What is devicecensus.exe on Windows 10 and why does it need Internet connectivity? - gHacks Tech News

ADVERTISEMENT

What is devicecensus.exe on Windows 10 and why does it need Internet connectivity?

If you are using a firewall on your Windows 10 PCs and have configured the protective layer to inform you about new processes that try to establish outbound connections, you may have noticed that a program called devicecensus.exe attempting to establish a connection regularly.

I noticed the process on a Windows 10 version 1809 machine. The process would try to establish an Internet connection shortly after startup.

A few questions may come to mind:

  • Is devicecensus.exe a legitimate process?
  • Why does it require Internet connectivity?
  • Is it related to Telemetry?
  • What kind of information is it transmitting?

What is devicecensus.exe on Windows 10?

devicecensus.exe process windows 10

The program devicecensus.exe is a legitimate Windows file provided that it is signed by Microsoft and found in the folder C:\Windows\System32 (the Windows installation location may vary depending on how this was set up during installation).

Users or system administrators cannot delete or rename the file in the location.

The process is started by a scheduled task that is run once per day. The task was set to run at 3:00 AM every day and by custom triggers as well on a test machine running Windows 10 version 1809.

devicecensus task

You may check the task in the following way:

  1. Open the Start Menu.
  2. Type Task Scheduler and load the result once search results are displayed.
  3. Go to Task Scheduler Library > Microsoft > Windows > Device Information
  4. There you should find a single task called Device.

If you check under the Actions tab, you will find devicecensus.exe listed there as the action.

Tip: system administrators may right-click on the task and select disable to turn it off.

The process appears to have been a part of Windows 10 for some releases including Windows 10 version 1803 and 1809. It caused several issues in the past that Windows users reported including:

  • Trying to access the webcam of the system.
  • Reliability History reporting it as stopped working regularly.

A Microsoft support agent provided the following information in June 2017 about devicecensus,exe on the company's Microsoft Answers support forum:

In order to target builds to your machine, we need to know a few important things:

  • - OS type (home, pro, enterprise, etc.)
  • - region
  • - language
  • - x86 or x64
  • - selected Insider ring
  • - (etc)

This is the background process that runs to check your machine and tell us which build we should send to you. :)

The process submits information about the operating system to Microsoft and Microsoft stated that the information is used to target builds.

Is devicecensus.exe needed to use Windows Update?

Microsoft stated that it uses the information to target builds to systems. Does it mean that systems won't receive updates when you disable the task from running or block it from connecting to the Internet?

To find out, I uninstalled the latest cumulative update that was installed on the system. I fired up Windows Update after the required restart and the update was offered to the system when I did so.

I did not test if devicecensus.exe is required for feature updates or Windows Insider builds. It is possible that Microsoft uses it for these but it is easy enough to enable the task again for that or use third-party means to install the latest feature updates on Windows 10 PCs without using Windows Update at all.

Recommendation: Disable the task or block the outbound connection of the devicecensus.exe task.

Now You: What is your take on the task?

Summary
What is devicecensus.exe on Windows 10 and why does it need Internet connectivity?
Article Name
What is devicecensus.exe on Windows 10 and why does it need Internet connectivity?
Description
The guide provides you with information about the devicecensus.exe process on Windows 10 systems that transfers system data to Microsoft.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Previous Post: «
Next Post: »

Comments

  1. T J said on September 23, 2019 at 10:52 am
    Reply

    @ Martin

    You are using Windows Firewall Control. I’ve used WFC since your report in August 2018. WFC reports any program which attempts to make outbound connections and lets me block or allow them.
    WFC has been a huge help in blocking questionable apps which have (very rarely) sneaked on to my Laptop.

    Thanks Martin

    1. stefann said on September 23, 2019 at 12:06 pm
      Reply

      @T J : How did Windows 10 “sneak” in to Your laptop ????

      1. Lex said on September 23, 2019 at 4:01 pm
        Reply

        Reading comprehension isn’t really your thing, is it?

      2. Ron said on September 23, 2019 at 4:33 pm
        Reply

        And irony isn’t really your thing, is it?

      3. T J said on September 23, 2019 at 5:00 pm
        Reply

        @ stefann

        LOL :)

  2. JohnIL said on September 23, 2019 at 11:38 am
    Reply

    Just the name alone would indicate a inquiry into gathering info on the device. Possibly for driver updates or verifying you have the necessary criteria for a certain update. Such as using this as a tool to determine if a block is required for a certain device. I see Windows 10 as a micro managed attempt from Microsoft to better update the vast differences in devices out in the ecosystem. I am not sure that it has really helped? But I guess give Microsoft a C for effort. Knowing more about how each device is setup should help, but has that translated into better update stability is somewhat questionable.

  3. JohnIL said on September 23, 2019 at 11:38 am
    Reply

    Just the name alone would indicate a inquiry into gathering info on the device. Possibly for driver updates or verifying you have the necessary criteria for a certain update. Such as using this as a tool to determine if a block is required for a certain device. I see Windows 10 as a micro managed attempt from Microsoft to better update the vast differences in devices out in the ecosystem. I am not sure that it has really helped? But I guess give Microsoft a C for effort. Knowing more about how each device is setup should help, but has that translated into better update stability is somewhat questionable.

  4. Anonymous said on September 23, 2019 at 1:01 pm
    Reply

    Fortunately I wrote a script that delete ALL schedulled tasks.
    All tasks are useless to me and I PROUDLY don’t use antivirus.

    This paranoic generation is worried about security for no reason.

    1. ULBoom said on September 23, 2019 at 8:44 pm
      Reply

      I wrote two, one that deletes the entire OS at shutdown and another that reinstalls it on startup.

      Better safe than sorry; belt, suspenders and hip boots for me!

      No more tin foil hat needed; those things get hot.

  5. Dave said on September 23, 2019 at 2:49 pm
    Reply

    I blocked it an disabled the task when it came up.

  6. Anonymous said on September 23, 2019 at 2:58 pm
    Reply

    Another “feature”? Sounds like disguised telemetry to me. No thank you.

  7. Quenllian said on September 23, 2019 at 2:58 pm
    Reply

    Unfortunately, it’s one of those scheduled tasks which re-enable themselves automatically. Couldn’t figure out how or when. I accumulated a batch file which supposedly takes care of such things, and I use it after every update. So it’s not just that. I’m getting really tired of hunting down new home calling crap with every freaking Windows version.

    I’m on 1903 and I discovered it first on 1809. My firewall blocks it since. I didn’t notice any ill effects so far.

  8. Denn said on September 23, 2019 at 3:31 pm
    Reply

    What’s the firewall application you’re using in the screenshot?

    1. Martin Brinkmann said on September 23, 2019 at 3:47 pm
      Reply

      It is Windows Firewall Control. See our review here: https://www.ghacks.net/2009/11/09/windows-7-firewall-control/

      1. Denn said on September 23, 2019 at 9:46 pm
        Reply

        Thank you Martin!

  9. VioletMoon said on September 23, 2019 at 8:36 pm
    Reply

    The article informs readers of the result from a micro-sample population test (one user) who, reportedly, uninstalled one cumulative update after deleting a scheduled task created by Microsoft, a task that may or may not be involved [the sources are murky] with update checking/installing in version 1809 of Windows 10, a task named “devicecensus.exe.”

    It then chronciles the successful reinstall of the aforementioned cumulative update that had been purposely uninstalled for the test even though the scheduled task–devicecensus.exe–that was supposedly required to allow such updating success was deleted/disabled/vaporized by the user.

    Therefore, it was determined, that all users of version 1809 Windows 10 should follow the carefully outlined procedure to delete the scheduled task since the task sends information to Microsoft and could be jeopardizing the privacy of users.

    It’s this type of reasoning that usually spells trouble for users later down the road when they want to upgrade to a new version: They have “opitimized” their performance and privacy settings to the extent that Windows can’t upgrade correctly.

    I would venture to say that 95% of the problems Windows’ users have, problems that are reported quite often, are the sole result of so many users tinkering with settings that Windows needs to successfully continue to run and update and upgrade.

    Just a thought . . . .

    1. Anonymous said on September 24, 2019 at 4:04 am
      Reply

      Not our problem. Windows is horribly designed and dishonest. If it wasn’t full of spyware and bloatware that is FORCED on users by Microsoft people wouldn’t go to so much trouble to disable it. Microsoft has no excuse for it’s malevolent, self-serving behavior.

  10. SpywareFan said on September 24, 2019 at 9:26 am
    Reply

    What is devicecensus.exe? https://en.wikipedia.org/wiki/Spyware

  11. steve#99 said on September 24, 2019 at 3:11 pm
    Reply

    After activating windows and then setting it up for privacy, MS never sees a box I setup again, ever.

    I also like to disable Task Scheduler with extreme prejudice. First, I delete all files in the below dirs and all sub dirs: one of which is where the individual Tasks that appear inside of Task Scheduler (I forget which dir actually contains the TS files because they were deleted a long time ago)…

    C:\Windows\Tasks
    C:\Windows\System32\Tasks

    I next go into this reg key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Schedule
    Set permissions to take ownership and full control of it, and set the “Start” parm appearing under that key to a value of 4 – which means do not start. Upon the next boot, Task Scheduler will be completely disabled.

    Caveat: You loose a few Windows features doing this, such as automated backup/restore points, defrag via disk tools pane, etc… But there are easy workarounds, such as running defrag from the cli etc.

  12. Yuliya said on September 26, 2019 at 12:20 am
    Reply

    I have the task in LTSC (and the exe file I can see it if I search system-wide via Everything). The task however has never run by the looks of it. I don’t know if it’s either not supposed to or something related to the way I have configured the OS.

    1. Yuliya said on September 26, 2019 at 12:22 am
      Reply

      Btw, I disabled the task, it was enabled by default.

  13. Peter Newton said on September 29, 2019 at 6:03 pm
    Reply

    Hi all

    My God ! I find this funny ! The name of the file is enough to tell you what you need to know about it, without any speculation involved ! Considering the volume of information which Microsoft has already collected about its users, I would classify this as MILD in comparison.

    Given, the chequered history of Microshaft’s telemetry and security, what strikes me, is how this could be turned into a security risk, if it were appropriately modified by a malicious party, its a perfect template for this purpose, as are all telemetry based applications embedded in the Win10.

    Perhaps, if Microshaft were not so telemetry hungry, these sorts of problems would be reduced significantly, do they care ? probably not, as long as the landslides of cash keep rolling in.

    The least that they could do, is try to ensure the security of their users when submitting telemetry, I don’t know if this already exists, I don’t use Winblows, but I will hazard a guess that it does not, because it would incur more expense, and like all vampiric corporations they live by “minimum investment for maximum return”.

    I wonder how many other little known, embedded, and hidden telemetry services, working in the background, could be used as malicious templates, for compromising user security ?

    Makes you wonder doesn’t it ?

    Peter Newton [London UK]

  14. KovalevM said on October 10, 2019 at 11:42 pm
    Reply

    On 1803 there’s another app by Microsoft called compattelrunner.exe that wants to connect to the internet as well. Anybody know what it is?

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.