WUMT = WUA API interface it's not a downloader for complete update packages Offline mode = Offline "check" with wsusscn2.cab the actual downloading/installing is from WU servers
I've gotten Win10 to NOT update by running a cmd script to disable the various updating services. So far it has worked, not a single update seen. Then those version upgrades come along and all of a sudden I get a message box saying Windows is ready to install the next version. It seems to kill the small time patches, disabling updating services will do but does NOT work on version upgrades. What do I need to do so Win10 never downloads "Upgrade Assistant" onto my Win10 PC?
Or you can simply block svchost.exe in the firewall. But you have to setup DNS servers first, disable DNS Client service, restart. Code: wmic nicconfig where DHCPEnabled=TRUE call SetDNSServerSearchOrder ("1.1.1.1") reg add "HKLM\System\CurrentControlSet\Services\Dnscache" /v "Start" /t REG_DWORD /d "4" /f
OK. So after reading the few pages of this thread, I've come up with a new cmd script to permanently disable Win10 updates and version upgrades. Would someone more knowledgeable than me critique the following script (are there any relevant services I might have left out?): Code: :start net stop "BITS" sc stop "BITS" sc config "BITS" start=disabled net stop "wuauserv" sc stop "wuauserv" sc config "wuauserv" start=disabled net stop "dmwappushservice" sc stop "dmwappushservice" sc config "dmwappushservice" start=disabled net stop "DiagTrack" sc stop "DiagTrack" sc config "DiagTrack" start=disabled net stop "AJRouter" sc stop "AJRouter" sc config "AJRouter" start=disabled net stop "DcpSvc" sc stop "DcpSvc" sc config "DcpSvc" start=disabled net stop "WSearch" sc stop "WSearch" sc config "WSearch" start=disabled net stop "Wpnservice" sc stop "Wpnservice" sc config "Wpnservice" start=disabled reg add "HKLM\SYSTEM\CurrentControlSet\Services\WpnUserService" /v "Start" /t "REG_DWORD" /d "4" /f reg add "HKLM\SYSTEM\CurrentControlSet\Services\UserDataSvc" /v "Start" /t "REG_DWORD" /d "4" /f reg add "HKLM\SYSTEM\CurrentControlSet\Services\UnistoreSvc" /v "Start" /t "REG_DWORD" /d "4" /f reg add "HKLM\SYSTEM\CurrentControlSet\Services\PimIndexMaintenanceSvc" /v "Start" /t "REG_DWORD" /d "4" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\System" /v "AllowExperimentation" /t "REG_DWORD" /d "0" /f erase c:\windows\updateassistant\*.* /q net stop "UsoSvc" sc stop "UsoSvc" sc config "UsoSvc" start=disabled net stop "RpcSs" sc stop "RpcSs" sc config "RpcSs" start=disabled schtasks /Change /TN "Microsoft\Windows\UpdateOrchestrator\Schedule Scan" /Disable ren "%WINDIR%\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" "Schedule Scan.bak" md "%WINDIR%\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan" schtasks /Change /TN "Microsoft\Windows\UpdateOrchestrator\Schedule Scan" /Disable schtasks /Change /TN "Microsoft\Windows\WindowsUpdate\Scheduled Start" /Disable ren "%WINDIR%\System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start" "Scheduled Start.bak" md "%WINDIR%\System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start" schtasks /Change /TN "Microsoft\Windows\WindowsUpdate\Scheduled Start" /Disable schtasks /Change /TN "Microsoft\Windows\UpdateOrchestrator\Reboot" /Disable ren "%WINDIR%\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot" "Reboot.bak" md "%WINDIR%\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot" schtasks /Change /TN "Microsoft\Windows\UpdateOrchestrator\Reboot" /Disable reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "DisableOSUpgrade" /t "REG_DWORD" /d "1" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "DisableWindowsUpdateAccess" /t "REG_DWORD" /d "1" /f pause (P.S: Before running this script, first turn off Wi-Fi/disconnect LAN. Then go to Control Panel and uninstall Windows Update (Assistant) patches/software from 1. "Uninstall a program" and 2. "View installed updates" (this is found in the left panel of "Uninstall a program". Finally, reboot and run the above script as Administrator...)
Just a quick review: Disabling those tasks does not work since 1709 or 1703, at least not like this, you need more permissions. UsoSvc/wuauserv services will start, even when disabled.
OK. I went to c:\windows\system32\Tasks\Microsoft\Windows\UpdateOrchestrator and I see... in addition to scheduled scan and USO, there are a bunch of things dealing with UpdateAssistant. How come no one did anything to UpdateAssistant among the pages of this thread? (I did add a one liner in my above script to delete everything in c:\windows\UpdateAssistant)
Also HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\DisableOSUpgrade HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\DisableWindowsUpdateAccess Set to 1
Thanks. DisableWindowsUpdateAccess works though. I couldn't fetch updates with the Windows Update service running. I still think firewall is the best solution.
I don't see this key in regedit (my version of Windows 10 is really old). How to recreate the key? Anyways I think the root of the problem is the Update Orchestrator (USO). Basically, USO downloads UpdateAssistant.exe which then does the rest. Take care of USO, UpdateAssistant never gets the chance to do its job...
OK. So tell me if I'm doing this correctly: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "DisableOSUpgrade" /t "REG_DWORD" /d "1" /f reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "DisableWindowsUpdateAccess" /t "REG_DWORD" /d "1" /f
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v "DisableWindowsUpdateAccess" /t "REG_DWORD" /d "1" /f Yep that's right.
It's weird. I fire up regedit. The keys show with two options: Hexadecimal (selected) and decimal. Is this correct? Anyways, I added those two new lines to the bottom of the script in this post: https://forums.mydigitallife.net/th...ith-windows-updates.72328/page-3#post-1427152
It's right. You'll notice you can't check for updates even with the Windows Update service running. You'll get error 0x8024002e. When you change it back you may need to reboot for it to take effect.
^ It's a nice suite, but it doesn't deal with telemetry nor when UpdateAssistant gets downloaded onto your PC and perpetuates itself no matter how many times you uninstall it. My script above (post #46) covers everything in the suite (I think) plus kills telemetry and UpdateAssistant as well...