Can't Access Windows 10 Update Orchestrator Service

5

2

I'm on build 1803 of Windows 10 Home. I need to disable Update Orchestrator Service aka. UsoSvc because I am running several scientific analysis programs (Biochemistry) that are required for work but may be broken with future Windows updates. I need complete control over when and how I update in order to ensure each patch is compatible.

I find that even using an elevated administrator account (activated through the command line) and running command line through the "Run As: Admin" with sc config UsoSvc start= disabled. I am denied access to the service through system error 5. Accessing through the Services manager shows a grayed out box where start-up properties are. See this screenshot:

Update Orchestrator Properties

The computer is not on a domain, it's my home system. Is there any way to either a) access the UsoSvc and change access the start-up property to disabled and eliminate the scheduled tasks, or b) access my computer with the LocalSystem account? Upon boot there is no option to click "other users..." at the start up screen to type in the computer name\localsystem.

I am looking for a way that does not include permanent deletion of the service. I have already disabled start-up of wuauserv and the trustedinstaller. Can anyone help?

Aragorn2001

Posted 2018-07-31T20:31:49.900

Reputation: 103

Question was closed 2018-08-08T16:29:13.233

Answers

4

Disclaimer: The Update Orchestrator Service is tied to Windows Update. Changing the registry may cause problems with Windows Update and associated services. So if you don't know what the registry does I recommend not to mangle with registry and services.

All Windows services have some security to control their permissions and user interactions. Security is managed through HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SERVICE_NAME\Security and RequiredPrivileges registry. If there are some permissions denied in Service Manager (aka. services.msc) then Startup Type can be changed using the registry. Use the following command to change startup type of that ``UsoSvc` service.

set X=UsoSvc
reg add "HKLM\SYSTEM\CurrentControlSet\Services\%X%" /V "Start" /T REG_DWORD /D "4" /F

What does the command do? reg add command adds (or changes) the Start DWORD registry in HKLM\SYSTEM\CurrentControlSet\Services\UsoSvc registry path. The 4 value means Disabled. Here are the list of those values:

0 = Boot
1 = System
2 = Automatic
3 = Manual
4 = Disabled
5 and more = Unknown

To revert the registry, change 4 value with 2 to make it automatic. Restart PC to effect the change. Read more about the registry at Microsoft Docs: Services Registry Tree

Biswapriyo

Posted 2018-07-31T20:31:49.900

Reputation: 6 640

Thank you so much!!! This worked upon restart. I don't have any idea why I couldn't do it any other way, but this really did it. I assume for future use that there's no way to "log in" as the LocalSystem account from boot screen? Regardless, thank you so much! – Aragorn2001 – 2018-08-02T01:17:04.433

4

I'm writing back here to let others reading this know something significant I discovered--

I have since discovered that although I can disable Update Orchestrator through the registry using @Biswapriyo's answer, that Windows will after a period of time revert the registry changes ALL ON ITS OWN.

In addition, I found after a longer period of time (do not know exactly how long), both TrustedInstaller and Windows Update services eventually revert from the permanently disabled state that I put them in. I can only surmise that this is a result of usosvc turning back the registry and turning back on.

I must be missing a scheduled task or something else I need to shut down UsoSvc's rebooting.

If anybody knows how to stop the reboot process without permanently deleting the services, I would love to know. Once again I want to thank @Biswapriyo for his help with my initial problem.

Aragorn2001

Posted 2018-07-31T20:31:49.900

Reputation: 103

And if sb is curious this happens even if you deny permissions to the relevant keys. – rvnlord – 2019-04-22T12:50:12.407

0

You could create a Scheduled Task to run as the SYSTEM account.

Open a command prompt as an administrator and try..

schtasks /create /RU "SYSTEM" /NP /SC ONSTART /TN Disable-UsoSVC /TR "sc config UsoSvc start= disabled" /F

Then just reboot the machine.

Nathan

Posted 2018-07-31T20:31:49.900

Reputation: 111

Thanks Nathan, I appreciate your input. The command "sc config UsoSvc start= disabled" doesn't work, because the group SYSTEM account only has read and execute privileges, it doesn't have full access. Still thanks for trying, it ended up working out with biswapriyo's solution – Aragorn2001 – 2018-08-02T01:13:40.860

Asked: 2018-07-31T20:31:49.900

Viewed: 18 818 times

Active: 2019-05-13T17:50:36.337