Skip to content

Instantly share code, notes, and snippets.

@desbest
Last active February 18, 2024 17:03
Show Gist options
  • Save desbest/1a15622ae7d0421a735c6e78493510b3 to your computer and use it in GitHub Desktop.
Save desbest/1a15622ae7d0421a735c6e78493510b3 to your computer and use it in GitHub Desktop.
Reset Windows Update Client Settings Script

This script will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data. Because of some limitations of the cmdlets available in PowerShell, this script calls some legacy utilities (sc.exe, netsh.exe, wusa.exe, etc). If you have any issues with this script, please comment.

Script made by Ryan Nemeth

Source: https://archive.is/tYKkN

<#
.SYNOPSIS
Reset-WindowsUpdate.ps1 - Resets the Windows Update components
.DESCRIPTION
This script will reset all of the Windows Updates components to DEFAULT SETTINGS.
.OUTPUTS
Results are printed to the console. Future releases will support outputting to a log file.
.NOTES
Written by: Ryan Nemeth
Find me on:
* My Blog: http://www.geekyryan.com
* Twitter: https://twitter.com/geeky_ryan
* LinkedIn: https://www.linkedin.com/in/ryan-nemeth-b0b1504b/
* Github: https://github.com/rnemeth90
* TechNet: https://social.technet.microsoft.com/profile/ryan%20nemeth/
Change Log
V1.00, 05/21/2015 - Initial version
V1.10, 09/22/2016 - Fixed bug with call to sc.exe
V1.20, 11/13/2017 - Fixed environment variables
#>
$arch = Get-WMIObject -Class Win32_Processor -ComputerName LocalHost | Select-Object AddressWidth
Write-Host "1. Stopping Windows Update Services..."
Stop-Service -Name BITS
Stop-Service -Name wuauserv
Stop-Service -Name appidsvc
Stop-Service -Name cryptsvc
Write-Host "2. Remove QMGR Data file..."
Remove-Item "$env:allusersprofile\Application Data\Microsoft\Network\Downloader\qmgr*.dat" -ErrorAction SilentlyContinue
Write-Host "3. Renaming the Software Distribution and CatRoot Folder..."
Rename-Item $env:systemroot\SoftwareDistribution SoftwareDistribution.bak -ErrorAction SilentlyContinue
Rename-Item $env:systemroot\System32\Catroot2 catroot2.bak -ErrorAction SilentlyContinue
Write-Host "4. Removing old Windows Update log..."
Remove-Item $env:systemroot\WindowsUpdate.log -ErrorAction SilentlyContinue
Write-Host "5. Resetting the Windows Update Services to defualt settings..."
"sc.exe sdset bits D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)"
"sc.exe sdset wuauserv D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)"
Set-Location $env:systemroot\system32
Write-Host "6. Registering some DLLs..."
regsvr32.exe /s atl.dll
regsvr32.exe /s urlmon.dll
regsvr32.exe /s mshtml.dll
regsvr32.exe /s shdocvw.dll
regsvr32.exe /s browseui.dll
regsvr32.exe /s jscript.dll
regsvr32.exe /s vbscript.dll
regsvr32.exe /s scrrun.dll
regsvr32.exe /s msxml.dll
regsvr32.exe /s msxml3.dll
regsvr32.exe /s msxml6.dll
regsvr32.exe /s actxprxy.dll
regsvr32.exe /s softpub.dll
regsvr32.exe /s wintrust.dll
regsvr32.exe /s dssenh.dll
regsvr32.exe /s rsaenh.dll
regsvr32.exe /s gpkcsp.dll
regsvr32.exe /s sccbase.dll
regsvr32.exe /s slbcsp.dll
regsvr32.exe /s cryptdlg.dll
regsvr32.exe /s oleaut32.dll
regsvr32.exe /s ole32.dll
regsvr32.exe /s shell32.dll
regsvr32.exe /s initpki.dll
regsvr32.exe /s wuapi.dll
regsvr32.exe /s wuaueng.dll
regsvr32.exe /s wuaueng1.dll
regsvr32.exe /s wucltui.dll
regsvr32.exe /s wups.dll
regsvr32.exe /s wups2.dll
regsvr32.exe /s wuweb.dll
regsvr32.exe /s qmgr.dll
regsvr32.exe /s qmgrprxy.dll
regsvr32.exe /s wucltux.dll
regsvr32.exe /s muweb.dll
regsvr32.exe /s wuwebv.dll
Write-Host "7) Removing WSUS client settings..."
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v AccountDomainSid /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v PingID /f
REG DELETE "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate" /v SusClientId /f
Write-Host "8) Resetting the WinSock..."
netsh winsock reset
netsh winhttp reset proxy
Write-Host "9) Delete all BITS jobs..."
Get-BitsTransfer | Remove-BitsTransfer
Write-Host "10) Attempting to install the Windows Update Agent..."
if($arch -eq 64){
wusa Windows8-RT-KB2937636-x64 /quiet
}
else{
wusa Windows8-RT-KB2937636-x86 /quiet
}
Write-Host "11) Starting Windows Update Services..."
Start-Service -Name BITS
Start-Service -Name wuauserv
Start-Service -Name appidsvc
Start-Service -Name cryptsvc
Write-Host "12) Forcing discovery..."
wuauclt /resetauthorization /detectnow
Write-Host "Process complete. Please reboot your computer."
@lelefront
Copy link

I dowloaded the zip and inspected the script. It appeared to be safe and match the instructions from Microsoft, however, when I ran the script, my antivirus stopped it and showed me this message: PowerShell tried to load a malicious resource detected as Heur.BZC.ZFV.Boxter.341.BF113387 and was blocked. Your device is safe.

@desbest
Copy link
Author

desbest commented Apr 23, 2022

Heur is short for heuristics which means that your antivirus is using heuristics based scanning instead of signature based or behaviour based scanning. This is common with command line scripts, as they can be written on-the-fly, have access to a large scope of intrusive and potentially dangerous features and because they are only used by a starkly small amount of people. Microsoft Smartscreen will only whitelist a software as safe once a certain amount of users have started using it. You could have a batch script designed to delete one text file or one folder in a harmless manner and it would likely still trigger the antivirus.

Your antivirus is being proactive due to wishful thinking as it cannot be certain what the batch script exactly does and how safe it is. It cannot be sure that it's certainly found a virus.

Well anyway I've tested out this script last year and can say that even though the script can execute on Windows 10, it is now outdated and defunct. This script has no effect on Windows 10. But you wouldn't know that unless you're within the rare use case of having a certain issue with Windows Update. A lot of those instructions are copied from here anyway.

If you're having problems with Windows Update, I recommend these instructions

https://support.microsoft.com/en-us/topic/kb5005322-some-devices-cannot-install-new-updates-after-installing-kb5003214-may-25-2021-and-kb5003690-june-21-2021-66edf7cf-5d3c-401f-bd32-49865343144f

Try method 2 from this article
https://appuals.com/fix-windows-update-error-0x8024402f/

Try running the Windows Update troubleshooter
https://www.tenforums.com/tutorials/76013-troubleshoot-problems-windows-10-troubleshooters.html

Microsoft also has some good tips
https://support.microsoft.com/en-gb/windows/troubleshoot-problems-updating-windows-188c2b0f-10a7-d72f-65b8-32d177eb136c

If all else fails, try an in-place upgrade. It will keep your programs and files intact so you won't have to worry about anything being deleted. It's not a feature you can get from the Windows 10 DVD or ISO file. It requires an additional download from Microsoft.
https://www.tenforums.com/tutorials/16397-repair-install-windows-10-place-upgrade.html

@DennisL68
Copy link

Shouldn't this be in a repo so that it could be improved upon?

@DennisL68
Copy link

The SoftwareDistribution folder might be locked by the Delivery Optimization service in which case renaming the folder will fail...

@desbest
Copy link
Author

desbest commented Aug 3, 2023

The reason why I left it as a code snippet instead of a repository, is because if I'd had it as a repo, it would of given the false impression that the code is still being maintained (either by Ryan Nemeth or me after newly adopting it).

If the wrong impression is given, the user would incorrectly assume that the code (or batch script) has been fully tested on the modern environment of Windows 10 within the adverse practical scenario of Windows Update not working. Emphasis on adverse practical scenario, not adverse technical scenario.

By the way, in programming, there is "case driven design", "domain driven design" and what I like to call "stage driven design". I think the question is not only asking "does it work?" on a computer where Windows Update already works but to also ask "does it fix it?" on a computer where Windows Update is currently faulty. As I think that the above code doesn't match the relevant corresponding "use case", I wouldn't consider it case driven design on Windows 10 as I now think it's outdated and redundant, as stated by my earlier comment when I said the code doesn't work for me on Windows 10.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment