News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • What’s the latest for speeding up Windows 7 scans?

    Posted on October 21st, 2016 at 16:16 woody Comment on the AskWoody Lounge

    We’ve had a whole lot of water under the bridge these past few weeks. Where do we stand on Win7 update scan speedups?

    The game’s going to change after this month’s updates – Group A won’t have to worry about scan times, Group B will be going to the Update Catalog directly. But for now the scan problem persists.

    What say ye, oh wise ones?

    UPDATE: Canadian Tech has just posted a new thread on the Microsoft Answers forum. It explains what you can do if the straightforward patching methods mentioned here don’t speed up the Win7 scan for updates. Good reading – but difficult.

    If that helped, take a second to support AskWoody on Patreon

    Home Forums What’s the latest for speeding up Windows 7 scans?

    This topic contains 168 replies, has 11 voices, and was last updated by  Seff 2 years, 1 month ago.

    • Author
    • #30133 Reply

      Da Boss

      We’ve had a whole lot of water under the bridge these past few weeks. Where do we stand on Win7 update scan speedups? The game’s going to change after
      [See the full post at: What’s the latest for speeding up Windows 7 scans?]

    • #30134 Reply


      I don’t see why Group A won’t have to worry about scan times, each month it takes ages for a lot of users to get the updates notified and then downloaded. That will stay the same, there just won’t be a particular individual update to spend time on first in order that the rest can follow smoothly.

      The only way that will change is if MS are right to say that the new method will speed things up, but I’ve seen no evidence of that thus far.

    • #30135 Reply

      Walter Bear

      If you don’t want to install the KB3172605 Rollup which can break Bluetooth and contains other possibly unwanted updates or the security only update KB3192391 for October which has not yet been moved to Woody’s ok to use MS-DEFCON 3 you can use abbodi86’s solution where he ripped WU client components from KB3172605, allowing you to have the permanent speed fix without other fixes/bugs in KB3172605.

      I is not really harder than installing a program thanks to his custom script. I used it today and it works fine. I recommend it. If abbodi86 is on board with lot’s of folks using it I’m sure further instructions could be provided.

    • #30136 Reply

      Some Dude

      Are you sure kb3138612 & kb020369 won’t still work?

    • #30137 Reply

      Da Boss

      The last speedup patch I manually installed on any of my machines was KB3172605 early on in Aug – the initial version, which was overwritten by the revision from Sept WU.

      Last week after Patch Tues I did some EXPERIMENTING (not wholesale updating – for those of you reading this!) with the Sept non-security rollup, the Oct security-only rollup and the Oct Mo Quality Update (results reported on AskWoody). I had no problem, even the new service stack update KB3177476 was not installed.

      Since then, I have occasionally run a scan on one or the other machine just for the heck of it.

      I have not experienced any problems with Windows Update searching since KB3172605. Either on Win7 or Win8.1.

      But in the past, the problems have begun on patch Tues at the very second MS releases the new updates. Scanning can be fast at 11.59am Central Time, and at 12:00 noon, the second MS releases the new patches, it slows to NEVER.

      If I had to make a guess for speedup, it would probably be the service stack update KB3177476, but it probably won’t be offered by WU until all
      the other patches have been installed and a reboot. It has to be installed by itself. That means download and do it manually first.

    • #30138 Reply


      KB3172605 (July rollup) is the solution and can no longer be avoided (Simplix and others said it includes a point of consent for telemetry, but I’ve seen abbodi1406 say at MDL that it’s mostly an inert feature unless you have the other telemetry updates installed).

      abbodi1406 also ripped the update components out of the rollup for those who just want to speed up scans without installing the rest of the rollup.

      I haven’t installed either but will probably use abbodi’s custom hotfix before the next Patch Tuesday just to test that it works.

    • #30139 Reply


      Will we even need a speed up patch going forward??

      Are group A going to be getting the speed up patch(s) automatically in the Monthly Quality & Security rollup, leaving Group B with the Security only choice, having to install the Monthly Quality and Security Rollup to get the speed up patch?

      If that’s where this is heading, that’s going to cause major desertions to Group W…including myself.

    • #30140 Reply


      In this order:


    • #30141 Reply


      For abbodi86,

      I know you said the July roll-up was clean of telemetry. Do you know if Aug, Sept and Oct (non-security) are also clean?

      I am still deciding if I want to keep the Aug and Sept patches and whether or not I will install the Oct. one. In Nov I will be doing security only as it seems Nov will contain telemetry and as a result, every months roll-up after that.

    • #30142 Reply


      Woody, the scanning time may still matter for Group B. I will be going to the catalog for the security only update; however, I will still scan WU for patches other than the roll-ups (which I will just hide). It will still be useful for office, MSRT (heartbeat report blocked, thanks to your previous posts) and Windows defender.

    • #30143 Reply


      My recent scan (just now) was under two minutes. The last update I applied to minimize scan time was kb3172605. I know some have had problems, but it’s okay for me. No changes to note, yet.

      But this does bring up an interesting question that is probably related to your other post about bugs. If scans go to crap every month, it would be really maddening if MS only provided the speedup patch in the Monthly Rollup. That means all scans for .NET, defender, Office, etc. are going to be a pain in butt for Group B permanently.

    • #30144 Reply

      AskWoody Lounger

      still a problem for some folk eh? surprises me i have seen a ton of solutions in here thought that would have fixed every eventuality. I sort of cheat i add these 2 kb3138612(1st) & kb947821(2nd) before install but you can execute from the desktop with any network turned off. Since the April roll up the last win7x86-64 images I worked with was fully updated til sept, barely time to get coffee before the update deluge hit. But as win7 is so stable adding before install is really not going to be for everyone. Mainly due to the time involved but if your a frequent re-installer, regular deployment or computer repair etc then it maybe for you. The two KBs above have worked for me for a long time. On standalone/home installs.

      The 12-14 or so updates applied with the April roll up and IE11 generally take care of the problem on a wide range of machines but youll age consderably (about 1.5-2 hours) while doing it before install but conversly adds no time at all to the install/apply process.

    • #30145 Reply

      Da Boss

      Precisely. We don’t really know just yet, but I have a hunch…

    • #30146 Reply

      AskWoody Lounger

      Woody – This was posted on Wilders – maybe its OK to post ??? and helps someone

      Windows Update is taking an unusually long time … – Microsoft Support

    • #30147 Reply

      Megan Ryan

      I am still gonna wait until the first week of november on Nov 1st to install the KB update and testing the windows update to see if it is fast.

      Right now my Windows update scan is turned off until after halloween when I will install the kb and test the windows update speed.

      But please provide me an easy basic instructions on how to approach this and what kbs are required step by step.

    • #30148 Reply

      AskWoody Lounger

      Well whay do ya know? M$ update catalog now works with Edge browser. M$ sure kept that quiet (as at 21:32 MST) better late than never πŸ™‚

    • #30149 Reply


      In case it’s of interest as a data point, I am reporting back about the length of my first attempt at a Windows Update scan after October’s Patch Tuesday, as I said I would in an earlier thread:
      [ ]

      Win 7, 3-year-old Lenovo.
      I am not a computer-techie person.

      A. I can’t install the optional patch KB3172605 because it breaks my Intel Bluetooth and there has been no fix for that and there will be no Intel or Microsoft fix for my version, apparently.

      B. I have all Win 7 security patches installed,
      except for one from spring of 2015 that gives my computer (and others) a BSOD, which has not received a Microsoft or Lenovo fix, which I am stuck having to avoid, and which has nothing to do with Windows Update or the current issues.
      [By the way, due to that security patch, I am prevented from ever being in Group A, because the eventually-cumulative historical patching behavior of Group A would put that patch on my computer, which would cause it big problems.]

      C. I have kb3138612 installed

      D. I last checked Windows Update in the early hours of Oct. Patch Tuesday (just prior to the start of the new updating regime), and it ran in less than 15 minutes.

      E. The next time I checked Windows Update was a bit earlier this evening.

      It required me to allow a different IP address through Peerblock which it had never asked me to allow before: Peerblock is telling me that this is registered to Xerox. I have not looked it up independently.

      It has been beavering away using exactly 25% of my CPU.

      I am going to give it 75 minutes total and then I will shut it down; I expect that if it doesn’t do what it needs to do in an hour, it would probably happily go on putting my computer in limbo for hours and hours —

      like contributor Bill C.’s computer suffered through this week (he also has a Lenovo, and he also cannot install optional patch KB3172605 because it screws up his Intel Bluetooth).

      Okay, it’s been grinding away for 75 minutes with no conclusion, so I am shutting it down.

      My thoughts now:

      A. I am in no hurry actually to use Windows Update; I just wanted to see if it would take a long time tonight to check my computer.
      So I’m not itching to find a speed-up solution.

      B. At this point in time, I am not willing to screw up my Intel Bluetooth again by temporarily installing KB3172605, because it actually took me quite a bit of time and effort to figure out how to fix things after the first time I installed+uninstalled it.

      C. Several people have raved about Abbodi’s solution of installing a portion of kb3172605 that he surgically removed from the larger patch, which apparently does not affect vulnerable Intel Bluetooth setups.

      I am very cautious when it comes to maverick/3rd-party solutions, not because I mistrust people, but just to stay safe, since I am not a computer-techie and I have a good handle on my limitations and the narrow road that I personally ought to tread.

      D. I am not even sure yet if I am going to be in Group B or Group C/W.

      I wish being in Group B were going to be easy, functional, useful, and reliable for the next several years, but I fear that going down the Group B pathway is going to be difficult and might become impossibly tangled-up after only a few months.

      It might be so much easier and have the same final effect to enter group C/W at the beginning.

      E. Even if I go with Group B, I might do a modified version of Group B, which is only to take what I can get from the Update Catalog, and bypass my computer’s Windows Update program entirely.

      I realize that I might miss some things this way
      (though I’m not exactly sure what in the way of SECURITY-ONLY patches will ONLY be offered to ordinary home customers of Windows 7 via Windows Update, and will not at all be available to them from the Update Catalog),
      but maybe it would be a worthwhile compromise to get at least *some* of the security patches in the future.

      F. I can’t go to Linux. I can’t at the moment afford the replacement cost of so many things and the huge amount of administrative (program and file shuffling) time and sheer learning time it would require for me to go to Apple. I do not want anything to do with Google (Chrome). I do not want anything to do with Windows 10. I feel trapped.

      Therefore, if Microsoft forces me to take the option of Group C/W, because they have made the other options impossible or nearly-impossible, then Group C/W it will be.

      I’m not going to worry excessively about it, because Microsoft has already stolen so much “free” time from me, and caused me way too much stress, in the last 2 years.

    • #30150 Reply


      Just get this and you are good: or this:

      Yes, one patch, this update client alone has solved the issue for the 3 machines I ended up troubleshooting with this issue. No need for a servicing stack beforehand. No need of a rollup that breaks your Intel Bluetooth.

    • #30151 Reply


      Excuse the levity, but reading through the many comments and Windows update convolutions I couldn’t help thinking about Abbott & Costello. Probably quite stupid, but…

      Costello: Now I throw the ball to first base, whoever it is drops the ball, so the guy runs to second. Who picks up the ball and throws it to What. What throws it to I Don’t Know. I Don’t Know throws it back to Tomorrowβ€”a triple play.
      Abbott: Yeah, it could be.
      Costello: Another guy gets up and it’s a long fly ball to Because. Why? I don’t know. He’s on third, and I don’t give a darn!
      Abbott: What was that?
      Costello: I said, I DON’T GIVE A DARN!
      Abbott: Oh, that’s our shortstop!

      I deserve to be banned for this.

    • #30152 Reply

      Da Boss


      But who’s on first?

    • #30153 Reply


      Aug KB3179573, clean
      Sep KB3185278, clean
      Oct KB3185330, clean, include Sep KB3185278
      Oct KB3192403, not clean

    • #30154 Reply


      Are those machines have other updates already installed?

    • #30155 Reply


      Solution summary:
      1. KB3172605
      Microsoft itself is now proposing it

      2. WU Client part of KB3172605
      for those have the Intel Bleutooth bug or simply do not want whole rollup

      3. Temporary monthly Win32k.sys patch
      now bundled withing Security Only update and Monthly Rollup
      either install one of them manually

      4. KB3138612 with Windows Update MiniTool
      ch100 proposal
      check “Include Superseded” before running scan
      i actually did not have the time to verify it πŸ™‚

    • #30156 Reply


      Actually KB3138612 does not matter for scanning with superseded included. The old agent is just fine in that situation.
      The hard part is to select which of the updates are not superseded because there is no indication in that sense and there is no point to install 500+ components. But known current updates can be installed from the list provided by selecting them instead of downloading from the catalog each one.

    • #30157 Reply


      With a new installation with SP1 only, if manually installing only KB3138612, the first scan will be always fast.
      However after installing patches, let’s say all security or grouping them in some other way, because it is not practical and many times fails to install 200+ patches in one go, next scan has good chances not to be so fast. This was notified to me by PKCano a while ago and I confirmed it by testing, because I was not convinced as there is no logic in it.
      After confirming PKCano’s findings, I decided to recommend KB3172605, as KB3138612 was no longer good enough, or at least not in all situations.

    • #30158 Reply


      Nice summary. πŸ™‚

      Is it possible to also extract the WU client part of KB3172614 (July rollup, Win 8.1), for those who don’t want to install the whole rollup?

    • #30159 Reply

      Canadian Tech

      As you requested, Woody:

      In some cases even after installing KB3172605, Windows Update seems to be in a forever loop. My solution when that happens is a kind of what I call Windows Update reset.

      1.Start Windows Update and change the Setting to Never check for updates. Restart. When you do leave the setting at NEVER, Windows Update will no longer be automatic. From this point onwards, you are responsible for starting and installing updates. We recommend you do that a few days following the 2nd Tuesday each month.

      2.The process starts by ensuring that there is nothing running that will prevent the update from working properly. Click on the Start globe and type services into the text box. Click on Services in the list that pops up. In the window that then pops up (its alphabetic), find Windows Update. Right-click on it (left-click if your mouse is set for left-handers) and choose Stop.

      Now, you are going to reset Windows Update components:

      Start, All Programs, Accessories, Right-click on Command prompt, Choose Run as administrator, OK. Type the following in the black box: stop wuauserv stop cryptSvc stop bits stop msiserver C:WindowsSoftwareDistribution SoftwareDistribution.old C:WindowsSystem32catroot2 catroot2.old start wuauserv start cryptSvc start bits start msiserver

      You are now going to download and install either one or two updates manually. In most cases only the first (KB3172605) of these is needed. If that produces a result that says the update is not appropriate for you computer, you need to first install the 2nd of these (KB3020369), then install the first (KB3172605). Choose the one that is for your machine β€” 32 bit (X86) or 64 bit (X64).


      32 bit

      64 bit


      32 bit

      64 bit

      After restarting your computer, wait about 10 minutes until Windows Update completes its tasks. Do not use the computer for any other purpose during this wait period.

      Start Windows Update. It will take only a few minutes to come up with a list and download the updates you select. The process is quite normal as it always was from this point onward.

      If your computer has not been updated for a long time, it may take longer.


    • #30160 Reply


      Well, at least KB3138612 solves the high CPU/RAM consume when building DataStore.edb
      The old agent will paralyze the system, or return ‘out of memory” error

    • #30161 Reply


      It’s mind-boggling to consider how many hours have been spent by people trying to deal with the slow WU scan issue, and now the new patching delivery systems and their associated liabilities. This may be necessary, but I certainly don’t consider it an optimal use of my time.

      The new line of Macs will likely be announced on October 27. I’ll be checking them out

    • #30162 Reply



      Thank you for your summary.

      Number 1 my computer can’t do (I am in the minority on that),
      number 2 is semi-official and I’d like to stay official if I can (due to my computer-knowledge limitations),
      number 4 seems not official as well as pretty complicated (for someone like me),

      but number 3 — seems somewhat official (if not Microsoft’s preference for our behavior) and relatively easy.

      Installing the security-only update package from the Update Catalog is the essence of the Group B approach anyway, I think?

      If I am understanding it correctly, you are saying that
      a Group B person who wanted to use both the Update Catalog AND Windows Update (to check for stragglers and Office and .Net) each month
      (which is going to describe most Group B people),
      might well encounter slow running times for Windows Update if trying Windows Update first, before manually downloading the security-only update package from the Update Catalog,
      but if the person did it the other way around, manually getting the current month’s security-only update package from the Update Catalog, and then running Windows Update, the scan times for Windows Update would be quick.

    • #30163 Reply

      Da Boss

      Me, too. IBM says it’s considerably cheaper to run a Mac, in a business environment, than a PC.

    • #30164 Reply

      Mike in Texas

      If Microsoft decides, the Customer is definitely not on first…

    • #30165 Reply


      That’s SUCH a coincidence that you mentioned “Who’s on First”,
      because only a few hours before your post was written,
      I was writing a comment on another discussion thread here, and the first thing I typed was that it sounded like Abbott & Costello’s comedy routine “Who’s on First?” —
      but upon reflection, I deleted that reference, because I didn’t know how many readers here (at least under the age of 50 and/or not from the US) would know what that comedy routine was.

      The original statement which had brought “Who’s on First” to my mind was this:

      β€œI think the hotfixes will be rolled into the next month rollup
      and security, as they affect the
      security stream which gets us back to
      non-security fixes rolled up into the
      security ones which need to be fixed.”


    • #30166 Reply


      Can someone explain the meaning of “Group A” and “Group B”?

    • #30167 Reply



      If Abbodi86’s Option 3 for speeding up Windows Update scans

      (that he described here:

      works, then for Group B people who were already planning to manually obtain the security-only update package from the Update Catalog, is this just going to be business-as-usual?

      If I understood him correctly, his Speed-up Option 3 is:
      1. Manually obtain and install the current month’s security-only update package from the Update Catalog
      (it contains the monthly magic speed-up component that makes Windows Update run quickly)
      2. Run Windows Update to catch any straggler patches, Office updates, .Net updates, etc.

    • #30168 Reply


      I have 3138612 installed but it didn’t speed-up my scan last night, which I abandoned after 75 minutes.

    • #30169 Reply


      Re Win 10 v. 1607 machines: is it now safe to install KB3199209 ?
      Thanks, CMA

    • #30170 Reply


      Yesterday I followed a link that Woody gave on this site to a article on the current Windows updating situation, and then I clicked on a few other articles that Martin Brinkmann had written recently about related issues.

      One of the reader discussion threads under one of those articles contained a question from a Windows person about what it’s like to use a Mac, and a respondent gave a helpful overview of his impressions and experiences of Macs.

      One of his warnings was that the operating system of Macs have built-in obsolescence, something like 4 years and then Apple won’t update it at all, and you can’t install a new Mac operating system on the machine
      (like we can put Windows 10 on most machines that originally were sold as Windows 7 machines),
      so you have to get new (pricey) hardware as well as a new OS at that point –
      is my interpretation of what he said correct?

      (He did say something about, if you get an x64 mac machine, that when the Mac OS that you purchased is obsolete in 4 or however-many years, you can install Linux or Windows on it instead and keep using the hardware as a non-Mac machine, but that is a side issue.)

    • #30171 Reply

      Da Boss

      I’ll be talking about it when I change the MS-DEFCON level but, yes, it looks OK.

    • #30172 Reply

      Da Boss
    • #30173 Reply


      Thanks, Woody, for the quick response. As you know, Win 10 first informs the user about a required update when in the Update screen. But if 7-10 days pass without doing the update, then the update warnings become large and intrusive.
      You have the best Windows site available for the alert end user, now that MS has made the update process a dangerous and complicated task.

    • #30174 Reply


      Yes, Group B person needs to manually download and install he current month’s security-only update, before checking WU

    • #30175 Reply


      but i’m under the impression that Windows 8.1 is already rolled up πŸ˜€
      i mean, installing KB3172614 would not hurt

    • #30176 Reply

      Da Boss

      Odd. I haven’t seen that.

      How are you blocking Win10 updates, and what do the warnings say?

    • #30177 Reply


      Warning was something like “You have an important Windows update to do” though that may not be the exact language.
      After I got the machine back with a new Win 10 install, I recall following online instructions on how have Win 10 not to do automatic updates. I have Win 10 Professional 64-bit. The Pro version may have made this easier or even possible, but you will have to ask the experts.
      On a related topic, when the time comes to “hide” or avoid a particular Win 10 update, non-experts are going to have to relay on Woody to walk us through that.
      I have installed “wushowhide.diagcab”, although I have no idea how to use it.

    • #30178 Reply

      Da Boss

      I’ve covered this at length here:

      I’ll be revisiting that post and many others, trying to make all of this much more accessible, in the not-too-distant future.

    • #30179 Reply


      I found issues with both KB3194798 and KB3199209 which do not install correctly in certain instances.
      There is a Microsoft KB containing a MSI file released for a different CU which patches the registry which seems to work for some users for KB3194798 as well. That MSI can be uninstalled after the CU is installed correctly and the WU routine is back on track.
      I found the easiest and most reliable way is to install the above mentioned patches manually with restart after each of them. The GPO for WU should be set to disabled, i.e Never check Windows 10 style.
      The same considerations above apply to Windows Server 2016 which means that W10 and W2016 v 1607 and W10 LTSB 2016 (same v1607) are released broken and need extra work to get WU back on track working correctly.
      Once this is fixed, it seems to be working correctly from there on.

    • #30180 Reply


      This is correct in relation to the RAM, I am not sure about the CPU.
      High RAM usage also affects TrustedInstaller when too many updates are selected at one time on a clean install. This behaviour is not related to the WU agent. This is the reason why I prefer to stage the installation in few steps, like all Critical first, then all Security, then all Recommended, the order or grouping are not essential, just to have only about 50 or less updates at one time. This is how I found that KB3138612 might break after one of those steps while KB3172605 keeps working well after all steps.

    • #30181 Reply


      Group B technically does not need to check WU, as those updates, Security Only, are not published on WU. It is not the best method to have manually downloading patches and not having a reference to WU, which is prone to errors, unless having an external reference maintained at some acceptable level, WSUS Ofline, KUC maybe.

    • #30182 Reply


      I think most times the loops are happening when WU scans by itself and this overlaps with end-user action. Probably the 1st solution – Set AU to Never check is the best advice for this type of problems.
      I also found it in Windows 10 v 1607 with the servicing stack update and never ending installation of the CU. With the CU it seems that the Express package causes a much larger download than the full one which never completes, bug or a one off instance due to design?
      Setting Group Policy for Disable AU and scan manually against WU fixes it in most instances, or even better manually download and install the relevant patches with AU on not checking automatically.

    • #30183 Reply


      I bought my first Mac, a 13″ MacBook Pro with the slot-loaded CD drive, in 2011. It had 4GB RAM, 512GB HDD, the high-end (at the time) Intel processor and the OS was Lion. If it had been a Windows Machine, I would probably have replaced it 3 times by now.

      Instesd, for $35 I added more RAM, and a couple of years later a 512GB SSD. Today, I run three Parallels VMs on it with Win7/8.1 and a test Win10 AU. It runs MacOS Sierra (that’s Mountain Lion, Maverics, Yosemite, ElCapitan, Sierra – the SIXTH major OS revision). I have NEVER had a forced upgrade or update. It’s still FAST. It just works. I have no reason to go looking for a new computer yet. And I’m sorta “techie,” in spite of my years, and always want the best.

      So, yes, in the long run, Macs ARE cheaper. And a LOT LESS hassle than what we’ve been going through the last couple of years with Windows.

      I also have a MacMini and an iMac for desktops. And a 15″ Haswell MacBook Pro that I substitute back and forth with the 13″ depending on what I need in the way of screen size.
      That’s not to say I won’t drool on Oct 27th when the new ones are announced. But I find no compelling reason to move up yet.

      Get a Mac. You’ll never go back!

    • #30184 Reply


      I had not seen that article–very useful and well done.
      I’m glad to hear that you will have an updated version that is a bit less complicated.
      Sooner or later we will have to use Wushowhide.

    • #30185 Reply



      Maybe I’m just lucky. My last Windows Update check only took minutes. I haven’t had to install any speed up tools since April. just my 2 cents.


    • #30186 Reply


      Thank you so much Abbodi!

    • #30187 Reply

      AskWoody Lounger

      Re: 4. KB3138612

      I too found checking “Include Superseded” resulted in WUMT taking about 5 mins to do a scan.

    • #30188 Reply

      AskWoody Lounger

      @erik: How do you block the heartbeat report? Can’t locate it, and don’t know where to search for it. Thank you for any advice you may be able to provide. πŸ™‚

    • #30189 Reply


      I am in Group B but want to speed the scanning time in Windows Update. If I install the following:

      1) KB3020369 – April 2015 servicing stack update for win 7
      2) KB3172605 – July 2016 update rollup for Win 7 SP1

      can I remain in Group B and just manually download the security only updates for October from the catalog, ie:

      3) KB3192391 – security only quality update for Windows 7
      4) KB3188730 – security only update for .NET framework 3.5.1 on Windows 7

      or by applying the July rollup have I committed myself to needing the monthly rollups, eg, KB3185330 (security monthly quality rollup for Win 7).

    • #30190 Reply


      @walker: the report is called MRT.log (the “Type” is Text Document). You can find it at C:Windowsdebug. Or just do a search for MRT from the root drive (C:).

      As for blocking it I don’t know how to, (other than not running MSRT every month) other posters think it is not too much to worry about.


    • #30191 Reply


      Dave, like you, I have very quick WU checks and have for some time. A few months ago, there was an update that claimed it would speed-up/fix WU checks and it does. Sorry that I don’t remember the KB#. Seems like I read about it here at AskWoody…

      with my ongoing gratitude to Woody and this board!

    • #30192 Reply



      In the past week or two, I have asked Woody on a discussion thread here if Group B should even worry about checking WU any longer

      (because I had assumed that they would not need to worry about Windows Update anymore, and that they would only use the Update Catalog from now on),

      and he replied that Group B still will want to check Windows Update in addition to using the Update Catalog — he said that Group B will still need to get Office updates and .Net updates, plus maybe some others, through Windows Update.

      I asked him if the .Net and Office updates would not be attainable for Group B, manually, from the Update Catalog,
      and he said that it would probably be much easier for Group B still to use Windows Update to get those.

      Therefore, this is the reason that I am now trying to figure out what my options would be to speed up my (newly-slow) Windows Update, if I do decide to go into Group B.

      At least, if I decide to do the *full* Group B pathway, which apparently will involve checking the Update Catalog as well as Windows Update, based on what Woody said last week.

      Or, I might just do a modified Group B pathway of only getting whatever updates I can take manually from the Update Catalog, and not even worrying about WU — this modified pathway would probably be my first choice, because I’d personally prefer to leave Windows Update totally behind…

      but it would be really good to keep my Office 2007 up-to-date with security patches, so if Windows Update is the only way I can do that, then I probably would continue using WU (despite the constant speed-up/slow-down hassles that WU is presenting to many of us).

    • #30193 Reply


      Thank you, abbodi86

    • #30194 Reply


      @pkcano, does that mean that with your Mac you have never run into the reputed “planned obsolescence” (which, just above your post, I described having read a comment about on the Ghacks website),
      and you have been able to continuously update your Mac’s operating system without having to get a new Mac machine after about 4 or 5 years, and it’s still going strong now at 5 years old and is still accepting updates and operating in a secure manner, etc.?
      (If so, I wonder what that fellow on Ghacks was talking about! He seemed quite knowledgeable.)

    • #30195 Reply



      Woody’s blogpost on the “heartbeat” issue is here:

      A fellow non-techie asked in that discussion thread what he should do about the heartbeat issue, and I replied to him here:

    • #30196 Reply

      Da Boss

      Yes, you can install those two without committing to Group A. This is related to the approach I’ll recommend when I find the time to write up a switch to MS-DEFCON 3 – should be today or tomorrow.

    • #30197 Reply



      Installing 3020369 and 3172605 sped up the insufferable scanning times for me. I have installed both iterations of 3172605, the last being 4/10/16 and the updates are downloaded and installed if not right away then very soon after. Contributor pkcano installed 2605 on a test system and didn’t suffer any repercussions, so I thought what the hell?

      Earlier when I utilised the “speed up patch” for that month it only worked for me on a couple of occasions, and then returned back to the long waits etc. I surrendered and gave 2605 a go. Like you I wondered if by doing this I had fallen into the MS abyss with no way of returning! but by reading posts in other threads this was not the case.


    • #30198 Reply

      Old Dog

      Have to agree.

      3138612 worked for ma right up to October 11.

      I’m group W so all turned off. Just as an experiment, running WU on cloned back up (from yesterday) and now taking a long time (2 hours and counting).

      Will switch off shortly.

    • #30199 Reply

      AskWoody Lounger

      @poohsticks: You are absolutely amazing! I can’t begin to say “thank you” enough for the information which you provided!!

      Your posts reveal that your computer knowledge far exceeds mine, and I read everything you post. It is a such relief to know that heartbeat is not considered an important problem!

      Your humor is also “Number One”, and it provides many smiles. Thank you once again, very, very much!!! πŸ™‚ πŸ™‚ πŸ™‚

    • #30200 Reply

      AskWoody Lounger

      @gothesaints: Thank you for your reply to my post. I appreciate all of the information I can get. It all helps πŸ™‚

    • #30201 Reply

      Hugh McFarlane

      @Canadian Tech

      Thank you very much for this.

      Just for completeness: during the 12 steps performed in the Command Prompt box, is it necessary or desirable to keep the internet connection connected; or is it necessary or desirable to disconnect the internet connection (eg by unplugging the ethernet cable, switching off WiFi, removing the mobile dongle, or whatever)? Does it matter either way?

    • #30202 Reply


      @ Woody, ch100 and other commenters: I have Win 7 SP 1 x64 install 7601. That said: I have disabled WU, and have downloaded about 6 or 7 Oct. updates from the CATALOG into a holding folder. As I have the required speedups thru Sept 2016, which of updates do I install. Downloaded updates are: Win 7, Server 2008 R2, Malicious Tool, One or two are complete package updates. Let me know if you need more info. I think that if I get a handle this first month, I will know what to install what not to install for the upcoming months (or until MS pulls one of their stunts). This computer has 8GB ram and 1 TB HHD (has plenty of wiggle room even with 141 programs installed)

    • #30203 Reply


      I recently looked back at the documentation for KB 3172605, and found they re-released the July Rollup on 9/13. The reason was to address an (unspecified) issue and to improve overall reliability (whatever that means). The article, which can be found at the following link, is dated 9/16.

    • #30204 Reply


      RE: my previous comment – Also downloaded NET. FRAMEWORK 3.5.1, which I’m not sure off because I have a previous download of 4.6.1 ,which seems to be working!

    • #30205 Reply

      Canadian Tech

      It does not matter either way. Being online is of no consequence during this operation to my knowledge.

      I have subsequently published this method at:


    • #30206 Reply

      Da Boss

      Abolutely. NEVER had a problem with any of my Macs. Never had forced upgrades or updates – always at my choice of time (there are settings that are respected). No obsolescence yet from 2011 13″ MBP – it’s running Sierra just fine.

      And I run MS Office for Mac 2011 (won’t ever use their subscriptions), Acronis True Image, Firefox, Thunderbird, SugarSync, Libre Office, Kindle, Calibre, VLC Player, CCleaner, Malwarebytes, and TrendMicro Internet Security (Yes, on a Mac) just like on Windows. Parallels does a wonderful job with VMs when there is no Mac equivalent – like the diving software. I even have to use a weird adapter with that – USB -> RS232 for the Daktronics console.

      I came up living and breathing MS, from DOS days. Windows 8 turned me off, but now I run it with Classic Shell and it’s not so bad. I’ve been with the Insider Program since Oct 2014 (in a VM) – but I will never have a Windows computer with that OS.

    • #30207 Reply


      One more comment today! WOODY do not change your DEFCON RATING until the first of the year. MS is still trying to figure out what all of us ( running 70% of the world’s computers (Win 7, 8.1) are doing, plus trying to up/down grade their newest Win 10. Let’s just keep grinding away at keeping Win 10 away from the world.

    • #30208 Reply

      Da Boss

      Let me add a footnote. Obsolete is not always cast in stone. It doesn’t necessarily mean things stop working.

      There are many computers in operation that have USB2.0 ports instead of USB3.0 (muchless USB-C). If you look at the flash drives for sale, many are still 2.0. Is the wireless card n or n/a (what matters is the ISPs speed – faster cards only benefit you on a local network).

      There are brand new computers on the market with Pentium and Celeron processors running Win10. They are actually obsolete (but cheap). On the other hand, MS tried to make year-old computers with SkyLake processors running Win7/8.1 obsolete.
      High-end techies may call anything that doesn’t have the latest technology “obsolete.”

      I just gave away a desktop with a 3.6GHz Pentium4, 360GB HDD, graphics card capable of 1280×1024. It was capable of running Win7, which won’t be obsolete for three more years. It probably would have run Win10 (minimally) – if I could find the graphics driver. But you have to draw the line somewhere.

    • #30209 Reply

      AskWoody Plus

      I’m in Group B.

      I’ve only gotten 3 updates in my WU for Oct. –

      A Silverlight security update.

      A Security & quality rollup for MS .NET Framework 3.5.1 – KB3188740.

      The Oct. Malicious software scanner.

      Nothing more has come in but the WU program keeps using around 25% of my CPU according to Task Manager.

      I use Task Manager to turn WU OFF to give my CPU some rest! Man what a mess!

      Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Group B

    • #30210 Reply


      What about installing:

      October, 2016 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB3185330)


      October, 2016 Security and Quality Rollup for .NET Framework 3.5.1 on Windows 7 SP1 and Windows Server 2008 R2 SP1 for x64 (KB3188740)

      Is there any evidence that either of those rollups contain any telemetry or other Microsoft nastiness?

    • #30211 Reply


      I just installed the 9/13, KB 3172605 recently and it addressed nothing and did not resolve the issue it originally created…It helped with the speed of the update scan but after every boot up it crashes all the Intel Bluetooth components.

      Typical inept microsoft resolution.

    • #30212 Reply


      Safe, but do it manually and separately from anything else, to avoid never ending looping.

    • #30213 Reply

      Canadian Tech

      Set your WU setting to Never, restart.


    • #30214 Reply

      Da Boss

      Well, but… the MS-DEFCON rating covers updating Win 7, 8.1 and 10. (I gave up on Vista a long time ago.) Moving from 7 to 10 or 8.1 to 10 is a very different kettle of fish – MS-DEFCON doesn’t cover that.

    • #30215 Reply

      No Micrsoft Account

      I do not have, and will never have, a Microsoft account, so I can’t post this on Canadian Tech’s discussion there, which is where it belongs, and I am hoping that you, Woody, will do it for me because it makes implementing Canadian Tech’s solution MUCH easier.

      Instead of typing each of the 12 lines into the command-prompt window [and typing Enter after each one, which CT omitted] do this for each of the twelve lines in turn:

      Select the line with the mouse.
      Right-click on the selected text.
      Choose copy from the pop-up menu.
      Go to the command-prompt window.
      Right-click anywhere in the black area.
      Choose paste from the pop-up menu.
      Hit the Enter key.

    • #30216 Reply



      It is a known problem with 3172605 that it messes up some Intel Bluetooth installations.

      A couple of other people here at have had the same problem.

      Intel has fixed it for some computers, but not for all.

      My computer has this problem and there seems that there will be no official fix by Intel that will allow my computer ever to have 3172605 installed on it.

      Originally, I had installed 3172605 after seeing all the posts that encouraged everyone to install it (for speeding up their computers),
      but it only took a day for me to realize that it had messed up the computer’s Intel Bluetooth (while I do not use the actual Bluetooth capability, it still caused a number of problems on my computer that I could not avoid, and that I could not allow to continue),
      so I had to uninstall it, and even after uninstalling it, I had to do a number of things to clean up the problems it had left behind. I don’t want to go through that again.

      If you are new to this issue, you can do a search for the topic on for more information.

    • #30217 Reply


      Thank you for making my day, Walker.

    • #30218 Reply


      @pkcano, thank you for that valuable information. It helps to make the idea of moving to a Mac less daunting.

    • #30219 Reply

      AskWoody Lounger

      @poohsticks: I don’t know if I can “disable the MSRT and “Definition Updates”, and haven’t seen anything on that. (Win 7, Home Premium, x64).

      All of the 4 optionals I have are unchecked and not italicized. I only have two “Important” updates and they are checked (along with the MSRT and Definition Update”).

      I would feel a lot more comfortable being able to disable (or hide, or whatever) the MSRT and Definition Updates however have not seen a “method” to do that. Unless I missed “something”. You are so knowledgeable about all of this, I’m asking you and hoping you can provide some guidance for me. I’m definitely “non-techie” and don’t understand many of the acronyms I see.

      I’m set at “Check for updates but let me choose whether to download and install them.”. Would it be advised to have it on “NEVER” update now? We don’t have much time to deal with this mess. I’m almost considering being “Group W/C” or whatever at this point in time.

      Thank you you so much for all of your help in the past, including your wonderful sense of humor! πŸ™‚

    • #30220 Reply


      I’m fairly certain I swallowed one of the magic updates, since things have improved greatly for me.

    • #30221 Reply

      Canadian Tech
    • #30222 Reply


      You’re not alone. Many people are suddenly getting the 25% CPU usage issue, even on machines that never had that issue.

    • #30223 Reply

      Canadian Tech

      Set your WU setting to Never, restart.
      Then stop the Windows Update service itself.


    • #30224 Reply



      It was only by luck that I saw your post here – I can’t keep up with all the new comments being made because there are so many active threads!

      I am glad that I just happened to spy this one, which you directed at me, before logging off tonight.

      1. The first thing that I would say is that Woody’s advice is what you should generally follow regarding the Windows updating procedure.
      By that, I mean his advice to the general public, not his thoughts on topics that are geared more towards other “computer people”, like his recent “heartbeat” blogpost was.
      And I mean Woody’s advice specifically — not advice from other commenters here who may or may not be giving directions that are advisable for your computer setup.

      I do not know enough to advise others in this
      area, though I can sometimes translate things for people who are non-techies like us, since I have an idea of what we might be confused about. πŸ™‚

      2. Do not worry about “disabling the MSRT” and the other things you’ve seen mentioned here which you don’t know how to do. Your computer will be just fine if you don’t touch those controls until Woody gives the general public an instruction to do so. (If, in the next few weeks, he doesn’t give any specific instructions about the MSRT for this month, just leave yours as it is. It will be okay.)

      3. You ask, “I’m set at β€œCheck for updates but let me choose whether to download and install them.”. Would it be advised to have it on β€œNEVER” update now?”

      Walker, personally I would recommend the “NEVER check” setting. It will not harm anything, and it might save you from having something installed by Microsoft on your computer that you didn’t want installed. This is my personal opinion, and that is what I am doing on my machine.

      I think that Woody’s most recent advice is that people can have either one checked — either “Check for updates but let me choose” or “Never check”. He says they are both protective settings.

      I think “Never check” is a little safer. If you choose “Never check”, you can still run Windows Update whenever you want and you will still be shown all the updates that Microsoft has available for your machine and you will still be able to select the ones that you want to download. So there is no harm in saying “Never check”.
      (I also think that it might keep your computer from running so much in the background, which Microsoft causes to happen when it checks with its servers for new updates, so that is another advantage.)

      4. You said, “All of the 4 optionals I have are unchecked and not italicized. I only have two β€œImportant” updates and they are checked”

      Do not worry about what Windows Update has listed right now, because Woody hasn’t given the general public the go-ahead to run Windows Update or to install anything.

      He will do that when he changes his Def-Con rating — he will announce it with a blogpost here as well as with an accompanying InfoWorld article. (He has written here recently that he will do so in the next few days, so stay tuned.)

      For the time being, do not install anything. And don’t worry that some patches are sitting there in your Windows Update — they can wait! πŸ™‚

      5. You wrote, “I’m almost considering being β€œGroup W/C” or whatever at this point in time.”

      This is a tough one.

      – Group B is probably going to involve a number of steps that might be best suited for intermediate computer people, so it might become tricky, and you don’t want that.

      – Group C/W is going to be easy in the sense of being able to drop all Windows updating of any kind, but it will be risky in terms of possibly exposing your computer and all your files to future security risks.

      – Group A: *If* you do not have any problems with any past patches screwing up your computer
      (whereas my computer has 2 past patches that really mess it up, so I can’t allow Microsoft to put those old patches on my computer, which Microsoft will definitely do if I put my computer into Group A),
      maybe it would be best for you to be in Group A.
      What do you think?
      It might be the easiest and the most protective for you in the long run.

      Computer-knowledgable contributors here like Canadian Tech and PKCano have a lot of friends and family whose computers they help to maintain, and I think they have both said that they will put their friends and family into Group A. Group B will be too difficult to manually fiddle around with on a monthly basis, and Group C (having no security updates of any kind) might simply be too risky for the average home computer owner to go with, especially if the computer is used to go online on the internet, which I’m sure yours is used for (like the computers of most everyone else here on AskWoody).

      6. You said, “We don’t have much time to deal with this mess.”

      This is not the case, Walker.
      You have time.
      Do not feel pressured or stressed-out.
      You are the one in control of this, Microsoft is not going to force you to take a step that you don’t initiate first.

      (Indeed, that is one of the wonderful aspects about Windows 7 and 8, and that’s why people want to stay with Win 7 and 8 instead of going to Windows 10, which is much more pushy and insistent with computer owners!)

      If you don’t want to, you don’t have to do anything regarding your Windows Updates for the next month, or two, or three!
      You might want to wait and see how the different pathways (A, B, C/W) work out for people, and how Woody’s advice changes in November (or even December) as he learns more about the fallout from Microsoft’s new Windows Updating system.
      (Yes, while you waited, your system wouldn’t yet have the most recent security patches, but right now there isn’t anything so serious that they are patching that you would be putting your computer at a high risk by not having patched.)

      Does this make sense?

    • #30225 Reply


      Yes, after I checked Windows Update 2 days ago (which was stuck “checking” for 75 minutes, and then I simply shut it down),
      unbeknownst to me, it caused my computer to have a 25% CPU usage for a couple of hours afterwards — even after I had disconnected from the internet, closed all programs, and run Ccleaner. (At which time normally my CPU is at 1% or so.)

      I had to turn the machine off and on again to get the CPU to stop running at that level.

    • #30226 Reply

      No Micrsoft Account

      You’re welcome.

    • #30227 Reply

      AskWoody Lounger

      “Yes”, everything you wrote make sense! Thank you so very, very much for taking the time to address my questions! πŸ™‚

      I agree that it’s becoming almost impossible to keep up with whatever changes have been made to the “forum”. Sometimes no “Reply” option, other times I can’t find a comment I’ve input. I’m very thankful you found my post.

      Your recommendations are the BEST I’ve seen yet. You are much more knowledgeable than I.

      I have only a few more years remaining to try to enjoy life, and this debacle has made my life a nightmare.

      I do thank you for the recommendation about Group A, and that I do have “time” to revert to the “NEVER” update and wait to see how things progress. This removes the “stress” I’ve been attempting to deal with.

      I agree about Group B requiring expertise and knowledge which I do not possess. As much as I detest having MS “in control”, I can foresee no other alternative at this time.

      Thank you once again, Poohsticks, for taking the time to respond to my questions! I appreciate it more than words can express. You are absolutely WONDERFUL!! Thank you so very, very much. Hoping you have a great day!! πŸ™‚ πŸ™‚ πŸ™‚

    • #30228 Reply



      3172605 has definitely smoothed out the scan for updates time. So, it has value in that regard. I also do not use Intel Bluetooth on my Dell W7 SP1 machine but, as indicated, the components do crash on startup as revealed by CCleaner.

      I assume once you uninstalled 2605 you are set to “Never Check” to avoid the long scan times? Unless you have found another solution to speed up the update scan?

      I’m also curious as to what “other problems” the 2605 install caused your machine and, as well, as what problems lingered after the uninstall?

      The only real issue I have with 2605 installed is “occasional” longer than usual boot ups (as the OS deals with the BT components not loading correctly/crashing). After boot up, and a CClean to see if the BT components crashed, the machine seems to run normally.

      Hope you see this response because I am looking for more info even after doing any number of Google searches. I’d consider uninstalling 2605 but I don’t know what new problems that might create…you know the old saying, “the devil you know….”


    • #30229 Reply

      AskWoody Lounger

      @poohsticks: Apologies for this question which I forgot to mention.

      Is it all right to leave the “Updates” at “Check for updates but let me choose whether to download and install them.”? I have apprehensions about putting it on “NEVER” (because I can’t see anything). I’ve seen both of these recommended as being basically “the same” functionally.

      With it set as it has been, I do get the updates and can view them. I think a lot of users are becoming more and more nervous. I would like to see what MS is issuing, even if my final decision will be for Group A.

      My apologies for bothering you once again. YOU ARE “ONE IN A MILLION”!! πŸ™‚ πŸ™‚ πŸ™‚

    • #30230 Reply

      AskWoody Plus

      If I set WU to Never, will I be able to turn it back on? I need some of the updates that show up in WU.

      Also, I’ve always gotten a slew of MS Office 2010 updates which so far have not shown up anywhere – WU or the Update Catalog. Or can I type “Office Updates” in the Catalog Search?

      Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Group B

    • #30231 Reply

      Old Dog


      I support everything poohsticks said to you, especially the part about taking your time to decide what group you will be in.

      poohsticks wrote

      “If you don’t want to, you don’t have to do anything regarding your Windows Updates for the next month, or two, or three!
      You might want to wait and see how the different pathways (A, B, C/W) work out for people,…”

      She is correct. I still run 1 Vista and 2 XP machines connected to the internet with no patching for years – and with no problems either. I personally believe the “bad guys” go after bigger fish than the average home user.

      So stay calm, keep cool and enjoy yourself. There is a lot of life outside of computers.

    • #30232 Reply

      Canadian Tech


      Use the “solution”. It works almost all the time. Updates in minutes.


    • #30233 Reply

      Canadian Tech
    • #30234 Reply

      Canadian Tech

      I am wavering between advising my clients to be in B or C. Certainly not A. My concern with B is whether it is a practical thing to do. I am concerned that fixes to defective security updates will be offered in non-security updates.

      As for the never thing. I have experienced this scenario:
      – Setting at check for updates but let me choose
      – No updates pending when I start my computer
      – While I am using my computer, MS downloads an update. It is check marked as important.
      – I fail to check WU before I shut down
      – It installs that update during the shut down process.

      Bottom line: Never is the right setting and the only one that is reliable.

      On the subject of the risk of group C.
      I have seen many computers that have never been updated or haven’t been for more than a year. Commonplace in the real world. They don’t seem to be any more likely to be infected than others that update constantly. I suspect the risk of MS lousing up a well-running Win7 system is greater than the security risk of not patching. Win7 is already a pretty secure and stable platform and I am not sure whether the patches that are to come are all that critical.


    • #30235 Reply

      Da Boss

      But poohsticks has problems with the clobbered Intel Bluetooth driver. I’m trying to figure out how to steer people in the right direction, no matter which Intel Bluetooth driver they may have.

    • #30236 Reply

      Da Boss


      (He says as he comes back from hunting Pokemon…)

    • #30237 Reply

      Canadian Tech

      I did not realize that Poohsticks used Bluetooth. I have yet to find a single instance of a person who actually uses the Bluetooth feature in their computers, at least among the people I work with.


    • #30238 Reply

      Da Boss
    • #30239 Reply

      Canadian Tech

      Looks like Wintel is no more.


    • #30240 Reply

      Da Boss

      It’s taking a real hit on the chin.

      I didn’t mention in the post about MSFT stock now exceeding its all-time high, but… those who held on to MSFT stock just saw it reach the level it was at 17 years ago, if you don’t adjust for inflation.

    • #30241 Reply

      Hugh McFarlane

      I use Bluetooth to sync my phone to my laptop (which does have Intel Bluetooth) and that’s the only way to do it. (My phone is very elderly.)

      Curiously, KB3172605 doesn’t seem to break my main laptop (or a spare, also with Intel BT) in the way expected, even though I haven’t consciously installed a new Intel driver.

    • #30242 Reply

      Da Boss

      That’s encouraging news!

    • #30243 Reply

      AskWoody Lounger

      @Old Dog: Thank you for your comments!! I agree with everything that you and poohsticks have said in your comments. It helps so much to have you both “on board”!! πŸ™‚

    • #30244 Reply


      Intel Bluethooth issued Intrl Bluethooth and Microsoft Windows 7 updates with insdtructions. After following instructions Bluethooth problems should go away. the following article on Bluethooth/Intel/Win 7 is – Reviewed: 17-Oct-2016, Article ID: 000022410 on Intel support page.

    • #30245 Reply

      Da Boss

      Yep, but I’m seeing reports that the new driver doesn’t always solve the problem.

      Although I note that Intel’s page was updated late last week…. Hmmmm….

    • #30246 Reply


      @ Woody : No doubt the update came from MS prodes.

    • #30247 Reply

      AskWoody MVP

      Poohsticks- Thank you, thank you, thank you…
      Non-techie, but wanting to maintain a safe and secure no telemetry Windows 7 machine. I learn a lot from this site (thank you Woody), and want to learn more… but I get lost in all of the discussions sometimes. Thank you for the concise summary.

      Win 7 Home, 64 bit, Group B

    • #30248 Reply

      AskWoody MVP

      oops- should be a reply to Poohsticks. Learning, as I said.

      Win 7 Home, 64 bit, Group B

    • #30249 Reply

      Canadian Tech

      Does this mean that KB3172605 problem can be fixed by installing this new driver?


    • #30250 Reply

      Da Boss

      That’s precisely the question I hope that somebody can answer.

    • #30251 Reply


      I wish MSE would update it’s definitions – I used to think it was a conspiracy but now I think it’s probably just garden variety incompetence.
      Just the kind of idiots you want to entrust with all your private data :/

    • #30252 Reply


      Try WUMT as alternative to wushowhide
      I cannot say it is better, just a lot more user friendly.

    • #30253 Reply


      I don’t understand it either. @poohsticks actually mentioned in one of the posts that Bluetooth is not in use, but the patch causes other issues. Which other issues? Bluetooth can and should be disabled in Device Manager for most desktops/laptops anyway.

    • #30254 Reply


      No there is not πŸ˜€
      but the next Security Monthly Quality Rollup will have components

      .NET updates are always safe

    • #30255 Reply

      Canadian Tech

      Ch100, You are so right. Bluetooth is rarely used in my experience. It uses a lot of resources and is a common source of problems. The best way is to disable it, unless it is going to be used and that is unlikely.


    • #30256 Reply



      “I did not realize that Poohsticks used Bluetooth.”

      Not the point.
      Even if one doesn’t use BT on their machine, once 2605 is installed, the BT components crash on boot up. I don’t have the file names off hand, but I did list them in another post here (obexsrv, mediasrv and devmonsrv ?) I can verify that they crash on boot because Windows Error logs is enabled on my CCleaner. These components crashed on the first boot up after the 2605 install and have crashed every time my W7 SP1 x64 laptop (on a home wifi connection) has booted up in the morning.

    • #30257 Reply

      Da Boss

      FYI: I use bluetooth mice on two laptops b/c I don’t have enough USB ports for what I need sometimes.
      Heaven help me when they all go to ONE USB-C. I’ll need an octopus!!

    • #30258 Reply


      Daniel – I had the same problem this month, without a speed up patch, in MSE not automatically updating its definitions.

      I have been daily manually updating from this site :

      scroll down to midway and follow the easy instructions HTH ….

    • #30259 Reply

      AskWoody Lounger

      Is abbodi’s extraction of KB3161647 (July ’16 WUC) from KB3172605 (July ’16 rollup) too esoteric for most people?

    • #30260 Reply

      Da Boss

      I think so, but I’ll link to it.

    • #30261 Reply


      Why don’t you just install KB3172605?

    • #30262 Reply

      Hugh McFarlane

      I did not initially install KB3172605.

      Because it was widely reported that KB3172605 breaks Intel Bluetooth, and Intel won’t provide a corrected driver for “older” systems such as mine, and I rely on Bluetooth to some extent. Therefore I didn’t install KB3172605.

      But actually I did recently install (carefully) the revised (September) KB3172605; and I don’t see the reported problems with Bluetooth as a result.

      Did the September revision of KB3172605, BY ANY CHANCE, include a work-round for (or an acceptance of) the Intel fault? I note that KB3172605 now talks about “an issue with the previous release”.

    • #30263 Reply

      Da Boss

      Nope. I’ll have an article up on this in a couple of days.

      Intel changed the Bluetooth driver for all but the older Intel Bluetooth gear.

    • #30264 Reply


      The revised version of KB3172605 is related or to fix some issue in KB3167679, by including KB3175024 in new KB3172605
      ultimately, October security updates (3185330 or 3192391) replaced KB3175024 and included more fixes

    • #30265 Reply


      @Canadian Tech,
      I am sorry that I got wrong what your position is about the group A/B/C choice for average users!

    • #30266 Reply


      Just wanted to correct something in my above long comment to Walker:

      Canadian Tech has written below that he would NOT put anyone in Group A.

      He will be putting the non-techies he advises into either Group B or Group C/W (he hasn’t made the final decision on that).

    • #30267 Reply



      About your follow-up questions regarding the “never check” or “let me choose” options —

      It is up to you.

      If you set it to “never”, you would still be able to see the updates Microsoft wants you to install, by running Windows Update manually at a time of your convenience.
      The only thing that “let me choose” does is to automate that running-Windows-Update process in the background, and it also uses up resources on your machine while connecting with Microsoft’s servers every day (or several times a day).

      Read Canadian Tech’s advice below wherein he promotes “never check”.
      Like him, in the past (before I set my Windows Update to “never check”), I’ve had times where when I shut my computer down and an update was installed that I didn’t think I had given MS permission to install.

      It is your decision.

      And if you are leaning towards going into Group A, it would probably be okay for your computer if a patch did happen to slip through and be installed without your knowledge/permission, because, in the end, Group A will be accepting all the patches that Microsoft recommends for them.

      I would say that you don’t need to check your Windows Update as often as you are doing — I normally open mine up only once a month, and that’s after Woody has given the “Def Con” go-ahead and when I’m mentally ready to grapple with Windows Update for that month’s patching!

      Most of the time, you can leave it be, and not even let the topic of Windows updating cross your mind, in between visits to this website. Think about other things and your days will be lighter and happier. πŸ™‚

      It might be calming for you not to follow Woody’s blog every day, but to check in here once a week at the most, in order to *skim* his newest blogposts that he has put up since the last time you visited his blog, mainly to see if he has revised his Def Con number and is telling ordinary home computer users that is it the time to get their patching done for that month. He normally does this around the end of each month.

      Otherwise, many of the interim topics discussed here are probably more interesting to intermediate and advanced Windows users, and the chat in the discussion threads, especially when people start recommending work-arounds and altering settings in the machine, can risk being more confusing than helpful to non-techies.

      Many of us are worried about online snooping from companies like Microsoft, as well as heavy-handedness, breaking promises (actual or implied), causing uproar and confusion, and so forth. I think that it’s genuinely wrong and genuinely bad for our society and for us as individuals.

      BUT PLEASE do not absorb these concerns that many people have and take them so much to heart that they cause you to feel anxiety and to have your thoughts occupied unduly.
      Don’t feel pressured, don’t feel rushed, don’t feel threatened.
      You have a lot of control about what happens to your computer, and the timing of it.

      You could do a minimum amount of decision-making and adjustments to your computer, accept most of what Microsoft offers to you from then on, and go along using your computer without incident for years. This is what most home computer users do.

      Therefore, I expect that being in Group A would probably be the right choice for you — it is the right choice for many people. Woody will fully explain what Group A people should do.

      Like I said before, you can just leave your computer alone and observe how others are getting along with the new patching system — see how things go for a month or two before you commit your computer to one group or the other. Woody will know much more about the overall situation in a month or two.

      The one thing that is important to realize is that after you choose Group A or Group B and set your computer up accordingly, it might be complicated to switch to another group, so you’ll want to be sure of your group choice before you take the plunge.
      (However, if you are in Group C/W, there is more freedom, because you aren’t setting your computer up to do anything except *not* to check for or install updates, so from Group C you can always move to Group A or B.)

      Otherwise, try to detach from the subject and put it in a tiny imaginary shoebox on the top shelf of a closet, and just take the box down and sift through the contents when you have to, which might be just once or twice a month.

    • #30268 Reply


      @Canadian Tech
      “I have seen many computers that have never been updated or haven’t been for more than a year.”

      I actually have seen Windows 7 computers without Service Pack 1 and still doing well.
      Some would argue that this is happening because the other computers are patched and as such there is less danger in general.
      Hard to say, but it is fact that there are unpatched computers not affected by security issues, or at least non-obvious security issues.

    • #30269 Reply

      Canadian Tech

      One day soon, I will be posting a copy of the email that I will be sending to my clients. That should make my position sterling clear.


    • #30270 Reply

      Canadian Tech

      I have been almost religious about Windows update for decades. I wonder if we have come to a point where they are not nearly as critical as they once were. Leaves me wondering if all this worry is a reasonable trade-off with what the potential problems may be.

      Maybe after years of patching Windows 7 SP1, we have come to a point where it is pretty damn secure. This thinking really supports the Group C membership.


    • #30271 Reply

      AskWoody Lounger

      @poohsticks: Thank you so very,very much for your detailed and comprehensive comments!! Yes, I’ve been agonizing too much over which Group I should choose.

      The reason I was looking at Group A is because I don’t know if I could locate and install the updates from the Catalog. I really detest having to choose Group A.

      Your perspective is absolutely the best “common sense” approach, and I do have to agree that now that I’m more familiar with the “NEVER” check setting. It certainly appears to be the safest one, and I would not be forced to make a decision about which Group (if any) would be the best.

      The problems I have with trying to keep up with all of the comments are numerous:

      Primarily, posters don’t reference the OS they are referring to (e.g. they throw out a KB number w/o referencing which OS they are referring to): there are numerous ACRONYMS which non-techies do not understand. These two issues create the most problems for me.

      These ACRONYMS are very difficult to understand, as well as all of the references to the registry which most non-techies have no knowledge of.

      I most sincerely appreciate your supportive and understanding comments. It makes me feel as if the “world isn’t coming to an end” (YET) because of MS and its shenanigans.

      You are the “bright light” at the end of the tunnel (which is not a train). Your advice and empathy are absolutely outstanding!!

      Thank you, thank you, and thank you again, poohsticks!! πŸ™‚ πŸ™‚ πŸ™‚

    • #30272 Reply

      Da Boss

      Take a look at recent security patches, and decide for yourself.

      Clearly, IE has lots of exploited security holes. Flash. Acrobat Reader. Other than that, can you see a pattern?

    • #30273 Reply

      AskWoody Lounger

      @Canadian Tech: Thank you for posting the comments about the “NEVER’ setting, and also your thoughts about which Groups are preferable from your perspective. Thank you for the good advice you provide for all of us! πŸ™‚

    • #30274 Reply

      AskWoody Lounger

      @poohsticks: Thank you for the edit to your comments. I sincerely appreciate all of the time you have expended in providing optimal information and encouragement!! Thank you once again!! πŸ™‚

    • #30275 Reply

      AskWoody Lounger

      @Canadian Tech: I didn’t read this sooner because I already have both of these updates installed and have not had a “slowness” problem.

      However I see references to the “NEVER” setting once again, and as it states:

      “setting at NEVER, Windows Update will no longer be automatic. From this point onwards, you are responsible for starting and installing updates. We recommend you do that a few days following the 2nd Tuesday each month.”

      Does a user just click on “check for updates” and that starts the process?

      One other question about “running as administrator”. I do not have an “administrator”. Running Win 7, Home Prem, x64). In the past I don’t recall being asked about this. Thank you for all of the excellent information you provide to all of us!! πŸ™‚ πŸ™‚


    • #30276 Reply



      I just happened to run across your message tonight.

      This post and the subsequent 3 or 4 posts has a little bit about it:

      I don’t remember the details of the problems it was causing me, but I know that I wrote a post on this site that described what was happening at the time.
      I tried to do a site search here, even on an external search engine, but I can’t find my previous post.

      Some of the things I described were:

      how my “events viewer” suddenly had all kinds of errors in it about bluetooth, even though I had not tried to open bluetooth or use any bluetooth devices (which I normally don’t anyway) since installing the 2605 patch,

      how the bluetooth icon in the taskbar, which I have always set to “stay hidden” suddenly was showing up on the taskbar and wouldn’t leave it, even though it was still set to “stay hidden” in the customizing menu for the taskbar,

      and the bluetooth taskbar icon was blue and bright red instead of the normal blue with white inside,

      how bad things happened when I tried to right-click on the menu of the bluetooth taskbar icon and select an option (I think it froze my computer and I had to turn the computer off at the power button),

      and so forth.

      I uninstalled kb…2605 but still had problems. I eventually had to do something else to get things working again, which I don’t remember, but whatever I did, it did not take my bluetooth all the way back to the way it used to be. I may have done a system restore to the time before I installed the kb…2605 patch.

      The situation now:

      The bluetooth icon is still stubbornly showing up on the taskbar even though it’s set to “stay hidden”

      At least the icon is not blue and red, it’s the normal blue and white.

      Since then, I have not dared to try to choose an option on the right-click menu of the bluetooth taskbar icon.

      I haven’t used any bluetooth devices since, so I don’t know if it even functions correctly.

      I haven’t looked at event viewer since then, but I’m opening it up now…
      Yes, there are still multiple Bluetooth warnings being logged multiple times each day and showing in the event viewer; one of them says:
      “Either the component that raises this event is not installed on your local computer or the installation is corrupted.”


      I might have to try to fix it – to uninstall and reinstall and all that, but a few people have reported on the Intel customer support site that it’s not always smooth sailing to do that, and this isn’t an area that I know much about, so I’d prefer not to have to deal with it.

      It’s a shame that my Bluetooth has been screwed up just by installing kb3172605 briefly, and uninstalling it didn’t fix the Bluetooth.

      I do have expensive headphones that are Bluetooth-only, so I’d like to have the possibility to use them, even if I haven’t used them much recently.

    • #30277 Reply

      Canadian Tech

      Woody, I do not feel capable of making this call. I wonder if you could see your way to dealing with this question as part of your advice on the various groups? In this case C.

      Your advice on this would be very valuable and I cannot think of anyone more qualified.


    • #30278 Reply

      Da Boss

      It’s a tough question. I hesitate to make a decision for anyone else. For most people – the ones who use Chrome and Google Search and talk to their phones or their kitchentops – I think Group A is a reasonable choice. For those who are very sensitive to their privacy, and don’t mind jumping through some hoops, Group B is a good choice. But for folks who are just bloody fed up with the whole thing.. I can certainly understand where they’re coming from and, if they’re using a browser other than IE, never touch Flash, don’t handle PDFs with Acrobat, run decent AV software, and generally keep their heads down, I can also understand why they’d want to go with Group W.

      But I would hesitate to put anyone other than an experienced Windows hand in Group W.

    • #30279 Reply


      Woody and everyone else.
      When we say “don’t handle PDFs with Acrobat” would this apply to handling PDFs with other software like Sumatra or Foxit Reader? What would be the difference, is it the number of supported features like JavaScript in PDF for Adobe (Acrobat)Reader which makes it more vulnerable?

    • #30280 Reply

      Da Boss

      Acrobat Reader seems to be uniquely exploitable (and exploited) with all sorts of PDF holes. It’s unusual for Foxit Reader to have the same holes, and Sumatra has fewer still. Yes, I think it’s because of the feature list in Acrobat Reader.

    • #30281 Reply


      They had no other updates installed πŸ™‚

      But sadly. Old Dog is right. This solution no longer works. 3 weeks ago when was the last time I had to do this, it worked. Now, when I had to install another Windows 7, it no longer worked.

      TY for the WU client, KB3161647 solved the issue now.

      Just a quick question: Can I straight up select the x64 Cab file form the bin folder for integration into a Windows 7 ISO via NTLite? I’m in the process of making one that is clean of all telemetry and BSOD causing hotfixes, and since my solution no longer works, i will need to sideload KB3161647 into the ISO.

    • #30282 Reply

      Canadian Tech


      I would change that “few days” to the time When Woody declares it the right time to do updates.

      Yes, you simply go to Windows Update in the menu and click it. Then click check for updates. The only difference is that when WU is set to Never, nothing happens until you do this. My clients and I have been using it that way for over a year now.

      If you are set up as an administrator on your computer, then you should not have to worry about “run as administrator.” If you are not set up as an administrator, then you will have to laboriously do that on a lot of things.

      To check: Control Panel, User Accounts, User Accounts. There you should see the account you are currently logged into and it should say if you are an Administrator, not Standard User.


    • #30283 Reply



      I explained to you about the “administrator” account before, in the following post:

      You responded, “You are absolutely β€œright on”…I am the Administrator of this computer.”


    • #30284 Reply

      Joe Friday
    • #30285 Reply


      You will need 4 files:

      and the lang files matching OS language, i.e. English:

      or you can mount install.wim via NTLite, then run integrate-offline.cmd, it will detect and integrate the needed files

    • #30286 Reply

      AskWoody Lounger

      @poohsticks: I must apologize for spacing out the messages. I think that there are “too many irons in the fire” for me right now and they are all “hot”. Thank you for sending this!

      I am definitely keeping that post (link) you sent. Your wonderful, optimistic attitude, and never-ending wealth of knowledge are amazing, and I do say “thank you”, always, for the time you spend providing so much help to so many of us@ πŸ™‚ πŸ™‚

    • #30287 Reply

      AskWoody Lounger

      @Canadian Tech:

      Thank you so much for this information about how things function when having the setting at “NEVER’ (which I’ve never used previously). I appreciate you taking the time to provide this information, as well as how the computer appears when the owner/user is the administrator.

      Your clients are very fortunate to have you to watch over them. Thank you for your help, and for all of the “other” information and help you provide to us all! πŸ™‚ πŸ™‚

    • #30288 Reply


      Much appreciated abbodi86. This comment system needs a +Rep πŸ˜€

    • #30289 Reply



      Thank you for your gracious and appreciative manner.

      Your uplifting statements are full of kindness, and that is a lovely gift that you give.


      By the way, regarding your comment from yesterday to me, which gave me a belly laugh! – some people see my light approaching through the tunnel and they DO think it’s a looming freight train, or a juggernaut, and they flee before the actual me hoves into view.
      Ha ha, oh well.

      Good luck with your Windows updating this week, I’m sure it will go well.

    • #30290 Reply


      CT: I believe Walker’s administrator question may be referring not to the “built in” one but the Command Prompt one?? i.e. “…Right-click on Command prompt, Choose Run as administrator…” (as you wrote in your linked instructions above). πŸ˜€

    • #30291 Reply



      There is so much information to digest now and trying to keep up with it all is a full time job on its own! (and unpaid). Keep reading and learn as you go….. just persevere and it’ll come.


    • #30292 Reply

      Canadian Tech

      If that is the case… That “run as administrator” in that case is an oddity. I sure cannot explain it. I just know it is necessary to make it work. I suspect others in this forum may have much deeper knowledge of its origins.


    • #30293 Reply

      AskWoody Lounger

      @Poohsticks: Your message really “made my day”!! You are such an amazing inspiration to us all, especially those of us who have “insecurity” problems. I can’t begin to tell you how much you are appreciated! πŸ™‚

      Your comments really helped my “morale”, and I especially l got a big chuckle out of your reference to the “freight train” in the tunnel!! I love it!!

      Thank you again, always for your kindness and understanding. You are absolutely WONDERFUL!! Thank you, again, and again. πŸ™‚ πŸ™‚ πŸ™‚

    • #30294 Reply

      AskWoody Lounger


      Thank you so much for your very kind and encouraging message! It is such a “morale booster” to have this encouragement. I will “persevere” and think of your uplifting comments as I do. Thank you once again for your kindness, and the information which you provide to us all. πŸ™‚ πŸ™‚ πŸ™‚

    • #30295 Reply

      AskWoody Lounger

      @abbodi86 & Woody: I think that KB3188740 was on my original list of updates, however now I cannot locate it in the “hidden”, or “installed” & cannot find it anywhere on the computer.

      Is it SAFE to try to go to the download site (if I can find one), and install it now or should I just forget it? I think it may have been listed as “Important”. I can’t even find that I had it listed (manually) on my list of updates for October.

      Any advice will be most appreciated. πŸ™‚ πŸ™‚

    • #30296 Reply

      Da Boss

      If you’re in “Group A,” just run Windows Update and see if it appears.

      If it doesn’t appear, don’t worry about it.

    • #30297 Reply


      It’s becoming a typical WU behavior, optional updates disappear just before Patch Tuesday
      where do you live?

      no need to install KB3188740, security monthly quality rollup is on its way

    • #30298 Reply

      AskWoody Lounger

      @woody & abbodi86:

      I’m not in Group A, Woody, I’m in Group B, so I’ll just not worry about it for now.

      I’m in Western Colorado, abbodi86, so anything can be expected out here in the “wild west”.

      Thank you both very much for your advice. Don’t know what I would do without it!!!
      πŸ™‚ πŸ™‚ πŸ™‚

    • #30299 Reply

      AskWoody Lounger

      @woody & abbodi86: I posted responses hours ago, however haven’t seen them appear yet.

      Woody: I’m in Group B, so I’ll just wait and see what comes up next.

      abbodi86: Thank you for the heads up on the KB3188740. I’m in Western Colorado, so never know what’s going to happen out here in the “wild west”.

      Thank you both very much for the advice!

      πŸ™‚ πŸ™‚ πŸ™‚

    • #30300 Reply

      Da Boss

      Sometimes it takes several hours for me to approve responses.

    • #30301 Reply

      AskWoody Lounger

      @woody: My apologies, I know how very, very busy you are, and appreciate the tremendous amount of work you do.


      Without your much appreciated help we could not survive. Thank you once again for all of your hard work, and dedication!!

      πŸ™‚ πŸ™‚ πŸ™‚

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: What’s the latest for speeding up Windows 7 scans?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information: