WUMT/WuMgr Wrapper script - completely control windows 10 updates

Discussion in 'MDL Projects and Applications' started by pf100, Nov 28, 2016.

  1. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,390
    1,958
    60
  2. Homer712

    Homer712 MDL Junior Member

    Oct 22, 2018
    55
    11
    0

    Attached Files:

  3. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,390
    1,958
    60
    I have a question for experienced coders about removing a folder from Task Scheduler's Microsoft folder.
    I can't find any info about this online anywhere and figured out a solution by myself and am looking for advice on my methods.
    I moved the WDU and Wub_task tasks in task scheduler to "Task Scheduler Library\Microsoft\WuWrapperScript" folder so the tasks will work in a multi-user environment no matter who's logged in.
    I delete the tasks with the uninstaller with this code:
    Code:
    schtasks /Delete /Tn \Microsoft\WuWrapperScript\WDU /f >nul 2>&1
    schtasks /Delete /Tn \Microsoft\WuWrapperScript\Wub_task /f >nul 2>&1
    My question is, for the uninstall script, is the code below okay to remove the created folder from the Microsoft folder?
    The code works fine after deleting the tasks with the code above, I'm just wondering if this is the best way to remove the folder since I have no previous experience in deleting a folder from the Microsoft folder. Thanks in advance.
    Code:
    rmdir %SystemDrive%\Windows\System32\Tasks\Microsoft\WuWrapperScript /s /q >nul 2>&1
    nsudocx64 -ShowWindowMode:Hide -Wait -U:T -P:E reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\WuWrapperScript" /f >nul 2>&1
     
  4. Homer712

    Homer712 MDL Junior Member

    Oct 22, 2018
    55
    11
    0
    #1124 Homer712, Feb 11, 2019
    Last edited: Feb 11, 2019
    After everything going perfectly this morning after the install (Post #1122 above) the script ran the 12:01:00 PM WDU task flawlessly. We're on a good streak here and I have no reason to believe that the upcoming 6:01:00 PM won't be successful as well. So, I could shoot you now, but I'm in a good mood and you may have another gem or two up your sleeve, so, thumbs up it is.

    Added Edit: Becoming increasingly impressed. Did a mid day reboot and everything functioned as it should and the next WDU task remained scheduled for 6:01:00 PM as before. I'll stop flooding you with updates once we've had a full day or so of results, but at this point all signs point to a perfectly functioning script.

    Final Update: Not much to add. Scheduled tasks are being run. On time schedule, on reboot, etc. Everything seems to be functioning just as intended. Thank you!
     

    Attached Files:

  5. Homer712

    Homer712 MDL Junior Member

    Oct 22, 2018
    55
    11
    0
  6. rpo

    rpo MDL Addicted

    Jan 3, 2010
    683
    474
    30
    Statement at line 482 should be :
    Code:
    echo cd /d "%~dp0"
    and not :
    Code:
    echo cd /d "%%~dp0"
     
  7. AsaadSoft

    AsaadSoft MDL Member

    Jul 29, 2015
    203
    64
    10
    "creates a smart Windows Defender Update task "WDU" that updates Windows
    Defender every 6 hours if it's running and enabled, and doesn't update it if it's
    not running and disabled, saving resources"

    plzzz how to disable that in the wrapper, i don't want any kind of updates at all ??
     
  8. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,390
    1,958
    60
    Either delete the WDU task in task scheduler, or WDU.cmd in the script folder.
     
  9. AsaadSoft

    AsaadSoft MDL Member

    Jul 29, 2015
    203
    64
    10
    no wdu.cmd in portable edition before executing the script
    so i guess i should delete those lines from the script

    Code:
    ::::::::::::::::::::::::::::
    ::    Create WDU.cmd
    (
    echo SETLOCAL EnableDelayedExpansion
    echo ::Allow only WDU task to run this file::
    echo whoami /user /nh ^| find /i "S-1-5-18" ^|^| exit
    echo cd /d "%%~dp0"
    echo ::Wait 5 minutes to prevent resource hogging after reboot with missed update::
    echo timeout /t 300
    echo ::If WUMT or WuMgr are running, cancel Defender update and exit. If not, continue::
    echo tasklist ^| findstr /irc:"wumt_x.*exe"
    echo if %%errorlevel%% equ 0 goto skipdefenderupdate
    echo tasklist ^| findstr "wumgr.exe"
    echo if %%errorlevel%% equ 0 goto skipdefenderupdate
    echo ::If Windows Defender is running, update it. If not, cancel Defender update and exit::
    echo sc query ^| find /i "windefend"
    echo if %%errorlevel%% equ 1 goto skipdefenderupdate
    echo ::Enable Windows Update service and update Defender, then disable Update Service::
    echo if not exist wub.exe-backup ^(wub.exe /e^)
    echo timeout /t 10
    echo "%%ProgramFiles%%\Windows Defender\MpCmdRun.exe" -SignatureUpdate
    echo if not exist wub.exe-backup ^(wub.exe /d /p^)
    echo goto defenderupdated
    echo :skipdefenderupdate
    echo set errorlevel=1
    echo :defenderupdated
    echo exit /b %%errorlevel%%
    )>wdu.cmd"
    ::::::::::::::::::::::::::::
    
     
  10. AsaadSoft

    AsaadSoft MDL Member

    Jul 29, 2015
    203
    64
    10
  11. rpo

    rpo MDL Addicted

    Jan 3, 2010
    683
    474
    30
    Or just comment the statement at line 227
    Code:
    :: call :createwdu
     
  12. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,390
    1,958
    60
    #1134 pf100, Feb 16, 2019 at 14:56
    Last edited: Feb 16, 2019 at 23:58
    (OP)
    I thought I'd mention a "set it and forget it" simplest possible manual update method for Windows 10 I use for friends who know nothing about computers and would have no idea what to do with WUMT or WuMgr but want to do manual updates.

    1) Run the wrapper script to the first screen and close it to disable update hijackers.
    2) Run wub.exe in the script folder and enable the Windows Update Service.
    3) Delete the Wub_task from task scheduler so the update service stays on.
    4) Put a shortcut in C:\ProgramData\Microsoft\Windows\Start Menu\Programs called "Windows Update" with the following target:
    %systemroot%\explorer.exe ms-settings:windowsupdate-action
    (I change the icon to the one that looks like a globe)

    Also, the next script update is about 90% done. It'll work in any path in any language and lots of other improvements. Also, Windows 10 Update Assistant can't install under any conditions even if you try to install it manually.
    Edit: I failed to mention, and mostly because he's quite modest, that @rpo figured out the task execute parameter in any language path name. I had pretty much given up on it and would probably have never have figured it out.
     
  13. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,390
    1,958
    60
    #1135 pf100, Feb 17, 2019 at 00:59
    Last edited: Feb 17, 2019 at 19:00
    (OP)
    I'm going to just go ahead and throw this out here on the progress of the next script v2.6.0. These notes are in the development of 2.6.0 and errors mentioned are only in development and don't affect current script 2.5.5 which is working fine. I've had the luxury of taking my time with this update because 2.5.5 is working so well.

    Done:
    1) Moved WDU and Wub_task to task scheduler \Microsoft\WuWrapperScript folder to work in a multi-user environment. 2.6.0 automatically deletes the tasks in old location when script is run just in case.
    2) removed useless and possibly harmful "activate date" from wub_task logon trigger introduced at some point in testing 2.6.0. This doesn't affect anyone using current script 2.5.5
    3) Create dummy locked %systemdrive%\Windows10Upgrade folder. Windows 10 Upgrade Assistant now cannot be installed under any circumstances even if you try to force install it manually. Folder is system/hidden and can only be seen in file explorer if "protected operating system files" are unhidden.
    4) added "one time ping to 8.8.8.8 with up to 5 second timeout" internet connection check before configurator that can be bypassed by pressing a key in case of known working but unreliable internet connection. There's no point in enabling wuauserv or running WUMT or WuMgr without an internet connection, but the script will still let you override the internet check if you really want to. (Is this IP address available world-wide? If not, what is? If not, the script will still work)
    5) Tasks now work in any folder name in any language while still retaining task creation error message just in case!!! Thank you @rpo for fixing this problem that has been bugging me for a long time.
    6) Cosmetics finished (99%).
    7) Name this version 2.6.0 instead of 2.5.7 to eliminate any confusion with v2.5.6 which should never be used and I'll pretend never existed. v2.5.6 was a hard lesson learned to never disable upfc.exe. But the recovery script was a result so things will be better in the future now.
    8) Put "run WUMT or WuMgr" option in Configurator for one less screen of options to make things simpler for the user. Thanks @rpo
    9) Eliminated all 2 to 3 second timeout hacks previously required after every wub.exe operation that fixed wub.exe completing operations timing. The script without the timeouts would keep going without waiting causing wub.exe errors. The script now tests to see if wub has completed operations before continuing. This unexpectedly made the script run faster and is a more logical approach to the problem. Thanks @rpo.
    10) Verified upfc.exe cannot force an update in an over 6 month old install (just a note, v2.5.5 already handles this.)
    11) I'm mentioning @rpo a lot. He has really kicked butt on cleaning up code in the script. If I mentioned all the improvements made by him, this would be a very long list indeed. I will say that what he's done has made the script run so much faster that it makes up for the slowdowns introduced by removing permissions with NSudo as required starting with 1809. Brilliant work, sir.

    To-do:
    1) Carefully check and fully test all code in new script.
    2) Carefully check and fully test uninstaller
    3) Add documentation with instructions for recovery script made to run from Windows 10 installation media Preinstall Environment. (Thanks for the pointers @s1ave77)
    4) Re-word task creation code error message. Done
    5) Edit Readme to include new changes.
    6) Remove infobefore.txt and infoafter.txt files used with inno setup from script portable folder accidentally included in 2.5.5
    7) Consider not disabling tasks any more? It's not really an issue since any protected tasks won't allow alteration since I'm not force-disabling them. This is not an issue, so never mind.
    8) Rename script folder to Wumt-Wumgr_WrapperScript and rename the script to "Wumt/WuMgr Wrapper Script" on major geeks and softpedia.
    9) Incorporate more code refinements from @rpo. Thank you again for the help. All code improvements incorporated (so far)
    10) Anything else that I haven't thought of? I'm a sloppy note-taker. I do things mostly in my head and have scraps of paper and random text files floating around.
     
  14. AsaadSoft

    AsaadSoft MDL Member

    Jul 29, 2015
    203
    64
    10
    is there any similar script for windows 7 and 8.1, I have all related scheduled tasks removed, and wuauserv & bits services disabled
    but still the wuauserv service manages to restart some times on its own after logging in to windows or rebooting the machine
    and i only know by coincidence when checking the services from task manager then i go disable it again
    so frustrating !!!
     
  15. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,390
    1,958
    60
  16. AsaadSoft

    AsaadSoft MDL Member

    Jul 29, 2015
    203
    64
    10
    that's great i used the wub.exe from the files in the project, thanks
    I checked protect service settings, I hope this really prevent wuauserv from restarting itself,
    otherwise I will have to make it autorun at windows startup
     
  17. pf100

    pf100 MDL Expert

    Oct 22, 2010
    1,390
    1,958
    60
    #1139 pf100, Feb 17, 2019 at 11:14
    Last edited: Feb 17, 2019 at 18:30
    (OP)
    Check out the "Wub_task" task the script makes in task scheduler. It runs "wub.exe /d /p" to disable wuauserv at startup and logon.
     
  18. Whistler4

    Whistler4 MDL Member

    Jul 30, 2015
    112
    85
    10
    What is the effect of this process? It looks like it will allow you to run Windows Update on demand, but it will not provide any control over which updates are installed. Is that correct? Also, with the update service continually enabled, wouldn't there be a risk of automatically updating at any time, including to the next feature update?