如何禁用CDPUserSvc、WpnUserService、ConsentUxUserSvc等带马甲的服务
原创
如何禁用CDPUserSvc、WpnUserService、ConsentUxUserSvc等带马甲的服务
原创
Windows技术交流
发布于 2024-08-19 12:06:41
发布于 2024-08-19 12:06:41
CDPUserSvc、WpnUserService、ConsentUxUserSvc等服务在services.msc服务列表里是以马甲服务呈现的,比如下图中的
CDPUserSvc_bd150
WpnUserService_bd150
ConsentUxUserSvc_bd150
Get-Service CDPUserSvc | ft -auto
Get-Service | Where-Object { $_.Name -like "CDPUserSvc*" } | ForEach-Object { $_ | Select-Object Name, Status, @{Name='StartMode';Expression={(Get-WmiObject -Class Win32_Service -Filter "Name='$($_.Name)'").StartMode}} } | ft -auto
Get-Service WpnUserService | ft -auto
Get-Service | Where-Object { $_.Name -like "WpnUserService*" } | ForEach-Object { $_ | Select-Object Name, Status, @{Name='StartMode';Expression={(Get-WmiObject -Class Win32_Service -Filter "Name='$($_.Name)'").StartMode}} } | ft -auto
Get-Service ConsentUxUserSvc | ft -auto
Get-Service | Where-Object { $_.Name -like "ConsentUxUserSvc*" } | ForEach-Object { $_ | Select-Object Name, Status, @{Name='StartMode';Expression={(Get-WmiObject -Class Win32_Service -Filter "Name='$($_.Name)'").StartMode}} } | ft -auto
尾部的_xxxxx,不同机器不同系统可能不同
CDPUserSvc_10d5f7
WpnUserService_10d5f7
ConsentUxUserSvc_10d5f7
如果要禁止这些服务开机启动,需要对注册表中原服务和马甲服务的注册表Start项做干预
CDPUserSvc、CDPUserSvc_bd150
WpnUserService、WpnUserService_bd150
ConsentUxUserSvc、ConsentUxUserSvc_bd150
Set-Service -Name CDPUserSvc -StartupType auto
Get-Service | Where-Object { $_.Name -like "CDPUserSvc*" } | ForEach-Object { reg add "HKLM\SYSTEM\CurrentControlSet\Services\$($_.Name)" /v Start /t REG_DWORD /d 4 /f }
Set-Service -Name WpnUserService -StartupType auto
Get-Service | Where-Object { $_.Name -like "WpnUserService*" } | ForEach-Object { reg add "HKLM\SYSTEM\CurrentControlSet\Services\$($_.Name)" /v Start /t REG_DWORD /d 4 /f }
Set-Service -Name ConsentUxUserSvc -StartupType auto
Get-Service | Where-Object { $_.Name -like "ConsentUxUserSvc*" } | ForEach-Object { reg add "HKLM\SYSTEM\CurrentControlSet\Services\$($_.Name)" /v Start /t REG_DWORD /d 4 /f }
#合并处理
#服务名称列表
$serviceNames = "CDPUserSvc", "WpnUserService", "ConsentUxUserSvc"
#遍历服务名称列表
foreach ($serviceName in $serviceNames) {
#禁用服务
Stop-Service $serviceName -EA 0
Get-Service | Where-Object { $_.Name -like "$serviceName*" } | ForEach-Object { Stop-Service $_.Name -EA 0}
Set-Service -Name $serviceName -StartupType Disabled
Get-Service | Where-Object { $_.Name -like "$serviceName*" } | ForEach-Object { reg add "HKLM\SYSTEM\CurrentControlSet\Services\$($_.Name)" /v Start /t REG_DWORD /d 4 /f }
#查看服务
Get-Service $serviceName | ft -auto
Get-Service | Where-Object { $_.Name -like "$serviceName*" } | ForEach-Object { $_ | Select-Object Name, Status, @{Name='StartMode';Expression={(Get-WmiObject -Class Win32_Service -Filter "Name='$($_.Name)'").StartMode}} } | ft -auto
}
原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。
如有侵权,请联系 cloudcommunity@tencent.com 删除。
原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。
如有侵权,请联系 cloudcommunity@tencent.com 删除。
评论
登录后参与评论
推荐阅读
腾讯云开发者
