Sledgehammer - Windows 10 Update Control

Discussion in 'MDL Projects and Applications' started by pf100, Nov 28, 2016.

  1. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    204
    192
    10
  2. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    204
    192
    10
    Glad you found something that you can tailor to do what you want. I thought, though, that Sledgehammer uses a task to automatically look for and install Windows Defender definition updates. Why is there a need to manually do that? Isn't the frequency of automatic updates good enough to keep malware risk low, or is automatic not working? (I'm Norton 360 user, so I don't regularly experience the pleasure, but I do use Windows Defender on VMs.)

    As to Windows Events Logging, yeah, it logs everything under the sun. I think the goal is to choke Google with terms it can't find. At least, I was able to do away with many ground clutter warnings and errors by disabling logging for such things as store, cloudstore, and Hello for Business. But I'm often using Nirsoft Full Event Viewer trying to figure out my pet rabbit hole of why Windows 10 never lets me keep for long my custom pale turquoise window reading color from Win 7.
     
  3. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    118
    45
    10
    You are correct. And when the update check happens, and it finds both a definition update and a Defender Platform update, that would be where you'd get the "Update Aborted" message for the definition update. Even with Matthew's solution (he creates the scheduled tasks as well, which I think is one of the portions of the Sledgehammer code he was given permission to use), I still delete the schedule from those tasks and have instead created a small batch file to run the vbs scripts (part of Matthew's solution) in the sequence that I want.

    Specifically:
    1. Run the vbs script that checks for all updates. If any are available (including Defender Platform updates), it runs WUMT, if not it returns to the cmd window.
    2. Once WUMT runs I can have it download and install the Defender Platform update, then the Defender definitions update in that order so that both are successfully installed.
    3. If the vbs. script run in step #1 does not find any updates (it picks up all updates other than Defender definition updates) it defaults back to the cmd window, and the batch file then continues to automatically run a second vbs script which specifically checks only for definition updates and installs them automatically if found.

    It may sound a bit convoluted, but once you have it all put together it works slick. About twice a day I double-click a shortcut (to the batch file) that sits on the desktop. The batch file triggers all the correct vbs scripts in sequence, which then do all the checking, opening WUMT if needed, if not, the second vbs script installs the definition updates automatically if available and then closes. Done!
     
  4. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    204
    192
    10
    #1786 Whistler4, Apr 20, 2021
    Last edited: Apr 20, 2021
    Cool! I understand. Sounds like you've got it running like a top. (And zero-day exploits don't stand a chance :).)
     
  5. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    118
    45
    10
    Well "Whistler4", as the saying goes . . ."The best laid plans of mice and men . . ."

    The whole switching from Sledgehammer seemed like a good idea at the time, but after some time it just got to be too much. Seems that there are a number of proper sequences in which things need to be done to have things work. I'm sure it's me, but my "senior citizen" brain just couldn't keep track.

    So, reinstalled Sledgehammer, "rem'd" out the creation of the Defender task and I'm good to go. Not much to remember except running the Sledgehammer.cmd a couple of times a day to install the Defender definition updates. Done!
     
  6. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    204
    192
    10
    I got that sometimes the Defender engine updates preempt the definition updates. But the subsequent definition updates work, right? So what's the worst that can happen if you miss one iteration of definition updates once in a while? (Maybe I'm underappreciating the severity of the issue.)

    I mean, if you kept the scheduled task for Windows Defender enabled (or I should say created), wouldn't you have more time to fret over event logs, tweak performance, write your article, water your plants, or download something? (I should talk: Even though Norton updates automatically, I often right click and update if I happen to notice the tray icon.)
     
  7. velkgornikus

    velkgornikus MDL Novice

    Jun 21, 2018
    1
    0
    0
  8. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    118
    45
    10
  9. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    204
    192
    10
  10. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,440
    1,420
    60
    #1792 rpo, Apr 24, 2021
    Last edited: Apr 24, 2021
    @Whistler4
    "I got that sometimes the Defender engine updates preempt the definition updates. But the subsequent definition updates work, right? So what's the worst that can happen if you miss one iteration of definition updates once in a while? (Maybe I'm underappreciating the severity of the issue.)" : you are absolutly right.
    " I noticed same error recently and determined it was because wdu.cmd wasn't in the Sledgehammer\bin folde" : I don't agree with you because the task can be successfully created even if the wdu.cmd can't be located but error will occur at execution time.

    @Homer712
    Concerning metered network connections MS says "some updates for Windows won't be installed automatically" : it applies to some updates, not all updates

    @pf100
    It's difficult to diagnose a task creation error because the schtasks error message is not displayed. If suggest the following fix :
    for sledgehammer 2.7.2 replace lines 397-398 and for sledgehammer 2.7.3rc1 replace lines 403-404 (or 405-406) by :
    Code:
    schtasks /create /tn "\Microsoft\Sledgehammer\%1" /ru "SYSTEM" /xml task.xml /F >nul || (
    echo.&echo Creating %2 %1 task errored.&echo.&echo.&echo Press any key to exit... & pause > nul &exit)
    
     
  11. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    118
    45
    10
    @rpo
    I'm on 2.7.3rc1 and I just want to make sure before I do anything by way of changing code. Below is the current code as well as the lines 403 & 404 changed code: Code Change.png
     
  12. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    118
    45
    10
    I am ever hopeful that between Sledgehammer and the metered connection the pushed updates will be held at bay. I end up installing updates eventually, but I'm normally at least a month behind the releases.
     
  13. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,440
    1,420
    60
    You have to replace the lines 405-406. It seems my source code is different.
     
  14. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,440
    1,420
    60
    I suppose you don't need metered network connection, Sledgehammer will do the job. But I remember while I was learning German, the professor told us "Doppelt genäht hält besser", i.e. make assurance double sure.
     
  15. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    118
    45
    10
    @rpo
    Language skill are important. In the late 60's I found myself (a young 2nd Lt.) in Germany because in addition to my native tongue and English, I was also reasonably fluent in the language spoken on both sides of "The Wall." You never know when those skills will prove useful.
     
  16. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    204
    192
    10
    Thanks. I trust your knowledge of scripting and task creation, so I was obviously barking up the wrong tree thinking it was because wdu.cmd was missing. Hopefully, I didn't mislead anyone on the subject.

    That was good to recommend changes to help diagnose the task creation error.

    @Homer712 is probably on 2.7.3rc1a rather than rc1, which would be why the applicable lines are 405-406 instead of lines 403-404 in your source code for rc1. When I compiled the Windows Installer File, I made the commentary changes below to the Sledgehammer.cmd script and added the "a" in the version number so it would be distinguished from rc1, as explained in
    https://forums.mydigitallife.net/th...-10-update-control.72203/page-89#post-1650375
    (In the scripts, the line 3 title is "Sledgehammer 2.7.3" for rc1 and "Sledgehammer 2.7.3 rc1a" for rc1a. These comment changes would have added two lines total, changing the line numbering of 403-404 to 405-406:

    6 Thanks to Carlos Detweiller @ MDL for the idea to hide the Windows Update page in the Windows Settings app while updates disabled and visible while updates enabled so that settings doesn't close.
    7 ;Thanks to RetiredGeek at askwoody.com forum for original ideas on how to get MS-DEFCON rating.

    24 ;Only use Windows Update Blocker v1.0 with this script, NOT v1.1!
    25 Only use Windows Update Blocker v1.1 with this script. DO NOT edit the included wub.ini. Don't run the script without included wub.ini.
    (On the point about missing a Windows Defender definition update once in a while, did you think I was right about "what's the worst that can happen" or about "underappreciating the severity of the issue"? Kind of opposites :).)
     
  17. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    118
    45
    10
    Correct, I am running rc1a. So, downloaded rc1 via link in post #1697 and assume that you can just replace existing Sledgehammer.cmd with the new one.

    I also followed this post, any changes to be made here?

    image_112.png
     
  18. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    204
    192
    10
    All of the WUB 1.1 aspects are already incorporated in the rc1a Windows installer file which I linked to in post #1773 and was mirrored on mega.nz in the next post. If you would like, you can copy the rc1 sledgehammer.cmd over the rc1a sledgehammer.cmd that's installed with the installer. But the resulting sledgehammer.cmd would erroneously warn not to use WUB 1.1 and also reference MS-Defcon which is no longer used. It would jive with @rpo last suggestion for line changes, but you already know where those go now. (You could also copy the uninstaller.cmd from post #1697 over the rc1a uninstaller, but you might end up looping your question about why the last line is rem'd.)
    _______________________________________________

    I think this thread has become a little convoluted since version 2.7.2 was released in May 2020 on page 1. For convenience, these are the changes since then:

    1. (Official) 2.7.3 rc1 sledgehammer.cmd script and wub v1.1 fix, all to be copied into and used with 2.7.2, with instructions, post #1697, Oct 2020, https://forums.mydigitallife.net/th...-10-update-control.72203/page-85#post-1626994

    2. (Unofficial) 2.7.3 rc1a compiled Windows Installer file, incorporating all of above, posts #1773-1775, Mar 2021,
    https://forums.mydigitallife.net/th...-10-update-control.72203/page-89#post-1650375
    (Minor script changes from rc1: Title change in line 3 to "Sledgehammer 2.7.3 rc1a", changes to "thanks" in lines 6 & 7 based on pf100 comments in post #1697, and correction on caution for version of WUB in lines 24 & 25)

    3. (Suggested change) Display error message for Schtasks by replacing two lines of the sledgehammer,cmd script (lines 397-398 for 2.7.2, lines 403-404 for 2.7.3 rc1, or lines 405-406 for 2.7.3 rc1a), post #1795, Apr 2021,
    https://forums.mydigitallife.net/th...-10-update-control.72203/page-90#post-1656445