I will start this entry by clearly expressing that I am most displeased with Microsoft’s approach to foisting Windows 10 upon the world. I understand car manufacturers constantly bombarding me with advertisements for their new offerings. But if they sent a remote kill command to brick my current car, I would be furious. We should be able to drive the car we bought for as long as we decide to maintain and drive it. It used to be we would complain about manufacturers having planned obsolesce just after the warranty expired. But this takes things to a whole new level.
I know that is not exactly a fair analogy, but emotionally, that is the one I draw.
I had rather hoped that I could reasonably trust Microsoft with updates, but that trust has been betrayed. As in all relationships, I cannot control the other person – all I can control is myself and how I respond. I can choose to forgive Microsoft immediately, but they certainly do not have my trust, nor will they unless they unexpectedly change their ways, which all available evidence indicates that they will not.
Privacy is another thing that has apparently all but gone to the wayside. Here’s an excerpt from ArsTechnica about Windows 10 privacy:
Windows 10, by default, has permission to report a huge amount of data back to Microsoft. By clicking through "Express Settings" during installation, you allow Windows 10 to gather up your contacts, calendar details, text and touch input, location data, and a whole lot more. The OS then sends it all back to Microsoft so that it can be used for personalization and targeted ads.
That sending of data to Microsoft is called “Telemetry”.
As a consultant for small businesses, keeping Windows patched and secured has gotten easier over the years. Windows/Microsoft Update makes keeping client PCs and servers updated far easier. I have not experienced updates really breaking things, so I have not had to centrally control the update process. Sure, on servers and a handful of machines that should not be rebooted, I manually apply updates during off hours. But client machines I set to automatically download and install the latest updates and I haven’t given it a second thought. Until now.
Like most of the rest of the world, I started receiving notifications to reserve my copy of Windows 10. While annoying, the Get Windows 10 (GWX) nag didn’t appear harmful. But two weeks ago clients started commenting about how slow their internet was. Then at home I noticed the same thing. Upon reading various geeky sites, I learned that a specific update (KB3035583) was responsible for downloading and staging the installation files for Windows 10 – to the tune of at least 3 GB per computer! Yikes! When a site has 110 computers, that results in serious downloading congestion. I cannot even imagine what this does to people in other countries where they pay for their data amounts each month, not just wide-open quantities for a fixed monthly price.
Last week I set about intervening in this process at some of my client locations. I started on my own machine.
I first read that I only needed to uninstall KB3035583 by looking at installed updates, scrolling down until I found that one and then uninstall it. Of course, I soon learned firsthand what I was reading online – that these things keep getting reinstalled unless you go to the available updates, right-click on it, then select the Hide option.
Upon further reading, I found that there are multiple updates on Windows 7 that one should uninstall and hide from future installation. There are a couple of different ones for Windows 8/8.1, too.
For the one or two computers at home or small client locations, I manually uninstall them using the following procedures that one can find any number of places on the internet.
Turn off automatic updating of Windows by Microsoft
Go to the Start Menu.
Click on All Programs
Select Windows Update
Select Change settings.
Select Check for updates but let me choose whether to download and install them.
Detect which of the offending updates have already been installed on the computer.
Click on Start Menu.
In Search programs and files box at the bottom, type in Powershell and hit enter.
In another window, I have saved a text file I made from commands copied and pasted from other people’s blogs on the same topic. I highlight the following text and copy it:
get-hotfix -id KB3035583,KB2952664,KB2976978,KB3021917,KB3044374,KB2990214
I click in the Powershell window to make that the active program, then I simply right-click my mouse. That pastes the text into Powershell and runs the command.
I wait a little while, depending on the speed of the computer, and eventually a list of the installed offending updates are returned
Uninstall the offending updates
Open a command prompt as an administrator by click on Start Menu, going to All Programs, opening folder Accessories, putting mouse pointer over Command Prompt, then right-clicking.
Select Run as administrator
A new command prompt window appears.
I go back to my text file, then highlight and copy the following text
wusa /uninstall /kb:2952664
Select the command prompt window, then right-click, then select Paste.
Then hit enter on the keyboard and the command runs.
The computer does a search for installed updates. It finds it and then a window appears prompting whether I want to uninstall it. Sometimes I wish there was an option beyond just Yes and No that said something besides Yes but really just meant Yes. Like “Get it off right now!” Just click Yes.
It quickly uninstalls and then a notification window appears informing of the need to restart Windows. Choose Restart Later and continue.
With the command prompt window still active, press the up arrow on the keyboard. The previous command appears.
Backspace to delete the numbers, then type in the numbers of the next update shown in the report from the Powershell window.
Continue this until all of the updates have been uninstalled. On the last of the list, I do allow the immediate reboot.
Test for recurrence
On some computers, I’ve found that the update uninstall process takes a couple of runs to really get it all out. I don’t know why this is and it may have to do with the order of uninstalling or me not patiently rebooting after each uninstallation. I redo the check for installed updates and uninstall the remaining ones again. Reboot, check again.
I’ve found that two uninstalls of KB3035583 and then the Get Windows 10 icon in the system tray by the clock disappears.
Hide the updates so they don’t reinstall
Once none of the offending updates are installed, go to Windows Update.
Check both the critical updates and optional updates. Look for the KB numbers and right-click on the offending ones just removed.
Select Hide for each one. That tells Windows Update NOT to install those updates again
In theory, this should stop the computer from getting Windows 10-related stuff pushed to it.
Once the updates are uninstalled, there is still the matter of having at least 3 GB of data on the drive that doesn’t need to be there. The easiest way is to get to your C:\, right-click on it, select Properties.
In the window that appears, select Disk Cleanup. That runs a program that will analyze files that could be deleted to free up drive space. In the bottom left of that results window, select Clean up system files. That reruns the analysis looking for system files, too. It’s in the Windows Update Cleanup where all of the Windows 10 files are hidden, if they already were downloaded.
On my computer, I had 6.9 GB of files already downloaded. Finish the clean-up process by clicking OK and you can close out of the remaining windows.
There is a computer program written to automatically do this for a user, but when I last checked, it only addressed KB3035583. The above method is the more manual way of getting it done, but then I am assured all of the offending updates are removed.
The following information is for geekier people, so I won’t take the time with step-by-step instructions with screen snapshots.
While the above process works, it certainly is not the way to go for companies with many computers. For those situations, I’ve been deploying WSUS, which some would argue I should have done previously anyway. Having multiple clients and networks to administer, I used to do this, but found that approving/declining updates was a tedious task and clients pay for my time and internet bandwidth is abundant here, so I just let Windows Update do its thing automatically. For the few that did have WSUS already deployed, their installations were set to automatically approve critical updates anyway, so I didn’t see the big point in taking the time and charging my clients for me to deploy WSUS. Well, now that has changed.
I deploy WSUS and a GPO. I then install the free version of PDQ Inventory from Admin Arsenal. I get a list of computers from the Active Directory, then I run an inventory. While that is taking place, I create a dynamic collection.
As computers complete their inventory, this dynamic collection is populated with the machines it finds to have KB3035583 installed. Actually, I run the dynamic collection in order of the KB numbers that I uninstall manually.
Once the inventories are completed and the dynamic collection is settled, I highlight the machines, then go to Tools, then run a Remote Command. The remote command is pretty close to what I did manually on the machines, except I add /quiet /norestart at the end.
Wusa /uninstall /kb:2952664 /quiet /norestart
I give that some time to run, then proceed to change the dynamic collection’s Hot Fix detection value to the next number and repeat the process.
On the last one, 3035583, I do restart the machine. I did this after hours and applied the /forcerestart switch. From a command line you can do wusa /? and that will show you the restart options you have available. Select the one that best suits your organization’s needs.
Upon computer reboots, I reinventory them, check for those that still need an update uninstalled, and keep going through the process until all are clear.
For the computers that I asked to be left on when everyone left, I even sent a shutdown command when I was done so all the computers were nicely turned off when I was done. Admin Arsenal makes some really handy and well-thought-out software! I highly recommend it. I am extremely thankful for their free version that allows us to mop up this Windows 10 foisting nonsense.
To solve this even easier, one client paid the $250 for the PDQ Deploy Pro at their site. Admin Arsenal created a package that not only removes all of these updates, but also modifies the registry to ensure the recently-altered Telemetry is disabled.
From what I understand, Microsoft has taken the “wonderful” telemetry technology of Windows 10 and modified it as updates to Windows 7, 8 and 8.1. The Deploy Pro package addresses all of this easily and at one time. I believe it is well worth the price for their software and will wholeheartedly encourage all of my clients with corporate networks to obtain this software immediately!
I hope this has helped at least one other person save time getting rid of this Microsoft-induced infestation of otherwise good computers.