To be more specific - there is no way to elevate GP scripts. They run in the context of the SYSTEM or of the user. Elements that have access to alter the system are supported by services that assist in managing the machine. You can see
these things in the RSOP report. There is not GP thing to manage WSUS. GP can manage what it has a tool to use to manage the item. It has no specific access to protected system components.
Running remotely as an administrator you will have more access to the system folders than much of Group Policy has. Just write and test your script against one machine. Be sure to do rigorous error logging so you can analyze what is failing.
A bad disk or malware can subvert what you are trying to do.
The ability to rename the folder may require a restart of the system after disabling the services. This can be needed because the service may lock a file when it starts and the service will not release the file because it has thrown an exception.
To fix this disable the service, restart the system and then rename the folder. You can restart the service after the rename.
How you approach and designs this maintenance is what Admin is all about. You will have to design this to work around your normal operations. None of us can show you how to do this as it is beyond the scope of this forum. We can answer
specific scripting "how-to" question.