Ok, thx, Lockfiles now finish its work normally. But what about wdu task? Status of it this task is performing now (0x41303)
I understand, but it shouldn't in theory because windows defender is disabled by group policy and wumt or wumgr are not running too.
The task starts then has a 5 minute timeout whether defender is enabled or not. If defender is disabled, the task then cancels the update and exits, so it doesn't do anything. If you want to remove the task, change line 240 in version 2.7.2 in Sledgehammer.cmd from this Code: call :create_task WDU "Windows Defender Update" to this Code: rem call :create_task WDU "Windows Defender Update" Then just delete the task in task scheduler, or if you don't it will be removed the next time you run the script.
I've been following this thread out of interest, and have been using Sledgehammer for many, many months. But I'm trying to understand the last couple of pages and this "disassembly of wub.exe" thing. Is this something to use instead of or along with Sledgehammer?
@Homer712 Reverse disassembling wub.exe was the last bit of info needed to make the project open source. I can use the info from the disassembly to completely replace wub.exe with a script subroutine if I wanted to. The reverse engineering of wub.exe has no bearing on users who don't care about the source code of the project or exactly how the script works.
KB4023057 comes out every couple of years and creates the "C:\Program Files\rempl" folder containing update hijackers.
so, do i right understand that if ms defender disabled this task is not needed? I ask because i see in WDU script such strings: findstr /i "wumt_x86.exe wumt_x64.exe wumgr.exe" Then i doubt if Sledgehammer will work as intended without WDU task (because by some reason WDU task ends it work with 0x1 error), am i right or no? Thx for your help!
The WDU task updates defender every 6 hours if defender is running unless WUMT or WuMgr is running or defender is disabled then it cancels the update. So, if defender is enabled, the task updates it every 6 hours. If defender is disabled, the WDU task doesn't do anything. You can leave the task there, or you can delete it along with the script line 240 edit. It makes no difference either way if defender is disabled. I always just leave the task even though I disable defender on every pc I have. Edit: If the WDU task gives a 0x1 error code it means it didn't update defender which is what you want in your case.
Will future updates to Sledgehammer note in the changelog if it's recommended people upgrade (and run it) in cases where it's blocking updates currently but Microsoft may employ additional subterfuge to undo the changes/approach Sledgehammer has set? I am not sure if such a thing is possible but would not be surprised. Perhaps it's not a concern however and if updates are currently frozen then there's no way Microsoft can undermine that state? I've only started using it since the last version so have not read prior changelogs but that might be useful for folks who follow it and don't want surprises from Redmond. Thank you so much for developing this essential tool and bravo to you for Open Sourcing it as well!