How to avoid being "upgraded to Win 10" against your will?

Discussion in 'Interesting/Unrelated' started by bphlpt, Apr 13, 2015.

  1. bphlpt

    bphlpt A lowly staff member Staff Member

    This comes from our good friends over at MSFN. I felt this was an important enough issue to be quoted directly here. I would suggest that users not install these updates and/or share info back to MS unless that was indeed what they wanted and intended to do. Forewarned is forearmed!

    [quote "dencorso"]
    KB2952664
    "Compatibility update for upgrading Windows 7"
    This update helps Microsoft make improvements to the current operating system in order to ease the upgrade experience to the latest version of Windows.

    KB2976978
    "Compatibility update for Windows 8.1 and Windows 8"
    Describes an update that improves the compatibility and upgrade experience in Windows 8.1 and Windows 8
    This update performs diagnostics on the Windows systems that participate in the Windows Customer Experience Improvement Program in order to determine whether compatibility issues may be encountered when the latest Windows operating system is installed. This update will help Microsoft and its partners ensure compatibility for customers who are seeking to install the latest Windows operating system.

    KB2990214
    This is the Windows 10 Technical Preview itself !!!

    KB3021917
    "Update to Windows 7 SP1 for performance improvements"
    This update performs diagnostics in Windows 7 Service Pack 1 (SP1) in order to determine whether performance issues may be encountered when the latest Windows operating system is installed. Telemetry is sent back to Microsoft for those computers that participate in the Windows Customer Experience Improvement Program (CEIP). This update will help Microsoft and its partners deliver better system performance for customers who are seeking to install the latest Windows operating system.

    KB3035583
    "Update enables additional capabilities for Windows Update notifications in Windows 8.1 and Windows 7 SP1"
    This update enables additional capabilities for Windows Update notifications when new updates are available to the user. It applies to a computer that is running Windows 8.1 or Windows 7 Service Pack 1 (SP1). Before you install this update, check out the Prerequisites section.

    KB3044374
    "Update that supports you to upgrade from Windows 8.1 or Windows Server 2012 R2 to a later version of Windows"
    ...an update that supports you to upgrade from Windows 8.1 or Windows Server 2012 R2 to a later version of Windows. This update has prerequisites.

    This list intends to cover both Windows 7 and 8. Some of the updates listed are offered to either 7 or 8, while others are offered to both. This list is a work in progress, which tends to grow with time. My main intent here is just to keep all relevant info as together as possible, for easy reference. Of course, the idea for this sticky post came from NoelC's post I quoted at the top of this very post.

    [/quote]

    Many thanks to NoelC for raising the issue and to dencorso for putting this summary together.

    Cheers and Regards
     
  2. Trouba

    Trouba Administrator Staff Member

    So what does this mean? What it in the Prerequisites section should tell us anything, and what is it that it is telling? I read it and am not sure what the problem is, unless people are implying that it installs specific files that are not part of the OS originally -- which is not clear. Thanks...

    Otherwise, upgrade type updates should always be ignored. I guess the "update for performance improvements" is not an issue since no one would be enrolled in CEIP that would be worried about updates like these. Avoiding upgrading to Windows 10 is a bit redundant if you don't want to upgrade to Windows 10, but OK :D
     
  3. bphlpt

    bphlpt A lowly staff member Staff Member

    From http://www.msfn.org/board/topic/173719-did-you-get-windows-update-kb3035583-recently/


     
  4. Trouba

    Trouba Administrator Staff Member

    So it does install extra files for upgrading only, that KB3035583. OK, that one is blacklisted :)

    The reason I hate this is because there is no fool-proof way to hide updates when you make images. You can include a certain file that is a log of hidden updates (so they won't show) but cleaners can remove that, causing certain updates to be offered again. So for the regular user it's not going to be effective and so this will only apply to people constantly monitoring their systems. Sometimes I think it's better to just not run WU on people's systems at all, but that can cause problems too. Sometimes MS has the good sense to not push certain updates through WU but that doesn't seem to be the case with these. They are going to make using Win7 annoying...
     
  5. bphlpt

    bphlpt A lowly staff member Staff Member

    Yeah. I set WU to notify only, then wait a week or two after they come out to see if any gotcha's are reported before I install the updates. Other than doing a lot of reading about other's experiences, I don't know how the regular user can possibly handle all of the updates and policy changes from MS. And the rate they have started to make flubbed updates hasn't helped.

    There might be some cleaners that can remove lists of hidden updates, but CCleaner has left mine alone, at least so far.
     
  6. Trouba

    Trouba Administrator Staff Member

    Hehe, yeah. Normally, before finalizing sysprep'd images I run CCleaner (with some extra options selected) and some scripts and this cleans out hidden update history. I haven't figured out which setting or script exactly is causing that, but it would be nice to know because when you make updated images it's kind of nice to have WU not offer anything (unless new updates have come out since) :geek:

    Patch Tuesday again tomorrow -- hold on to your hat :D
     
  7. bphlpt

    bphlpt A lowly staff member Staff Member

    You might check this out - http://www.msfn.org/board/topic/163162-hide-bing-desktop-and-other-windows-updates/

    I have not used it, but the way I understand it, you could keep your clean up routine the same, and then run this script, modified for the updates you want to hide, at first desktop on the new install (?) [ I think it needs internet access when it runs.]

    If you can set it up appropriately, this might be something to add to the LastOS tweaks app? Just a thought.
     
    The Freezer likes this.
  8. bphlpt

    bphlpt A lowly staff member Staff Member

    KB3044374 added to the OP.
     
  9. The Freezer

    The Freezer Just this guy, you know Staff Member

    Interestingly, XP is not "targeted".
     
  10. Trouba

    Trouba Administrator Staff Member

    That's probably because they assume XP users have older hardware or something. Or that if you use XP and have somehow not upgraded to Vista, Win7, Win8, Win8.1, then Win10 probably isn't going to do it for you either :D
     
    Glenn and The Freezer like this.
  11. Glenn

    Glenn Administrator Staff Member

    XP reminds me of BC when referring to dates and it's starting to feel like they happened at the same time because XP was a lifetime ago for me.
     
  12. Trouba

    Trouba Administrator Staff Member

    BC, so that could be around the time of Alexander the Great, also known as "Xander." Maybe XP stands for "Xander PerĂ­odos" :D
     
    Glenn likes this.
  13. The Freezer

    The Freezer Just this guy, you know Staff Member

    So I see something like this:
    https://technet.microsoft.com/library/security/MS15-034
    And I wonder does this affect XP/2003 (which I have a number of systems running on)? Or is MS is not reporting these vulnerabilities because NT5 is no longer supported? It can cook one's noodle... :what:
     
    Last edited: Apr 15, 2015
    Glenn likes this.
  14. Glenn

    Glenn Administrator Staff Member

    too true, it makes you wonder, I imagine if you keep SOX philosophy you'll be fairly safe regardless as most malware will use one of these open entry points and then try to use ie frames or any part of IE and go where the hell is it :D
     
  15. -c0dez3ro-

    -c0dez3ro- Moderator Staff Member

    i tried running the file GWXUXWorker.exe just to see what would happen and nothning happened
     
  16. Trouba

    Trouba Administrator Staff Member

    You probably found a bug, c0de :lol:
     
    -c0dez3ro- likes this.
  17. -c0dez3ro-

    -c0dez3ro- Moderator Staff Member

    haha well i am known as the Bug-Man
     
    Trouba likes this.
  18. Trouba

    Trouba Administrator Staff Member

    The log file that contains hidden updates info is located at Windows\SoftwareDistribution\DataStore\ and is in the form of a (large) .edb file. Due to its size (before finalizing sysprep it was a little under 600mb for me on a Win7 install) it's not really practical to keep it as part of updated images. So it looks like the only solution would be to run that script you mentioned above, although it has some drawbacks like requiring internet access. Personally, I feel more inclined to just run WU post-install and manually hide those updates as that .edb file gets re-created anyway (even if removed from the image). If I would install a PC for another person, I could do the same thing. If the other person would be able to install him/herself but doesn't care about such things, well then I'm not going to lose sleep over it. Initially I had thought it might have been a simple matter like saving a small .log file that contained hidden update info, but unfortunately that is not the case.
     
    bphlpt likes this.
  19. Glenn

    Glenn Administrator Staff Member

    I think a better alternative would be to actually install the updates within sysprep, delete the files/services/scheduled tasks it creates, that way you don't need the .edb file, windows update will ignore them and no system changes will be left behind where it might possibly ask you to upgrade to win 10. Well that's my thoughts into it anyways.
     
    Trouba likes this.
  20. Trouba

    Trouba Administrator Staff Member

    Hmm, that idea might work, Glenn. I'll look into it.
     
  21. Trouba

    Trouba Administrator Staff Member

    I'm not sure if this update stuff could be figured out the way you proposed, Glenn, but what I did in the mean time on the updated Win7 images I just made was to install those updates, and then uninstall them. This will cause them to list in cursive in WU, which will make it easier to identify and hide them on installs from those images.

    BTW, whenever you make updated images/mods again, besides the SoftwareDistribution folder deletion, you can also delete the .bin file in winsxs\ManifestCache. If you use the next version of NTLite it can delete this for you; but due to a bug in NTLite which I discovered the other day it won't delete that .bin file. It's already fixed but the current .2861 version on the site won't delete it. In my case the .bin file for x64 was around 160mb so not peanuts.
     
    Glenn likes this.
  22. Trouba

    Trouba Administrator Staff Member

    Glenn, one more thing: Since you also use sysprep, after you finalize and then mount the VHD with Disk Management, you can actually delete files from that mounted VHD directly (so right before you capture). You need to have Unlocker or a similar app installed to be able to delete certain types of files, but it will work. Sure beats having to mount the install.wim later on, especially if it's for a full image you won't run NTLite on.

    On the subject of NTLite and install.wim's, If you have additional removals you'd like to do after NTLite, you can delete those things as NTlite has the image mounted. NTLite uses the temp directory to mount the volumes (AppData\Local\Temp) so while it has a wim mounted, you can also remove stuff then (again Unlocker or similar will be required).

    There are always a few things NTLite does not support removals for so I manually delete those files. So the above methods will come in handy either when using NTLite or just making full images from which you want to remove cache type files, etc.
     

Share This Page