Is it me or is Windows Update (WU) getting worse?

93 views
Skip to first unread message

Ant

unread,
Apr 13, 2016, 5:32:56 PM4/13/16
to
WU takes forever to connect, search, and download the updates.
Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(

Thank you in advance. :)
--
Quote of the Week: "Your mom's legs are so hairy, the ants think they're in a jungle." --unknown
Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.home.dhs.org (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / Please nuke ANT if replying by e-mail privately. If credit-
( ) ing, then please kindly use Ant nickname and AQFL URL/link.

Paul

unread,
Apr 13, 2016, 6:23:31 PM4/13/16
to
Ant wrote:
> WU takes forever to connect, search, and download the updates.
> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(
>
> Thank you in advance. :)

Known issue.

And I'm not seeing anyone claiming that
any "final patch" resolves it. It appears
Microsoft is pretty happy with how it works
right now. And you can be damn sure they
like it this way - they know about it.

And actually, the behavior does get worse
with time. The symptoms are, if Microsoft
doesn't try to prune the updates tree in
any way, the "100% CPU" issue doubles in
time each month. So if you waited 5 minutes
in February, you will wait 10 minutes
in March (after Patch Tuesday), 20 minutes
in April, 40 minutes in May.

The problem has existed since WinXP, just to give
you some idea how long it's been around.

This is an example of the lack of progress
on the topic. A user keeps track of the
time for "Checking..." to run. It runs 43 minutes,
then 2.5 minutes after a (presumed) fix, then back
to 33 minutes again, after the fix turns out to not
have been a fix.

http://www.askwoody.com/2015/dont-check-box-stealthy-win7-patch-kb-3083324-arrives-warning-documentation/

"- Windows Update has always been set to "Never check for updates";
– Monthly manual update at least one week after Microsoft Patch Tuesday;
– Up to and including August 2015: "Checking for updates" ran a long time;
– 2015.09.16 w/o KB3083324 installed: "Checking for updates" ran 43 minutes,
and presented 17 updates to choose from;
– 2015.10.21 with KB3083324 installed: "Checking for updates" ran 2.5 minutes,
and presented 13 updates to choose from.
– 2015.11.18 with KB3083710 installed: "Checking for updates" ran 33 minutes,
and presented 15 updates to choose from.

So back to square one with KB3083710. However, KB3102810
got installed today, so maybe my December update will get faster again
"

HTH,
Paul

Jason

unread,
Apr 13, 2016, 9:43:28 PM4/13/16
to
On Wed, 13 Apr 2016 16:32:54 -0500 "Ant" <ANT...@zimage.com> wrote in
article <LbudnailkbWbJpPK...@earthlink.com>
> WU takes forever to connect, search, and download the updates.
>

I've noticed the same thing. Just today, MS notified me of a batch up
updates, but WU sat there for half an hour "downloading" while exactly
nothing happened. This isn't the first time I've run into this recently.

pjp

unread,
Apr 14, 2016, 2:17:54 AM4/14/16
to
In article <MPG.3178bfc45...@news.eternal-september.org>,
jason_...@ieee.org says...
Doing that as I write this on this pc, Win7.

winst...@gmail.com

unread,
Apr 14, 2016, 2:25:07 AM4/14/16
to
Ant wrote:
> WU takes forever to connect, search, and download the updates.
> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(
>
> Thank you in advance. :)
>

For Win7...is the latest Windows Update engine installed *and* the most
recent Windows Update patch installed.?
- Some folks previously chose not to install the WU patch due to a
fear of it being related to the Win10 upgrade on Win7. If you followed
that advice, you might wish to rethink your previous plan. If not, you
might consider searching for the Windows Update Troubleshooter 'FixIt'
for Windows 7

--
...winston
msft mvp windows experience

philo

unread,
Apr 14, 2016, 7:22:40 AM4/14/16
to
Using Win7:


Tried the "fixit" , said it found and repaired problems, but still the
machine was "searching on-line" for six hours before it found anything.


I later simply tried turning auto-update back on (rather than only do
manual updates) and it found and installed updates in a more reasonable
amount of time.


When done, I again turned off auto-update.

winst...@gmail.com

unread,
Apr 14, 2016, 5:58:05 PM4/14/16
to
Also see:

Windows Update Client (March 2016)
https://support.microsoft.com/en-us/kb/3138612

A March article from Ed Bott
http://www.zdnet.com/article/sticking-with-windows-7-the-forecast-calls-for-pain/


https://support.microsoft.com/en-us/kb/3083710
and
https://support.microsoft.com/en-us/kb/3102810

Note: 3138612 should be installed after or in lieu of 3083710

Optionally digging a little deeper one can try
-Enable the hidden administrator account from an Elevated Command prompt
net user administrator /active:yes
- Log off your account
- Logon to the Administrator account
- Run this .cmd file: [1]

<https://gallery.technet.microsoft.com/scriptcenter/reset-windows-update-agent-d824badc>
- Reboot and logon to the Administrator account in Win 7, disable the
account from an Elevated Command prompt
net user administrator /active:no
- Logoff the Administrator account
- Log on your Windows account

Then run Windows Update

[1] The cmd file will reset the Windows Update agent, applicable to
7/8x/10/10Preview

Brian Gregory

unread,
Apr 14, 2016, 6:53:40 PM4/14/16
to
On 13/04/2016 22:32, Ant wrote:
> WU takes forever to connect, search, and download the updates.
> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(
>
> Thank you in advance. :)
>

64 bit Windows 7 is usually fine for me but 32 bit is a nightmare,
almost always need to be left switched on for hours before they will
find any updates after Patch Tuesday. Best policy seems to be to NOT
click on check for updates but just leave them on overnight and hope the
updates download in the background during the night.

--

Brian Gregory (in the UK).
To email me please remove all the letter vee from my email address.

philo

unread,
Apr 14, 2016, 7:26:47 PM4/14/16
to
On 04/14/2016 04:57 PM, ...winston‫ wrote:
> philo wrote:
>om/article/sticking-with-windows-7-the-forecast-calls-for-pain/
>
>
> https://support.microsoft.com/en-us/kb/3083710
> and
> https://support.microsoft.com/en-us/kb/3102810
>
> Note: 3138612 should be installed after or in lieu of 3083710
>
> Optionally digging a little deeper one can try
> -Enable the hidden administrator account from an Elevated Command prompt
> net user administrator /active:yes
> - Log off your account
> - Logon to the Administrator account
> - Run this .cmd file: [1]
>
> <https://gallery.technet.microsoft.com/scriptcenter/reset-windows-update-agent-d824badc>
>
> - Reboot and logon to the Administrator account in Win 7, disable the
> account from an Elevated Command prompt
> net user administrator /active:no
> - Logoff the Administrator account
> - Log on your Windows account
>
> Then run Windows Update
>
> [1] The cmd file will reset the Windows Update agent, applicable to
> 7/8x/10/10Preview
>



Thanks for the good info


One a few of the machines I did apply 3102810 first


but I did not know about 3138612 which I will use next time


Kind of funny but just today one of my neighbors told me he was going
back to XP

He has a non-networked machine he only uses for old games and since he
upgraded to Win7 they do not work.


philo

unread,
Apr 14, 2016, 8:08:09 PM4/14/16
to
On 04/14/2016 05:53 PM, Brian Gregory wrote:
> On 13/04/2016 22:32, Ant wrote:
>> WU takes forever to connect, search, and download the updates.
>> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(
>>
>> Thank you in advance. :)
>>
>
> 64 bit Windows 7 is usually fine for me but 32 bit is a nightmare,
> almost always need to be left switched on for hours before they will
> find any updates after Patch Tuesday. Best policy seems to be to NOT
> click on check for updates but just leave them on overnight and hope the
> updates download in the background during the night.
>



Yes, after a lot of trial and error, that is what I found out too.


In the morning all updates are downloaded and all I need to do is shut
down and let them install.

Brian Gregory

unread,
Apr 14, 2016, 9:44:56 PM4/14/16
to
Did you also find, like me, that it was 32 bit systems that had 99% of
the problems and 64 bit normally updated quickly?

winst...@gmail.com

unread,
Apr 15, 2016, 3:13:38 AM4/15/16
to
You're welcome

Fyi...3138612 was released after 3083710(both are updates for the
Windows Update client) though Windows Update engine file versions # are
mostly common but with later dates(February) and digital signature which
indicates MSFT may have done some under-the-hood tweaks to resolve some
known issues.

3138612 should have been deployed to the pc via Windows Update, if not,
something else was most likely broken.

I stopped counting the number of times(since Win7 was released a decade
ago) I've read of someone's game(s) not running on Win7 or later and the
need to use an older o/s.

philo

unread,
Apr 15, 2016, 8:58:18 AM4/15/16
to
On 04/15/2016 02:12 AM, ...winston‫ wrote:

<snip>
>>
> You're welcome
>
> Fyi...3138612 was released after 3083710(both are updates for the
> Windows Update client) though Windows Update engine file versions # are
> mostly common but with later dates(February) and digital signature which
> indicates MSFT may have done some under-the-hood tweaks to resolve some
> known issues.
>
> 3138612 should have been deployed to the pc via Windows Update, if not,
> something else was most likely broken.
>
> I stopped counting the number of times(since Win7 was released a decade
> ago) I've read of someone's game(s) not running on Win7 or later and the
> need to use an older o/s.
>
>



The only game I play is an old 16bit version of Tetris

It will not run in the 64bit version of Win7
but if I really want to play it, I have Win98 installed in a virtual
machine.

I never tried to run it in DosBox, that might have been a simpler
work-around.


Not one of my major problems at any rate.


philo

unread,
Apr 15, 2016, 9:03:28 AM4/15/16
to
On 04/14/2016 08:44 PM, Brian Gregory wrote:

>>
>>
>> Yes, after a lot of trial and error, that is what I found out too.
>>
>>
>> In the morning all updates are downloaded and all I need to do is shut
>> down and let them install.
>
> Did you also find, like me, that it was 32 bit systems that had 99% of
> the problems and 64 bit normally updated quickly?
>



Not that.

It was simply that if I tried to manually update when I had
"auto-update" turned off, it would search on-line for six hours (or more).

Once it finally found the updates, they downloaded and installed without
a problem.


I did make a slipstreamed DVD but that did not save me any time because
it still takes "forever" to apply the updates that came out since then.


Since I like to give machines a decent 24-hour burn-in before I return
them to the users, this has not been a major big deal, but it still is a
bit annoying.


Brian Gregory

unread,
Apr 15, 2016, 7:09:42 PM4/15/16
to
On 15/04/2016 14:03, philo wrote:
>
> Not that.
>
> It was simply that if I tried to manually update when I had
> "auto-update" turned off, it would search on-line for six hours (or more).

Even for 64 bit Windows 7?

philo

unread,
Apr 15, 2016, 7:50:39 PM4/15/16
to
On 04/15/2016 06:09 PM, Brian Gregory wrote:
> On 15/04/2016 14:03, philo wrote:
>>
>> Not that.
>>
>> It was simply that if I tried to manually update when I had
>> "auto-update" turned off, it would search on-line for six hours (or
>> more).
>
> Even for 64 bit Windows 7?
>



yes, that too


it was a new install though

Ant

unread,
Apr 15, 2016, 8:43:25 PM4/15/16
to
Isn't that just one WU? I imagine you have to do it again for more
updates like SP1, post-SP1 updates, etc. I wished MS would release a SP2
to include the newer upgrades. :(

Brian Gregory

unread,
Apr 15, 2016, 8:46:07 PM4/15/16
to
On 16/04/2016 01:43, Ant wrote:
> In microsoft.public.windowsupdate philo <ph...@privacy.net> wrote:
>> it was a new install though
>
> Isn't that just one WU? I imagine you have to do it again for more
> updates like SP1, post-SP1 updates, etc. I wished MS would release a SP2
> to include the newer upgrades. :(
>

Some updates are only valid after others have been installed.

VanguardLH

unread,
Apr 15, 2016, 10:24:15 PM4/15/16
to
Ant wrote:

> WU takes forever to connect, search, and download the updates.
> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(

I had to do a fresh install of Windows 7. Reboot Restore Rx uses sector
redirection using their shield.sys driver to hide their snapshot files
from the file system, like a rootkit, but they have a bug that was
eating up my disk until it got fully consumed. Couldn't get the damed
software to uninstall itself using their Windows uninstaller or using
their uninstaller in their MBR bootstrap code (both kept hanging or
crashing) which meant I could not eradicate their sector redirection.
If I deleted their driver then I'm pretty sure that I couldn't read the
disk anymore. This would be like removing the driver for whole-disk
encryption and, yeah, it's gone but so is your ability to read the disk.
I ended up having to replace the MBR bootstrap code and do format of the
disk and a fresh install of Windows 7. Luckily I had some backups to
get back my data files and many OS setup and tweaks. Then, to add salt
on the wound, I found out the MS Office 2013 Pro that I bought was a
pirated copy sliced out of an MSDN subscription. Argh! Had to go back
to Office 2010 Home and find an e-mail/PIM replacement for Outlook
(currently checking out EssentialPIM).

Ever since the new install of Windows 7, the Windows Updates take
forever to complete, like hours before it finally lists the available
updates. I review each and only install about a dozen at a time (since
I almost always get one or two that fail just because too many were done
at once). Okay, it says it is downloading and hours later it gives me
the same list of available updates. It did not download any and gives
me back the full list of available update from which I can select. I've
repeated this process about 4 times over the last week. Takes hours to
get a list of available updates. The download of selected updates never
happens and, after several more hours, I'm again presented with the full
list of available updates. I'm stuck in a loop of querying for updates,
wait hours, selecting some for download, wait hours, and repeat (but
nothing downloaded so nothing installed).

At this point, if I cannot get the WU client to actually work to list
the available updates and then actually download the selected ones (so
they can get installed), I'll see if WSUSoffline works. That acts as a
client, too, to the WSUS server to retrieve the updates and store them
locally. Then I can pick which one of those to install.

Paul

unread,
Apr 16, 2016, 7:18:26 AM4/16/16
to
At this point, WSUSoffline seems most practical. Followed by a
project to build a slipstreamed installer DVD for next time...

*******

My first step in your project, would have been backing
up the disk with "dd" from another OS. Then I could carry
out experiments, and if they didn't work, restore with
dd and try again. As long as they're not using a
Host Protected Area on the disk, "dd" would have
captures whatever they were doing to the disk and
allow restoring it.

*******

From the conversations in the horizondatasys forum,
it appears their developers are "offshore" and the
forum staff contact them by "chat".

I'm surprised there isn't a way to "image" the
system while it is running, like use Macrium,
then restore what you got to the disk, and boot
that.

And did you see this ? Maybe your version was
acquired after this fix.

http://community.horizondatasys.com/forum/rollback-rx-home-freeware/3106-warning-major-exploit-discovered-and-patched

Paul

Brian Gregory

unread,
Apr 16, 2016, 10:33:39 AM4/16/16
to
On 13/04/2016 22:32, Ant wrote:
> WU takes forever to connect, search, and download the updates.
> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(
>
> Thank you in advance. :)
>

I just remembered I think I saw something somewhere about the CPU usage
problem.

I think you need to install the updates to Windows Update itself
manually first to fix it.

Paul

unread,
Apr 16, 2016, 11:35:21 AM4/16/16
to
Brian Gregory wrote:
> On 13/04/2016 22:32, Ant wrote:
>> WU takes forever to connect, search, and download the updates.
>> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(
>>
>> Thank you in advance. :)
>>
>
> I just remembered I think I saw something somewhere about the CPU usage
> problem.
>
> I think you need to install the updates to Windows Update itself
> manually first to fix it.
>

Here's a recent thread on the topic. The theory is,
it's not a problem created on your end.

http://www.askwoody.com/2016/the-windows-update-slow-issue-there-is-a-definitive-answer-less-a-definitive-solution/

In the comment section of that article, is the usual stuff.
That the following new fix somehow influences the symptoms.
Now, I'll have to go off and test this. This'll take a while
(to get a timing on how bad it is "before" the patch).
I'm getting sick of this "Nirvana is around the corner..."
crap.

https://support.microsoft.com/en-us/kb/3139852

Win32k.sys

The security update addresses the vulnerabilities by correcting
how Windows handles objects in memory

HTH,
Paul

Paul

unread,
Apr 16, 2016, 2:31:47 PM4/16/16
to
'852 by itself didn't change anything.

Paul

Yousuf Khan

unread,
Apr 16, 2016, 2:45:03 PM4/16/16
to
On 13/04/2016 5:32 PM, Ant wrote:
> WU takes forever to connect, search, and download the updates.
> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(
>
> Thank you in advance. :)

Yup, I posted the same question earlier. So it's not just you.

Yousuf Khan

VanguardLH

unread,
Apr 16, 2016, 5:19:56 PM4/16/16
to
Paul wrote:

> At this point, WSUSoffline seems most practical. Followed by a
> project to build a slipstreamed installer DVD for next time...
>
> *******
>
> My first step in your project, would have been backing
> up the disk with "dd" from another OS. Then I could carry
> out experiments, and if they didn't work, restore with
> dd and try again. As long as they're not using a
> Host Protected Area on the disk, "dd" would have
> captures whatever they were doing to the disk and
> allow restoring it.

I got WSUSoffline and had it retrieve all updates (that it can) for
Windows 7 and Office 2010. The problem is that it, and all other
"update monitors" rely on a .cab file published by Microsoft to know
what are the available updates, and those are only security updates.
None of the non-security updates are included. So, yes, you can get up
to a certain security patch level but you cannot get all available
updates that Microsoft has for Windows 7.

After running WSUSoffline to retrieve what updates it can, I will do an
image backup and then try running their updateinstaller.exe program. I
saved each product (Windows 7, Office) into its own .iso file so I can
separate my updates that way rather than mix them together. However, I
have not found a good description of this program. Does it show a list
of the updates so I can choose which ones to install and which others to
hide, remove, or not install now? It looks like it just installs
everything in its update repository - and that will include updates that
I do *not* want: Lync, Skype, OneDrive Pro, etc in Office and the GWX
update in Windows 7. So it looks like I would have to physically remove
the unwanted update files in the repository that WSUSoffline built and
then run their updateinstaller program.

I'll have to plan to create a slipstreamed install disc after seeing how
best to get Windows 7 updated since Microsoft has somehow fucked up
their WU process.

> From the conversations in the horizondatasys forum,
> it appears their developers are "offshore" and the
> forum staff contact them by "chat".
>
> I'm surprised there isn't a way to "image" the
> system while it is running, like use Macrium,
> then restore what you got to the disk, and boot
> that.
>
> And did you see this ? Maybe your version was
> acquired after this fix.
>
> http://community.horizondatasys.com/forum/rollback-rx-home-freeware/3106-warning-major-exploit-discovered-and-patched

I downloaded and installed Reboot Restore Rx only a couple weeks ago.
That post has a date of August 2015. So I would've gotten a version
with the patch. Perhaps in protecting against malware from removing
their software they also made it impossible for their own uninstaller to
work. It hangs, it crashes, and even when turned off it kept eating up
my disk space presumably to create an ever increasingly larger snapshot.

Won't touch their software again. Having to a fresh build of Windows
got rid of that malware. Very destructive.

Paul

unread,
Apr 16, 2016, 7:44:26 PM4/16/16
to
VanguardLH wrote:

>
> Won't touch their software again. Having to a fresh build of Windows
> got rid of that malware. Very destructive.

But if you run an imaging program while that feature
is enabled, wouldn't it still be making a copy
of the disk (as seen by you) ? Maybe all it would
need at that point, is a fixmbr or equivalent, after
the image was restored to another disk.

Paul

philo

unread,
Apr 17, 2016, 3:36:08 PM4/17/16
to
On 04/15/2016 02:12 AM, ...winston‫ wrote:
> philo wrote:
>> On 04/14/2016 04:57 PM, ...winston‫ wrote:
>>> philo wrote:
>>> om/article/sticking-with-windows-7-the-forecast-calls-for-pain/
>>>
>>>
>>> https://support.microsoft.com/en-us/kb/3083710
>>> and
>>> https://support.microsoft.com/en-us/kb/3102810
>>>
>>> Note: 3138612 should be installed after or in lieu of 3083710
>>>
>>> Optionally digging a little deeper one can try
>>> -Enable the hidden administrator account from an Elevated Command prompt
>>> net user administrator /active:yes
>>> - Log off your account
>>> - Logon to the Administrator account
>>> - Run this .cmd file: [1]
>>>
>>> <https://gallery.technet.microsoft.com/scriptcenter/reset-windows-update-agent-d824badc>
>>>
>>>
Tried the above on a machine that had last been updated about 8 months
ago...did nothing to improve the situation...machine sat for hours
looking for updates

Will now try the suggestion below

philo

unread,
Apr 17, 2016, 7:47:26 PM4/17/16
to
On 04/17/2016 02:36 PM, philo wrote:
> On 04/15/2016 02:12 AM, ...winston‫ wrote:
>> philo wrote:
>>> On 04/14/2016 04:57 PM, ...winston‫ wrote:
>>>> philo wrote:
>>>> om/article/sticking-with-windows-7-the-forecast-calls-for-pain/
>>>>
>>>>
>>>> https://support.microsoft.com/en-us/kb/3083710
>>>> and
>>>> https://support.microsoft.com/en-us/kb/3102810
>>>>
>>>> Note: 3138612 should be installed after or in lieu of 3083710
>>>>
>>>> Optionally digging a little deeper one can try
>>>> -Enable the hidden administrator account from an Elevated Command
>>>> prompt
>>>> net user administrator /active:yes
>>>> - Log off your account
>>>> - Logon to the Administrator account
>>>> - Run this .cmd file: [1]
>>>>
>>>> <https://gallery.technet.microsoft.com/scriptcenter/reset-windows-update-agent-d824badc>
>>>>
>>>>
>>>>
> Tried the above on a machine that had last been updated about 8 months
> ago...did nothing to improve the situation...machine sat for hours
> looking for updates
>
> Will now try the suggestion below
>
>


OK, tried that as well and the bottom line is simply that MS must be
throttling back Win7 updates, no matter what I do, they take forever.
Just checked for updates on a Win10 install and it only took a minute to
find updates

Ant

unread,
Apr 17, 2016, 8:24:13 PM4/17/16
to
Thanks YK. :(
--
"As a thinker and planner, the ant is the equal of any savage race of
men; as a self-educated specialist in several arts she is the superior
of any savage race of men; and in one or two high mental qualities she
is above the reach of any man..." --Mark Twain
Note: A fixed width font (Courier, Monospace, etc.) is required to see
this signature correctly.
/\___/\ Ant(Dude) @ http://antfarm.ma.cx (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / If crediting, then use Ant nickname and AQFL URL/link.
( ) Chop ANT from its address if e-mailing privately.
Ant is currently not listening to any songs on this computer.

Paul

unread,
Apr 18, 2016, 12:35:15 AM4/18/16
to
philo wrote:
> On 04/17/2016 02:36 PM, philo wrote:
>> On 04/15/2016 02:12 AM,...winston wrote:
>>> philo wrote:
Win10 is different enough, you're going to see
different symptoms.

One reason, is "10586.117". The cumulative updates
the OS receives, they bump the OS revision, almost
like a Service Pack in a sense. The contents of them
may not be tracked the same way.

Only occasionally does a conventional security
update come in for Windows 10, such as the looping
one I had for the Visual Studio redistributable files.
Maybe that was related to the Word Viewer or something ?
I don't know which package dragged in the trouble-maker
files... That has since been fixed here, and it
no longer tries to install. Not that I've seen, anyway.

Paul

Paul

unread,
Apr 18, 2016, 3:49:19 AM4/18/16
to
VanguardLH wrote:

> At this point, if I cannot get the WU client to actually work to list
> the available updates and then actually download the selected ones (so
> they can get installed), I'll see if WSUSoffline works. That acts as a
> client, too, to the WSUS server to retrieve the updates and store them
> locally. Then I can pick which one of those to install.

I thought you might find this amusing.

This appears to be the genesis of WSUSoffline. It
looks like at one time, it was hosted by heise.de
or similar.

http://www.h-online.com/security/features/Do-it-yourself-Service-Pack-747306.html

At the end of the article, it has some references.
There is a link to the file manifest. Presumably
these are arranged by OS version or something. When
you download a Windows Update package by hand, it
has a small CAB included with similar info.

http://download.windowsupdate.com/microsoftupdate/v6/wsusscan/wsusscan.cab

And the WU stuff is packaged as an SDK.

https://web.archive.org/web/20050409211236/http://msdn.microsoft.com/library/en-us/wua_sdk/wua/interfaces.asp

IUpdateCollection Represents an ordered list of updates.
IUpdateInstaller Installs or uninstalls updates from or onto a computer.

My guess would be, IUpdateCollection is the one
going into a loop.

The top level of that article tree is here.

https://web.archive.org/web/20050208044948/http://msdn.microsoft.com/library/en-us/wua_sdk/wua/portal_client.asp

Paul

philo

unread,
Apr 18, 2016, 7:52:19 AM4/18/16
to
On 04/17/2016 11:35 PM, Paul wrote:
>


<snip>
>>>>>>
>
> Win10 is different enough, you're going to see
> different symptoms.
>
> One reason, is "10586.117". The cumulative updates
> the OS receives, they bump the OS revision, almost
> like a Service Pack in a sense. The contents of them
> may not be tracked the same way.
>
> Only occasionally does a conventional security
> update come in for Windows 10, such as the looping
> one I had for the Visual Studio redistributable files.
> Maybe that was related to the Word Viewer or something ?
> I don't know which package dragged in the trouble-maker
> files... That has since been fixed here, and it
> no longer tries to install. Not that I've seen, anyway.
>
> Paul



I've been using Win10 only for the purposes of evaluation.

When support for Win7 ends, I will then consider it.

VanguardLH

unread,
Apr 18, 2016, 10:03:49 AM4/18/16
to
WSUSoffline (its UpdateGenerator.exe program) connects to Microsoft's
own WSUS server. It gets some wusscan file (not the name but what I
remember) from there that Microsoft publishes to denote what updates are
available. WSUSoffline then retrieves those for the products that you
selected. So Microsoft's WSUS server is working: it will accept client
connects (WSUSoffline instead of the WU client) and allow downloading of
updates. Somehow either the WU client if farked on my end or
Microsoft's WSUS server won't talk to that client anymore.

I tried running the fix-it in KB971058 which said it found errors and
fixed then but after a reboot the looping problem remained. Maybe if I
apply the updates that WSUSoffline can retrieve then the WU client might
start working again. Maybe not so all I can get are the security and
critical updates (WSUSoffline can't get the recommended updates because
those aren't published in the wusscan manifest).

While I could use its UpdateInstaller to apply the updates that
UpdateGenerator managed to retrieve, I can see all the update files and
wonder if I want to apply them individually rather than blast them all
at once. Some of the updates were retrieved as .exe or .msu files but I
don't know what to do with the .cab files (there is no .exe, .msi, or
other executable file within).

Another possible venue to obtain updates might be to use MBSA (Microsoft
Baseline Security Analyzer). According to:

https://msdn.microsoft.com/en-us/library/ff647642.aspx

it can retrieve and apply updates, too. Ah, look, the manifest filename
that WSUSoffline uses and mentioned here is wsusscn2.cab.

I don't know yet if I even want to attempt "DISM /Online /Cleanup-Image
/RestoreHealth" (and follow with "sfc /scannow"). Never did that.

Paul

unread,
Apr 18, 2016, 12:20:02 PM4/18/16
to
If you look at the folder structure of WSUSOffline,
you'll find it has all sorts of control options,
including "dummy" files placed in places where
control options exist. I think some of the
files even include KB numbers of things
you could put in the files, for exclusion purposes.

The person who wrote that stuff, seems to know
it inside out.

And the purpose of doing these patches, at
a minimum, is to get Win7 into a state where
Windows Update works. I don't need a solution
that automatically sucks in everything (timezone
change for Fiji), and ejects telemetry updates
or anything. Just getting Windows Update to take
less than nine hours, is a win.

Paul

VanguardLH

unread,
Apr 21, 2016, 3:34:21 AM4/21/16
to
I eventually got WU to start working again - although it is still damn
slow to download (hours). Turned out Bitdefender Free was interferring
with the update process: it would get to the downloading part, nothing
got downloaded, and went back to showing me all the available updates.
BitDefender has no option to disable its protection. So the only way to
get it out of the way was to uninstall it. With an anti-virus program
in the way, the WU client could do the downloads (followed by the
installs).

I will be installing an AV program. I'll go back to Avast Free (but may
forego its HTTPS scanning feature which does slow page loads by around
6-17% so you might not notice it on a fast host or if you don't load a
bunch of pages one right after the other. Alas, any interrogation
incurs some slowdown but BitDefender was less impact than Avast;
however, with no means of getting Bitdender Free out of the way during
software installs (many won't work with AV active), it is not a viable
freeware solution.

Starting with around 239 updates, I first did the Office updates in a
bunch, next bunch were Windows security updates, and lastly were the
"Windows updates" that I'd have to review (and chose to hide the
migration and compatibility fluff that's only needed for moving to
Windows 10 which won't happen on this host). Now I'm down to the last
12. Uffda, what a pain.

I did use WSUSoffline to retrieve updates but those are only the
security updates. Still better than nothing. I was close to using it
to blast around 170 updates all at once onto my Win7 install but decided
to try without Bitdefender Free afterwhich updating worked again. Argh!

Paul

unread,
Apr 21, 2016, 7:06:17 AM4/21/16
to
I've been doing some testing over the last couple
days, and I can give some datapoints.

Lets break down the Windows Update process.

List Updates ---- Do Downloads --- Do Installs

Most of my work concentrated on "List Updates".

Test materials - Win7 Pro x64 SP1 installed Aug2015
- Stopped applying WU entirely Nov2015,
after '583 came in and I'd unticked it.
- Experiments consisted of manually executed
scans for updates.

List Update timings:

80 minutes - Test materials unmodified. Just let it run.
50 minutes - My best effort to pre-install IE11 cumulative,
MSRT, Windows Defender definitions, all .NET
updates, special '710, '810, '612, '851 WU-related
patches (testing after each one of those0. In
other words, nothing works to materially stop
the problem.
2.5 minutes - After all remaining 48 security updates and
23 optional updates are installed (even '583),
then retest and find Microsoft offering .NET 4.6.
In other words, there were some pending updates
in the list. And 2.5 minutes is pretty well the
minimum, as TrustedInstaller scans for that interval,
and normally at that point, the protracted "wuauserv"
100% CPU on one core thing, would take over. So, fully
patched, the supersede check takes no time at all.
I did not spend the time examining those items,
to guess which one helped drop the time so much.

*******

Other means of probing Windows Update.

1) WSUSOffline. We know this works pretty well. But it
may have its own supersedence pruning as a script.

2) Microsoft Baseline Security Analyzer 2.3 (MBSA).
It takes a couple minutes to scan and list the
security updates (48 of them). But it doesn't
list the optional update items that WU shows.

*******

So what various manifests have I seen.

1) When you install a Windows Update you download direct
from a MS KB web page, that is a file in ".msu" format.
It has a WSUS cab inside, and inside that is a single
package.xml file. Two Windows 7 updates, had the same
~250KB package.xml file. So the file does not appear to
address just the update itself. And the "wusa.exe"
installs a .msu in a speedy fashion. No complaints.

2) Back in 2008 or so, the file manifest from the catalog
server was around 8MB. It had a handful of package.xml
files, with no discernible pattern of why the files were
split. When WSUSOffline downloads that file in 2016, the
file size is 125MB. And it has many package.xml files in
it.

So the scale of the file manifest has increased dramatically.
And "wusa.exe" only has to deal with a 250KB single file,
while Windows Update could be dealing with some fraction
of that 125MB file. I don't really think I've seen
WU download a 125MB file, so I don't know if WSUSOffline
asks for everything and that is the difference or not.
WSUSOffline has to handle multiple OSes.

*******

In Apr 2016, *all phases* of Windows Update are slow.

List Updates

80 minutes of wuauserv spinning its wheels.

Wuauserv Private memory usage is moderate. Less than
100MB shows. If the OS is put under memory pressure,
at the same time as wuauserv is in its 100% CPU loop,
the private memory drops to only 9MB of so. Private
memory only increases slightly once the memory pressure
is gone. There's something smelly about this behavior,
because it suggests any "calculation" wuauserv is doing,
doesn't access much memory at all. In other words, the
"bloat" up to 2GB seen in the past, is largely just a waste
of resources.

Using Process Explorer, drilling into wuauserv and
clicking the Stack button, shows this kind of thing.

ntoskrnl.exe!memset+0x64a
ntoskrnl.exe!KeWaitForMultipleObjects+0xd52 [ wuauserv using a
ntoskrnl.exe!KeWaitForMutexObject+0x19f mutex, via kernel call ]
ntoskrnl.exe!__misaligned_access+0xba4
ntoskrnl.exe!__misaligned_access+0x1821

So stack sampling while it is in its loop, shows it
using a Mutual Exclusion semaphore of some sort. There's
really nothing wrong with seeing that on the return
stack. When things deadlock, you might expect to see
such a thing. I could find a Python bug and some
sort of Torrent program bug, which were stuck on similar
things on the stack. And there doesn't appear to be
enough other "junk" to make it look like this is
part of a properly operating piece of software. There
aren't a lot of threads.

I expect seeing those ntoskrnl calls, is why someone in
the Answers forum was suggesting the '852 win32k.sys
kernel fix as the "cure" for wuauserv. But when I
tested that here, it did absolutely nothing useful
for me. The time was still 50 minutes.

Do Downloads

Someone in one of the WU threads here, suggested that
"maybe Microsoft was throttling downloads". I fired up
a copy of TCPView to watch what goes on.

What I find in Apr.2016, is TrustedInstaller is *still*
thinking about something while the download phase is
supposed to be happening. You would think on the client
end, you have a list of 48 updates, you use BITS to download
all 48, at link speed. What I found, was lengthy delays
on the client end, not opening any connection at all.

When a connection did open, BITS would open anywhere from
6-12 connections and do the download step in parallel. For
one download file of decent size, I didn't see any evidence
of "rationing".

The problem appears to be "too much thinking" happening
on the client end. When really, the stupid thing has its
list of downloads, and should just execute them. No thinking
should be required. It already wasted 80 minutes getting
to this point. Why is it still thinking ?

Do Installs

Even the installation process seems slower than ones you
do with wusa.exe (or dism). I don't remember the details
of what I saw, but the disk light did not do a lot of
flashing - the installation process was not disk limited,
not by a long shot.

So "entirely too much thinking" is happening on the client end.
And "not enough doing". Windows Update has become intellectual
in its old age.

So if you see it run for nine hours total, every phase of
the operation is slow. Is it on purpose ? Should the
manifest file from Microsoft be 125MB in size ? Is
that reasonable ? Is it caused by an explosion of
Win10 materials ? Who knows.

It's too bad we couldn't get Mark Russinovich working
on this. I bet he could figure it out :-) Maybe he'll
get pissed one of these days, waiting for a home
machine to finish updates, and get to work on it.
Now that he's been promoted, he probably doesn't
have time for his favorite hobby (sticking a fork
into Microsoft implementations).

Paul

philo

unread,
Apr 21, 2016, 9:44:19 AM4/21/16
to
On 04/17/2016 07:24 PM, Ant wrote:
> On 4/16/2016 11:45 AM, Yousuf Khan wrote:
>> On 13/04/2016 5:32 PM, Ant wrote:
>>> WU takes forever to connect, search, and download the updates.
>>> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(
>>>
>>> Thank you in advance. :)
>>
>> Yup, I posted the same question earlier. So it's not just you.
>>
>> Yousuf Khan
>>
> Thanks YK. :(



Over the past few days I've had an opportunity to work on both a Win8.1
machine one one running Win10

When I went to "Windows Update" it only took a few minutes to find and
start downloading them.

This really looks like support for Win7 is being throttled back.

Paul

unread,
Apr 21, 2016, 3:57:13 PM4/21/16
to
Use a few tools, and study it. You'll need

Task Manager (to watch TrustedInstaller and the wuauserv SVCHOST in action)
Process Explorer (Stack sample, wuauserv inside SVCHOST)
TCPView (client only opens a connection to Microsoft, every
couple minutes - the connection does not stay open
the whole time during the download phase. It happens
in bursts, and the client end is responsible)

During the scan phase, the Win7SP1 delay caused by the wuauserv loop was

80 minutes - a machine not patched since Nov.2015
50 minutes - selected patches applied to the machine, 48 security
patches and 23 optional patches still outstanding.
- patches applied were intended to prune the supersedence
tree, so wuauserv wouldn't think as long. The experiment
is a failure. The small improvement in time, is roughly
in proportion to the number of patches applied.
2.5 minutes - how long it takes, if the machine is patched close
to up-to-date. Just .NET 4.6 was showing in the
list at the time. The time cannot drop below 2.5 minutes,
as it takes TrustedInstaller that long to scan packages
on the client end, and then hand off to wuauserv.

So if a throttle with a fixed time constant was being used,
there'd be more "mechanical" evidence.

It could be, that your Windows 8 machine didn't have a lot
of outstanding patches waiting for it, so the time constant
was shorter. And no, I don't want to repeat the last two days
of effort on Windows 8 as well :-) As far as I'm convinced,
this is an "unscalable" software design, that has existed
since WinXP days, and even today, lurks in the background
in Win10. I suspect the packages are still tracked the old
way, back at Microsoft. It's the new delivery mechanism (10586.117)
that "hides" the un-scalable nature of the WU they refuse to fix.

*******

My recommendation today, would be to use wsusoffline, and
collect a set of patches that way. The patches are downloaded
direct from Microsoft and not from the wsusoffline web site.
The wsusoffline web site provides you with a 2.5MB program with
scripts that process the catalog server manifest, and then
do the downloads with something like wget. It's pretty efficient.
Wsusoffline doesn't download everything, it only downloads
patches which it thinks are the most recent and relevant. So
it has its own logic for doing the wuauserv step.

The other tool you can use, is MBSA 2.3 and take a snapshot
of the security updates needed that way.

Patches which end in .msu, are installed by wusa.exe and
you don't need command line to do it.

Patches which exist as .cab (five .NET ones I installed),
can be done this way. The "online" means apply the patch
to the current C: drive OS. There are options to
install patches against some other container you're
working on (effectively an offline method). If you're
an IT guy building some sort of image, you need
a slightly different thing to replace "online".

dism /online /Add-Package /Package-Name:F:\some.cab

Wsusoffline and MBSA techniques, don't solve the "Optional
Update" problem. Those will still be outstanding. You
won't have the right timezone info for Russia. You
won't have new kernel font code for pound symbol ot
perhaps would be missing the latest security
certificates. There are a few things in the Optional
updates that might be useful. And there are some
absolutely dreadful (corner case) ones that almost
nobody needs. Those are worthy of "hiding", so you
won't have to read the description a second time.

HTH,
Paul

philo

unread,
Apr 21, 2016, 4:58:17 PM4/21/16
to
More info:

The last "stubborn" Win7 machine had 193 updates done maybe five months
ago...but still took hours looking for more.


The Win8 machine that found the updates in a few minutes needed 210 updates.

Really looks to me like Win7 is being throttled.


I've used the offline update before and might use it again...at present
however I am all caught up on my repairs.

Brian Gregory

unread,
Apr 21, 2016, 5:07:20 PM4/21/16
to

Brian Gregory

unread,
Apr 21, 2016, 5:10:02 PM4/21/16
to
On 21/04/2016 14:44, philo wrote:
>
> Over the past few days I've had an opportunity to work on both a Win8.1
> machine one one running Win10
>
> When I went to "Windows Update" it only took a few minutes to find and
> start downloading them.
>
> This really looks like support for Win7 is being throttled back.

It's just that the Windows 10 update system has been designed so that it
doesn't slow down massively as the number of installed updates already
in your system's database increases beyond a certain level.

VanguardLH

unread,
Apr 21, 2016, 8:14:34 PM4/21/16
to
That article is too old and back when SSL was found broken and everyone
moved from SSL 3.0 to TLS 1.0 (which is basically SSL 3.0 but the
handshaking varies enough to be incompatible) or to TLS 2.0 or better
TLS 3.0. It was also back when it found found the weak ciphers were
still being used (sites would ask clients, who would obey, to downgrade
to the weak ciphers).

Avast also has their HTTPS scanner which requires installing a cert to
perform a MITM scheme to intercept HTTPS traffic to interrogate for
malicious content. You can disable it if you don't want to use their
proxy. Avast has updated their cert plus Windows had updates to
deprecate the weak ciphers (not client-side switch to them) along with
changing the config of IE to use TLS 1.0 at a minimum (SSL 3, and less,
would get disabled). The free version of BitDefender has no HTTPS proxy
for MITM attack so that article is not relevant to the free version.

Paul

unread,
Apr 21, 2016, 11:35:27 PM4/21/16
to
You're right. I tested both of my Win8.1 installs
and the presentation of the update list was under
five minutes. No complaint there. And the number of
missing updates was huge, so it cannot be blamed
on the things already being up-to-date. They were
last updated maybe October last year.

In Task Manager, Win8.1 has something with WMI in
its name, that takes the place of the TrustedInstaller
initial scanning activity. There just doesn't
seem to be much of a phase where wuauserv "thinks
about it".

I didn't do the actual updates, as it was just a quick
test to see how crippled they would be. And it really
wasn't bad at all.

Now, there are a couple precedents for Microsoft
back-porting stuff from more recent OSes. But I
bet their largesse doesn't stretch to fixing
Win7 Windows Update. Even though back in the WinXP
era, one of their mid-level managers *promised* to
fix the WinXP Windows Update problem (which is the
same problem as the Windows 7 one).

Paul

Brian Gregory

unread,
Apr 27, 2016, 6:48:10 PM4/27/16
to
It's never a good idea to have a certificate like these on your PC.

Clearly the software and data needed to mint fake server certificates
must exist as part the AV software that implements this ill advised scheme.

This means someone evil can reverse engineer it and use it to make fake
servers on the internet that will appear (to users of this AV software)
to have valid certificates for any domain they choose. They would have
to compromise the DNS of their target too but that's not impossible, and
might just mean compromising a NAT router or something.

VanguardLH

unread,
Apr 28, 2016, 2:49:17 AM4/28/16
to
The certs are not fake. They are registered. They are just as valid as
any other cert. No one needs to reverse engineer a cert. All they need
is physical access to your computer to install their own cert so they,
too, can do a MITM scheme. Many companies do this. When you go to
work, look at the certs your company installed in their sysprep image
they put on their workstation that they let you use to do your work for
them while at work. If they don't include it in their sysprep image,
sometimes their IT folks wander around to install it manually or they
find a way to push it onto the workstations. Caught an IT guy monkeying
around with my workstation (well, the company's workstation) to discover
he was installing a cert for the purposes of letting the company
intercept all HTTPS traffic. It's legal. It's their property.

The Real Bev

unread,
Aug 3, 2016, 2:08:00 AM8/3/16
to
On 04/13/2016 06:43 PM, Jason wrote:
> On Wed, 13 Apr 2016 16:32:54 -0500 "Ant" <ANT...@zimage.com> wrote in
> article <LbudnailkbWbJpPK...@earthlink.com>
>> WU takes forever to connect, search, and download the updates.
>>
>
> I've noticed the same thing. Just today, MS notified me of a batch up
> updates, but WU sat there for half an hour "downloading" while exactly
> nothing happened. This isn't the first time I've run into this recently.

I had 49 important and 1 optional updates. I checked to make sure than
none of them were on my list of evildoers and clicked GO. Hours later
there were still 0 downloads 0 complete. I thought perhaps it was lying
and would do the update when I turned the machine of. Nope. Nothing.

I use the machine only rarely (last time to do taxes). Is this standard?


--
Cheers, Bev
"Look again at that dot. That's here. That's home. That's us. On it
everyone you love, everyone you know, everyone you ever heard of, every
human being who ever was, lived out their lives." -- Carl Sagan

Paul

unread,
Aug 3, 2016, 6:30:39 AM8/3/16
to
The Real Bev wrote:
> On 04/13/2016 06:43 PM, Jason wrote:
>> On Wed, 13 Apr 2016 16:32:54 -0500 "Ant" <ANT...@zimage.com> wrote in
>> article <LbudnailkbWbJpPK...@earthlink.com>
>>> WU takes forever to connect, search, and download the updates.
>>>
>>
>> I've noticed the same thing. Just today, MS notified me of a batch up
>> updates, but WU sat there for half an hour "downloading" while exactly
>> nothing happened. This isn't the first time I've run into this recently.
>
> I had 49 important and 1 optional updates. I checked to make sure than
> none of them were on my list of evildoers and clicked GO. Hours later
> there were still 0 downloads 0 complete. I thought perhaps it was lying
> and would do the update when I turned the machine of. Nope. Nothing.
>
> I use the machine only rarely (last time to do taxes). Is this standard?

Things I would try:

1) Whip this one into the inferno.

"July 2016 update rollup"

https://support.microsoft.com/en-us/kb/3172605

That's a replacement for the pulled June 2016 update rollup.

2) Install IE11, to reduce wait time. The only person who
won't want this, is someone who does banking with IE9 because
the bank can't handle IE11.

https://www.microsoft.com/en-us/download/internet-explorer-11-for-windows-7-details.aspx (53.3MB)

Then give WU another try.

*******

And to make you feel better, I fired up my laptop
a couple days ago, opened Windows Update, left the
laptop running, and when I got up the next morning
(8 hours later), the update list still wasn't there.
So I did these four (i.e. without using Windows Update):

http://catalog.update.microsoft.com/v7/site/Search.aspx?q=3020369 (servicing stack)

Convenience rollup for SP1 (a kind of SP2 for Windows 7)...

http://catalog.update.microsoft.com/v7/site/Search.aspx?q=3125574 (476.9MB!!!)

Then, IE11.

https://www.microsoft.com/en-us/download/internet-explorer-11-for-windows-7-details.aspx (53.3MB)

(I could do this one, because I'd already snagged a copy)
http://catalog.update.microsoft.com/v7/site/Search.aspx?q=3161608 (27.6MB)

This is supposed to be the replacement for 3161608.

https://support.microsoft.com/en-us/kb/3172605 (29.2 MB)

Results of SP1 + 3020369 + 3125574 + IE11 + 3172605...

1) Windows Update paints in 8 minutes (best case is 3 minutes).
2) Selecting the four .NET in the sample and installing them,
the download starts virtually instantly.

https://s32.postimg.org/3mlzukg85/July_Recipe.gif

Paul

David E. Ross

unread,
Aug 3, 2016, 10:20:38 AM8/3/16
to
On 8/2/2016 11:07 PM, The Real Bev wrote:
> On 04/13/2016 06:43 PM, Jason wrote:
>> On Wed, 13 Apr 2016 16:32:54 -0500 "Ant" <ANT...@zimage.com> wrote in
>> article <LbudnailkbWbJpPK...@earthlink.com>
>>> WU takes forever to connect, search, and download the updates.
>>>
>>
>> I've noticed the same thing. Just today, MS notified me of a batch up
>> updates, but WU sat there for half an hour "downloading" while exactly
>> nothing happened. This isn't the first time I've run into this recently.
>
> I had 49 important and 1 optional updates. I checked to make sure than
> none of them were on my list of evildoers and clicked GO. Hours later
> there were still 0 downloads 0 complete. I thought perhaps it was lying
> and would do the update when I turned the machine of. Nope. Nothing.
>
> I use the machine only rarely (last time to do taxes). Is this standard?
>
>

As I noted in this newsgroup almost a month ago, when I have this
problem, I wait several hours or even a day before trying again. I have
a feeling that Microsoft's update server has either crashed or is very busy.

--
David E. Ross

Perhaps it was a smart decision for Hillary Clinton to use her
private E-mail server while Secretary of State. According to
current Secretary of State John Kerry, we know that the Russians
and Chinese have hacked the State Department's servers. In the
meantime, a claim by the Romanian hacker known as Guccifer
(Marcel Lehel Lazar) that he hacked into Clinton's E-mail
server proved false.

Brian Gregory

unread,
Aug 3, 2016, 9:01:52 PM8/3/16
to
Hopefully your office will use a unique certificate authority that they
have created and keep it protected so that it can't be misused by anyone
else.

As I understand it anyone who has one of these bitdefender products will
be able to analyse it and work out how to create certificates they could
use on fake websites that anyone, anywhere in the world who is the
bitdefender certificate on their PC would accept as valid.

Thus the task of creating a fake facebook.com or fake google.com with a
seemingly valid certificate becomes much simpler just requiring a man in
the middle or DNS reassignment.

Yousuf Khan

unread,
Aug 6, 2016, 8:57:52 PM8/6/16
to
On 13/04/2016 5:32 PM, Ant wrote:
> WU takes forever to connect, search, and download the updates.
> Sometimes, they fail. I also noticed svchost.exe hog too much CPU! :(
>
> Thank you in advance. :)

Now that the Win10 free upgrade period is over, the Win7 updates are now
back to normal and quick again! As expected.

Yousuf Khan

Paul

unread,
Aug 6, 2016, 11:04:30 PM8/6/16
to
Actually, that happened before the end of the free upgrade period.

The wheels needed to be greased, because they were holding
back a GWX-inspired upgrade path.

The patch was contained within the June Cumulative,
then the June Cumulative was pulled and the July Cumulative
takes its place.

One participant in the Answers forum, feels it has to do
with win32k.sys, and a kernel call that was screwing up.

Whereas, some IT people who regularly maintain their
own WSUS servers, feel it is a poorly maintained manifest file
on the Microsoft server (old patches not removed somehow),
which contributes to resource usage.

You can take your pick, on which is the largest
contributor. As far as I;m concerned, if the kernel
had a bug in a fundamental feature like that, it
should manifest in other program failures as well.
And where is the evidence that is happening ?

Paul

The Real Bev

unread,
Aug 7, 2016, 6:41:16 PM8/7/16
to
On 8/3/2016 3:30 AM, Paul wrote:
> The Real Bev wrote:
>> On 04/13/2016 06:43 PM, Jason wrote:
>>> On Wed, 13 Apr 2016 16:32:54 -0500 "Ant" <ANT...@zimage.com> wrote in
>>> article <LbudnailkbWbJpPK...@earthlink.com>
>>>> WU takes forever to connect, search, and download the updates.
>>>>
>>>
>>> I've noticed the same thing. Just today, MS notified me of a batch up
>>> updates, but WU sat there for half an hour "downloading" while exactly
>>> nothing happened. This isn't the first time I've run into this recently.
>>
>> I had 49 important and 1 optional updates. I checked to make sure
>> than none of them were on my list of evildoers and clicked GO. Hours
>> later there were still 0 downloads 0 complete. I thought perhaps it
>> was lying and would do the update when I turned the machine of.
>> Nope. Nothing.
>>
>> I use the machine only rarely (last time to do taxes). Is this standard?

NOTE: I just installed Thunderbird on the winmachine so I could follow
your instructions without flipping back and forth via the KVM switch.
The unmodified (I've been working on it since 1994!) version is
virtually unusable, although the one I use (linux 38.2) is a real joy.
Anyway...

> Things I would try:
>
> 1) Whip this one into the inferno.
>
> "July 2016 update rollup"
>
> https://support.microsoft.com/en-us/kb/3172605
>
> That's a replacement for the pulled June 2016 update rollup.

Multiple hoops, ending with "Windows Update Standalone Installer" which
spends time "Searching for updates on this computer" forever. Damn
thing even refuses to cancel without being killed through the task manager.

> 2) Install IE11, to reduce wait time. The only person who
> won't want this, is someone who does banking with IE9 because
> the bank can't handle IE11.
>
> https://www.microsoft.com/en-us/download/internet-explorer-11-for-windows-7-details.aspx
> (53.3MB)

Already had it.

> Then give WU another try.

Continuing... Gave up after 10 minutes. Life is passing me by...

> *******
>
> And to make you feel better, I fired up my laptop
> a couple days ago, opened Windows Update, left the
> laptop running, and when I got up the next morning
> (8 hours later), the update list still wasn't there.
> So I did these four (i.e. without using Windows Update):
>
> http://catalog.update.microsoft.com/v7/site/Search.aspx?q=3020369
> (servicing stack)

Did that. There ultimately seemed to be a results page of sorts, but
nothing to actually do with it. GOD I hate IE. It insists on tossing
up some stupid video every few minutes and using bing.

> Convenience rollup for SP1 (a kind of SP2 for Windows 7)...
>
> http://catalog.update.microsoft.com/v7/site/Search.aspx?q=3125574
> (476.9MB!!!)
>
> Then, IE11.

Does nothing. Just wants to download/install the catalog again. Did
that. Nothing.

> https://www.microsoft.com/en-us/download/internet-explorer-11-for-windows-7-details.aspx
> (53.3MB)
>
> (I could do this one, because I'd already snagged a copy)
> http://catalog.update.microsoft.com/v7/site/Search.aspx?q=3161608 (27.6MB)
>
> This is supposed to be the replacement for 3161608.
>
> https://support.microsoft.com/en-us/kb/3172605 (29.2 MB)
>
> Results of SP1 + 3020369 + 3125574 + IE11 + 3172605...
>
> 1) Windows Update paints in 8 minutes (best case is 3 minutes).
> 2) Selecting the four .NET in the sample and installing them,
> the download starts virtually instantly.
>
> https://s32.postimg.org/3mlzukg85/July_Recipe.gif

I envy you. I'm going to set it to "Download automatically" and see
what happens. I wouldn't be surprised if my refusal to do that is
interpreted as some sort of rebellion which must be put down :-(

How in hell do people live like this?

--
Cheers,
Bev

Paul

unread,
Aug 7, 2016, 7:43:03 PM8/7/16
to
The Real Bev wrote:

>
> How in hell do people live like this?

They turn Windows Update off, that's how.

Paul

The Real Bev

unread,
Aug 7, 2016, 9:48:09 PM8/7/16
to
OK, I have you to thank for SOMETHING, possibly the catalog thing. I
set it to update automatically at 4pm on Sunday. I waited for a few
minutes and then did a manual update. After an hour or so I notied that
it had installed ONE update. A while later it was working on #27 of 44.
It finally finished with 6 failures. I restarted those and added in
the optional update. Whatthehell, I've come this far. We're back to
'downloading 0% of nn updates', but I'm just going to let it run until
it finishes.

Do you know if the prefs.js and *.css files are themselves transferable
from linux Thunderbird to Windows TB? And did you by any chance used to
post into a.s.r.?

--
Cheers, Bev
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
"Attention: All virgins report to Paradise immediately!!
This is not a drill." --MWilliams

David E. Ross

unread,
Aug 7, 2016, 11:36:27 PM8/7/16
to
On 8/7/2016 6:48 PM, The Real Bev wrote:
> On 08/07/2016 04:43 PM, Paul wrote:
>> The Real Bev wrote:
>>>
>>> How in hell do people live like this?
>>
>> They turn Windows Update off, that's how.
>
> OK, I have you to thank for SOMETHING, possibly the catalog thing. I
> set it to update automatically at 4pm on Sunday. I waited for a few
> minutes and then did a manual update. After an hour or so I notied that
> it had installed ONE update. A while later it was working on #27 of 44.
> It finally finished with 6 failures. I restarted those and added in
> the optional update. Whatthehell, I've come this far. We're back to
> 'downloading 0% of nn updates', but I'm just going to let it run until
> it finishes.
>
> Do you know if the prefs.js and *.css files are themselves transferable
> from linux Thunderbird to Windows TB? And did you by any chance used to
> post into a.s.r.?
>

In my own situation, both prefs.js and .css have paths to various files.
That means those cannot be transferred without then editing them.

The Real Bev

unread,
Aug 8, 2016, 2:35:59 AM8/8/16
to
On 08/07/2016 08:36 PM, David E. Ross wrote:
> On 8/7/2016 6:48 PM, The Real Bev wrote:
>> On 08/07/2016 04:43 PM, Paul wrote:
>>> The Real Bev wrote:
>>>>
>>>> How in hell do people live like this?
>>>
>>> They turn Windows Update off, that's how.
>>
>> OK, I have you to thank for SOMETHING, possibly the catalog thing. I
>> set it to update automatically at 4pm on Sunday. I waited for a few
>> minutes and then did a manual update. After an hour or so I notied that
>> it had installed ONE update. A while later it was working on #27 of 44.
>> It finally finished with 6 failures. I restarted those and added in
>> the optional update. Whatthehell, I've come this far. We're back to
>> 'downloading 0% of nn updates', but I'm just going to let it run until
>> it finishes.

Ultimately it installed all the updates. Once it started it went fairly
fast. Does this mean that MS is using something like a 386 and a modem
as a server and it's mainly a queueing problem? Does the installation
possibly not start until everything has been downloaded?

>> Do you know if the prefs.js and *.css files are themselves transferable
>> from linux Thunderbird to Windows TB? And did you by any chance used to
>> post into a.s.r.?
>
> In my own situation, both prefs.js and .css have paths to various files.
> That means those cannot be transferred without then editing them.

Not many with real paths. Might be worth trying again.


--
Cheers, Bev
"At the core of liberalism is the spoiled child,
miserable, as all spoiled children are, unsatisfied,
demanding, ill-disciplined, despotic and useless.
Liberalism is a philosophy of sniveling brats."
PJ O'Rourke

Paul

unread,
Aug 8, 2016, 3:06:22 AM8/8/16
to
On 2016-08-08 02:35 AM, The Real Bev wrote:
> On 08/07/2016 08:36 PM, David E. Ross wrote:
>> On 8/7/2016 6:48 PM, The Real Bev wrote:
>>> On 08/07/2016 04:43 PM, Paul wrote:
>>>> The Real Bev wrote:
>>>>>
>>>>> How in hell do people live like this?
>>>>
>>>> They turn Windows Update off, that's how.
>>>
>>> OK, I have you to thank for SOMETHING, possibly the catalog thing. I
>>> set it to update automatically at 4pm on Sunday. I waited for a few
>>> minutes and then did a manual update. After an hour or so I notied that
>>> it had installed ONE update. A while later it was working on #27 of 44.
>>> It finally finished with 6 failures. I restarted those and added in
>>> the optional update. Whatthehell, I've come this far. We're back to
>>> 'downloading 0% of nn updates', but I'm just going to let it run until
>>> it finishes.
>
> Ultimately it installed all the updates. Once it started it went fairly fast. Does this mean that MS is using something like a 386 and a modem as a server and it's mainly a queueing problem? Does the installation possibly not start until everything has been downloaded?
>
>>> Do you know if the prefs.js and *.css files are themselves transferable
>>> from linux Thunderbird to Windows TB? And did you by any chance used to
>>> post into a.s.r.?
>>
>> In my own situation, both prefs.js and .css have paths to various files.
>> That means those cannot be transferred without then editing them.
>
> Not many with real paths. Might be worth trying again.
>

I just transferred over my profile to Ubuntu Studio and Thunderbird 45.2.0
and edited profiles.ini to point to my Windows-provided profile, and
there are a number of absolute paths in there. But anything that matters
so far also has a relative path. I exited Thunderbird after loading the
profile, and it didn't attempt to fix anything. So I guess this
is the sort of the thing you'll have to debug, function by function.

For example, I see there is a "Download" path specified, but I don't
think I've downloaded anything with Thunderbird recently. I'm just
not getting good test coverage on the absolute paths like that one.

Paul (sent from Ubuntu Studio, from a Windows profile)

Reply all
Reply to author
Forward
0 new messages