Showing posts with label skype. Show all posts
Showing posts with label skype. Show all posts

Monday, August 24, 2015

HOWTO Remove KB2876229 - the sneaky Skype 7 Windows "Update"

A ton of Skype users were unhappy with the update from Skype 6.x to 7.x. Most of what I have seen is complaining about a few minor changes to the user interface. In the usual baby/bathwater situation that follows this sort of thing, "Power Users" began circulating guides on how to modify hosts files to prevent TCP connections to skype and msn domains. You know, because making sure you have the correct proportion of whitespace is more important than stupid trivia like patching critical security vulnerabilities.

To address this madness, Microsoft decided to get clever. In addition to sending the Skype 7 update through the Skype application and related packages like Lync, they would push it through as a Windows update - KB2876229. The Skype application updates are pushed through * and *, while Windows updates come from domains like *, * and * The looks over substance crowd hadn't yet reached the levels of derp required to break Windows Update and the Metro app interface in order to preserve their precious outdated GUI. The vast majority of users process Windows Updates automatically; even those who process the updates manually don't look too closely on non-commercial machines.

Adding insult to irritation, Microsoft decided to push this update to machines that did not have Skype installed. The technical term for this sort of distribution is "dick move".

It was through this trickery that Skype found its way onto one of my machines. Unlike those worried about the update, I don't want and never have wanted anything to do with Skype - and not because of how it looks, either. Finding Skype on one of my computers was like finding a lump on one of my testicles: I wished very much that it had never been there, but lacking that I just wanted it to disappear.

I thought the easiest course of action was to just delete the update. Skype announced its poisonous toxic infection almost immediately, and I could see the update easily within "Control Panel\All Control Panel Items\Windows Update\View update history". The typical command for managing Windows Update is "wusa", so I gave the command to burn Skype with righteous fire:

> wusa /uninstall /kb:2876229

Instead of making quick work of Skype, I was presented with an error message that through me through a loop:

Joshua Wieder - KB2876229

I tried to remove KB2876229 through the GUI by navigating to "Control Panel\All Control Panel Items\Windows Update\Installed Updates", but KB2876229 did not appear anywhere in Installed Updates. Just to make sure I wasn't going nuts, I confirmed that this whole thing wasn't some sort of fever dream by double checking the details of the KB in "View update history".

Joshua Wieder Skype Update Error

Now convinced that Windows was the crazy one, it took me a moment to determine why my operating system was fighting me on this.

As I mentioned earlier, Skype had not been installed on my system prior to KB2876229 - the KB was not an update to an existing application, it was an installation of  new program. It dawned on me that I should just uninstall it normally, through the Control Panel's "Add or Remove Programs".

Sure enough, that worked ... to an extent. Uninstalling leaves behind a ton of registry keys and files. A few of these remaining bits of garbage that are particularly troubling are:

     - Firewall rule exclusions for Skype
     - Skype remains in the Startup Approved list enabling an application to run immediately at boot
     - A bunch of parameters are left behind for the SkypeUpdate service
     - Skype remains the default IM provider
     - Calls to two DLLs remain: SkypeIEPlugin.dll & SkypePNR.dll

There is a whole lot of other needless trash that is left behind as well, but registry junk is a fact of life with Windows so a lot of stuff I won't stress too much - like Internet Explorer extension capability, URL associations, spammy entries in browser bookmarks, an application-specific certificate, etc.

Windows behavior continues to get more and more underhanded. Now is a great time for personal users to jump off the Microsoft mothership.

Saturday, March 9, 2013

Weekly Links 3/4/13

Fast Company - The Vatican has selected EMC to source roughly 2.8 Petabytes of storage for a project to digitize the Vatican library, home to over 1 million books.

Business Week - Skype service in China is actively monitored for certain key phrases that are offensive to the state. When a user inputs these phrases, the conversation is forwarded to Chinese intelligence. Skype is currently owned by Microsoft, and in China is partnered with TOM Online to provide service in the region (like India, China requires foreign entities to be minority stake holders with a domestic corporation in order to do business). Microsoft has not responded to requests to clarify the surveillance features in Skype beyond saying that they adhere to Chinese law when operating there. No word yet on whether American users are monitored as well (at this point, I would be more shocked if they were not) - the Chinese program bears striking similarity to the NSA program that became public shortly after 9/11, at least functionally.

Popehat - A disgraced copyright troll from Indiana has relocated to Florida and begun to stir up rumors of practicing law without a license, leading to at least one Florida judge dismissing a suit and claiming during her finding that a fraud had been committed against the court by the appellant / copyright complainant. Subpoenas are beginning to fly, to Wordpress no less, regarding bloggers who have written about the issue (see: Streisand Effect). Note that these particular copyright trolls are not technology companies - they are pornographers. There has been a strange relationship brewing between pornographers and technology patent defenders over the last few years as they are both extremely litigious and responsible for a substantial amount of the recent case law in this area not handled by the RIAA and affiliates.

RAT Bastard

Earlier this week, several servers I maintain were targeted by automated attempts to upload a remote access trojan (RAT). The RAT is a simpl...