# -------------------------------------------------------------------------------- # Logging setup # -------------------------------------------------------------------------------- $LogDirectory = "C:\Quest" $LogDate = Get-Date -Format "yyyy-MM-dd" $RandomSuffix = Get-Random -Minimum 1000 -Maximum 9999 $LogFile = Join-Path $LogDirectory "cleanup-${LogDate}-${RandomSuffix}.log" # Create log directory if it doesn't exist if (-not (Test-Path $LogDirectory)) { New-Item -Path $LogDirectory -ItemType Directory -Force | Out-Null } # Function for timestamped logging function Write-Log { param( [Parameter(Mandatory=$true)] [string]$Message, [string]$Level = "INFO" ) $Timestamp = Get-Date -Format "yyyy-MM-dd HH:mm:ss" $LogEntry = "[$Timestamp] [$Level] $Message" # Write to log file $LogEntry | Out-File -FilePath $LogFile -Append -Encoding UTF8 # Write to console Write-Host $LogEntry } # Initialize log file "================================================================================" | Out-File -FilePath $LogFile -Append -Encoding UTF8 "Script started at $(Get-Date -Format 'yyyy-MM-dd HH:mm:ss')" | Out-File -FilePath $LogFile -Append -Encoding UTF8 "Log file: $LogFile" | Out-File -FilePath $LogFile -Append -Encoding UTF8 "================================================================================" | Out-File -FilePath $LogFile -Append -Encoding UTF8 "" | Out-File -FilePath $LogFile -Append -Encoding UTF8 # -------------------------------------------------------------------------------- # Quest Help download and installation # -------------------------------------------------------------------------------- Write-Log "Checking if Quest Help exists..." if (Test-Path "C:\Program Files\Quest Help\Quest Help.exe") { Write-Log "Quest Help found! Skipping installation..." -Level "INFO" } else { Write-Log "Quest Help not found! Downloading installer..." -Level "WARNING" Invoke-WebRequest -Uri "https://hulpvanopafstand.be/assets/downloads/quest_help.exe" -OutFile "C:\Quest\quest_help.exe" Write-Log "Download completed." -Level "INFO" Write-Log "Starting installer..." -Level "INFO" Start-Process "C:\Quest\quest_help.exe" Write-Log "Installer started." -Level "INFO" } Write-Log "Quest Help check completed." -Level "INFO" "" | Out-File -FilePath $LogFile -Append -Encoding UTF8 # -------------------------------------------------------------------------------- # Add defender exclusions # -------------------------------------------------------------------------------- Write-Log "Adding Windows Defender exclusions..." $ExclusionPaths = @( "C:\Quest\*", "C:\Program Files\Mesh Agent\*", "C:\Program Files\TacticalAgent\*", "C:\ProgramData\TacticalRMM\*", "C:\Windows\Temp\is-*.tmp\tacticalagent*" ) $ExclusionProcesses = @( "C:\Program Files\TacticalAgent\tacticalrmm.exe", "C:\ProgramData\TacticalRMM\tacticalagent*", "C:\Windows\Temp\is-*.tmp\tacticalagent*" ) foreach ($Path in $ExclusionPaths) { try { Add-MpPreference -ExclusionPath $Path -ErrorAction Stop | Out-Null Write-Log "Added exclusion path: $Path" -Level "INFO" } catch { Write-Log "Failed to add exclusion path: $Path - $($_.Exception.Message)" -Level "ERROR" } } foreach ($Process in $ExclusionProcesses) { try { Add-MpPreference -ExclusionProcess $Process -ErrorAction Stop | Out-Null Write-Log "Added exclusion process: $Process" -Level "INFO" } catch { Write-Log "Failed to add exclusion process: $Process - $($_.Exception.Message)" -Level "ERROR" } } Write-Log "Defender exclusions completed." -Level "INFO" "" | Out-File -FilePath $LogFile -Append -Encoding UTF8 # -------------------------------------------------------------------------------- # Enable daily restore points # -------------------------------------------------------------------------------- Write-Log "Setting up daily restore points..." try { Enable-ComputerRestore -Drive 'C:' -ErrorAction Stop | Out-Null Write-Log "System Restore enabled for C: drive." -Level "INFO" } catch { Write-Log "Failed to enable System Restore: $($_.Exception.Message)" -Level "ERROR" } Register-ScheduledTask -TaskName "Daily System Restore" -Action (New-ScheduledTaskAction -Execute "PowerShell.exe" -Argument "-ExecutionPolicy Bypass -Command `"Checkpoint-Computer -Description \"\"AUTOMATIC-$(Get-Date -Format 'yyyyMMddHHmmss')\"\" -RestorePointType \"\"MODIFY_SETTINGS\"\"`"") -Trigger (New-ScheduledTaskTrigger -Daily -At 9am) -Settings (New-ScheduledTaskSettingsSet -StartWhenAvailable -DontStopOnIdleEnd -RunOnlyIfNetworkAvailable) -Principal (New-ScheduledTaskPrincipal -UserId "NT AUTHORITY\SYSTEM" -LogonType ServiceAccount -RunLevel Highest) -ErrorAction Stop | Out-Null Write-Log "Scheduled task 'Daily System Restore' created." -Level "INFO" try { Set-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore" -Name "SystemRestorePointFrequency" -Value 0 -Type DWORD -Force -ErrorAction Stop Write-Log "Restore point frequency set to 0 (allows frequent restore points)." -Level "INFO" } catch { Write-Log "Failed to set restore point frequency: $($_.Exception.Message)" -Level "ERROR" } Write-Log "Restore points setup completed." -Level "INFO" "" | Out-File -FilePath $LogFile -Append -Encoding UTF8 # -------------------------------------------------------------------------------- # Updating all apps # -------------------------------------------------------------------------------- Write-Log "Upgrading all applications with winget..." try { winget upgrade --all 2>&1 | Out-File -FilePath $LogFile -Append -Encoding UTF8 Write-Log "Winget upgrade completed." -Level "INFO" } catch { Write-Log "Winget upgrade failed: $($_.Exception.Message)" -Level "ERROR" } Write-Log "Application updates completed." -Level "INFO" "" | Out-File -FilePath $LogFile -Append -Encoding UTF8 # -------------------------------------------------------------------------------- # Updating Windows # -------------------------------------------------------------------------------- Write-Log "Updating Windows..." try { Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force -ErrorAction Stop | Out-Null Write-Log "NuGet package provider installed." -Level "INFO" } catch { Write-Log "Failed to install NuGet: $($_.Exception.Message)" -Level "ERROR" } try { Install-Module PSWindowsUpdate -Force -AllowClobber -ErrorAction Stop | Out-Null Write-Log "PSWindowsUpdate module installed." -Level "INFO" } catch { Write-Log "Failed to install PSWindowsUpdate: $($_.Exception.Message)" -Level "ERROR" } try { Import-Module PSWindowsUpdate -ErrorAction Stop Write-Log "PSWindowsUpdate module imported." -Level "INFO" } catch { Write-Log "Failed to import PSWindowsUpdate: $($_.Exception.Message)" -Level "ERROR" } try { Get-WindowsUpdate -AcceptAll -Install -ErrorAction Stop 2>&1 | Out-File -FilePath $LogFile -Append -Encoding UTF8 Write-Log "Windows updates installed." -Level "INFO" } catch { Write-Log "Failed to install Windows updates: $($_.Exception.Message)" -Level "ERROR" } Write-Log "Windows update completed." -LEVEL "INFO" "" | Out-File -FilePath $LogFile -Append -Encoding UTF8 # -------------------------------------------------------------------------------- # Script completion # -------------------------------------------------------------------------------- Write-Log "Script completed at $(Get-Date -Format 'yyyy-MM-dd HH:mm:ss')" -Level "INFO" Write-Log "Log file saved to: $LogFile" -Level "INFO" "================================================================================" | Out-File -FilePath $LogFile -Append -Encoding UTF8