Windows Update services cannot be started (w10-64-1903)

So far

enabled "built in Admin account" and tried all items below (not necessarily in the order shown) in that context:

Troubleshooter, said it had found and fixed problems. The only one identified was getting BITS up and running again

ran DISM with "restorehealth" etc
ran SFC /scannow

attempted setting services
UsoSvc already running, no problem

Wuauserve disabled. Set to automatic. Started.
WaaSMedicSvc - disabled. Tried to set to automatic. Access denied.

Found refs to that happening when you try to DISABLE the service and that you can only do it with a 3rd party tool like Windows Update Blocker.

I do use a 3rd party tool - Winaerotweaker - which effectively disables windows updates whereever I want it to. But re-enabling them is as trivial as disabling them (remove 2 ticks) and that works across my client estate with Win 10 versions from 1511 to 1909 so I don't believe that it's the guilty party on this occasion.

Went to regedit

Waasmedic and Wuauserv both Start values set to 4, Reset to 2

on reboot or any attempt to restart services, those values reverted to 4 (disabled)

Changed ownwership on both keys from SYSTEM to Administrator, Reset start key.   Same behaviour (reverts on reboot or attempt to run services
 

Downloaded windows10.0-kb4524569-x64
(latest service settings for 1903)

attempted to run multiple times before during and after the above fixes.

consistently failed to run with error 0x80070422

Am about to run 1903 setup from a usb stick but I'm doing all this remotely so I'm waiting for the user to buy a memory stick they can sacrifice to the cause. Meanwhile anyone got any other ideas?

Failing that, seen any good movies recently?