[Help] Script to automate services default state

Discussion in 'Scripting' started by Thomas Dubreuil, Oct 24, 2018.

  1. Thomas Dubreuil

    Thomas Dubreuil MDL Junior Member

    Aug 29, 2017
    78
    127
    0
    #1 Thomas Dubreuil, Oct 24, 2018
    Last edited: Oct 24, 2018
    Trying to make a "script" to automate LTSC services default state...Here it is:

    Code:
    @echo Restore The Services Start Registry Entries as Saved At 20:45:00,00 24/10/2018
    @pause
    
    for %%G in (AudioEndpointBuilder,Audiosrv,BFE,BrokerInfrastructure,CoreMessagingRegistrar,CryptSvc,DcomLaunch,ddpvssvc,Dhcp,Dnscache,DPS,DusmSvc,EventLog,EventSystem,FontCache,gpsvc,IKEEXT,LSM,mpssvc,NlaSvc,nsi,Power,ProfSvc,RpcEptMapper,RpcSs,SamSs,Schedule,SENS,ShellHWDetection,sppsvc,SysMain,SystemEventsBroker,Themes,TrkWks,UserManager,UsoSvc,Wcmsvc,wfcs,WinDefend,Winmgmt,wscsvc,WSearch) do reg query HKLM\SYSTEM\ControlSet001\Services\%%G /v Start 1>nul 2>nul && (
    reg add HKLM\SYSTEM\ControlSet001\Services\%%G /v Start /t REG_DWORD /d 2 /f
    )
    
    for %%G in (AppIDSvc,Appinfo,AppReadiness,AppXSvc,AssignedAccessManagerSvc,AxInstSV,BDESVC,BITS,camsvc,ClipSVC,COMSysApp,ddpsvc,defragsvc,DeviceInstall,DevQueryBroker,diagsvc,DisplayEnhancementService,DmEnrollmentSvc,dot3svc,DsmSvc,DsSvc,Eaphost,EFS,embeddedmode,EntAppSvc,fdPHost,FontCache3.0.0.0,GraphicsPerfSvc,hidserv,InstallService,jhi_service,KeyIso,KtmRm,LicenseManager,lltdsvc,LMS,LxpSvc,MSDTC,msiserver,Netman,netprofm,NetSetupSvc,NgcCtnrSvc,NgcSvc,p2pimsvc,p2psvc,perceptionsimulation,PerfHost,pla,PlugPlay,PNRPAutoReg,PNRPsvc,PolicyAgent,QWAVE,seclogon,SecurityHealthService,Sense,SentinelKeysServer,SentinelProtectionServer,SentinelSecurityRuntime,smphost,spectrum,SstpSvc,StateRepository,StorSvc,svsvc,swprv,TieringEngineService,TimeBrokerSvc,TokenBroker,TrustedInstaller,VaultSvc,vds,VSS,WaaSMedicSvc,WalletService,WarpJITSvc,wbengine,WdiServiceHost,WdiSystemHost,WdNisSvc,Wecsvc,WEPHOSTSVC,wercplsupport,wlpasvc,WManSvc,wmiApSrv,WPDBusEnum,wuauserv,cbdhsvc,DevicesFlowUserSvc,WpnUserService) do reg query HKLM\SYSTEM\ControlSet001\Services\%%G /v Start 1>nul 2>nul && (
    reg add HKLM\SYSTEM\ControlSet001\Services\%%G /v Start /t REG_DWORD /d 3 /f
    )
    
    for %%G in (AJRouter,ALG,AppMgmt,AppVClient,BTAGService,BthAvctpSvc,bthserv,CDPSvc,CertPropSvc,CscService,DeviceAssociationService,diagnosticshub.standardcollector.service,DiagTrack,dmwappushservice,DoSvc,FDResPub,fhsvc,FrameServer,HvHost,IAStorDataMgrSvc,icssvc,iphlpsvc,IpxlatCfgSvc,irmon,LanmanServer,LanmanWorkstation,lfsvc,lmhosts,MapsBroker,MSiSCSI,NaturalAuthentication,NcaSvc,NcbService,NcdAutoSetup,Netlogon,NetTcpPortSharing,PcaSvc,PeerDistSvc,PhoneSvc,PrintNotify,PushToInstall,RasAuto,RasMan,RemoteAccess,RemoteRegistry,RetailDemo,RmSvc,RpcLocator,SCardSvr,ScDeviceEnum,SCPolicySvc,SDRSVC,SEMgrSvc,SensorDataService,SensorService,SensrSvc,SessionEnv,SgrmBroker,SharedAccess,SharedRealitySvc,shpamsvc,SmsRouter,SNMPTRAP,Spooler,SSDPSRV,ssh-agent,stisvc,TabletInputService,TapiSrv,TermService,tzautoupdate,UevAgentService,UmRdpService,upnphost,VacSvc,vmicguestinterface,vmicheartbeat,vmickvpexchange,vmicrdv,vmicshutdown,vmictimesync,vmicvmsession,vmicvss,W32Time,WbioSrvc,wcncsvc,WebClient,WerSvc,WFDSConMgrSvc,WiaRpc,WinHttpAutoProxySvc,WinRM,wisvc,WlanSvc,wlidsvc,WpcMonSvc,WpnService,WwanSvc,XblAuthManager,XblGameSave,XboxGipSvc,XboxNetApiSvc,BcastDVRUserService,BluetoothUserService,CaptureService,CDPUserSvc,ConsentUxUserSvc,DevicePickerUserSvc,MessagingService,PimIndexMaintenanceSvc,PrintWorkflowUserSvc,UnistoreSvc,UserDataSvc) do reg query HKLM\SYSTEM\ControlSet001\Services\%%G /v Start 1>nul 2>nul && (
    reg add HKLM\SYSTEM\ControlSet001\Services\%%G /v Start /t REG_DWORD /d 4 /f
    )
    
    @echo Restore The Service Start State Saved At 20:55:00,00 24/10/2018
    @pause
    
    for %%G in (AudioEndpointBuilder,Audiosrv,BFE,BrokerInfrastructure,CoreMessagingRegistrar,CryptSvc,DcomLaunch,ddpvssvc,Dhcp,Dnscache,DPS,DusmSvc,EventLog,EventSystem,FontCache,gpsvc,IKEEXT,LSM,mpssvc,NlaSvc,nsi,Power,ProfSvc,RpcEptMapper,RpcSs,SamSs,Schedule,SENS,ShellHWDetection,sppsvc,SysMain,SystemEventsBroker,Themes,TrkWks,UserManager,UsoSvc,Wcmsvc,wfcs,WinDefend,Winmgmt,wscsvc,WSearch) do (
    sc config %%G start= AUTO
    )
    
    for %%G in (AppIDSvc,Appinfo,AppReadiness,AppXSvc,AssignedAccessManagerSvc,AxInstSV,BDESVC,BITS,camsvc,ClipSVC,COMSysApp,ddpsvc,defragsvc,DeviceInstall,DevQueryBroker,diagsvc,DisplayEnhancementService,DmEnrollmentSvc,dot3svc,DsmSvc,DsSvc,Eaphost,EFS,embeddedmode,EntAppSvc,fdPHost,FontCache3.0.0.0,GraphicsPerfSvc,hidserv,InstallService,jhi_service,KeyIso,KtmRm,LicenseManager,lltdsvc,LMS,LxpSvc,MSDTC,msiserver,Netman,netprofm,NetSetupSvc,NgcCtnrSvc,NgcSvc,p2pimsvc,p2psvc,perceptionsimulation,PerfHost,pla,PlugPlay,PNRPAutoReg,PNRPsvc,PolicyAgent,QWAVE,seclogon,SecurityHealthService,Sense,SentinelKeysServer,SentinelProtectionServer,SentinelSecurityRuntime,smphost,spectrum,SstpSvc,StateRepository,StorSvc,svsvc,swprv,TieringEngineService,TimeBrokerSvc,TokenBroker,TrustedInstaller,VaultSvc,vds,VSS,WaaSMedicSvc,WalletService,WarpJITSvc,wbengine,WdiServiceHost,WdiSystemHost,WdNisSvc,Wecsvc,WEPHOSTSVC,wercplsupport,wlpasvc,WManSvc,wmiApSrv,WPDBusEnum,wuauserv,cbdhsvc,DevicesFlowUserSvc,WpnUserService) do (
    sc config %%G start= DEMAND
    )
    
    for %%G in (AJRouter,ALG,AppMgmt,AppVClient,BTAGService,BthAvctpSvc,bthserv,CDPSvc,CertPropSvc,CscService,DeviceAssociationService,diagnosticshub.standardcollector.service,DiagTrack,dmwappushservice,DoSvc,FDResPub,fhsvc,FrameServer,HvHost,IAStorDataMgrSvc,icssvc,iphlpsvc,IpxlatCfgSvc,irmon,LanmanServer,LanmanWorkstation,lfsvc,lmhosts,MapsBroker,MSiSCSI,NaturalAuthentication,NcaSvc,NcbService,NcdAutoSetup,Netlogon,NetTcpPortSharing,PcaSvc,PeerDistSvc,PhoneSvc,PrintNotify,PushToInstall,RasAuto,RasMan,RemoteAccess,RemoteRegistry,RetailDemo,RmSvc,RpcLocator,SCardSvr,ScDeviceEnum,SCPolicySvc,SDRSVC,SEMgrSvc,SensorDataService,SensorService,SensrSvc,SessionEnv,SgrmBroker,SharedAccess,SharedRealitySvc,shpamsvc,SmsRouter,SNMPTRAP,Spooler,SSDPSRV,ssh-agent,stisvc,TabletInputService,TapiSrv,TermService,tzautoupdate,UevAgentService,UmRdpService,upnphost,VacSvc,vmicguestinterface,vmicheartbeat,vmickvpexchange,vmicrdv,vmicshutdown,vmictimesync,vmicvmsession,vmicvss,W32Time,WbioSrvc,wcncsvc,WebClient,WerSvc,WFDSConMgrSvc,WiaRpc,WinHttpAutoProxySvc,WinRM,wisvc,WlanSvc,wlidsvc,WpcMonSvc,WpnService,WwanSvc,XblAuthManager,XblGameSave,XboxGipSvc,XboxNetApiSvc,BcastDVRUserService,BluetoothUserService,CaptureService,CDPUserSvc,ConsentUxUserSvc,DevicePickerUserSvc,MessagingService,PimIndexMaintenanceSvc,PrintWorkflowUserSvc,UnistoreSvc,UserDataSvc) do (
    sc config %%G start= DISABLED
    )
    cmd /k
    @pause
    
    I get lots of access denied error when running, so I had to make second script to invoke nsudo...
    Code:
    @pause
    Nsudo -U:T "Path\RestoreAllMyServices.bat"
    (Note Nsudo has to be in 'path' environment variables to be called like this from cmd prompt)

    But I still get 3 "access denied" error : coremessagingregistrar, dnscache and printworkflowUserSvc and don't know why because printworkflowUserSvc was disabled already before my test (so, not in use)...
    All 3 services depends on RpSc (remote procedure call)

    So my question are: Is this code ok? Is there a better way to do this? and/or is it possible to have an "All in One" command (Nsudo+.bat)?
    Do not make fun of me, I am just a beginner...but always eager to learn!

    ps: my previous .bat was this:
    Code:
    @echo Restore Service Start State Saved At 20:15:36,73 22/10/2018
    @pause
    sc config  AJRouter start= DISABLED
    sc config  ALG start= DISABLED
    sc config  AppIDSvc start= DEMAND
    sc config  Appinfo start= DEMAND
    sc config  AppMgmt start= DISABLED
    sc config  AppReadiness start= DEMAND
    sc config  AppVClient start= DISABLED
    sc config  AppXSvc start= DEMAND
    sc config  AssignedAccessManagerSvc start= DEMAND
    sc config  AudioEndpointBuilder start= AUTO
    sc config  Audiosrv start= AUTO
    sc config  AxInstSV start= DEMAND
    sc config  BDESVC start= DEMAND
    sc config  BFE start= AUTO
    sc config  BITS start= DEMAND
    sc config  BrokerInfrastructure start= AUTO
    sc config  BTAGService start= DISABLED
    sc config  BthAvctpSvc start= DISABLED
    sc config  bthserv start= DISABLED
    sc config  camsvc start= DEMAND
    sc config  CDPSvc start= DISABLED
    sc config  CertPropSvc start= DISABLED
    sc config  ClipSVC start= DEMAND
    sc config  COMSysApp start= DEMAND
    sc config  CoreMessagingRegistrar start= AUTO
    sc config  CryptSvc start= AUTO
    sc config  CscService start= DISABLED
    sc config  DcomLaunch start= AUTO
    sc config  ddpsvc start= DEMAND
    sc config  ddpvssvc start= AUTO
    sc config  defragsvc start= DEMAND
    sc config  DeviceAssociationService start= DISABLED
    sc config  DeviceInstall start= DEMAND
    sc config  DevQueryBroker start= DEMAND
    sc config  Dhcp start= AUTO
    sc config  diagnosticshub.standardcollector.service start= DISABLED
    sc config  diagsvc start= DEMAND
    sc config  DiagTrack start= DISABLED
    sc config  DisplayEnhancementService start= DEMAND
    sc config  DmEnrollmentSvc start= DEMAND
    sc config  dmwappushservice start= DISABLED
    sc config  Dnscache start= AUTO
    sc config  DoSvc start= DISABLED
    sc config  dot3svc start= DEMAND
    sc config  DPS start= AUTO
    sc config  DsmSvc start= DEMAND
    sc config  DsSvc start= DEMAND
    sc config  DusmSvc start= AUTO
    sc config  Eaphost start= DEMAND
    sc config  EFS start= DEMAND
    sc config  embeddedmode start= DEMAND
    sc config  EntAppSvc start= DEMAND
    sc config  EventLog start= AUTO
    sc config  EventSystem start= AUTO
    sc config  fdPHost start= DEMAND
    sc config  FDResPub start= DISABLED
    sc config  fhsvc start= DISABLED
    sc config  FontCache start= AUTO
    sc config  FontCache3.0.0.0 start= DEMAND
    sc config  FrameServer start= DISABLED
    sc config  gpsvc start= AUTO
    sc config  GraphicsPerfSvc start= DEMAND
    sc config  hidserv start= DEMAND
    sc config  HvHost start= DISABLED
    sc config  IAStorDataMgrSvc start= DISABLED
    sc config  icssvc start= DISABLED
    sc config  IKEEXT start= AUTO
    sc config  InstallService start= DEMAND
    sc config  iphlpsvc start= DISABLED
    sc config  IpxlatCfgSvc start= DISABLED
    sc config  irmon start= DISABLED
    sc config  jhi_service start= DEMAND
    sc config  KeyIso start= DEMAND
    sc config  KtmRm start= DEMAND
    sc config  LanmanServer start= DISABLED
    sc config  LanmanWorkstation start= DISABLED
    sc config  lfsvc start= DISABLED
    sc config  LicenseManager start= DEMAND
    sc config  lltdsvc start= DEMAND
    sc config  lmhosts start= DISABLED
    sc config  LMS start= DEMAND
    sc config  LSM start= AUTO
    sc config  LxpSvc start= DEMAND
    sc config  MapsBroker start= DISABLED
    sc config  mpssvc start= AUTO
    sc config  MSDTC start= DEMAND
    sc config  MSiSCSI start= DISABLED
    sc config  msiserver start= DEMAND
    sc config  NaturalAuthentication start= DISABLED
    sc config  NcaSvc start= DISABLED
    sc config  NcbService start= DISABLED
    sc config  NcdAutoSetup start= DISABLED
    sc config  Netlogon start= DISABLED
    sc config  Netman start= DEMAND
    sc config  netprofm start= DEMAND
    sc config  NetSetupSvc start= DEMAND
    sc config  NetTcpPortSharing start= DISABLED
    sc config  NgcCtnrSvc start= DEMAND
    sc config  NgcSvc start= DEMAND
    sc config  NlaSvc start= AUTO
    sc config  nsi start= AUTO
    sc config  p2pimsvc start= DEMAND
    sc config  p2psvc start= DEMAND
    sc config  PcaSvc start= DISABLED
    sc config  PeerDistSvc start= DISABLED
    sc config  perceptionsimulation start= DEMAND
    sc config  PerfHost start= DEMAND
    sc config  PhoneSvc start= DISABLED
    sc config  pla start= DEMAND
    sc config  PlugPlay start= DEMAND
    sc config  PNRPAutoReg start= DEMAND
    sc config  PNRPsvc start= DEMAND
    sc config  PolicyAgent start= DEMAND
    sc config  Power start= AUTO
    sc config  PrintNotify start= DISABLED
    sc config  ProfSvc start= AUTO
    sc config  PushToInstall start= DISABLED
    sc config  QWAVE start= DEMAND
    sc config  RasAuto start= DISABLED
    sc config  RasMan start= DISABLED
    sc config  RemoteAccess start= DISABLED
    sc config  RemoteRegistry start= DISABLED
    sc config  RetailDemo start= DISABLED
    sc config  RmSvc start= DISABLED
    sc config  RpcEptMapper start= AUTO
    sc config  RpcLocator start= DISABLED
    sc config  RpcSs start= AUTO
    sc config  SamSs start= AUTO
    sc config  SCardSvr start= DISABLED
    sc config  ScDeviceEnum start= DISABLED
    sc config  Schedule start= AUTO
    sc config  SCPolicySvc start= DISABLED
    sc config  SDRSVC start= DISABLED
    sc config  seclogon start= DEMAND
    sc config  SecurityHealthService start= DEMAND
    sc config  SEMgrSvc start= DISABLED
    sc config  SENS start= AUTO
    sc config  Sense start= DEMAND
    sc config  SensorDataService start= DISABLED
    sc config  SensorService start= DISABLED
    sc config  SensrSvc start= DISABLED
    sc config  SentinelKeysServer start= DEMAND
    sc config  SentinelProtectionServer start= DEMAND
    sc config  SentinelSecurityRuntime start= DEMAND
    sc config  SessionEnv start= DISABLED
    sc config  SgrmBroker start= DISABLED
    sc config  SharedAccess start= DISABLED
    sc config  SharedRealitySvc start= DISABLED
    sc config  ShellHWDetection start= AUTO
    sc config  shpamsvc start= DISABLED
    sc config  smphost start= DEMAND
    sc config  SmsRouter start= DISABLED
    sc config  SNMPTRAP start= DISABLED
    sc config  spectrum start= DEMAND
    sc config  Spooler start= DISABLED
    sc config  sppsvc start= AUTO
    sc config  SSDPSRV start= DISABLED
    sc config  ssh-agent start= DISABLED
    sc config  SstpSvc start= DEMAND
    sc config  StateRepository start= DEMAND
    sc config  stisvc start= DISABLED
    sc config  StorSvc start= DEMAND
    sc config  svsvc start= DEMAND
    sc config  swprv start= DEMAND
    sc config  SysMain start= AUTO
    sc config  SystemEventsBroker start= AUTO
    sc config  TabletInputService start= DISABLED
    sc config  TapiSrv start= DISABLED
    sc config  TermService start= DISABLED
    sc config  Themes start= AUTO
    sc config  TieringEngineService start= DEMAND
    sc config  TimeBrokerSvc start= DEMAND
    sc config  TokenBroker start= DEMAND
    sc config  TrkWks start= AUTO
    sc config  TrustedInstaller start= DEMAND
    sc config  tzautoupdate start= DISABLED
    sc config  UevAgentService start= DISABLED
    sc config  UmRdpService start= DISABLED
    sc config  upnphost start= DISABLED
    sc config  UserManager start= AUTO
    sc config  UsoSvc start= AUTO
    sc config  VacSvc start= DISABLED
    sc config  VaultSvc start= DEMAND
    sc config  vds start= DEMAND
    sc config  vmicguestinterface start= DISABLED
    sc config  vmicheartbeat start= DISABLED
    sc config  vmickvpexchange start= DISABLED
    sc config  vmicrdv start= DISABLED
    sc config  vmicshutdown start= DISABLED
    sc config  vmictimesync start= DISABLED
    sc config  vmicvmsession start= DISABLED
    sc config  vmicvss start= DISABLED
    sc config  VSS start= DEMAND
    sc config  W32Time start= DISABLED
    sc config  WaaSMedicSvc start= DEMAND
    sc config  WalletService start= DEMAND
    sc config  WarpJITSvc start= DEMAND
    sc config  wbengine start= DEMAND
    sc config  WbioSrvc start= DISABLED
    sc config  Wcmsvc start= AUTO
    sc config  wcncsvc start= DISABLED
    sc config  WdiServiceHost start= DEMAND
    sc config  WdiSystemHost start= DEMAND
    sc config  WdNisSvc start= DEMAND
    sc config  WebClient start= DISABLED
    sc config  Wecsvc start= DEMAND
    sc config  WEPHOSTSVC start= DEMAND
    sc config  wercplsupport start= DEMAND
    sc config  WerSvc start= DISABLED
    sc config  wfcs start= AUTO
    sc config  WFDSConMgrSvc start= DISABLED
    sc config  WiaRpc start= DISABLED
    sc config  WinDefend start= AUTO
    sc config  WinHttpAutoProxySvc start= DISABLED
    sc config  Winmgmt start= AUTO
    sc config  WinRM start= DISABLED
    sc config  wisvc start= DISABLED
    sc config  WlanSvc start= DISABLED
    sc config  wlidsvc start= DISABLED
    sc config  wlpasvc start= DEMAND
    sc config  WManSvc start= DEMAND
    sc config  wmiApSrv start= DEMAND
    sc config  WpcMonSvc start= DISABLED
    sc config  WPDBusEnum start= DEMAND
    sc config  WpnService start= DISABLED
    sc config  wscsvc start= AUTO
    sc config  WSearch start= AUTO
    sc config  wuauserv start= DEMAND
    sc config  WwanSvc start= DISABLED
    sc config  XblAuthManager start= DISABLED
    sc config  XblGameSave start= DISABLED
    sc config  XboxGipSvc start= DISABLED
    sc config  XboxNetApiSvc start= DISABLED
    sc config  BcastDVRUserService start= DISABLED
    sc config  BluetoothUserService start= DISABLED
    sc config  CaptureService start= DISABLED
    sc config  cbdhsvc start= DEMAND
    sc config  CDPUserSvc start= DISABLED
    sc config  ConsentUxUserSvc start= DISABLED
    sc config  DevicePickerUserSvc start= DISABLED
    sc config  DevicesFlowUserSvc start= DEMAND
    sc config  MessagingService start= DISABLED
    sc config  PimIndexMaintenanceSvc start= DISABLED
    sc config  PrintWorkflowUserSvc start= DISABLED
    sc config  UnistoreSvc start= DISABLED
    sc config  UserDataSvc start= DISABLED
    sc config  WpnUserService start= DEMAND
    @pause
    
     
  2. abbodi1406

    abbodi1406 MDL KB0000001

    Feb 19, 2011
    8,197
    27,739
    270
    Everthing looks good to me

    probably you need to enable all TI priveliges:
    Code:
    NSudo -U:T -P:E  "Path\RestoreAllMyServices.bat"
    as for one script, you can add this check at top to make the script re-lauch itself with Nsudo
    Code:
    @echo off
    %windir%\system32\reg.exe query "HKU\S-1-5-19" 1>nul 2>nul || goto :eof
    
    %windir%\system32\whoami.exe /USER | find /i "S-1-5-18" 1>nul && (
    goto :OK
    ) || (
    "%~dp0NSudo.exe" -U:T -P:E "%~dpnx0"
    goto :eof
    )
    
    :OK
    
    add your code after :OK, then add exit comand
     
  3. Thomas Dubreuil

    Thomas Dubreuil MDL Junior Member

    Aug 29, 2017
    78
    127
    0
    Thanks a lot mate! Even with all TI privileges I still get the same 3 access denied errors, but I guess it's normal...
    One small thing, I had to change the code like this:
    Code:
    @echo
    %windir%\system32\reg.exe query "HKU\S-1-5-19" 1>nul 2>nul || goto :eof
    
    %windir%\system32\whoami.exe /USER | find /i "S-1-5-18" 1>nul && (
    goto :OK
    ) || (
    Nsudo -U:T -P:E "%~dpnx0"
    goto :eof
    )
    
    :OK
    With %~dp0Nsudo it does not work.
    Is it because I've got Nsudo in C:/program files/Nsudo ? (I added Nsudo path to "PATH" environment variable, to be able to use the short name in cmd prompt)
    Or because my .bat is not on located C:/ drive? I understand somehow the %~dp command "expands" the drive where is the script to find Nsudo path?
    Sorry it's a bit foreign language for me, but I will get there :)

    Also is there a way to auto elevate it? or is it really that bad to do that?
    If I start it like this:
    Code:
    @echo
    
    set "params=%*"
    cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || (  cmd /u /c echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/k cd ""%~sdp0"" && %~s0 %params%", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" && exit /B )
    
    %windir%\system32\reg.exe query "HKU\S-1-5-19" 1>nul 2>nul || goto :eof
    
    %windir%\system32\whoami.exe /USER | find /i "S-1-5-18" 1>nul && (
    goto :OK
    ) || (
    Nsudo -U:T -P:E "%~dpnx0"
    goto :eof
    )
    
    :OK
    it works, but first cmd window stays open so its a bit ugly :D
    Sorry to bother...thanks for your time and great work anyway!
     
  4. abbodi1406

    abbodi1406 MDL KB0000001

    Feb 19, 2011
    8,197
    27,739
    270
    Whatever works for you :)
    i just assumed Nsudo.exe is next to the script

    auto elevate is not always bad, but with script that change system services, accidental double-click will be unrecoverable :)
    specially if you have auto admin-elevation policy set (ConsentPromptBehaviorAdmin)

    anyway, this is my current elevation code
    Code:
    cd /d "%~dp0" && ( if exist "%temp%\getadmin.vbs" del "%temp%\getadmin.vbs" ) && fsutil dirty query %systemdrive% 1>nul 2>nul || (  cmd /u /c echo Set UAC = CreateObject^("Shell.Application"^) : UAC.ShellExecute "cmd.exe", "/k cd ""%~dp0"" && ""%~dpnx0""", "", "runas", 1 >> "%temp%\getadmin.vbs" && "%temp%\getadmin.vbs" 1>nul 2>nul && exit )
    
     
  5. app_raiser

    app_raiser MDL Junior Member

    Mar 18, 2018
    53
    14
    0
    the ONLY way i know to disable EVERYTHING is "become" trusted installer & autoruns! i recently realized that telemetrics and diags even run in a clean old boot.wim.. from windows 8 for example. reason i guess is UEFI capabilities (bios size 16MB f.e. AND UEFI ram full size 128MB may be (is) the trick ;-)

    so.. try this in windows explorer folder location bar - not IE! :)

    https://live.sysinternals.com/