Windows Update cleaning

Discussion in 'other software & services' started by ErikAlbert, Nov 5, 2007.

Thread Status:
Not open for further replies.
  1. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    My Original Windows CD = WinXPproSP2 and I have an arrear of 80-90 patches according Windows Update.
    I already tested this and although Windows Update seems to corrupt your system sometimes, I didn't have these problems.
    My trouble with Windows Update is that it DOUBLES the volume of my system partition and I've read that you can reduce this volume by removing certain objects, which have been installed during Windows Update, but are not needed anymore, if you are planning to keep the Windows Update.

    I'm not sure yet, if I'm going to keep Windows Update, but I would like to know how big the volume still is after executing Windows Update MINUS all these unnecessary objects.
    If my boot-to-restore is still fast enough, I don't see any problem to keep Windows Update.

    The problem is that I don't know these objects and where they are stored.
    So I need a complete path, where these files are stored and how they look like.

    I found a freeware "Windows XP Update Remover" to remove these unnecessary objects, but I find it a little useless to install a software for a one-time job and I don't need to rollback either, because I have already an image without Windows Update, which I'm planning to keep.

    Windows XP Update Remover.
    hxxp://downloads.tech-pro.net/windows-xp-update-remover_tpwr01.html
    I don't know this software, so it can be anything.
    I tested the installation file "wursetup.exe" with VirusTotal, it passed all tests, but
    "eSafe" reported it as a "suspicious trojan/worm"

    So my questions are :
    1. Is it complicated or simple ?
    2. Where can I find them (complete folder path) ?
    3. How can I recognize them ?

    Thanks in advance.
     
    Last edited: Nov 5, 2007
  2. Mem

    Mem Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    292
    I believe it does the same as the advanced function in CCleaner to remove the AU installer folders from c:/Windows directory/$NtUninstall (they are in blue when using Explorer). Of course you can delete these folders manually as well. You should not remove the folder $hf_mig$

    If they are removed, there is no way to uninstall the updates so it is best to wait a couple of weeks before removing them.
     
  3. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    I don't need to uninstall updates anymore, because I will have two images of Windows :
    1. One image = WinXPproSP2 CD without Windows Update
    2. Another image = WinXPproSP2 CD + Windows Update.
    So I can go back at any time.

    Thanks for the info, I'm getting closer to the manual delete.
     
  4. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    This is just my own opinion. And i would never recommend it to others "UNLESS" you know your Windows system inside & out well enough as well as the security apps it takes to secure it reasonably.

    I quit patching a long long time ago, in fact when i reinstall, unless theres something i want to test or use which specifically requires SP2, i only install SP1. Now with that being said i also quite frequently reinstall with XP PERIOD w/ no patches. I hate patches. Let me repeat this, as a very seasoned user of $M Windows originating from Windows 98 to now, i detest patches, all of them, and have never seen a single issue by avoiding them PERIOD.

    This IS NOT recommended for the casual to regular users for obvious reasons, the chief one being security.

    I never liked the MASSIVE scale of files each of those patches and SP's fill up on my hard drive, plus my machines hum along nicely without them thank you and for a very long time to boot.

    If theres a security issue worry most of the time it's IE, even that browser can be secured well enough by ALL the programs a user has at his/her disposal now, HIPS, Sandboxes, Virtualizers, etc. and the list goes on.

    So why on earth would i waste my time and precious disk space with $M patches a million-miles long in some marathon to eat up all this space and at the same time cause corruption or another issue. Plainly said, i don't have the time to pick up after these patches problems nor care to dump the load of them on my disk to waste space.

    I guess i'm just too simple minded, i lean to the theory of keeping things trim but well manicured with the latest technology that themselves are light-weight but X-TREMELY formidable, and this practice is never failed me yet.

    I don't know anything or even want to about M$ patches because it reminds me of putting band-aids all over the Hoover Dam whenever theres a pin hole leak, eventually they'll fail, my security programs won't. :thumb:
     
  5. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    I just manually delete the remains of windows updates. Below are the areas i manually delete. Each update also creates a txt file of the same name which i also delete(bottom picture).
     

    Attached Files:

  6. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Hi Farmerlee,

    So your method would enable you to keep the update/patch installed and functional, but remove the excess junk? Also, has this ever caused any problems for you?

    Thanks,
    innerpeace
     
  7. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,043
    Not installing SP2 is fine, but I've seen some new software, that won't function if you don't have it. This is going to get tougher with time.
     
  8. Espresso

    Espresso Registered Member

    Joined:
    Aug 1, 2006
    Posts:
    975
    Download an update pack (eg. RyanVM) and slipstream it into the installation files. No update leftovers and everything is up to date.
     
  9. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    That is not an option for me anymore. I suspect that M$ will terminate RyanVM's Update Pack sooner or later, just like M$ terminated AutoPatcher not long ago.
    Thanks anyway, because I was a fan of nLite and RyanVM also for awhile. :)
     
  10. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    That kind of talk worries me a little because i got a lot of use from those apps and still have slipstreamed CD's i made to install XP Pro SP1/SP2 with various tweaks & mods. Hopefully they will enjoy an extended reprieve since vista is fell out of favor so bad, but then again it's just like $M to ruin a good thing when they see one out of pure spite.
     
    Last edited: Nov 6, 2007
  11. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    @farmerlee,
    Thanks for the pictures, this will help also, because I prefer a MANUAL delete.
    I just don't want to remove TOO much. It's not a problem either when I remove too much, I have a terrific collection of images to rollback. :D

    @easter,
    Yes I know your opinion about Windows Update.
    My boot-to-restore removes any change, so it doesn't make much difference, if I restore a THIN Windows or a FAT Windows, except the volume of course, which is exactly the problem, it might slow down my boot-to-restore and other functions of FDISR.
    My ex-OS "Win2000pro" was ALOT slower after installing SP4 and the many patches, so I'm not really enthousiastic to do Windows Update.
    I just want to know in advance, which impact Windows Update will have on the rest, before I do it or not.
    Testing this out with ShadowProtect is peanuts.

    @peter,
    Thanks for pointing it out, that SP2 can be necessary to make some software functioning properly, which is also important to consider. Ditching a software due to an old Windows would be a stupid reason.
    SP2 is already on my Windows CD and I have no plans to remove SP2, I don't even know how to do this.
     
    Last edited: Nov 6, 2007
  12. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    @ErikAlbert

    You make much ado over your famed boot-to-restore. I assume this procedure stem directly from the Freeze storage of FD-ISR which many of us still and always will have irregardless of what HDS does to paralyze it's useful features, that being one and the other archives. Such shame of them :cautious:

    If that is the case does the Freeze Storage then take an existing snapshot and then archive/save it as the source to return that (frozen) snapshot's state back exactly as b4? I understand it occurs at boot (Copy/Update from .arx) How much time?

    Reason being then what's the purpose of DeepFreeze when FD-ISR can achieve the same outcome?

    Thanks
     
  13. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    A frozen snapshot is indeed based on a freeze storage, which is in fact an ARCHIVE, that's why the freeze storage file has the extension .ARX, just like any other FDISR archive.

    Each time when I reboot FDISR executes a COPY/UPDATE from "Freeze Storage.ARX" to my "frozen on-line snapshot" and that removes any change in my on-line snapshot. I cannot see this update of course, because it happens behind the Windows Welcome screen, which appears during reboot.

    I clocked my boot-to-restore, between clicking the RESTART-button, until my desktop is ready-to-use = 1m42s.
    There is only one software on my computer that slows everything : Faronics Anti-Executable, because AE is running constantly to protect my system against unauthorized executables. AE even slows the SHUTDOWN of Windows, I don't know why, but it does.

    I'm only going to ditch AE, when they invent a software, that removes any change in my system partition IMMEDIATELY WITHOUT REBOOT. I'm waiting for such software, because it doesn't exist yet. I don't care if it is technical possible or not. One day it will be possible.

    Regarding DeepFreeze and Returnil compared with FDISR.
    I consider DeepFreeze and Returnil as a step back, because they don't have archives. The only way to replace archives in DeepFreeze and Returnil are IMAGES, created with Image Backup software and that is not ISR anymore. So it's definitely a step back.

    The combination DeepFreeze/Returnil and FDISR, doesn't work properly although some members don't agree with this.
    DeepFreeze and Returnil are working properly, FDISR doesn't work properly anymore.
    I don't like to use an extra software either, while I already have that function.
    A normal snapshot + Deepfreeze = frozen snapshot
    A normal snapshot + Returnil = frozen snapshot
    The only reason I hear why users are doing this combination is SPEED. In my case I won 20s, big deal.

    DeepFreeze and Returnil might be better in exceptional situations, like a killdisk attack or a destructive DEL-command, but DeepFreeze/Returnil don't have multiple snapshots/archives and I don't want that simplicity without any further possibilities. :)
     
    Last edited: Nov 6, 2007
  14. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    Sorry that AE is making for some disappointment that way. I have AE on another machine but without FD-ISR, it's always a chore to blend some of these apps into a natural order of perfect compatibility, the problem though is we always end up having to leave one of them out of the mix, and it's usually quite important.

    I don't like very well either having to depend on restoring archives via images for a recovery, whats the point in that?

    I can use Power Shadow to temporarily seize the state of all my partitions at once and virtualize any FD-ISR snapshot and by the way, even while shadowed, i can Copy/Update to archives and those changes will stick as long as i do it to a partition not covered by Shadow-Mode, but that same snapshot on-reboot will return to it's original state again before shadowed/frozen.

    Power Shadow works perfect on FD-ISR snapshots and affords you additional benefits that Returnil can't match like full coverage.
    DeepFreeze is another story but, it might Frozen all partitions but i highly doubt you could do a Copy/Update successfully with it in the way you can in PS.

    Of course this is still like you said:

    A normal snapshot + Power Shadow = frozen snapshot, so with FD-ISR's Freeze feature theres really no real need for PS since your system reverts back anyway.
     
  15. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    The only advantage of PowerShadow and Returnil is that they work in a virtual environment, but somehow I can't see why this is really an advantage.
    I recover my system partition anyway, so what is exactly the difference or big advantage ?
     
  16. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    No i've never had a problem with it. The only reason you need that stuff is if you need to uninstall any of the patches. Otherwise its just a waste of space imo, i've found up to 1.5 gigs of these files on certain computers.
     
  17. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    There actually is a piece of software that can do this called altiris software virtualization. Its able to record changes to a system and it saves them in a software layer. You can then deactivate the layer without needing to reboot and it removes all changes. The real cool thing is its free for personal use! The one uncool thing is the company is now part of symantec but so far i have no major complaints.
     
  18. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    I'm not even sure myself but some very rare/extreme possibilities do come to mind, like if you get hammered with the KillDisk trojan, Power Shadow defeats it, so FD-ISR and it's snapshots are secured from damage due to that serious attack. The KillDisk trojan is one of the worst and PS can handle it and preserve FD-ISR. I don't think the others could stand up to it, i dunno about them.

    But here we are again, since it's an executable AE would stop it cold before it could activate it's orders on your system, so it's defeated in that manner too. For that matter, any reliable HIPS (EQSecure 3.41 here) would easily abort it then alert the user via a prompt, so it's no danger again.

    FD-ISR is a recovery program and as such is susceptical to exposure which also translates to available for modification from some virus, and here we get into again what approach this virus may exercise in order to penetrate and perhaps render FD-ISR seriously hendered, like in my case a file infector was released. It was an executable deliberately started by me, but WHAT IF... this type of infector could also be introduced via a script or bat files?

    The advantage for me in teaming PS with FD-ISR is the added prevention against just such a possibility, either thru my own doing or the doing of a forced intrusion from some other more mischief chap either working an exploit on a website or bugging a normally legit program.
     
  19. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Personally, I don't see the KillDisk Trojan as a serious threat, not even when it is hidden in a script or .bat-file.
    OK. It scares you when it happens, like any other destructive malware, that is a normal first human reaction, but I only have to zero my harddisk and restore an image, which I have done so many times already and I'm back in business.
     
  20. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,633
    Location:
    U.S.A. (South)
    You're quite right Erik, and you bring along a lot of confidence in all your remarks regarding Boot-To-Restore just as i prefer the HIPS shield against letting in anything in the first place.

    You and Peter2150 and more over Dallen because of his first bringing FD-ISR to my attention, has turned my entire computer experience completely around a full 360 then from where it used to always be before.

    Preservation of data is of as much if not more important than simply warding off potential risks and a Boot-To-Restore is a simple one-click step as opposed to eons of lost time running scanners and the like.
    I stopped using AV's the moment i realized HIPS was infinitely better at stopping anything dead in it's tracks BEFORE they had a chance to tamper with the system and your data. That did it for me and is never changed, although i found a more formidable but simple HIPS in EQSecure 3.4 which also solves the script problems with scriptdefender, not only that but Power Shadow i have 100% complete confidence my shadowed session is indeed temporary (virtualized) and reverted back again to 100%well-preserved state as before.

    I tend to only stay with tried & tested apps that prove their ability is well beyond the averages and then some.
     
    Last edited: Nov 13, 2007
  21. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    From Bold Fortune's Slimming XP Guide which is what I use.

     
  22. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,043
    Folks this thread is about Windows Update Cleaning. Lets stop all discussion of the recovery software here.
     
Loading...
Thread Status:
Not open for further replies.