If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#16
|
|||
|
|||
Protecting Windows XP against intrusions
"NY" wrote
..... Some interesting stats to consider: 8 of the top ten online threats in 2015 were from Flash. One was connected with IE and one with Silverlight. In 2016, 6 are from Flash, two from IE, one from Silverlight and one from Windows: https://www.recordedfuture.com/top-v...bilities-2016/ The Windows bug applies to all versions from XP up. (Though Microsoft are actually too cheap to even acknowledge the XP threat because XP is no longer supported unless you've paid them a gigantic sum of money and happen to be a corporation or gov't.) The Windows bug requires that you run software on your system in order for the attack to work. All of that is to say that the average person running Win7 or Win10, with a browser using Flash, is at far greater risk than you on XP if you just avoid Flash, Silverlight, Java, etc. And if you also disable script or use something like NoScript to limit it, you're all but invulnerable. HTML alone is not a security risk. Your friends probably won't deal with things like NoScript, but they can install anti-virus, avoid IE and disable or not install browser plugins for Flash or other high risks. |
Ads |
#17
|
|||
|
|||
Protecting Windows XP against intrusions
On Wed, 7 Dec 2016 23:06:31 -0500, "Mayayana"
wrote: "NY" wrote .... Some interesting stats to consider: 8 of the top ten online threats in 2015 were from Flash. One was connected with IE and one with Silverlight. In 2016, 6 are from Flash, two from IE, one from Silverlight and one from Windows: https://www.recordedfuture.com/top-v...bilities-2016/ The Windows bug applies to all versions from XP up. (Though Microsoft are actually too cheap to even acknowledge the XP threat because XP is no longer supported unless you've paid them a gigantic sum of money and happen to be a corporation or gov't.) The Windows bug requires that you run software on your system in order for the attack to work. All of that is to say that the average person running Win7 or Win10, with a browser using Flash, is at far greater risk than you on XP if you just avoid Flash, Silverlight, Java, etc. And if you also disable script or use something like NoScript to limit it, you're all but invulnerable. HTML alone is not a security risk. Your friends probably won't deal with things like NoScript, but they can install anti-virus, avoid IE and disable or not install browser plugins for Flash or other high risks. Well put. (cross posted to the also relevant groups) []'s -- Don't be evil - Google 2004 We have a new policy - Google 2012 |
#18
|
|||
|
|||
Protecting Windows XP against intrusions
On Wed, 07 Dec 2016 23:06:07 -0200, Shadow wrote:
On Tue, 6 Dec 2016 18:51:11 -0000, "NY" wrote: I realise that XP didn't suddenly become any less secure the day after MS withdrew support, but since that date presumably various backdoors have been found which make XP less secure than it used to be. Think about it. If it had that many backdoors, there would be a massive botnet established on the 10-15% of computers that still run XP. And yet .... Firewall + uninstall Flash and Java + install NoScript on your Firefox (or Palemoon 2.65) browser. Xpy is useful for closing a lot of useless and dangerous "features". Do a Malware scan from a LiveCD AV (Kaspersky Rescue Disk is good) once a week. Keep any software you download for a week, then upload it to Jotti or Virustotal before installing. You will avoid the zero-days. I just removed 240 "malwares" from a friend's Win 7 computer (most were duplicates in the restore folder, but it's still a lot) --- Brains. The most important, but something you can't install on a customer's PC.... When my old desktop computer died I had to buy a new one, but I bought it without an OS installed, and just restored the Acronis backups from the old one, which had Windows XP. That saved me an enormous amount of setup time -- finding all the discs with the original programs could take a long time for a start. Yes, I should ber better organised, and have them all neatly stored in one place, but I'm not and I don't. So I still use XP. I still use Pegassus Mail for e-mail, which I've set to text-only, which cuts the risk of infection a great deal, to judge by the amount of malware that doesn't make it to my inbox, and even when it does, gets deleted unread. I use NoScript as well -- apart from anything else, it saves bandwidth -- many news sites have videos that play automatically and can consume enormous quantities of data while you're not looking and just reading the story. So in the 12 or more years that I've been using XP I haven't had a virus infection yet, despite the fact that I get about 10 malware e-mails a day. -- Steve Hayes http://www.khanya.org.za/stevesig.htm http://khanya.wordpress.com |
#19
|
|||
|
|||
Protecting Windows XP against intrusions
On Fri, 09 Dec 2016 07:14:28 +0200, Steve Hayes
wrote: So in the 12 or more years that I've been using XP I haven't had a virus infection yet, despite the fact that I get about 10 malware e-mails a day. I know a malware researcher that would be interested in those emails, if it's really 5 per day, I'll send his address, assuming your email is valid. I used to supply him, but my ISP adopted Kaspersky and nothing gets through anymore. BTW, try WSUS offline http://www.wsusoffline.net/docs/ The last version supporting XP: http://download.wsusoffline.net/wsusoffline921.zip It takes a while to download everything, but you can keep it on a DVD to update any XP you install to the latest patches on an offline machine. PS Posting here, because you appear to read this forum, but could you move it over to the XP forums ? alt.comp.os.windows-xp,alt.windows-xp TIA []'s -- Don't be evil - Google 2004 We have a new policy - Google 2012 |
#20
|
|||
|
|||
Protecting Windows XP against intrusions
On Fri, 16 Dec 2016 11:26:19 -0200, Shadow wrote:
On Fri, 09 Dec 2016 07:14:28 +0200, Steve Hayes wrote: So in the 12 or more years that I've been using XP I haven't had a virus infection yet, despite the fact that I get about 10 malware e-mails a day. I know a malware researcher that would be interested in those emails, if it's really 5 per day, I'll send his address, assuming your email is valid. I used to supply him, but my ISP adopted Kaspersky and nothing gets through anymore. I'd be glad to send them to him, but they might not get though my ISP either -- they seem to be stricter on outgoing e-mails than on incoming ones. The e-mail I use here, though valid, is not one I check very often. BTW, try WSUS offline http://www.wsusoffline.net/docs/ The last version supporting XP: http://download.wsusoffline.net/wsusoffline921.zip It takes a while to download everything, but you can keep it on a DVD to update any XP you install to the latest patches on an offline machine. PS Posting here, because you appear to read this forum, but could you move it over to the XP forums ? alt.comp.os.windows-xp,alt.windows-xp Follow-ups set. -- Steve Hayes http://www.khanya.org.za/stevesig.htm http://khanya.wordpress.com |
#21
|
|||
|
|||
Protecting Windows XP against intrusions
In message , Steve Hayes
writes: On Fri, 16 Dec 2016 11:26:19 -0200, Shadow wrote: On Fri, 09 Dec 2016 07:14:28 +0200, Steve Hayes wrote: So in the 12 or more years that I've been using XP I haven't had a virus infection yet, despite the fact that I get about 10 malware e-mails a day. I know a malware researcher that would be interested in those emails, if it's really 5 per day, I'll send his address, assuming your email is valid. I used to supply him, but my ISP adopted Kaspersky and nothing gets through anymore. I'd be glad to send them to him, but they might not get though my ISP either -- they seem to be stricter on outgoing e-mails than on incoming ones. (Same here - probably because I collect and send via different providers.) The e-mail I use here, though valid, is not one I check very often. BTW, try WSUS offline http://www.wsusoffline.net/docs/ The last version supporting XP: http://download.wsusoffline.net/wsusoffline921.zip It takes a while to download everything, but you can keep it on a DVD to update any XP you install to the latest patches on an offline machine. PS Posting here, because you appear to read this forum, but could you move it over to the XP forums ? alt.comp.os.windows-xp,alt.windows-xp Follow-ups set. You left out microsoft.public.windowsxp.general, which I _think_ is the busiest XP 'group still going. (It's also not an alt. 'group, which means even Google Groups carries it. [Or rather, has a chance of doing so, and do in this case.]) -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf A man does not have to be an angel in order to be saint. Albert Schweitzer (1875-1965) |
#22
|
|||
|
|||
Protecting Windows XP against intrusions
(For some reason, these posts have reappeared on my system/server.)
In message , Steve Hayes writes: On Wed, 07 Dec 2016 23:06:07 -0200, Shadow wrote: On Tue, 6 Dec 2016 18:51:11 -0000, "NY" wrote: I realise that XP didn't suddenly become any less secure the day after MS withdrew support, but since that date presumably various backdoors have been found which make XP less secure than it used to be. (There is the POS hack [or hacks].) Think about it. If it had that many backdoors, there would be a massive botnet established on the 10-15% of computers that still run XP. And yet .... Indeed! Firewall + uninstall Flash and Java + install NoScript on your Firefox (or Palemoon 2.65) browser. Xpy is useful for closing a lot of useless and dangerous "features". Do a Malware scan from a LiveCD AV (Kaspersky Rescue Disk is good) once a week. Keep any software you download for a week, then upload it to Jotti or Virustotal before installing. You will avoid the zero-days. I just removed 240 "malwares" from a friend's Win 7 computer (most were duplicates in the restore folder, but it's still a lot) --- Brains. The most important, but something you can't install on a customer's PC.... (-: When my old desktop computer died I had to buy a new one, but I bought it without an OS installed, and just restored the Acronis backups from the old one, which had Windows XP. That saved me an enormous amount of That is interesting. I thought even XP had hardware-change detection to prevent it just being "cloned". Did/do you have a volume-licenced install? If not, did you have to reactivate with the activation server, and if so how did that go? setup time -- finding all the discs with the original programs could take a long time for a start. Yes, I should ber better organised, and Indeed! And even if you could find all the discs (and downloaded installers), even _remembering_ how to change all the settings so that everything runs as I'm used to would be a pain for me. have them all neatly stored in one place, but I'm not and I don't. So I still use XP. So do I, and _without_ the weekly scan or wait-a-week. (Not that I'm recommending anyone _not_ do those.) I still use Pegassus Mail for e-mail, which I've set to text-only, which cuts the risk of infection a great deal, to judge by the amount of malware that doesn't make it to my inbox, and even when it does, gets deleted unread. I use Turnpike, which _can_ interpret HTML, but only the text-formatting aspects (no scripts or other code). (Actually it displays buttons so I can select the plain-text or HTML version, for _some_ emails - which of course only works if the sender's software includes both, but lots do). Can Pegasus not be set to display "safe" HTML in a similar manner? I use NoScript as well -- apart from anything else, it saves bandwidth -- many news sites have videos that play automatically and can consume enormous quantities of data while you're not looking and just reading the story. Unfortunately, a lot of sites won't function properly without it )-:. (It even needs a more up-to-date browser in some cases. My main browser is Firefox 26, but I keep a Chrome - last XP-compatible version - to get at some sites. Even Google maps.) I don't look at a lot of news sites. So in the 12 or more years that I've been using XP I haven't had a I don't think I _ever_ have, even back in '98[SElite] days. virus infection yet, despite the fact that I get about 10 malware e-mails a day. 0 to 2 here, I'd say. (Usually at least one phishing one, but that's OS-independent of course.) -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf A man does not have to be an angel in order to be saint. Albert Schweitzer (1875-1965) |
#23
|
|||
|
|||
Protecting Windows XP against intrusions
On Sat, 17 Dec 2016 10:58:12 +0000, "J. P. Gilliver (John)"
wrote: Follow-ups set. You left out microsoft.public.windowsxp.general, which I _think_ is the busiest XP 'group still going. (It's also not an alt. 'group, which means even Google Groups carries it. [Or rather, has a chance of doing so, and do in this case.]) Thanks, I've now subscribed to it. I was subscribed tomn microsoft.public.windowsxp.basics -- Steve Hayes http://www.khanya.org.za/stevesig.htm http://khanya.wordpress.com |
#24
|
|||
|
|||
Protecting Windows XP against intrusions (now XPY in general, including for 7)
(There is 7 relevance!)
In message , Shadow writes: On Sat, 17 Dec 2016 11:22:04 +0000, "J. P. Gilliver (John)" wrote: When my old desktop computer died I had to buy a new one, but I bought it without an OS installed, and just restored the Acronis backups from the old one, which had Windows XP. That saved me an enormous amount of That is interesting. I thought even XP had hardware-change detection to prevent it just being "cloned". Did/do you have a volume-licenced install? If not, did you have to reactivate with the activation server, and if so how did that go? Although I have a legit multi-license XP Pro, given the latest M$ "telemetry-gathering" (AKA malware behavior) tendencies, I'd rather not activate online. I use Xpy https://sourceforge.net/projects/xpy/files/ To disable the update service and "claim XP as registered". Thanks for that link. (Can it do similar for 7?) Looks like a very useful resource. It's also useful for disabling unnecessary services and tweaking the interface. Ah, like 98lite and TweakUI? The documentation is a little scant, to say the least (no criticism, since it's free!). I get the impression it's more aimed at turning things off than tweaking - is that right? Also, if I just run it, will it just present me options, and not actually change anything? Looking at the history etc., I see it started out command-line, but is it graphical now? (As you can probably tell, I'm a bit wary of trying it, so thought I'd ask you who know it.) I see it works on 7 and later! (Though not developed beyond 2013/4.) setup time -- finding all the discs with the original programs could take a long time for a start. Win 7 group removed. They don't like dinosaurs. Downloading microsoft.public.windowsxp.general Almost 2 million headers. Agghhh ! []'s I told you it was busy (-:! It's manageable, though. [I suggest you set am expiry time of 3 days for posts you don't mark as keep - that keeps it manageable.] -- J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf Can a blue man sing the whites? |
#25
|
|||
|
|||
Protecting Windows XP against intrusions
In message , Paul
writes A big question would be, how easy is it to get Windows Update to even work. All the OSes except Win10, have the wuauserv looping bug, which is caused by the server file manifest contents. I don't expect the POS people got a free lunch, and they probably suffer just as much as the rest of us. Paul I was actually going to raise the wuauserv problem elsewhere. My main PC has recently acquired this beast. Process Explorer shows that it's actually one of its components, wuaueng.dll0xa4f42, that is grabbing 99.99% of the processor time. The unbelievably complicated fix didn't work for me. Fortunately, you can use Process Explorer to kill it, and thereafter, the PC works normally. As a manual Windows Update simply goes on and on 'checking the computer', it is impossible to get the monthly security updates. However, one day, after booting up, I found that I was being told that there were updates available - and after some time doing nothing, and a couple of reboots, they eventually started downloading, and got installed. After this, for the next month I had no re-occurrence of the wuaueng.dll0xa4f42 problem - but last week, it started again. I'm guessing that if I managed to do another Windows Update it would disappear (at least for a while) - but, of course, I can't do one. To hopefully get rid of the problem (at least for a while), I'm thinking of doing a fresh installation of XP. [To be honest, the PC could do with an early spring clear-out.] In the meantime, any suggestions (preferably in microsoft.public.windowsxp.general) would be welcome. -- Ian |
#26
|
|||
|
|||
Protecting Windows XP against intrusions
Ian Jackson wrote:
In message , Paul writes A big question would be, how easy is it to get Windows Update to even work. All the OSes except Win10, have the wuauserv looping bug, which is caused by the server file manifest contents. I don't expect the POS people got a free lunch, and they probably suffer just as much as the rest of us. Paul I was actually going to raise the wuauserv problem elsewhere. My main PC has recently acquired this beast. Process Explorer shows that it's actually one of its components, wuaueng.dll0xa4f42, that is grabbing 99.99% of the processor time. The unbelievably complicated fix didn't work for me. Fortunately, you can use Process Explorer to kill it, and thereafter, the PC works normally. As a manual Windows Update simply goes on and on 'checking the computer', it is impossible to get the monthly security updates. However, one day, after booting up, I found that I was being told that there were updates available - and after some time doing nothing, and a couple of reboots, they eventually started downloading, and got installed. After this, for the next month I had no re-occurrence of the wuaueng.dll0xa4f42 problem - but last week, it started again. I'm guessing that if I managed to do another Windows Update it would disappear (at least for a while) - but, of course, I can't do one. To hopefully get rid of the problem (at least for a while), I'm thinking of doing a fresh installation of XP. [To be honest, the PC could do with an early spring clear-out.] In the meantime, any suggestions (preferably in microsoft.public.windowsxp.general) would be welcome. You don't understand the source of the problem. The source of the problem is the manifest file on the Microsoft server. After every Patch Tuesday, it has new patches. The new patches need to have "supersedence" calculation done. Wuaueng figures out whether the patch supersedes some other patch. In the case of MRT 890830, which is a recurring patch, the current month supersedes all other months and years that the patch was presented. The algorithm goes ballistic when it sees an item like that. Similarly, patches that change a kernel file, GDIplus, and the like, there are a *lot* of patches to those files. The supersedence tree for the files is very very deep. Requiring 24 hours of wasted CPU cycles to work out. You can manually patch items with imagined supersedence issues. For example, my favorite recipe on WinXP is to patch Internet Explorer to the latest Cumulative Update for Internet Explorer. That used to reduce the time spent looping by a bit. There is no actual code patch for the behavior, and OSes such as WinXP and Vista only have "bandaid" manual procedures for supersedence. And really, it's an architectural problem. Another data point - I've noticed recently while using MBSA 2.3 (the manual equivalent of Windows Update), that the manifest file has stopped growing. Now I know that Win7 and Win8 are having their patch delivery vehicle changed, but that doesn't explain why the manifest file is not growing at the moment. They are screwing around with it at the moment, but I don't know what the fallout of these changes will be. I cannot imagine them back-porting the delivery vehicle changes to WinXP POS subsystem. Even the Windows Insider OS update system is shut off right now. As they are making changes to the Delta Updater and for some reason just decided to turn things off. Which again, makes no sense. But, this is Microsoft after all. Microsoft has been "limping along on one leg" for years. And it shows. They just don't know how to fix it. The new methods aren't a fix. All they do is reduce the number of entries added per month. Paul |
#27
|
|||
|
|||
Protecting Windows XP against intrusions
In message , Paul
writes Ian Jackson wrote: In message , Paul writes A big question would be, how easy is it to get Windows Update to even work. All the OSes except Win10, have the wuauserv looping bug, which is caused by the server file manifest contents. I don't expect the POS people got a free lunch, and they probably suffer just as much as the rest of us. Paul I was actually going to raise the wuauserv problem elsewhere. My main PC has recently acquired this beast. Process Explorer shows that it's actually one of its components, wuaueng.dll0xa4f42, that is grabbing 99.99% of the processor time. The unbelievably complicated fix didn't work for me. Fortunately, you can use Process Explorer to kill it, and thereafter, the PC works normally. As a manual Windows Update simply goes on and on 'checking the computer', it is impossible to get the monthly security updates. However, one day, after booting up, I found that I was being told that there were updates available - and after some time doing nothing, and a couple of reboots, they eventually started downloading, and got installed. After this, for the next month I had no re-occurrence of the wuaueng.dll0xa4f42 problem - but last week, it started again. I'm guessing that if I managed to do another Windows Update it would disappear (at least for a while) - but, of course, I can't do one. To hopefully get rid of the problem (at least for a while), I'm thinking of doing a fresh installation of XP. [To be honest, the PC could do with an early spring clear-out.] In the meantime, any suggestions (preferably in microsoft.public.windowsxp.general) would be welcome. You don't understand the source of the problem. It's actually wuaueng.dll+0xa4f42 (I missed out the +). https://www.google.co.uk/?gws_rd=ssl#q=wuaueng.dll%2B0xa4f42 It runs at boot-up, and can be seen in Task Manger as a svchost.exe process taking up nearly 100% of the processor time. Process Explorer shows that the culprit is wuaueng.dll+0xa4f42, which presumably IS something to do with Windows Update getting tied in knots. It's a real killer - and the only way to stop it paralysing the PC is to kill it. [Turning automatic updates on or off makes no difference. It runs regardless.] Unfortunately, most of the rest of your reply (left unsnipped for completeness) is well beyond my present comprehension. The source of the problem is the manifest file on the Microsoft server. After every Patch Tuesday, it has new patches. The new patches need to have "supersedence" calculation done. Wuaueng figures out whether the patch supersedes some other patch. In the case of MRT 890830, which is a recurring patch, the current month supersedes all other months and years that the patch was presented. The algorithm goes ballistic when it sees an item like that. Similarly, patches that change a kernel file, GDIplus, and the like, there are a *lot* of patches to those files. The supersedence tree for the files is very very deep. Requiring 24 hours of wasted CPU cycles to work out. You can manually patch items with imagined supersedence issues. For example, my favorite recipe on WinXP is to patch Internet Explorer to the latest Cumulative Update for Internet Explorer. That used to reduce the time spent looping by a bit. There is no actual code patch for the behavior, and OSes such as WinXP and Vista only have "bandaid" manual procedures for supersedence. And really, it's an architectural problem. Another data point - I've noticed recently while using MBSA 2.3 (the manual equivalent of Windows Update), that the manifest file has stopped growing. Now I know that Win7 and Win8 are having their patch delivery vehicle changed, but that doesn't explain why the manifest file is not growing at the moment. They are screwing around with it at the moment, but I don't know what the fallout of these changes will be. I cannot imagine them back-porting the delivery vehicle changes to WinXP POS subsystem. Even the Windows Insider OS update system is shut off right now. As they are making changes to the Delta Updater and for some reason just decided to turn things off. Which again, makes no sense. But, this is Microsoft after all. Microsoft has been "limping along on one leg" for years. And it shows. They just don't know how to fix it. The new methods aren't a fix. All they do is reduce the number of entries added per month. As I said, any advice on a fix would be appreciated (to avoid upsetting the W7 purists, preferably in an XP newsgroup). -- Ian |
#28
|
|||
|
|||
Protecting Windows XP against intrusions
"Ian Jackson" wrote
| It's actually wuaueng.dll+0xa4f42 (I missed out the +). | https://www.google.co.uk/?gws_rd=ssl#q=wuaueng.dll%2B0xa4f42 | It runs at boot-up, and can be seen in Task Manger as a svchost.exe | process taking up nearly 100% of the processor time. Process Explorer | shows that the culprit is wuaueng.dll+0xa4f42, which presumably IS | something to do with Windows Update getting tied in knots. It's a real | killer - and the only way to stop it paralysing the PC is to kill it. | [Turning automatic updates on or off makes no difference. It runs | regardless.] I don't get what you're talking about with that number after the name. I don't find anything about it in a search. In any case, you can certainly turn off updates in XP or 7. Just open the Services applet and disable "automatic updates" as well as "background intelligent transfer service". In XP you can also tame the beast by taking full control over all files. You can remove System File Protection altogether. (Assuming you don't mind losing the useless PCHealth and the nearly useless Windows help.) Just run the following in the Run window: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf That's all one line. Substitute a space for the return, like so: InstallHinfSection DefaultUninstall Once done, you can delete or disable anything without it being replaced, and you can delete the secret backup folder that's used to replace any file you choose to delete. (I can't remember the name of that folder offhand. I removed it many years ago.) I've actually renamed the WU executables for good measure, to NOwuauclt.exe and NOwuauclt1.exe. |
#29
|
|||
|
|||
Protecting Windows XP against intrusions
In message , Mayayana
writes "Ian Jackson" wrote | It's actually wuaueng.dll+0xa4f42 (I missed out the +). | https://www.google.co.uk/?gws_rd=ssl#q=wuaueng.dll%2B0xa4f42 | It runs at boot-up, and can be seen in Task Manger as a svchost.exe | process taking up nearly 100% of the processor time. Process Explorer | shows that the culprit is wuaueng.dll+0xa4f42, which presumably IS | something to do with Windows Update getting tied in knots. It's a real | killer - and the only way to stop it paralysing the PC is to kill it. | [Turning automatic updates on or off makes no difference. It runs | regardless.] I don't get what you're talking about with that number after the name. I don't find anything about it in a search. Clicking on that link returns 'about 173 results' in Google. In any case, you can certainly turn off updates in XP or 7. Just open the Services applet and disable "automatic updates" AS I said, it makes no difference. as well as "background intelligent transfer service". Now that is somewhere I know naught of. I'll investigate. In XP you can also tame the beast by taking full control over all files. You can remove System File Protection altogether. (Assuming you don't mind losing the useless PCHealth and the nearly useless Windows help.) Just run the following in the Run window: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf That's all one line. Substitute a space for the return, like so: InstallHinfSection DefaultUninstall Once done, you can delete or disable anything without it being replaced, and you can delete the secret backup folder that's used to replace any file you choose to delete. (I can't remember the name of that folder offhand. I removed it many years ago.) I've actually renamed the WU executables for good measure, to NOwuauclt.exe and NOwuauclt1.exe. OK, Thanks. I'll have a play. -- Ian |
#30
|
|||
|
|||
Protecting Windows XP against intrusions
Ian Jackson wrote:
OK, Thanks. I'll have a play. 1) WinXP: Turn off Windows Update. There are five policy levels and you can turn it off. It should not be spinning its wheels on its own then. 2) Download MBSA 2.3. Do a scan for security updates on the current computer. The dialog looks like this. http://s12.postimg.org/4df2ka8bh/mbsa.gif 3) For each missing security patch, use http://catalog.update.microsoft.com and download the patch. The resulting file should end in .msu. You double-click them to install. The file extension should cause "wusa.exe" to run, read the contents of .msu and install it. Some downloads are in .cab format, and I don't really know how to do one of those on WinXP. On later OSes, you use "dism.exe" for those. Not sure on WinXP. The wsusoffline.com package seems to download a lot of them in .cab format, and examining the logic in the WinXP version of wsusoffline might tell you how to handle such a case. The .msu files are a piece of cake. 4) Save rebooting for after the last one in the set is done. Any time this procedure gets stuck, that's just the Windows Update service going into a loop again. You can stop it from the command line, or reboot. Disconnecting the network cable may help for those people who refuse to turn off Windows Update while doing this style of patching. I think you understand what to look for on your system in any case, as you know it's in a SVCHOST, and it's related to Windows Update preparing to run. 5) Once the system is patched, you can now enter Windows Update, and the supersedence on security updates should no longer delay the presentation of the "optional list" of updates. The optional ones including Ruble or Euro font changes, time zone changes for PagoPago, security certificates, and so on. HTH, Paul |
Thread Tools | |
Display Modes | Rate This Thread |
|
|