If I pause Windows Update, does that mean that I cannot trigger a Windows Defender update?

[Supa]

I used HellBovine's registry hack to prevent Windows updates:

[HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsUpdate\UX\Settings]
"FlightSettingsMaxPauseDays"=dword:000005b4

As an aside, I realised that if I simply use regedit and add this key, Settings -> Windows Updates will allow me to select how long I want to pause updates from the drop down list.

Unfortunately, Windows Defender is constantly running and consuming a small amount of resource. I can see this in task manager and in LatMon.

Right clicking and asking Windows Defender to update just results in failure. Did I do something wrong in NTLite or is this simply the result of me blocking updates?

 

[Hellbovine]

Edit the XML, then create a new image:

<Feature enabled="no">WindowsUpdate</Feature>
-> Change it to "yes"

Also try deleting this line:
<c>deliveryoptimization 'Delivery Optimization'</c>
-> More info here (link)

What's the actual error when it fails, or does it just do nothing at all? Also, attach any extra registry files, post-install mods, etcetera.

Defender will always run and consume resources unless it is disabled--appearing in task manager doesn't necessarily mean it's attempting to update itself and failing, rather it's probably doing a real-time scan or just monitoring things and waiting to take action.

 

[Supa]

This is what I receive.

The only registry change I have made is the one above. I don't use any other security software (tempted by Avira though).

The installation is still fresh. I have installed Process Lasso, Steam, Brave, Office, Latency Mon and very little else.

The date above looks fresh because I just uninstalled Avira to demonstrate the error.

 

[garlin]

Defender platform and definitions updates are delivered by WU.
You could create a scheduled task to download and install those files, but it's a hassle.

 

[Hellbovine]

Just to clarify something because I see it often on the forum, the title and content of this thread say "Disable" Windows Update (WU), but the keys from my guide "Pause" it, which is substantially different. This is a point of confusion in many threads where people interchangeably use the word "Disabled" for "Removed/Uninstalled" and these are also extremely different things as well. In all cases (paused/disabled/removed) the outcomes diverge in terms of what "breaks" in the operating system. More details on this below:

Spoiler: click here to reveal text

"Pausing" WU doesn't prevent Defender or other features from being able to update, it basically just stops the automatic install of KBs and such, so that Windows is not as overbearing in background activity, and gives users some more control. Pausing still allows WU to continue activity for the things that Microsoft deems as too important to also actually pause, meaning some things will continue to silently update.

"Enabled/Disabled" means to turn something on/off via a registry key or some other related means, typically accessible through a user interface and may result in some things not working as expected, especially when a group policy is used.

"Removed/Uninstalled" means the files are deleted from the machine, so it's not enabled or disabled, the feature just doesn't exist anymore, and this will cause the most amount of things to not work as expected.

The semantics in computers really matter because it can drastically change how things are troubleshooted.

 

[Supa]

Thank you. I changed the title.

 

[francis11]

Don't worry - have postponed WU for months with 5 weeks so can install official update of the month - and all Defender updates is no problem - you can check tasklist and see WU is running for WF updates.
Defender updates run no matter what!

 

[chrcol]

When I used to use defender, since I set WU to notify only, I added a task to task scheduler to auto grab the defender updates, I think its bad product design for Microsoft to use WU for defender components since they can be issued several times a day, and that was the best workaround I could come up with.

 

[Supa]

I have now disabled defender through NT Lite and run Avira. The free version of Avira will run the virus checker alongside windows firewall (if you want Avira's firewall you need to pay). This seems like a lighter and easier option.

 

[francis11]

DF cant run without WU as it's linked to MS sites - when try so search DF updates WU start automatically.
But postponed WU doesn't install updates to Windows as Hellbowine stated!