Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • Michael Horowitz: Killing Windows Update on Win10

    Home Forums AskWoody blog Michael Horowitz: Killing Windows Update on Win10

    This topic contains 24 replies, has 7 voices, and was last updated by  anonymous 6 days, 5 hours ago.

    • Author
      Posts
    • #238457 Reply

      woody
      Da Boss

      Horowitz has a fascinating “cheat sheet” reviewing various methods of blocking Win10 updating. With Windows 10, there are three aspects to disabling W
      [See the full post at: Michael Horowitz: Killing Windows Update on Win10]

      9 users thanked author for this post.
    • #238475 Reply

      Zaphyrus
      AskWoody Lounger

      I use a combination with metered connection and Wushowhide, at least that has worked for me, this is in the case I plan to update if not, the above mentioned plus disabled services.

      Just someone who don't want Windows to mess with its computer.
      • #238492 Reply

        anonymous

        If you switch to a Windows restricted/standard user does the Metered connection still show as enabled? Of course, what Windows 10 displays and what it does are not guaranteed to be the same thing.

      • #238495 Reply

        anonymous

        Just curious which versions of W10 you are running (and home/pro) – each versions has been a changing landscape for possible options.

        • #238517 Reply

          Zaphyrus
          AskWoody Lounger

          first of all,  I must remark that this method at least work for me, so its possible it only works for me

          My system is 1703  and using the home version.

          Just someone who don't want Windows to mess with its computer.
          1 user thanked author for this post.
    • #238479 Reply

      Michael432
      AskWoody MVP

      I use a combination with metered connection and Wushowhide …

      If you switch Windows users, does the metered connection remain on? For Ethernet? For Wifi SSIDs?

      Get up to speed on router security at RouterSecurity.org

      • #239042 Reply

        anonymous

        You would have to keep Windows Update and fiends locked down because metered status is to be set for each new connection. I had to change a network and wasn’t very careful, and all the Microsoft malware wanted to come flooding into Windows 10.

         

        • #239228 Reply

          Michael432
          AskWoody MVP

          Yes, a problem with this approach is the first time you connect to a new Wi-Fi network, it is not metered by default so Windows Update does its thing.

          Get up to speed on router security at RouterSecurity.org

      • #239044 Reply

        anonymous

        Addressing your first question, yes the connection will remain metered status while switching users. Also, Microsoft has demonstrated the ability to override metered status when it suits them.

    • #238481 Reply

      anonymous

      There are ways to use the registry to stop “unstoppable services” I done this few times. If I remember right, it involves changing the start number in data to a 4

    • #238489 Reply

      Bluetrix
      AskWoody Lounger

      With the advent of 3rd party (free) blocking apps this should be a mute issue for those concerned enough about blocking Win10 updates to do something about it. It’s ridiculously easy. I might add that since I have added an update blocker app I have seen no ill side effects from doing so. (Oct 10, 2018 added)

      Now, blocking Win10 telemetry is another animal. I am looking for an app as EASY and safe (and reversible) as the update blocking is. While there are apps available, they have pitfalls I am not ready to risk using. I have my fingers crossed hoping for one soon. I know some will say this isn’t a good thing to do, windows needs this info to make adjustments and improvements to windows … we have seen and continue to see the end results of this fallacy. Call it what you want, it’s spying without any control. The (pun intended) window dressing controls available now are an insult to any intelligence.

      Edit to add: Windows Home, Version 1803 (OS Build 17134.165)

      • This reply was modified 1 week, 2 days ago by  Bluetrix.
      1 user thanked author for this post.
      • #238511 Reply

        anonymous

        @bluetrix
        What update blocker app do you use?

        • #238523 Reply

          Bluetrix
          AskWoody Lounger

          @bluetrix What update blocker app do you use?

          http://greatis.com/blog/stopupdates10 <— program is here, developers site.

          (There are others out there in internet land but I use this one)

          I am including an excerpt outlining what the program does I copied from:
          https://www.thewindowsclub.com

          I hope this helps all or just one of the many readers here. I do intend to update, perhaps when the MS-DEFCON rating is more palatable.

          How StopUpdates10 works
          If you are curious enough, the developer of the tool has provided us with the entire list of actions that happen in the background. The tool makes the following changes:

          Registry Values: The program automatically changes the registry values for 7 registry keys for you so that you do not have to do it manually. All the registry changes can be easily restored back with the restore button.
          Windows Update Service: StopUpdates10 completely stops this service and prevents it from auto-starting, essentially killing the automatic updates mechanism.
          (I deleted what it changes, that can be read at https://www.thewindowsclub.com)
          Restoring changes is also easy as is. All you need to do is hit the Restore Windows Updates button, and all the changes will be rolled back. The program also displays the status of Windows Update. Apart from that it also provides you with command line features so that you can include StopUpdates10 in your scripts as well.

          • This reply was modified 1 week, 2 days ago by  Bluetrix.
          1 user thanked author for this post.
          • #238529 Reply

            anonymous

            I would not use that program. For one thing, it is closed source, not open. It changes registry values for 7 things. What things? There are at least 15 scheduled tasks involved with Windows Update. It stops one Windows Service when there are likely to be four involved with Windows Update. And while it may have prevented the service from being re-started in the past, Windows Update is getting more aggressive in this and its not clear when the program was last updated. Finally, it blocks processes. How? None of our business.

            • #238540 Reply

              Bluetrix
              AskWoody Lounger

              I would not use that program. For one thing, it is closed source, not open. It changes registry values for 7 things. What things? There are at least 15 scheduled tasks involved with Windows Update. It stops one Windows Service when there are likely to be four involved with Windows Update. And while it may have prevented the service from being re-started in the past, Windows Update is getting more aggressive in this and its not clear when the program was last updated. Finally, it blocks processes. How? None of our business.

              That’s okay by me if you don’t want to use it because it’s a “closed source”. Windows10 is fully open I guess. Perhaps it who or what reviews you trust. Maybe it’s a closed source because the developer didn’t want anyone to commercialize his freely offered work.

              As far as what the program actually does I provided a link to that, but to be more precise here is the link to the actual review so you don’t have to search for it in windowsclub forums. It includes everything I didn’t include, as I said my post was only an excerpt.

              https://www.thewindowsclub.com/block-updates-windows-10-stopupdates10

              You asked what program I used, ymmv, but it works for me. 🙂

              btw, I use free programs that are a closed source, so far so good. To name just a few : Adaware, Ublock, CCleaner, and those are just three of to many to list.

              Apologies for OT segue mods 🙂

              2 users thanked author for this post.
      • #238627 Reply

        anonymous

        @bluetrix

        Thanks for post the update blocker app. I might try it and see how it. Thanks again.

    • #238505 Reply

      anonymous

      Mr. Brian posted a link to a batch script months ago for stanching Windows 10 update malware behavior, it has worked well on 1607 and also has been updated for other versions. If Window’s own firewall rules are honored that can help.

      You should be able to find a basic printer driver from the printer manufacturer, some companies have a smaller core package. Because of a feature you may need or want sometimes you have to get the fat driver package, the good fat driver package installers will let you choose a custom installation and trim packages.

      You all have enough intellect to manage your own printer folks, Windows 10 doesn’t need to do that job.

    • #238578 Reply

      abbodi86
      AskWoody MVP

      Anything permission-locked can be unlocked with the help of NSudo 🙂

    • #238586 Reply

      anonymous

      Michael Horowitz missed in his article that you can actually deal with and remove sedsvc easily–it’s part of the trash that gets installed in C:\Program Files\rempl on a-few-months-out-of-date Win10 installations. It is the much-maligned KB4023057, cursed be its name, which is re-released every month despite the lamentations of the righteous.

      Installation of it can be easily prevented by doing the following:

      1. Uninstall it in Control Panel/Programs and Features. It’s in the list of installed software, not in the list of updates. Microsoft is tricky. I had a different word in mind but its not terribly polite.

      2. Make a C:\Program Files\rempl folder. If one already exists, delete it and remake it to ensure you have ownership.

      3. Deny all permissions to C:\Program Files\rempl for all accounts except administrators. You can do this with the permissions dialog or with icacls or some other utility. This will prevent any files being placed in the rempl folder, which will prevent the reinstallation of the loathed KB4023057.

      Any attempts by Windows Update to install KB4023057 every month will simply fail because the files can’t be written. If you forget to run wushowhide every month, this will potentially save you from a ninja installation of KB4023057 resulting in a possible forced “upgrade” to 1809, with all the blue-screens, bugs, wasted hours, sadness, and failure that implies.

      • #239018 Reply

        anonymous

        May be version dependent. 1803 contains the C:\Program Files\remp folder but there is no uninstall option.

    • #238575 Reply

      anonymous

      An anti-exe such as voodooShield can help block the various processes, but it requires you to approve every process which may be annoying to some. The same with a 3rd party firewall. Both require ‘Insane Paranoid’ mode.
      What is of interest is the variety of processes that fire up over time. With 1709, every 2 months something new would appear to repair any alterations made to stop updates.
      I broke the process by taking ownership of the folder for Update Orchestrator in Scheduler, sys32 and deleted the files. You can return them, or just download an ISO for update later.
      Be warned, Win10 is tricky so don’t set and forget; a process will fire up at some stage to make changes to update.
      Of course a backup can be restored return normality and investigate where it went wrong.

      Edited for HTML. Please use text tab for copy/paste.

      • #238621 Reply

        JCCWsusser
        AskWoody Lounger

        every 2 months something new would appear to repair any alterations made to stop updates.

        This is one real purpose of the AI and telemetry: to find out what people are doing to block updates.

    • #238607 Reply

      anonymous

      If there is no way left, just block the connection using the hosts file or alternatively a self managed DNS server.

      Adding update.microsoft. com and windowsupdate.com resolving to 127.0.0.1 should work. I would prefer the DNS server method.

      • #238736 Reply

        anonymous

        This article mentions 15 different Windows Update domains that are blocked

        https://www.reddit.com/r/Windows10/comments/7xxup9/permanently_disabling_windows_10_upgrade/

        My experience has been that DNS can only block one sub-domain at a time. That is you have to specifically block a.example.com and b.example.com and c.example.com individually, you can not globally block all of  example.com. Am I wrong about that?

        A self-managed DNS server sounds like a great idea, but any device on the network that uses a VPN bypasses this blocking.

    • #239205 Reply

      anonymous
      • #239227 Reply

        Michael432
        AskWoody MVP

        Great links, thanks.

        DNS blockages in a router have the advantage of working for all PCs on the LAN. But, any computer using a VPN bypasses the router for both DNS and firewalling. DNS blockages on one computer were, I thought, impractical because each subdomain has to be specified individually and this Microsoft doc does not do that.

        For example, if you want to block *.hwcdn.net as per the Microsoft documentation, how would you? DNS, at least the hosts file, does not do generic. You would have to block a.hwcdn.net and b.hwcdn.net and c.hwcdn.et, etc etc. So, what specifically do block in DNS?

        Get up to speed on router security at RouterSecurity.org

    • #239229 Reply

      Michael432
      AskWoody MVP

      Addressing your first question, yes the connection will remain metered status while switching users. Also, Microsoft has demonstrated the ability to override metered status when it suits them.

      Where did you read about Microsoft over-riding the metered status? And, in my testing, limited though it was, a restricted/standard user had the metering off, even though an Admin user on the same machine had it on.

      Get up to speed on router security at RouterSecurity.org

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Michael Horowitz: Killing Windows Update on Win10

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.