Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

Can NtUninstall folders be deleted?

Question:

I have 75 files in my Windows Directory that look like
$NtUninstallKB885836$. What are these files? Can they be safely deleted?

Well, first, those are folders – not files. Folders, also known as
directories, contain files or other folders.

The clue is that KB part – that stands for KnowledgeBase, and the number
that follows it is a Microsoft Knowledgebase article. The other clue is the
word “Uninstall” in the folder name.

That will help us determine what they are. Whether or not you can delete
them … well, it turns out that’s up to you, once you understand what they’re
for.

Become a Patron of Ask Leo! and go ad-free!

To use the example you’ve provided, Knowledgebase article number 885836 is a
security bulletin: “MS04-041: A vulnerability in WordPad could allow code
execution”. The folder $NtUninstallKB885836$ is created when you download and
install the patch for that vulnerability. That happens either via Automatic
Updates, or by visiting the Windows Update web site and installing the patches
yourself.

If you go to Control Panel, and look Add or Remove
Programs
, you’ll find an entire section there labeled “Windows XP
Software Updates”. In that list you’ll probably find an entry that references
KB885836.

By now, you’ll probably have gathered that the folder $NtUninstallKB885836$
contains the information necessary to uninstall that update.
If you go looking in that folder, you’ll probably find the previous versions of
any files affected by the update, as well as an uninstall program and more than
likely some additional support files.

Can you simply delete the folders?

Yes, if you are positive you’ll never want to uninstall
the associated patch.

“Yes, if you are positive you’ll never
want to uninstall the associated patch.”

A safer approach is the one I outlined in a earlier article Is it safe to delete this file?
back up the folders first. Burn them to CD, copy them to another machine, do
something such that if you find out some time later that deleting them was a
mistake you can get them back.

Then delete them. It’s a fine way to free up some disk space – but probably
not as much as you think. If they’re a different color in Windows Explorer,
ever wonder why? It’s because Windows has compressed them for you. Since they
are used so rarely, compressing the files makes a lot of sense. It does mean,
though, that when you delete them you may not get back as much disk space as
you thought.

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

11 comments on “Can NtUninstall folders be deleted?”

  1. lol…I just checked how much space is used on my computer for those folders….400 folders taking up 390 mb’s, not enough too really worry about.

    Reply
  2. When copying to a dvd several directories were excluded because the burner program complained files in those directories where in use. How come?

    Reply
  3. I backed up the NtUninstall files by year to 7zip compressed files in the Windows directory. The compressed files occupy less than 18% of the space and will be relatively easy to retrieve if needed. This probably isn’t necessary because of the upgrade to SP3 but it is easy.

    Reply
  4. I want to delete these, but not because of the space. I just don’t want to have to scroll down five pages every time I look for something in the Windows directory. Is there a way to make them install themselves into a separate directory when they come in? Like put all the $ntunistall* folders in one “NtUninstall” folder?

    Not automatically, no. But you could do that manually, I suppose.

    -Leo

    Reply
  5. Disks are cheap so it is not the space that bothers me, but the extra time they add to a virus scan. Being in the Windows dir they get scanned even in quick-scan routines. I think I will take Leo’s advice (thanks Leo) and move them to a distant archive disk somewhere.

    Happy New Year to all

    Reply
  6. Leo –

    Most of my Windows Update Uninstaller folders are located in the path mentioned in this article. However, there are several also in the following path: c:\WINDOWS\$MSI31Uninstall_KB… Is it also safe to delete these Uninstaller folders? And if something goes wrong immediately after deletion, can a system restore point resurrect these folders?

    Thanks…

    Reply
  7. There are a lot of regkeys referencing those folders, most of them under HKLMSOFTWAREMicrosoftUpdates\SP{0..n}UninstallCommand. I’m setting up a test W2K3 system and for ezample, after installing W2K3 SP2 the following key was been created: HKEY_LOCAL_MACHINESoftwareMicrosoftUpdatesWindows Server 2003SP2KB914961 containing a number of strings among which there is the UninstallCommand, pointing to D:WINDOWS$NtServicePackUninstall$spuninstspuninst.exe. The same is true for most of the updates installed: in theory I might move all my 100+ $NtUninstall* folders into another partition/disk and remap all the related UninstallCommand to point to the new location and Windows would have nothing to complain, but it might be a tedious job… Anybody knows about a tool to move such pervasive folders?

    Reply
  8. There is a program to safely remove these folders which also adjust the corresponding registry entry as well.

    Best tip on which to delete would be any folders that is older than a few weeks, in case a recent update needs rolling back.

    Remember: This is a one-way operation. If you remove the Hotfix backup files and the Registry entries, it cannot be undone, unless you back up these items manually.
    Note this program will let you uninstall as well as remove the backup folder so choose the right option.
    Link: http://www.tech-pro.net/windows-update-remover.html

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.