Skip to main content

This script will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Server 2008 R2, 2012 R2, 2016. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update.



This worklet can either be run manually, or you can put in an evaluation code of:



Exit 1



if you want to always run the worklet on a set schedule.



<#



.SYNOPSIS

Resets the Windows Update components



.DESCRIPTION

This script will reset all of the Windows Updates components to DEFAULT SETTINGS, clean-up some files related to Windows Update, and notify the user that a reboot will occur in 15 minutes (which can be modified) giving them a second warning at 5 minutes.



.OUTPUTS

Results are output to the Activity Log.



#>





$arch = Get-WMIObject -Class Win32_Processor -ComputerName LocalHost | Select-Object AddressWidth



Write-Host "1. Stopping Windows Update Services..."

Stop-Service -Name BITS

Stop-Service -Name wuauserv

Stop-Service -Name appidsvc

Stop-Service -Name cryptsvc



Write-Host "2. Remove QMGR Data file..."

Remove-Item "$env:allusersprofile\Microsoft\Network\Downloader\qmgr*.dat" -ErrorAction SilentlyContinue



Write-Host "3. Renaming the Software Distribution and CatRoot Folder..."

Remove-Item $env:systemroot\SoftwareDistribution.bak -ErrorAction SilentlyContinue

Rename-Item $env:systemroot\SoftwareDistribution SoftwareDistribution.bak -ErrorAction SilentlyContinue

# This may not work if the folder is locked by having a contained file being accessed

Remove-Item $env:systemroot\System32\Catroot2.bak -ErrorAction SilentlyContinue

Rename-Item $env:systemroot\System32\Catroot2 catroot2.bak -ErrorAction SilentlyContinue



Write-Host "4. Removing old Windows Update log..."

Remove-Item $env:systemroot\WindowsUpdate.log -ErrorAction SilentlyContinue



Write-Host "5. Resetting the Windows Update Services to default settings..."



"sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)"

"sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)"



Set-Location $env:systemroot\system32



Write-Host "6. Registering some DLLs..."

regsvr32.exe /s atl.dll

regsvr32.exe /s urlmon.dll

regsvr32.exe /s mshtml.dll

regsvr32.exe /s shdocvw.dll

regsvr32.exe /s browseui.dll

regsvr32.exe /s jscript.dll

regsvr32.exe /s vbscript.dll

regsvr32.exe /s scrrun.dll

regsvr32.exe /s msxml.dll

regsvr32.exe /s msxml3.dll

regsvr32.exe /s msxml6.dll

regsvr32.exe /s actxprxy.dll

regsvr32.exe /s softpub.dll

regsvr32.exe /s wintrust.dll

regsvr32.exe /s dssenh.dll

regsvr32.exe /s rsaenh.dll

regsvr32.exe /s gpkcsp.dll

regsvr32.exe /s sccbase.dll

regsvr32.exe /s slbcsp.dll

regsvr32.exe /s cryptdlg.dll

regsvr32.exe /s oleaut32.dll

regsvr32.exe /s ole32.dll

regsvr32.exe /s shell32.dll

regsvr32.exe /s initpki.dll

regsvr32.exe /s wuapi.dll

regsvr32.exe /s wuaueng.dll

regsvr32.exe /s wuaueng1.dll

regsvr32.exe /s wucltui.dll

regsvr32.exe /s wups.dll

regsvr32.exe /s wups2.dll

regsvr32.exe /s wuweb.dll

regsvr32.exe /s qmgr.dll

regsvr32.exe /s qmgrprxy.dll

regsvr32.exe /s wucltux.dll

regsvr32.exe /s muweb.dll

regsvr32.exe /s wuwebv.dll



Write-Host "7) Removing WSUS client settings..."

REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f

REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f

REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f



Write-Host "8) Resetting the WinSock..."

netsh winsock reset

netsh winhttp reset proxy



Write-Host "9) Delete all BITS jobs..."

Get-BitsTransfer | Remove-BitsTransfer



Write-Host "10) Attempting to install the Windows Update Agent..."

if($arch -eq 64){

wusa Windows8-RT-KB2937636-x64 /quiet

}

else{

wusa Windows8-RT-KB2937636-x86 /quiet

}



Write-Host "11) Starting Windows Update Services..."

Start-Service -Name BITS

Start-Service -Name wuauserv

Start-Service -Name appidsvc

Start-Service -Name cryptsvc



Write-Host "12) Forcing discovery..."

wuauclt /resetauthorization /detectnow



#hardset the reboot countdown timer in seconds (e.g. 900 for 15 minutes)

$rebootimer = 900

#set the first notification message copy. Include the reboot time value set previously

$message1 = "Automox will automatically reboot your computer in 15 minutes. Please take time to save and close any open documents."

#Define the time to wait until the second notification message is sent in seconds (e.g. 600 to wait 10 minutes).

$message2wait = 600

#set the second notification message copy

$message2 = "Automox will automatically reboot your computer in 5 minutes. Please take time to save and close any open documents."

#reset the reboot time to match the time indicated in the previous notification message copy (e.g. 300 for 5 minutes)

$rebootimer2 = 300



shutdown /a

shutdown /r /t $rebootimer /d p:4:1 /c $message1

Start-Sleep -Seconds $message2wait

shutdown /a

shutdown /r /t $rebootimer2 /d p:4:1 /c $message2

Be the first to reply!

Reply