POSReady 2009 updates ported to Windows XP SP3 ENU

[liamZ]

On 18/10/2016 at 10:26 PM, heinoganda said:

New timezone update KB3192321 has been released.

Info: https://support.microsoft.com/en-us/kb/3192321

there's no info about superseded updates, it's not supose to supersede kb3182203 ????

[heinoganda]

KB3192321 (Cumulative time zone update) replaces KB3182203!

The following entry has been added:

HKLM,"%TZROOT%\Turkey Standard Time\Dynamic DST", "2017", 0x1, 4C,FF,FF,FF,00,00,00,00,C4,FF,FF,FF,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00

Edited October 20, 2016 by heinoganda

[5eraph]

Additionally, the following entries have changed between KB3182203 and KB3192321:

     HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones","TZVersion",0x00010001,
          02,04,e0,07  -->  00,05,e0,07

     HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones","KBLast",0x00010001,
          02,04,e0,07  -->  00,05,e0,07

     HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Turkey Standard Time","Display",0x00000000,
          "(GMT+02:00) Istanbul"  -->  "(GMT+03:00) Istanbul"

     HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Turkey Standard Time","TZI",0x00000001,
          88,ff,ff,ff,00,00,00,00,c4,ff,ff,ff,00,00,0a,00,00,00,05,00,04,00,00,00,00,00,00,00,00,00,03,00,00,00,05,00,03,00,00,00,00,00,00,00
          -->  4c,ff,ff,ff,00,00,00,00,3c,00,00,00,00,00,03,00,00,00,05,00,03,00,00,00,00,00,00,00,00,00,01,00,05,00,01,00,00,00,00,00,00,00,00,00

     HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Turkey Standard Time\Dynamic DST","2016",0x00000001,
          88,ff,ff,ff,00,00,00,00,c4,ff,ff,ff,00,00,0a,00,00,00,05,00,04,00,00,00,00,00,00,00,00,00,03,00,00,00,05,00,03,00,00,00,00,00,00,00
          -->  4c,ff,ff,ff,00,00,00,00,3c,00,00,00,00,00,03,00,00,00,05,00,03,00,00,00,00,00,00,00,00,00,01,00,05,00,01,00,00,00,00,00,00,00,00,00

     HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones\Turkey Standard Time\Dynamic DST","LastEntry",0x00010001,
          e0,07,00,00  -->  e1,07,00,00

Edited October 21, 2016 by 5eraph

[liamZ]

Hi, thanks for the info. Still strange no superseded info on microsoft catalog for Posready.

But now I see that every other OS has the supersede info.

[dencorso]

Info on POSReady updates/hotfixes is scanty, anyway, to say the least...

[Mcinwwl]

I got'em all, however, .NET 4 update installed for about 20 minutes for some reason.

[dencorso]

Well, since nobody posted about it till now, it's up to me to do it, sh here it goes:
Woody's warning (and his solution!) in this post on his blog also applies to XP !!!
The latest (and last) MRT.EXE provided by MS on August 2016(at the WU/MU site) is actually v. 5.39.12900.0 (the very 1st to phone home) !!!
So, be sure to add the registry fix described by Woody (or fall back to the previous version of MRT.EXE).
 

[cc333]

Gosh, now I've seen it all...

Even XP is affected but MS' shenanigans. Sheesh!

And all this time I thought XP would surely be immune, since it's been EOS since April 2014. Guess not!

I'll have to apply this fix.

I find it ironic that the Malicious Removal Tool is itself (potentially) malicious. I guess it should remove itself then!

c

EDIT: I've been thinking, and Win2k is starting to look pretty good now, since it has *absolutely* no possibility of becoming infected by the virus that is "New" MS (maybe?)....

Edited October 25, 2016 by cc333
Mentioned Win2k

[Dave-H]

Surely as MSRT 5.39.12900 is the last one issued for XP, this shouldn't be a concern unless you run it manually.
It already ran once when it was first downloaded, so if it does do anything naughty, the damage is already done!
It's not going to ever run by itself.........................is it?

[dencorso]

It may. Then again, you may want to run it further on. As for the damage... it just sent some telemetry to MS.
It seems to be harmless, but one never knows. What is done is done (it happened to me, too...), but what can be prevented... why not?
Hence, I consider it prudent to add the registry tweak described by Woody.
BTW, I've just installed a new XP SP3 machine (it's not fully finished yet, to tell the truth), and MS got no telemetry from it that is preventable by that tweak.

[heinoganda]

MSRT I've never installed on my Windows XP, have Avast and Malwarebytes Anti-Malware in use. I also have an older firewall (Sygate Personal Firewall) installed, which is still better than that of Windows XP. (This at least asks me whether I want to allow a connection with appropriate information what calls and where the packets are sent)

[niko32]

There are 2 confusing things about this registry hack:

1. At my machine there is no MRT key in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\. So do we have to create subkey HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT and then do the rest:

Entry name: \DontReportInfectionInformation
Type: REG_DWORD
Value data: 1

...or do we need to put it in some other MRT key in registry (I think there are two of them)?

2. Is dword entry DontReportInfectionInformation or really \DontReportInfectionInformation with backslash?

Another thing is puzzling... there are articles on internet how to disable this, even from 9 years ago. Has MRT been phoning home all that time?

Edited October 25, 2016 by niko32

[heinoganda]

no backslash!    DontReportInfectionInformation

or

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MRT]
"DontReportInfectionInformation"=dword:00000001

for Reg file.

Edited October 25, 2016 by heinoganda

[niko32]

@heinoganda

Thanks for clarifying that, it is logical, but one never knows.

[FranceBB]

Ok, so... Microsoft received a report at the very end of the scan with our system information and the fact that the Malware removal tool didn't encounter any threat... so... what? I mean, it's not a big deal, is it? It's Microsoft, they shouldn't be surprised that we are still running XP, as I'm sure they already know that we are getting  POS updates.

Edited October 25, 2016 by FranceBB