mirror of
https://github.com/ChrisTitusTech/winutil.git
synced 2025-09-05 10:45:47 -05:00
Compare commits
2 Commits
main
...
updatebloc
| Author | SHA1 | Date | |
|---|---|---|---|
| 563a32219c | |||
| 8be67dbf8c |
@ -5,6 +5,9 @@ function Invoke-WPFUpdatesdefault {
|
||||
Resets Windows Update settings to default
|
||||
|
||||
#>
|
||||
|
||||
Write-Host "Restoring Windows Update registry settings..." -ForegroundColor Yellow
|
||||
|
||||
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU")) {
|
||||
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Force | Out-Null
|
||||
}
|
||||
@ -15,17 +18,99 @@ function Invoke-WPFUpdatesdefault {
|
||||
}
|
||||
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" -Name "DODownloadMode" -Type DWord -Value 1
|
||||
|
||||
# Reset WaaSMedicSvc registry settings to defaults
|
||||
Write-Host "Restoring WaaSMedicSvc settings..." -ForegroundColor Yellow
|
||||
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" -Name "Start" -Type DWord -Value 3 -ErrorAction SilentlyContinue
|
||||
Remove-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" -Name "FailureActions" -ErrorAction SilentlyContinue
|
||||
|
||||
# Restore update services to their default state
|
||||
Write-Host "Restoring update services..." -ForegroundColor Yellow
|
||||
|
||||
$services = @(
|
||||
"BITS"
|
||||
"wuauserv"
|
||||
@{Name = "BITS"; StartupType = "Manual"},
|
||||
@{Name = "wuauserv"; StartupType = "Manual"},
|
||||
@{Name = "UsoSvc"; StartupType = "Automatic"},
|
||||
@{Name = "uhssvc"; StartupType = "Disabled"},
|
||||
@{Name = "WaaSMedicSvc"; StartupType = "Manual"}
|
||||
)
|
||||
|
||||
foreach ($service in $services) {
|
||||
# -ErrorAction SilentlyContinue is so it doesn't write an error to stdout if a service doesn't exist
|
||||
|
||||
Write-Host "Setting $service StartupType to Automatic"
|
||||
Get-Service -Name $service -ErrorAction SilentlyContinue | Set-Service -StartupType Automatic
|
||||
try {
|
||||
Write-Host "Restoring $($service.Name) to $($service.StartupType)..."
|
||||
$serviceObj = Get-Service -Name $service.Name -ErrorAction SilentlyContinue
|
||||
if ($serviceObj) {
|
||||
Set-Service -Name $service.Name -StartupType $service.StartupType -ErrorAction SilentlyContinue
|
||||
|
||||
# Reset failure actions to default using sc command
|
||||
Start-Process -FilePath "sc.exe" -ArgumentList "failure `"$($service.Name)`" reset= 86400 actions= restart/60000/restart/60000/restart/60000" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
|
||||
# Start the service if it should be running
|
||||
if ($service.StartupType -eq "Automatic") {
|
||||
Start-Service -Name $service.Name -ErrorAction SilentlyContinue
|
||||
}
|
||||
}
|
||||
}
|
||||
catch {
|
||||
Write-Host "Warning: Could not restore service $($service.Name) - $($_.Exception.Message)" -ForegroundColor Yellow
|
||||
}
|
||||
}
|
||||
|
||||
# Restore renamed DLLs if they exist
|
||||
Write-Host "Restoring renamed update service DLLs..." -ForegroundColor Yellow
|
||||
|
||||
$dlls = @("WaaSMedicSvc", "wuaueng")
|
||||
|
||||
foreach ($dll in $dlls) {
|
||||
$dllPath = "C:\Windows\System32\$dll.dll"
|
||||
$backupPath = "C:\Windows\System32\${dll}_BAK.dll"
|
||||
|
||||
if ((Test-Path $backupPath) -and !(Test-Path $dllPath)) {
|
||||
try {
|
||||
# Take ownership of backup file
|
||||
Start-Process -FilePath "takeown.exe" -ArgumentList "/f `"$backupPath`"" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
|
||||
# Grant full control to everyone
|
||||
Start-Process -FilePath "icacls.exe" -ArgumentList "`"$backupPath`" /grant *S-1-1-0:F" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
|
||||
# Rename back to original
|
||||
Rename-Item -Path $backupPath -NewName "$dll.dll" -ErrorAction SilentlyContinue
|
||||
Write-Host "Restored ${dll}_BAK.dll to $dll.dll"
|
||||
|
||||
# Restore ownership to TrustedInstaller
|
||||
Start-Process -FilePath "icacls.exe" -ArgumentList "`"$dllPath`" /setowner `"NT SERVICE\TrustedInstaller`"" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
Start-Process -FilePath "icacls.exe" -ArgumentList "`"$dllPath`" /remove *S-1-1-0" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
}
|
||||
catch {
|
||||
Write-Host "Warning: Could not restore $dll.dll - $($_.Exception.Message)" -ForegroundColor Yellow
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Enable update related scheduled tasks
|
||||
Write-Host "Enabling update related scheduled tasks..." -ForegroundColor Yellow
|
||||
|
||||
$taskPaths = @(
|
||||
'\Microsoft\Windows\InstallService\*'
|
||||
'\Microsoft\Windows\UpdateOrchestrator\*'
|
||||
'\Microsoft\Windows\UpdateAssistant\*'
|
||||
'\Microsoft\Windows\WaaSMedic\*'
|
||||
'\Microsoft\Windows\WindowsUpdate\*'
|
||||
'\Microsoft\WindowsUpdate\*'
|
||||
)
|
||||
|
||||
foreach ($taskPath in $taskPaths) {
|
||||
try {
|
||||
$tasks = Get-ScheduledTask -TaskPath $taskPath -ErrorAction SilentlyContinue
|
||||
foreach ($task in $tasks) {
|
||||
Enable-ScheduledTask -TaskName $task.TaskName -TaskPath $task.TaskPath -ErrorAction SilentlyContinue
|
||||
Write-Host "Enabled task: $($task.TaskName)"
|
||||
}
|
||||
}
|
||||
catch {
|
||||
Write-Host "Warning: Could not enable tasks in path $taskPath - $($_.Exception.Message)" -ForegroundColor Yellow
|
||||
}
|
||||
}
|
||||
|
||||
Write-Host "Enabling driver offering through Windows Update..."
|
||||
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\Device Metadata" -Name "PreventDeviceMetadataFromNetwork" -ErrorAction SilentlyContinue
|
||||
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\DriverSearching" -Name "DontPromptForWindowsUpdate" -ErrorAction SilentlyContinue
|
||||
@ -39,6 +124,7 @@ function Invoke-WPFUpdatesdefault {
|
||||
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "BranchReadinessLevel" -ErrorAction SilentlyContinue
|
||||
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "DeferFeatureUpdatesPeriodInDays" -ErrorAction SilentlyContinue
|
||||
Remove-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings" -Name "DeferQualityUpdatesPeriodInDays" -ErrorAction SilentlyContinue
|
||||
|
||||
Write-Host "==================================================="
|
||||
Write-Host "--- Windows Update Settings Reset to Default ---"
|
||||
Write-Host "==================================================="
|
||||
@ -62,4 +148,6 @@ function Invoke-WPFUpdatesdefault {
|
||||
Write-Host "==================================================="
|
||||
Write-Host "--- Windows Local Policies Reset to Default ---"
|
||||
Write-Host "==================================================="
|
||||
|
||||
Write-Host "Note: A system restart may be required for all changes to take full effect." -ForegroundColor Yellow
|
||||
}
|
||||
|
||||
@ -6,30 +6,130 @@ function Invoke-WPFUpdatesdisable {
|
||||
|
||||
.NOTES
|
||||
Disabling Windows Update is not recommended. This is only for advanced users who know what they are doing.
|
||||
This function requires administrator privileges and will attempt to run as SYSTEM for certain operations.
|
||||
|
||||
#>
|
||||
|
||||
Write-Host "Configuring registry settings..." -ForegroundColor Yellow
|
||||
|
||||
If (!(Test-Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU")) {
|
||||
New-Item -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Force | Out-Null
|
||||
}
|
||||
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "NoAutoUpdate" -Type DWord -Value 1
|
||||
Set-ItemProperty -Path "HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" -Name "AUOptions" -Type DWord -Value 1
|
||||
|
||||
If (!(Test-Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config")) {
|
||||
New-Item -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" -Force | Out-Null
|
||||
}
|
||||
Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\DeliveryOptimization\Config" -Name "DODownloadMode" -Type DWord -Value 0
|
||||
|
||||
# Additional registry settings
|
||||
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" -Name "Start" -Type DWord -Value 4 -ErrorAction SilentlyContinue
|
||||
$failureActions = [byte[]](0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x03,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xc0,0xd4,0x01,0x00,0x00,0x00,0x00,0x00,0xe0,0x93,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00)
|
||||
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\WaaSMedicSvc" -Name "FailureActions" -Type Binary -Value $failureActions -ErrorAction SilentlyContinue
|
||||
|
||||
# Disable and stop update related services
|
||||
Write-Host "Disabling update services..." -ForegroundColor Yellow
|
||||
|
||||
$services = @(
|
||||
"BITS"
|
||||
"wuauserv"
|
||||
"UsoSvc"
|
||||
"uhssvc"
|
||||
"WaaSMedicSvc"
|
||||
)
|
||||
|
||||
foreach ($service in $services) {
|
||||
# -ErrorAction SilentlyContinue is so it doesn't write an error to stdout if a service doesn't exist
|
||||
|
||||
Write-Host "Setting $service StartupType to Disabled"
|
||||
Get-Service -Name $service -ErrorAction SilentlyContinue | Set-Service -StartupType Disabled
|
||||
try {
|
||||
Write-Host "Stopping and disabling $service..."
|
||||
$serviceObj = Get-Service -Name $service -ErrorAction SilentlyContinue
|
||||
if ($serviceObj) {
|
||||
Stop-Service -Name $service -Force -ErrorAction SilentlyContinue
|
||||
Set-Service -Name $service -StartupType Disabled -ErrorAction SilentlyContinue
|
||||
|
||||
# Set failure actions to nothing using sc command
|
||||
Start-Process -FilePath "sc.exe" -ArgumentList "failure `"$service`" reset= 0 actions= `"`"" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
}
|
||||
}
|
||||
catch {
|
||||
Write-Host "Warning: Could not process service $service - $($_.Exception.Message)" -ForegroundColor Yellow
|
||||
}
|
||||
}
|
||||
Write-Host "================================="
|
||||
Write-Host "--- Updates ARE DISABLED ---"
|
||||
Write-Host "================================="
|
||||
|
||||
# Rename critical update service DLLs (requires SYSTEM privileges)
|
||||
Write-Host "Attempting to rename critical update service DLLs..." -ForegroundColor Yellow
|
||||
|
||||
$dlls = @("WaaSMedicSvc", "wuaueng")
|
||||
|
||||
foreach ($dll in $dlls) {
|
||||
$dllPath = "C:\Windows\System32\$dll.dll"
|
||||
$backupPath = "C:\Windows\System32\${dll}_BAK.dll"
|
||||
|
||||
if (Test-Path $dllPath) {
|
||||
try {
|
||||
# Take ownership
|
||||
Start-Process -FilePath "takeown.exe" -ArgumentList "/f `"$dllPath`"" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
|
||||
# Grant full control to everyone
|
||||
Start-Process -FilePath "icacls.exe" -ArgumentList "`"$dllPath`" /grant *S-1-1-0:F" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
|
||||
# Rename file
|
||||
if (!(Test-Path $backupPath)) {
|
||||
Rename-Item -Path $dllPath -NewName "${dll}_BAK.dll" -ErrorAction SilentlyContinue
|
||||
Write-Host "Renamed $dll.dll to ${dll}_BAK.dll"
|
||||
|
||||
# Restore ownership to TrustedInstaller
|
||||
Start-Process -FilePath "icacls.exe" -ArgumentList "`"$backupPath`" /setowner `"NT SERVICE\TrustedInstaller`"" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
Start-Process -FilePath "icacls.exe" -ArgumentList "`"$backupPath`" /remove *S-1-1-0" -Wait -WindowStyle Hidden -ErrorAction SilentlyContinue
|
||||
}
|
||||
}
|
||||
catch {
|
||||
Write-Host "Warning: Could not rename $dll.dll - $($_.Exception.Message)" -ForegroundColor Yellow
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Delete downloaded update files
|
||||
Write-Host "Cleaning up downloaded update files..." -ForegroundColor Yellow
|
||||
|
||||
try {
|
||||
$softwareDistPath = "C:\Windows\SoftwareDistribution"
|
||||
if (Test-Path $softwareDistPath) {
|
||||
Get-ChildItem -Path $softwareDistPath -Recurse -Force | Remove-Item -Force -Recurse -ErrorAction SilentlyContinue
|
||||
Write-Host "Cleared SoftwareDistribution folder"
|
||||
}
|
||||
}
|
||||
catch {
|
||||
Write-Host "Warning: Could not fully clear SoftwareDistribution folder - $($_.Exception.Message)" -ForegroundColor Yellow
|
||||
}
|
||||
|
||||
# Disable update related scheduled tasks
|
||||
Write-Host "Disabling update related scheduled tasks..." -ForegroundColor Yellow
|
||||
|
||||
$taskPaths = @(
|
||||
'\Microsoft\Windows\InstallService\*'
|
||||
'\Microsoft\Windows\UpdateOrchestrator\*'
|
||||
'\Microsoft\Windows\UpdateAssistant\*'
|
||||
'\Microsoft\Windows\WaaSMedic\*'
|
||||
'\Microsoft\Windows\WindowsUpdate\*'
|
||||
'\Microsoft\WindowsUpdate\*'
|
||||
)
|
||||
|
||||
foreach ($taskPath in $taskPaths) {
|
||||
try {
|
||||
$tasks = Get-ScheduledTask -TaskPath $taskPath -ErrorAction SilentlyContinue
|
||||
foreach ($task in $tasks) {
|
||||
Disable-ScheduledTask -TaskName $task.TaskName -TaskPath $task.TaskPath -ErrorAction SilentlyContinue
|
||||
Write-Host "Disabled task: $($task.TaskName)"
|
||||
}
|
||||
}
|
||||
catch {
|
||||
Write-Host "Warning: Could not disable tasks in path $taskPath - $($_.Exception.Message)" -ForegroundColor Yellow
|
||||
}
|
||||
}
|
||||
|
||||
Write-Host "=================================" -ForegroundColor Green
|
||||
Write-Host "--- Updates ARE DISABLED ---" -ForegroundColor Green
|
||||
Write-Host "===================================" -ForegroundColor Green
|
||||
Write-Host "Note: Some operations may require a system restart to take full effect." -ForegroundColor Yellow
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user