Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Just found DiagTrack running in Services


  • Please log in to reply
7 replies to this topic

#1 RVAH-12

RVAH-12

  • Banned
  • 104 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:22 AM

Posted 28 August 2015 - 02:02 AM

If you do a search here for "DiagTrack" or "Diag Track" you should find that it is not good. IMHO  I never came across the thread to know about it although it has been around for a while.  It has recently appeared in my Services, so I looked into it.  I have since then disabled ALL (4 of them for me) "Diagnostic Services" off.  But they are tricky ... in Services Properties in the "Recovery" tab they have it arranged so that it will reset after 1 day if you just set it to Stop/Manual.  So I have Stopped and Disabled it, then set all "Failure modes" to "Take No Action' and "reset fail count after:" to 0 days.  No other services are dependent, but it needs Remote Procedure Call to work.  I left Remote Procedure Call alone because it is also used for legitimate services (I think).  At this point MS is the LAST thing I want to listen to for diagnostic advice.  Literally, the last.

-RVAH-12


Edited by hamluis, 28 August 2015 - 09:31 AM.
Moved from Win 7 to Tips/Tricks - Hamluis.


BC AdBot (Login to Remove)

 


#2 RVAH-12

RVAH-12
  • Topic Starter

  • Banned
  • 104 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:22 AM

Posted 28 August 2015 - 02:11 AM

Just found what seems to be a good site with information on this:  gHacks Tech News@http://www.ghacks.net/2015/05/12/how-to-disable-the-diagnostics-tracking-service-in-windows/  Here's a snippet (below)

 

Windows 7 and 8.1, Server 2008 R2 and Server 2012 R2 users and admins who have already installed the patches Microsoft released today for those operating system may have noticed that the updates included a patch that added a Diagnostics Tracking Service service to the operating system.

Windows 10 users may know the service already as it has been part of the operating system for some time.

The support article that Microsoft has created for the patch reveals little information about the actual purpose of the service.

This update enables the Diagnostics Tracking Service in Windows 8.1, Windows Server 2012 R2, Windows 7 Service Pack 1 (SP1), and Windows Server 2008 R2 SP1. This tracking service collects data about functional issues in Windows.

The description reveals no information about the purpose other than that it is collecting data about functional issues and sending those information to Microsoft.

The patch has been released for Windows 7 with Service Pack 1, Windows Server 2008 R2 with Service Pack 1, Windows 8.1 and Windows Server 2012 R2. Basically, for the majority of supported versions of Windows with the exception of Windows Vista, Windows Server 2003 and Windows RT.



#3 Scoop8

Scoop8

  • Members
  • 326 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas TX
  • Local time:05:22 AM

Posted 29 August 2015 - 07:34 AM

Thanks for the info on DiagTrack.  I also noticed it a while back after a WU installed.  After reading up on the service, it appeared to me to be related to one of the Win 10 prep items.

 

 



#4 RVAH-12

RVAH-12
  • Topic Starter

  • Banned
  • 104 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:22 AM

Posted 29 August 2015 - 05:05 PM

Thanks for the info on DiagTrack.  I also noticed it a while back after a WU installed.  After reading up on the service, it appeared to me to be related to one of the Win 10 prep items.

 

 

 

You are welcome.  I also found this:

 

This is a list (I assume that it is complete) of the Win 10 prepper updates that I have removed.  I was surprised that I had all of them.  I thought that I was Win 10 free.  Keep in mind that MS will probably try to sneak them back in either under the same KB# or perhaps a new one, so stay vigilant. - R

 

KB2952664 Compatibility update for upgrading Windows 7

KB2990214 Update that enables you to upgrade from Windows 7 to a later version of Windows
KB3021917 Update to Windows 7 SP1 for performance improvements
KB3022345 Update for customer experience and diagnostic telemetry
KB3035583 Update installs get windows 10 app in Windows 8.1 and Windows 7 SP1
KB3068708 (replaces KB3022345) Update for customer experience and diagnostic telemetry
KB3075249 Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
KB3080149 Update for customer experience and diagnostic telemetry



#5 Scoop8

Scoop8

  • Members
  • 326 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Dallas TX
  • Local time:05:22 AM

Posted 29 August 2015 - 07:24 PM

Thanks for the KB list.

 

I have one installed from your list, KB3068708 .

 

Your list jogged my memory so I checked my Tasklist captures and sure enough, DiagTrack first appeared on one of my Tasklist files on 06/17 .  I recall looking at the Properties and the launch date was the same time as the KB3068708 install on 06/15 .



#6 Union_Thug

Union_Thug

    Bleeps with the fishes...


  • Members
  • 2,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:is everything
  • Local time:06:22 AM

Posted 30 August 2015 - 09:00 AM

Go a couple steps further...

 

Run CMD as Administrator:

 

sc stop DiagTrack
sc delete DiagTrack

 

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\Windows\System32>sc stop DiagTrack

SERVICE_NAME: DiagTrack
        TYPE               : 10  WIN32_OWN_PROCESS
        STATE              : 3  STOP_PENDING
                                (STOPPABLE, NOT_PAUSABLE, ACCEPTS_PRESHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x3
        WAIT_HINT          : 0x0

C:\Windows\System32>sc delete DiagTrack
[SC] DeleteService SUCCESS

C:\Windows\System32>

 

 

Then open Task Scheduler; under Task Scheduler Library -> Microsoft delete the following items:

Everything under “Application Experience”
Everything under “Autochk”
Everything under “Customer Experience Improvement Program”
Under “Disk Diagnostic” delete only the “Microsoft-Windows-DiskDiagnosticDataCollector”

Of course this caveat ALWAYS applies: Make proper backups before applying.



#7 arokace

arokace

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:22 AM

Posted 26 October 2017 - 01:14 AM

If you do a search here for "DiagTrack" or "Diag Track" you should find that it is not good. IMHO  I never came across the thread to know about it although it has been around for a while.  It has recently appeared in my Services, so I looked into it.  I have since then disabled ALL (4 of them for me) "Diagnostic Services" off.  But they are tricky ... in Services Properties in the "Recovery" tab they have it arranged so that it will reset after 1 day if you just set it to Stop/Manual.  So I have Stopped and Disabled it, then set all "Failure modes" to "Take No Action' and "reset fail count after:" to 0 days.  No other services are dependent, but it needs Remote Procedure Call to work.  I left Remote Procedure Call alone because it is also used for legitimate services (I think).  At this point MS is the LAST thing I want to listen to for diagnostic advice.  Literally, the last.

-RVAH-12

Sorry for bringing up this old topic.  I was just now looking through some of my services and saw this one, DiagTrack, and looked it up and this was one(or the) first result on google.  And you said that you found 4 instances of it... I can only see one.  I want to make sure that they're all turned off.  Unless all of the 4 services I see with Diagnostic in the beginning all do this but based off of the descriptions of the other 3, they're used for something completely different compared to DiagTrack which specifically says to collect data for Microsoft/Windows.



#8 InquisitiveOne

InquisitiveOne

  • Members
  • 47 posts
  • OFFLINE
  •  
  • Local time:02:22 AM

Posted 26 January 2018 - 03:22 AM

I came across this thread because my computer kept freezing to the point that I had to press the Power button to shut it down and restart it (and I never do that, I always shut down properly).  I turned on Resource Monitor to see what was running the next time this happened.  Sure enough, it happened again and when I looked in Resource Monitor, I found the DiagTrack service running.

If you do a search here for "DiagTrack" or "Diag Track" you should find that it is not good. IMHO  I never came across the thread to know about it although it has been around for a while.  It has recently appeared in my Services, so I looked into it.  I have since then disabled ALL (4 of them for me) "Diagnostic Services" off.  But they are tricky ... in Services Properties in the "Recovery" tab they have it arranged so that it will reset after 1 day if you just set it to Stop/Manual.  So I have Stopped and Disabled it, then set all "Failure modes" to "Take No Action' and "reset fail count after:" to 0 days.  No other services are dependent, but it needs Remote Procedure Call to work.  I left Remote Procedure Call alone because it is also used for legitimate services (I think).  At this point MS is the LAST thing I want to listen to for diagnostic advice.  Literally, the last.

-RVAH-12

So I just completed doing everything mentioned above except I just did it for the 'Diagnostics Tracking Service'.  I did notice there are 3 others:  'Diagnostic Policy Service' 'Diagnostic Service Host' and 'Diagnostic System Host' but I left those alone because I didn't see them running when my computer froze.  Is stopping and disabling the 'Diagnostics Tracking Service' enough or does it somehow start up again somehow?  Was doing the above successful for you RVAH-12?






3 user(s) are reading this topic

0 members, 3 guests, 0 anonymous users