Sledgehammer - Windows 10 Update Control

Discussion in 'MDL Projects and Applications' started by pf100, Nov 28, 2016.

  1. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,440
    1,420
    60
    Code:
    for /f  "delims=- " %i in ('powershell "(Get-CimInStance CIM_OperatingSystem).OSArchitecture"') do @echo %i
     
  2. Carlos Detweiller

    Carlos Detweiller Emperor of Ice-Cream

    Dec 21, 2012
    6,316
    7,023
    210
    I have updated both scripts with that change. Hopefully it will work for other languages, too.
     
  3. pf100

    pf100 Duct Tape Coder

    Oct 22, 2010
    2,069
    3,447
    90
    #1903 pf100, Nov 2, 2021
    Last edited: Nov 2, 2021
    (OP)
    You guys are awesome. I got moved into my new house today, well mostly, there's still a lot of stuff I have to do but the worst is over. I overdid it (I moved an entire house of stuff mostly by myself) and am in pain all over but it was worth it. Things are moving ahead of schedule so maybe I can get busy on the script and get a proper update out in just a few days; I'll do my best. Thank you so much for the work you're all doing. Did I mention that you guys are awesome?
     
  4. rpo

    rpo MDL Expert

    Jan 3, 2010
    1,440
    1,420
    60
    #1904 rpo, Nov 3, 2021
    Last edited: Nov 3, 2021
    Two other possibilities :
    Code:
    for /f %%i in ('powershell "[System.IntPtr]::Size"') do (
    if %%i == 8 (
     set "nsudovar=.\bin\NSudoCx64.exe"
     set "wumt=.\bin\wumt_x64.exe"
    ) else (
     set "nsudovar=.\bin\NSudoc.exe"
     set "wumt=.\bin\wumt_x86.exe"
    ))
    or :
    Code:
    for /f %%i in ('powershell "[Environment]::Is64BitOperatingSystem"') do (
    if /i "%%i" == "True" (
     set "nsudovar=.\bin\NSudoCx64.exe"
     set "wumt=.\bin\wumt_x64.exe"
    ) else (
     set "nsudovar=.\bin\NSudoc.exe"
     set "wumt=.\bin\wumt_x86.exe"
    ))
    And this :
    Code:
    for /f "tokens=2 delims==" %%a in ('wmic path Win32_OperatingSystem get BuildNumber /value') do (
      set /a WinBuild=%%a
    )
    if %winbuild% LEQ 9600 (
    echo.&echo This is not Windows 10. Press a key to exit...
    pause > nul
    exit
    )
    might be replaced by :
    Code:
    for /f %%a in ('Powershell "[System.Environment]::OSVersion.Version.Build"') do (
    if %%a LEQ 9600 (echo.&echo This is not Windows 10. Press a key to exit...&pause > nul&exit)
    )
     
  5. Yonda

    Yonda MDL Novice

    Nov 6, 2021
    3
    1
    0
    Is there a way of providing default arguments in the shortcut for opening a specific thing? Like I would want to create a shortcut for Wumgr with shortcut target as "C:\Program Files\Sledgehammer\Sledgehammer.cmd" -N -v -4.
    I'm not very familiar with batch scripting but that's how it would be done on linux.
     
  6. pf100

    pf100 Duct Tape Coder

    Oct 22, 2010
    2,069
    3,447
    90
    #1906 pf100, Nov 19, 2021
    Last edited: Nov 19, 2021
    (OP)
    The script itself doesn't have command line switches but I can give you a workaround. After the script is run at least to the first screen once and then closed, all the "magic" has been done and you could then make a simple batch script to do what you want. I know you said you don't know batch script but all it is is putting commands in a text file, each command on its own separate line, and then giving it a .cmd file extension. What you want to do in this order is:

    1) enable update service(s) with wub.exe
    2) run WuMgr (or WUMT) with the correct switches
    3) disable update services with wub.exe.

    That's effectively all the script does when you run it after it's run the first time (until it's uninstalled).
    So for instance to automate running option 1 in the Configurator you would put this in a text file with a .cmd extension and run it as administrator:
    Code:
    @echo off
    wub.exe /e
    wumgr.exe -update -online 7971f918-a847-4430-9279-4a52d1efe18d -provisioned >nul 2>&1
    wub.exe /d /p
    If that's not what you're trying to do let me know and I'll see what I can do.
     
  7. Yonda

    Yonda MDL Novice

    Nov 6, 2021
    3
    1
    0
    That didn't work. I wanted to have a shortcut for opening the wumgr (gui) in expert mode as in
    Code:
    [4] Continue script to run Windows Update Manager (WuMgr) in Expert Mode.
    I think it just performed the update operation and terminated.
     
  8. pf100

    pf100 Duct Tape Coder

    Oct 22, 2010
    2,069
    3,447
    90
    #1908 pf100, Nov 19, 2021
    Last edited: Nov 19, 2021
    (OP)
    This is option 4
    Code:
    @echo off
    wub.exe /e
    wumgr.exe 7971f918-a847-4430-9279-4a52d1efe18d >nul 2>&1
    wub.exe /d /p
    
     
  9. Yonda

    Yonda MDL Novice

    Nov 6, 2021
    3
    1
    0
    It worked. Thanks.
    I took some code from Sledgehammer.cmd and put the batch file in C:\Program Files\Sledgehammer\
    Code:
    @echo off
    cd /d "%~dp0"
    .\bin\wub.exe /e
    .\bin\wumgr.exe 7971f918-a847-4430-9279-4a52d1efe18d >nul 2>&1
    .\bin\wub.exe /d /p
    
     
  10. BraneStawm

    BraneStawm MDL Novice

    Apr 14, 2020
    37
    13
    0
    Hi PF100, I've been using your program for quite some time now without any issues, but I recently updated to LTSC 21H2 (2021) and have noticed that the 'lockfiles' task is returning a last run result of 'x01' = insufficient privilege. Could you please advise.
     
  11. pf100

    pf100 Duct Tape Coder

    Oct 22, 2010
    2,069
    3,447
    90
    In task scheduler run the task manually, then menu > action > refresh, and see if it still shows the error.

    If there's still an error, edit line 2 in Sledgehammer\bin\LockFiles.cmd and change this
    Code:
    whoami /user /nh | find /i "S-1-5-18" || exit
    to this
    Code:
    rem whoami /user /nh | find /i "S-1-5-18" || exit
    Then run the task again and see if there's still an error.

    If there is still an error:
    Open an administrator command prompt in the Sledgehammer\bin folder and run this command and it'll make a lockfiles.log file in that folder:
    Code:
    lockfiles.cmd > lockfiles.log
    Then put lockfiles.log somewhere I can access it
     
  12. BraneStawm

    BraneStawm MDL Novice

    Apr 14, 2020
    37
    13
    0
    Thanks for the quick reply.

    Just to remove any possibilty of a conflict with any 'tweaking' work I have done on my machine, I am running this on a fresh install VM. I also check my LTSC 2019 install, it also had '0x1'

    I ran the command manually with the same result.
    I check the Lockfiles.cmd and the 'REM' was already there

    Logfile attached

    Cheers
     

    Attached Files:

  13. BraneStawm

    BraneStawm MDL Novice

    Apr 14, 2020
    37
    13
    0
    FYI - There is NO WaaSMedic.exe only WaaSMedicAgent.exe neither is there EOSNotify.exe nor osrss.dll in system32
     
  14. pf100

    pf100 Duct Tape Coder

    Oct 22, 2010
    2,069
    3,447
    90
    To see if forced update system files are locked by the script, check one, for instance WaaSMedicSvc.dll to see if permissions have been removed. So right click the file, go to properties > security tab, and it'll say "You must have Read permissions to view the properties of this object." and it won't show the the groups and user name list if it's locked.

    So disconnect from the internet and and run recovery.cmd as administrator from the Sledgehammer/recovery folder (ignore the "Only run this from Windows PE or install environment" warning), then check WaaSMedicSvc.dll and it should be unlocked and it will show the groups and user name list. Then run the LockFiles task and tell me if WaaSMedicSvc.dll is locked again like it should be.
    The script locks all update hijacker files that have ever been included in every version of Windows 10 and 11, so you may only have a few of them and will never have all of them.
     
  15. BraneStawm

    BraneStawm MDL Novice

    Apr 14, 2020
    37
    13
    0
    Action 1: Permissions had been removed
    Action 2: Revovery.cmd = Permissions were restored
    Action 3: Run Lockfiles task = Permissions were removed

    Attached is the output of the recovery.cmd JIC
     

    Attached Files:

  16. pf100

    pf100 Duct Tape Coder

    Oct 22, 2010
    2,069
    3,447
    90
    So then the LockFiles task is working but reporting that it isn't. That's odd. I'll have to check a few things and get back with you about it.
     
  17. BraneStawm

    BraneStawm MDL Novice

    Apr 14, 2020
    37
    13
    0
    OK - no rush, everything appears to be working as it should, it's just this task return code

    Many thanks
     
  18. pf100

    pf100 Duct Tape Coder

    Oct 22, 2010
    2,069
    3,447
    90
    Change the last line of LockFiles.cmd from this:
    Code:
    exit
    to this:
    Code:
    exit /b %errorlevel%
    and run the LockFiles task again to see if that fixes it.
     
  19. BraneStawm

    BraneStawm MDL Novice

    Apr 14, 2020
    37
    13
    0
  20. pf100

    pf100 Duct Tape Coder

    Oct 22, 2010
    2,069
    3,447
    90
    Try
    Code:
    exit /b 0