some will want to use your crappy little script. Just because you don't have time to test every method or understand how wim editing works, does not mean it is not a valid choice for other readers. In fact, that's why most people like MDL, we are not limiting in our mindset. All solutions are plausible.
Ok go ahead hack the dnsapi.dll. I'm out on doing that because of the mess it entails. I'd rather not mess up the thing that does the domain name service resolution. I never said it wasn't a valid way to do things simply put if you want to screw up the internet controller so you can't use any internet your part of then go ahead be my guest. All solutions are plausible however if you screw over your computer in the process then it is not the best solution. The best solution is one that is easy to fix, doesn't require a huge amount of effort to do, and one that takes little or not time to implement. To put it simply WHY would you hack the DNSAPI? To say we are limiting our mindset after going through the registry, service files, and taking apart other files in the process is simply insulting. This is a horrible idea where if you do anything wrong in the hex editing many things can go wrong.
Spoiler I was actually talking about removing the telemetry packages from the install.wim before installation, at which point the dnsapi.dll becomes a moot point. i.e. There would be no need to mess with dnsapi.dll once the telemetry package is removed. But there is a need for an OEM method to remove telemetry. It might be simple as pointing install_wim_tweak at your wim and removing all packages like *telemetry* or *aasimov* or whatever it turns out to be.
Ok on the oem side I agree however that's a bit cumbersome to implement on a live system that has already been installed. I'll look at the dnsapi a little bit so we can go for both angles At the moment it will have to wait a little bit
Even if you put this address in the hosts file explorer.exe still connects with it whenever you search for something in the start menu.
I noticed recently on Windows 7 using firefox that if I block that IP, Bing search no longer works. Something new to do with "content protection" I think it was. I think it may be here to stay.
I might mess with install_wim_tweak when the next build goes live and see if I can work up a modified decryption script that mounts and removes the telemetry package. I make no promises, though. They might release it right around patch date and thus leave me too busy to tinker. I would insist that it's more of a "use at your own risk" venture though..
Can you or anyone run these commands on a W10 box and attach the files. This will create a list of all the W10 available services. The second gets a list of all 'features' available, but it will only run on server OS (w10, 2012-r2) due to limitation of the 'Get-WindowsFeature' cmdlet. Open to suggestion on how to get the same list of features from a W10 desktop. Notes: I cannot use "Dism /online /Get-Features" because it does not seem to contain the Parent feature, which is needed for Node creation (treeview control). Maybe "Get-WmiObject Win32_OptionalFeature" is where I need to look (no parent field either).
That's kinda why I removed the ms search from the ip list because we cannot hinder functionality of the OS. We do not need to block the search functionality just the application data that is being transferred. Data mining of your search history already is done that's why your gmail has ads that appeal more to you on that basis. @WIM modding: That would be intriguing to look into
alternatively, we can flip those registry bits listed in the install_wim_tweak source to allow dism to use remove-feature /online. people can add it back from there install.wim later via add-package. Maybe bubbles super nasty extractor can create a package of telemetry for re-insertion.
We could do it via an online wim image feature switch. I almost want to open up the install.wim just to tinker with it a bit here and there but it takes forever to modify the wim close it back up. Then test the thing from a fresh install.