I haven’t run windows since 2019. However I need to boot my old drive to grab some data. I really need to make sure this system doesn’t update any windows components, but I’ll need it to have internet access for a portion of the time.

On a different system, I used to have two reg keys that I would run to disable or enable updates when I found that disabling the services only worked until the watchdog would re enable them. Those resulted in updates saying something was wrong, which is perfect by me.

Now that web searches for stuff like this are all AI-gen’d SEO BS, can anyone tell me or point me to a reliable resource for truly disabling updates on Win 10?

PS - Bonus points if Anyone can link me to the page I used a few years back that had all sorts of privacy enhancing and telemetry disabling option on the left side and would create a reg file for applying those changes on the right. It might have been a purple theme, I forget.

Edit: it may also have been a “services” command that fully disabled services from CLI where the GUI says access denied. I forget.

Edit 2: I got the updates services disabled via registry. Thanks to those who refreshed my old Windows admin memory. I dumped Windows on my personal systems years ago, and haven’t had to think about this for a while. It’s a shame when the operating system changes to this model of SaaS where they call all the shots. I want security updates, but not bleeding edge drivers, candy crush, “feature enhancements”, random unexpected reboots, etc. I miss when the update feature didn’t assume nobody in the world could handle manual updates. You know, like sudo apt-get update.

  • folekaule@lemmy.world
    link
    fedilink
    arrow-up
    13
    ·
    5 months ago

    Is moving the drive to another computer as a secondary drive an option? Or put it in a separate USB enclosure? That way you don’t need to boot it at all, unless it’s encrypted or something.

    • XeroxCool@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      5 months ago

      Would plugging a drive with an OS on it into a running computer just show a list of files like normal?

      • folekaule@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        Yes, unless it is encrypted, in which case you need a way to decode that. You can even boot an OS from a USB thumb drive to recover files from a hard drive.

  • Blizzard@lemmy.zip
    link
    fedilink
    English
    arrow-up
    11
    ·
    edit-2
    5 months ago

    I tried every suggested way of disabling Windows Updates, including changing dedicated settings in Windows Update, registry, group policy, disabling services, blocking it in firewall, adding WU domains to HOST file and some other tricks I can no longer remember - Windows just ignores it all and updates itself anyway.

    The only thing that seems to have worked is to set your internet connection as metered and then set WU not to update over metered connections.

  • expectation failed@lemmy.world
    link
    fedilink
    arrow-up
    7
    ·
    edit-2
    5 months ago

    Bonus points if Anyone can link me to the page I used a few years back that had all sorts of privacy enhancing and telemetry disabling option on the left side and would create a reg file for applying those changes on the right

    Sounds like https://privacy.sexy/ might be the answer?

  • algorithmae@lemmy.sdf.org
    link
    fedilink
    arrow-up
    4
    ·
    5 months ago

    Download and install sysinternals suite: https://learn.microsoft.com/en-us/sysinternals/downloads/sysinternals-suite

    then run:

    psexec -i -s services.msc

    and disable Windows Update, Update Orchestrator, and WaaSmedic if it’s there.

    Alternatively, do the same psexec but regedit instead of services, navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services, find those same services I listed above, change the Start value to 4 to disable. I went to the next step and neutered all the registry entries for each of those services to make sure they stayed dead.

    • Thorry84@feddit.nl
      link
      fedilink
      arrow-up
      5
      ·
      5 months ago

      Why would you need psexec to run services.msc? You can just open the services by running it directly or even from the start menu.

      • algorithmae@lemmy.sdf.org
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        To run as System and prevent permission issues from wagging its finger at you and saying “nuh uh”. Yes obviously you can open Services the normal way if it wasn’t windows update BS

    • s38b35M5@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      5 months ago

      WaaSmedic must be that watchdog that kept re-enabling update services after I disabled them years ago. I just remember my OS would start a multi hour encode or compile, and I’d come back hours later to a login screen and update history telling me it rebooted when I didn’t have automatic updates enabled.

      Thx for the reply.

      • algorithmae@lemmy.sdf.org
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        Eeyup, same exact situation here. I leave my work computer overnight reencoding video pretty frequently, and would lose so much productivity due to restarts I didn’t ask for.

        • s38b35M5@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          Its all coming back to me now. Must’ve been repressed memories…

          For the record, the service names are: UsoSvc WaaSMedicSvc wuauserv

  • Brkdncr@lemmy.world
    link
    fedilink
    arrow-up
    4
    ·
    5 months ago

    Just disable the windows update services.

    You could also use a allowlist firewall rule to restrict access to what you need.

    Also why the paranoia? What do you have against windows updates?

  • Contramuffin@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    5 months ago

    Windows comes with a secret option to turn off updates with group policies, so you don’t need to modify anything or use a script. It works just fine for me. No updates (unless I manually click update).

    The option for automatic updates is several layers deep in a nested menu tree, and I don’t fully recall what the path to get there is. But you should be able to find it online.