Sledgehammer - Windows 10 Update Control

You could make things easier; update your xml as follows :

Code:

<Exec>
      <Command>powershell.exe</Command>
      <Arguments>"sleep 300;start -window hidden \"$env:programfiles\windows defender\MpCmdRun.exe\" -args -Signatureupdate"</Arguments>
 </Exec>

You don't need vbs or cmd files, all is done by the powershell command.

 

Thanks.
At present, I'm away but I'll definitely try it on my testing device, and let you know!!!

 

You need to login to view this posts content.

 

An other way to create scheduled task with powershell replacing the vbs stuff (I propose this for didactic reasons).
In sledgehammer.cmd, replace

Spoiler

Code:

call :create_task WDU "Windows Defender Update"
call :create_task Wub_task "Windows Update Blocker Auto-Renewal"
call :create_task LockFiles "Lock system update hijacker files"

by :

Spoiler

Code:

set "PWS=PowerShell.exe -Nologo -NoProfile -ExecutionPolicy Bypass"
%pws% "bin\Create_task.ps1" 'WDU' 'Windows Defender Update'
%pws% "bin\Create_task.ps1" 'Wub_task' 'Windows Update Blocker Auto-Renewal'
%pws% "bin\Create_task.ps1" 'LockFiles' 'Lock system update hijacker files'

and suppress the create_task subroutine, ie :

Spoiler

Code:

:create_task
copy bin\%1.vbs task.vbs >nul & task.vbs
schtasks /delete /tn "%1" /f >nul 2>&1
schtasks /create /tn "\Microsoft\Sledgehammer\%1" /ru "SYSTEM" /xml task.xml /F >nul || (
echo.&echo Creating %2 %1 task errored.&echo.&echo.&echo Press any key to exit... & pause > nul &exit)del task.vbs task.xml >nul 2>&1
exit /b

In the bin subfolder, insert the following powershell scripts :

1. The main script to create and register the tasks by defining common parameters and inserting specific parameters for each task

Spoiler: create_task.ps1

Code:

#
#
#    Retrieve arguments
#
$task_name=$Args[0]
$description=$Args[1]
$taskpath='\Microsoft\Sledgehammer\'
#
#    Unregister the task if exists
#
Unregister-ScheduledTask  "$task_name" "$taskpath" -Confirm:$false -ErrorAction Ignore
#
#    Create and register the task
#
$principal = New-ScheduledTaskPrincipal -UserID "NT AUTHORITY\SYSTEM" `
    -LogonType ServiceAccount -RunLevel Highest
$settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries `
    -RunOnlyIfNetworkAvailable -MultipleInstances IgnoreNew -DontStopOnIdleEnd
. "$PSScriptRoot\$task_name.ps1" # Import $task_name.ps1
$task = New-ScheduledTask -Action $action -Description $Description `
    -Principal $Principal -Trigger $triggers -Settings $settings
$register=Register-ScheduledTask "$task_name" "$taskpath" -InputObject $task -Force
#
#    Return status
#
If(Get-ScheduledTask  "$task_name" "$taskpath" -ErrorAction Ignore){
    "`r`n`r`n$description $task_name task created successfully.`r`n`r`n"
}Else{
    "`r`n`r`nCreating $description  $task_name task errored.`r`n`r`n"
    Write-Host "Press any key to exit..." -NoNewLine
    [void][Console]::ReadKey("NoEcho,IncludeKeyDown")
    [Environment]::Exit(1)
}

2. The specific parameters for WDU task :

Spoiler: WDU.ps1

Code:

# Windows Defender Update "WDU" task that updates Defender only if it's enabled and running.
#
$action = New-ScheduledTaskAction   -Execute "$PSScriptRoot\wdu.cmd"
$trigger11 = New-ScheduledTaskTrigger -Daily -At '00:01'
$trigger12 = New-ScheduledTaskTrigger -Daily -At '06:01'
$trigger13 = New-ScheduledTaskTrigger -Daily -At '12:01'
$trigger14 = New-ScheduledTaskTrigger -Daily -At '18:01'
$trigger2 = New-ScheduledTaskTrigger -AtLogon; $trigger2.Delay="PT2M"
$trigger3 = New-ScheduledTaskTrigger -AtStartup; $trigger3.Delay="PT5M"
$triggers = @($trigger11,$trigger12,$trigger13,$trigger14,$trigger2,$trigger3)

]

3. The specific parameters for Wub_task task :

Spoiler: Wub_task.ps1

Code:

# Windows Update Blocker "Wub_task" that disables Windows Update service state at boot or login.
#
$action = New-ScheduledTaskAction   -Execute "$PSScriptRoot\Wub.exe" -Argument "/d /p"
$trigger2 = New-ScheduledTaskTrigger -AtLogon
$trigger3 = New-ScheduledTaskTrigger -AtStartup
$triggers = @($trigger2,$trigger3)

4 The specific parameters for LockFiles task :

Spoiler: LockFiles.ps1

Code:

# Create Update hijacker lock files task "LockFiles" that locks files at boot.
#
$action = New-ScheduledTaskAction   -Execute "$PSScriptRoot\LockFiles.cmd"
$trigger3 = New-ScheduledTaskTrigger -AtStartup
$triggers = @($trigger3)

Edit : added missing taskpath in create_task.ps1

A single create_task script merging all the scripts :

Spoiler: Global create_task.ps1 script

Code:

#
#    Retrieve arguments
#
$task_name=$Args[0]
$description=$Args[1]
$task_path='\Microsoft\Sledgehammer\'
#
#    Unregister the task if exists
#
Unregister-ScheduledTask  "$task_name" "$task_path" -Confirm:$false -ErrorAction Ignore
#
#    Create and register the task
#
$principal = New-ScheduledTaskPrincipal -UserID "NT AUTHORITY\SYSTEM" `
    -LogonType ServiceAccount -RunLevel Highest
$settings = New-ScheduledTaskSettingsSet -AllowStartIfOnBatteries -DontStopIfGoingOnBatteries `
    -RunOnlyIfNetworkAvailable -MultipleInstances IgnoreNew -DontStopOnIdleEnd
#. "$PSScriptRoot\$task_name.ps1" # Import $task_name.ps1
#
Switch ($task_name)
{
"WDU" {
# Windows Defender Update "WDU" task that updates Defender only if it's enabled and running.
#
$action = New-ScheduledTaskAction -Execute "$PSScriptRoot\wdu.cmd"
$trigger11 = New-ScheduledTaskTrigger -Daily -At '00:01'
$trigger12 = New-ScheduledTaskTrigger -Daily -At '06:01'
$trigger13 = New-ScheduledTaskTrigger -Daily -At '12:01'
$trigger14 = New-ScheduledTaskTrigger -Daily -At '18:01'
$trigger2 = New-ScheduledTaskTrigger -AtLogon; $trigger2.Delay="PT2M"
$trigger3 = New-ScheduledTaskTrigger -AtStartup; $trigger3.Delay="PT5M"
$triggers = @($trigger11,$trigger12,$trigger13,$trigger14,$trigger2,$trigger3)
    }
"Wub_task" {
# Windows Update Blocker "Wub_task" that disables Windows Update service state at boot or login.
#
$action = New-ScheduledTaskAction -Execute "$PSScriptRoot\Wub.exe" -Argument "/D /P"
$trigger2 = New-ScheduledTaskTrigger -AtLogon
$trigger3 = New-ScheduledTaskTrigger -AtStartup
$triggers = @($trigger2,$trigger3)         
    }   
"LockFiles" {
# Create Update hijacker lock files task "LockFiles" that locks files at boot.
#
$action = New-ScheduledTaskAction -Execute "$PSScriptRoot\LockFiles.cmd"
$trigger3 = New-ScheduledTaskTrigger -AtStartup
$triggers = @($trigger3)         
    }   
Default {[Environment]::Exit(1)} # invalid task name
}
#
$task = New-ScheduledTask -Action $action -Description $Description `
    -Principal $Principal -Trigger $triggers -Settings $settings
$register=Register-ScheduledTask "$task_name" "$task_path" -InputObject $task -Force
#
#    Return status
#
If(Get-ScheduledTask  "$task_name" "$task_path" -ErrorAction Ignore){
    "`r`n`r`n$description $task_name task created successfully.`r`n`r`n"
}Else{
    "`r`n`r`nCreating $description  $task_name task errored.`r`n`r`n"
    Write-Host "Press any key to exit..." -NoNewLine
    [void][Console]::ReadKey("NoEcho,IncludeKeyDown")
    [Environment]::Exit(1)
}

 

rpo, could you compose your version and share with us? ) for somebody it's too difficult these manipulations

 

If you mean that these manipulations are too difficult, keep away. I only proposed modifications for didactic reasons. I am not a user of the script, I only code for the fun.

 

Is there any fork of this which is more recent?

 

Or is that 2020 version still decent?

 

Still works for me.

 

Is Sledgehammer_2.7.3 rc1a still the latest, most up-to-date version?

It'd be helpful if the OP could be updated with a link to the latest version (or at least thread post #).

For (more recent) reference, here's the most recent thread post that has a still-working link to version 2.7.3 rc1a:

 

Yes.