Sledgehammer - Windows 10 Update Control

Discussion in 'MDL Projects and Applications' started by pf100, Nov 28, 2016.

  1. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,872
    2,862
    60
    I don't think that driver updates are necessarily causing problems with buggy windows updates.
    It wouldn't be hard to temporarily block driver updates. I'm about 95% sure this can be done with one registry key edit. Whatever it is, it would have to work immediately and work as a toggle without a reboot to work.


    Do a clean install of 1809+ (not tested on earlier versions) while disconnected from the net. Run sledgehammer to first screen and close it so updates are off. Connect to internet, run sledgehammer, hide driver updates and watch them install anyway. But after drivers are installed, you can hide drivers again and the script works as intended, or at least what I've found in early testing.
     
  2. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    154
    133
    10
    I've used SlimDrivers Free to check for whether hardware vendors have updated drivers available. Use it to install or not. Just be aware that SlimDrivers will stay resident in memory until you explicitly close it - I always close.

    If I'm not mistaken, both WUMT and WuMgr have an option checkmark for whether to update drivers. Apparently, Windows 10 will bypass that selection on new installs, if I understand @pf100 correctly. It seems to me that MS's approach to getting a hardware platform up and running with a first install should normally be a good thing. If any drivers are then determined to be problematic, can't the user just replace those with the hardware vendors' drivers at the time the problem is realized? After all, new installs are not the usual going concern update.
     
  3. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,872
    2,862
    60
    Good point. Maybe it's best to just let it install initial drivers.
     
  4. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,872
    2,862
    60
  5. Nocturnal_ru

    Nocturnal_ru MDL Novice

    Aug 14, 2017
    8
    0
    0
    Ok, thx, Lockfiles now finish its work normally. But what about wdu task?
    Status of it
    this task is performing now (0x41303)
     
  6. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    4,076
    3,894
    150
    Then it's still running.
     
  7. Nocturnal_ru

    Nocturnal_ru MDL Novice

    Aug 14, 2017
    8
    0
    0
    I understand, but it shouldn't in theory because windows defender is disabled by group policy and wumt or wumgr are not running too.
     
  8. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,872
    2,862
    60
    The task starts then has a 5 minute timeout whether defender is enabled or not. If defender is disabled, the task then cancels the update and exits, so it doesn't do anything. If you want to remove the task, change line 240 in version 2.7.2 in Sledgehammer.cmd from this
    Code:
    call :create_task WDU "Windows Defender Update"
    to this
    Code:
    rem call :create_task WDU "Windows Defender Update"
    Then just delete the task in task scheduler, or if you don't it will be removed the next time you run the script.
     
  9. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,872
    2,862
    60
  10. Homer712

    Homer712 MDL Junior Member

    Oct 22, 2018
    90
    22
    0
    I've been following this thread out of interest, and have been using Sledgehammer for many, many months. But I'm trying to understand the last couple of pages and this "disassembly of wub.exe" thing.

    Is this something to use instead of or along with Sledgehammer?
     
  11. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,872
    2,862
    60
    @Homer712 Reverse disassembling wub.exe was the last bit of info needed to make the project open source.
    I can use the info from the disassembly to completely replace wub.exe with a script subroutine if I wanted to.
    The reverse engineering of wub.exe has no bearing on users who don't care about the source code of the project or exactly how the script works.
     
  12. BALTAGY

    BALTAGY MDL Guide Dog

    Dec 23, 2014
    317
    476
    10
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,872
    2,862
    60
    KB4023057 comes out every couple of years and creates the "C:\Program Files\rempl" folder containing update hijackers.
     
  14. Nocturnal_ru

    Nocturnal_ru MDL Novice

    Aug 14, 2017
    8
    0
    0
    so, do i right understand that if ms defender disabled this task is not needed? I ask because i see in WDU script such strings:
    findstr /i "wumt_x86.exe wumt_x64.exe wumgr.exe"
    Then i doubt if Sledgehammer will work as intended without WDU task (because by some reason WDU task ends it work with 0x1 error), am i right or no?
    Thx for your help!
     
  15. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,872
    2,862
    60
    #1638 pf100, Aug 29, 2020
    Last edited: Aug 30, 2020
    (OP)
    The WDU task updates defender every 6 hours if defender is running unless WUMT or WuMgr is running or defender is disabled then it cancels the update.

    So, if defender is enabled, the task updates it every 6 hours.

    If defender is disabled, the WDU task doesn't do anything.

    You can leave the task there, or you can delete it along with the script line 240 edit. It makes no difference either way if defender is disabled.

    I always just leave the task even though I disable defender on every pc I have.

    Edit: If the WDU task gives a 0x1 error code it means it didn't update defender which is what you want in your case.
     
  16. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,872
    2,862
    60