Category: Windows Installer, Updates, Patching

Microsoft Update Health Tools, and PSWindowsUpdate
article #1455, updated 19 days ago

This appears to be an optional add-on which helps Windows do updates. Beyond that all of my searching has come up with vagueness. But Microsoft recommends it and often installs it without informing us, so probably it helps fairly often.

Microsoft Update Health Tools comes in KB4023057. To install KB4023057, we can use PSWindowsUpdate:

Here’s the Powershell basics:

Install-Module PSWindowsUpdate
Set-ExecutionPolicy Bypass -Scope Process
Import-Module PSWindowsUpdate
Get-WindowsUpdate -Install -KBArticleID KB4023057

PSWindowsUpdate is a very interesting module all by itself, it can do lots of things, e.g., install all updates available from Microsoft. Another nice function is:


To get a full list:

Get-Command -Module PSWindowsUpdate

Get-Help works for all of them.

One can install all updates available from Microsoft, though this can be dangerous, there are huge ones and drivers and BIOS too:

Install-WindowsUpdate -AcceptAll

To install all available updates except one KB:

Install-WindowsUpdate -AcceptAll -NotKBArticleID KB000000

where KB000000 is the KB to be excepted. There’s also -NotCategory and -NotTitle for items without KB articles.

To just see the list of available updates:


Here’s a complete run-anywhere command paste for preparing to use the module:

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
set-executionpolicy bypass -scope process -force
Function PrepareModule {
	param( [string]$ModuleName )

	If (Get-Module -ListAvailable -Name $ModuleName)
		{ Update-Module $ModuleName -Force }
		{ Install-Module $ModuleName -Force }
Install-PackageProvider -Name NuGet -Force
Import-PackageProvider -Name NuGet -Force
PrepareModule PSWindowsUpdate
Import-Module PSWindowsUpdate



Alternative to Revo Uninstaller
article #1442, updated 137 days ago

This one works very well indeed. It does need a bit more technical intervention:



The New Hunsinger Windows Update Clog Destructifier
article #979, updated 137 days ago

Mike Hunsinger, who has been addressing Windows Update issues with considerable success over time, recently provided for the following writeup. It is useful when:

  • Windows is running slowly or generally unreliably, needs rebooted frequently.
  • The Windows Update service spikes CPU usage over 70% when it runs.
  • When you check for new updates, it just hangs endlessly on “checking for updates”.
  • The last successful update was years ago.


  1. Clean up the system drive.
    • Before Server 2012, use Disk Cleanup (cleanmgr.exe). Be sure to check “service pack backup files” and “windows update”, if the version of Windows you are running gives these as options.
    • Server 2012 and after, use DISM (dism.exe). Run this in administrative CMD:
      dism.exe /online /Cleanup-Image /StartComponentCleanup /ResetBase
      If it reports “The operation could not be completed due to pending operations.”, you have just been told that a server reboot is necessary and you’ll need to do this again afterwards. After it succeeds, do this:
      dism.exe /online /Cleanup-Image /SPSuperseded
  2. Run the following as a .bat file to reset Windows Updates caches and working spaces, rereg some dll’s, It works on all versions of windows, may skip some dll’s depending on the OS version:
echo Simple Script to Reset / Clear Windows Update
attrib -h -r -s %windir%\system32\catroot2
attrib -h -r -s %windir%\system32\catroot2\*.*
net stop wuauserv
net stop CryptSvc
net stop BITS
ren %windir%\system32\catroot2 catroot2.old
ren %windir%\SoftwareDistribution sold.old
ren "%ALLUSERSPROFILE%\application data\Microsoft\Network\downloader" downloader.old
regsvr32 /s wuaueng.dll 
regsvr32 /s wuaueng1.dll 
regsvr32 /s atl.dll 
regsvr32 /s wups.dll 
regsvr32 /s wups2.dll 
regsvr32 /s wuweb.dll 
regsvr32 /s wucltui.dll 
net Start BITS
net start CryptSvc
net start wuauserv
echo Task completed successfully...
  1. Install .net 4.5.1 from here:
  2. If it says that an =/> version is already installed, run the .net repair tool from here:
  3. Download the latest version of Windows Update from here:
  4. Next update IE or Edge to the latest version using a redist, here’s the one for EI11,
  5. Open IE11 or Edge, add to trusted sites, popup blocker exceptions, privacy exceptions.
  6. Finally, try re-running Windows Update. The “Checking for Updates” may run quickly, or it may take 4-6 hours to populate results.

We have had the best results by updating in batches after this, first any critical SP’s or major Platform Updates. Then security, Office and the others as deemed necessary. Once you’ve completed a couple rounds of updates, the difference should start exhibiting itself with regards to the symptoms named.



Download Many ISOs of Windows 10 and 8
article #1429, updated 163 days ago

This is a third-party page which initiates downloads from Microsoft:

And a very nice one for the very latest build of Windows 10:

And another for Windows 8.1:



Run CMD as SYSTEM to get around lots of different installer bugs etcetera
article #1408, updated 376 days ago

If you get PsTools, and do this:

psexec -i -s CMD.exe

you’ll get another CMD box, where the username is SYSTEM, that is to say, the hostname of the machine with a dollar sign on the right end. If the machine is on a domain, it is DOMAIN\hostname$, have not tested it on a non-domain machine yet.

One software installer recently, required that the folder containing its installer package be TAKEOWNed and ICACLSed, as that system user, before it would run to completion, it must have some odd permissions bug in it.

There are likely to be quite a few circumstances in which this special CMD can be useful.



DISM Cleans Up Windows Updates and Cache
article #1158, updated 384 days ago

To see if there is cleanup to be done:

DISM /Online /Cleanup-Image /AnalyzeComponentStore

To remove obsolete and unused system files:

DISM /Online /Cleanup-Image /StartComponentCleanup

To remove obsolete and unused system files and also service pack uninstallation files:

dism /online /Cleanup-Image /SPSuperseded

To remove obsolete and unused system files and everything prior, making it impossible to reverse any patches:

dism /online /Cleanup-Image /StartComponentCleanup /ResetBase



Remove All Oracle Java Products Silently
article #1407, updated 384 days ago


wmic product where "name like 'Java%%'" call uninstall /nointeractive

appears to work very well for products whose names start with “Java” which are installed in Windows standard fashion.



Microsoft Update Health Tools
article #1405, updated 397 days ago

Solves issues with updating Windows 10.



Download Windows 10 Build 1909 ISO
article #1402, updated 403 days ago

There are links on this page:



Uninstall Windows applications via command line
article #1326, updated 409 days ago

This command:

wmic product where name="Application Name" call uninstall /nointeractive

appears to do it. Put the whole long name from the software list in Control Panel, within those double parentheses. This works in at least some cases where msiexec /x does not. And it is not version-specific.

To get a full list of names with GUIDs, try this:

get-wmiobject Win32_Product | sort-object -property Name | Format-Table IdentifyingNumber, Name, LocalPackage -AutoSize