Yomodo
commented
5 years ago This can trigger a lot of false positives, like temp files from an opened zip file etc.
Open icnocop opened 5 years ago
Yomodo
commented
5 years ago This can trigger a lot of false positives, like temp files from an opened zip file etc.
icnocop
commented
5 years ago This can trigger a lot of false positives, like temp files from an opened zip file etc.
Why do you think so?
Yomodo
commented
5 years ago From experience, I've done the same before in PowerShell.
More specific: installers can leave temp files that'll be removed on next boot.
But this is usually not serious enough to warrant a reboot.
icnocop
commented
5 years ago I wouldn't expect arbitrary installers to set the UpdateExeVolatile registry key.
Can you provide an example?
Hi.
I found an article that indicates another registry key that determines if a modification to an EXE is pending that's missing from this module: https://scriptingetc.wordpress.com/2017/06/16/detect-pending-reboots/
More information can be found here: http://support.microsoft.com/kb/832475
The registry key should probably also be checked: HKLM\SOFTWARE\Wow6432Node\Microsoft\Updates\UpdateExeVolatile
Thank you.