i ran this cmd and after some time a error appeared. sorry i didnt wrote it down. although i've seen sometime definition update works in auto but some time it doesnt even work with manual mode. but now i've reinstalled the os and installed avast free av, its the most lightweight av. now i'm not planing to continue with defender since i've found less resource consuming avast av.
Edit: Problem fixed in v2.1.8 February 13, 2018 patch tuesday updates leaves windows update service running after reboot. To fix it just run the script again and close the Windows Update MiniTool as soon as it opens, or you can let it finish the update check first, your choice. Edit: It appears that the update resets and enables the update service during the update installation that may continue during the first reboot. tl;dr Update script to v2.1.8 and run it.
Perhaps you could create a scheduled task which starts when Windows initilizes and disables the update service. Code: . . :GotPrivileges :::::::::::::::::::::::::::: ::START ::Enable and start the Windows Update Service (wuauserv) ::Run the correct version of WUMT for your architecture ::Start WUMT maximized in "auto-check for updates" mode. ::After updates are completed and WUMT is closed and/or the "reboot" ::button in WUMT is pressed, disable and stop wuauserv. :::::::::::::::::::::::::::: set "Task_Name=wub_task" schtasks /query /fo list 2>nul | findstr /i "%Task_Name%" 1>nul && ( schtasks /delete /tn "%Task_Name%" /f 1>nul 2>nul ) schtasks /create /tn "%Task_Name%" /ru "SYSTEM" /sc "ONSTART" /tr "'%~dp0wub.exe' /d /p" 1>nul 2>nul && ( echo. echo Windows Update Blocker Auto-Renewal Task is Created. ) . .
As always, thanks for the code. So far I can't decide if it's better to run this task only once after reboot after an update, or at every login. The latter would be far easier to implement and would do the job, so I'll probably do it like that.
IMHO, the easiest is to create the task after every reboot. Spoiler rem Create task after every Login (ONLOGON) or every rebbot (ONSTART) set "Task_Name=wub_task" set "Task_Frequency=ONLOGON" set "Task_Frequency=ONSTART" schtasks /query /fo list 2>nul | findstr /i "%Task_Name%" 1>nul && ( schtasks /delete /tn "%Task_Name%" /f 1>nul 2>nul ) schtasks /create /tn "%Task_Name%" /ru "SYSTEM" /sc %Task_Frequency% /tr "'%~dp0wub.exe' /d /p" 1>nul 2>nul || ( echo. echo Creating Windows Update Blocker Auto-Renewal task errored. & pause > nul )
Excellent. This will fix the problem, no doubt. Honestly, at first I did not want to create a task and was looking for a runonce option (which can be done using two tasks, one to remove both of them after completion of the other), but the scheduled task creation at every boot (or logon) is the best option. Since ONSTART runs before logon and may start too early, ONLOGON may be required. What I don't know is if ONSTART will start late enough to block the unblocking of the windows update service. I'll update the script with ONSTART and see how it works next patch Tuesday. I've also been thinking about test killing the UsoSvc since it's annoying but such measures are not necessary (yet), and I don't like changing permissions like this unless there's no other option: takeown /F C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator /A /R icacls C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator /grant Administrators:F /T (wouldn't the word "Administrators" in the line above have to be the equivalent in the language of the OS used?) granting the Administrators group ownership and full permission to the directory and denying R/W for SYSTEM or other users. wuauserv, UsoSvc (UpdateOrchestrator), DoSvc (Delivery Optimization) and BITS are all related so I'll be looking for everything I can find about their relation to each other. Thanks for your help, @rpo
Script 2.1.8 released. This is an important update that keeps the update service from starting after a CU and reboot. Please update the script and run it.
Great job on the script ! windows started to become annoying with the update that installed the upgrader to 1709 , already got rid of that but I wanted even more control over my updates and this is the perfect solution ! thanks If I wanted to uninstall this for any reason just removing the wub task and enabling windows service thru wub would be enough right ?
Ok , it's a kinda simple and elegant solution imho , Im liking it. Because I want to block nasty updates but I dont want to lose the good ones
Thank you for this neat solution to Microsoft's aggressive coding. Works fine but one question is that I notice the wub_task has a condition that says that it will "Start the task only if the computer is on AC power". This could surely cause it to not disable the Windows Update Service for systems running WUMT Wrapper script while on battery power only. I have manually unticked this and also the "Stop if the computer switches to battery power". Is there a way to create the task without these conditions. Thanks again for all your hard and prompt work. I wish there was a similar solution to stop the "Windows 10 Update Assistant" from running.
Thanks for bringing the "only on ac power" to my attention. My next free time may be a little over 48 hours from now but I'll fix that. Maybe someone will make a Windows 10 Update Assistant blocker. I'd probably write one if I had a computer that had the problem.
Cheers. No problems. As to the Windows10 Update Assistant. I have just blocked all the incidences of it in my firewall. And also disabled the tasks Microsoft keeps creating to run it as well. I have learnt not to install any update that doesn't show up in Windows Catalog. They are the ones that pretend to be security updates but simply create new tasks. But I will upgrade to Build 1703 or 1709 when I put aside the time.
May I suggest a possible workaround? The present implementation deletes the wub task (if it exists) and (re)creates it. I propose to create the task only if it dosen't exists. Code: set "Task_Name=wub_task" schtasks /query /fo list 2>nul | findstr /i "%Task_Name%" 1>nul || ( echo.&echo Creating Windows Update Blocker Auto-Renewal task %Task_Name%. schtasks /create /tn "%Task_Name%" /ru "SYSTEM" /sc ONSTART /tr "'%~dp0wub.exe' /d /p" >nul 2>&1 || ( echo.&echo Creating Windows Update Blocker Auto-Renewal errored.& echo Press any key to exit... & pause > nul &exit) echo.&echo You can now edit the parameters for the task %Task_Name% at your convenience&echo Press any key to continue... & pause > nul) It is now possible to update the task properties and the updates will be kept.
February 24, 2018 Script updated to v2.2.0 Improvements made since v2.1.9: wub_task xml now included in script, bugs in variables fixed, by @rpo