Clearly as a day, but if you know how to use third-party security suite like KIS you should know how to create the same rule with it, clearly as a day or not ?
Bug report on 2.2.1 If you exit the window during the "Welcome to manual updates! You are about to run" message, wuauserv will remain on (automatic)
There. I fixed that for you Also, In this post you have netsh advfirewall firewall add rule name="Block Windows Update" dir=Out action=Block program="C:\Windows\System32\svchost.exe" service=wuauserv protocol=TCP remoteport=80,443 In this post you have netsh advfirewall firewall add rule name="Block Windows Update" dir=Out action=Block program="C:\Windows\System32\svchost.exe" protocol=TCP remoteport=80,443 Does "service=wuauserv" belong in the command or not?
Access to this post is restricted! You're trying to open the post, written by @shewolf, but unfortunately it was marked as a draft (by the user himself or the UFO)
It only happend to me now because I accidently launched the .cmd script and closed it (didn't want to do updates at the time). It was the first time I did that ever. Message would be good, unless there's a way to disable the service on script exit ofc. For now, I'll just have that in mind so I don't make the same mistake again.
I think we're having a communication problem. I want to run this in a script that automates everything. That's what this project is all about. So two firewalls can run at the same time? I didn't know that. And yes that is clear to me now that two firewalls can run at the same time. I was going on the assumption that only one ran at a time. In that case I will have to detect third party firewalls in the script and I don't know how to do that, so until I figure that out I can't use this in the script (the script works now anyway). I would like to not have to use wub.exe, create a wub_task that runs at boot, disable usoclient.exe and remsh.exe, and have a complicated script, but hey, it's working. I want to use your method in the script, but I wonder if the disk will still thrash if usoclient is running a scan, plus the above mentioned problems. You are saying to add netsh advfirewall firewall add rule name="Block Windows Update" dir=Out action=Block program="C:\Windows\System32\svchost.exe" protocol=TCP remoteport=80,443 or block protocol TCP on ports 80 and 443 on a third party firewall. Yes, I understand that. "So, with "netsh advfirewall firewall add rule" you only use it if it is Windows Firewall only in service. If you use third-party security suite then make firewall rule with it and Windows Firewall will be turned off." This is crystal clear. I understand completely what you are saying. If that's not clear the discussion ends there! It's absolutely fully crystal clear. Don't have a heart attack on me. You've contributed the firewall rule but no code, which there's nothing wrong with that, but I'm not sure what you're wanting me to do here. Are you against any kind of script? When I ask a valid question, you appear to misunderstand me. If I'm misunderstanding you I apologize. Like I said, I think we have a communication problem.
Access to this post is restricted! You're trying to open the post, written by @shewolf, but unfortunately it was marked as a draft (by the user himself or the UFO)
So am I. I don't like disabling usoclient.exe, remsh.exe, using wub.exe either. I hate it with the heat of a thousand suns. 1) Wub.exe works by dealing with the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv registry key. Wub /d sets the value of "Start" to 4 Wub /e sets the value of "Start" to 2 Wub /d /p sets the value of "Start" to 4 and changes the registry key permissions. System has only read access, hence Windows Update process is disabled ... until Windows resets the default value and permissions (which seams to be the case after rebooting the system following the February 13, 2018 patch tuesday updates, and is fixed by wub_task in the script which runs wub at boot.) 2) I have reports of Usoclient.exe downloading certain updates with wuauserv disabled, which tells me that usoclient.exe is responsible for downloading and installing updates that nag or force you to upgrade to the newest version of Windows 10 and that should be a choice. Let people choose in WUMT what updates they want to install. That's the whole point of this script. 3) Remsh.exe runs usoclient scans. It scans the whole system for it's update state which is not what I want to happen while I'm playing Doom 4. Do you think I like doing all this? No I don't. But it's necessary whether you agree with that or not. It's all about the details and you're wanting to tell me nothing other than the firewall rule. If blocking svchost.exe protocol TCP on ports 80 and 443 was all you needed to do it would be all over the internet. You're saying I don't know what I'm doing and your way is the only way and to not argue with you. I honestly find that a little insulting. I want to incorporate your method of blocking svchost.exe protocol TCP on ports 80 and 443, but you're not actually helping at all at this point. When I make a statement or ask a question you think I'm stupid. If you want to make me look stupid, make a script that makes mine look stupid. You can fork my script or work with me. Pick one.
*Fixed: @elzna Among many things fixed in version 2.2.3 which will be released today: You can close the "Welcome to manual updates" window and updates will stay off now. Edit: unless you run the Configurator to leave updates on all the time.
March 3, 2018 Script updated to v2.2.3 Improvements made since v2.2.2: You can close the "Welcome to manual updates" screen and Windows Updates will stay off unless you ran the Configurator to leave them on. The script no longer makes backups of the original usoclient.exe because it's unnecessary. The permissions for usoclient.exe are now reset before permissions are removed in case the permissions are wrong. Thanks to @Meesterlijk, @rpo, @elzna, and @shewolf for bug reports, ideas, and fixes.
Remsh is a program that I disabled the tasks for before learning about this script because , besides scanning for updates like pf100 said , it also does as s**ton of "maintenance" tasks that basically make my computer unresponsive for a few minutes . 23057 and 23814 are basically cancer updates which introduce new ways to avoid update blocking from the user... thankfully they are damn easy to remove once you learn about them . Funny thing is that even when they are installed on my computer but I disabled their effects windows has tried to push them on me again , but I was using wumt already so I basically hid them , lets see the next move
Access to this post is restricted! You're trying to open the post, written by @shewolf, but unfortunately it was marked as a draft (by the user himself or the UFO)
March 4, 2018 Script updated to v2.2.4 Improvements made since v2.2.3: Fixed a bug where the uninstaller wouldn't fully work under certain conditions.
Access to this post is restricted! You're trying to open the post, written by @shewolf, but unfortunately it was marked as a draft (by the user himself or the UFO)
[Major Edit after my boring and repetitive suggestion failed!] I must apologize for posting first and then researching! My proposed 'solution' [now removed] involved the remove permissions usoclient.exe hack. This is a failed approach has been discussed over and over : here is just one of many posts: I can confirm that the remove permissions usoclient.exe hack doesn't work as a single solution. I'm running an ancient windows 10 that I'm beating up on since I'm getting ready to do a full clean upgrade. W10 1511 BUILD 10586 I applied the "usoclient.exe permissions hack", stopped WU service and used WUMT to set Windows Update to "Disabled." Microsoft thought it would be funny to show WU service as Disabled, but run it in the background anyway! Luckily I heard my hard drive grinding away and interrupted the update process using "wub.exe." BleachBit deleted all the partially downloaded updates. What a nightmare! The only genuine solution is found on the OP of this thread! Thanks pf100! I consider my head to be minchia and my pride to be thoroughly schooled!