upfc.exe readme.txt

1. Found this info about upfc.exe on a Russian site. Wrapper Script 2.5.6 disables it.
2.  
3. in 1809 there appeared such a sneaky file upfc.exe (in the processes it is visible as Updateability From SCM) which restores the services and entire registry branches so that Windows periodically checks for updates.
4.  
5.  
6. Very timely find. I, too, almost managed to curb 1809 LTSC, and among the last few there was a question of what restores some branches of the registry.
7.  
8. Moreover, this concerns not only the update system, but also Cortana, Store, the OneDrive permission to connect to the Cloud (although the latter two, as it were, do not exist, but in fact the connection is resolved, the system restores what is not good).
9.  
10. So, my friends, my experience says that in this edition, sharing without selecting the rights in certain branches of the registry is not enough. This will have to learn, who has not done this before. In particular, it is absolutely necessary:
11.  
12. 1) To disable some tasks of the Scheduler.
13.  
14. Depending on the settings, the number of such non-switchable tasks from the general list "to disconnect" may be different. For example, there are:
15.  
16. BackgroundUploadTask Microsoft \ Windows \ SettingSync \ BackgroundUploadTask
17.  
18. Microsoft \ Windows \ UpdateOrchestrator \ Schedule Scan Schedule Scan
19. Schedule Scan Static Task Microsoft \ Windows \ UpdateOrchestrator \ Schedule Scan Static Task
20. UpdateModelTask Microsoft \ Windows \ UpdateOrchestrator \ UpdateModelTask
21. USO_UxBroker Microsoft \ Windows \ UpdateOrchestrator \ USO_UxBroker
22.  
23. 2) For blocking several main folders of accumulation and dumping of diagnostic data - cleaning and subsequent selection of write rights with BAN (has a higher priority than no rights)
24.  
25. C: \ ProgramData \ Microsoft \ Diagnosis \
26. C: \ ProgramData \ Microsoft \ Search \ Data \ Applications \ Windows \ GatherLogs \
27. C: \ ProgramData \ Microsoft \ Windows \ DeviceMetadataStore \
28.  
29. 3) To prohibit the restoration of already correctly configured parameters of the GP / Registry along the paths
30.  
31. [HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ Windows Search]
32. [HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ Onedrive]
33. [HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ WindowsStore]
34.  
35. After some machine downtime, some registry keys, in the above branches, the system returns back, so blocking is also necessary.
36.  
37. Selecting rights (as a whole) - means reconfiguring them with adding their account, first of all as the Owner with full rights, also adding yourself to the general list, disabling Inheritance with reconfiguring existing system records, setting rights only to Read. Moreover, it is important not to delete the existing system records, but to leave them the opportunity to read your settings, in fact, turn off certain parameters.
38.  
39. ------------
40. So the [HKLM \ SYSTEM \ Waas \ Upfc] branch, unlike the ones described above, is really blocked from changing the rights in the most severe way. But the chain of influence on the system of this "INITIATOR" (as I would call it) can still be broken, according to my ideas.