pcalvert

This program might save you a lot of aggravation: Portable Update. It's what I use. I never use Windows Update or automatic updates. Here's another program that might be useful: ABC-Update. I haven't used that one yet, but I have at least one idea on how I might use it. Since it's a command-line utility, I was thinking of creating a batch file that uses ABC-Update to uninstall all of the suspect updates that are listed on the first page of this thread. Phil

I believe that Woody may have the answer: Phil

Or use both. I like the extra control (and capabilities) that running Windows in a virtual machine gives me. For example, I can easily (and conveniently) deny Windows internet access and enable it only when I need it. There are also other options. Like this one: ReactOS 0.4 brings open source Windows closer to reality Thanks to the direction that Microsoft has been moving in, I believe that project is likely to see an increase in donations in the coming years. Phil

That may be so, but they are not free. Crystal Anti-Exploit is free, and it seems to be very strong protection (perhaps too strong in some cases). I tested Crystal Anti-Exploit using SurfRight's Exploit Test Tool, and it failed to block only two of the tests. Phil

Instead of EMET I use Crystal Anti-Exploit. It seems to offer far better protection on Windows XP than EMET. Unfortunately, some web browsers malfunction or act rather sluggish when protected by Crystal Anti-Exploit. You can read a tutorial and some discussion about it here. Phil

I just found this article while doing research on the Windows 10 issue: Banishing 'Get Windows 10' nagware isn't as easy as you think There's some very interesting (and useful) information in that article. Phil

A friend sent this to me today: Microsoft Reveals Real Cost Of 'Free' Windows 10 Phil

Do we need to do both of those things, or is running Cert_Updater.exe enough? Phil

Yup. And here's another option which looks very cool: Qubes OS.

Hi Dave, Thanks for the advice. I installed all but the most recent ones -- the six updates that were released within the last three months. So far, so good. Now I guess I'll make an image backup of the OS and then go ahead and install the remaing six updates. Phil

If you were to run Windows XP in a virtual machine then it wouldn't matter. And there are enough other advantages to this approach to make it an attractive solution. Phil

I just applied the POSReady 2009 registry tweak and now there are 43 updates ready to be downloaded and installed. Would it be safe to go ahead and install all of them? Phil

The first step in the recovery process is to clone those partitions, saving the data as raw image files. Then make copies of those image files and perform the data recovery on the copies. That way, if you mess up you won't cause further damage, and you can try different data recovery techniques (if desired) by starting over with a fresh copy of the file system. Phil

Supposedly, you have a 30-day period in which you can uninstall the upgrade and "roll back" to your previous OS. After that, going back is more involved (i.e., reinstall from scratch, restore from disk image backup). Phil

I believe that this solution may work for you: http://www.msfn.org/board/topic/173752-how-to-avoid-being-upgraded-to-win-10-against-your-will/page-5#entry1104263 Phil

This program might help: http://www.portableupdate.com/ You can use it to search for updates. If it finds any, you can then download them and install them manually. Phil

This is what I use: http://www.portableupdate.com/ Phil

When used on newer versions of Windows, such as Windows 7 and Windows 8, does Batch Patcher use DISM to install the updates? Phil

Yes, there is a capicom.dll in the system32 folder. But another thing that's strange is that it appears to already be at version 2.1.0.2. Out of curiosity, I went ahead and installed the update. The DLL in the update appears to be identical to the one in the system32 directory (identical SHA1 values). Phil

Yesterday I ran MBSA 2.3 on a recently-installed Windows 8.1 Enterprise system (32-bit). Two of the suggested updates seem a little peculiar: capicom-kb931906-v2102 and msxml6-kb925673-enu-x86. The reason they seem peculiar to me is their age -- the dates on those files are 05/01/2007 and 10/09/2006 (MM-DD-YYYY), respectively. Here is some more info: Ref: http://www.microsoft.com/en-us/download/details.aspx?id=3207 Ref: http://www.microsoft.com/en-us/download/details.aspx?id=9528 Any thoughts? Phil

Hi bphlpt, Thank you for your suggestions. I had been thinking I'd slipstream updates and (maybe) hotfixes using HFSLIP and then use nLite to remove unwanted software and add some tweaks, but then I began wondering if that approach is really such a good idea. If there is at least one good reason to use both, then I'll consider it; otherwise, I am inclined to use only one tool (nLite). I figure I'm less likely to run into problems that way. Phil

Thanks for the suggestions. It's unfortunate that we are forced to extract the updates to see what is in them. However, 7-Zip does seem to work on at least some updates for older versions of Windows (pre-Win2K?). Example: 7z t WindowsNT4Workstation-KB841872-x86-ENU.exe7-Zip 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18p7zip Version 9.20 (locale=en_US.utf8,Utf16=on,HugeFiles=on,2 CPUs)Processing archive: WindowsNT4Workstation-KB841872-x86-ENU.exeTesting hotfix.exeTesting psxss.exeTesting hotfix.infEverything is OkFiles: 3Size: 198518Compressed: 119104That will come in handy if I ever get around to experimenting with Windows NT 4.0. Phil

Is there a way to test updates or list their contents without expanding them? I was planning to use 7-Zip for this purpose, but it doesn't work. Example: 7z t windowsxp-kb2115168-x86-enu_675e6a32a90807671042e4de6b1f10a2fd82b157.exe7-Zip 9.20 Copyright (c) 1999-2010 Igor Pavlov 2010-11-18p7zip Version 9.20 (locale=en_US.utf8,Utf16=on,HugeFiles=on,2 CPUs)Processing archive: windowsxp-kb2115168-x86-enu_675e6a32a90807671042e4de6b1f10a2fd82b157.exeTesting _sfx_manifest_Testing update/update.verTesting _sfx_.dllTesting _sfx_0008._pTesting _sfx_0009._pTesting _sfx_0010._pTesting _sfx_0001._pTesting _sfx_0003._pTesting _sfx_0006._pTesting _sfx_0007._pTesting _sfx_0012._pTesting _sfx_0000._pTesting _sfx_0011._pTesting _sfx_0005._pTesting _sfx_0004._pTesting _sfx_0002._pEverything is OkFiles: 16Size: 521380Compressed: 552832 Being able to test an update would be ideal, but is not a requirement. I mainly want to be able to list the contents. Phil

Thanks for the explanation. Phil

I've been looking at lists of download links for post-SP3 updates and noticed something odd. There appears to be more than one file name (and download URL) for at least some Windows XP updates. Here is one example: 528424 May 22 2008 windowsxp-kb946648-x86-enu_288da0ecf75b20e972ad58dba0a382173b548ec1.exe528424 May 2 2008 WindowsXP-KB946648-x86-ENU.exeMD5: 227ab80b252b3a31657a1b34eef5f5ddSHA1: 288da0ecf75b20e972ad58dba0a382173b548ec1 The above values are the same for both files, confirming that they are identical. Does anyone know why there are two files (and two download URLs) for the same update? Phil