Advertisement
aveyo

windows_update_toggle

Feb 20th, 2018 (edited)
16,945
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Batch 28.34 KB | None | 0 0
  1. @set @version=10.5 /* &title Windows Update Toggle
  2.  
  3. exit /b [OUTDATED]
  4.  
  5. @echo off
  6. echo.
  7. echo      ---------------------------------------------------------------------
  8. echo     :                     Windows Update Toggle v10.5                     :
  9. echo     :---------------------------------------------------------------------:
  10. echo     :         Block/Enable Upgrades, Installs, Downloads, Service         :
  11. echo     :         Disable/Enable Reports, Speech, SearchUI, Defender          :
  12. echo     :        Hide/Unhide/Apply update lists with count and max size       :
  13. echo     :         Preset Defender updates and Store downloads working         :
  14. echo     :                                                                     :
  15. echo     :     Toggle from the comfort of Desktop right-click context menu     :
  16. echo      ---------------------------------------------------------------------
  17. echo.
  18. :: 2020-09-07 v10.4: downloads option fixed and selected by default. stay tuned for a redesigned version with less hard blocks
  19. :: 2018-05-15 v10.1: streamlined toggling with a nicer gui
  20. :: Focus set on Defender updates working independently from windows mayhem automatic updates
  21. :: so this script will not sacrifice built-in protection layer, unlike most other -DIY- updates "management" just killing wuauserv
  22. :: Update lists will be refreshed whenever Windows would nag -and-force-reboot- via MusNotification (hijacked)
  23. :: had to use separate context menus for each category due to limitation of max 16 cascading items.. tx bill gates, 2018
  24. :: if Defender protection updates are detected in the Apply list, a manual signature update is set to trigger
  25. :: SearchUI option will disable start menu search - obviously, but you can use Classic Shell instead to have it working
  26. :: Disable option provided for wuauserv, but not recommended since a lot of stuff depends on it
  27. :: Mostly IFEO safe blocking with no destructive changes of ownership, deleting files, removing tasks, or over-blocking
  28. :: Troubleshooter option will just revert blocking done by this and former suite scripts; launches official update troubleshooter
  29. :: If blocking caused an unlikely logon issue, do advanced startup-troubleshoot-commandprompt and run WUTUndo.bat from C:\Windows
  30. :: There is a lot of ping-pong in the backend between CMD and WScript to bypass popups and prompts, yet neatly structured script
  31. :: AveYo, 2018-05-13
  32.  
  33. if %1.==. timeout /t 10 &call wscript /e:JScript "%~f0" runas setup &exit &rem : no arguments, run setup elevated
  34. if %1.==shift. shift &shift &rem : if loaded by WScript, shift args to prevent loop and restore %0
  35. if %1.==. echo ERROR! &timeout /t 5 &exit/b : must have at least one arg
  36.  
  37. :: Setup executable blocking via ifeo
  38. set notifier=EOSNotify MusNotification
  39. set upgrader=Windows10UpgraderApp Windows10Upgrade WindowsUpdateBox SetupHost setupprep
  40. set installer=wuauclt
  41. set downloader=MoUsoCoreWorker sedlauncher sedsvc
  42. set reporter=wermgr wsqmcons DiagTrackRunner DiagnosticsHub.StandardCollector.Service CompatTelRunner
  43. set speecher=SpeechRuntime SpeechModelDownload
  44. set searcher=SearchUI
  45.  
  46. set "exe=%notifier% %upgrader% %installer% %downloader% %reporter%"
  47. set "noop=%SystemRoot%\system32\systray.exe"
  48. set "ifeo=HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options"
  49. set "wut=HKCR\DesktopBackground\shell\WUT"
  50. set "menu=%wut%\shell"
  51. set "f0=%SystemRoot%\windows_update_toggle.bat"
  52. set ".=>nul 2>nul"
  53. set "verbose="
  54.  
  55. for /f "tokens=2 delims=1234567890" %%a in ('shutdown /?^|findstr /bc:"E"') do set "[T]=%%a" &rem : cosmetic usage in menus
  56. if defined verbose (echo on &set ".=" &set "window=") else set "window=hide"
  57. call :%~1 %2 %3 %4 %5 %6 %7 %8 %9 &rem : launch secondary functions below dinamically, passing next args
  58. echo.
  59. echo Done! Use the Desktop right-click context menu to toggle, renew or uninstall
  60. if "%~1"=="setup" (pause) else if defined verbose timeout /t 5
  61.  
  62. exit/b : End of main script, functions below
  63. ::---------------------------------------------------------------------------------------------------------------------------------
  64.  
  65. :refresh context menu
  66. echo %0 %*
  67. call :reg_query "HKLM\SOFTWARE\WUT.bat" NoBlock noblock
  68. if "%noblock%"=="Enable" exit/b
  69. call :reg_query "%wut%0pending" MUIVerb pending
  70. if defined pending exit/b
  71. for %%a in ("1hide" "2unhide" "3apply") do reg delete "%wut%%%~a" /f %.%
  72. reg add "%wut%0pending" /v MUIVerb /d "Pending.." /f %.%
  73. reg add "%wut%0pending" /v Icon /d "ieframe.dll,11" /f %.%
  74. reg add "%wut%0pending" /v SubCommands /d "" /f %.%
  75. call :reg_query "HKLM\SOFTWARE\WUT.bat" NoRefresh norefresh
  76. if "%norefresh%"=="Disable" (set "toggle=39") else set "toggle=38"
  77. reg add "%menu%\2Lists"  /v Icon /d "ieframe.dll,%toggle%" /f %.%
  78. if "%norefresh%"=="Disable" start "WUT" wscript /e:JScript "%f0%" WUTRefresh
  79. call :status SetupHost 3Upgrades
  80. call :status wuauclt 4Installs
  81. call :status MoUsoCoreWorker 5Downloads
  82. rem for /f "tokens=3" %%a in ('sc qc TrustedInstaller ^| find /I "WUTblocked"') do set "blocked=%%a"
  83. rem if /i "%blocked%"=="[WUTblocked]" (set "toggle=38") else set "toggle=39"
  84. rem reg add "%menu%\5Downloads"  /v Icon /d "ieframe.dll,%toggle%" /f %.%
  85. for /f "tokens=3" %%a in ('sc qc wuauserv ^| find /I "WUTblocked"') do set "blocked=%%a"
  86. if /i "%blocked%"=="rpcss[WUTblocked]" (set "toggle=38") else set "toggle=39"
  87. reg add "%menu%\6Service"  /v Icon /d "ieframe.dll,%toggle%" /f %.%
  88. call :status wermgr 81Report
  89. call :status SpeechRuntime 82Speech
  90. call :status SearchUI 83Search
  91. set "defstatus=if((Get-MpPreference).DisableRealtimeMonitoring){write-host 38}else{write-host 39}"
  92. for /f "delims=" %%a in ('call powershell.exe -c "%defstatus%;"') do set "toggle=%%a"
  93. reg add "%menu%\84Defender"  /v Icon /d "ieframe.dll,%toggle%" /f %.%
  94. if "%norefresh%"=="Enable" reg delete "%wut%0pending" /f %.%
  95. exit/b
  96.  
  97. :status %1:exe %2:submenu
  98. call :reg_query "%ifeo%\%~1.exe" Debugger block
  99. if defined block (set "toggle=38") else set "toggle=39"
  100. reg add "%menu%\%~2"  /v Icon /d "ieframe.dll,%toggle%" /f %.%
  101. exit/b
  102.  
  103. :flip %1:exe %2:submenu
  104. call :reg_query "%ifeo%\%~1.exe" Debugger block
  105. if defined block (set "toggle=39") else set "toggle=38"
  106. reg add "%menu%\%~2"  /v Icon /d "ieframe.dll,%toggle%" /f %.%
  107. exit/b
  108.  
  109. :toggle WUT
  110. echo %0 %*
  111. call :reg_query "HKLM\SOFTWARE\WUT.bat" NoBlock noblock
  112. if "%noblock%"=="Disable" (set "toggle=Enable") else set "toggle=Disable"
  113. for %%a in (NoBlock NoRefresh) do reg add "HKLM\SOFTWARE\WUT.bat" /v %%a /d "%toggle%" /f %.%
  114. set "task=wscript.exe /e:JScript \"%f0%\" schtasks WUT"
  115. :: Generate WUT main context menu
  116. for %%a in ("" "0pending" "1hide" "2unhide" "3apply") do reg delete "%wut%%%~a" /f %.%
  117. reg add "%wut%" /v MUIVerb /d "Windows Update Toggle" /f %.%
  118. reg add "%wut%" /v Icon /d "comres.dll,4" /f %.%
  119. reg add "%wut%" /v SubCommands /d "" /f %.%
  120. reg add "%menu%\9Setup" /v MUIVerb /d "Configure WUT v%@version:~0,4%" /f %.%
  121. reg add "%menu%\9Setup" /v SubCommands /d "" /f %.%
  122. reg add "%menu%\9Setup\shell\1Toggle"  /v MUIVerb /d "%toggle%" /f %.%
  123. reg add "%menu%\9Setup\shell\2Renew"   /v MUIVerb /d "Renew" /f %.%
  124. reg add "%menu%\9Setup\shell\3Remove"  /v MUIVerb /d "Remove" /f %.%
  125. reg add "%menu%\9Setup\shell\1Toggle\command" /ve /d "%task%\toggle" /f %.%
  126. reg add "%menu%\9Setup\shell\2Renew\command"  /ve /d "%task%\renew" /f %.%
  127. reg add "%menu%\9Setup\shell\3Remove\command" /ve /d "%task%\remove" /f %.%
  128. if "%toggle%"=="Disable" (
  129.  reg add "%menu%\1Refresh"    /v MUIVerb /d "Refresh" /f %.%
  130.  reg add "%menu%\2Lists"      /v MUIVerb /d "Lists" /f %.%
  131.  reg add "%menu%\3Upgrades"   /v MUIVerb /d "Upgrades %[T]% setuphost" /f %.%
  132.  reg add "%menu%\4Installs"   /v MUIVerb /d "Installs %[T]% wuauclt" /f %.%
  133.  reg add "%menu%\5Downloads"  /v MUIVerb /d "Downloads ! %[T]% trustedinstaller" /f %.%
  134.  reg add "%menu%\6Service"    /v MUIVerb /d "Service ! ! %[T]% wuauserv" /f %.%
  135.  reg add "%menu%\7Repair"     /v MUIVerb /d "Troubleshooter" /f %.%
  136.  reg add "%menu%\81Report"    /v MUIVerb /d "Report" /f %.%
  137.  reg add "%menu%\82Speech"    /v MUIVerb /d "Speech" /f %.%
  138.  reg add "%menu%\83Search"    /v MUIVerb /d "SearchUI" /f %.%
  139.  reg add "%menu%\84Defender"  /v MUIVerb /d "Defender" /f %.%
  140.  reg add "%menu%\1Refresh\command" /ve   /d "%task%\refresh" /f %.%
  141.  reg add "%menu%\2Lists\command" /ve     /d "%task%\lists" /f %.%
  142.  reg add "%menu%\3Upgrades\command" /ve  /d "%task%\upgrades" /f %.%
  143.  reg add "%menu%\4Installs\command" /ve  /d "%task%\installs" /f %.%
  144.  reg add "%menu%\5Downloads\command" /ve /d "%task%\downloads" /f %.%
  145.  reg add "%menu%\6Service\command" /ve   /d "%task%\service" /f %.%
  146.  reg add "%menu%\7Repair\command" /ve    /d "%task%\repair" /f %.%
  147.  reg add "%menu%\81Report\command" /ve   /d "%task%\report" /f %.%
  148.  reg add "%menu%\82Speech\command" /ve   /d "%task%\speech" /f %.%
  149.  reg add "%menu%\83Search\command" /ve   /d "%task%\search" /f %.%
  150.  reg add "%menu%\84Defender\command" /ve /d "%task%\defender" /f %.%
  151. )
  152. :: Toggle immersive context-menu crap
  153. ::if "%toggle%"=="Disable" set "icm=0x0" else set "icm=0x1"
  154. ::reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\FlightedFeatures" /v ImmersiveContextMenu /t REG_DWORD /d %icm% /f %.%
  155. :: Disabling automatic updates hinders Defender, so get definitions from MMPC first
  156. set "DefMUS={MicrosoftUpdateServer|MMPC|InternalDefinitionUpdateServer}"
  157. set "DefMMPC={MMPC|MicrosoftUpdateServer|InternalDefinitionUpdateServer}"
  158. if "%toggle%"=="Enable" ( set "DefSig=%DefMUS%" ) else set "DefSig=%DefMMPC%"
  159. start "WUT:MpPref" wscript /e:JScript "%~f0" cmd "powershell.exe -c `Set-MpPreference -SignatureFallbackOrder %DefSig%;`"
  160. :: Default services
  161. sc config wuauserv type= share depend= rpcss %.%
  162. sc config TrustedInstaller type= own depend= / %.%
  163. :: Toggle ifeo exe blocking
  164. for %%a in (%exe% %speech% %search%) do reg delete "%ifeo%\%%a.exe" /f %.%
  165. if "%toggle%"=="Enable" exit/b WUT disabled, so skip the code below
  166. for %%a in (%exe%) do reg add "%ifeo%\%%a.exe" /v Debugger /d "%noop%" /f %.% &taskkill /im "%%a.exe" /t /f %.%
  167. :: Block downloads on older version - a mess atm
  168. net stop TrustedInstaller %.%
  169. sc config TrustedInstaller type= own depend= [WUTblocked] %.%
  170. :: WUTRefresh hijacking
  171. for %%a in (MusNotification EOSNotify) do reg add "%ifeo%\%%a.exe" /v Debugger /d "%SystemRoot%\WUTRefresh.bat" /f %.%
  172. call :refresh menu
  173. exit/b
  174.  
  175. :hide update
  176. echo %0 %*
  177. call :reg_query "%wut%1hide\shell\%~1" MUIVerb updatefound
  178. echo -%updatefound%
  179. if not defined updatefound exit/b
  180. call wscript /e:JScript "%f0%" hide "%updatefound%"
  181. exit/b
  182.  
  183. :unhide update
  184. echo %0 %*
  185. call :reg_query "%wut%2unhide\shell\%~1" MUIVerb updatefound
  186. echo -%updatefound%
  187. if not defined updatefound exit/b
  188. call wscript /e:JScript "%f0%" unhide "%updatefound%"
  189. exit/b
  190.  
  191. :apply update
  192. echo %0 %*
  193. call :reg_query "%wut%3apply\shell\%~1" MUIVerb updatefound
  194. echo -%updatefound%
  195. if not defined updatefound exit/b
  196. :: Cache current blocks status, because Apply will unblock downloads and installs in the WScript stage
  197. call :reg_query "%ifeo%\wuauclt.exe" Debugger installs_blocked
  198. call :reg_query "%ifeo%\MoUsoCoreWorker.exe" Debugger downloads_blocked
  199. rem for /f "tokens=3" %%a in ('sc qc TrustedInstaller ^| find /I "WUTblocked"') do set "downloads_blocked=%%a"
  200. call wscript /e:JScript "%f0%" apply "%updatefound%"
  201. :: Restore cached blocks
  202. if defined installs_blocked reg add "%ifeo%\wuauclt.exe" /v Debugger /d "%noop%" /f %.% &taskkill /im "wuauclt.exe" /t /f %.%
  203. if defined downloads_blocked (
  204.  reg add "%ifeo%\MoUsoCoreWorker.exe" /v Debugger /d "%noop%" /f %.%
  205.  taskkill /im "MoUsoCoreWorker.exe" /t /f %.%
  206.  reg add "%ifeo%\sedlauncher.exe" /v Debugger /d "%noop%" /f %.%
  207.  taskkill /im "sedlauncher.exe" /t /f %.%
  208.  reg add "%ifeo%\sedsvc.exe" /v Debugger /d "%noop%" /f %.%
  209.  taskkill /im "sedsvc.exe" /t /f %.%
  210. )
  211. if defined downloads_blocked sc config TrustedInstaller type= own depend= [WUTblocked] %.%
  212. exit/b
  213.  
  214. :lists
  215. echo %0 %*
  216. call :reg_query "HKLM\SOFTWARE\WUT.bat" NoRefresh norefresh
  217. if "%norefresh%"=="Disable" ( set "norefresh=Enable" &set "toggle=38") else set "norefresh=Disable" &set "toggle=39"
  218. reg add "HKLM\SOFTWARE\WUT.bat" /v NoRefresh /d "%norefresh%" /f %.%
  219. reg add "%menu%\2Lists"  /v Icon /d "ieframe.dll,%toggle%" /f %.%
  220. if "%norefresh%"=="Enable" (
  221.  reg delete "%wut%1hide" /f %.% &reg delete "%wut%2unhide" /f %.% &reg delete "%wut%3apply" /f %.%
  222.  reg delete "%wut%0pending" /f %.%
  223. )
  224. call :refresh lists
  225. exit/b
  226.  
  227. :upgrades
  228. echo %0 %*
  229. call :flip SetupHost 3Upgrades
  230. for %%a in (%upgrader%) do if defined block (
  231.  reg delete "%ifeo%\%%a.exe" /f %.%
  232. ) else (
  233.  reg add "%ifeo%\%%a.exe" /v Debugger /d "%noop%" /f %.% &taskkill /im "%%a.exe" /t /f %.%
  234. )
  235. exit/b
  236.  
  237. :installs
  238. echo %0 %*
  239. call :flip wuauclt 4Installs
  240. for %%a in (%installer%) do if defined block (
  241.  do reg delete "%ifeo%\%%a.exe" /f %.%
  242. ) else (
  243.  reg add "%ifeo%\%%a.exe" /v Debugger /d "%SystemRoot%\WUTRefresh.bat" /f %.% &taskkill /im "%%a.exe" /t /f %.%
  244. )
  245. if defined block start "wut" wscript /e:JScript "%f0%" WUTRefresh
  246. exit/b
  247.  
  248. :downloads
  249. echo %0 %*
  250. net stop TrustedInstaller /y %.%
  251. call :reg_query "%wut%3apply" MUIVerb pending
  252. set "reboot=%pending:reboot=%"
  253. if defined pending if "%pending%"=="%reboot%" set "pending="
  254. if defined pending (
  255.  for %%a in (%downloader%) do reg delete "%ifeo%\%%a.exe" /f %.%
  256.  sc config TrustedInstaller type= own depend= / %.%
  257.  reg add "%menu%\5Downloads"  /v Icon /d "ieframe.dll,11" /f %.%
  258.  exit/b
  259. )
  260. call :flip MoUsoCoreWorker 5Downloads
  261. for %%a in (%downloader%) do if defined block (
  262.  do reg delete "%ifeo%\%%a.exe" /f %.%
  263.  for /f "tokens=3" %%a in ('sc queryex TrustedInstaller ^| find /i "PID"') do if not "%%a"=="0" taskkill /pid %%a /f %.%
  264.  sc config TrustedInstaller type= own depend= [WUTblocked] %.%
  265. ) else (
  266.  reg add "%ifeo%\%%a.exe" /v Debugger /d "%SystemRoot%\WUTRefresh.bat" /f %.% &taskkill /im "%%a.exe" /t /f %.%
  267.  sc config TrustedInstaller type= own depend= / %.%
  268. )
  269. if defined block start "wut" wscript /e:JScript "%f0%" WUTRefresh
  270. exit/b
  271.  
  272. :service
  273. echo %0 %*
  274. for /f "tokens=3" %%a in ('sc qc wuauserv ^| find /I "WUTblocked"') do set "blocked=%%a"
  275. if /i "%blocked%"=="rpcss[WUTblocked]" (set "blocked=rpcss" &set "toggle=39") else set "blocked=rpcss[WUTblocked]" &set "toggle=38"
  276. reg add "%menu%\6Service"  /v Icon /d "ieframe.dll,%toggle%" /f %.%
  277. net stop wuauserv /y %.%
  278. for /f "tokens=3" %%a in ('sc queryex wuauserv ^| find /i "PID"') do set "pid=%a"
  279. if not "%pid%"=="0" taskkill /pid %pid% /f %.%
  280. sc config wuauserv type= share depend= %blocked% %.%
  281. if defined block start "wut" wscript /e:JScript "%f0%" WUTRefresh
  282. exit/b
  283.  
  284. :repair
  285. echo %0 %*
  286. :: Restore services (undo only the changes made by this script, not whatever blocking was done by other means)
  287. sc config wuauserv type= share depend= rpcss %.%
  288. sc config TrustedInstaller type= own depend= / %.%
  289. :: Remove any IFEO blocking done by past scripts
  290. set eo=DiagnosticsHub.StandardCollector.Service WindowsUpdateElevatedInstaller LocationNotificationWindows InstallAgentUserBroker
  291. set eo=%eo% UpdateNotificationMgr DataUsageLiveTileTask Windows10UpgraderApp WindowsActionDialog SpeechModelDownload WerFaultSecure
  292. set eo=%eo% GetCurrentRollback WindowsUpdateBox Windows10Upgrade TrustedInstaller MusNotification DiagTrackRunner CompatTelRunner
  293. set eo=%eo% WinREBootApp64 WinREBootApp32 UNPUXLauncher SpeechRuntime MusNotifyIcon PilotshubApp InstallAgent dstokenclean wsqmcons
  294. set eo=%eo% disksnapshot osrssupdate wuapihost WaaSMedic UsoClient UNPUXHost SIHClient setupprep SetupHost osrssinst EOSNotify wusa
  295. set eo=%eo% WerFault TiWorker SearchUI DWTRIG20 dusmtask dmclient appidtel wuauclt wermgr DFDWiz remsh reach HxTsr DWWIN DW20 GWX
  296. set eo=%eo% MoUsoCoreWorker sedlauncher sedsvc
  297. for %%a in (%eo%) do reg delete "%ifeo%\%%a.exe" /f %.%
  298. :: Restore notification hijacking
  299. >"%SystemRoot%\WUTRefresh.bat" echo/@start "WUTRefresh" /min wscript.exe /e:JScript "%f0%" WUTRefresh
  300. for %%a in (MusNotification EOSNotify) do reg add "%ifeo%\%%a.exe" /v Debugger /d "%SystemRoot%\WUTRefresh.bat" /f %.%
  301. :: Remove pending instance safeguard
  302. reg delete "HKLM\SOFTWARE\WUT.bat" /v Pending /f %.%
  303. :: Refresh menu
  304. call :refresh repair
  305. :: Open Update Diagnostic
  306. start "wud" msdt.exe /id WindowsUpdateDiagnostic %.%
  307. :: Open official update troubleshooter page
  308. start https://support.microsoft.com/en-us/help/4027322/windows-update-troubleshooter %.%
  309. exit/b
  310.  
  311. :report
  312. echo %0 %*
  313. call :flip wermgr 81Report
  314. for %%a in (%reporter%) do if defined block ( reg delete "%ifeo%\%%a.exe" /f %.% ) else (
  315.  reg add "%ifeo%\%%a.exe" /v Debugger /d "%noop%" /f %.% &taskkill /im "%%a.exe" /t /f %.%
  316. )
  317. exit/b
  318.  
  319. :speech
  320. echo %0 %*
  321. call :flip SpeechRuntime 82Speech
  322. for %%a in (%speecher%) do if defined block ( reg delete "%ifeo%\%%a.exe" /f %.% ) else (
  323.  reg add "%ifeo%\%%a.exe" /v Debugger /d "%noop%" /f %.% &taskkill /im "%%a.exe" /t /f %.%
  324. )
  325. exit/b
  326.  
  327. :search
  328. echo %0 %*
  329. call :flip SearchUI 83Search
  330. for %%a in (%searcher%) do if defined block ( reg delete "%ifeo%\%%a.exe" /f %.% ) else (
  331.  reg add "%ifeo%\%%a.exe" /v Debugger /d "%noop%" /f %.% &taskkill /im "%%a.exe" /t /f %.%
  332. )
  333. exit/b
  334.  
  335. :defender
  336. echo %0 %*
  337. set "s10=$t=1;$toggle='38'; if((Get-MpPreference).DisableRealtimeMonitoring){$t=0;$toggle='39';}"
  338. set "s11=Set-MpPreference -DisableRealtimeMonitoring $t"
  339. set "s12=Set-MpPreference -DisableBehaviorMonitoring $t"
  340. set "s13=Set-MpPreference -DisableIOAVProtection $t"
  341. set "s14=write-host $toggle"
  342. for /f "delims=" %%a in ('call powershell.exe -c "%s10%;%s11%;%s12%;%s13%;%s14%;"') do set "toggle=%%a"
  343. reg add "%menu%\84Defender" /v Icon /d "ieframe.dll,%toggle%" /f %.%
  344. exit/b
  345.  
  346. :update_defender - triggered from WScript to get definitions from MMPC, regardless of updates being blocked
  347. tasklist /FI "IMAGENAME eq MpCmdRun.exe" | find ".exe" %.%
  348. if not errorlevel 1 exit/b
  349. pushd %ProgramFiles%\Windows Defender
  350. call MpCmdRun.exe -removedefinitions -dynamicsignatures
  351. call MpCmdRun.exe -SignatureUpdate -MMPC
  352. exit/b
  353.  
  354. :setup
  355. echo %0 %*
  356. pushd %SystemRoot%
  357. if /i "%~f0"=="%f0%" (set "initial_setup=") else copy /y "%~f0" "%f0%" %.%
  358. :: Create WUTUndo for emergencies
  359.  >WUTUndo.bat echo/pushd %%~dp0system32\config
  360. >>WUTUndo.bat echo/reg load HKLM\WUTUndo1 SOFTWARE
  361. >>WUTUndo.bat echo/set "koff=HKLM\WUTUndo1\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" ^&set "kon=%ifeo%"
  362. >>WUTUndo.bat echo/for %%%%B in (%exe%) do for %%%%K in ("%%koff%%" "%%kon%%") do reg delete "%%%%~K\%%%%B.exe" /f 2^>nul
  363. >>WUTUndo.bat echo/reg unload HKLM\WUTUndo1
  364. >>WUTUndo.bat echo/reg load HKLM\WUTUndo2 SYSTEM
  365. >>WUTUndo.bat echo/for %%%%K in (WUTUndo2 SYSTEM) do (
  366. >>WUTUndo.bat echo/ reg delete "HKLM\%%%%~K\ControlSet001\Services\TrustedInstaller" /v DependOnService /f 2^>nul
  367. >>WUTUndo.bat echo/ reg delete "HKLM\%%%%~K\CurrentControlSet\Services\TrustedInstaller" /v DependOnService /f 2^>nul
  368. >>WUTUndo.bat echo/)
  369. >>WUTUndo.bat echo/reg unload HKLM\WUTUndo2
  370. :: Create WUTRefresh to hijack update notifications and refresh context menu in addition to preventing forced reboots
  371. >WUTRefresh.bat echo/@start "WUTRefresh" /min wscript.exe /e:JScript "%f0%" WUTRefresh
  372. :: Create tasks to run context menu entries with proper access and no output window
  373. start "WUT" wscript /e:JScript "%~f0" cmd "call `%~f0` setup_schtasks"
  374. :: WUT options
  375. for %%a in (NoBlock NoRefresh) do reg add "HKLM\SOFTWARE\WUT.bat" /v %%a /d "Enable" /f %.%
  376. call :toggle blocking
  377. exit/b
  378.  
  379. :setup_schtasks - no stalling separate process
  380. set "strun=wscript.exe /e:JScript \"%f0%\" run%window%"
  381. for %%t in (refresh lists upgrades installs downloads service repair report speech search defender toggle renew remove) do (
  382.  schtasks /create /ru "%username%" /sc once /tn "WUT\%%t" /tr "%strun% %%t" /st "00:00:00" /it /rl highest /f %.%
  383. )
  384. for %%t in (hide unhide apply) do for /l %%n in (101,1,116) do (
  385.  schtasks /create /ru "%username%" /sc once /tn "WUT\%%t\%%n" /tr "%strun% %%t %%n" /st "00:00:00" /it /rl highest /f %.%
  386. )
  387. exit/b
  388.  
  389. :renew
  390. echo %0 %*
  391. echo Renewing from internet - old version saved as %SystemRoot%\WUT.old
  392. pushd %SystemRoot%
  393. if exist WUT.new del /f /q WUT.new %.%
  394. call wscript /e:JScript "%~f0" renew "https://pastebin.com/raw/gNsLEWJe" "%SystemRoot%\WUT.new"
  395. if exist WUT.new copy /y "%f0%" WUT.old %.% &copy /y WUT.new "%f0%" %.% &del /f /q WUT.new %.%
  396. start "WUT" "%f0%" %.%
  397. exit
  398.  
  399. :remove
  400. echo %0 %*
  401. for %%a in (NoBlock NoRefresh) do reg add "HKLM\SOFTWARE\WUT.bat" /v %%a /d "Disable" /f %.%
  402. call :toggle off
  403. reg delete "HKLM\SOFTWARE\WUT.bat" /f %.%
  404. for %%a in ("" "0pending" "1hide" "2unhide" "3apply") do reg delete "%wut%%%~a" /f %.%
  405. for %%t in (refresh lists upgrades installs downloads service repair report speech search defender toggle renew remove) do (
  406.  schtasks /delete /tn "WUT\%%t" /f %.%
  407. )
  408. for %%t in (hide unhide apply) do for /l %%n in (101,1,116) do schtasks /delete /tn "WUT\%%t\%%n" /f %.%
  409. for %%t in (hide unhide apply) do schtasks /delete /tn "WUT\%%t" /f %.%
  410. schtasks /delete /tn "WUT" /f %.%
  411. sc config wuauserv type= share depend= rpcss %.%
  412. sc config TrustedInstaller type= own depend= / %.%
  413. pushd %SystemRoot%
  414. del /f /q WUT.bat WUT.old DefenderManualUpdate.bat WUTRefresh.bat WUTUndo.bat "%f0%" %.%
  415. exit/b
  416.  
  417. :reg_query %1:KeyName %2:ValueName %3:OutputVariable %4:other_options[example: "/t REG_DWORD"]
  418. setlocal & for /f "skip=2 delims=" %%s in ('reg query "%~1" /v "%~2" /z 2^>nul') do set "rq=%%s" & call set "rv=%%rq:*)    =%%"
  419. endlocal & set "%~3=%rv%" & exit/b &rem                                         AveYo: call :reg_query "HKCU\MyKey" "MyValue" MyVar
  420.  
  421. ::---------------------------------------------------------------------------------------------------------------------------------
  422. :JScript_functions                                                                 AveYo: Switch syntax highlighter to 'javascript'
  423. ::-------------------------------------------------------------------------------------------------------------------------------*/
  424. f0=WSH.ScriptFullName; run=WSH.Arguments(0); args=''; for(i=1;i<WSH.Arguments.length;i++) args+=' "'+WSH.Arguments(i)+'"';
  425. function sex(exe,args){WSH.CreateObject('Shell.Application').ShellExecute(exe,args,'','',0);}; function reg(s){ sex('reg.exe',s); }
  426.  
  427. // Open external commands in new hidden cmd instance - backquotes replaced to quotes
  428. if (run=='cmd') sex('cmd','/c '+args.replace(/`/g,'"'));
  429.  
  430. // Context menu entries trigger - elevated with no popups
  431. if (run=='schtasks') sex('SCHTASKS.EXE','/Run /TN '+args);
  432.  
  433. // Shift to CMD if loaded by WScript - pass arguments, prevent loop, run as admin at setup, hide window at context-menu
  434. function cmd(adm,win){WSH.CreateObject('Shell.Application').ShellExecute('cmd','/c call "'+f0+'" shift "'+f0+'"'+args,'',adm,win);}
  435. if (run=='run') cmd('',1); if (run=='runhide') cmd('',0); if (run=='runas') cmd('runas',1); if (run=='runashide') cmd('runas',0);
  436.  
  437. if (run=='renew') {
  438.   // renew script over internet
  439.   try{
  440.   downloader=WSH.CreateObject("WinHttp.WinHttpRequest.5.1");
  441.   if (downloader===null) downloader=WSH.CreateObject("WinHttp.WinHttpRequest");
  442.   if (downloader===null) downloader=WSH.CreateObject("MSXML2.ServerXMLHTTP");
  443.   if (downloader===null) downloader=WSH.CreateObject("Microsoft.XMLHTTP");
  444.   downloader.Open("GET",WSH.Arguments(1),false); downloader.Send(); oASI=downloader.ResponseBody(); downloader=undefined;
  445.   oASO=WSH.CreateObject("ADODB.Stream"); oASO.type=1; oASO.Mode=3; oASO.Open; oASO.Write(oASI); oASI=undefined;
  446.   oASO.SaveToFile(WSH.Arguments(2)); oASO.Close();
  447.   }catch(e){} // supress all errors since we're working with com objects
  448. }
  449.  
  450. // WUT Hide/Unhide/Apply lists
  451. if (run=='WUTRefresh' || run=='hide' || run=='unhide' || run=='apply') {
  452.   SRP=GetObject("winmgmts:StdRegProv"); pending=SRP.GetStringValue(2147483650,'SOFTWARE\\WUT.bat','Pending');
  453.   if (pending===0) WSH.quit(); else SRP.SetStringValue(2147483650,'SOFTWARE\\WUT.bat','Pending','yes'); // prevent instances
  454.   k='HKCR\\DesktopBackground\\shell\\WUT'; hk=k+'1hide'; uk=k+'2unhide'; ik=k+'3apply'; pk=k+'0pending';// short list keys
  455.   reg('delete "'+hk+'" /f');reg('delete "'+uk+'" /f');reg('delete "'+ik+'" /f'); reg('add "'+pk+'" /v MUIVerb /d "Pending.." /f');
  456.   reg('add "'+pk+'" /v SubCommands /d "" /f'); reg('add "'+pk+'" /v Icon /d "ieframe.dll,11" /f');
  457.   // Check for updates
  458.   count=0; wuthide=[]; wutunhide=[];
  459.   try{
  460.   session=WSH.CreateObject("Microsoft.Update.Session"); reboot=WSH.CreateObject("Microsoft.Update.SystemInfo").RebootRequired;
  461.   searcher=session.CreateUpdateSearcher();
  462.   sresult=searcher.Search("IsInstalled=0"); Updatelist=sresult.Updates; count=sresult.Updates.Count;
  463.   for(i=0;i<count;i++) {
  464.     itemTitle=Updatelist.Item(i).Title;
  465.     minsize=Updatelist.Item(i).MinDownloadSize; maxsize=Updatelist.Item(i).MaxDownloadSize; wutsize='';
  466.     if (maxsize > 1073741824) wutsize=' ['+Math.round(minsize/10737418.24)/100+' - '+Math.round(maxsize/10737418.24)/100+'GB]';
  467.     else if (maxsize > 1048576) wutsize=' ['+Math.round(minsize/10485.76)/100+' - '+Math.round(maxsize/10485.76)/100+'MB]';
  468.     else if (maxsize > 1024) wutsize=' ['+Math.round(minsize/10.24)/100+' - '+Math.round(maxsize/10.24)/100+'KB]';
  469.     else if (maxsize > 0) wutsize=' ['+(minsize)+' - '+(maxsize)+'B]';
  470.     wutTitle=Updatelist.Item(i).Title + wutsize;
  471.     if (run=='apply' && WSH.Arguments(1).indexOf(itemTitle) > -1) {
  472.       // Add matching entry to UpdateColl
  473.       UpdateColl=WSH.CreateObject("Microsoft.Update.UpdateColl"); UpdateColl.Add(Updatelist.Item(i));
  474.       // Download update
  475.       downloader=session.CreateUpdateDownloader(); downloader.Updates=UpdateColl; dresult=downloader.Download();
  476.       if (dresult.ResultCode==2) {
  477.         // Unblock apply
  478.         sex('sc','config TrustedInstaller type= own depend= /');
  479.         KeyPath='SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\';
  480.         SRP.DeleteKey(2147483650,KeyPath+'wuauclt.exe');
  481.         SRP.DeleteKey(2147483650,KeyPath+'MoUsoCoreWorker.exe');
  482.         SRP.DeleteKey(2147483650,KeyPath+'sedlauncher.exe');
  483.         SRP.DeleteKey(2147483650,KeyPath+'sedsvc.exe');
  484.         WSH.Sleep(1000);
  485.         //Apply update
  486.         installer=session.CreateUpdateInstaller(); installer.Updates=UpdateColl; iresult=installer.Install();
  487.         if (iresult.ResultCode==2) continue;
  488.       }
  489.     }
  490.     // hide and unhide are very simple bool flip compared to apply
  491.     if (run=='hide' && WSH.Arguments(1).indexOf(itemTitle) > -1) {
  492.       Updatelist.Item(i).IsHidden=true; wutunhide.push(wutTitle); continue;
  493.     }
  494.     if (run=='unhide' && WSH.Arguments(1).indexOf(itemTitle) > -1) {
  495.       Updatelist.Item(i).IsHidden=false; wuthide.push(wutTitle); continue;
  496.     }
  497.     // Trigger :update_defender to manually refresh definitions from MMPC
  498.     if (Updatelist.Item(i).IsHidden===false && itemTitle.indexOf('(Definition') > -1) {
  499.       sex('cmd','/c call "'+f0+'" update_defender');
  500.     }
  501.     // Sorting lists
  502.     if (Updatelist.Item(i).IsHidden) wutunhide.push(wutTitle); else wuthide.push(wutTitle);
  503.   }
  504.   // Generate Hide context menu
  505.   if (wuthide.length>0){
  506.     reg('add "'+hk+'" /v MUIVerb /d "Hide '+"\t"+wuthide.length+'" /f');
  507.     reg('add "'+hk+'" /v Icon /d "ieframe.dll,42" /f');
  508.     reg('add "'+hk+'" /v SubCommands /d "" /f');
  509.     for(i=101,n=wuthide.length+101;i<n;i++) {
  510.       reg('add "'+hk+'\\shell\\'+i+'" /v MUIVerb /d "'+wuthide[i-101]+'" /f');
  511.       reg('add "'+hk+'\\shell\\'+i+'\\command" /ve /d "wscript.exe /e:JScript \\"'+f0+'\\" schtasks WUT\\hide\\'+i+'" /f');
  512.     }
  513.   }
  514.   // Generate Unhide context menu
  515.   if (wutunhide.length>0){
  516.     reg('add "'+uk+'" /v MUIVerb /d "Unhide '+"\t"+wutunhide.length+'" /f');
  517.     reg('add "'+uk+'" /v Icon /d "ieframe.dll,42" /f');
  518.     reg('add "'+uk+'" /v SubCommands /d "" /f');
  519.     for(i=101,n=wutunhide.length+101;i<n;i++) {
  520.       reg('add "'+uk+'\\shell\\'+i+'" /v MUIVerb /d "'+wutunhide[i-101]+'" /f');
  521.       reg('add "'+uk+'\\shell\\'+i+'\\command" /ve /d "wscript.exe /e:JScript \\"'+f0+'\\" schtasks WUT\\unhide\\'+i+'" /f');
  522.     }
  523.   }
  524.   // Generate Apply context menu
  525.   if (wuthide.length>0){
  526.     reg('add "'+ik+'" /v MUIVerb /d "Apply '+"\t"+((reboot) ? 'must reboot ' : wuthide.length)+'" /f');
  527.     reg('add "'+ik+'" /v Icon /d "ieframe.dll,42" /f');
  528.     reg('add "'+ik+'" /v SubCommands /d "" /f');
  529.     for(i=101,n=wuthide.length+101;i<n;i++) {
  530.       reg('add "'+ik+'\\shell\\'+i+'" /v MUIVerb /d "'+wuthide[i-101]+'" /f');
  531.       reg('add "'+ik+'\\shell\\'+i+'\\command" /ve /d "wscript.exe /e:JScript \\"'+f0+'\\" schtasks WUT\\apply\\'+i+'" /f');
  532.     }
  533.   }
  534.   }catch(e){} // supress all errors since we're working with com objects
  535.   reg('delete "'+pk+'" /f'); SRP.DeleteValue(2147483650,'SOFTWARE\\WUT.bat','Pending'); // Remove Pending.. temporary entry
  536. }
  537. //
  538.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement