Sledgehammer - Windows 10 Update Control

Discussion in 'MDL Projects and Applications' started by pf100, Nov 28, 2016.

  1. Carlos Detweiller

    Carlos Detweiller MDL Spinning Tortoise

    Dec 21, 2012
    4,388
    4,336
    150
    I think the name of the tool should be telling. A sledgehammer approach always has some impact. There's simply not a nice way that really works 100%.
     
  2. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    173
    154
    10
    Haha - Don't beat yourself up. Full disclosure: The way I often roll when diving into something new is feet first, using the instructions for reference when I get stuck. Sometimes it's screw up now, read how to do it later. As long as I'm confident the basic thing is safe and reversible. So I understand your concern about being able to reset. Also, I've been known to spend time watching a disk defrag or fret over event logs -- or to keep fixing something until it's broken.
     
  3. zylor

    zylor MDL Junior Member

    Feb 25, 2012
    81
    27
    0
    Where can i download the so called: Matthew Wai Preferences?

    Can't find anything via google or tenforums
     
  4. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    173
    154
    10
    Glad you found something that you can tailor to do what you want. I thought, though, that Sledgehammer uses a task to automatically look for and install Windows Defender definition updates. Why is there a need to manually do that? Isn't the frequency of automatic updates good enough to keep malware risk low, or is automatic not working? (I'm Norton 360 user, so I don't regularly experience the pleasure, but I do use Windows Defender on VMs.)

    As to Windows Events Logging, yeah, it logs everything under the sun. I think the goal is to choke Google with terms it can't find. At least, I was able to do away with many ground clutter warnings and errors by disabling logging for such things as store, cloudstore, and Hello for Business. But I'm often using Nirsoft Full Event Viewer trying to figure out my pet rabbit hole of why Windows 10 never lets me keep for long my custom pale turquoise window reading color from Win 7.
     
  5. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    115
    37
    10
    You are correct. And when the update check happens, and it finds both a definition update and a Defender Platform update, that would be where you'd get the "Update Aborted" message for the definition update. Even with Matthew's solution (he creates the scheduled tasks as well, which I think is one of the portions of the Sledgehammer code he was given permission to use), I still delete the schedule from those tasks and have instead created a small batch file to run the vbs scripts (part of Matthew's solution) in the sequence that I want.

    Specifically:
    1. Run the vbs script that checks for all updates. If any are available (including Defender Platform updates), it runs WUMT, if not it returns to the cmd window.
    2. Once WUMT runs I can have it download and install the Defender Platform update, then the Defender definitions update in that order so that both are successfully installed.
    3. If the vbs. script run in step #1 does not find any updates (it picks up all updates other than Defender definition updates) it defaults back to the cmd window, and the batch file then continues to automatically run a second vbs script which specifically checks only for definition updates and installs them automatically if found.

    It may sound a bit convoluted, but once you have it all put together it works slick. About twice a day I double-click a shortcut (to the batch file) that sits on the desktop. The batch file triggers all the correct vbs scripts in sequence, which then do all the checking, opening WUMT if needed, if not, the second vbs script installs the definition updates automatically if available and then closes. Done!
     
  6. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    173
    154
    10
    #1789 Whistler4, Apr 20, 2021
    Last edited: Apr 20, 2021
    Cool! I understand. Sounds like you've got it running like a top. (And zero-day exploits don't stand a chance :).)
     
  7. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    115
    37
    10
    Well "Whistler4", as the saying goes . . ."The best laid plans of mice and men . . ."

    The whole switching from Sledgehammer seemed like a good idea at the time, but after some time it just got to be too much. Seems that there are a number of proper sequences in which things need to be done to have things work. I'm sure it's me, but my "senior citizen" brain just couldn't keep track.

    So, reinstalled Sledgehammer, "rem'd" out the creation of the Defender task and I'm good to go. Not much to remember except running the Sledgehammer.cmd a couple of times a day to install the Defender definition updates. Done!
     
  8. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    173
    154
    10
    I got that sometimes the Defender engine updates preempt the definition updates. But the subsequent definition updates work, right? So what's the worst that can happen if you miss one iteration of definition updates once in a while? (Maybe I'm underappreciating the severity of the issue.)

    I mean, if you kept the scheduled task for Windows Defender enabled (or I should say created), wouldn't you have more time to fret over event logs, tweak performance, write your article, water your plants, or download something? (I should talk: Even though Norton updates automatically, I often right click and update if I happen to notice the tray icon.)
     
  9. velkgornikus

    velkgornikus MDL Novice

    Jun 21, 2018
    1
    0
    0
  10. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    115
    37
    10
  11. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    173
    154
    10
  12. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,157
    973
    60
    #1795 rpo, Apr 24, 2021
    Last edited: Apr 24, 2021
    @Whistler4
    "I got that sometimes the Defender engine updates preempt the definition updates. But the subsequent definition updates work, right? So what's the worst that can happen if you miss one iteration of definition updates once in a while? (Maybe I'm underappreciating the severity of the issue.)" : you are absolutly right.
    " I noticed same error recently and determined it was because wdu.cmd wasn't in the Sledgehammer\bin folde" : I don't agree with you because the task can be successfully created even if the wdu.cmd can't be located but error will occur at execution time.

    @Homer712
    Concerning metered network connections MS says "some updates for Windows won't be installed automatically" : it applies to some updates, not all updates

    @pf100
    It's difficult to diagnose a task creation error because the schtasks error message is not displayed. If suggest the following fix :
    for sledgehammer 2.7.2 replace lines 397-398 and for sledgehammer 2.7.3rc1 replace lines 403-404 (or 405-406) by :
    Code:
    schtasks /create /tn "\Microsoft\Sledgehammer\%1" /ru "SYSTEM" /xml task.xml /F >nul || (
    echo.&echo Creating %2 %1 task errored.&echo.&echo.&echo Press any key to exit... & pause > nul &exit)
    
     
  13. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    115
    37
    10
    @rpo
    I'm on 2.7.3rc1 and I just want to make sure before I do anything by way of changing code. Below is the current code as well as the lines 403 & 404 changed code: Code Change.png
     
  14. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    115
    37
    10
    I am ever hopeful that between Sledgehammer and the metered connection the pushed updates will be held at bay. I end up installing updates eventually, but I'm normally at least a month behind the releases.
     
  15. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,157
    973
    60
    You have to replace the lines 405-406. It seems my source code is different.
     
  16. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,157
    973
    60
    I suppose you don't need metered network connection, Sledgehammer will do the job. But I remember while I was learning German, the professor told us "Doppelt genäht hält besser", i.e. make assurance double sure.
     
  17. Homer712

    Homer712 MDL Member

    Oct 22, 2018
    115
    37
    10
    @rpo
    Language skill are important. In the late 60's I found myself (a young 2nd Lt.) in Germany because in addition to my native tongue and English, I was also reasonably fluent in the language spoken on both sides of "The Wall." You never know when those skills will prove useful.