# Define the URL of the script $scriptUrl = "https://git.cowetacomputers.com/api/v1/repos/Coweta-Computers/removal-tools/+/raw/anti-virus-removal.ps1?routingId=&git_ref=main" $scriptName = "setup-script.ps1" # Download the script Write-Host "Downloading script..." Invoke-WebRequest -Uri $scriptUrl -OutFile $scriptName Write-Host "Script downloaded successfully." # Run the script with administrative permissions Write-Host "Running script with administrative permissions..." Start-Process PowerShell -ArgumentList "-NoProfile -ExecutionPolicy Bypass -File $PWD\$scriptName" -Verb RunAs Write-Host "The Anti-virus removal Script Has finished." ############### Cleaner Tools to Run ############ #Disable UAC New-ItemProperty -Path HKLM:Software\Microsoft\Windows\CurrentVersion\policies\system -Name EnableLUA -PropertyType DWord -Value 0 -Force Write-Host "Running cleaning Tools" # Define the URLs for the tools $adwCleanerUrl = "https://downloads.malwarebytes.com/file/adwcleaner" # Replace with the actual download URL if different $rKillUrl = "https://www.bleepingcomputer.com/download/rkill/" # Replace with the direct download URL if available $jrtUrl = "https://downloads.malwarebytes.com/file/jrt" # Replace with the actual download URL if different $msertUrl = "https://www.microsoft.com/security/scanner/download/" # Replace with the actual download URL if different # Define the paths for the tools $adwCleanerPath = "$env:TEMP\adwcleaner.exe" $rKillPath = "$env:TEMP\rkill.exe" $jrtPath = "$env:TEMP\JRT.exe" $msertPath = "$env:TEMP\MSERT.exe" # Download AdwCleaner Invoke-WebRequest -Uri $adwCleanerUrl -OutFile $adwCleanerPath Write-Host "AdwCleaner downloaded." # Download RKill Invoke-WebRequest -Uri $rKillUrl -OutFile $rKillPath Write-Host "RKill downloaded." # Download JRT Invoke-WebRequest -Uri $jrtUrl -OutFile $jrtPath Write-Host "Junk Removal Tool downloaded." # Download MSERT Invoke-WebRequest -Uri $msertUrl -OutFile $msertPath Write-Host "Microsoft Safety Scanner downloaded." # Execute AdwCleaner (GUI will show up) Start-Process -FilePath $adwCleanerPath -ArgumentList "EULA_ACCEPT=YES /scan /clean" -Wait Write-Host "AdwCleaner executed." # Execute RKill Start-Process -FilePath $rKillPath -ArgumentList "EULA_ACCEPT=YES /scan /clean" -Wait Write-Host "RKill executed." # Execute JRT Start-Process -FilePath $jrtPath -ArgumentList "EULA_ACCEPT=YES /scan /clean" -Wait Write-Host "Junk Removal Tool executed." # The following command runs a quick scan. Replace '/Q' with '/F' for a full scan, or '/F Y' for a full scan with automatic cleaning. Start-Process -FilePath $msertPath -ArgumentList "/F Y" -Wait Write-Host "Microsoft Safety Scanner executed." ###################### TEMP / Update Cleanup ######################### # Removing Temporary Files Write-Host "Removing Temporary Files..." Remove-Item -Path "C:\Windows\Temp\*" -Recurse -Force -ErrorAction SilentlyContinue Remove-Item -Path "C:\Users\*\AppData\Local\Temp\*" -Recurse -Force -ErrorAction SilentlyContinue # Clear all Recycling bins Clear-RecycleBin -Force # Stopping Windows Update Services Write-Host "Stopping Windows Update Services..." Stop-Service -Name wuauserv -Force Stop-Service -Name cryptSvc -Force Stop-Service -Name bits -Force Stop-Service -Name msiserver -Force # Renaming SoftwareDistribution and Catroot2 folders Write-Host "Renaming SoftwareDistribution and Catroot2 folders..." Rename-Item -Path C:\Windows\SoftwareDistribution -NewName SoftwareDistribution.old -Force -ErrorAction SilentlyContinue Rename-Item -Path C:\Windows\System32\catroot2 -NewName catroot2.old -Force -ErrorAction SilentlyContinue # Restarting Windows Update Services Write-Host "Restarting Windows Update Services..." Start-Service -Name wuauserv Start-Service -Name cryptSvc Start-Service -Name bits Start-Service -Name msiserver # Reseting Windows Update Components Write-Host "Resetting Windows Update Components..." Invoke-Expression "dism.exe /online /cleanup-image /restorehealth" Invoke-Expression "sfc /scannow" ############ Download Programs ################### $downloadUrlPrefix = "https://cowetacomputers.com/downloads/" $downloadsDir = "C:\NPCDownloads" if (-not (Test-Path $downloadsDir)) { New-Item -ItemType Directory -Path $downloadsDir | Out-Null } $webClient = New-Object System.Net.WebClient $webClient.Headers.Add("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36") $webClient.DownloadFile(($downloadUrlPrefix + "Dell-Command-Update.EXE"), (Join-Path $downloadsDir "Dell-Command-Update.exe")) #$webClient.DownloadFile(($downloadUrlPrefix + "MSERT.exe"), (Join-Path $downloadsDir "MSERT.exe")) #$webClient.DownloadFile(($downloadUrlPrefix + "MBSetup.exe"), (Join-Path $downloadsDir "MBSetup.exe")) #$webClient.DownloadFile(($downloadUrlPrefix + "adw.exe"), (Join-Path $downloadsDir "adw.exe")) #$webClient.DownloadFile(($downloadUrlPrefix + "rkill.exe"), (Join-Path $downloadsDir "rkill.exe")) #$webClient.DownloadFile(($downloadUrlPrefix + "JRT.exe"), (Join-Path $downloadsDir "JRT.exe")) $webClient.DownloadFile(($downloadUrlPrefix + "Intel-Update.exe"), (Join-Path $downloadsDir "IntelUpdate.exe")) #$webClient.DownloadFile(($downloadUrlPrefix + "Tactical%20RMM%20-%20Installer.exe"), (Join-Path $downloadsDir "Tactical_rmm.exe")) # Install Programs Start-Process -FilePath (Join-Path $downloadsDir "IntelUpdate.exe") -ArgumentList "/silent /install EULA_ACCEPT=YES ACTION=install" -Verb RunAs -Wait Start-Process -FilePath (Join-Path $downloadsDir "Dell-Command-Update.exe") -ArgumentList "/silent /install EULA_ACCEPT=YES ACTION=install" -Verb RunAs -Wait #Start-Process -FilePath (Join-Path $downloadsDir "Tactical_rmm.exe") -ArgumentList "-silent" -Verb RunAs -Wait #Disable News & Interest in Taskbar Set-ItemProperty -Path HKCU:\Software\Microsoft\Windows\CurrentVersion\Feeds -Name ShellFeedsTaskbarViewMode -Value 2 #Reset Windows Store wsreset powercfg -h off #Disable Restore Disable-ComputerRestore -Drive "C:\" # SSD life improvement fsutil behavior set DisableLastAccess 1 fsutil behavior set EncryptPagingFile 0 # Show known file extensions Write-Output "Showing known file extensions..." Set-ItemProperty -Path "HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced" -Name "HideFileExt" -Type DWord -Value 0 # Check for updates Write-Output "Installing tools for Updates" Set-ExecutionPolicy -Scope CurrentUser -ExecutionPolicy Unrestricted -Force Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force Install-Module -Name PSWindowsUpdate -Force Import-Module PSWindowsUpdate # Search for updates for Microsoft products Write-Output "Attempting to Turn on Updates for all Products" $ServiceManager = New-Object -ComObject Microsoft.Update.ServiceManager $ServiceManager.ClientApplicationID = "My App" $NewUpdateService = $ServiceManager.AddService2("7971f918-a847-4430-9279-4a52d1efe18d",7,"") Write-Output "Installing MS updates -- Do not restart 1 of 4" Get-WindowsUpdate -MicrosoftUpdate -AcceptAll -IgnoreReboot # Install updates for Microsoft products Write-Output "Installing MS updates -- DO not restart 2 of 4" Install-WindowsUpdate -MicrosoftUpdate -AcceptAll -IgnoreReboot # Search for optional updates Write-Output "Installing MS updates -- DO not restart 3 of 4" Get-WindowsUpdate -Category "Optional" -AcceptAll -IgnoreReboot # Install optional updates Write-Output "Installing MS updates -- DO not restart 4 of 4" Install-WindowsUpdate -Category "Optional" -AcceptAll -IgnoreReboot Write-Output "The Script has finished.................................."